mptcp/openmptcprouter-feeds
1
0
Fork 0
mirror of https://github.com/Ysurac/openmptcprouter-feeds.git synced 2025-03-09 15:40:03 +00:00
Code Issues Releases Wiki Activity

Revert "Revert "fix nginx""

Browse source 
This reverts commit 60a01b5ad1.
This commit is contained in:
suyuan 2022-10-12 00:23:56 +08:00
parent 60a01b5ad1
commit d6333fc6c5
16 changed files with 192 additions and 3920 deletions
Download patch file Download diff file Expand all files Collapse all files

270
nginx/Config.in
View file

@ -1,270 +0,0 @@
#
# Copyright (C) 2010-2016 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
menu "Configuration"
depends on PACKAGE_nginx
config NGINX_SSL
bool
prompt "Enable SSL module"
help
Enable HTTPS/SSL support.
default n
config NGINX_DAV
bool
prompt "Enable WebDAV module"
help
Enable the HTTP and WebDAV methods PUT, DELETE, MKCOL, COPY and MOVE.
default n
config NGINX_UBUS
bool
prompt "Enable UBUS module"
help
Enable UBUS api support directly from the server.
default y
config NGINX_FLV
bool
prompt "Enable FLV module"
help
Provides the ability to seek within FLV (Flash) files using time-based offsets.
default n
config NGINX_STUB_STATUS
bool
prompt "Enable stub status module"
help
Enable the stub status module which gives some status from the server.
default n
config NGINX_HTTP_CHARSET
bool
prompt "Enable HTTP charset module"
default y
config NGINX_HTTP_GZIP
bool
prompt "Enable HTTP gzip module"
default y
config NGINX_HTTP_SSI
bool
prompt "Enable HTTP ssi module"
default y
config NGINX_HTTP_USERID
bool
prompt "Enable HTTP userid module"
default y
config NGINX_HTTP_ACCESS
bool
prompt "Enable HTTP access module"
default y
config NGINX_HTTP_AUTH_BASIC
bool
prompt "Enable HTTP auth basic"
default y
config NGINX_HTTP_AUTH_REQUEST
bool
prompt "Enable HTTP auth request module"
default n
config NGINX_HTTP_AUTOINDEX
bool
prompt "Enable HTTP autoindex module"
default y
config NGINX_HTTP_GEO
bool
prompt "Enable HTTP geo module"
default y
config NGINX_HTTP_MAP
bool
prompt "Enable HTTP map module"
default y
config NGINX_HTTP_SPLIT_CLIENTS
bool
prompt "Enable HTTP split clients"
default y
config NGINX_HTTP_REFERER
bool
prompt "Enable HTTP referer module"
default y
config NGINX_HTTP_REWRITE
bool
prompt "Enable HTTP rewrite module"
select NGINX_PCRE
default y
config NGINX_HTTP_PROXY
bool
prompt "Enable HTTP proxy module"
default y
config NGINX_HTTP_FASTCGI
bool
prompt "Enable HTTP fastcgi module"
default y
config NGINX_HTTP_UWSGI
bool
prompt "Enable HTTP uwsgi module"
default y
config NGINX_HTTP_SCGI
bool
prompt "Enable HTTP scgi module"
default y
config NGINX_HTTP_MEMCACHED
bool
prompt "Enable HTTP memcached module"
default y
config NGINX_HTTP_LIMIT_CONN
bool
prompt "Enable HTTP limit conn"
default y
config NGINX_HTTP_LIMIT_REQ
bool
prompt "Enable HTTP limit req"
default y
config NGINX_HTTP_EMPTY_GIF
bool
prompt "Enable HTTP empty gif"
default y
config NGINX_HTTP_BROWSER
bool
prompt "Enable HTTP browser module"
default y
config NGINX_HTTP_UPSTREAM_HASH
bool
prompt "Enable HTTP hash module"
default y
config NGINX_HTTP_UPSTREAM_IP_HASH
bool
prompt "Enable HTTP IP hash module"
default y
config NGINX_HTTP_UPSTREAM_LEAST_CONN
bool
prompt "Enable HTTP least conn module"
default y
config NGINX_HTTP_UPSTREAM_KEEPALIVE
bool
prompt "Enable HTTP keepalive module"
default y
config NGINX_HTTP_CACHE
bool
prompt "Enable HTTP cache"
default y
config NGINX_HTTP_V2
bool
prompt "Enable HTTP_V2 module"
default n
config NGINX_PCRE
bool
prompt "Enable PCRE library usage"
default y
config NGINX_NAXSI
bool
prompt "Enable NAXSI module"
default y
config NGINX_LUA
bool
prompt "Enable Lua module"
default n
config NGINX_HTTP_REAL_IP
bool
prompt "Enable HTTP real ip module"
default n
config NGINX_HTTP_SECURE_LINK
bool
prompt "Enable HTTP secure link module"
default n
config NGINX_HTTP_SUB
bool
prompt "Enable HTTP sub module"
default n
config NGINX_HEADERS_MORE
bool
prompt "Enable Headers_more module"
help
Set and clear input and output headers...more than "add"!
default y
config NGINX_HTTP_BROTLI
bool
prompt "Enable Brotli compression module"
help
Add support for brotli compression module.
default n
config NGINX_STREAM_CORE_MODULE
bool
prompt "Enable stream support"
help
Add support for NGINX request streaming.
default n
config NGINX_STREAM_SSL_MODULE
bool
prompt "Enable stream support with SSL/TLS termination"
depends on NGINX_STREAM_CORE_MODULE
help
Add support for NGINX request streaming with SSL/TLS termination.
default n
config NGINX_STREAM_SSL_PREREAD_MODULE
bool
prompt "Enable stream support with SSL/TLS pre-read"
depends on NGINX_STREAM_CORE_MODULE
help
Add support for NGINX request streaming using information from the ClientHello message without terminating SSL/TLS.
default n
config NGINX_RTMP_MODULE
bool
prompt "Enable RTMP module"
depends on NGINX_SSL
help
Add support for NGINX-based Media Streaming Server module.
DASH enhanced - https://github.com/ut0mt8/nginx-rtmp-module
default n
config NGINX_TS_MODULE
bool
prompt "Enable TS module"
help
Add support for MPEG-TS Live Module module.
default n
endmenu

7
nginx/Config_ssl.in
View file

@ -46,11 +46,6 @@ config NGINX_HTTP_GZIP
prompt "Enable HTTP gzip module" prompt "Enable HTTP gzip module"
default y default y
config NGINX_HTTP_GZIP_STATIC
bool
prompt "Enable HTTP gzip static module"
default y
config NGINX_HTTP_SSI config NGINX_HTTP_SSI
bool bool
prompt "Enable HTTP ssi module" prompt "Enable HTTP ssi module"
@ -180,7 +175,7 @@ config NGINX_HTTP_CACHE
config NGINX_HTTP_V2 config NGINX_HTTP_V2
bool bool
prompt "Enable HTTP_V2 module" prompt "Enable HTTP_V2 module"
default n default y
config NGINX_PCRE config NGINX_PCRE
bool bool

