From 37762abcb46955467482174019249178d68e9aea Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Mon, 18 Sep 2023 09:30:56 +0800 Subject: [PATCH 01/29] rust: Set rustflags by environment variable In order to use $(RUSTC_TARGET_ARCH) in HOST_BUILD_DIR, the line to include rust-values.mk in the Rust makefile was moved in f489e019ac4a15e974518d9928ef913a157d135a, causing it to be included before package.mk is included. This had the side effect of preventing "-lssp_nonshared" from being added to RUSTC_LDFLAGS, because PKG_SSP is indirectly set by package.mk (package.mk includes hardening.mk, hardening.mk sets PKG_SSP). There is a deeper issue; it is the Rust package's PKG_SSP value that causes RUSTC_LDFLAGS to be set and written to the Cargo config file. For packages that use Rust to build, their PKG_SSP value does not affect the linker flag. This sets rustflags with the RUSTFLAGS environment variable, instead of writing the value to the Cargo config file, allowing PKG_SSP from the package being built to be used and for the package being built to modify the rustflags used. This also: * Fix "-lssp_nonshared" being added to TARGET_CFLAGS instead of RUSTC_LDFLAGS, when CONFIG_PKG_CC_STACKPROTECTOR_STRONG is set. * Remove the use of $(RUSTC_TARGET_ARCH) in HOST_BUILD_DIR and move the include line for rust-values.mk back to after package.mk. Since the host build directory was moved under the target build directory in efdbac38dc8b649ca26b49fac27abeb5cf76cd28, it is no longer necessary to separate build directories with RUSTC_TARGET_ARCH; $(BUILD_DIR) already separates build directories by target. * Add BUILDONLY:=1, as the Rust package does not build a target package. * Install the Cargo config file as "config.toml" instead of "config", as this is the preferred form[1]. * Rename RUST_CFLAGS to RUSTC_CFLAGS and CONFIG_HOST_SUFFIX to RUSTC_HOST_SUFFIX, for consistency. * Allow CARGO_VARS to be set before rust-values.mk is included. [1]: https://doc.rust-lang.org/cargo/reference/config.html#hierarchical-structure Fixes: f489e019ac4a ("rust: compile host package per target") Fixes: 83785a7ce016 ("rust-lang: Add the rust language support") Fixes: https://github.com/openwrt/packages/issues/22133 Signed-off-by: Jeffery To --- lang/rust/Makefile | 10 +++++----- lang/rust/files/cargo-config | 1 - lang/rust/rust-package.mk | 3 ++- lang/rust/rust-values.mk | 30 ++++++++++++++++-------------- 4 files changed, 23 insertions(+), 21 deletions(-) diff --git a/lang/rust/Makefile b/lang/rust/Makefile index a3b92682b..096b225c3 100644 --- a/lang/rust/Makefile +++ b/lang/rust/Makefile @@ -3,16 +3,15 @@ # Copyright (C) 2023 Luca Barbato and Donald Hoskins include $(TOPDIR)/rules.mk -include ./rust-values.mk PKG_NAME:=rust PKG_VERSION:=1.72.0 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=rustc-$(PKG_VERSION)-src.tar.gz PKG_SOURCE_URL:=https://static.rust-lang.org/dist/ PKG_HASH:=ea9d61bbb51d76b6ea681156f69f0e0596b59722f04414b01c6e100b4b5be3a1 -HOST_BUILD_DIR:=$(BUILD_DIR)/host/rust-$(RUSTC_TARGET_ARCH)/rustc-$(PKG_VERSION)-src +HOST_BUILD_DIR:=$(BUILD_DIR)/host/rustc-$(PKG_VERSION)-src PKG_MAINTAINER:=Luca Barbato PKG_LICENSE:=Apache-2.0 MIT @@ -23,6 +22,7 @@ PKG_HOST_ONLY:=1 include $(INCLUDE_DIR)/host-build.mk include $(INCLUDE_DIR)/package.mk +include ./rust-values.mk define Package/rust SECTION:=lang @@ -31,6 +31,7 @@ define Package/rust TITLE:=Rust Programming Language Compiler URL:=https://www.rust-lang.org/ DEPENDS:=$(RUST_ARCH_DEPENDS) + BUILDONLY:=1 endef define Package/rust/description @@ -95,8 +96,7 @@ define Host/Install \ sed -e 's|@RUSTC_TARGET_ARCH@|$(RUSTC_TARGET_ARCH)|g' \ -e 's|@TARGET_CC_NOCACHE@|$(TARGET_CC_NOCACHE)|g' \ - -e 's|@RUSTC_LDFLAGS@|$(RUSTC_LDFLAGS)|g' \ - $(CURDIR)/files/cargo-config > $(CARGO_HOME)/config ; \ + $(CURDIR)/files/cargo-config > $(CARGO_HOME)/config.toml ; \ ) endef diff --git a/lang/rust/files/cargo-config b/lang/rust/files/cargo-config index 2ed512931..2f490dc58 100644 --- a/lang/rust/files/cargo-config +++ b/lang/rust/files/cargo-config @@ -1,6 +1,5 @@ [target.@RUSTC_TARGET_ARCH@] linker = "@TARGET_CC_NOCACHE@" -rustflags = ["-Ctarget-feature=-crt-static", "-Clink-args=@RUSTC_LDFLAGS@"] [profile.stripped] inherits = "release" diff --git a/lang/rust/rust-package.mk b/lang/rust/rust-package.mk index e8cf7d712..8d30ee86c 100644 --- a/lang/rust/rust-package.mk +++ b/lang/rust/rust-package.mk @@ -22,9 +22,10 @@ define Build/Compile/Cargo cd $(PKG_BUILD_DIR) ; \ export PATH="$(CARGO_HOME)/bin:$(PATH)" ; \ CARGO_HOME=$(CARGO_HOME) \ - TARGET_CFLAGS="$(TARGET_CFLAGS) $(RUST_CFLAGS)" \ + TARGET_CFLAGS="$(TARGET_CFLAGS) $(RUSTC_CFLAGS)" \ TARGET_CC=$(TARGET_CC_NOCACHE) \ CC=$(HOSTCC_NOCACHE) \ + RUSTFLAGS="$(CARGO_RUSTFLAGS)" \ $(CARGO_VARS) \ cargo install -v \ --profile stripped \ diff --git a/lang/rust/rust-values.mk b/lang/rust/rust-values.mk index 58ce2f16d..dfd417340 100644 --- a/lang/rust/rust-values.mk +++ b/lang/rust/rust-values.mk @@ -3,24 +3,26 @@ # Copyright (C) 2023 Luca Barbato and Donald Hoskins # Rust Environmental Vars -CONFIG_HOST_SUFFIX:=$(word 4, $(subst -, ,$(GNU_HOST_NAME))) -RUSTC_HOST_ARCH:=$(HOST_ARCH)-unknown-linux-$(CONFIG_HOST_SUFFIX) +RUSTC_HOST_SUFFIX:=$(word 4, $(subst -, ,$(GNU_HOST_NAME))) +RUSTC_HOST_ARCH:=$(HOST_ARCH)-unknown-linux-$(RUSTC_HOST_SUFFIX) CARGO_HOME:=$(STAGING_DIR)/host/cargo -CARGO_VARS:= +CARGO_VARS?= ifeq ($(CONFIG_USE_MUSL),y) -# Force linking of the SSP library for musl -ifdef CONFIG_PKG_CC_STACKPROTECTOR_REGULAR - ifeq ($(strip $(PKG_SSP)),1) - RUSTC_LDFLAGS += -lssp_nonshared + # Force linking of the SSP library for musl + ifdef CONFIG_PKG_CC_STACKPROTECTOR_REGULAR + ifeq ($(strip $(PKG_SSP)),1) + RUSTC_LDFLAGS+=-lssp_nonshared + endif + endif + ifdef CONFIG_PKG_CC_STACKPROTECTOR_STRONG + ifeq ($(strip $(PKG_SSP)),1) + RUSTC_LDFLAGS+=-lssp_nonshared + endif endif endif -ifdef CONFIG_PKG_CC_STACKPROTECTOR_STRONG - ifeq ($(strip $(PKG_SSP)),1) - TARGET_CFLAGS += -lssp_nonshared - endif -endif -endif + +CARGO_RUSTFLAGS+=-Ctarget-feature=-crt-static $(RUSTC_LDFLAGS) ifeq ($(HOST_OS),Darwin) ifeq ($(HOST_ARCH),arm64) @@ -55,7 +57,7 @@ ifeq ($(ARCH),arm) endif ifeq ($(ARCH),aarch64) - RUST_CFLAGS:=-mno-outline-atomics + RUSTC_CFLAGS:=-mno-outline-atomics endif # Support only a subset for now. From 8b3bf5bb88ce00a78312ed2da7dea7efa54de197 Mon Sep 17 00:00:00 2001 From: Oskari Rauta Date: Tue, 19 Sep 2023 17:03:05 +0300 Subject: [PATCH 02/29] slirp4netns: update to 1.2.2 v1.2.2 changes: - Enabled reproducible builds v1.2.1 changes: - sandbox: Add support for escaping resolv.conf symlinks. This fixes usage in WSL environments which symlinks /etc/resolv.conf under a shared location under /mnt. Signed-off-by: Oskari Rauta --- utils/slirp4netns/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/slirp4netns/Makefile b/utils/slirp4netns/Makefile index b3badba72..17be579d5 100644 --- a/utils/slirp4netns/Makefile +++ b/utils/slirp4netns/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=slirp4netns -PKG_VERSION:=1.2.0 +PKG_VERSION:=1.2.2 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/rootless-containers/slirp4netns/archive/v$(PKG_VERSION) -PKG_HASH:=b584edde686d3cfbac210cbdb93c4b0ba5d8cc0a6a4d92b9dfc3c5baec99c727 +PKG_HASH:=2450afb5730ee86a70f9c3f0d3fbc8981ab8e147246f4e0d354f0226a3a40b36 PKG_MAINTAINER:=Oskari Rauta PKG_LICENSE:=GPL-2.0-or-later From 6a8d3565f0a99fe22cac6db9a8bbf553b7dff5a5 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Wed, 20 Sep 2023 01:01:48 +0200 Subject: [PATCH 03/29] bind: update to version 9.18.18 Release notes: https://downloads.isc.org/isc/bind9/9.18.18/doc/arm/html/notes.html#notes-for-bind-9-18-18 https://downloads.isc.org/isc/bind9/9.18.17/doc/arm/html/notes.html#notes-for-bind-9-18-17 Signed-off-by: Josef Schlehofer --- net/bind/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/bind/Makefile b/net/bind/Makefile index ff397921d..16041aa1d 100644 --- a/net/bind/Makefile +++ b/net/bind/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=bind -PKG_VERSION:=9.18.16 +PKG_VERSION:=9.18.18 PKG_RELEASE:=1 USERID:=bind=57:bind=57 @@ -22,7 +22,7 @@ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:= \ https://www.mirrorservice.org/sites/ftp.isc.org/isc/bind9/$(PKG_VERSION) \ https://ftp.isc.org/isc/bind9/$(PKG_VERSION) -PKG_HASH:=c88234fe07ee75c3c8a9e59152fee64b714643de8e22cf98da3db4d0b57e0775 +PKG_HASH:=d735cdc127a6c5709bde475b5bf16fa2133f36fdba202f7c3c37d134e5192160 PKG_FIXUP:=autoreconf PKG_REMOVE_FILES:=aclocal.m4 libtool.m4 From 1df594bc01b0c7be34cd6eb477ebd1621959d15d Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Wed, 20 Sep 2023 21:00:32 +0200 Subject: [PATCH 04/29] libuecc: update repository URL I've changed my username to neocturne. Signed-off-by: Matthias Schiffer --- libs/libuecc/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libs/libuecc/Makefile b/libs/libuecc/Makefile index 57ca7a377..afd2af22f 100644 --- a/libs/libuecc/Makefile +++ b/libs/libuecc/Makefile @@ -13,7 +13,7 @@ PKG_RELEASE:=2 PKG_MAINTAINER:=Matthias Schiffer PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://github.com/NeoRaider/libuecc/releases/download/v$(PKG_VERSION) +PKG_SOURCE_URL:=https://github.com/neocturne/libuecc/releases/download/v$(PKG_VERSION) PKG_HASH:=b94aef08eab5359d0facaa7ead2ce81b193eef0c61379d9835213ebc0a46257a PKG_LICENSE:=BSD-2-Clause @@ -26,7 +26,7 @@ define Package/libuecc SECTION:=libs CATEGORY:=Libraries TITLE:=Very small Elliptic Curve Cryptography library - URL:=https://github.com/NeoRaider/libuecc/ + URL:=https://github.com/neocturne/libuecc/ endef TARGET_CFLAGS += -ffunction-sections -fdata-sections From ac897e05dd6a30be498897494843962db4633436 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Wed, 20 Sep 2023 21:01:01 +0200 Subject: [PATCH 05/29] fastd: update repository URL I've changed my username to neocturne. Signed-off-by: Matthias Schiffer --- net/fastd/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/fastd/Makefile b/net/fastd/Makefile index fee7795d3..69b0f56cd 100644 --- a/net/fastd/Makefile +++ b/net/fastd/Makefile @@ -13,7 +13,7 @@ PKG_RELEASE=3 PKG_MAINTAINER:=Matthias Schiffer PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_SOURCE_URL:=https://github.com/NeoRaider/fastd/releases/download/v$(PKG_VERSION) +PKG_SOURCE_URL:=https://github.com/neocturne/fastd/releases/download/v$(PKG_VERSION) PKG_HASH:=19750b88705d66811b7c21b672537909c19ae6b21350688cbd1a3a54d08a8951 PKG_LICENSE:=BSD-2-Clause LGPL-2.1-or-later @@ -53,7 +53,7 @@ define Package/fastd CATEGORY:=Network DEPENDS:=+kmod-tun +libpthread +libuecc +FASTD_WITH_STATUS_SOCKET:libjson-c +FASTD_WITH_CAPABILITIES:libcap TITLE:=Fast and Secure Tunneling Daemon - URL:=https://github.com/NeoRaider/fastd/ + URL:=https://github.com/neocturne/fastd/ SUBMENU:=VPN endef From 86355454094ce47f47a468727897e335ba2f316d Mon Sep 17 00:00:00 2001 From: Hirokazu MORIKAWA Date: Wed, 20 Sep 2023 16:01:35 +0900 Subject: [PATCH 06/29] node: bump to v18.18.0 Update to v18.18.0 Signed-off-by: Hirokazu MORIKAWA --- lang/node/Makefile | 4 ++-- lang/node/patches/999-localhost-no-addrconfig.patch | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/lang/node/Makefile b/lang/node/Makefile index 90cc06ff0..a58b3286d 100644 --- a/lang/node/Makefile +++ b/lang/node/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=node -PKG_VERSION:=v18.17.1 +PKG_VERSION:=v18.18.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://nodejs.org/dist/$(PKG_VERSION) -PKG_HASH:=f215cf03d0f00f07ac0b674c6819f804c1542e16f152da04980022aeccf5e65a +PKG_HASH:=e4d4dbac3634d99f892f00db47da78f98493c339582e8a95fb2dd59f5cfe0f90 PKG_MAINTAINER:=Hirokazu MORIKAWA , Adrian Panella PKG_LICENSE:=MIT diff --git a/lang/node/patches/999-localhost-no-addrconfig.patch b/lang/node/patches/999-localhost-no-addrconfig.patch index 54b1a3a00..dadfd14ec 100644 --- a/lang/node/patches/999-localhost-no-addrconfig.patch +++ b/lang/node/patches/999-localhost-no-addrconfig.patch @@ -13,7 +13,7 @@ Forwarded: https://github.com/nodejs/node/issues/33816 // // Permission is hereby granted, free of charge, to any person obtaining a // copy of this software and associated documentation files (the -@@ -1266,13 +1267,6 @@ function lookupAndConnect(self, options) +@@ -1321,13 +1322,6 @@ function lookupAndConnect(self, options) hints: options.hints || 0, }; From 0ea5e63b15065b79fc6d9fef799e3947750c8368 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Wed, 20 Sep 2023 19:05:24 +0800 Subject: [PATCH 07/29] setools: Update to 4.4.3 Signed-off-by: Jeffery To --- utils/setools/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/setools/Makefile b/utils/setools/Makefile index 2bb4c7ff4..39eef7cd7 100644 --- a/utils/setools/Makefile +++ b/utils/setools/Makefile @@ -6,12 +6,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=setools -PKG_VERSION:=4.4.2 +PKG_VERSION:=4.4.3 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=https://github.com/SELinuxProject/setools/releases/download/$(PKG_VERSION) -PKG_HASH:=f23e3c8635aa289096ca0218ca6f4568a4346e088bc46f374cb0917b7fb66f05 +PKG_HASH:=2f751599dbed0d628fb268a3302dd8c578829f302bd28e8c08e182aef7fd5cb8 PKG_BUILD_DEPENDS:=python-cython/host # Cython>=0.27 From 77cebb0d0391e7f6f8594a4b046beac702124609 Mon Sep 17 00:00:00 2001 From: Jeffery To Date: Wed, 20 Sep 2023 17:57:00 +0800 Subject: [PATCH 08/29] python3-networkx: Update to 3.1, rename source package This renames the source package to python-networkx to match other Python packages. This also updates the list of dependencies. Signed-off-by: Jeffery To --- .../{python3-networkx => python-networkx}/Makefile | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) rename lang/python/{python3-networkx => python-networkx}/Makefile (80%) diff --git a/lang/python/python3-networkx/Makefile b/lang/python/python-networkx/Makefile similarity index 80% rename from lang/python/python3-networkx/Makefile rename to lang/python/python-networkx/Makefile index e4d75305b..d0ea86c3d 100644 --- a/lang/python/python3-networkx/Makefile +++ b/lang/python/python-networkx/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk -PKG_NAME:=python3-networkx -PKG_VERSION:=2.8.8 +PKG_NAME:=python-networkx +PKG_VERSION:=3.1 PKG_RELEASE:=1 PYPI_NAME:=networkx -PKG_HASH:=230d388117af870fce5647a3c52401fcf753e94720e6ea6b4197a5355648885e +PKG_HASH:=de346335408f84de0eada6ff9fafafff9bcda11f0a0dfaa931133debb146ab61 PKG_LICENSE:=BSD-3-clause PKG_LICENSE_FILES:=LICENSE.txt @@ -25,8 +25,8 @@ define Package/python3-networkx CATEGORY:=Languages SUBMENU:=Python TITLE:=Creating and manipulating graphs and networks - URL:=https://networkx.github.io/ - DEPENDS:=+python3-light +python3-decorator + URL:=https://networkx.org/ + DEPENDS:=+python3-light +python3-uuid +python3-xml endef define Package/python3-networkx/description From 29a9a6a4a7b797097992eb7ff2cfd84d11920b25 Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Tue, 19 Sep 2023 23:59:29 +0200 Subject: [PATCH 09/29] msmtp: update to version 1.8.24 Release notes: https://github.com/marlam/msmtp-mirror/commit/ef62463e4d0dc1f8e7f1db4f8dd35650999c13f9X Signed-off-by: Josef Schlehofer --- mail/msmtp/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mail/msmtp/Makefile b/mail/msmtp/Makefile index e953eb4e5..0bb48b127 100644 --- a/mail/msmtp/Makefile +++ b/mail/msmtp/Makefile @@ -9,12 +9,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=msmtp -PKG_VERSION:=1.8.19 +PKG_VERSION:=1.8.24 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://marlam.de/msmtp/releases -PKG_HASH:=34a1e1981176874dbe4ee66ee0d9103c90989aa4dcdc4861e4de05ce7e44526b +PKG_HASH:=bd6644b1aaab17d61b86647993e3efad860b23c54283b00ddc579c1f5110aa59 PKG_MAINTAINER:= PKG_LICENSE:=GPL-3.0-or-later From e3ab95185cb67e6d5753b2d7380bac74c4ef4acd Mon Sep 17 00:00:00 2001 From: Josef Schlehofer Date: Wed, 20 Sep 2023 01:48:12 +0200 Subject: [PATCH 10/29] czmq: drop libpcre dependency It seems like the libpcre dependency was added by mistake. While checking in the source code of czmq (Makefile.am, CMakeLists.txt), I see there are several dependencies, but there isn't PCRE. Fixes: 936a48a ("czmq: add new package") Signed-off-by: Josef Schlehofer --- libs/czmq/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libs/czmq/Makefile b/libs/czmq/Makefile index e6f606d53..169463edc 100644 --- a/libs/czmq/Makefile +++ b/libs/czmq/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=czmq PKG_VERSION:=4.2.