From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-commits+bounces-1666788-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id 21A9E158083
	for <garchives@archives.gentoo.org>; Mon,  2 Sep 2024 02:55:13 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 40A92E2A3B;
	Mon,  2 Sep 2024 02:55:12 +0000 (UTC)
Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 05387E2A3B
	for <gentoo-commits@lists.gentoo.org>; Mon,  2 Sep 2024 02:55:12 +0000 (UTC)
Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits))
	(No client certificate requested)
	by smtp.gentoo.org (Postfix) with ESMTPS id 154D5335D7B
	for <gentoo-commits@lists.gentoo.org>; Mon,  2 Sep 2024 02:55:11 +0000 (UTC)
Received: from localhost.localdomain (localhost [IPv6:::1])
	by oystercatcher.gentoo.org (Postfix) with ESMTP id A2B6BBB4
	for <gentoo-commits@lists.gentoo.org>; Mon,  2 Sep 2024 02:55:09 +0000 (UTC)
From: "Sam James" <sam@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Content-Transfer-Encoding: 8bit
Content-type: text/plain; charset=UTF-8
Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" <sam@gentoo.org>
Message-ID: <1725245668.e98d8ef5572fae7d42e80acbb2464e70eb0ab5e7.sam@gentoo>
Subject: [gentoo-commits] repo/gentoo:master commit in: www-servers/nginx/files/, www-servers/nginx/
X-VCS-Repository: repo/gentoo
X-VCS-Files: www-servers/nginx/files/http_security-nginx-1.26.2.patch www-servers/nginx/nginx-1.26.2-r1.ebuild www-servers/nginx/nginx-1.26.2-r2.ebuild www-servers/nginx/nginx-1.27.1-r1.ebuild www-servers/nginx/nginx-1.27.1-r2.ebuild
X-VCS-Directories: www-servers/nginx/ www-servers/nginx/files/
X-VCS-Committer: sam
X-VCS-Committer-Name: Sam James
X-VCS-Revision: e98d8ef5572fae7d42e80acbb2464e70eb0ab5e7
X-VCS-Branch: master
Date: Mon,  2 Sep 2024 02:55:09 +0000 (UTC)
Precedence: bulk
List-Post: <mailto:gentoo-commits@lists.gentoo.org>
List-Help: <mailto:gentoo-commits+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-commits+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-commits+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-commits.gentoo.org>
X-BeenThere: gentoo-commits@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
X-Archives-Salt: 3b30688c-d5be-4898-83af-601b36db9588
X-Archives-Hash: 6216f9a55460fbc41b90c8cc40a16079

commit:     e98d8ef5572fae7d42e80acbb2464e70eb0ab5e7
Author:     Z. Liu <zhixu.liu <AT> gmail <DOT> com>
AuthorDate: Fri Aug 30 09:19:56 2024 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon Sep  2 02:54:28 2024 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e98d8ef5

www-servers/nginx: add patch for http_security from upstream

see https://github.com/owasp-modsecurity/ModSecurity-nginx/commit/7d37ace7431ea9704faa98f29876bcd72ef4b1ff

Closes: https://bugs.gentoo.org/933598
Signed-off-by: Z. Liu <zhixu.liu <AT> gmail.com>
Closes: https://github.com/gentoo/gentoo/pull/38343
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../nginx/files/http_security-nginx-1.26.2.patch   | 26 ++++++++++++++++++++++
 ...inx-1.26.2-r1.ebuild => nginx-1.26.2-r2.ebuild} |  6 +++++
 ...inx-1.27.1-r1.ebuild => nginx-1.27.1-r2.ebuild} |  6 +++++
 3 files changed, 38 insertions(+)

diff --git a/www-servers/nginx/files/http_security-nginx-1.26.2.patch b/www-servers/nginx/files/http_security-nginx-1.26.2.patch
new file mode 100644
index 000000000000..26e3ea6046f0
--- /dev/null
+++ b/www-servers/nginx/files/http_security-nginx-1.26.2.patch
@@ -0,0 +1,26 @@
+From 7d37ace7431ea9704faa98f29876bcd72ef4b1ff Mon Sep 17 00:00:00 2001
+From: Ervin Hegedus <airween@gmail.com>
+Date: Tue, 23 Apr 2024 21:42:02 +0200
+Subject: [PATCH] fix: Added missing header for conftest
+
+---
+ config | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/config b/config
+index c6e7467..3bf06a8 100644
+--- a/config
++++ b/config
+@@ -10,7 +10,8 @@
+ 
+ ngx_feature_name=
+ ngx_feature_run=no
+-ngx_feature_incs="#include <modsecurity/modsecurity.h>"
++ngx_feature_incs="#include <modsecurity/modsecurity.h>
++#include <stdio.h>"
+ ngx_feature_libs="-lmodsecurity"
+ ngx_feature_test='printf("hello");'
+ ngx_modsecurity_opt_I=
+-- 
+2.26.2
+

diff --git a/www-servers/nginx/nginx-1.26.2-r1.ebuild b/www-servers/nginx/nginx-1.26.2-r2.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.26.2-r1.ebuild
rename to www-servers/nginx/nginx-1.26.2-r2.ebuild
index 1971e684ca8a..fe6db3b44206 100644
--- a/www-servers/nginx/nginx-1.26.2-r1.ebuild
+++ b/www-servers/nginx/nginx-1.26.2-r2.ebuild
@@ -459,6 +459,12 @@ src_prepare() {
 		cd "${S}" || die
 	fi
 
+	if use nginx_modules_http_security ; then
+		cd "${HTTP_SECURITY_MODULE_WD}" || die
+		eapply "${FILESDIR}/http_security-nginx-1.26.2.patch"
+		cd "${S}" || die
+	fi
+
 	find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
 	# We have config protection, don't rename etc files
 	sed -i 's:.default::' auto/install || die

diff --git a/www-servers/nginx/nginx-1.27.1-r1.ebuild b/www-servers/nginx/nginx-1.27.1-r2.ebuild
similarity index 99%
rename from www-servers/nginx/nginx-1.27.1-r1.ebuild
rename to www-servers/nginx/nginx-1.27.1-r2.ebuild
index 34de22d938e8..bfc1a4a791b6 100644
--- a/www-servers/nginx/nginx-1.27.1-r1.ebuild
+++ b/www-servers/nginx/nginx-1.27.1-r2.ebuild
@@ -459,6 +459,12 @@ src_prepare() {
 		cd "${S}" || die
 	fi
 
+	if use nginx_modules_http_security ; then
+		cd "${HTTP_SECURITY_MODULE_WD}" || die
+		eapply "${FILESDIR}/http_security-nginx-1.26.2.patch"
+		cd "${S}" || die
+	fi
+
 	find auto/ -type f -print0 | xargs -0 sed -i 's:\&\& make:\&\& \\$(MAKE):' || die
 	# We have config protection, don't rename etc files
 	sed -i 's:.default::' auto/install || die