166
nginx/Makefile
View file

@ -8,12 +8,12 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=nginx PKG_NAME:=nginx
PKG_VERSION:=1.17.7 PKG_VERSION:=1.19.6
PKG_RELEASE:=2 PKG_RELEASE:=2
PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=https://nginx.org/download/ PKG_SOURCE_URL:=https://nginx.org/download/
PKG_HASH:=b62756842807e5693b794e5d0ae289bd8ae5b098e66538b2a91eb80f25c591ff PKG_HASH:=b11195a02b1d3285ddf2987e02c6b6d28df41bb1b1dd25f33542848ef4fc33b5
PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de> \ PKG_MAINTAINER:=Thomas Heil <heil@terminal-consulting.de> \
Ansuel Smith <ansuelsmth@gmail.com> Ansuel Smith <ansuelsmth@gmail.com>
@ -25,14 +25,12 @@ PKG_BUILD_PARALLEL:=1
PKG_INSTALL:=1 PKG_INSTALL:=1
PKG_CONFIG_DEPENDS := \ PKG_CONFIG_DEPENDS := \
CONFIG_NGINX_SSL \
CONFIG_NGINX_DAV \ CONFIG_NGINX_DAV \
CONFIG_NGINX_FLV \ CONFIG_NGINX_FLV \
CONFIG_NGINX_UBUS \ CONFIG_NGINX_UBUS \
CONFIG_NGINX_STUB_STATUS \ CONFIG_NGINX_STUB_STATUS \
CONFIG_NGINX_HTTP_CHARSET \ CONFIG_NGINX_HTTP_CHARSET \
CONFIG_NGINX_HTTP_GZIP \ CONFIG_NGINX_HTTP_GZIP \
CONFIG_NGINX_HTTP_GZIP_STATIC \
CONFIG_NGINX_HTTP_SSI \ CONFIG_NGINX_HTTP_SSI \
CONFIG_NGINX_HTTP_USERID \ CONFIG_NGINX_HTTP_USERID \
CONFIG_NGINX_HTTP_ACCESS \ CONFIG_NGINX_HTTP_ACCESS \
@ -76,6 +74,7 @@ PKG_CONFIG_DEPENDS := \
CONFIG_OPENSSL_WITH_NPN CONFIG_OPENSSL_WITH_NPN
include $(INCLUDE_DIR)/package.mk include $(INCLUDE_DIR)/package.mk
include $(INCLUDE_DIR)/nls.mk
define Package/nginx/default define Package/nginx/default
SECTION:=net SECTION:=net
@ -83,28 +82,26 @@ define Package/nginx/default
SUBMENU:=Web Servers/Proxies SUBMENU:=Web Servers/Proxies
TITLE:=Nginx web server TITLE:=Nginx web server
URL:=http://nginx.org/ URL:=http://nginx.org/
DEPENDS:=+NGINX_PCRE:libpcre +NGINX_SSL:libopenssl \ DEPENDS:=+libopenssl +libpthread
+NGINX_HTTP_GZIP:zlib +NGINX_LUA:liblua +libpthread +NGINX_DAV:libxml2 \ # TODO: add PROVIDES when removing nginx
+NGINX_UBUS:libubus +NGINX_UBUS:libblobmsg-json +NGINX_UBUS:libjson-c # PROVIDES:=nginx
endef endef
define Package/nginx/description define Package/nginx/description
nginx is an HTTP and reverse proxy server, as well as a mail proxy server, \ nginx is an HTTP and reverse proxy server, as well as a mail proxy server, \
written by Igor Sysoev. (Some module require SSL module enable to show up in \ written by Igor Sysoev.
config menu)
endef
define Package/nginx
$(Package/nginx/default)
VARIANT:=no-ssl
endef endef
define Package/nginx-ssl define Package/nginx-ssl
$(Package/nginx/default) $(Package/nginx/default)
TITLE += with SSL support TITLE += with SSL support
DEPENDS +=+libopenssl
VARIANT:=ssl VARIANT:=ssl
PROVIDES:=nginx DEPENDS+= +NGINX_PCRE:libpcre \
+NGINX_PCRE:nginx-ssl-util +!NGINX_PCRE:nginx-ssl-util-nopcre \
+NGINX_HTTP_GZIP:zlib +NGINX_LUA:liblua +NGINX_DAV:libxml2 \
+NGINX_UBUS:libubus +NGINX_UBUS:libblobmsg-json +NGINX_UBUS:libjson-c
EXTRA_DEPENDS:=nginx-ssl-util$(if $(CONFIG_NGINX_PCRE),,-nopcre) (>=1.5-1) (<2)
CONFLICTS:=nginx-all-module
endef endef
Package/nginx-ssl/description = $(Package/nginx/description) \ Package/nginx-ssl/description = $(Package/nginx/description) \
@ -114,24 +111,21 @@ Package/nginx-ssl/description = $(Package/nginx/description) \
define Package/nginx-all-module define Package/nginx-all-module
$(Package/nginx/default) $(Package/nginx/default)
TITLE += with ALL module selected TITLE += with ALL module selected
DEPENDS:=+libpcre +libopenssl +zlib +liblua +libpthread +libxml2 \ DEPENDS+=+libpcre +nginx-ssl-util +zlib +liblua +libxml2 +libubus \
+libubus +libblobmsg-json +libjson-c +libblobmsg-json +libjson-c
EXTRA_DEPENDS:=nginx-ssl-util (>=1.5-1) (<2)
VARIANT:=all-module VARIANT:=all-module
PROVIDES:=nginx PROVIDES += nginx-ssl
endef endef
Package/nginx-all-module/description = $(Package/nginx/description) \ Package/nginx-all-module/description = $(Package/nginx/description) \
This variant is compiled with ALL module selected. This variant is compiled with ALL module selected.
define Package/nginx/config
source "$(SOURCE)/Config.in"
endef
define Package/nginx-ssl/config define Package/nginx-ssl/config
source "$(SOURCE)/Config_ssl.in" source "$(SOURCE)/Config_ssl.in"
endef endef
config_files=nginx.conf mime.types config_files=mime.types
define Package/nginx/conffiles define Package/nginx/conffiles
/etc/nginx/ /etc/nginx/
@ -141,7 +135,7 @@ Package/nginx-ssl/conffiles = $(Package/nginx/conffiles)
Package/nginx-all-module/conffiles = $(Package/nginx/conffiles) Package/nginx-all-module/conffiles = $(Package/nginx/conffiles)
ADDITIONAL_MODULES:=--with-http_gzip_static_module ADDITIONAL_MODULES:= --with-http_ssl_module
ifneq ($(BUILD_VARIANT),all-module) ifneq ($(BUILD_VARIANT),all-module)
ifneq ($(CONFIG_NGINX_HTTP_CACHE),y) ifneq ($(CONFIG_NGINX_HTTP_CACHE),y)
@ -149,8 +143,6 @@ ifneq ($(BUILD_VARIANT),all-module)
endif endif
ifneq ($(CONFIG_NGINX_PCRE),y) ifneq ($(CONFIG_NGINX_PCRE),y)
ADDITIONAL_MODULES += --without-pcre ADDITIONAL_MODULES += --without-pcre
else
ADDITIONAL_MODULES += --with-pcre
endif endif
ifneq ($(CONFIG_NGINX_HTTP_CHARSET),y) ifneq ($(CONFIG_NGINX_HTTP_CHARSET),y)
ADDITIONAL_MODULES += --without-http_charset_module ADDITIONAL_MODULES += --without-http_charset_module
@ -160,9 +152,6 @@ ifneq ($(BUILD_VARIANT),all-module)
ifneq ($(CONFIG_NGINX_HTTP_GZIP),y) ifneq ($(CONFIG_NGINX_HTTP_GZIP),y)
ADDITIONAL_MODULES += --without-http_gzip_module ADDITIONAL_MODULES += --without-http_gzip_module
endif endif
ifeq ($(CONFIG_NGINX_HTTP_GZIP_STATIC),y)
ADDITIONAL_MODULES += --with-http_gzip_static_module
endif
ifneq ($(CONFIG_NGINX_HTTP_SSI),y) ifneq ($(CONFIG_NGINX_HTTP_SSI),y)
ADDITIONAL_MODULES += --without-http_ssi_module ADDITIONAL_MODULES += --without-http_ssi_module
endif endif
@ -236,16 +225,6 @@ ifneq ($(BUILD_VARIANT),all-module)
ifneq ($(CONFIG_NGINX_HTTP_UPSTREAM_KEEPALIVE),y) ifneq ($(CONFIG_NGINX_HTTP_UPSTREAM_KEEPALIVE),y)
ADDITIONAL_MODULES += --without-http_upstream_keepalive_module ADDITIONAL_MODULES += --without-http_upstream_keepalive_module
endif endif
ifeq ($(BUILD_VARIANT),ssl)
ifneq ($(CONFIG_NGINX_SSL),y)
ADDITIONAL_MODULES += --with-http_ssl_module
endif
endif
ifeq ($(CONFIG_NGINX_SSL),y)
ADDITIONAL_MODULES += --with-http_ssl_module
endif
ifeq ($(CONFIG_NGINX_NAXSI),y) ifeq ($(CONFIG_NGINX_NAXSI),y)
ADDITIONAL_MODULES += --add-module=$(PKG_BUILD_DIR)/nginx-naxsi/naxsi_src ADDITIONAL_MODULES += --add-module=$(PKG_BUILD_DIR)/nginx-naxsi/naxsi_src
endif endif
@ -312,44 +291,36 @@ else
CONFIG_NGINX_LUA:=y CONFIG_NGINX_LUA:=y
CONFIG_NGINX_DAV:=y CONFIG_NGINX_DAV:=y
CONFIG_NGINX_UBUS:=y CONFIG_NGINX_UBUS:=y
ADDITIONAL_MODULES += --with-http_ssl_module --add-module=$(PKG_BUILD_DIR)/nginx-naxsi/naxsi_src \ ADDITIONAL_MODULES += --with-ipv6 --with-http_stub_status_module --with-http_flv_module \
--add-module=$(PKG_BUILD_DIR)/lua-nginx --with-ipv6 --with-http_stub_status_module --with-http_flv_module \ --with-http_dav_module \
--with-http_dav_module --add-module=$(PKG_BUILD_DIR)/nginx-dav-ext-module \
--with-http_auth_request_module --with-http_v2_module --with-http_realip_module \ --with-http_auth_request_module --with-http_v2_module --with-http_realip_module \
--with-http_secure_link_module --with-http_sub_module --add-module=$(PKG_BUILD_DIR)/nginx-headers-more \ --with-http_secure_link_module --with-http_sub_module \
--with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \ --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module \
--add-module=$(PKG_BUILD_DIR)/nginx-headers-more \
--add-module=$(PKG_BUILD_DIR)/nginx-naxsi/naxsi_src \
--add-module=$(PKG_BUILD_DIR)/lua-nginx \
--add-module=$(PKG_BUILD_DIR)/nginx-dav-ext-module \
--add-module=$(PKG_BUILD_DIR)/nginx-brotli --add-module=$(PKG_BUILD_DIR)/nginx-rtmp \ --add-module=$(PKG_BUILD_DIR)/nginx-brotli --add-module=$(PKG_BUILD_DIR)/nginx-rtmp \
--add-module=$(PKG_BUILD_DIR)/nginx-ts --add-module=$(PKG_BUILD_DIR)/nginx-ubus-module --add-module=$(PKG_BUILD_DIR)/nginx-ts --add-module=$(PKG_BUILD_DIR)/nginx-ubus-module
config_files += koi-utf koi-win win-utf fastcgi_params config_files += koi-utf koi-win win-utf fastcgi_params uwsgi_params
endif endif
define Package/nginx-mod-luci/default define Package/nginx-mod-luci
TITLE:=Nginx on LuCI TITLE:=Nginx on LuCI
SECTION:=net SECTION:=net
CATEGORY:=Network CATEGORY:=Network
SUBMENU:=Web Servers/Proxies SUBMENU:=Web Servers/Proxies
TITLE:=Support file for Nginx TITLE:=Support file for Nginx
URL:=http://nginx.org/ URL:=http://nginx.org/
DEPENDS:=+uwsgi +uwsgi-luci-support DEPENDS:=+uwsgi +uwsgi-luci-support +nginx
endef # TODO: add PROVIDES when removing nginx-mod-luci-ssl
# PROVIDES:=nginx-mod-luci-ssl
define Package/nginx-mod-luci
$(Package/nginx-mod-luci/default)
DEPENDS += +nginx
endef endef
define Package/nginx-mod-luci/description define Package/nginx-mod-luci/description
Support file for LuCI in nginx. Include custom nginx configuration, autostart script for uwsgi. Support file for LuCI in nginx. Include custom nginx configuration, autostart script for uwsgi.
endef endef
define Package/nginx-mod-luci-ssl
$(Package/nginx-mod-luci/default)
TITLE += with HTTPS support
DEPENDS += +nginx-ssl
endef
Package/nginx-mod-luci-ssl/description = $(define Package/nginx-mod-luci/description) \
This also include redirect from http to https and cert autogeneration.
TARGET_CFLAGS += -fvisibility=hidden -ffunction-sections -fdata-sections -DNGX_LUA_NO_BY_LUA_BLOCK TARGET_CFLAGS += -fvisibility=hidden -ffunction-sections -fdata-sections -DNGX_LUA_NO_BY_LUA_BLOCK
TARGET_LDFLAGS += -Wl,--gc-sections TARGET_LDFLAGS += -Wl,--gc-sections
@ -359,12 +330,14 @@ ifeq ($(CONFIG_NGINX_LUA),y)
LUA_LIB=$(STAGING_DIR)/usr/lib LUA_LIB=$(STAGING_DIR)/usr/lib
endif endif
CONFIGURE_VARS += CONFIG_BIG_ENDIAN=$(CONFIG_BIG_ENDIAN)
CONFIGURE_ARGS += \ CONFIGURE_ARGS += \
--crossbuild=Linux::$(ARCH) \ --crossbuild=Linux::$(ARCH) \
--prefix=/usr \ --prefix=/usr \
--conf-path=/etc/nginx/nginx.conf \ --conf-path=/etc/nginx/nginx.conf \
$(ADDITIONAL_MODULES) \ $(ADDITIONAL_MODULES) \
--error-log-path=/var/log/nginx/error.log \ --error-log-path=stderr \
--pid-path=/var/run/nginx.pid \ --pid-path=/var/run/nginx.pid \
--lock-path=/var/lock/nginx.lock \ --lock-path=/var/lock/nginx.lock \
--http-log-path=/var/log/nginx/access.log \ --http-log-path=/var/log/nginx/access.log \
@ -377,25 +350,16 @@ CONFIGURE_ARGS += \
--without-http_upstream_zone_module --without-http_upstream_zone_module
define Package/nginx-mod-luci/install define Package/nginx-mod-luci/install
$(INSTALL_DIR) $(1)/etc/nginx $(INSTALL_DIR) $(1)/etc/nginx/conf.d
$(INSTALL_BIN) ./files-luci-support/luci_uwsgi.conf $(1)/etc/nginx/luci_uwsgi.conf $(INSTALL_CONF) ./files-luci-support/luci.locations $(1)/etc/nginx/conf.d/
$(INSTALL_BIN) ./files-luci-support/luci_nginx.conf $(1)/etc/nginx/luci_nginx.conf
$(INSTALL_DIR) $(1)/etc/uci-defaults $(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./files-luci-support/60_nginx-luci-support $(1)/etc/uci-defaults/60_nginx-luci-support $(INSTALL_BIN) ./files-luci-support/60_nginx-luci-support $(1)/etc/uci-defaults/60_nginx-luci-support
endef endef
define Package/nginx-mod-luci-ssl/install define Package/nginx-ssl/install
$(Package/nginx-mod-luci/install)
$(INSTALL_DIR) $(1)/etc/nginx
$(INSTALL_BIN) ./files-luci-support/luci_nginx_ssl.conf $(1)/etc/nginx/luci_nginx_ssl.conf
$(INSTALL_DIR) $(1)/etc/uci-defaults
$(INSTALL_BIN) ./files-luci-support/70_nginx-luci-support-ssl $(1)/etc/uci-defaults/70_nginx-luci-support-ssl
endef
define Package/nginx/install
$(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nginx $(1)/usr/sbin/ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/nginx $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/nginx $(INSTALL_DIR) $(1)/etc/nginx/conf.d
$(INSTALL_DATA) $(addprefix $(PKG_INSTALL_DIR)/etc/nginx/,$(config_files)) $(1)/etc/nginx/ $(INSTALL_DATA) $(addprefix $(PKG_INSTALL_DIR)/etc/nginx/,$(config_files)) $(1)/etc/nginx/
$(INSTALL_DIR) $(1)/etc/init.d $(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/nginx.init $(1)/etc/init.d/nginx $(INSTALL_BIN) ./files/nginx.init $(1)/etc/init.d/nginx
@ -408,8 +372,20 @@ endif
$(if $(CONFIG_NGINX_NAXSI),$(chmod 0640 $(1)/etc/nginx/naxsi_core.rules)) $(if $(CONFIG_NGINX_NAXSI),$(chmod 0640 $(1)/etc/nginx/naxsi_core.rules))
endef endef
Package/nginx-ssl/install = $(Package/nginx/install) Package/nginx-all-module/install = $(Package/nginx-ssl/install)
Package/nginx-all-module/install = $(Package/nginx/install)
define Package/nginx-ssl/prerm
#!/bin/sh
[ -z "$${IPKG_INSTROOT}" ] || exit 0
[ "$${PKG_UPGRADE}" = "1" ] && exit 0
eval $$(/usr/bin/nginx-util get_env)
[ "$$(uci get "nginx.$${LAN_NAME}.$${MANAGE_SSL}")" = "self-signed" ] || exit 0
rm -f "$$(uci get "nginx.$${LAN_NAME}.ssl_certificate")"
rm -f "$$(uci get "nginx.$${LAN_NAME}.ssl_certificate_key")"
exit 0
endef
Package/nginx-all-module/prerm = $(Package/nginx-ssl/prerm)
define Build/Prepare define Build/Prepare
$(Build/Prepare/Default) $(Build/Prepare/Default)
@ -444,11 +420,11 @@ endif
ifeq ($(CONFIG_NGINX_HTTP_BROTLI),y) ifeq ($(CONFIG_NGINX_HTTP_BROTLI),y)
define Download/nginx-brotli define Download/nginx-brotli
VERSION:=dc37f658ccb5a51d090dc09d1a2aca2f24309869 VERSION:=e505dce68acc190cc5a1e780a3b0275e39f160ca
SUBDIR:=nginx-brotli SUBDIR:=nginx-brotli
FILE:=ngx-brotli-module-$$(VERSION).tar.xz FILE:=ngx-brotli-module-$$(VERSION).tar.xz
URL:=https://github.com/eustas/ngx_brotli.git URL:=https://github.com/google/ngx_brotli.git
MIRROR_HASH:=6bc0c40ff24f6e0ac616dfddc803bdc7fcf54764ba9dc4f9cecb3a68beedcdaf MIRROR_HASH:=04847f11ef808fed50f44b2af0ef3abf59ff0ffc06dfc7394d9ab51d53fef31f
PROTO:=git PROTO:=git
endef endef
$(eval $(call Download,nginx-brotli)) $(eval $(call Download,nginx-brotli))
@ -553,11 +529,11 @@ endif
ifeq ($(CONFIG_NGINX_UBUS),y) ifeq ($(CONFIG_NGINX_UBUS),y)
define Download/nginx-ubus-module define Download/nginx-ubus-module
VERSION:=f30b0167a2cdb40f23bd90928d601bdb0c1b8fad VERSION:=b2d7260dcb428b2fb65540edb28d7538602b4a26
SUBDIR:=nginx-ubus-module SUBDIR:=nginx-ubus-module
FILE:=nginx-ubus-module-$$(VERSION).tar.xz FILE:=nginx-ubus-module-$$(VERSION).tar.xz
URL:=https://github.com/Ansuel/nginx-ubus-module.git URL:=https://github.com/Ansuel/nginx-ubus-module.git
MIRROR_HASH:=02c7d4b0df7f4b69605e71b0fefdc99b5a9470c68cad7ccfb31ebefe4e7e0704 MIRROR_HASH:=472cef416d25effcac66c85417ab6596e634a7a64d45b709bb090892d567553c
PROTO:=git PROTO:=git
endef endef
$(eval $(call Download,nginx-ubus-module)) $(eval $(call Download,nginx-ubus-module))
@ -568,8 +544,34 @@ ifeq ($(CONFIG_NGINX_UBUS),y)
endef endef
endif endif
$(eval $(call BuildPackage,nginx))
$(eval $(call BuildPackage,nginx-ssl)) $(eval $(call BuildPackage,nginx-ssl))
$(eval $(call BuildPackage,nginx-all-module)) $(eval $(call BuildPackage,nginx-all-module))
$(eval $(call BuildPackage,nginx-mod-luci)) $(eval $(call BuildPackage,nginx-mod-luci))
# TODO: remove after a transition period (together with pkg nginx-util):
# It is for smoothly substituting nginx and nginx-mod-luci-ssl (by nginx-ssl
# respectively nginx-mod-luci). Add above commented PROVIDES when removing.
define Package/nginx
TITLE:=Dummy package for transition when upgrading.
DEPENDS:=+nginx-ssl
PKGARCH:=all
endef
define Package/nginx/install
$(INSTALL_DIR) $(1)/usr/bin
endef
$(eval $(call BuildPackage,nginx))
define Package/nginx-mod-luci-ssl
TITLE:=Dummy package for transition when upgrading.
DEPENDS:=+nginx-mod-luci
PKGARCH:=all
endef
define Package/nginx-mod-luci-ssl/install
$(INSTALL_DIR) $(1)/usr/bin
endef
$(eval $(call BuildPackage,nginx-mod-luci-ssl)) $(eval $(call BuildPackage,nginx-mod-luci-ssl))