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/zeromq/czmq/releases/download/v$(PKG_VERSION)/ @@ -30,7 +30,7 @@ define Package/czmq TITLE:=CZMQ High-level C binding for ZeroMQ URL:=http://czmq.zeromq.org ABI_VERSION:=4 - DEPENDS:=+libzmq +libuuid +libpcre +libmicrohttpd +liblz4 +libcurl + DEPENDS:=+libzmq +libuuid +libmicrohttpd +liblz4 +libcurl endef define Package/czmq/description From 41c9155a802727a95d4c110752190c2a24611196 Mon Sep 17 00:00:00 2001 From: Darryl Sokoloski Date: Thu, 10 Aug 2023 15:48:32 +0000 Subject: [PATCH 11/29] netifyd: Updated to v4.4.7 Bug Fixes - Fixed mbedTLS crashes and TLS handshake errors when the nDPI-bundled libgcrypt "lite" version conflicts with the system version (via libcurl). - Fixed linking order issue with libini. - Fixed non-portable static linking warning with libndpi. - Write flows to sockets regardless if "add_flows" is true. - Fixed compilation error if _DIRENT_HAVE_D_RECLEN isn't defined. - Fixed Agent path. - [OpenWrt] Switch to "grep -E" as "egrep" is deprecated. - Fixed possible ndAddr crash: return a const reference for cached strings. Signed-off-by: Darryl Sokoloski --- net/netifyd/Config.in | 16 ++++++++++++++++ net/netifyd/Makefile | 25 ++++++++++++++++++------- 2 files changed, 34 insertions(+), 7 deletions(-) create mode 100644 net/netifyd/Config.in diff --git a/net/netifyd/Config.in b/net/netifyd/Config.in new file mode 100644 index 000000000..e79a836f3 --- /dev/null +++ b/net/netifyd/Config.in @@ -0,0 +1,16 @@ +menu "Configuration" + depends on PACKAGE_netifyd + +config NETIFYD_BUILD_SHARED_LIBRARY + bool "Build the Agent as a shared library?" + default y + help + Build the Agent as a shared library when enabled, or statically link it otherwise. Statically linking can make debugging easier. + +config NETIFYD_WITH_LOCAL_LIBGCRYPT + bool "Link nDPI with the local system libgcrypt?" + default y + help + Link the Agent (and nDPI) against the local system libgcrypt, or use the bundled gcrypt lite version. + +endmenu diff --git a/net/netifyd/Makefile b/net/netifyd/Makefile index 8f05f6b7c..03f45af56 100644 --- a/net/netifyd/Makefile +++ b/net/netifyd/Makefile @@ -17,9 +17,13 @@ PKG_BUILD_FLAGS:=gc-sections PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://gitlab.com/netify.ai/public/netify-agent.git -PKG_SOURCE_DATE:=2023-03-03 -PKG_SOURCE_VERSION:=v4.4.1 -PKG_MIRROR_HASH:=aa3522b6d86e113943abacd50b235738e6452991a36864ec70f5db5b7bec6d13 +PKG_SOURCE_DATE:=2023-08-10 +PKG_SOURCE_VERSION:=v4.4.7 +PKG_MIRROR_HASH:=389fb77e4d6920e94ab9c6febd0049ecd3a34c6b073f3dfb7f204775f3389f07 + +PKG_CONFIG_DEPENDS:= \ + CONFIG_NETIFYD_BUILD_SHARED_LIBRARY \ + CONFIG_NETIFYD_WITH_LOCAL_LIBGCRYPT include $(INCLUDE_DIR)/package.mk @@ -28,11 +32,12 @@ define Package/netifyd CATEGORY:=Network TITLE:=Netify Agent URL:=http://www.netify.ai/ - DEPENDS:=+ca-bundle +libcurl +libmnl +libnetfilter-conntrack +libpcap +zlib +libpthread @!USE_UCLIBC + DEPENDS:=+ca-bundle +libatomic +libcurl +libmnl +libnetfilter-conntrack +libpcap +zlib +libpthread @!USE_UCLIBC # Explicitly depend on libstdcpp rather than $(CXX_DEPENDS). At the moment # std::unordered_map is only available via libstdcpp which is required for # performance reasons. DEPENDS+=+libstdcpp + DEPENDS+=+NETIFYD_WITH_LOCAL_LIBGCRYPT:libgcrypt endef define Package/netifyd/description @@ -43,6 +48,10 @@ server. Flow metadata, network statistics, and detection classifications are JSON encoded for easy consumption by third-party applications. endef +define Package/netifyd/config + source "$(SOURCE)/Config.in" +endef + define Package/netifyd/conffiles /etc/netifyd.conf /etc/config/netifyd @@ -55,6 +64,8 @@ TARGET_CFLAGS+=-Wno-psabi TARGET_CXXFLAGS+=-std=c++11 -Wno-psabi CONFIGURE_ARGS+= \ + $(if $(CONFIG_NETIFYD_BUILD_SHARED_LIBRARY),--enable-shared,--disable-shared) \ + $(if $(CONFIG_NETIFYD_WITH_LOCAL_LIBGCRYPT),--with-local-libgcrypt,--without-local-libgcrypt) \ --sharedstatedir=/var/run \ --enable-lean-and-mean \ --disable-libtcmalloc \ @@ -72,7 +83,6 @@ CONFIGURE_ARGS+= \ --without-libcurl-zlib endif - define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include/netifyd $(CP) $(PKG_INSTALL_DIR)/usr/include/netifyd/*.h $(1)/usr/include/netifyd @@ -85,7 +95,8 @@ define Build/InstallDev $(INSTALL_DIR) $(1)/usr/include/ndpi $(CP) $(PKG_INSTALL_DIR)/usr/include/ndpi/*.h $(1)/usr/include/ndpi $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetifyd.{a,so*} $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetifyd.a $(1)/usr/lib + $(if $(CONFIG_NETIFYD_BUILD_SHARED_LIBRARY),$(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetifyd.so.* $(1)/usr/lib,) $(INSTALL_DIR) $(1)/usr/lib/pkgconfig $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/libnetifyd.pc $(1)/usr/lib/pkgconfig endef @@ -100,7 +111,7 @@ define Package/netifyd/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/netifyd $(1)/usr/sbin $(INSTALL_DIR) $(1)/usr/lib - $(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetifyd.so.* $(1)/usr/lib + $(if $(CONFIG_NETIFYD_BUILD_SHARED_LIBRARY),$(CP) $(PKG_INSTALL_DIR)/usr/lib/libnetifyd.so.* $(1)/usr/lib,) $(INSTALL_DIR) $(1)/etc/netify.d $(INSTALL_DATA) $(PKG_BUILD_DIR)/deploy/netify-apps.conf $(1)/etc/netify.d $(INSTALL_DATA) $(PKG_BUILD_DIR)/deploy/netify-categories.json $(1)/etc/netify.d From 3d11e5c197e250f0a32ca813ff07d480b59311d0 Mon Sep 17 00:00:00 2001 From: Hirokazu MORIKAWA Date: Fri, 22 Sep 2023 10:36:43 +0900 Subject: [PATCH 12/29] mg: switch pcre to pcre2 Switch pcre to pcre2 https://github.com/openwrt/packages/issues/22006 Signed-off-by: Hirokazu MORIKAWA --- utils/mg/Makefile | 4 ++-- utils/mg/patches/001-cross_compile_openwrt.patch | 2 +- utils/mg/patches/901-use_pcre.patch | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/utils/mg/Makefile b/utils/mg/Makefile index d310acff8..5c8e18b81 100644 --- a/utils/mg/Makefile +++ b/utils/mg/Makefile @@ -6,7 +6,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mg PKG_VERSION:=7.3 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ibara/mg/tar.gz/$(PKG_NAME)-$(PKG_VERSION)? @@ -22,7 +22,7 @@ include $(INCLUDE_DIR)/package.mk define Package/mg SECTION:=utils CATEGORY:=Utilities - DEPENDS:=+libncurses +libpcre + DEPENDS:=+libncurses +libpcre2 TITLE:=microscopic EMACS style editor URL:=https://github.com/ibara/mg SUBMENU:=Editors diff --git a/utils/mg/patches/001-cross_compile_openwrt.patch b/utils/mg/patches/001-cross_compile_openwrt.patch index 4216294a4..3504eaac3 100644 --- a/utils/mg/patches/001-cross_compile_openwrt.patch +++ b/utils/mg/patches/001-cross_compile_openwrt.patch @@ -168,7 +168,7 @@ - ;; -esac +# OpenWrt -+libs='-lncurses -lpcreposix -lutil' ++libs='-lncurses -lpcre2-posix -lutil' +cflags="$cflags -D_GNU_SOURCE -D__dead=\"__attribute__((__noreturn__))\" -Dst_mtimespec=st_mtim" cat << EOF > config.h diff --git a/utils/mg/patches/901-use_pcre.patch b/utils/mg/patches/901-use_pcre.patch index 292f2eba7..4ae230a6b 100644 --- a/utils/mg/patches/901-use_pcre.patch +++ b/utils/mg/patches/901-use_pcre.patch @@ -5,7 +5,7 @@ #include #include -#include -+#include ++#include #include #include #include From c3c5018742a778fc973b127d243bda4c5a7099fa Mon Sep 17 00:00:00 2001 From: Tiago Gaspar Date: Wed, 30 Aug 2023 00:01:23 +0100 Subject: [PATCH 13/29] nginx: update nginx to 1.25.2 Update nginx to the latest version. This brings mainly fixes to HTTP/3 (QUIC). Signed-off-by: Tiago Gaspar --- net/nginx/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index 3251e69d4..b01f1ca5b 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=nginx -PKG_VERSION:=1.25.1 -PKG_RELEASE:=2 +PKG_VERSION:=1.25.2 +PKG_RELEASE:=1 PKG_SOURCE:=nginx-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://nginx.org/download/ -PKG_HASH:=f09071ac46e0ea3adc0008ef0baca229fc6b4be4533baef9bbbfba7de29a8602 +PKG_HASH:=05dd6d9356d66a74e61035f2a42162f8c754c97cf1ba64e7a801ba158d6c0711 PKG_MAINTAINER:=Thomas Heil \ Ansuel Smith From 7a585741e45c37b258df591c265e3402f4ffbbb5 Mon Sep 17 00:00:00 2001 From: Tiago Gaspar Date: Wed, 30 Aug 2023 00:51:54 +0100 Subject: [PATCH 14/29] nginx: brotli: update to the latest version Update brotli to the latest version. Signed-off-by: Tiago Gaspar --- net/nginx/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index b01f1ca5b..fef7f8b65 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -215,9 +215,9 @@ endef define Download/nginx-mod-brotli - VERSION:=e505dce68acc190cc5a1e780a3b0275e39f160ca + VERSION:=25f86f0bac1101b6512135eac5f93c49c63609e3 URL:=https://github.com/google/ngx_brotli.git - MIRROR_HASH:=04847f11ef808fed50f44b2af0ef3abf59ff0ffc06dfc7394d9ab51d53fef31f + MIRROR_HASH:=c85cdcfd76703c95aa4204ee4c2e619aa5b075cac18f428202f65552104add3b PROTO:=git endef From 382a089d088099ecc8ea33554e301a65c4a8dab4 Mon Sep 17 00:00:00 2001 From: Javier Marcet Date: Sun, 2 Jul 2023 15:33:53 +0200 Subject: [PATCH 15/29] luajit2: add OpenResty's mantained branch of luajit Add OpenResty's mantained branch of luajit. Required for nginx lua module to work correctly with their custom patches. Signed-off-by: Javier Marcet [ add commit description ] Signed-off-by: Christian Marangi --- lang/luajit2/Makefile | 91 +++++++++++++++++++++++++ lang/luajit2/patches/010-lua-path.patch | 13 ++++ 2 files changed, 104 insertions(+) create mode 100644 lang/luajit2/Makefile create mode 100644 lang/luajit2/patches/010-lua-path.patch diff --git a/lang/luajit2/Makefile b/lang/luajit2/Makefile new file mode 100644 index 000000000..ba002be5e --- /dev/null +++ b/lang/luajit2/Makefile @@ -0,0 +1,91 @@ +include $(TOPDIR)/rules.mk + +PKG_NAME:=luajit2 +PKG_VERSION:=2.1-20230410 +PKG_RELEASE:=1 + +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz +PKG_SOURCE_URL:=https://github.com/openresty/luajit2/archive/refs/tags/v$(PKG_VERSION).tar.gz? +PKG_HASH:=77bbcbb24c3c78f51560017288f3118d995fe71240aa379f5818ff6b166712ff + +PKG_MAINTAINER:=Javier Marcet +PKG_LICENSE:=MIT +PKG_LICENSE_FILES:=COPYRIGHT + +PKG_BUILD_FLAGS:=no-mips16 + +include $(INCLUDE_DIR)/package.mk +include $(INCLUDE_DIR)/host-build.mk + +define Package/luajit2 + SECTION:=lang + CATEGORY:=Languages + SUBMENU:=Lua + TITLE:=LuaJIT from OpenResty + URL:=https://www.luajit.org + DEPENDS:=@(i386||x86_64||arm||armeb||aarch64||powerpc||mips||mipsel||mips64) + PROVIDES:=luajit +endef + +define Package/luajit2/description + OpenResty's maintained branch of LuaJIT, a Just-In-Time (JIT) compiler for the Lua programming language +endef + +ifeq ($(HOST_ARCH),$(filter $(HOST_ARCH), x86_64 mips64)) + ifeq ($(CONFIG_ARCH_64BIT),) + HOST_BITS := -m32 + endif +endif + +define Build/Compile + $(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ + HOST_CC="$(HOSTCC) $(HOST_CFLAGS) $(HOST_BITS)" \ + CROSS="$(TARGET_CROSS)" \ + DPREFIX=$(PKG_INSTALL_DIR)/usr \ + PREFIX=/usr \ + TARGET_SYS=Linux \ + TARGET_CFLAGS="$(TARGET_CFLAGS)" \ + BUILDMODE=dynamic + $(RM) -rf $(PKG_INSTALL_DIR) + mkdir -p $(PKG_INSTALL_DIR) + $(MAKE) -C $(PKG_BUILD_DIR) \ + DPREFIX=$(PKG_INSTALL_DIR)/usr \ + PREFIX=/usr \ + TARGET_SYS=Linux \ + install +endef + +define Build/InstallDev + $(INSTALL_DIR) $(1)/usr/include/luajit-2.1 + $(CP) $(PKG_INSTALL_DIR)/usr/include/luajit-2.1/*.{h,hpp} $(1)/usr/include/luajit-2.1 + $(INSTALL_DIR) $(1)/usr/lib + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/lib/pkgconfig + $(CP) $(PKG_INSTALL_DIR)/usr/lib/pkgconfig/luajit.pc $(1)/usr/lib/pkgconfig/ + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-* $(1)/usr/bin/$(PKG_NAME) +endef + +define Package/luajit2/install + $(INSTALL_DIR) $(1)/usr/lib/ + $(CP) $(PKG_INSTALL_DIR)/usr/lib/*.so* $(1)/usr/lib/ + $(INSTALL_DIR) $(1)/usr/bin + $(CP) $(PKG_INSTALL_DIR)/usr/bin/luajit-* $(1)/usr/bin/$(PKG_NAME) +endef + +define Host/Compile + $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) \ + DPREFIX=$(STAGING_DIR_HOSTPKG) \ + TARGET_CFLAGS="$(HOST_CFLAGS)" \ + TARGET_LDFLAGS="$(HOST_LDFLAGS)" +endef + +define Host/Install + $(MAKE) $(HOST_JOBS) -C $(HOST_BUILD_DIR) \ + DPREFIX=$(STAGING_DIR_HOSTPKG) \ + install + $(CP) $(STAGING_DIR_HOSTPKG)/bin/luajit-* $(STAGING_DIR_HOSTPKG)/bin/$(PKG_NAME) +endef + +$(eval $(call HostBuild,luajit2)) +$(eval $(call BuildPackage,luajit2)) diff --git a/lang/luajit2/patches/010-lua-path.patch b/lang/luajit2/patches/010-lua-path.patch new file mode 100644 index 000000000..f752002d2 --- /dev/null +++ b/lang/luajit2/patches/010-lua-path.patch @@ -0,0 +1,13 @@ +--- a/src/luaconf.h ++++ b/src/luaconf.h +@@ -35,8 +35,8 @@ + #ifndef LUA_LMULTILIB + #define LUA_LMULTILIB "lib" + #endif +-#define LUA_LROOT "/usr/local" +-#define LUA_LUADIR "/lua/5.1/" ++#define LUA_LROOT "/usr" ++#define LUA_LUADIR "/lua/" + #define LUA_LJDIR "/luajit-2.1.0-beta3/" + + #ifdef LUA_ROOT From 266be55d55d38d14d4a26dad5bea7c7ed09ee2d6 Mon Sep 17 00:00:00 2001 From: Javier Marcet Date: Fri, 30 Jun 2023 13:28:53 +0200 Subject: [PATCH 16/29] nginx: add required modules for Openresty lua module Add nginx-mod-lua-resty-core and nginx-mod-lua-resty-lrucache new module required for the lua module to correctly works. The module are based on luajit2 from Openresty. Signed-off-by: Javier Marcet [ improve commit description/tile and fix redundant dependency ] Signed-off-by: Christian Marangi --- net/nginx/Makefile | 51 +++++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 48 insertions(+), 3 deletions(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index fef7f8b65..fe5e033b3 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -29,6 +29,8 @@ PKG_BUILD_FLAGS:=gc-sections PKG_MOD_EXTRA := \ geoip2 \ lua \ + lua-resty-core \ + lua-resty-lrucache \ rtmp \ dav-ext \ naxsi \ @@ -206,6 +208,33 @@ define Download/nginx-mod-geoip2 PROTO:=git endef +define Package/nginx-mod-lua-resty-lrucache + $(call Package/nginx/default) + DEPENDS:=+luajit2 + TITLE:=Nginx Lua OpenResty lrucache module +endef + +define Package/nginx-mod-lua-resty-core + $(call Package/nginx/default) + DEPENDS:=+nginx-mod-lua-resty-lrucache + TITLE:=Nginx Lua OpenResty core module +endef + +define Package/nginx-mod-lua-resty-lrucache/install + $(INSTALL_DIR) $(1)/usr/lib/lua/resty/lrucache + $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-mod-lua-resty-lrucache/lib/resty/*.lua $(1)/usr/lib/lua/resty + $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-mod-lua-resty-lrucache/lib/resty/lrucache/*.lua $(1)/usr/lib/lua/resty/lrucache +endef + +define Package/nginx-mod-lua-resty-core/install + $(INSTALL_DIR) $(1)/usr/lib/lua/ngx/ssl + $(INSTALL_DIR) $(1)/usr/lib/lua/resty/core + $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-mod-lua-resty-core/lib/ngx/*.lua $(1)/usr/lib/lua/ngx + $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-mod-lua-resty-core/lib/ngx/ssl/*.lua $(1)/usr/lib/lua/ngx/ssl + $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-mod-lua-resty-core/lib/resty/*.lua $(1)/usr/lib/lua/resty + $(INSTALL_BIN) $(PKG_BUILD_DIR)/nginx-mod-lua-resty-core/lib/resty/core/*.lua $(1)/usr/lib/lua/resty/core +endef + define Download/nginx-mod-headers-more VERSION:=bea1be3bbf6af28f6aa8cf0c01c07ee1637e2bd0 URL:=https://github.com/openresty/headers-more-nginx-module.git @@ -249,6 +278,20 @@ define Download/nginx-mod-lua PROTO:=git endef +define Download/nginx-mod-lua-resty-core + VERSION:=698d7de385c7d58d00f4853b6a9ab2ab10243ca5 + URL:=https://github.com/openresty/lua-resty-core.git + MIRROR_HASH:=366f24e1ba6221e34f6ba20ab29146438438f88c89fd71f9500d169b3f5aedf0 + PROTO:=git +endef + +define Download/nginx-mod-lua-resty-lrucache + VERSION:=a79615ec9dc547fdb4aaee59ef8f5a50648ce9fd + URL:=https://github.com/openresty/lua-resty-lrucache.git + MIRROR_HASH:=7122a7f5f00fa0a1bb8e84f82fe1cc4ad7c368093508a8c04948b1c8d770a88f + PROTO:=git +endef + define Download/nginx-mod-dav-ext VERSION:=f5e30888a256136d9c550bf1ada77d6ea78a48af URL:=https://github.com/arut/nginx-dav-ext-module.git @@ -408,16 +451,18 @@ CONFIGURE_ARGS += \ $(if $(call IsEnabled,NGINX_HTTP_SUB),--with-http_sub_module) \ $(if $(CONFIG_PACKAGE_nginx-mod-stream),--with-stream=dynamic --with-stream_ssl_module --with-stream_ssl_preread_module) \ $(if $(CONFIG_PACKAGE_nginx-mod-naxsi),--add-dynamic-module=$(PKG_BUILD_DIR)/nginx-mod-naxsi/naxsi_src) \ - $(foreach m,$(filter-out naxsi,$(PKG_MOD_EXTRA)), \ + $(foreach m,$(filter-out lua-resty-core lua-resty-lrucache naxsi,$(PKG_MOD_EXTRA)), \ $(if $(CONFIG_PACKAGE_nginx-mod-$(m)),--add-dynamic-module=$(PKG_BUILD_DIR)/nginx-mod-$(m))) $(eval $(call BuildPackage,nginx-ssl)) $(eval $(call BuildPackage,nginx-full)) $(eval $(call BuildPackage,nginx-mod-luci)) +$(eval $(call BuildPackage,nginx-mod-lua-resty-lrucache)) +$(eval $(call BuildPackage,nginx-mod-lua-resty-core)) $(eval $(call BuildModule,stream,+@NGINX_STREAM_CORE_MODULE, \ ngx_stream, Add support for NGINX request streaming.)) -$(eval $(call BuildModule,lua,+luajit,ngx_http_lua, \ - Enable Lua module)) +$(eval $(call BuildModule,lua,+nginx-mod-lua-resty-core,ngx_http_lua, \ + Enable Lua module (luajit2 based, OpenResty patches))) $(eval $(call BuildModule,ubus,+libubus +libjson-c +libblobmsg-json +@NGINX_UBUS, \ ngx_http_ubus,Enable UBUS api support directly from the server.)) $(eval $(call BuildModule,dav-ext,+@NGINX_DAV +libxml2,ngx_http_dav_ext, \ From fa1001268c91aa249a010ff851e96c012d7d3ebb Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 14:43:35 +0200 Subject: [PATCH 17/29] nginx: update lua modules to latest git HEAD Update lua modules to latest git HEAD to prepare for support for PCRE2 patches. Signed-off-by: Christian Marangi --- net/nginx/Makefile | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index fe5e033b3..ee223668c 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -272,23 +272,23 @@ define Download/nginx-mod-naxsi endef define Download/nginx-mod-lua - VERSION:=68acad14e4a8f42e31d4a4bb5ed44d6f5b55fc1c + VERSION:=c89469e920713d17d703a5f3736c9335edac22bf