56
nginx/files-luci-support/60_nginx-luci-support
View file

@ -1,41 +1,41 @@
#!/bin/sh #!/bin/sh
if [ -f "/etc/nginx/luci_nginx.conf" ] && [ -f "/etc/nginx/nginx.conf" ]; then
if [ ! "$(cat '/etc/nginx/nginx.conf' | grep 'luci_uwsgi.conf')" ]; then
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf_old
mv /etc/nginx/luci_nginx.conf /etc/nginx/nginx.conf
core_number=$(grep -c ^processor /proc/cpuinfo)
sed -i "3s/.*/worker_processes "$core_number";/" /etc/nginx/nginx.conf
if [ -n "$(pgrep uhttpd)" ]; then
/etc/init.d/uhttpd stop
/etc/init.d/uhttpd disable
fi
if [ -n "$(pgrep nginx)" ]; then
/etc/init.d/nginx restart
else
/etc/init.d/nginx start
fi
if [ -n "$(pgrep uwsgi)" ]; then
/etc/init.d/uwsgi restart
else
/etc/init.d/uwsgi start
fi
else
rm /etc/nginx/luci_nginx.conf
fi
fi
if nginx -V 2>&1 | grep -q ubus; then if nginx -V 2>&1 | grep -q ubus; then
if [ -z "$(cat /etc/nginx/luci_uwsgi.conf | grep ubus)" ]; then if [ -z "$(cat /etc/nginx/conf.d/luci.locations | grep ubus)" ]; then
cat <<EOT >> /etc/nginx/luci_uwsgi.conf cat <<EOT >> /etc/nginx/conf.d/luci.locations
location /ubus { location /ubus {
ubus_interpreter; ubus_interpreter;
ubus_socket_path /var/run/ubus.sock; ubus_socket_path /var/run/ubus/ubus.sock;
ubus_parallel_req 2; ubus_parallel_req 2;
} }
EOT EOT
fi fi
fi fi
grep -q /var/run/ubus.sock /etc/nginx/conf.d/luci.locations &&
sed -i 's#/var/run/ubus.sock#/var/run/ubus/ubus.sock#' /etc/nginx/conf.d/luci.locations
if [ -x /etc/init.d/uhttpd ]; then
/etc/init.d/uhttpd disable
if [ -n "$(pgrep uhttpd)" ]; then
/etc/init.d/uhttpd stop
fi
fi
/etc/init.d/nginx enable
if [ -n "$(pgrep nginx)" ]; then
/etc/init.d/nginx restart
else
/etc/init.d/nginx start
fi
/etc/init.d/uwsgi enable
if [ -n "$(pgrep uwsgi)" ]; then
/etc/init.d/uwsgi restart
else
/etc/init.d/uwsgi start
fi
exit 0 exit 0

48
nginx/files-luci-support/70_nginx-luci-support-ssl
View file

@ -1,48 +0,0 @@
#!/bin/sh
if [ -f "/etc/nginx/luci_nginx_ssl.conf" ] && [ -f "/etc/nginx/nginx.conf" ]; then
if [ ! "$(cat '/etc/nginx/nginx.conf' | grep 'return 301 https://$host$request_uri;')" ]; then
if [ -f "/etc/nginx/nginx.conf_old" ]; then
rm /etc/nginx/nginx.conf
else
mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf_old
fi
mv /etc/nginx/luci_nginx_ssl.conf /etc/nginx/nginx.conf
core_number=$(grep -c ^processor /proc/cpuinfo)
sed -i "3s/.*/worker_processes "$core_number";/" /etc/nginx/nginx.conf
if [ -n "$(pgrep nginx)" ]; then
/etc/init.d/nginx restart
else
/etc/init.d/nginx start
fi
else
rm /etc/nginx/luci_nginx_ssl.conf
fi
fi
if [ ! -f "/etc/nginx/nginx.key" ]; then
NGINX_KEY=/etc/nginx/nginx.key
NGINX_CER=/etc/nginx/nginx.cer
OPENSSL_BIN=/usr/bin/openssl
PX5G_BIN=/usr/sbin/px5g
# Prefer px5g for certificate generation (existence evaluated last)
GENKEY_CMD=""
UNIQUEID=$(dd if=/dev/urandom bs=1 count=4 | hexdump -e '1/1 "%02x"')
[ -x "$OPENSSL_BIN" ] && GENKEY_CMD="$OPENSSL_BIN req -x509 -nodes"
[ -x "$PX5G_BIN" ] && GENKEY_CMD="$PX5G_BIN selfsigned"
[ -n "$GENKEY_CMD" ] && {
$GENKEY_CMD \
-days 730 -newkey rsa:2048 -keyout "${NGINX_KEY}.new" -out "${NGINX_CER}.new" \
-subj /C="ZZ"/ST="Somewhere"/L="Unknown"/O="OpenWrt""$UNIQUEID"/CN="OpenWrt"
sync
mv "${NGINX_KEY}.new" "${NGINX_KEY}"
mv "${NGINX_CER}.new" "${NGINX_CER}"
}
fi
exit 0

1
nginx/files-luci-support/luci_uwsgi.conf → nginx/files-luci-support/luci.locations Executable file → Normal file
View file

@ -13,4 +13,5 @@ location ~ /cgi-bin/cgi-(backup|download|upload|exec) {
} }
location /luci-static { location /luci-static {
error_log stderr crit;
} }

52
nginx/files-luci-support/luci_nginx.conf
View file

@ -1,52 +0,0 @@
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 0;
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 1G;
large_client_header_buffers 2 1k;
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 1;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
root /www;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name localhost;
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
include luci_uwsgi.conf;
}
include /etc/nginx/conf.d/*.conf;
}

67
nginx/files-luci-support/luci_nginx_ssl.conf
View file

@ -1,67 +0,0 @@
user root;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 0;
client_body_buffer_size 10K;
client_header_buffer_size 1k;
client_max_body_size 1G;
large_client_header_buffers 2 1k;
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 1;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript image/svg+xml;
root /www;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name localhost;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:DHE+AESGCM:DHE:!RSA!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!CAMELLIA:!SEED";
ssl_session_tickets off;
ssl_certificate /etc/nginx/nginx.cer;
ssl_certificate_key /etc/nginx/nginx.key;
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
include luci_uwsgi.conf;
}
include /etc/nginx/conf.d/*.conf;
}

67
nginx/files/nginx.init
View file

@ -5,20 +5,69 @@ START=80
USE_PROCD=1 USE_PROCD=1
start_service() { G_OPTS="daemon off;"
[ -f /etc/init.d/uhttpd ] && {
/etc/init.d/uhttpd enabled && { NGINX_UTIL="/usr/bin/nginx-util"
/etc/init.d/uhttpd stop
/etc/init.d/uhttpd disable eval $("${NGINX_UTIL}" get_env)
}
} CONF=""
nginx_init() {
[ -z "${CONF}" ] || return # already called.
[ -d /var/log/nginx ] || mkdir -p /var/log/nginx [ -d /var/log/nginx ] || mkdir -p /var/log/nginx
[ -d /var/lib/nginx ] || mkdir -p /var/lib/nginx [ -d /var/lib/nginx ] || mkdir -p /var/lib/nginx
rm -f "$(readlink "${UCI_CONF}")"
${NGINX_UTIL} init_lan
if [ -e "${UCI_CONF}" ]
then CONF="${UCI_CONF}"
else CONF="${NGINX_CONF}"
fi
local message
message="$(/usr/sbin/nginx -t -c "${CONF}" -g "${G_OPTS}" 2>&1)" ||
{
echo -e "${message}" | logger -t "nginx_init" -p "daemon.err"
logger -s -t "nginx_init" -p "daemon.err" "NOT using conf file!"
echo "show config to be used by: nginx -T -c '${CONF}'" >&2
exit 1
}
logger -t "nginx_init" -p "daemon.info" "using ${CONF} (the test is ok)"
}
start_service() {
nginx_init
procd_open_instance procd_open_instance
procd_set_param command /usr/sbin/nginx -c /etc/nginx/nginx.conf -g 'daemon off;' procd_set_param command /usr/sbin/nginx -c "${CONF}" -g "${G_OPTS}"
procd_set_param file /etc/nginx/nginx.conf procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param file "${CONF}" "${CONF_DIR}*.crt" "${CONF_DIR}*.key" \
"${CONF_DIR}*.conf" "${CONF_DIR}*.locations"
procd_set_param respawn procd_set_param respawn
procd_close_instance procd_close_instance
} }
reload_service() {
nginx_init
if [ "$(cat "/proc/$(cat "/var/run/nginx.pid")/cmdline")" = \
"nginx: master process /usr/sbin/nginx -c ${CONF} -g ${G_OPTS}" ]
then procd_send_signal nginx
else restart
fi
}
extra_command "relog" "Reopen log files (without reloading)"
relog() {
[ -d /var/log/nginx ] || mkdir -p /var/log/nginx
procd_send_signal nginx '*' USR1
}