URL:=https://github.com/openresty/lua-nginx-module.git - MIRROR_HASH:=366f24e1ba6221e34f6ba20ab29146438438f88c89fd71f9500d169b3f5aedf0 + MIRROR_HASH:=dd66465f65c094a1ddfff2035bff4da870b7c6b7e033d307a9806a6df290a1a5 PROTO:=git endef define Download/nginx-mod-lua-resty-core - VERSION:=698d7de385c7d58d00f4853b6a9ab2ab10243ca5 + VERSION:=2e2b2adaa61719972fe4275fa4c3585daa0dcd84 URL:=https://github.com/openresty/lua-resty-core.git - MIRROR_HASH:=366f24e1ba6221e34f6ba20ab29146438438f88c89fd71f9500d169b3f5aedf0 + MIRROR_HASH:=4bfc267fd027161f88fcbeacce38e6bd13ba894a581c2d6dfe78ee270b1a473c PROTO:=git endef define Download/nginx-mod-lua-resty-lrucache - VERSION:=a79615ec9dc547fdb4aaee59ef8f5a50648ce9fd + VERSION:=52f5d00403c8b7aa8a4d4f3779681976b10a18c1 URL:=https://github.com/openresty/lua-resty-lrucache.git - MIRROR_HASH:=7122a7f5f00fa0a1bb8e84f82fe1cc4ad7c368093508a8c04948b1c8d770a88f + MIRROR_HASH:=618a972574b6b1db1eebf4046d9a471ac03ec092bb825136ba975928d4af2351 PROTO:=git endef From 6bba36078e8a440d84c47eb9cb0e26fea3b4b281 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 14:44:44 +0200 Subject: [PATCH 18/29] nginx: add patches to lua modules for experimental PCRE2 support Add patches to lua modules for experimental PCRE2 support. Signed-off-by: Christian Marangi --- .../001-feature_support_pcre2.patch | 389 ++++ .../001-feature_support_pcre2.patch | 2009 +++++++++++++++++ .../nginx-mod-lua/100-no_by_lua_block.patch | 48 +- 3 files changed, 2422 insertions(+), 24 deletions(-) create mode 100644 net/nginx/patches/nginx-mod-lua-resty-core/001-feature_support_pcre2.patch create mode 100644 net/nginx/patches/nginx-mod-lua/001-feature_support_pcre2.patch diff --git a/net/nginx/patches/nginx-mod-lua-resty-core/001-feature_support_pcre2.patch b/net/nginx/patches/nginx-mod-lua-resty-core/001-feature_support_pcre2.patch new file mode 100644 index 000000000..a6b1c58e7 --- /dev/null +++ b/net/nginx/patches/nginx-mod-lua-resty-core/001-feature_support_pcre2.patch @@ -0,0 +1,389 @@ +From f72675beb5835b4ac31d7476de1580be767209d8 Mon Sep 17 00:00:00 2001 +From: swananan +Date: Thu, 31 Aug 2023 00:12:07 +0800 +Subject: [PATCH] feature: support pcre2 + +--- + .travis.yml | 26 +++++++++++++----------- + lib/resty/core/regex.lua | 43 ++++++++++++++++++++++++++++++---------- + t/re-base.t | 25 +++++++++++++++++------ + t/re-gmatch.t | 10 +++++++--- + t/re-match.t | 7 +++++-- + t/re-opt.t | 9 +++++++-- + t/stream/re-base.t | 27 +++++++++++++++++++------ + t/stream/re-gmatch.t | 10 +++++++--- + t/stream/re-match.t | 7 +++++-- + t/stream/re-opt.t | 9 +++++++-- + 10 files changed, 125 insertions(+), 48 deletions(-) + +--- a/nginx-mod-lua-resty-core/.travis.yml ++++ b/nginx-mod-lua-resty-core/.travis.yml +@@ -34,9 +34,13 @@ env: + - LUA_INCLUDE_DIR=$LUAJIT_INC + - LUA_CMODULE_DIR=/lib + - PCRE_VER=8.45 ++ - PCRE2_VER=10.37 + - PCRE_PREFIX=/opt/pcre ++ - PCRE2_PREFIX=/opt/pcre2 + - PCRE_LIB=$PCRE_PREFIX/lib ++ - PCRE2_LIB=$PCRE2_PREFIX/lib + - PCRE_INC=$PCRE_PREFIX/include ++ - PCRE2_INC=$PCRE2_PREFIX/include + - OPENSSL_PREFIX=/opt/ssl + - OPENSSL_LIB=$OPENSSL_PREFIX/lib + - OPENSSL_INC=$OPENSSL_PREFIX/include +@@ -45,7 +49,7 @@ env: + - TEST_NGINX_RANDOMIZE=1 + - LUACHECK_VER=0.21.1 + matrix: +- - NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.1u OPENSSL_PATCH_VER=1.1.1f ++ - NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.1u OPENSSL_PATCH_VER=1.1.1f USE_PCRE2=Y + - NGINX_VERSION=1.21.4 OPENSSL_VER=1.1.1u OPENSSL_PATCH_VER=1.1.1f + + services: +@@ -61,11 +65,12 @@ before_install: + install: + - if [ ! -d download-cache ]; then mkdir download-cache; fi + - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi +- - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache http://ftp.cs.stanford.edu/pub/exim/pcre/pcre-$PCRE_VER.tar.gz; fi ++ - if [ "$USE_PCRE2" != "Y" ] && [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache http://ftp.cs.stanford.edu/pub/exim/pcre/pcre-$PCRE_VER.tar.gz; fi ++ - if [ "$USE_PCRE2" = "Y" ] && [ ! -f download-cache/pcre2-$PCRE2_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre2/${PCRE2_VER}/pcre2-${PCRE2_VER}.tar.gz; fi + - git clone https://github.com/openresty/openresty.git ../openresty + - git clone https://github.com/openresty/openresty-devel-utils.git + - git clone https://github.com/simpl/ngx_devel_kit.git ../ndk-nginx-module +- - git clone https://github.com/openresty/lua-nginx-module.git ../lua-nginx-module ++ - git clone https://github.com/swananan/lua-nginx-module.git -b support_pcre2 ../lua-nginx-module + - git clone https://github.com/openresty/no-pool-nginx.git ../no-pool-nginx + - git clone https://github.com/openresty/echo-nginx-module.git ../echo-nginx-module + - git clone https://github.com/openresty/lua-resty-lrucache.git +@@ -73,8 +78,8 @@ install: + - git clone -b v2.1-agentzh https://github.com/openresty/luajit2.git luajit2 + - git clone https://github.com/openresty/set-misc-nginx-module.git ../set-misc-nginx-module + - git clone https://github.com/openresty/mockeagain.git +- - git clone https://github.com/openresty/test-nginx.git +- - git clone https://github.com/openresty/stream-lua-nginx-module.git ../stream-lua-nginx-module ++ - git clone https://github.com/swananan/test-nginx.git -b support_pcre2 ++ - git clone https://github.com/swananan/stream-lua-nginx-module.git -b support_pcre2 ../stream-lua-nginx-module + + script: + - cd luajit2/ +@@ -89,12 +94,8 @@ script: + - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) + - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1) + - cd ../mockeagain/ && make CC=$CC -j$JOBS && cd .. +- - tar zxf download-cache/pcre-$PCRE_VER.tar.gz +- - cd pcre-$PCRE_VER/ +- - ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1) +- - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) +- - sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1) +- - cd .. ++ - if [ "$USE_PCRE2" != "Y" ]; then tar zxf download-cache/pcre-$PCRE_VER.tar.gz; cd pcre-$PCRE_VER/; ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi ++ - if [ "$USE_PCRE2" = "Y" ]; then tar zxf download-cache/pcre2-$PCRE2_VER.tar.gz; cd pcre2-$PCRE2_VER/; ./configure --prefix=$PCRE2_PREFIX --enable-jit --enable-utf > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi + - export PATH=$PWD/work/nginx/sbin:$PWD/openresty-devel-utils:$PATH + - export LD_PRELOAD=$PWD/mockeagain/mockeagain.so + - export LD_LIBRARY_PATH=$PWD/mockeagain:$LD_LIBRARY_PATH +@@ -104,7 +105,8 @@ script: + - export disable_pcre2=--without-pcre2 + - answer=`util/ver-ge "$NGINX_VERSION" 1.25.1` + - if [ "$OPENSSL_VER" = "1.1.0l" ] || [ "$answer" = "N" ]; then add_http3_module=""; fi +- - if [ "$answer" = "N" ]; then disable_pcre2=""; fi ++ - if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then disable_pcre2=""; fi ++ - if [ "$USE_PCRE2" = "Y" ]; then PCRE_INC=$PCRE2_INC; PCRE_LIB=$PCRE2_LIB; fi + - ngx-build $NGINX_VERSION --with-ipv6 $disable_pcre2 $add_http3_module --with-http_realip_module --with-http_ssl_module --with-pcre-jit --with-cc-opt="-I$OPENSSL_INC -I$PCRE_INC" --with-ld-opt="-L$OPENSSL_LIB -Wl,-rpath,$OPENSSL_LIB -L$PCRE_LIB -Wl,-rpath,$PCRE_LIB" --add-module=../ndk-nginx-module --add-module=../echo-nginx-module --add-module=../set-misc-nginx-module --add-module=../headers-more-nginx-module --add-module=../lua-nginx-module --with-debug --with-stream_ssl_module --with-stream --with-ipv6 --add-module=../stream-lua-nginx-module > build.log 2>&1 || (cat build.log && exit 1) + - nginx -V + - ldd `which nginx`|grep -E 'luajit|ssl|pcre' +--- a/nginx-mod-lua-resty-core/lib/resty/core/regex.lua ++++ b/nginx-mod-lua-resty-core/lib/resty/core/regex.lua +@@ -82,7 +82,7 @@ if not pcall(function() pcre_ver = ffi_s + end + + +-local MAX_ERR_MSG_LEN = 128 ++local MAX_ERR_MSG_LEN = 256 + + + local FLAG_COMPILE_ONCE = 0x01 +@@ -102,6 +102,7 @@ local PCRE_DUPNAMES = 0x0080000 + local PCRE_JAVASCRIPT_COMPAT = 0x2000000 + + ++-- PCRE2_ERROR_NOMATCH uses the same value + local PCRE_ERROR_NOMATCH = -1 + + +@@ -135,22 +136,44 @@ local ngx_lua_ffi_script_eval_data + -- TODO: improve this workaround when PCRE allows for unspecifying the MAP_JIT + -- option. + local no_jit_in_init ++local pcre_ver_num + +-if jit.os == "OSX" then +- local maj, min = string.match(pcre_ver, "^(%d+)%.(%d+)") +- if maj and min then +- local pcre_ver_num = tonumber(maj .. min) +- +- if pcre_ver_num >= 843 then +- no_jit_in_init = true +- end ++local maj, min = string.match(pcre_ver, "^(%d+)%.(%d+)") ++if maj and min then ++ pcre_ver_num = tonumber(maj .. min) ++end + +- else ++if jit.os == "OSX" then ++ if pcre_ver_num == nil then + -- assume this version is faulty as well + no_jit_in_init = true ++ ++ -- PCRE2 is also subject to this issue on macOS ++ elseif pcre_ver_num >= 843 then ++ no_jit_in_init = true + end + end + ++-- pcre2 ++if pcre_ver_num > 845 then ++ -- option ++ PCRE_CASELESS = 0x00000008 ++ PCRE_MULTILINE = 0x00000400 ++ PCRE_DOTALL = 0x00000020 ++ PCRE_EXTENDED = 0x00000080 ++ PCRE_ANCHORED = 0x80000000 ++ PCRE_UTF8 = 0x00080000 ++ PCRE_DUPNAMES = 0x00000040 ++ -- In the pcre2, The PCRE_JAVASCRIPT_COMPAT option has been split into ++ -- independent functional options PCRE2_ALT_BSUX, PCRE2_ALLOW_EMPTY_CLASS, ++ -- and PCRE2_MATCH_UNSET_BACKREF. ++ local PCRE2_ALT_BSUX = 0x00000002 ++ local PCRE2_ALLOW_EMPTY_CLASS = 0x00000001 ++ local PCRE2_MATCH_UNSET_BACKREF = 0x00000200 ++ PCRE_JAVASCRIPT_COMPAT = bor(PCRE2_ALT_BSUX, PCRE2_ALLOW_EMPTY_CLASS) ++ PCRE_JAVASCRIPT_COMPAT = bor(PCRE2_MATCH_UNSET_BACKREF, ++ PCRE_JAVASCRIPT_COMPAT) ++end + + if subsystem == 'http' then + ffi.cdef[[ +--- a/nginx-mod-lua-resty-core/t/re-base.t ++++ b/nginx-mod-lua-resty-core/t/re-base.t +@@ -26,8 +26,11 @@ __DATA__ + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -63,8 +66,11 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /t +---- response_body_like chop +-error: pcre_exec\(\) failed: -10 ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] +@@ -128,6 +134,7 @@ probe process("$LIBPCRE_PATH").function( + printf("exec opts: %x\n", $options) + } + ++# TODO: PCRE2 use different option values from PCRE + --- stap_out + compile opts: 800 + exec opts: 0 +@@ -172,8 +179,14 @@ end + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"failed to match\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua-resty-core/t/re-gmatch.t ++++ b/nginx-mod-lua-resty-core/t/re-gmatch.t +@@ -446,9 +446,13 @@ matched: nil + } + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -10 +-not matched ++--- response_body eval ++# PCRE2_ERROR_UTF8_ERR2 (-4) ++# PCRE_ERROR_BADUTF8 (-10) ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\nnot matched\n" ++: ++"error: pcre_exec\(\) failed: -10\nnot matched\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua-resty-core/t/re-match.t ++++ b/nginx-mod-lua-resty-core/t/re-match.t +@@ -306,8 +306,11 @@ NYI + } + --- request + GET /re +---- response_body_like chop +-error: pcre_compile\(\) failed: two named subpatterns have the same name ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile\(\) failed: two named subpatterns have the same name \(PCRE2_DUPNAMES not set\) in \"\(\?[a-z])\(\?[a-z]+\), [0-9]+\" at \"[a-z]+\), [0-9]+\"\n" ++: ++"error: pcre_compile\(\) failed: two named subpatterns have the same name in \"\(\?[a-z])\(\?[a-z]+\), [0-9]+\" at \">[a-z]+\), [0-9]+\"\n" + + --- error_log eval + qr/\[TRACE\s+\d+/ +--- a/nginx-mod-lua-resty-core/t/re-opt.t ++++ b/nginx-mod-lua-resty-core/t/re-opt.t +@@ -39,8 +39,13 @@ __DATA__ + } + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -27 ++--- response_body eval ++# PCRE2_ERROR_JIT_STACKLIMIT (-46) ++# PCRE_ERROR_JIT_STACKLIMIT (-27) ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -46\n" ++: ++"error: pcre_exec\(\) failed: -27\n" + --- no_error_log + [error] + --- timeout: 10 +--- a/nginx-mod-lua-resty-core/t/stream/re-base.t ++++ b/nginx-mod-lua-resty-core/t/stream/re-base.t +@@ -22,8 +22,11 @@ __DATA__ + ngx.say("error: ", err) + end + } +---- stream_response +-error: pcre_compile() failed: missing ) in "(abc" ++--- stream_response eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -55,12 +58,17 @@ error: pcre_compile() failed: missing ) + ngx.say("not matched") + end + } +---- stream_response_like chop +-error: pcre_exec\(\) failed: -10 ++--- stream_response eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] + ++--- ONLY ++ + + + === TEST 3: UTF-8 mode without UTF-8 sequence checks +@@ -114,6 +122,7 @@ probe process("$LIBPCRE_PATH").function( + printf("exec opts: %x\n", $options) + } + ++# TODO: PCRE2 use different option values from PCRE + --- stap_out + compile opts: 800 + exec opts: 0 +@@ -152,8 +161,14 @@ if not res then + return + end + +---- stream_response +-error: pcre_exec() failed: -8 ++--- stream_response eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"failed to match\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua-resty-core/t/stream/re-gmatch.t ++++ b/nginx-mod-lua-resty-core/t/stream/re-gmatch.t +@@ -394,9 +394,13 @@ matched: nil + ngx.say("not matched") + end + } +---- stream_response +-error: pcre_exec() failed: -10 +-not matched ++--- stream_response eval ++# PCRE2_ERROR_UTF8_ERR2 (-4) ++# PCRE_ERROR_BADUTF8 (-10) ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\nnot matched\n" ++: ++"error: pcre_exec\(\) failed: -10\nnot matched\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua-resty-core/t/stream/re-match.t ++++ b/nginx-mod-lua-resty-core/t/stream/re-match.t +@@ -268,8 +268,11 @@ NYI + ngx.say("not matched!") + end + } +---- stream_response_like chop +-error: pcre_compile\(\) failed: two named subpatterns have the same name ++--- stream_response eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile\(\) failed: two named subpatterns have the same name \(PCRE2_DUPNAMES not set\) in \"\(\?[a-z])\(\?[a-z]+\), [0-9]+\" at \"[a-z]+\), [0-9]+\"\n" ++: ++"error: pcre_compile\(\) failed: two named subpatterns have the same name in \"\(\?[a-z])\(\?[a-z]+\), [0-9]+\" at \">[a-z]+\), [0-9]+\"\n" + + --- error_log eval + qr/\[TRACE\s+\d+/ +--- a/nginx-mod-lua-resty-core/t/stream/re-opt.t ++++ b/nginx-mod-lua-resty-core/t/stream/re-opt.t +@@ -36,8 +36,13 @@ __DATA__ + ngx.say("not matched!") + end + } +---- stream_response +-error: pcre_exec() failed: -27 ++--- stream_response eval ++# PCRE2_ERROR_JIT_STACKLIMIT (-46) ++# PCRE_ERROR_JIT_STACKLIMIT (-27) ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -46\n" ++: ++"error: pcre_exec\(\) failed: -27\n" + --- no_error_log + [error] + --- timeout: 10 diff --git a/net/nginx/patches/nginx-mod-lua/001-feature_support_pcre2.patch b/net/nginx/patches/nginx-mod-lua/001-feature_support_pcre2.patch new file mode 100644 index 000000000..b789984aa --- /dev/null +++ b/net/nginx/patches/nginx-mod-lua/001-feature_support_pcre2.patch @@ -0,0 +1,2009 @@ +From 26b48c5a9d1b35990064ddcd686f587c663b6048 Mon Sep 17 00:00:00 2001 +From: swananan +Date: Tue, 5 Sep 2023 18:42:20 +0800 +Subject: [PATCH 1/4] feature: support pcre2 + +--- + .travis.yml | 23 +- + src/ngx_http_lua_common.h | 10 +- + src/ngx_http_lua_module.c | 14 + + src/ngx_http_lua_pcrefix.c | 89 +++++- + src/ngx_http_lua_pcrefix.h | 9 +- + src/ngx_http_lua_regex.c | 538 +++++++++++++++++++++++++++++++------ + t/028-req-header.t | 1 - + t/034-match.t | 32 ++- + t/035-gmatch.t | 24 +- + t/036-sub.t | 24 +- + t/037-gsub.t | 17 +- + t/038-match-o.t | 7 +- + t/047-match-jit.t | 18 +- + t/049-gmatch-jit.t | 7 +- + t/050-gmatch-dfa.t | 7 +- + t/051-sub-jit.t | 14 +- + t/052-sub-dfa.t | 14 +- + t/053-gsub-jit.t | 14 +- + t/054-gsub-dfa.t | 14 +- + t/120-re-find.t | 25 +- + util/build-with-dd.sh | 6 +- + util/build-without-ssl.sh | 6 +- + util/build.sh | 6 +- + 23 files changed, 764 insertions(+), 155 deletions(-) + +--- a/nginx-mod-lua/.travis.yml ++++ b/nginx-mod-lua/.travis.yml +@@ -38,9 +38,13 @@ env: + - LUAJIT_INC=$LUAJIT_PREFIX/include/luajit-2.1 + - LUA_INCLUDE_DIR=$LUAJIT_INC + - PCRE_VER=8.45 ++ - PCRE2_VER=10.37 + - PCRE_PREFIX=/opt/pcre ++ - PCRE2_PREFIX=/opt/pcre2 + - PCRE_LIB=$PCRE_PREFIX/lib ++ - PCRE2_LIB=$PCRE2_PREFIX/lib + - PCRE_INC=$PCRE_PREFIX/include ++ - PCRE2_INC=$PCRE2_PREFIX/include + - OPENSSL_PREFIX=/opt/ssl + - OPENSSL_LIB=$OPENSSL_PREFIX/lib + - OPENSSL_INC=$OPENSSL_PREFIX/include +@@ -55,7 +59,7 @@ env: + - NGINX_VERSION=1.21.4 OPENSSL_VER=1.1.0l OPENSSL_PATCH_VER=1.1.0d + - NGINX_VERSION=1.21.4 OPENSSL_VER=1.1.1s OPENSSL_PATCH_VER=1.1.1f + - NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.0l OPENSSL_PATCH_VER=1.1.0d +- - NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.1s OPENSSL_PATCH_VER=1.1.1f ++ - NGINX_VERSION=1.25.1 OPENSSL_VER=1.1.1s OPENSSL_PATCH_VER=1.1.1f USE_PCRE2=Y + + services: + - memcached +@@ -71,9 +75,10 @@ before_install: + - pyenv global 2.7 + install: + - if [ ! -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz ]; then wget -P download-cache http://openresty.org/download/drizzle7-$DRIZZLE_VER.tar.gz; fi +- - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre/${PCRE_VER}/pcre-${PCRE_VER}.tar.gz; fi ++ - if [ "$USE_PCRE2" != "Y" ] && [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre/${PCRE_VER}/pcre-${PCRE_VER}.tar.gz; fi ++ - if [ "$USE_PCRE2" = "Y" ] && [ ! -f download-cache/pcre2-$PCRE2_VER.tar.gz ]; then wget -P download-cache https://downloads.sourceforge.net/project/pcre/pcre2/${PCRE2_VER}/pcre2-${PCRE2_VER}.tar.gz; fi + - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz || wget -P download-cache https://www.openssl.org/source/old/${OPENSSL_VER//[a-z]/}/openssl-$OPENSSL_VER.tar.gz; fi +- - git clone https://github.com/openresty/test-nginx.git ++ - git clone https://github.com/swananan/test-nginx.git -b support_pcre2 + - git clone https://github.com/openresty/openresty.git ../openresty + - git clone https://github.com/openresty/no-pool-nginx.git ../no-pool-nginx + - git clone https://github.com/openresty/openresty-devel-utils.git +@@ -91,12 +96,12 @@ install: + - git clone https://github.com/openresty/rds-json-nginx-module.git ../rds-json-nginx-module + - git clone https://github.com/openresty/srcache-nginx-module.git ../srcache-nginx-module + - git clone https://github.com/openresty/redis2-nginx-module.git ../redis2-nginx-module +- - git clone https://github.com/openresty/lua-resty-core.git ../lua-resty-core ++ - git clone https://github.com/swananan/lua-resty-core.git -b support_pcre2 ../lua-resty-core + - git clone https://github.com/openresty/lua-resty-lrucache.git ../lua-resty-lrucache + - git clone https://github.com/openresty/lua-resty-mysql.git ../lua-resty-mysql + - git clone https://github.com/spacewander/lua-resty-rsa.git ../lua-resty-rsa + - git clone https://github.com/openresty/lua-resty-string.git ../lua-resty-string +- - git clone https://github.com/openresty/stream-lua-nginx-module.git ../stream-lua-nginx-module ++ - git clone https://github.com/swananan/stream-lua-nginx-module.git -b support_pcre2 ../stream-lua-nginx-module + - git clone -b v2.1-agentzh https://github.com/openresty/luajit2.git luajit2 + + before_script: +@@ -121,12 +126,8 @@ script: + - sudo make install-libdrizzle-1.0 > build.log 2>&1 || (cat build.log && exit 1) + - cd ../mockeagain/ && make CC=$CC -j$JOBS && cd .. + - cd lua-cjson/ && make -j$JOBS && sudo make install && cd .. +- - tar zxf download-cache/pcre-$PCRE_VER.tar.gz +- - cd pcre-$PCRE_VER/ +- - ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1) +- - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) +- - sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1) +- - cd .. ++ - if [ "$USE_PCRE2" != "Y" ]; then tar zxf download-cache/pcre-$PCRE_VER.tar.gz; cd pcre-$PCRE_VER/; ./configure --prefix=$PCRE_PREFIX --enable-jit --enable-utf --enable-unicode-properties > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi ++ - if [ "$USE_PCRE2" = "Y" ]; then tar zxf download-cache/pcre2-$PCRE2_VER.tar.gz; cd pcre2-$PCRE2_VER/; ./configure --prefix=$PCRE2_PREFIX --enable-jit --enable-utf > build.log 2>&1 || (cat build.log && exit 1); make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1); sudo PATH=$PATH make install > build.log 2>&1 || (cat build.log && exit 1); cd ..; fi + - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz + - cd openssl-$OPENSSL_VER/ + - patch -p1 < ../../openresty/patches/openssl-$OPENSSL_PATCH_VER-sess_set_get_cb_yield.patch +--- a/nginx-mod-lua/src/ngx_http_lua_common.h ++++ b/nginx-mod-lua/src/ngx_http_lua_common.h +@@ -63,6 +63,10 @@ typedef struct { + # endif + #endif + ++#if (NGX_PCRE2) ++# define LUA_HAVE_PCRE_JIT 1 ++#endif ++ + + #if (nginx_version < 1006000) + # error at least nginx 1.6.0 is required but found an older version +@@ -217,11 +221,13 @@ struct ngx_http_lua_main_conf_s { + + ngx_hash_t builtin_headers_out; + +-#if (NGX_PCRE) ++#if (NGX_PCRE || NGX_PCRE2) + ngx_int_t regex_cache_entries; + ngx_int_t regex_cache_max_entries; + ngx_int_t regex_match_limit; +-# if (LUA_HAVE_PCRE_JIT) ++#if (NGX_PCRE2) ++ pcre2_jit_stack *jit_stack; ++#elif (LUA_HAVE_PCRE_JIT) + pcre_jit_stack *jit_stack; + # endif + #endif +--- a/nginx-mod-lua/src/ngx_http_lua_module.c ++++ b/nginx-mod-lua/src/ngx_http_lua_module.c +@@ -59,6 +59,9 @@ static char *ngx_http_lua_ssl_conf_comma + #endif + static char *ngx_http_lua_malloc_trim(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); ++#if (NGX_PCRE2) ++extern void ngx_http_lua_regex_cleanup(void *data); ++#endif + + + static ngx_conf_post_t ngx_http_lua_lowat_post = +@@ -855,6 +858,17 @@ ngx_http_lua_init(ngx_conf_t *cf) + cln->data = lmcf; + cln->handler = ngx_http_lua_sema_mm_cleanup; + ++#if (NGX_PCRE2) ++ /* add the cleanup of pcre2 regex */ ++ cln = ngx_pool_cleanup_add(cf->pool, 0); ++ if (cln == NULL) { ++ return NGX_ERROR; ++ } ++ ++ cln->data = lmcf; ++ cln->handler = ngx_http_lua_regex_cleanup; ++#endif ++ + #ifdef HAVE_NGX_LUA_PIPE + ngx_http_lua_pipe_init(); + #endif +--- a/nginx-mod-lua/src/ngx_http_lua_pcrefix.c ++++ b/nginx-mod-lua/src/ngx_http_lua_pcrefix.c +@@ -14,19 +14,65 @@ + #include "ngx_http_lua_pcrefix.h" + #include "stdio.h" + +-#if (NGX_PCRE) ++#if (NGX_PCRE || NGX_PCRE2) + + static ngx_pool_t *ngx_http_lua_pcre_pool = NULL; + ++ ++#if (NGX_PCRE2) ++static ngx_uint_t ngx_regex_direct_alloc; ++#else + static void *(*old_pcre_malloc)(size_t); + static void (*old_pcre_free)(void *ptr); ++#endif + + + /* XXX: work-around to nginx regex subsystem, must init a memory pool + * to use PCRE functions. As PCRE still has memory-leaking problems, + * and nginx overwrote pcre_malloc/free hooks with its own static + * functions, so nobody else can reuse nginx regex subsystem... */ +-static void * ++#if (NGX_PCRE2) ++ ++void * ++ngx_http_lua_pcre_malloc(size_t size, void *data) ++{ ++ dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); ++ ++ if (ngx_http_lua_pcre_pool) { ++ return ngx_palloc(ngx_http_lua_pcre_pool, size); ++ } ++ ++ if (ngx_regex_direct_alloc) { ++ return ngx_alloc(size, ngx_cycle->log); ++ } ++ ++ fprintf(stderr, "error: lua pcre malloc failed due to empty pcre pool"); ++ ++ return NULL; ++} ++ ++ ++void ++ngx_http_lua_pcre_free(void *ptr, void *data) ++{ ++ dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); ++ ++ if (ngx_http_lua_pcre_pool) { ++ ngx_pfree(ngx_http_lua_pcre_pool, ptr); ++ return; ++ } ++ ++ if (ngx_regex_direct_alloc) { ++ ngx_free(ptr); ++ return; ++ } ++ ++ fprintf(stderr, "error: lua pcre free failed due to empty pcre pool"); ++} ++ ++#else ++ ++void * + ngx_http_lua_pcre_malloc(size_t size) + { + dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); +@@ -54,6 +100,41 @@ ngx_http_lua_pcre_free(void *ptr) + fprintf(stderr, "error: lua pcre free failed due to empty pcre pool"); + } + ++#endif ++ ++ ++#if (NGX_PCRE2) ++ ++ngx_pool_t * ++ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool) ++{ ++ ngx_pool_t *old_pool; ++ ++ dd("lua pcre pool was %p", ngx_http_lua_pcre_pool); ++ ++ ngx_regex_direct_alloc = (pool == NULL) ? 1 : 0; ++ ++ old_pool = ngx_http_lua_pcre_pool; ++ ngx_http_lua_pcre_pool = pool; ++ ++ dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); ++ ++ return old_pool; ++} ++ ++ ++void ++ngx_http_lua_pcre_malloc_done(ngx_pool_t *old_pool) ++{ ++ dd("lua pcre pool was %p", ngx_http_lua_pcre_pool); ++ ++ ngx_http_lua_pcre_pool = old_pool; ++ ngx_regex_direct_alloc = 0; ++ ++ dd("lua pcre pool is %p", ngx_http_lua_pcre_pool); ++} ++ ++#else + + ngx_pool_t * + ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool) +@@ -101,6 +182,7 @@ ngx_http_lua_pcre_malloc_done(ngx_pool_t + } + } + +-#endif /* NGX_PCRE */ ++#endif ++#endif /* NGX_PCRE || NGX_PCRE2 */ + + /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ +--- a/nginx-mod-lua/src/ngx_http_lua_pcrefix.h ++++ b/nginx-mod-lua/src/ngx_http_lua_pcrefix.h +@@ -12,9 +12,16 @@ + #include "ngx_http_lua_common.h" + + +-#if (NGX_PCRE) ++#if (NGX_PCRE || NGX_PCRE2) ++ + ngx_pool_t *ngx_http_lua_pcre_malloc_init(ngx_pool_t *pool); + void ngx_http_lua_pcre_malloc_done(ngx_pool_t *old_pool); ++ ++#if NGX_PCRE2 ++void *ngx_http_lua_pcre_malloc(size_t size, void *data); ++void ngx_http_lua_pcre_free(void *ptr, void *data); ++#endif ++ + #endif + + +--- a/nginx-mod-lua/src/ngx_http_lua_regex.c ++++ b/nginx-mod-lua/src/ngx_http_lua_regex.c +@@ -9,21 +9,31 @@ + #endif + #include "ddebug.h" + +- +-#if (NGX_PCRE) ++#if (NGX_PCRE || NGX_PCRE2) + + #include "ngx_http_lua_pcrefix.h" + #include "ngx_http_lua_script.h" + #include "ngx_http_lua_util.h" + + +-#if (PCRE_MAJOR >= 6) ++#if (PCRE_MAJOR >= 6 || NGX_PCRE2) + # define LUA_HAVE_PCRE_DFA 1 + #else + # define LUA_HAVE_PCRE_DFA 0 + #endif + + ++#if (NGX_PCRE2) ++static pcre2_compile_context *ngx_regex_compile_context; ++static pcre2_match_context *ngx_regex_match_context; ++static pcre2_match_data *ngx_regex_match_data; ++static ngx_uint_t ngx_regex_match_data_size = 0; ++ ++#define PCRE2_VERSION_SIZE 64 ++static char ngx_pcre2_version[PCRE2_VERSION_SIZE]; ++#endif ++ ++ + #define NGX_LUA_RE_MODE_DFA (1<<1) + #define NGX_LUA_RE_MODE_JIT (1<<2) + #define NGX_LUA_RE_NO_UTF8_CHECK (1<<4) +@@ -42,8 +52,17 @@ typedef struct { + int ncaptures; + int *captures; + ++#if (NGX_PCRE2) ++ pcre2_code *regex; ++ /* ++ * pcre2 doesn't use pcre_extra any more, ++ * just for keeping same memory layout in the lua ffi cdef ++ */ ++ void *regex_sd; ++#else + pcre *regex; + pcre_extra *regex_sd; ++#endif + + ngx_http_lua_complex_value_t *replace; + +@@ -57,7 +76,11 @@ typedef struct { + ngx_pool_t *pool; + ngx_int_t options; + ++#if (NGX_PCRE2) ++ pcre2_code *regex; ++#else + pcre *regex; ++#endif + int captures; + ngx_str_t err; + } ngx_http_lua_regex_compile_t; +@@ -65,8 +88,12 @@ typedef struct { + + typedef struct { + ngx_http_request_t *request; ++#if (NGX_PCRE2) ++ pcre2_code *regex; ++#else + pcre *regex; + pcre_extra *regex_sd; ++#endif + int ncaptures; + int *captures; + int captures_len; +@@ -74,8 +101,6 @@ typedef struct { + } ngx_http_lua_regex_ctx_t; + + +-static void ngx_http_lua_regex_free_study_data(ngx_pool_t *pool, +- pcre_extra *sd); + static ngx_int_t ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc); + + +@@ -91,21 +116,155 @@ static ngx_int_t ngx_http_lua_regex_comp + + + static void +-ngx_http_lua_regex_free_study_data(ngx_pool_t *pool, pcre_extra *sd) ++ngx_http_lua_regex_free_study_data(ngx_pool_t *pool, ngx_http_lua_regex_t *re) + { +- ngx_pool_t *old_pool; ++ ngx_pool_t *old_pool; + +- old_pool = ngx_http_lua_pcre_malloc_init(pool); ++#if (NGX_PCRE2) ++ if (re && re->regex) { ++ old_pool = ngx_http_lua_pcre_malloc_init(pool); ++ ++ pcre2_code_free(re->regex); ++ ++ ngx_http_lua_pcre_malloc_done(old_pool); + ++ re->regex = NULL; ++ } ++#else ++ if (re && re->regex_sd) { ++ old_pool = ngx_http_lua_pcre_malloc_init(pool); + #if LUA_HAVE_PCRE_JIT +- pcre_free_study(sd); ++ pcre_free_study(re->regex_sd); + #else +- pcre_free(sd); ++ pcre_free(re->regex_sd); ++#endif ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ ++ re->regex_sd = NULL; ++ } + #endif ++} ++ ++ ++#if (NGX_PCRE2) ++static ngx_int_t ++ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc) ++{ ++ int n, errcode; ++ char *p; ++ size_t erroff; ++ u_char errstr[128]; ++ pcre2_code *re; ++ ngx_pool_t *old_pool; ++ pcre2_general_context *gctx; ++ pcre2_compile_context *cctx; ++ ++ ngx_http_lua_main_conf_t *lmcf; ++ ++ if (ngx_regex_compile_context == NULL) { ++ /* ++ * Allocate a compile context if not yet allocated. This uses ++ * direct allocations from heap, so the result can be cached ++ * even at runtime. ++ */ ++ ++ old_pool = ngx_http_lua_pcre_malloc_init(NULL); ++ ++ gctx = pcre2_general_context_create(ngx_http_lua_pcre_malloc, ++ ngx_http_lua_pcre_free, ++ NULL); ++ if (gctx == NULL) { ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ goto nomem; ++ } ++ ++ cctx = pcre2_compile_context_create(gctx); ++ if (cctx == NULL) { ++ pcre2_general_context_free(gctx); ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ goto nomem; ++ } ++ ++ ngx_regex_compile_context = cctx; ++ ++ ngx_regex_match_context = pcre2_match_context_create(gctx); ++ if (ngx_regex_match_context == NULL) { ++ pcre2_general_context_free(gctx); ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ goto nomem; ++ } ++ ++ lmcf = ngx_http_cycle_get_module_main_conf(ngx_cycle, ++ ngx_http_lua_module); ++ if (lmcf && lmcf->regex_match_limit > 0) { ++ pcre2_set_match_limit(ngx_regex_match_context, ++ lmcf->regex_match_limit); ++ } ++ ++ pcre2_general_context_free(gctx); ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ } ++ ++ old_pool = ngx_http_lua_pcre_malloc_init(rc->pool); ++ ++ re = pcre2_compile(rc->pattern.data, ++ rc->pattern.len, rc->options, ++ &errcode, &erroff, ngx_regex_compile_context); + + ngx_http_lua_pcre_malloc_done(old_pool); ++ ++ if (re == NULL) { ++ pcre2_get_error_message(errcode, errstr, 128); ++ ++ if ((size_t) erroff == rc->pattern.len) { ++ rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, ++ "pcre2_compile() failed: %s in \"%V\"", ++ errstr, &rc->pattern) ++ - rc->err.data; ++ ++ } else { ++ rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, ++ "pcre2_compile() failed: %s in " ++ "\"%V\" at \"%s\"", errstr, &rc->pattern, ++ rc->pattern.data + erroff) ++ - rc->err.data; ++ } ++ ++ return NGX_ERROR; ++ } ++ ++ rc->regex = re; ++ ++ n = pcre2_pattern_info(re, PCRE2_INFO_CAPTURECOUNT, &rc->captures); ++ if (n < 0) { ++ p = "pcre2_pattern_info(\"%V\", PCRE_INFO_CAPTURECOUNT) failed: %d"; ++ goto failed; ++ } ++ ++#if (NGX_DEBUG) ++ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, ++ "pcre2_compile: pattern[%V], options 0x%08Xd, ncaptures %d", ++ &rc->pattern, rc->options, rc->captures); ++#endif ++ ++ return NGX_OK; ++ ++failed: ++ ++ rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, p, &rc->pattern, n) ++ - rc->err.data; ++ return NGX_ERROR; ++ ++nomem: ++ ++ rc->err.len = ngx_snprintf(rc->err.data, rc->err.len, ++ "regex \"%V\" compilation failed: no memory", ++ &rc->pattern) ++ - rc->err.data; ++ return NGX_ERROR; + } + ++#else + + static ngx_int_t + ngx_http_lua_regex_compile(ngx_http_lua_regex_compile_t *rc) +@@ -159,13 +318,14 @@ failed: + - rc->err.data; + return NGX_OK; + } ++#endif + + + ngx_int_t + ngx_http_lua_ffi_set_jit_stack_size(int size, u_char *errstr, + size_t *errstr_size) + { +-#if LUA_HAVE_PCRE_JIT ++#if (NGX_PCRE2 || LUA_HAVE_PCRE_JIT) + + ngx_http_lua_main_conf_t *lmcf; + ngx_pool_t *pool, *old_pool; +@@ -186,15 +346,24 @@ ngx_http_lua_ffi_set_jit_stack_size(int + if (lmcf->jit_stack) { + old_pool = ngx_http_lua_pcre_malloc_init(pool); + ++#if (NGX_PCRE2) ++ pcre2_jit_stack_free(lmcf->jit_stack); ++#else + pcre_jit_stack_free(lmcf->jit_stack); ++#endif + + ngx_http_lua_pcre_malloc_done(old_pool); + } + + old_pool = ngx_http_lua_pcre_malloc_init(pool); + ++#if (NGX_PCRE2) ++ lmcf->jit_stack = pcre2_jit_stack_create(NGX_LUA_RE_MIN_JIT_STACK_SIZE, ++ size, NULL); ++#else + lmcf->jit_stack = pcre_jit_stack_alloc(NGX_LUA_RE_MIN_JIT_STACK_SIZE, + size); ++#endif + + ngx_http_lua_pcre_malloc_done(old_pool); + +@@ -214,8 +383,148 @@ ngx_http_lua_ffi_set_jit_stack_size(int + - errstr; + return NGX_ERROR; + ++#endif ++} ++ ++ ++#if (NGX_PCRE2) ++static void ++ngx_http_lua_regex_jit_compile(ngx_http_lua_regex_t *re, int flags, ++ ngx_pool_t *pool, ngx_http_lua_main_conf_t *lmcf, ++ ngx_http_lua_regex_compile_t *re_comp) ++{ ++ ngx_int_t ret; ++ ngx_pool_t *old_pool; ++ ++ if (flags & NGX_LUA_RE_MODE_JIT) { ++ old_pool = ngx_http_lua_pcre_malloc_init(pool); ++ ret = pcre2_jit_compile(re_comp->regex, PCRE2_JIT_COMPLETE); ++ ++ if (ret != 0) { ++ ngx_log_error(NGX_LOG_INFO, ngx_cycle->log, 0, ++ "pcre2_jit_compile() failed: %d in \"%V\", " ++ "ignored", ++ ret, &re_comp->pattern); ++ ++#if (NGX_DEBUG) ++ ++ } else { ++ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, ++ "pcre2 JIT compiled successfully"); ++# endif /* !(NGX_DEBUG) */ ++ } ++ ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ ++ } ++ ++ if (lmcf && lmcf->jit_stack) { ++ pcre2_jit_stack_assign(ngx_regex_match_context, NULL, ++ lmcf->jit_stack); ++ } ++ ++ return; ++} ++ ++#else ++ ++static void ++ngx_http_lua_regex_jit_compile(ngx_http_lua_regex_t *re, int flags, ++ ngx_pool_t *pool, ngx_http_lua_main_conf_t *lmcf, ++ ngx_http_lua_regex_compile_t *re_comp) ++{ ++ const char *msg; ++ pcre_extra *sd = NULL; ++ ngx_pool_t *old_pool; ++ ++ ++#if (LUA_HAVE_PCRE_JIT) ++ if (flags & NGX_LUA_RE_MODE_JIT) { ++ old_pool = ngx_http_lua_pcre_malloc_init(pool); ++ sd = pcre_study(re_comp->regex, PCRE_STUDY_JIT_COMPILE, &msg); ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ ++# if (NGX_DEBUG) ++ if (msg != NULL) { ++ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, ++ "pcre study failed with PCRE_STUDY_JIT_COMPILE: " ++ "%s (%p)", msg, sd); ++ } ++ ++ if (sd != NULL) { ++ int jitted; ++ ++ old_pool = ngx_http_lua_pcre_malloc_init(pool); ++ ++ pcre_fullinfo(re_comp->regex, sd, PCRE_INFO_JIT, &jitted); ++ ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ ++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, ++ "pcre JIT compiling result: %d", jitted); ++ } ++# endif /* !