579
nginx/patches-lua-nginx/101-add-lua-ngx-pipe.patch
View file

@ -1,579 +0,0 @@
Index: nginx-1.17.7/lua-nginx/config
===================================================================
--- nginx-1.17.7.orig/lua-nginx/config
+++ nginx-1.17.7/lua-nginx/config
@@ -362,6 +362,7 @@ HTTP_LUA_SRCS=" \
$ngx_addon_dir/src/ngx_http_lua_ssl.c \
$ngx_addon_dir/src/ngx_http_lua_log_ringbuf.c \
$ngx_addon_dir/src/ngx_http_lua_input_filters.c \
+ $ngx_addon_dir/src/ngx_http_lua_pipe.c \
"
HTTP_LUA_DEPS=" \
@@ -424,6 +425,7 @@ HTTP_LUA_DEPS=" \
$ngx_addon_dir/src/ngx_http_lua_ssl.h \
$ngx_addon_dir/src/ngx_http_lua_log_ringbuf.h \
$ngx_addon_dir/src/ngx_http_lua_input_filters.h \
+ $ngx_addon_dir/src/ngx_http_lua_pipe.h \
"
CFLAGS="$CFLAGS -DNDK_SET_VAR"
@@ -508,6 +510,51 @@ ngx_feature_test="int rc = malloc_trim((
SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS"
CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS"
+. auto/feature
+
+CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
+
+# ----------------------------------------
+
+ngx_feature="pipe2"
+ngx_feature_libs=
+ngx_feature_name="NGX_HTTP_LUA_HAVE_PIPE2"
+ngx_feature_run=no
+ngx_feature_incs="#include <fcntl.h>"
+ngx_feature_test="int fd[2]; pipe2(fd, O_CLOEXEC|O_NONBLOCK);"
+SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS"
+CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS"
+
+. auto/feature
+
+CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
+
+# ----------------------------------------
+
+ngx_feature="signalfd"
+ngx_feature_libs=
+ngx_feature_name="NGX_HTTP_LUA_HAVE_SIGNALFD"
+ngx_feature_run=no
+ngx_feature_incs="#include <sys/signalfd.h>"
+ngx_feature_test="sigset_t set; signalfd(-1, &set, SFD_NONBLOCK|SFD_CLOEXEC);"
+SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS"
+CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS"
+
+. auto/feature
+
+CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
+
+# ----------------------------------------
+
+ngx_feature="execvpe"
+ngx_feature_libs=
+ngx_feature_name="NGX_HTTP_LUA_HAVE_EXECVPE"
+ngx_feature_run=no
+ngx_feature_incs=
+ngx_feature_test='char* argv[] = {"/bin/sh"};execvpe("/bin/sh", argv, NULL);'
+SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS"
+CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS"
+
. auto/feature
CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
Index: nginx-1.17.7/lua-nginx/src/ngx_http_lua_initworkerby.c
===================================================================
--- nginx-1.17.7.orig/lua-nginx/src/ngx_http_lua_initworkerby.c
+++ nginx-1.17.7/lua-nginx/src/ngx_http_lua_initworkerby.c
@@ -12,6 +12,7 @@
#include "ngx_http_lua_initworkerby.h"
#include "ngx_http_lua_util.h"
+#include "ngx_http_lua_pipe.h"
static u_char *ngx_http_lua_log_init_worker_error(ngx_log_t *log,
@@ -65,6 +66,12 @@ ngx_http_lua_init_worker(ngx_cycle_t *cy
return NGX_OK;
}
+
+#ifdef HAVE_NGX_LUA_PIPE
+ if (ngx_http_lua_pipe_add_signal_handler(cycle) != NGX_OK) {
+ return NGX_ERROR;
+ }
+#endif
#endif /* NGX_WIN32 */
if (lmcf->init_worker_handler == NULL) {
Index: nginx-1.17.7/lua-nginx/src/ngx_http_lua_module.c
===================================================================
--- nginx-1.17.7.orig/lua-nginx/src/ngx_http_lua_module.c
+++ nginx-1.17.7/lua-nginx/src/ngx_http_lua_module.c
@@ -29,6 +29,7 @@
#include "ngx_http_lua_ssl_session_storeby.h"
#include "ngx_http_lua_ssl_session_fetchby.h"
#include "ngx_http_lua_headers.h"
+#include "ngx_http_lua_pipe.h"
static void *ngx_http_lua_create_main_conf(ngx_conf_t *cf);
@@ -734,6 +735,10 @@ ngx_http_lua_init(ngx_conf_t *cf)
cln->handler = ngx_http_lua_sema_mm_cleanup;
#endif
+#ifdef HAVE_NGX_LUA_PIPE
+ ngx_http_lua_pipe_init();
+#endif
+
#if nginx_version >= 1011011
cln = ngx_pool_cleanup_add(cf->pool, 0);
if (cln == NULL) {
Index: nginx-1.17.7/lua-nginx/src/ngx_http_lua_util.h
===================================================================
--- nginx-1.17.7.orig/lua-nginx/src/ngx_http_lua_util.h
+++ nginx-1.17.7/lua-nginx/src/ngx_http_lua_util.h
@@ -30,6 +30,12 @@ typedef struct {
* user code cache table */
extern char ngx_http_lua_code_cache_key;
+#define NGX_HTTP_LUA_CONTEXT_YIELDABLE (NGX_HTTP_LUA_CONTEXT_REWRITE \
+ | NGX_HTTP_LUA_CONTEXT_ACCESS \
+ | NGX_HTTP_LUA_CONTEXT_CONTENT \
+ | NGX_HTTP_LUA_CONTEXT_TIMER \
+ | NGX_HTTP_LUA_CONTEXT_SSL_CERT \
+ | NGX_HTTP_LUA_CONTEXT_SSL_SESS_FETCH)
/* key in Lua vm registry for all the "ngx.ctx" tables */
#define ngx_http_lua_ctx_tables_key "ngx_lua_ctx_tables"
Index: nginx-1.17.7/lua-nginx/src/ngx_http_lua_util.c
===================================================================
--- nginx-1.17.7.orig/lua-nginx/src/ngx_http_lua_util.c
+++ nginx-1.17.7/lua-nginx/src/ngx_http_lua_util.c
@@ -52,6 +52,7 @@
#include "ngx_http_lua_ssl_certby.h"
#include "ngx_http_lua_ssl.h"
#include "ngx_http_lua_log_ringbuf.h"
+#include "ngx_http_lua_pipe.h"
#if 1
@@ -744,6 +745,9 @@ ngx_http_lua_inject_ngx_api(lua_State *L
ngx_http_lua_inject_timer_api(L);
ngx_http_lua_inject_config_api(L);
ngx_http_lua_inject_worker_api(L);
+#ifdef HAVE_NGX_LUA_PIPE
+ ngx_http_lua_inject_pipe_api(L);
+#endif
ngx_http_lua_inject_misc_api(L);
Index: nginx-1.17.7/lua-nginx/src/ngx_http_lua_pipe.c
===================================================================
--- nginx-1.17.7.orig/lua-nginx/src/ngx_http_lua_pipe.c
+++ nginx-1.17.7/lua-nginx/src/ngx_http_lua_pipe.c
@@ -83,6 +83,7 @@ static void ngx_http_lua_pipe_proc_wait_
static ngx_rbtree_t ngx_http_lua_pipe_rbtree;
static ngx_rbtree_node_t ngx_http_lua_pipe_proc_sentinel;
+static char ngx_http_lua_proc_metatable_key;
#if (NGX_HTTP_LUA_HAVE_SIGNALFD)
static int ngx_http_lua_signalfd;
@@ -418,6 +419,8 @@ ngx_http_lua_pipe_sigchld_event_handler(
*/
ngx_post_event((&pipe_node->wait_co_ctx->sleep),
&ngx_posted_events);
+ } else {
+ ngx_http_lua_pipe_proc_finalize(pipe_node->proc);
}
pipe_node->proc->pipe->dead = 1;
@@ -2090,7 +2093,31 @@ ngx_http_lua_pipe_read_retval_helper(ngx
rc = ngx_http_lua_pipe_read(pipe, pipe_ctx);
if (rc != NGX_AGAIN) {
- return 0;
+ size_t buf_size = 4096;
+
+ while (1) {
+ u_char *buf, *p;
+
+ buf = ngx_pcalloc(pipe->pool, buf_size);
+ if (!buf) {
+ lua_pushnil(L);
+ lua_pushliteral(L, "no memory");
+ return 2;
+ }
+
+ p = buf;
+
+ ngx_http_lua_pipe_put_data(pipe, pipe_ctx, &p, &buf_size);
+ if (!p) {
+ ngx_pfree(pipe->pool, buf);
+ continue;
+ }
+
+ lua_pushlstring(L, (char *)buf, buf_size);
+ ngx_pfree(pipe->pool, buf);
+ break;
+ }
+ return 1;
}
rev = pipe_ctx->c->read;
@@ -2493,6 +2520,353 @@ ngx_http_lua_pipe_proc_wait_cleanup(void
wait_co_ctx->cleanup = NULL;
}
+static int lua_table_array_cnt(lua_State *L, int idx)
+{
+ int n = 0;
+
+ if (idx < 0)
+ idx = lua_gettop(L) + idx + 1;
+
+ if (!lua_istable(L, idx))
+ return 0;
+
+ lua_pushnil(L); /* stack: table key */
+
+ while (lua_next(L, idx)) { /* stack: table key value */
+ if (lua_type(L, -2) == LUA_TNUMBER) {
+ lua_Number idx = lua_tonumber(L, -2);
+ if (floor(idx) != idx || idx != n + 1)
+ goto non_array;
+ n++;
+ lua_pop(L, 1); /* stack: table key */
+ continue;
+ }
+non_array:
+ lua_pop(L, 2);
+ break;
+ }
+
+ return n;
+}
+
+static void ngx_http_lua_ngx_pipe_set_opt(lua_State *L, int idx, const char *name, int *val)
+{
+ lua_getfield(L, idx, name);
+ if (!lua_isnil(L, -1))
+ *val = lua_tointeger(L, -1);
+ lua_pop(L, 1);
+}
+
+static int ngx_http_lua_ngx_pipe_spawn(lua_State *L)
+{
+ ngx_http_lua_ffi_pipe_proc_t *proc;
+ int merge_stderr = 0;
+ int buffer_size = 4096;
+ int write_timeout = 10000;
+ int stdout_read_timeout = 10000;
+ int stderr_read_timeout = 10000;
+ int wait_timeout = 10000;
+ const char **args = NULL, **envs = NULL;
+ u_char errbuf[512] = "";
+ size_t errbuf_size = sizeof(errbuf);
+ ngx_http_request_t *r;
+ int rc = 1;
+
+ r = ngx_http_lua_get_req(L);
+ if (!r)
+ return luaL_error(L, "no request found");
+
+ if (lua_istable(L, 1)) {
+ int nargs = lua_table_array_cnt(L, 1);