(NGX_DEBUG) */ ++ ++ } else { ++ old_pool = ngx_http_lua_pcre_malloc_init(pool); ++ sd = pcre_study(re_comp->regex, 0, &msg); ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ } ++ ++ if (sd && lmcf && lmcf->jit_stack) { ++ pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); ++ } ++ ++ if (sd ++ && lmcf && lmcf->regex_match_limit > 0 ++ && !(flags & NGX_LUA_RE_MODE_DFA)) ++ { ++ sd->flags |= PCRE_EXTRA_MATCH_LIMIT; ++ sd->match_limit = lmcf->regex_match_limit; ++ } ++ + #endif /* LUA_HAVE_PCRE_JIT */ ++ ++ re->regex_sd = sd; ++} ++#endif ++ ++ ++#if (NGX_PCRE2) ++void ++ngx_http_lua_regex_cleanup(void *data) ++{ ++ ngx_pool_t *old_pool; ++ ngx_http_lua_main_conf_t *lmcf; ++ ++ lmcf = data; ++ ++ if (ngx_regex_compile_context) { ++ old_pool = ngx_http_lua_pcre_malloc_init(NULL); ++ pcre2_compile_context_free(ngx_regex_compile_context); ++ ngx_regex_compile_context = NULL; ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ } ++ ++ if (lmcf && lmcf->jit_stack) { ++ old_pool = ngx_http_lua_pcre_malloc_init(NULL); ++ ++ pcre2_jit_stack_free(lmcf->jit_stack); ++ lmcf->jit_stack = NULL; ++ ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ } ++ ++ if (ngx_regex_match_data) { ++ old_pool = ngx_http_lua_pcre_malloc_init(NULL); ++ pcre2_match_data_free(ngx_regex_match_data); ++ ngx_regex_match_data = NULL; ++ ngx_regex_match_data_size = 0; ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ } ++ + } ++#endif + + + ngx_http_lua_regex_t * +@@ -228,8 +537,7 @@ ngx_http_lua_ffi_compile_regex(const uns + ngx_int_t rc; + const char *msg; + ngx_pool_t *pool, *old_pool; +- pcre_extra *sd = NULL; +- ngx_http_lua_regex_t *re; ++ ngx_http_lua_regex_t *re = NULL; + + ngx_http_lua_main_conf_t *lmcf; + ngx_http_lua_regex_compile_t re_comp; +@@ -251,6 +559,8 @@ ngx_http_lua_ffi_compile_regex(const uns + } + + re->pool = pool; ++ re->regex = NULL; ++ re->regex_sd = NULL; + + re_comp.options = pcre_opts; + re_comp.pattern.data = (u_char *) pat; +@@ -274,54 +584,7 @@ ngx_http_lua_ffi_compile_regex(const uns + + ngx_http_lua_assert(lmcf != NULL); + +-#if (LUA_HAVE_PCRE_JIT) +- +- if (flags & NGX_LUA_RE_MODE_JIT) { +- +- old_pool = ngx_http_lua_pcre_malloc_init(pool); +- sd = pcre_study(re_comp.regex, PCRE_STUDY_JIT_COMPILE, &msg); +- ngx_http_lua_pcre_malloc_done(old_pool); +- +-# if (NGX_DEBUG) +- if (msg != NULL) { +- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, +- "pcre study failed with PCRE_STUDY_JIT_COMPILE: " +- "%s (%p)", msg, sd); +- } +- +- if (sd != NULL) { +- int jitted; +- +- old_pool = ngx_http_lua_pcre_malloc_init(pool); +- +- pcre_fullinfo(re_comp.regex, sd, PCRE_INFO_JIT, &jitted); +- +- ngx_http_lua_pcre_malloc_done(old_pool); +- +- ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, +- "pcre JIT compiling result: %d", jitted); +- } +-# endif /* !(NGX_DEBUG) */ +- +- } else { +- old_pool = ngx_http_lua_pcre_malloc_init(pool); +- sd = pcre_study(re_comp.regex, 0, &msg); +- ngx_http_lua_pcre_malloc_done(old_pool); +- } +- +- if (sd && lmcf->jit_stack) { +- pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); +- } +- +-#endif /* LUA_HAVE_PCRE_JIT */ +- +- if (sd +- && lmcf && lmcf->regex_match_limit > 0 +- && !(flags & NGX_LUA_RE_MODE_DFA)) +- { +- sd->flags |= PCRE_EXTRA_MATCH_LIMIT; +- sd->match_limit = lmcf->regex_match_limit; +- } ++ ngx_http_lua_regex_jit_compile(re, flags, pool, lmcf, &re_comp); + + if (flags & NGX_LUA_RE_MODE_DFA) { + ovecsize = 2; +@@ -339,6 +602,31 @@ ngx_http_lua_ffi_compile_regex(const uns + goto error; + } + ++#if (NGX_PCRE2) ++ if (pcre2_pattern_info(re_comp.regex, PCRE2_INFO_NAMECOUNT, ++ &re->name_count) < 0) ++ { ++ msg = "cannot acquire named subpattern count"; ++ goto error; ++ } ++ ++ if (re->name_count > 0) { ++ if (pcre2_pattern_info(re_comp.regex, PCRE2_INFO_NAMEENTRYSIZE, ++ &re->name_entry_size) != 0) ++ { ++ msg = "cannot acquire named subpattern entry size"; ++ goto error; ++ } ++ ++ if (pcre2_pattern_info(re_comp.regex, PCRE2_INFO_NAMETABLE, ++ &re->name_table) != 0) ++ { ++ msg = "cannot acquire named subpattern table"; ++ goto error; ++ } ++ } ++ ++#else + if (pcre_fullinfo(re_comp.regex, NULL, PCRE_INFO_NAMECOUNT, + &re->name_count) != 0) + { +@@ -361,9 +649,9 @@ ngx_http_lua_ffi_compile_regex(const uns + goto error; + } + } ++#endif + + re->regex = re_comp.regex; +- re->regex_sd = sd; + re->ncaptures = re_comp.captures; + re->captures = cap; + re->replace = NULL; +@@ -379,9 +667,7 @@ error: + p = ngx_snprintf(errstr, errstr_size - 1, "%s", msg); + *p = '\0'; + +- if (sd) { +- ngx_http_lua_regex_free_study_data(pool, sd); +- } ++ ngx_http_lua_regex_free_study_data(pool, re); + + if (pool) { + ngx_destroy_pool(pool); +@@ -391,6 +677,103 @@ error: + } + + ++#if (NGX_PCRE2) ++int ++ngx_http_lua_ffi_exec_regex(ngx_http_lua_regex_t *re, int flags, ++ const u_char *s, size_t len, int pos) ++{ ++ int rc, exec_opts = 0; ++ size_t *ov; ++ ngx_uint_t ovecsize, n, i; ++ ngx_pool_t *old_pool; ++ ++ if (flags & NGX_LUA_RE_MODE_DFA) { ++ ovecsize = 2; ++ re->ncaptures = 0; ++ ++ } else { ++ ovecsize = (re->ncaptures + 1) * 3; ++ } ++ ++ old_pool = ngx_http_lua_pcre_malloc_init(NULL); ++ ++ if (ngx_regex_match_data == NULL ++ || ovecsize > ngx_regex_match_data_size) ++ { ++ /* ++ * Allocate a match data if not yet allocated or smaller than ++ * needed. ++ */ ++ ++ if (ngx_regex_match_data) { ++ pcre2_match_data_free(ngx_regex_match_data); ++ } ++ ++ ngx_regex_match_data_size = ovecsize; ++ ngx_regex_match_data = pcre2_match_data_create(ovecsize / 3, NULL); ++ ++ if (ngx_regex_match_data == NULL) { ++ rc = PCRE2_ERROR_NOMEMORY; ++ goto failed; ++ } ++ } ++ ++ if (flags & NGX_LUA_RE_NO_UTF8_CHECK) { ++ exec_opts = PCRE2_NO_UTF_CHECK; ++ ++ } else { ++ exec_opts = 0; ++ } ++ ++ if (flags & NGX_LUA_RE_MODE_DFA) { ++ int ws[NGX_LUA_RE_DFA_MODE_WORKSPACE_COUNT]; ++ rc = pcre2_dfa_match(re->regex, s, len, pos, exec_opts, ++ ngx_regex_match_data, ngx_regex_match_context, ++ ws, sizeof(ws) / sizeof(ws[0])); ++ ++ ++ } else { ++ rc = pcre2_match(re->regex, s, len, pos, exec_opts, ++ ngx_regex_match_data, ngx_regex_match_context); ++ } ++ ++ if (rc < 0) { ++#if (NGX_DEBUG) ++ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, ++ "pcre2_match failed: flags 0x%05Xd, options 0x%08Xd, " ++ "rc %d, ovecsize %ui", flags, exec_opts, rc, ovecsize); ++#endif ++ ++ goto failed; ++ } ++ ++ n = pcre2_get_ovector_count(ngx_regex_match_data); ++ ov = pcre2_get_ovector_pointer(ngx_regex_match_data); ++ ++#if (NGX_DEBUG) ++ ngx_log_debug5(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, ++ "pcre2_match: flags 0x%05Xd, options 0x%08Xd, rc %d, " ++ "n %ui, ovecsize %ui", flags, exec_opts, rc, n, ovecsize); ++#endif ++ ++ if (!(flags & NGX_LUA_RE_MODE_DFA) && n > ovecsize / 3) { ++ n = ovecsize / 3; ++ } ++ ++ for (i = 0; i < n; i++) { ++ re->captures[i * 2] = ov[i * 2]; ++ re->captures[i * 2 + 1] = ov[i * 2 + 1]; ++ } ++ ++failed: ++ ++ ngx_http_lua_pcre_malloc_done(old_pool); ++ ++ return rc; ++} ++ ++#else ++ + int + ngx_http_lua_ffi_exec_regex(ngx_http_lua_regex_t *re, int flags, + const u_char *s, size_t len, int pos) +@@ -427,7 +810,8 @@ ngx_http_lua_ffi_exec_regex(ngx_http_lua + int ws[NGX_LUA_RE_DFA_MODE_WORKSPACE_COUNT]; + rc = ngx_http_lua_regex_dfa_exec(re->regex, sd, &subj, + (int) pos, cap, ovecsize, ws, +- sizeof(ws)/sizeof(ws[0]), exec_opts); ++ sizeof(ws) / sizeof(ws[0]), ++ exec_opts); + + #else + +@@ -443,28 +827,19 @@ ngx_http_lua_ffi_exec_regex(ngx_http_lua + return rc; + } + ++#endif ++ + + void + ngx_http_lua_ffi_destroy_regex(ngx_http_lua_regex_t *re) + { +- ngx_pool_t *old_pool; +- + dd("destroy regex called"); + + if (re == NULL || re->pool == NULL) { + return; + } + +- if (re->regex_sd) { +- old_pool = ngx_http_lua_pcre_malloc_init(re->pool); +-#if LUA_HAVE_PCRE_JIT +- pcre_free_study(re->regex_sd); +-#else +- pcre_free(re->regex_sd); +-#endif +- ngx_http_lua_pcre_malloc_done(old_pool); +- re->regex_sd = NULL; +- } ++ ngx_http_lua_regex_free_study_data(re->pool, re); + + ngx_destroy_pool(re->pool); + } +@@ -592,11 +967,17 @@ ngx_http_lua_ffi_max_regex_cache_size(vo + const char * + ngx_http_lua_ffi_pcre_version(void) + { ++#if (NGX_PCRE2) ++ pcre2_config(PCRE2_CONFIG_VERSION, ngx_pcre2_version); ++ ++ return ngx_pcre2_version; ++#else + return pcre_version(); ++#endif + } + + +-#endif /* NGX_PCRE */ ++#endif /* NGX_PCRE || NGX_PCRE2 */ + + + /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ +--- a/nginx-mod-lua/t/028-req-header.t ++++ b/nginx-mod-lua/t/028-req-header.t +@@ -275,7 +275,6 @@ Content-Type: + GET /bar + --- response_body eval + # Since nginx version 1.23.0, nginx combines same $http_* variable together +-# wtf + $Test::Nginx::Util::NginxVersion >= 1.023000 ? + + "Foo: a, b\n" +--- a/nginx-mod-lua/t/034-match.t ++++ b/nginx-mod-lua/t/034-match.t +@@ -361,8 +361,11 @@ he + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -648,8 +651,12 @@ regex: (?:>[\w\s]*) + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "([0-9]+" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile\(\) failed: missing closing parenthesis in \"\([0-9]+\"\n" ++: ++"error: pcre_compile\(\) failed: missing \) in \"\([0-9]+\"\n" ++ + + --- no_error_log + [error] +@@ -939,8 +946,11 @@ nil + } + --- request + GET /t +---- response_body_like chop +-^error: pcre_exec\(\) failed: -10$ ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] +@@ -1050,8 +1060,14 @@ end + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"failed to match\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua/t/035-gmatch.t ++++ b/nginx-mod-lua/t/035-gmatch.t +@@ -698,8 +698,11 @@ not matched! + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -735,8 +738,11 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /t +---- response_body_like chop +-error: pcre_exec\(\) failed: -10 ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] +@@ -854,8 +860,14 @@ end + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"failed to match\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua/t/036-sub.t ++++ b/nginx-mod-lua/t/036-sub.t +@@ -480,8 +480,11 @@ a [b c] [b] [c] [] [] d + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -506,8 +509,11 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /t +---- response_body_like chop +-error: pcre_exec\(\) failed: -10 ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] +@@ -610,8 +616,14 @@ ngx.say("sub: ", cnt) + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"sub: 0\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua/t/037-gsub.t ++++ b/nginx-mod-lua/t/037-gsub.t +@@ -423,8 +423,11 @@ n: 1 + } + --- request + GET /t +---- response_body_like chop +-error: pcre_exec\(\) failed: -10 ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] +@@ -531,8 +534,14 @@ ngx.say("gsub: ", cnt) + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"gsub: 0\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua/t/038-match-o.t ++++ b/nginx-mod-lua/t/038-match-o.t +@@ -336,8 +336,11 @@ he + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua/t/047-match-jit.t ++++ b/nginx-mod-lua/t/047-match-jit.t +@@ -32,8 +32,11 @@ __DATA__ + GET /re + --- response_body + 1234 +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -53,8 +56,11 @@ pcre JIT compiling result: 1 + GET /re + --- response_body + not matched! +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -76,9 +82,15 @@ pcre JIT compiling result: 1 + 1234 + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -101,9 +113,15 @@ qr/pcre JIT compiling result: \d+/ + not matched! + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -128,8 +146,11 @@ qr/pcre JIT compiling result: \d+/ + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -170,8 +191,15 @@ end + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++# PCRE2_ERROR_MATCHLIMIT (-47) ++"error: pcre_exec() failed: -47\n" ++: ++"error: pcre_exec() failed: -8\n" + + + +--- a/nginx-mod-lua/t/049-gmatch-jit.t ++++ b/nginx-mod-lua/t/049-gmatch-jit.t +@@ -34,8 +34,11 @@ __DATA__ + --- response_body + hello + world +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -60,8 +63,11 @@ pcre JIT compiling result: 1 + nil + nil + nil +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -77,8 +83,11 @@ pcre JIT compiling result: 1 + GET /re + --- response_body + done +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -99,8 +108,11 @@ pcre JIT compiling result: 1 + GET /re + --- response_body + hello +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -124,9 +136,15 @@ hello + world + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -154,9 +172,15 @@ nil + nil + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -175,9 +199,15 @@ qr/pcre JIT compiling result: \d+/ + done + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -201,9 +231,15 @@ qr/pcre JIT compiling result: \d+/ + hello + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -222,7 +258,10 @@ qr/pcre JIT compiling result: \d+/ + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] +--- a/nginx-mod-lua/t/050-gmatch-dfa.t ++++ b/nginx-mod-lua/t/050-gmatch-dfa.t +@@ -214,8 +214,11 @@ hello + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua/t/051-sub-jit.t ++++ b/nginx-mod-lua/t/051-sub-jit.t +@@ -32,8 +32,11 @@ __DATA__ + GET /re + --- response_body + hello, world 5678: 1 +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -53,8 +56,11 @@ pcre JIT compiling result: 1 + GET /re + --- response_body + hello, world: 0 +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -76,9 +82,15 @@ pcre JIT compiling result: 1 + hello, world 5678: 1 + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -101,9 +113,15 @@ qr/pcre JIT compiling result: \d+/ + hello, world: 0 + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -122,8 +140,11 @@ qr/pcre JIT compiling result: \d+/ + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -143,7 +164,10 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] +--- a/nginx-mod-lua/t/052-sub-dfa.t ++++ b/nginx-mod-lua/t/052-sub-dfa.t +@@ -107,8 +107,11 @@ hello, world: 0 + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -129,8 +132,11 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua/t/053-gsub-jit.t ++++ b/nginx-mod-lua/t/053-gsub-jit.t +@@ -32,8 +32,11 @@ __DATA__ + GET /re + --- response_body + hello, world world: 2 +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -53,8 +56,11 @@ pcre JIT compiling result: 1 + GET /re + --- response_body + hello, world: 0 +---- error_log +-pcre JIT compiling result: 1 ++--- error_log eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully\n" ++: ++"pcre JIT compiling result: 1\n" + + + +@@ -76,9 +82,15 @@ pcre JIT compiling result: 1 + hello, world world: 2 + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -101,9 +113,15 @@ qr/pcre JIT compiling result: \d+/ + hello, world: 0 + + --- grep_error_log eval +-qr/pcre JIT compiling result: \d+/ ++$Test::Nginx::Util::PcreVersion == 2 ? ++"pcre2 JIT compiled successfully" ++: ++"pcre JIT compiling result: 1" + + --- grep_error_log_out eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++["pcre2 JIT compiled successfully\n", ""] ++: + ["pcre JIT compiling result: 1\n", ""] + + +@@ -122,8 +140,11 @@ qr/pcre JIT compiling result: \d+/ + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -143,7 +164,10 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] +--- a/nginx-mod-lua/t/054-gsub-dfa.t ++++ b/nginx-mod-lua/t/054-gsub-dfa.t +@@ -107,8 +107,11 @@ hello, world: 0 + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + + + +@@ -126,8 +129,11 @@ error: pcre_compile() failed: missing ) + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua/t/120-re-find.t ++++ b/nginx-mod-lua/t/120-re-find.t +@@ -354,8 +354,11 @@ matched: he + } + --- request + GET /re +---- response_body +-error: pcre_compile() failed: missing ) in "(abc" ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre2_compile() failed: missing closing parenthesis in \"(abc\"\n" ++: ++"error: pcre_compile() failed: missing ) in \"(abc\"\n" + --- no_error_log + [error] + +@@ -562,8 +565,11 @@ matched: hello, 1234 + } + --- request + GET /t +---- response_body_like chop +-^error: pcre_exec\(\) failed: -10$ ++--- response_body eval ++$Test::Nginx::Util::PcreVersion == 2 ? ++"error: pcre_exec\(\) failed: -4\n" ++: ++"error: pcre_exec\(\) failed: -10\n" + + --- no_error_log + [error] +@@ -587,6 +593,7 @@ GET /t + '; + } + --- stap ++# TODO: PCRE2 use different option values from PCRE + probe process("$LIBPCRE_PATH").function("pcre_compile") { + printf("compile opts: %x\n", $options) + } +@@ -645,8 +652,14 @@ end + + --- request + GET /re +---- response_body +-error: pcre_exec() failed: -8 ++--- response_body eval ++# lua_regex_match_limit uses pcre_extra->match_limit in the PCRE, ++# but PCRE2 replaces this with pcre2_set_match_limit interface, ++# which has different effects. ++$Test::Nginx::Util::PcreVersion == 2 ? ++"failed to match.\n" ++: ++"error: pcre_exec() failed: -8\n" + --- no_error_log + [error] + +--- a/nginx-mod-lua/util/build-with-dd.sh ++++ b/nginx-mod-lua/util/build-with-dd.sh +@@ -20,9 +20,13 @@ fi + + disable_pcre2=--without-pcre2 + answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +-if [ "$answer" = "N" ]; then ++if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then + disable_pcre2="" + fi ++if [ "$USE_PCRE2" = "Y" ]; then ++ PCRE_INC=$PCRE2_INC ++ PCRE_LIB=$PCRE2_LIB ++fi + + time ngx-build $force $version \ + --with-threads \ +--- a/nginx-mod-lua/util/build-without-ssl.sh ++++ b/nginx-mod-lua/util/build-without-ssl.sh +@@ -26,9 +26,13 @@ add_fake_shm_module="--add-module=$root/ + + disable_pcre2=--without-pcre2 + answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +-if [ "$answer" = "N" ]; then ++if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then + disable_pcre2="" + fi ++if [ "$USE_PCRE2" = "Y" ]; then ++ PCRE_INC=$PCRE2_INC ++ PCRE_LIB=$PCRE2_LIB ++fi + + time ngx-build $force $version \ + --with-threads \ +--- a/nginx-mod-lua/util/build.sh ++++ b/nginx-mod-lua/util/build.sh +@@ -32,9 +32,13 @@ fi + + disable_pcre2=--without-pcre2 + answer=`$root/util/ver-ge "$NGINX_VERSION" 1.25.1` +-if [ "$answer" = "N" ]; then ++if [ "$answer" = "N" ] || [ "$USE_PCRE2" = "Y" ]; then + disable_pcre2="" + fi ++if [ "$USE_PCRE2" = "Y" ]; then ++ PCRE_INC=$PCRE2_INC ++ PCRE_LIB=$PCRE2_LIB ++fi + + time ngx-build $force $version \ + --with-threads \ +--- a/nginx-mod-lua/valgrind.suppress ++++ b/nginx-mod-lua/valgrind.suppress +@@ -234,3 +234,73 @@ + fun:ngx_pass_open_channel + fun:ngx_start_privileged_agent_processes + } ++{ ++ ++ Memcheck:Leak ++ match-leak-kinds: definite ++ fun:malloc ++ fun:ngx_alloc ++ fun:ngx_regex_malloc ++ fun:pcre2_compile_context_create_8 ++ fun:ngx_regex_compile ++ fun:ngx_http_regex_compile ++ fun:ngx_http_core_regex_location ++ fun:ngx_http_core_location ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_core_server ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_block ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_init_cycle ++ fun:main ++} ++{ ++ ++ Memcheck:Leak ++ match-leak-kinds: definite ++ fun:malloc ++ fun:ngx_alloc ++ fun:ngx_regex_malloc ++ fun:pcre2_compile_context_create_8 ++ fun:ngx_regex_compile ++ fun:ngx_http_regex_compile ++ fun:ngx_http_rewrite ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_core_location ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_core_server ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_block ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_init_cycle ++ fun:main ++} ++{ ++ ++ Memcheck:Leak ++ match-leak-kinds: definite ++ fun:malloc ++ fun:ngx_alloc ++ fun:ngx_regex_malloc ++ fun:pcre2_compile_context_create_8 ++ fun:ngx_regex_compile ++ fun:ngx_http_regex_compile ++ fun:ngx_http_rewrite ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_core_server ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_http_block ++ fun:ngx_conf_handler ++ fun:ngx_conf_parse ++ fun:ngx_init_cycle ++ fun:main ++} +--- a/nginx-mod-lua/t/cert/test.crt ++++ b/nginx-mod-lua/t/cert/test.crt +@@ -1,17 +1,22 @@ + -----BEGIN CERTIFICATE----- +-MIICqTCCAhICCQClDm1WkreW4jANBgkqhkiG9w0BAQUFADCBlzELMAkGA1UEBhMC +-VVMxEzARBgNVBAgMCkNhbGlmb3JuaWExFjAUBgNVBAcMDVNhbiBGcmFuY2lzY28x +-EjAQBgNVBAoMCU9wZW5SZXN0eTESMBAGA1UECwwJT3BlblJlc3R5MREwDwYDVQQD +-DAh0ZXN0LmNvbTEgMB4GCSqGSIb3DQEJARYRYWdlbnR6aEBnbWFpbC5jb20wIBcN +-MTQwNzIxMDMyMzQ3WhgPMjE1MTA2MTMwMzIzNDdaMIGXMQswCQYDVQQGEwJVUzET +-MBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzESMBAG +-A1UECgwJT3BlblJlc3R5MRIwEAYDVQQLDAlPcGVuUmVzdHkxETAPBgNVBAMMCHRl +-c3QuY29tMSAwHgYJKoZIhvcNAQkBFhFhZ2VudHpoQGdtYWlsLmNvbTCBnzANBgkq +-hkiG9w0BAQEFAAOBjQAwgYkCgYEA6P18zUvtmaKQK2xePy8ZbFwSyTLw+jW6t9eZ +-aiTec8X3ibN9WemrxHzkTRikxP3cAQoITRuZiQvF4Q7DO6wMkz/b0zwfgX5uedGq +-047AJP6n/mwlDOjGSNomBLoXQzo7tVe60ikEm3ZyDUqnJPJMt3hImO5XSop4MPMu +-Za9WhFcCAwEAATANBgkqhkiG9w0BAQUFAAOBgQA4OBb9bOyWB1//93nSXX1mdENZ +-IQeyTK0Dd6My76lnZxnZ4hTWrvvd0b17KLDU6JnS2N5ee3ATVkojPidRLWLIhnh5 +-0eXrcKalbO2Ce6nShoFvQCQKXN2Txmq2vO/Mud2bHAWwJALg+qi1Iih/gVYB9sct +-FLg8zFOzRlYiU+6Mmw== ++MIIDtzCCAp8CFCJnLifDCaXjYb2ARKBBhs+aAgYOMA0GCSqGSIb3DQEBCwUAMIGX ++MQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2Fu ++IEZyYW5jaXNjbzESMBAGA1UECgwJT3BlblJlc3R5MRIwEAYDVQQLDAlPcGVuUmVz ++dHkxETAPBgNVBAMMCHRlc3QuY29tMSAwHgYJKoZIhvcNAQkBFhFhZ2VudHpoQGdt ++YWlsLmNvbTAeFw0yMzA5MDUwNDE5MjhaFw0zMzA5MDIwNDE5MjhaMIGXMQswCQYD ++VQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5j ++aXNjbzESMBAGA1UECgwJT3BlblJlc3R5MRIwEAYDVQQLDAlPcGVuUmVzdHkxETAP ++BgNVBAMMCHRlc3QuY29tMSAwHgYJKoZIhvcNAQkBFhFhZ2VudHpoQGdtYWlsLmNv ++bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJzRMFoLDuYOwJ8szrS4 ++nOibtiimiXZJGx3I/RcFZxaH4nL/WcEb1fwftMQxx73IBJnqnDYkDOzUmzItPMn0 ++t2WrNYesC5GqLNRm87m6PVt010tZvq/WxTn6+9qruiGm1PhFxzLQfrClpEeOshlG ++UeoQjPOMrhCmofDM2NQo3D4wIQT0kCJxIPq6wCZt22/Yqz1EmR0UnF/R3ZtiB8O+ ++SQGcsUKy4se3919xq+ZkzBdMxLneO5sofUiDC9MgRfiU960tbHPGX9I9P+kLK89S ++yajPEYaRUkSBFjV5kdDK3+L6XckdMbY2pvwhAnVXSmd13Bf2V9XisUrX2Mr4YlnS ++sy0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAVPY/z6Mvjg5EGHzU8bXyuXqxrx8Q ++GBwf3PY25aDF6ofRrTCzMdIhthv8eRtGwHinkpgaK34D7hI/dPB7aswQTzED5c+l ++S2au5OzzCj454oXdhSRA5Rt0mu/+pxmQ+iNk+7XJxgTN0mk1dYQqodyZ+vC4NIYb ++javMlU4zDm4JPtwDs0Mz/d7gf14MU60jppF2vl6AYFHKYBLMHBmqxjy6H9YHjRjQ ++oe4TNpn0zxJAPu5LqMkfB2+eLOe6ced7DcLLbbeVJ4Xtqj6Y5KsAyVojWQxrk4vW ++3WO/953pHofO5F2ricS/rsf+5ivTmfiP8mQYTtp7k3T11sIZ4DOmtNwO4A== + -----END CERTIFICATE----- +--- a/nginx-mod-lua/t/cert/test.key ++++ b/nginx-mod-lua/t/cert/test.key +@@ -1,15 +1,28 @@ +------BEGIN RSA PRIVATE KEY----- +-MIICXgIBAAKBgQDo/XzNS+2ZopArbF4/LxlsXBLJMvD6Nbq315lqJN5zxfeJs31Z +-6avEfORNGKTE/dwBCghNG5mJC8XhDsM7rAyTP9vTPB+Bfm550arTjsAk/qf+bCUM +-6MZI2iYEuhdDOju1V7rSKQSbdnINSqck8ky3eEiY7ldKingw8y5lr1aEVwIDAQAB +-AoGBANgB66sKMga2SKN5nQdHS3LDCkevCutu1OWM5ZcbB4Kej5kC57xsf+tzPtab +-emeIVGhCPOAALqB4YcT+QtMX967oM1MjcFbtH7si5oq6UYyp3i0G9Si6jIoVHz3+ +-8yOUaqwKbK+bRX8VS0YsHZmBsPK5ryN50iUwsU08nemoA94BAkEA9GS9Q5OPeFkM +-tFxsIQ1f2FSsZAuN/1cpZgJqY+YaAN7MSPGTWyfd7nWG/Zgk3GO9/2ihh4gww+7B +-To09GkmW4QJBAPQOHC2V+t2TA98+6Lj6+TYwcGEkhOENfVpH25mQ+kXgF/1Bd6rA +-nosT1bdAY+SnmWXbSw6Kv5C20Em+bEX8WjcCQCSRRjhsRdVODbaW9Z7kb2jhEoJN +-sEt6cTlQNzcHYPCsZYisjM3g4zYg47fiIfHQAsfKkhDDcfh/KvFj9LaQOEECQQCH +-eBWYEDpSJ7rsfqT7mQQgWj7nDThdG/nK1TxGP71McBmg0Gg2dfkLRhVJRQqt74Is +-kc9V4Rp4n6F6baL4Lh19AkEA6pZZer0kg3Kv9hjhaITIKUYdfIp9vYnDRWbQlBmR +-atV8V9u9q2ETZvqfHpN+9Lu6NYR4yXIEIRf1bnIZ/mr9eQ== +------END RSA PRIVATE KEY----- ++-----BEGIN PRIVATE KEY----- ++MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQCc0TBaCw7mDsCf ++LM60uJzom7Yopol2SRsdyP0XBWcWh+Jy/1nBG9X8H7TEMce9yASZ6pw2JAzs1Jsy ++LTzJ9LdlqzWHrAuRqizUZvO5uj1bdNdLWb6v1sU5+vvaq7ohptT4Rccy0H6wpaRH ++jrIZRlHqEIzzjK4QpqHwzNjUKNw+MCEE9JAicSD6usAmbdtv2Ks9RJkdFJxf0d2b ++YgfDvkkBnLFCsuLHt/dfcavmZMwXTMS53jubKH1IgwvTIEX4lPetLWxzxl/SPT/p ++CyvPUsmozxGGkVJEgRY1eZHQyt/i+l3JHTG2Nqb8IQJ1V0pnddwX9lfV4rFK19jK +++GJZ0rMtAgMBAAECggEABjaOkcllis1o/yrVZMPPabLpAHV6tZ5MuKfNiUOMSPr+ ++HfF1OFQL7MxCdfyFQ1prqOp/9nAut+puMgp99wAfDQ7qanNGq7vgQKkfPSD+dy4V ++rUquELBJH6nh9SZqfpSqKaJgHlNe6vehHuRYikJRkrJwVzegGjuekm3B+y6Zl/gc ++e0p5Ha3MTLTFjocwYzgTjJlxD40wlbjpuVnmzKjo8AKNv1F1azMaqBmt1VfPiDn0 ++Xyq4SPEsWKnEAl2kZdaIBR6zIx7Z3zNUwkfb32QwNoSyo8wS7lCgf2GVS7r1Eul6 ++iiCE/Gd7w10alW4Pu96shVqkvKn7ROF2nBP9xOSPwQKBgQDCuD6mlNpA07iOX364 ++aAzIAYookceVA0I9L/fbOQW7RgpvYpM8lxr31TQ3fBDkXSgjzMMYjnk4kz+xN+BB ++WFdjb4raUBtrvip8Q8QZ53DVQK/LodHh0XhipbOxZrDm+6o5nQD0fTqHCBIHSVFF ++tXX2Y90t1cxWMMleRhfNEuzkQQKBgQDOK0rs7mf04Xhc4ZIRIxOtNFnthGp4Kqp7 ++SD8VQpbPOLV8iqZEtXIy/hvoTpfQW30c1931KgDQ3Pv5MZYpI7PLqrqkj4tGCQ91 ++DJ03GWkSXcMwlPmJRbvgWIeCLgShU5PLxmQu3mH2DP+uGFUBq5/6miDDVjF9z6vb ++BwYlG66j7QKBgA0n/bOrowN2SqXz9c/n19U7pWYQU3fR/Iu9zfVV6Pk6RkI4WtJh ++M0VDdn+5Njr3wFqK3zOtjKsx57/FkrVXjq/9PVh6yR+CfcRfn8RQSuNdt4L+r/ud ++95BSuc1mrtUsc9for8PVIjs1ZGJxpbgcBphbLvqF04SPT0u7WKhWewMBAoGAcJO/ ++RAUiitsbaExcADORKQDvIf0uThOuJ8dZevhzdQ/YOftTsy0JAMM05fMUfteWR8uw ++DZE0BNjGVlo3TpuKL+o4JGele0azRAzxRAcCEt9UGBEg+U40utpclD8glB8ZEypv ++xg/0mfCbJKtwr4rRvnuu7DsCp1pg0ybQui6VfDkCgYBXHwcrZwmv7kgr4pUG6oZj ++fzjFenQFqibvb2h7QESyCW13O885GxU13DKv4zg1yi6EqPIopz16qCiUNCvWr5Us ++6sI74wEVI3MzmzG0Htgl29q5yWpeY+7libC/fbZYG8GFgdINq58ko9be1u/8644S ++t2hoKM9/vrVFh9p9qGzckg== ++-----END PRIVATE KEY----- diff --git a/net/nginx/patches/nginx-mod-lua/100-no_by_lua_block.patch b/net/nginx/patches/nginx-mod-lua/100-no_by_lua_block.patch index b51c5e404..1572a4cbb 100644 --- a/net/nginx/patches/nginx-mod-lua/100-no_by_lua_block.patch +++ b/net/nginx/patches/nginx-mod-lua/100-no_by_lua_block.patch @@ -1,6 +1,6 @@ --- a/nginx-mod-lua/src/ngx_http_lua_module.c +++ b/nginx-mod-lua/src/ngx_http_lua_module.c -@@ -207,12 +207,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -212,12 +212,14 @@ static ngx_command_t ngx_http_lua_cmds[] offsetof(ngx_http_lua_loc_conf_t, log_socket_errors), NULL }, @@ -15,7 +15,7 @@ { ngx_string("init_by_lua"), NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, -@@ -228,12 +230,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -233,12 +235,14 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_init_by_file }, @@ -30,7 +30,7 @@ { ngx_string("init_worker_by_lua"), NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, -@@ -249,12 +253,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -254,12 +258,14 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_init_worker_by_file }, @@ -45,7 +45,7 @@ { ngx_string("exit_worker_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, -@@ -264,6 +270,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -269,6 +275,7 @@ static ngx_command_t ngx_http_lua_cmds[] (void *) ngx_http_lua_exit_worker_by_file }, #if defined(NDK) && NDK @@ -53,7 +53,7 @@ /* set_by_lua_block $res { inline Lua code } */ { ngx_string("set_by_lua_block"), NGX_HTTP_SRV_CONF|NGX_HTTP_SIF_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -272,6 +279,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -277,6 +284,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_filter_set_by_lua_inline }, @@ -61,7 +61,7 @@ /* set_by_lua $res [$arg1 [$arg2 [...]]] */ { ngx_string("set_by_lua"), -@@ -292,6 +300,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -297,6 +305,7 @@ static ngx_command_t ngx_http_lua_cmds[] (void *) ngx_http_lua_filter_set_by_lua_file }, #endif @@ -69,7 +69,7 @@ /* server_rewrite_by_lua_block { } */ { ngx_string("server_rewrite_by_lua_block"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, -@@ -299,6 +308,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -304,6 +313,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_SRV_CONF_OFFSET, 0, (void *) ngx_http_lua_server_rewrite_handler_inline }, @@ -77,7 +77,7 @@ /* server_rewrite_by_lua_file filename; */ { ngx_string("server_rewrite_by_lua_file"), -@@ -317,6 +327,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -322,6 +332,7 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_rewrite_handler_inline }, @@ -85,7 +85,7 @@ /* rewrite_by_lua_block { } */ { ngx_string("rewrite_by_lua_block"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -325,6 +336,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -330,6 +341,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_rewrite_handler_inline }, @@ -93,7 +93,7 @@ /* access_by_lua "" */ { ngx_string("access_by_lua"), -@@ -335,6 +347,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -340,6 +352,7 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_access_handler_inline }, @@ -101,7 +101,7 @@ /* access_by_lua_block { } */ { ngx_string("access_by_lua_block"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -343,6 +356,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -348,6 +361,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_access_handler_inline }, @@ -109,7 +109,7 @@ /* content_by_lua "" */ { ngx_string("content_by_lua"), -@@ -352,6 +366,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -357,6 +371,7 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_content_handler_inline }, @@ -117,7 +117,7 @@ /* content_by_lua_block { } */ { ngx_string("content_by_lua_block"), NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS, -@@ -359,6 +374,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -364,6 +379,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_content_handler_inline }, @@ -125,7 +125,7 @@ /* log_by_lua */ { ngx_string("log_by_lua"), -@@ -369,6 +385,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -374,6 +390,7 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_log_handler_inline }, @@ -133,7 +133,7 @@ /* log_by_lua_block { } */ { ngx_string("log_by_lua_block"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -377,6 +394,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -382,6 +399,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_log_handler_inline }, @@ -141,7 +141,7 @@ { ngx_string("rewrite_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -433,6 +451,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -438,6 +456,7 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_header_filter_inline }, @@ -149,7 +149,7 @@ /* header_filter_by_lua_block { } */ { ngx_string("header_filter_by_lua_block"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -441,6 +460,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -446,6 +465,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_header_filter_inline }, @@ -157,7 +157,7 @@ { ngx_string("header_filter_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -458,6 +478,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -463,6 +483,7 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_body_filter_inline }, @@ -165,7 +165,7 @@ /* body_filter_by_lua_block { } */ { ngx_string("body_filter_by_lua_block"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -466,6 +487,7 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -471,6 +492,7 @@ static ngx_command_t ngx_http_lua_cmds[] NGX_HTTP_LOC_CONF_OFFSET, 0, (void *) ngx_http_lua_body_filter_inline }, @@ -173,7 +173,7 @@ { ngx_string("body_filter_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF -@@ -475,12 +497,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -480,12 +502,14 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_body_filter_file }, @@ -188,7 +188,7 @@ { ngx_string("balancer_by_lua_file"), NGX_HTTP_UPS_CONF|NGX_CONF_TAKE1, -@@ -585,12 +609,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -590,12 +614,14 @@ static ngx_command_t ngx_http_lua_cmds[] offsetof(ngx_http_lua_loc_conf_t, ssl_ciphers), NULL }, @@ -203,7 +203,7 @@ { ngx_string("ssl_client_hello_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, -@@ -599,12 +625,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -604,12 +630,14 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_ssl_client_hello_handler_file }, @@ -218,7 +218,7 @@ { ngx_string("ssl_certificate_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, -@@ -613,12 +641,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -618,12 +646,14 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_ssl_cert_handler_file }, @@ -233,7 +233,7 @@ { ngx_string("ssl_session_store_by_lua_file"), NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, -@@ -627,12 +657,14 @@ static ngx_command_t ngx_http_lua_cmds[] +@@ -632,12 +662,14 @@ static ngx_command_t ngx_http_lua_cmds[] 0, (void *) ngx_http_lua_ssl_sess_store_handler_file }, From f0754531c4d85ac301c95d7dc6c83acdad6b24e7 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 14:45:55 +0200 Subject: [PATCH 19/29] nginx: move to PCRE2 Move nginx to PCRE2 now that lua modules supports it. nginx ebaled PCRE2 by default so we simply revert the config to revert it. Signed-off-by: Christian Marangi --- net/nginx/Makefile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index ee223668c..7601c442a 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -113,7 +113,7 @@ define Package/nginx-ssl $(Package/nginx/default) TITLE += with SSL support VARIANT:=ssl - DEPENDS+= +NGINX_PCRE:libpcre \ + DEPENDS+= +NGINX_PCRE:libpcre2 \ +NGINX_PCRE:nginx-ssl-util +!NGINX_PCRE:nginx-ssl-util-nopcre \ +NGINX_HTTP_GZIP:zlib +NGINX_DAV:libxml2 EXTRA_DEPENDS:=nginx-ssl-util$(if $(CONFIG_NGINX_PCRE),,-nopcre) (>=1.5-1) (<2) @@ -163,7 +163,7 @@ endef define Package/nginx-full $(Package/nginx/default) TITLE += with ALL config selected - DEPENDS+=+libpcre +nginx-ssl-util +zlib +libxml2 + DEPENDS+=+libpcre2 +nginx-ssl-util +zlib +libxml2 EXTRA_DEPENDS:=nginx-ssl-util (>=1.5-1) (<2) VARIANT:=full PROVIDES += nginx-ssl @@ -408,7 +408,6 @@ CONFIGURE_ARGS += \ --with-cc-opt="$(TARGET_CPPFLAGS) $(TARGET_CFLAGS)" \ --with-ld-opt="$(TARGET_LDFLAGS)" \ --without-http_upstream_zone_module \ - --without-pcre2 \ --with-compat \ --with-http_ssl_module \ $(if $(call IsDisabled,NGINX_HTTP_CACHE),--without-http-cache) \ From 30b85f4954db4b28a27420309b9e0755b2a9883c Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 15:47:44 +0200 Subject: [PATCH 20/29] nginx: bump naxsi module to latest git HEAD Bump naxsi module to latest git HEAD to fix compilation error with pcre2 library. Signed-off-by: Christian Marangi --- net/nginx/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index 7601c442a..0ff45f5e5 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -265,9 +265,9 @@ define Download/nginx-mod-ts endef define Download/nginx-mod-naxsi - VERSION:=951123ad456bdf5ac94e8d8819342fe3d49bc002 + VERSION:=d714f1636ea49a9a9f4f06dba14aee003e970834 