+
+ if (nargs == 0)
+ return luaL_error(L, "bad args arg: non-empty table expected");
+
+ args = ngx_pcalloc(r->pool, sizeof(char *) * (nargs + 1));
+
+ for (int i = 0; i < nargs; i++) {
+ lua_rawgeti(L, 1, i + 1);
+ args[i] = lua_tostring(L, -1);
+ lua_pop(L, 1);
+ }
+ } else if (lua_isstring(L, 1)) {
+ args = ngx_pcalloc(r->pool, sizeof(char *) * 4);
+ args[0] = "/bin/sh";
+ args[1] = "-c";
+ args[2] = lua_tostring(L, 1);
+ } else {
+ return luaL_error(L, "bad args arg: table expected, got '%s'", lua_typename(L, lua_type(L, 1)));
+ }
+
+ if (lua_istable(L, 2)) {
+ lua_getfield(L, 2, "merge_stderr");
+ merge_stderr = lua_toboolean(L, -1);
+ lua_pop(L, 1);
+
+ ngx_http_lua_ngx_pipe_set_opt(L, 2, "buffer_size", &buffer_size);
+ ngx_http_lua_ngx_pipe_set_opt(L, 2, "write_timeout", &write_timeout);
+ ngx_http_lua_ngx_pipe_set_opt(L, 2, "stdout_read_timeout", &stdout_read_timeout);
+ ngx_http_lua_ngx_pipe_set_opt(L, 2, "stderr_read_timeout", &stderr_read_timeout);
+ ngx_http_lua_ngx_pipe_set_opt(L, 2, "wait_timeout", &wait_timeout);
+
+ lua_getfield(L, 2, "environ");
+ if (lua_istable(L, -1)) {
+ int nenv = lua_table_array_cnt(L, -1);
+
+ envs = ngx_pcalloc(r->pool, sizeof(char *) * (nenv + 1));
+
+ for (int i = 0; i < nenv; i++) {
+ lua_rawgeti(L, -1, i + 1);
+ envs[i] = lua_tostring(L, -1);
+ lua_pop(L, 1);
+ }
+ }
+ lua_pop(L, 1);
+ }
+
+ proc = lua_newuserdata(L, sizeof(ngx_http_lua_ffi_pipe_proc_t));
+ if (!proc) {
+ lua_pushnil(L);
+ lua_pushliteral(L, "no memory");
+ rc = 2;
+ goto free_mem;
+ }
+
+ proc->write_timeout = write_timeout;
+ proc->stdout_read_timeout = stdout_read_timeout;
+ proc->stderr_read_timeout = stderr_read_timeout;
+ proc->wait_timeout = wait_timeout;
+
+ lua_pushlightuserdata(L, &ngx_http_lua_proc_metatable_key);
+ lua_rawget(L, LUA_REGISTRYINDEX);
+ lua_setmetatable(L, -2);
+
+ rc = ngx_http_lua_ffi_pipe_spawn(proc, args[0], args, merge_stderr, buffer_size, envs,
+ errbuf, &errbuf_size);
+ if (rc != NGX_OK) {
+ lua_pushnil(L);
+ lua_pushlstring(L, (char *)errbuf, errbuf_size);
+ rc = 2;
+ } else {
+ rc = 1;
+ }
+
+free_mem:
+ if (args)
+ ngx_pfree(r->pool, args);
+ if (envs)
+ ngx_pfree(r->pool, envs);
+ return rc;
+}
+
+static int ngx_http_lua_proc_pid(lua_State *L)
+{
+ ngx_http_lua_ffi_pipe_proc_t *proc = lua_touserdata(L, 1);
+
+ lua_pushinteger(L, proc->_pid);
+ return 1;
+}
+
+static int ngx_http_lua_proc_wait(lua_State *L)
+{
+ ngx_http_lua_ffi_pipe_proc_t *proc = lua_touserdata(L, 1);
+ ngx_http_request_t *r;
+ char *reason;
+ int status;
+ u_char errbuf[128] = "";
+ size_t errbuf_size = sizeof(errbuf);
+ int rc;
+
+ r = ngx_http_lua_get_req(L);
+ if (!r)
+ return luaL_error(L, "no request found");
+
+ rc = ngx_http_lua_ffi_pipe_proc_wait(r, proc, &reason, &status, errbuf, &errbuf_size);
+ switch (rc) {
+ case NGX_OK:
+ lua_pushboolean(L, 1);
+ lua_pushstring(L, reason);
+ lua_pushinteger(L, status);
+ return 3;
+ case NGX_DECLINED:
+ lua_pushboolean(L, 0);
+ lua_pushstring(L, reason);
+ lua_pushinteger(L, status);
+ return 3;
+ case NGX_ERROR:
+ lua_pushnil(L);
+ lua_pushlstring(L, (char *)errbuf, errbuf_size);
+ return 2;
+ default:
+ return lua_yield(L, 0);
+ }
+}
+
+static int ngx_http_lua_proc_kill(lua_State *L)
+{
+ ngx_http_lua_ffi_pipe_proc_t *proc = lua_touserdata(L, 1);
+ u_char errbuf[128] = "";
+ size_t errbuf_size = sizeof(errbuf);
+ int signal;
+ int rc;
+
+ signal = luaL_checkinteger(L, 2);
+
+ rc = ngx_http_lua_ffi_pipe_proc_kill(proc, signal, errbuf, &errbuf_size);
+ if (rc == NGX_OK) {
+ lua_pushnil(L);
+ lua_pushlstring(L, (char *)errbuf, errbuf_size);
+ return 2;
+ }
+
+ lua_pushboolean(L, 1);
+ return 1;
+}
+
+static int ngx_http_lua_proc_read(lua_State *L, int from_stderr, int reader_type)
+{
+ ngx_http_lua_ffi_pipe_proc_t *proc = lua_touserdata(L, 1);
+ ssize_t len = lua_tointeger(L, 2);
+ ngx_http_lua_pipe_ctx_t *pipe_ctx;
+ ngx_http_request_t *r;
+ u_char *buf, *p;
+ size_t buf_size = 4096;
+ u_char errbuf[128] = "";
+ size_t errbuf_size = sizeof(errbuf);
+ int rc;
+
+ switch (reader_type) {
+ case PIPE_READ_BYTES:
+ if (len <= 0) {
+ if (len < 0)
+ return luaL_error(L, "bad len argument");
+ lua_pushliteral(L, "");
+ return 1;
+ }
+ break;
+ case PIPE_READ_ANY:
+ if (len <= 0)
+ return luaL_error(L, "bad max argument");
+ break;
+ default:
+ len = 0;
+ break;
+ }
+
+ r = ngx_http_lua_get_req(L);
+ if (!r)
+ return luaL_error(L, "no request found");
+
+ buf = ngx_pcalloc(proc->pipe->pool, buf_size);
+ p = buf;
+
+ if (!p) {
+ lua_pushnil(L);
+ lua_pushliteral(L, "no memory");
+ return 2;
+ }
+
+ rc = ngx_http_lua_ffi_pipe_proc_read(r, proc, from_stderr, reader_type, len, &p,
+ &buf_size, errbuf,
+ &errbuf_size);
+ if (rc == NGX_OK || rc == NGX_DECLINED) {
+ if (!p) {
+ if (from_stderr)
+ pipe_ctx = proc->pipe->stderr_ctx;
+ else
+ pipe_ctx = proc->pipe->stdout_ctx;
+
+ ngx_pfree(proc->pipe->pool, buf);
+
+ buf = ngx_pcalloc(proc->pipe->pool, buf_size);
+ if (!buf) {
+ lua_pushnil(L);
+ lua_pushliteral(L, "no memory");
+ return 2;
+ }
+ ngx_http_lua_pipe_put_data(proc->pipe, pipe_ctx, &buf, &buf_size);
+ }
+
+ if (rc == NGX_OK) {
+ lua_pushlstring(L, (char *)buf, buf_size);
+ ngx_pfree(proc->pipe->pool, buf);
+ return 1;
+ }
+
+ lua_pushnil(L);
+ lua_pushlstring(L, (char *)errbuf, errbuf_size);
+ lua_pushlstring(L, (char *)buf, buf_size);
+ ngx_pfree(proc->pipe->pool, buf);
+ return 3;
+ }
+
+ if (rc == NGX_ERROR) {
+ lua_pushnil(L);
+ lua_pushlstring(L, (char *)errbuf, errbuf_size);
+ ngx_pfree(proc->pipe->pool, buf);
+ return 2;
+ }
+
+ ngx_pfree(proc->pipe->pool, buf);
+
+ return lua_yield(L, 0);
+}
+
+#define NGX_LUA_PIPE_DEF_READ_FUN(name, from_stderr, reader_type) \
+ static int ngx_http_lua_proc_##name(lua_State *L) \
+ { \
+ return ngx_http_lua_proc_read(L, from_stderr, reader_type); \
+ }
+
+NGX_LUA_PIPE_DEF_READ_FUN(stdout_read_all, 0, PIPE_READ_ALL)
+NGX_LUA_PIPE_DEF_READ_FUN(stdout_read_bytes, 0, PIPE_READ_BYTES)
+NGX_LUA_PIPE_DEF_READ_FUN(stdout_read_line, 0, PIPE_READ_LINE)
+NGX_LUA_PIPE_DEF_READ_FUN(stdout_read_any, 0, PIPE_READ_ANY)
+
+NGX_LUA_PIPE_DEF_READ_FUN(stderr_read_all, 1, PIPE_READ_ALL)
+NGX_LUA_PIPE_DEF_READ_FUN(stderr_read_bytes, 1, PIPE_READ_BYTES)
+NGX_LUA_PIPE_DEF_READ_FUN(stderr_read_line, 1, PIPE_READ_LINE)
+NGX_LUA_PIPE_DEF_READ_FUN(stderr_read_any, 1, PIPE_READ_ANY)
+
+#define NGX_LUA_PIPE_ADD_FUN(name) \
+ do { \
+ lua_pushcfunction(L, ngx_http_lua_proc_##name); \
+ lua_setfield(L, -2, #name); \
+ } while (0)
+
+void ngx_http_lua_inject_pipe_api(lua_State *L)
+{
+ lua_createtable(L, 0 /* narr */, 1 /* nrec */); /* ngx.pipe. */
+
+ lua_pushcfunction(L, ngx_http_lua_ngx_pipe_spawn);
+ lua_setfield(L, -2, "spawn");
+
+ lua_setfield(L, -2, "pipe");
+
+ /* {{{proc object metatable */
+ lua_pushlightuserdata(L, &ngx_http_lua_proc_metatable_key);
+
+ lua_createtable(L, 0 /* narr */, 2 /* nrec */); /* mt */
+
+ lua_createtable(L, 0 /* narr */, 11 /* nrec */); /* __index */
+
+ NGX_LUA_PIPE_ADD_FUN(pid);
+ NGX_LUA_PIPE_ADD_FUN(wait);
+ NGX_LUA_PIPE_ADD_FUN(kill);
+ NGX_LUA_PIPE_ADD_FUN(stdout_read_all);
+ NGX_LUA_PIPE_ADD_FUN(stdout_read_bytes);
+ NGX_LUA_PIPE_ADD_FUN(stdout_read_line);
+ NGX_LUA_PIPE_ADD_FUN(stdout_read_any);
+ NGX_LUA_PIPE_ADD_FUN(stderr_read_all);
+ NGX_LUA_PIPE_ADD_FUN(stderr_read_bytes);
+ NGX_LUA_PIPE_ADD_FUN(stderr_read_line);
+ NGX_LUA_PIPE_ADD_FUN(stderr_read_any);
+
+ lua_setfield(L, -2, "__index");
+
+ lua_rawset(L, LUA_REGISTRYINDEX);
+ /* }}} */
+}
#endif /* HAVE_NGX_LUA_PIPE */
Index: nginx-1.17.7/lua-nginx/src/ngx_http_lua_pipe.h
===================================================================
--- nginx-1.17.7.orig/lua-nginx/src/ngx_http_lua_pipe.h
+++ nginx-1.17.7/lua-nginx/src/ngx_http_lua_pipe.h
@@ -86,6 +86,7 @@ typedef struct {
void ngx_http_lua_pipe_init(void);
ngx_int_t ngx_http_lua_pipe_add_signal_handler(ngx_cycle_t *cycle);
+void ngx_http_lua_inject_pipe_api(lua_State *L);
#endif

19
nginx/patches/104-endianness_fix.patch Normal file
View file

@ -0,0 +1,19 @@
--- a/auto/endianness
+++ b/auto/endianness
@@ -12,6 +12,16 @@ checking for system byte ordering
END
+if [ "${CONFIG_BIG_ENDIAN}" != "y" ]; then
+ echo " little endian"
+ have=NGX_HAVE_LITTLE_ENDIAN . auto/have
+else
+ echo " big endian"
+fi
+
+return
+
+
cat << END > $NGX_AUTOTEST.c

2
nginx/patches/201-ignore-invalid-options.patch
View file

@ -1,6 +1,6 @@
--- a/auto/options --- a/auto/options
+++ b/auto/options +++ b/auto/options
@@ -396,8 +396,7 @@ $0: warning: the \"--with-sha1-asm\" opt @@ -400,8 +400,7 @@ $0: warning: the \"--with-sha1-asm\" opt
--test-build-solaris-sendfilev) NGX_TEST_BUILD_SOLARIS_SENDFILEV=YES ;; --test-build-solaris-sendfilev) NGX_TEST_BUILD_SOLARIS_SENDFILEV=YES ;;
*) *)

11
nginx/patches/300-max-processes.patch
View file

@ -1,11 +0,0 @@
--- a/src/os/unix/ngx_process.h
+++ b/src/os/unix/ngx_process.h
@@ -44,7 +44,7 @@ typedef struct {
} ngx_exec_ctx_t;
-#define NGX_MAX_PROCESSES 1024
+#define NGX_MAX_PROCESSES 8
#define NGX_PROCESS_NORESPAWN -1
#define NGX_PROCESS_JUST_SPAWN -2