URL:=https://github.com/nbs-system/naxsi.git - MIRROR_HASH:=c734cae19a596affadd62a2df1b58d3df8d1364093a4e80a7cd1ab4555963535 + MIRROR_HASH:=bd006686721a68d43f052f0a4f00e9ff99fb2abfbc4dcf8194a3562fe4e5c08b PROTO:=git endef From 0e0b90812a19bd12139ad61ae01a41e26db050e1 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 15:54:02 +0200 Subject: [PATCH 21/29] nginx: switch to real name for Ansuel maintainer Switch to real name for Ansuel maintainer and drop nickname. Signed-off-by: Christian Marangi --- net/nginx/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/net/nginx/Makefile b/net/nginx/Makefile index 0ff45f5e5..a2ce0a0fe 100644 --- a/net/nginx/Makefile +++ b/net/nginx/Makefile @@ -16,7 +16,7 @@ PKG_SOURCE_URL:=https://nginx.org/download/ PKG_HASH:=05dd6d9356d66a74e61035f2a42162f8c754c97cf1ba64e7a801ba158d6c0711 PKG_MAINTAINER:=Thomas Heil \ - Ansuel Smith + Christian Marangi PKG_LICENSE:=2-clause BSD-like license PKG_CPE_ID:=cpe:/a:nginx:nginx From 94ded8ff315be664a806153a94913e7fbdcd3a49 Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 15:38:27 +0200 Subject: [PATCH 22/29] uwsgi: bump to release 2.0.22 Bump to release 2.0.22 to make it easier to apply patch for pcre2 support. Signed-off-by: Christian Marangi --- net/uwsgi/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/uwsgi/Makefile b/net/uwsgi/Makefile index 57c8a314a..d00327352 100644 --- a/net/uwsgi/Makefile +++ b/net/uwsgi/Makefile @@ -1,12 +1,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=uwsgi -PKG_VERSION:=2.0.21 +PKG_VERSION:=2.0.22 PKG_RELEASE:=1 PYPI_NAME:=uWSGI PYPI_SOURCE_NAME:=uwsgi -PKG_HASH:=35a30d83791329429bc04fe44183ce4ab512fcf6968070a7bfba42fc5a0552a9 +PKG_HASH:=4cc4727258671ac5fa17ab422155e9aaef8a2008ebb86e4404b66deaae965db2 PKG_LICENSE:=GPL-2.0-or-later PKG_LICENSE_FILES:=LICENSE From 4374c3250f424f1e57b175961adb41f24489510d Mon Sep 17 00:00:00 2001 From: Christian Marangi Date: Fri, 22 Sep 2023 15:39:23 +0200 Subject: [PATCH 23/29] uwsgi: add experimental pcre2 patch and drop pcre Add experimental pcre2 patch and drop pcre in favor of pcre2 library. Signed-off-by: Christian Marangi --- net/uwsgi/Makefile | 2 +- ...03-hard-code-Linux-as-compilation-os.patch | 2 +- .../004-core-alarm_fix_memory_leak.patch | 20 + .../patches/005-ssl-option-can_t-be-set.patch | 23 + net/uwsgi/patches/010-uclibc-ng.patch | 2 +- net/uwsgi/patches/020-add-pcre2-support.patch | 887 ++++++++++++++++++ 6 files changed, 933 insertions(+), 3 deletions(-) create mode 100644 net/uwsgi/patches/004-core-alarm_fix_memory_leak.patch create mode 100644 net/uwsgi/patches/005-ssl-option-can_t-be-set.patch create mode 100644 net/uwsgi/patches/020-add-pcre2-support.patch diff --git a/net/uwsgi/Makefile b/net/uwsgi/Makefile index d00327352..3938221c7 100644 --- a/net/uwsgi/Makefile +++ b/net/uwsgi/Makefile @@ -34,7 +34,7 @@ define Package/uwsgi SUBMENU:=Web Servers/Proxies TITLE:=The uWSGI server URL:=https://uwsgi-docs.readthedocs.io/en/latest/ - DEPENDS:=+libpcre +libcap +libuuid + DEPENDS:=+libpcre2 +libcap +libuuid endef define Package/uwsgi-logfile-plugin diff --git a/net/uwsgi/patches/003-hard-code-Linux-as-compilation-os.patch b/net/uwsgi/patches/003-hard-code-Linux-as-compilation-os.patch index 8adc220dd..02a5f3bdc 100644 --- a/net/uwsgi/patches/003-hard-code-Linux-as-compilation-os.patch +++ b/net/uwsgi/patches/003-hard-code-Linux-as-compilation-os.patch @@ -1,6 +1,6 @@ --- a/uwsgiconfig.py +++ b/uwsgiconfig.py -@@ -5,9 +5,9 @@ uwsgi_version = '2.0.21' +@@ -5,9 +5,9 @@ uwsgi_version = '2.0.22' import os import re import time diff --git a/net/uwsgi/patches/004-core-alarm_fix_memory_leak.patch b/net/uwsgi/patches/004-core-alarm_fix_memory_leak.patch new file mode 100644 index 000000000..990c7e6aa --- /dev/null +++ b/net/uwsgi/patches/004-core-alarm_fix_memory_leak.patch @@ -0,0 +1,20 @@ +From bad0edfc10a80de908a3d83c7f075eff8df3a691 Mon Sep 17 00:00:00 2001 +From: Riccardo Magliocchetti +Date: Wed, 14 Jan 2015 21:19:24 +0100 +Subject: [PATCH] core/alarm: fix memory leak + +Reported by Coverity as CID #971006 +--- + core/alarm.c | 1 + + 1 file changed, 1 insertion(+) + +--- a/core/alarm.c ++++ b/core/alarm.c +@@ -171,6 +171,7 @@ static int uwsgi_alarm_log_add(char *ala + + ual = uwsgi_calloc(sizeof(struct uwsgi_alarm_log)); + if (uwsgi_regexp_build(regexp, &ual->pattern, &ual->pattern_extra)) { ++ free(ual); + return -1; + } + ual->negate = negate; diff --git a/net/uwsgi/patches/005-ssl-option-can_t-be-set.patch b/net/uwsgi/patches/005-ssl-option-can_t-be-set.patch new file mode 100644 index 000000000..4a478af52 --- /dev/null +++ b/net/uwsgi/patches/005-ssl-option-can_t-be-set.patch @@ -0,0 +1,23 @@ +From b55d659c2ef6fb80b3b5d70192b1271992c393fc Mon Sep 17 00:00:00 2001 +From: Mathieu Lacage +Date: Tue, 30 Oct 2018 17:08:19 +0100 +Subject: [PATCH] ssl-option can't be set + +The ssl-option variable can't be set: it is designed to take a numeric argument but is specified as a "no_argument" option which results in an error when trying to set this option. This changeset sets the proper type. + +Given the changeset which introduced this option with the ssl-enable3 option which is of type no_argument, I suspect someone copy/pasted the ssl-enable3 configuration file without testing the change. +--- + core/uwsgi.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/core/uwsgi.c ++++ b/core/uwsgi.c +@@ -678,7 +678,7 @@ static struct uwsgi_option uwsgi_base_op + {"ssl-enable3", no_argument, 0, "enable SSLv3 (insecure)", uwsgi_opt_true, &uwsgi.sslv3, 0}, + {"ssl-enable-sslv3", no_argument, 0, "enable SSLv3 (insecure)", uwsgi_opt_true, &uwsgi.sslv3, 0}, + {"ssl-enable-tlsv1", no_argument, 0, "enable TLSv1 (insecure)", uwsgi_opt_true, &uwsgi.tlsv1, 0}, +- {"ssl-option", no_argument, 0, "set a raw ssl option (numeric value)", uwsgi_opt_add_string_list, &uwsgi.ssl_options, 0}, ++ {"ssl-option", required_argument, 0, "set a raw ssl option (numeric value)", uwsgi_opt_add_string_list, &uwsgi.ssl_options, 0}, + #ifdef UWSGI_PCRE + {"sni-regexp", required_argument, 0, "add an SNI-governed SSL context (the key is a regexp)", uwsgi_opt_sni, NULL, 0}, + #endif diff --git a/net/uwsgi/patches/010-uclibc-ng.patch b/net/uwsgi/patches/010-uclibc-ng.patch index e12c3c514..b3f1a6642 100644 --- a/net/uwsgi/patches/010-uclibc-ng.patch +++ b/net/uwsgi/patches/010-uclibc-ng.patch @@ -1,6 +1,6 @@ --- a/core/uwsgi.c +++ b/core/uwsgi.c -@@ -1822,7 +1822,7 @@ void uwsgi_plugins_atexit(void) { +@@ -1825,7 +1825,7 @@ void uwsgi_plugins_atexit(void) { void uwsgi_backtrace(int depth) { diff --git a/net/uwsgi/patches/020-add-pcre2-support.patch b/net/uwsgi/patches/020-add-pcre2-support.patch new file mode 100644 index 000000000..2f6db9f4c --- /dev/null +++ b/net/uwsgi/patches/020-add-pcre2-support.patch @@ -0,0 +1,887 @@ +From 7835662f76831a76e4cc04791fcf2ee1ea725931 Mon Sep 17 00:00:00 2001 +From: Riccardo Magliocchetti +Date: Tue, 25 Jul 2023 16:17:52 +0200 +Subject: [PATCH 01/12] uwsgiconfig: prepare for pcre2 + +--- + uwsgiconfig.py | 45 ++++++++++++++++++++++----------------------- + 1 file changed, 22 insertions(+), 23 deletions(-) + +--- a/uwsgiconfig.py ++++ b/uwsgiconfig.py +@@ -1079,30 +1079,29 @@ class uConf(object): + + has_pcre = False + +- # re-enable after pcre fix +- if self.get('pcre'): +- if self.get('pcre') == 'auto': +- pcreconf = spcall('pcre-config --libs') +- if pcreconf: +- self.libs.append(pcreconf) +- pcreconf = spcall("pcre-config --cflags") +- self.cflags.append(pcreconf) +- self.gcc_list.append('core/regexp') +- self.cflags.append("-DUWSGI_PCRE") +- has_pcre = True +- ++ required_pcre = self.get('pcre') ++ if required_pcre: ++ pcre_libs = spcall('pcre2-config --libs8') ++ if pcre_libs: ++ pcre_cflags = spcall("pcre2-config --cflags") ++ pcre_define = "-DUWSGI_PCRE2" + else: +- pcreconf = spcall('pcre-config --libs') +- if pcreconf is None: +- print("*** libpcre headers unavailable. uWSGI build is interrupted. You have to install pcre development package or disable pcre") +- sys.exit(1) +- else: +- self.libs.append(pcreconf) +- pcreconf = spcall("pcre-config --cflags") +- self.cflags.append(pcreconf) +- self.gcc_list.append('core/regexp') +- self.cflags.append("-DUWSGI_PCRE") +- has_pcre = True ++ pcre_libs = spcall('pcre-config --libs') ++ pcre_cflags = spcall("pcre-config --cflags") ++ pcre_define = "-DUWSGI_PCRE" ++ else: ++ pcre_libs = None ++ ++ if required_pcre: ++ if required_pcre != 'auto' and pcre_libs is None: ++ print("*** libpcre headers unavailable. uWSGI build is interrupted. You have to install pcre development package or disable pcre") ++ sys.exit(1) ++ ++ self.libs.append(pcre_libs) ++ self.cflags.append(pcre_cflags) ++ self.gcc_list.append('core/regexp') ++ self.cflags.append(pcre_define) ++ has_pcre = True + + if has_pcre: + report['pcre'] = True +--- a/core/alarm.c ++++ b/core/alarm.c +@@ -160,7 +160,7 @@ static struct uwsgi_alarm_instance *uwsg + } + + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + static int uwsgi_alarm_log_add(char *alarms, char *regexp, int negate) { + + struct uwsgi_alarm_log *old_ual = NULL, *ual = uwsgi.alarm_logs; +@@ -170,7 +170,7 @@ static int uwsgi_alarm_log_add(char *ala + } + + ual = uwsgi_calloc(sizeof(struct uwsgi_alarm_log)); +- if (uwsgi_regexp_build(regexp, &ual->pattern, &ual->pattern_extra)) { ++ if (uwsgi_regexp_build(regexp, &ual->pattern)) { + free(ual); + return -1; + } +@@ -331,7 +331,7 @@ void uwsgi_alarms_init() { + usl = usl->next; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + // then map log-alarm + usl = uwsgi.alarm_logs_list; + while (usl) { +@@ -377,14 +377,14 @@ void uwsgi_alarm_trigger_uai(struct uwsg + } + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + // check if a log should raise an alarm + void uwsgi_alarm_log_check(char *msg, size_t len) { + if (!uwsgi_strncmp(msg, len, "[uwsgi-alarm", 12)) + return; + struct uwsgi_alarm_log *ual = uwsgi.alarm_logs; + while (ual) { +- if (uwsgi_regexp_match(ual->pattern, ual->pattern_extra, msg, len) >= 0) { ++ if (uwsgi_regexp_match(ual->pattern, msg, len) >= 0) { + if (!ual->negate) { + struct uwsgi_alarm_ll *uall = ual->alarms; + while (uall) { +--- a/core/logging.c ++++ b/core/logging.c +@@ -414,7 +414,7 @@ void uwsgi_setup_log_master(void) { + usl = usl->next; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + // set logger by its id + struct uwsgi_regexp_list *url = uwsgi.log_route; + while (url) { +@@ -1398,11 +1398,11 @@ int uwsgi_master_log(void) { + + ssize_t rlen = read(uwsgi.shared->worker_log_pipe[0], uwsgi.log_master_buf, uwsgi.log_master_bufsize); + if (rlen > 0) { +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + uwsgi_alarm_log_check(uwsgi.log_master_buf, rlen); + struct uwsgi_regexp_list *url = uwsgi.log_drain_rules; + while (url) { +- if (uwsgi_regexp_match(url->pattern, url->pattern_extra, uwsgi.log_master_buf, rlen) >= 0) { ++ if (uwsgi_regexp_match(url->pattern, uwsgi.log_master_buf, rlen) >= 0) { + return 0; + } + url = url->next; +@@ -1411,7 +1411,7 @@ int uwsgi_master_log(void) { + int show = 0; + url = uwsgi.log_filter_rules; + while (url) { +- if (uwsgi_regexp_match(url->pattern, url->pattern_extra, uwsgi.log_master_buf, rlen) >= 0) { ++ if (uwsgi_regexp_match(url->pattern, uwsgi.log_master_buf, rlen) >= 0) { + show = 1; + break; + } +@@ -1424,7 +1424,7 @@ int uwsgi_master_log(void) { + url = uwsgi.log_route; + int finish = 0; + while (url) { +- if (uwsgi_regexp_match(url->pattern, url->pattern_extra, uwsgi.log_master_buf, rlen) >= 0) { ++ if (uwsgi_regexp_match(url->pattern, uwsgi.log_master_buf, rlen) >= 0) { + struct uwsgi_logger *ul_route = (struct uwsgi_logger *) url->custom_ptr; + if (ul_route) { + uwsgi_log_func_do(uwsgi.requested_log_encoders, ul_route, uwsgi.log_master_buf, rlen); +@@ -1464,11 +1464,11 @@ int uwsgi_master_req_log(void) { + + ssize_t rlen = read(uwsgi.shared->worker_req_log_pipe[0], uwsgi.log_master_buf, uwsgi.log_master_bufsize); + if (rlen > 0) { +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *url = uwsgi.log_req_route; + int finish = 0; + while (url) { +- if (uwsgi_regexp_match(url->pattern, url->pattern_extra, uwsgi.log_master_buf, rlen) >= 0) { ++ if (uwsgi_regexp_match(url->pattern, uwsgi.log_master_buf, rlen) >= 0) { + struct uwsgi_logger *ul_route = (struct uwsgi_logger *) url->custom_ptr; + if (ul_route) { + uwsgi_log_func_do(uwsgi.requested_log_req_encoders, ul_route, uwsgi.log_master_buf, rlen); +--- a/core/regexp.c ++++ b/core/regexp.c +@@ -1,4 +1,4 @@ +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + #include "uwsgi.h" + + extern struct uwsgi_server uwsgi; +@@ -13,48 +13,110 @@ void uwsgi_opt_pcre_jit(char *opt, char + #endif + } + +-int uwsgi_regexp_build(char *re, pcre ** pattern, pcre_extra ** pattern_extra) { ++int uwsgi_regexp_build(char *re, uwsgi_pcre ** pattern) { + ++#ifdef UWSGI_PCRE2 ++ int errnbr; ++ long unsigned int erroff; ++ ++ *pattern = pcre2_compile((const unsigned char *) re, PCRE2_ZERO_TERMINATED, 0, &errnbr, &erroff, NULL); ++#else + const char *errstr; + int erroff; + +- *pattern = pcre_compile((const char *) re, 0, &errstr, &erroff, NULL); +- if (!*pattern) { ++ *pattern = uwsgi_malloc(sizeof(uwsgi_pcre)); ++ (*pattern)->p = pcre_compile((const char *) re, 0, &errstr, &erroff, NULL); ++#endif ++#ifdef UWSGI_PCRE2 ++ if (!(*pattern)) { ++ uwsgi_log("pcre error: code %d at offset %d\n", errnbr, erroff); ++#else ++ if (!((*pattern)->p)) { + uwsgi_log("pcre error: %s at offset %d\n", errstr, erroff); ++#endif + return -1; + } + ++#ifdef UWSGI_PCRE2 ++ if (uwsgi.pcre_jit) { ++ errnbr = pcre2_jit_compile(*pattern, PCRE2_JIT_COMPLETE); ++ if (errnbr) { ++ pcre2_code_free(*pattern); ++ uwsgi_log("pcre JIT compile error code %d\n", errnbr); ++ return -1; ++ } ++#else + int opt = uwsgi.pcre_jit; + +- *pattern_extra = (pcre_extra *) pcre_study((const pcre *) *pattern, opt, &errstr); +- if (*pattern_extra == NULL && errstr != NULL) { +- pcre_free(*pattern); ++ (*pattern)->extra = (pcre_extra *) pcre_study((const pcre *) (*pattern)->p, opt, &errstr); ++ if ((*pattern)->extra == NULL && errstr != NULL) { ++ pcre_free((*pattern)->p); ++ free(*pattern); + uwsgi_log("pcre (study) error: %s\n", errstr); + return -1; ++#endif + } + + return 0; + + } + +-int uwsgi_regexp_match(pcre * pattern, pcre_extra * pattern_extra, char *subject, int length) { +- +- return pcre_exec((const pcre *) pattern, (const pcre_extra *) pattern_extra, subject, length, 0, 0, NULL, 0); ++int uwsgi_regexp_match(uwsgi_pcre *pattern, const char *subject, int length) { ++#ifdef UWSGI_PCRE2 ++ return pcre2_match(pattern, (const unsigned char *)subject, length, 0, 0, NULL, NULL); ++#else ++ return pcre_exec((const pcre *) pattern->p, (const pcre_extra *) pattern->extra, subject, length, 0, 0, NULL, 0); ++#endif + } + +-int uwsgi_regexp_match_ovec(pcre * pattern, pcre_extra * pattern_extra, char *subject, int length, int *ovec, int n) { ++int uwsgi_regexp_match_ovec(uwsgi_pcre *pattern, const char *subject, int length, int *ovec, int n) { ++ ++#ifdef UWSGI_PCRE2 ++ int rc; ++ int i; ++ pcre2_match_data *match_data; ++ size_t *pcre2_ovec; ++ ++ match_data = pcre2_match_data_create_from_pattern(pattern, NULL); ++ rc = pcre2_match(pattern, (const unsigned char *)subject, length, 0, 0, match_data, NULL); + ++ /* ++ * Quoting PCRE{,2} spec, "The first pair of integers, ovector[0] ++ * and ovector[1], identify the portion of the subject string matched ++ * by the entire pattern. The next pair is used for the first capturing ++ * subpattern, and so on." Therefore, the ovector size is the number of ++ * capturing subpatterns (INFO_CAPTURECOUNT), from uwsgi_regexp_ovector(), ++ * as matching pairs, plus room for the first pair. ++ */ + if (n > 0) { +- return pcre_exec((const pcre *) pattern, (const pcre_extra *) pattern_extra, subject, length, 0, 0, ovec, (n + 1) * 3); ++ // copy pcre2 output vector to uwsgi output vector ++ pcre2_ovec = pcre2_get_ovector_pointer(match_data); ++ for (i=0;i<(n+1)*2;i++) { ++ ovec[i] = pcre2_ovec[i]; ++ } ++#else ++ if (n > 0) { ++ return pcre_exec((const pcre *) pattern->p, (const pcre_extra *) pattern->extra, subject, length, 0, 0, ovec, PCRE_OVECTOR_BYTESIZE(n)); ++#endif + } +- return pcre_exec((const pcre *) pattern, (const pcre_extra *) pattern_extra, subject, length, 0, 0, NULL, 0); ++ ++#ifdef UWSGI_PCRE2 ++ pcre2_match_data_free(match_data); ++ ++ return rc; ++#else ++ return pcre_exec((const pcre *) pattern->p, (const pcre_extra *) pattern->extra, subject, length, 0, 0, NULL, 0); ++#endif + } + +-int uwsgi_regexp_ovector(pcre * pattern, pcre_extra * pattern_extra) { ++int uwsgi_regexp_ovector(const uwsgi_pcre *pattern) { + + int n; +- +- if (pcre_fullinfo((const pcre *) pattern, (const pcre_extra *) pattern_extra, PCRE_INFO_CAPTURECOUNT, &n)) ++#ifdef UWSGI_PCRE2 ++ if (pcre2_pattern_info(pattern, PCRE2_INFO_CAPTURECOUNT, &n)) ++#else ++ if (pcre_fullinfo((const pcre *) pattern->p, (const pcre_extra *) pattern->extra, PCRE_INFO_CAPTURECOUNT, &n)) ++#endif + return 0; + + return n; +@@ -66,7 +128,7 @@ char *uwsgi_regexp_apply_ovec(char *src, + int dollar = 0; + + size_t