174
nginx/patches/400-socket-cloexec.patch
View file

@ -1,174 +0,0 @@
Index: nginx-1.17.7/auto/unix
===================================================================
--- nginx-1.17.7.orig/auto/unix
+++ nginx-1.17.7/auto/unix
@@ -1037,3 +1037,27 @@ ngx_feature_test='struct addrinfo *res;
if (getaddrinfo("localhost", NULL, NULL, &res) != 0) return 1;
freeaddrinfo(res)'
. auto/feature
+
+ngx_feature="SOCK_CLOEXEC support"
+ngx_feature_name="NGX_HAVE_SOCKET_CLOEXEC"
+ngx_feature_run=no
+ngx_feature_incs="#include <sys/types.h>
+ #include <sys/socket.h>"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="int fd;
+ fd = socket(AF_INET, SOCK_STREAM | SOCK_CLOEXEC, 0);"
+. auto/feature
+
+ngx_feature="FD_CLOEXEC support"
+ngx_feature_name="NGX_HAVE_FD_CLOEXEC"
+ngx_feature_run=no
+ngx_feature_incs="#include <sys/types.h>
+ #include <sys/socket.h>
+ #include <fcntl.h>"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="int fd;
+ fd = socket(AF_INET, SOCK_STREAM, 0);
+ fcntl(fd, F_SETFD, FD_CLOEXEC);"
+. auto/feature
Index: nginx-1.17.7/src/core/ngx_resolver.c
===================================================================
--- nginx-1.17.7.orig/src/core/ngx_resolver.c
+++ nginx-1.17.7/src/core/ngx_resolver.c
@@ -4492,7 +4492,11 @@ ngx_tcp_connect(ngx_resolver_connection_
ngx_event_t *rev, *wev;
ngx_connection_t *c;
+#if (NGX_HAVE_SOCKET_CLOEXEC)
+ s = ngx_socket(rec->sockaddr->sa_family, SOCK_STREAM | SOCK_CLOEXEC, 0);
+#else
s = ngx_socket(rec->sockaddr->sa_family, SOCK_STREAM, 0);
+#endif
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, &rec->log, 0, "TCP socket %d", s);
@@ -4520,6 +4524,15 @@ ngx_tcp_connect(ngx_resolver_connection_
goto failed;
}
+#if (NGX_HAVE_FD_CLOEXEC)
+ if (ngx_cloexec(s) == -1) {
+ ngx_log_error(NGX_LOG_ALERT, &rec->log, ngx_socket_errno,
+ ngx_cloexec_n " failed");
+
+ goto failed;
+ }
+#endif
+
rev = c->read;
wev = c->write;
Index: nginx-1.17.7/src/event/ngx_event.h
===================================================================
--- nginx-1.17.7.orig/src/event/ngx_event.h
+++ nginx-1.17.7/src/event/ngx_event.h
@@ -73,6 +73,9 @@ struct ngx_event_s {
/* to test on worker exit */
unsigned channel:1;
unsigned resolver:1;
+#if (HAVE_SOCKET_CLOEXEC_PATCH)
+ unsigned skip_socket_leak_check:1;
+#endif
unsigned cancelable:1;
Index: nginx-1.17.7/src/event/ngx_event_accept.c
===================================================================
--- nginx-1.17.7.orig/src/event/ngx_event_accept.c
+++ nginx-1.17.7/src/event/ngx_event_accept.c
@@ -57,7 +57,7 @@ ngx_event_accept(ngx_event_t *ev)
#if (NGX_HAVE_ACCEPT4)
if (use_accept4) {
- s = accept4(lc->fd, &sa.sockaddr, &socklen, SOCK_NONBLOCK);
+ s = accept4(lc->fd, &sa.sockaddr, &socklen, SOCK_NONBLOCK | SOCK_CLOEXEC);
} else {
s = accept(lc->fd, &sa.sockaddr, &socklen);
}
@@ -197,6 +197,14 @@ ngx_event_accept(ngx_event_t *ev)
ngx_close_accepted_connection(c);
return;
}
+#if (NGX_HAVE_FD_CLOEXEC)
+ if (ngx_cloexec(s) == -1) {
+ ngx_log_error(NGX_LOG_ALERT, ev->log, ngx_socket_errno,
+ ngx_cloexec_n " failed");
+ ngx_close_accepted_connection(c);
+ return;
+ }
+#endif
}
}
Index: nginx-1.17.7/src/event/ngx_event_connect.c
===================================================================
--- nginx-1.17.7.orig/src/event/ngx_event_connect.c
+++ nginx-1.17.7/src/event/ngx_event_connect.c
@@ -38,7 +38,11 @@ ngx_event_connect_peer(ngx_peer_connecti
type = (pc->type ? pc->type : SOCK_STREAM);
+#if (NGX_HAVE_SOCKET_CLOEXEC)
+ s = ngx_socket(pc->sockaddr->sa_family, type | SOCK_CLOEXEC, 0);
+#else
s = ngx_socket(pc->sockaddr->sa_family, type, 0);
+#endif
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, pc->log, 0, "%s socket %d",
(type == SOCK_STREAM) ? "stream" : "dgram", s);
@@ -92,6 +96,15 @@ ngx_event_connect_peer(ngx_peer_connecti
goto failed;
}
+#if (NGX_HAVE_FD_CLOEXEC)
+ if (ngx_cloexec(s) == -1) {
+ ngx_log_error(NGX_LOG_ALERT, pc->log, ngx_socket_errno,
+ ngx_cloexec_n " failed");
+
+ goto failed;
+ }
+#endif
+
if (pc->local) {
#if (NGX_HAVE_TRANSPARENT_PROXY)
Index: nginx-1.17.7/src/os/unix/ngx_process_cycle.c
===================================================================
--- nginx-1.17.7.orig/src/os/unix/ngx_process_cycle.c
+++ nginx-1.17.7/src/os/unix/ngx_process_cycle.c
@@ -991,6 +991,9 @@ ngx_worker_process_exit(ngx_cycle_t *cyc
for (i = 0; i < cycle->connection_n; i++) {
if (c[i].fd != -1
&& c[i].read
+#if (HAVE_SOCKET_CLOEXEC_PATCH)
+ && !c[i].read->skip_socket_leak_check
+#endif
&& !c[i].read->accept
&& !c[i].read->channel
&& !c[i].read->resolver)
Index: nginx-1.17.7/src/os/unix/ngx_socket.h
===================================================================
--- nginx-1.17.7.orig/src/os/unix/ngx_socket.h
+++ nginx-1.17.7/src/os/unix/ngx_socket.h
@@ -45,6 +45,17 @@ int ngx_blocking(ngx_socket_t s);
#endif
+#if (NGX_HAVE_FD_CLOEXEC)
+
+#define ngx_cloexec(s) fcntl(s, F_SETFD, FD_CLOEXEC)
+#define ngx_cloexec_n "fcntl(FD_CLOEXEC)"
+
+/* at least FD_CLOEXEC is required to ensure connection fd is closed
+ * after execve */
+#define HAVE_SOCKET_CLOEXEC_PATCH 1
+
+#endif
+
int ngx_tcp_nopush(ngx_socket_t s);
int ngx_tcp_push(ngx_socket_t s);

2499
nginx/src/lua-nginx/src/ngx_http_lua_pipe.c
View file

File diff suppressed because it is too large Load diff

94
nginx/src/lua-nginx/src/ngx_http_lua_pipe.h
View file

@ -1,94 +0,0 @@
/*
* Copyright (C) by OpenResty Inc.
*/
#ifndef _NGX_HTTP_LUA_PIPE_H_INCLUDED_
#define _NGX_HTTP_LUA_PIPE_H_INCLUDED_
#include "ngx_http_lua_common.h"
typedef ngx_int_t (*ngx_http_lua_pipe_input_filter)(void *data, ssize_t bytes);
typedef struct {
ngx_connection_t *c;
ngx_http_lua_pipe_input_filter input_filter;
void *input_filter_ctx;
size_t rest;
ngx_chain_t *buf_in;
ngx_chain_t *bufs_in;
ngx_buf_t buffer;
ngx_err_t pipe_errno;
unsigned err_type:16;
unsigned eof:1;
} ngx_http_lua_pipe_ctx_t;
typedef struct ngx_http_lua_pipe_s ngx_http_lua_pipe_t;
typedef struct {
ngx_pid_t _pid;
ngx_msec_t write_timeout;
ngx_msec_t stdout_read_timeout;
ngx_msec_t stderr_read_timeout;
ngx_msec_t wait_timeout;
/* pipe hides the implementation from the Lua binding */
ngx_http_lua_pipe_t *pipe;
} ngx_http_lua_ffi_pipe_proc_t;
typedef int (*ngx_http_lua_pipe_retval_handler)(
ngx_http_lua_ffi_pipe_proc_t *proc, lua_State *L);
struct ngx_http_lua_pipe_s {
ngx_pool_t *pool;
ngx_chain_t *free_bufs;
ngx_rbtree_node_t *node;
int stdin_fd;
int stdout_fd;
int stderr_fd;
ngx_http_lua_pipe_ctx_t *stdin_ctx;
ngx_http_lua_pipe_ctx_t *stdout_ctx;
ngx_http_lua_pipe_ctx_t *stderr_ctx;
ngx_http_lua_pipe_retval_handler retval_handler;
size_t buffer_size;
unsigned closed:1;
unsigned dead:1;
unsigned timeout:1;
unsigned merge_stderr:1;
};
typedef struct {
u_char color;
u_char reason_code;
int status;
ngx_http_lua_co_ctx_t *wait_co_ctx;
ngx_http_lua_ffi_pipe_proc_t *proc;
} ngx_http_lua_pipe_node_t;
typedef struct {
int signo;
char *signame;
} ngx_http_lua_pipe_signal_t;
#if !(NGX_WIN32) && defined(HAVE_SOCKET_CLOEXEC_PATCH)
#define HAVE_NGX_LUA_PIPE 1
void ngx_http_lua_pipe_init(void);
ngx_int_t ngx_http_lua_pipe_add_signal_handler(ngx_cycle_t *cycle);
#endif
#endif /* _NGX_HTTP_LUA_PIPE_H_INCLUDED_ */
/* vi:set ft=c ts=4 sw=4 et fdm=marker: */