dollars = n; +- ++ + for(i=0;ipattern, routes->pattern_extra, subject, subject_len, routes->ovector[wsgi_req->async_id], routes->ovn[wsgi_req->async_id]); ++ n = uwsgi_regexp_match_ovec(routes->pattern, subject, subject_len, routes->ovector[wsgi_req->async_id], routes->ovn[wsgi_req->async_id]); + } + else { + int ret = routes->if_func(wsgi_req, routes); +@@ -506,15 +506,15 @@ void uwsgi_fixup_routes(struct uwsgi_rou + + // fill them if needed... (this is an optimization for route with a static subject) + if (ur->subject && ur->subject_len) { +- if (uwsgi_regexp_build(ur->orig_route, &ur->pattern, &ur->pattern_extra)) { ++ if (uwsgi_regexp_build(ur->orig_route, &ur->pattern)) { + exit(1); + } + + int i; + for(i=0;iovn[i] = uwsgi_regexp_ovector(ur->pattern, ur->pattern_extra); ++ ur->ovn[i] = uwsgi_regexp_ovector(ur->pattern); + if (ur->ovn[i] > 0) { +- ur->ovector[i] = uwsgi_calloc(sizeof(int) * (3 * (ur->ovn[i] + 1))); ++ ur->ovector[i] = uwsgi_calloc(sizeof(int) * PCRE_OVECTOR_BYTESIZE(ur->ovn[i])); + } + } + } +@@ -1484,38 +1484,47 @@ static int uwsgi_route_condition_regexp( + ur->condition_ub[wsgi_req->async_id] = uwsgi_routing_translate(wsgi_req, ur, NULL, 0, ur->subject_str, semicolon - ur->subject_str); + if (!ur->condition_ub[wsgi_req->async_id]) return -1; + +- pcre *pattern; +- pcre_extra *pattern_extra; ++ uwsgi_pcre *pattern; + char *re = uwsgi_concat2n(semicolon+1, ur->subject_str_len - ((semicolon+1) - ur->subject_str), "", 0); +- if (uwsgi_regexp_build(re, &pattern, &pattern_extra)) { ++ if (uwsgi_regexp_build(re, &pattern)) { + free(re); + return -1; + } + free(re); + + // a condition has no initialized vectors, let's create them +- ur->ovn[wsgi_req->async_id] = uwsgi_regexp_ovector(pattern, pattern_extra); ++ ur->ovn[wsgi_req->async_id] = uwsgi_regexp_ovector(pattern); + if (ur->ovn[wsgi_req->async_id] > 0) { + ur->ovector[wsgi_req->async_id] = uwsgi_calloc(sizeof(int) * (3 * (ur->ovn[wsgi_req->async_id] + 1))); + } + +- if (uwsgi_regexp_match_ovec(pattern, pattern_extra, ur->condition_ub[wsgi_req->async_id]->buf, ur->condition_ub[wsgi_req->async_id]->pos, ur->ovector[wsgi_req->async_id], ur->ovn[wsgi_req->async_id] ) >= 0) { +- pcre_free(pattern); ++ if (uwsgi_regexp_match_ovec(pattern, ur->condition_ub[wsgi_req->async_id]->buf, ur->condition_ub[wsgi_req->async_id]->pos, ur->ovector[wsgi_req->async_id], ur->ovn[wsgi_req->async_id] ) >= 0) { ++#ifdef UWSGI_PCRE2 ++ pcre2_code_free(pattern); ++#else ++ pcre_free(pattern->p); + #ifdef PCRE_STUDY_JIT_COMPILE +- pcre_free_study(pattern_extra); ++ pcre_free_study(pattern->extra); + #else +- pcre_free(pattern_extra); ++ pcre_free(pattern->extra); ++#endif ++ free(pattern); + #endif + return 1; + } + +- pcre_free(pattern); ++#ifdef UWSGI_PCRE2 ++ pcre2_code_free(pattern); ++#else ++ pcre_free(pattern->p); + #ifdef PCRE_STUDY_JIT_COMPILE +- pcre_free_study(pattern_extra); ++ pcre_free_study(pattern->extra); + #else +- pcre_free(pattern_extra); ++ pcre_free(pattern->extra); + #endif +- return 0; ++ free(pattern); ++#endif ++ return 0; + } + + static int uwsgi_route_condition_empty(struct wsgi_request *wsgi_req, struct uwsgi_route *ur) { +--- a/core/ssl.c ++++ b/core/ssl.c +@@ -145,10 +145,10 @@ static int uwsgi_sni_cb(SSL *ssl, int *a + + if (uwsgi.subscription_dotsplit) goto end; + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *url = uwsgi.sni_regexp; + while(url) { +- if (uwsgi_regexp_match(url->pattern, url->pattern_extra, (char *)servername, servername_len) >= 0) { ++ if (uwsgi_regexp_match(url->pattern, (char *)servername, servername_len) >= 0) { + SSL_set_SSL_CTX(ssl, url->custom_ptr); + return SSL_TLSEXT_ERR_OK; + } +@@ -621,7 +621,7 @@ void uwsgi_opt_sni(char *opt, char *valu + return; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + if (!strcmp(opt, "sni-regexp")) { + struct uwsgi_regexp_list *url = uwsgi_regexp_new_list(&uwsgi.sni_regexp, v); + url->custom_ptr = ctx; +@@ -630,7 +630,7 @@ void uwsgi_opt_sni(char *opt, char *valu + #endif + struct uwsgi_string_list *usl = uwsgi_string_new_list(&uwsgi.sni, v); + usl->custom_ptr = ctx; +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + } + #endif + +--- a/core/static.c ++++ b/core/static.c +@@ -35,11 +35,11 @@ int uwsgi_static_want_gzip(struct wsgi_r + usl = usl->next; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + // check for regexp + struct uwsgi_regexp_list *url = uwsgi.static_gzip; + while(url) { +- if (uwsgi_regexp_match(url->pattern, url->pattern_extra, filename, *filename_len) >= 0) { ++ if (uwsgi_regexp_match(url->pattern, filename, *filename_len) >= 0) { + goto gzip; + } + url = url->next; +@@ -216,7 +216,7 @@ int uwsgi_add_expires_type(struct wsgi_r + return 0; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + int uwsgi_add_expires(struct wsgi_request *wsgi_req, char *filename, int filename_len, struct stat *st) { + + struct uwsgi_dyn_dict *udd = uwsgi.static_expires; +@@ -225,7 +225,7 @@ int uwsgi_add_expires(struct wsgi_reques + char expires[31]; + + while (udd) { +- if (uwsgi_regexp_match(udd->pattern, udd->pattern_extra, filename, filename_len) >= 0) { ++ if (uwsgi_regexp_match(udd->pattern, filename, filename_len) >= 0) { + int delta = uwsgi_str_num(udd->value, udd->vallen); + int size = uwsgi_http_date(now + delta, expires); + if (size > 0) { +@@ -238,7 +238,7 @@ int uwsgi_add_expires(struct wsgi_reques + + udd = uwsgi.static_expires_mtime; + while (udd) { +- if (uwsgi_regexp_match(udd->pattern, udd->pattern_extra, filename, filename_len) >= 0) { ++ if (uwsgi_regexp_match(udd->pattern, filename, filename_len) >= 0) { + int delta = uwsgi_str_num(udd->value, udd->vallen); + int size = uwsgi_http_date(st->st_mtime + delta, expires); + if (size > 0) { +@@ -260,7 +260,7 @@ int uwsgi_add_expires_path_info(struct w + char expires[31]; + + while (udd) { +- if (uwsgi_regexp_match(udd->pattern, udd->pattern_extra, wsgi_req->path_info, wsgi_req->path_info_len) >= 0) { ++ if (uwsgi_regexp_match(udd->pattern, wsgi_req->path_info, wsgi_req->path_info_len) >= 0) { + int delta = uwsgi_str_num(udd->value, udd->vallen); + int size = uwsgi_http_date(now + delta, expires); + if (size > 0) { +@@ -273,7 +273,7 @@ int uwsgi_add_expires_path_info(struct w + + udd = uwsgi.static_expires_path_info_mtime; + while (udd) { +- if (uwsgi_regexp_match(udd->pattern, udd->pattern_extra, wsgi_req->path_info, wsgi_req->path_info_len) >= 0) { ++ if (uwsgi_regexp_match(udd->pattern, wsgi_req->path_info, wsgi_req->path_info_len) >= 0) { + int delta = uwsgi_str_num(udd->value, udd->vallen); + int size = uwsgi_http_date(st->st_mtime + delta, expires); + if (size > 0) { +@@ -295,7 +295,7 @@ int uwsgi_add_expires_uri(struct wsgi_re + char expires[31]; + + while (udd) { +- if (uwsgi_regexp_match(udd->pattern, udd->pattern_extra, wsgi_req->uri, wsgi_req->uri_len) >= 0) { ++ if (uwsgi_regexp_match(udd->pattern, wsgi_req->uri, wsgi_req->uri_len) >= 0) { + int delta = uwsgi_str_num(udd->value, udd->vallen); + int size = uwsgi_http_date(now + delta, expires); + if (size > 0) { +@@ -308,7 +308,7 @@ int uwsgi_add_expires_uri(struct wsgi_re + + udd = uwsgi.static_expires_uri_mtime; + while (udd) { +- if (uwsgi_regexp_match(udd->pattern, udd->pattern_extra, wsgi_req->uri, wsgi_req->uri_len) >= 0) { ++ if (uwsgi_regexp_match(udd->pattern, wsgi_req->uri, wsgi_req->uri_len) >= 0) { + int delta = uwsgi_str_num(udd->value, udd->vallen); + int size = uwsgi_http_date(st->st_mtime + delta, expires); + if (size > 0) { +@@ -507,7 +507,7 @@ int uwsgi_real_file_serve(struct wsgi_re + if (uwsgi_response_prepare_headers(wsgi_req, "200 OK", 6)) return -1; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + uwsgi_add_expires(wsgi_req, real_filename, real_filename_len, st); + uwsgi_add_expires_path_info(wsgi_req, st); + uwsgi_add_expires_uri(wsgi_req, st); +--- a/core/utils.c ++++ b/core/utils.c +@@ -2301,7 +2301,7 @@ struct uwsgi_string_list *uwsgi_string_n + return uwsgi_string; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *uwsgi_regexp_custom_new_list(struct uwsgi_regexp_list **list, char *value, char *custom) { + + struct uwsgi_regexp_list *url = *list, *old_url; +@@ -2320,7 +2320,7 @@ struct uwsgi_regexp_list *uwsgi_regexp_c + old_url->next = url; + } + +- if (uwsgi_regexp_build(value, &url->pattern, &url->pattern_extra)) { ++ if (uwsgi_regexp_build(value, &url->pattern)) { + exit(1); + } + url->next = NULL; +@@ -2333,14 +2333,13 @@ struct uwsgi_regexp_list *uwsgi_regexp_c + + int uwsgi_regexp_match_pattern(char *pattern, char *str) { + +- pcre *regexp; +- pcre_extra *regexp_extra; ++ uwsgi_pcre *regexp; + +- if (uwsgi_regexp_build(pattern, ®exp, ®exp_extra)) ++ if (uwsgi_regexp_build(pattern, ®exp)) + return 1; +- return !uwsgi_regexp_match(regexp, regexp_extra, str, strlen(str)); +-} + ++ return !uwsgi_regexp_match(regexp, str, strlen(str)); ++} + + #endif + +--- a/core/uwsgi.c ++++ b/core/uwsgi.c +@@ -130,7 +130,7 @@ static struct uwsgi_option uwsgi_base_op + {"if-hostname", required_argument, 0, "(opt logic) check for hostname", uwsgi_opt_logic, (void *) uwsgi_logic_opt_if_hostname, UWSGI_OPT_IMMEDIATE}, + {"if-not-hostname", required_argument, 0, "(opt logic) check for hostname", uwsgi_opt_logic, (void *) uwsgi_logic_opt_if_not_hostname, UWSGI_OPT_IMMEDIATE}, + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"if-hostname-match", required_argument, 0, "(opt logic) try to match hostname against a regular expression", uwsgi_opt_logic, (void *) uwsgi_logic_opt_if_hostname_match, UWSGI_OPT_IMMEDIATE}, + {"if-not-hostname-match", required_argument, 0, "(opt logic) try to match hostname against a regular expression", uwsgi_opt_logic, (void *) uwsgi_logic_opt_if_not_hostname_match, UWSGI_OPT_IMMEDIATE}, + #endif +@@ -548,7 +548,7 @@ static struct uwsgi_option uwsgi_base_op + {"ksm", optional_argument, 0, "enable Linux KSM", uwsgi_opt_set_int, &uwsgi.linux_ksm, 0}, + #endif + #endif +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"pcre-jit", no_argument, 0, "enable pcre jit (if available)", uwsgi_opt_pcre_jit, NULL, UWSGI_OPT_IMMEDIATE}, + #endif + {"never-swap", no_argument, 0, "lock all memory pages avoiding swapping", uwsgi_opt_true, &uwsgi.never_swap, 0}, +@@ -679,7 +679,7 @@ static struct uwsgi_option uwsgi_base_op + {"ssl-enable-sslv3", no_argument, 0, "enable SSLv3 (insecure)", uwsgi_opt_true, &uwsgi.sslv3, 0}, + {"ssl-enable-tlsv1", no_argument, 0, "enable TLSv1 (insecure)", uwsgi_opt_true, &uwsgi.tlsv1, 0}, + {"ssl-option", required_argument, 0, "set a raw ssl option (numeric value)", uwsgi_opt_add_string_list, &uwsgi.ssl_options, 0}, +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"sni-regexp", required_argument, 0, "add an SNI-governed SSL context (the key is a regexp)", uwsgi_opt_sni, NULL, 0}, + #endif + {"ssl-tmp-dir", required_argument, 0, "store ssl-related temp files in the specified directory", uwsgi_opt_set_str, &uwsgi.ssl_tmp_dir, 0}, +@@ -715,7 +715,7 @@ static struct uwsgi_option uwsgi_base_op + {"log-req-encoder", required_argument, 0, "add an item in the log req encoder chain", uwsgi_opt_add_string_list, &uwsgi.requested_log_req_encoders, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, + + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"log-drain", required_argument, 0, "drain (do not show) log lines matching the specified regexp", uwsgi_opt_add_regexp_list, &uwsgi.log_drain_rules, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, + {"log-filter", required_argument, 0, "show only log lines matching the specified regexp", uwsgi_opt_add_regexp_list, &uwsgi.log_filter_rules, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, + {"log-route", required_argument, 0, "log to the specified named logger if regexp applied on logline matches", uwsgi_opt_add_regexp_custom_list, &uwsgi.log_route, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, +@@ -736,7 +736,7 @@ static struct uwsgi_option uwsgi_base_op + {"alarm-lq", required_argument, 0, "raise the specified alarm when the socket backlog queue is full", uwsgi_opt_add_string_list, &uwsgi.alarm_backlog, UWSGI_OPT_MASTER}, + {"alarm-listen-queue", required_argument, 0, "raise the specified alarm when the socket backlog queue is full", uwsgi_opt_add_string_list, &uwsgi.alarm_backlog, UWSGI_OPT_MASTER}, + {"listen-queue-alarm", required_argument, 0, "raise the specified alarm when the socket backlog queue is full", uwsgi_opt_add_string_list, &uwsgi.alarm_backlog, UWSGI_OPT_MASTER}, +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"log-alarm", required_argument, 0, "raise the specified alarm when a log line matches the specified regexp, syntax: [,alarm...] ", uwsgi_opt_add_string_list, &uwsgi.alarm_logs_list, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, + {"alarm-log", required_argument, 0, "raise the specified alarm when a log line matches the specified regexp, syntax: [,alarm...] ", uwsgi_opt_add_string_list, &uwsgi.alarm_logs_list, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, + {"not-log-alarm", required_argument, 0, "skip the specified alarm when a log line matches the specified regexp, syntax: [,alarm...] ", uwsgi_opt_add_string_list_custom, &uwsgi.alarm_logs_list, UWSGI_OPT_MASTER | UWSGI_OPT_LOG_MASTER}, +@@ -915,7 +915,7 @@ static struct uwsgi_option uwsgi_base_op + {"static-expires-type", required_argument, 0, "set the Expires header based on content type", uwsgi_opt_add_dyn_dict, &uwsgi.static_expires_type, UWSGI_OPT_MIME}, + {"static-expires-type-mtime", required_argument, 0, "set the Expires header based on content type and file mtime", uwsgi_opt_add_dyn_dict, &uwsgi.static_expires_type_mtime, UWSGI_OPT_MIME}, + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"static-expires", required_argument, 0, "set the Expires header based on filename regexp", uwsgi_opt_add_regexp_dyn_dict, &uwsgi.static_expires, UWSGI_OPT_MIME}, + {"static-expires-mtime", required_argument, 0, "set the Expires header based on filename regexp and file mtime", uwsgi_opt_add_regexp_dyn_dict, &uwsgi.static_expires_mtime, UWSGI_OPT_MIME}, + +@@ -2424,7 +2424,7 @@ void uwsgi_setup(int argc, char *argv[], + } + + uwsgi_log_initial("clock source: %s\n", uwsgi.clock->name); +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + if (uwsgi.pcre_jit) { + uwsgi_log_initial("pcre jit enabled\n"); + } +@@ -4186,7 +4186,7 @@ void uwsgi_opt_add_string_list_custom(ch + usl->custom = 1; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + void uwsgi_opt_add_regexp_list(char *opt, char *value, void *list) { + struct uwsgi_regexp_list **ptr = (struct uwsgi_regexp_list **) list; + uwsgi_regexp_new_list(ptr, value); +@@ -4452,7 +4452,7 @@ void uwsgi_opt_add_dyn_dict(char *opt, c + + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + void uwsgi_opt_add_regexp_dyn_dict(char *opt, char *value, void *dict) { + + char *space = strchr(value, ' '); +@@ -4467,7 +4467,7 @@ void uwsgi_opt_add_regexp_dyn_dict(char + + char *regexp = uwsgi_concat2n(value, space - value, "", 0); + +- if (uwsgi_regexp_build(regexp, &new_udd->pattern, &new_udd->pattern_extra)) { ++ if (uwsgi_regexp_build(regexp, &new_udd->pattern)) { + exit(1); + } + +--- a/uwsgi.h ++++ b/uwsgi.h +@@ -438,8 +438,26 @@ struct uwsgi_lock_ops { + #define uwsgi_wait_read_req(x) uwsgi.wait_read_hook(x->fd, uwsgi.socket_timeout) ; x->switches++ + #define uwsgi_wait_write_req(x) uwsgi.wait_write_hook(x->fd, uwsgi.socket_timeout) ; x->switches++ + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) ++#ifdef UWSGI_PCRE2 ++ ++#define PCRE2_CODE_UNIT_WIDTH 8 ++#include ++#define PCRE_OVECTOR_BYTESIZE(n) (n+1)*2 ++ ++typedef pcre2_code uwsgi_pcre; ++ ++#else ++ + #include ++#define PCRE_OVECTOR_BYTESIZE(n) (n+1)*3 ++ ++typedef struct { ++ pcre *p; ++ pcre_extra *extra; ++} uwsgi_pcre; ++ ++#endif + #endif + + struct uwsgi_dyn_dict { +@@ -455,9 +473,8 @@ struct uwsgi_dyn_dict { + struct uwsgi_dyn_dict *prev; + struct uwsgi_dyn_dict *next; + +-#ifdef UWSGI_PCRE +- pcre *pattern; +- pcre_extra *pattern_extra; ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) ++ uwsgi_pcre *pattern; + #endif + + }; +@@ -468,11 +485,10 @@ struct uwsgi_hook { + struct uwsgi_hook *next; + }; + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list { + +- pcre *pattern; +- pcre_extra *pattern_extra; ++ uwsgi_pcre *pattern; + + uint64_t custom; + char *custom_str; +@@ -1089,11 +1105,11 @@ struct uwsgi_plugin { + void (*post_uwsgi_fork) (int); + }; + +-#ifdef UWSGI_PCRE +-int uwsgi_regexp_build(char *, pcre **, pcre_extra **); +-int uwsgi_regexp_match(pcre *, pcre_extra *, char *, int); +-int uwsgi_regexp_match_ovec(pcre *, pcre_extra *, char *, int, int *, int); +-int uwsgi_regexp_ovector(pcre *, pcre_extra *); ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) ++int uwsgi_regexp_build(char *, uwsgi_pcre **); ++int uwsgi_regexp_match(uwsgi_pcre *, const char *, int); ++int uwsgi_regexp_match_ovec(uwsgi_pcre *, const char *, int, int *, int); ++int uwsgi_regexp_ovector(const uwsgi_pcre *); + char *uwsgi_regexp_apply_ovec(char *, int, char *, int, int *, int); + + int uwsgi_regexp_match_pattern(char *pattern, char *str); +@@ -1182,8 +1198,7 @@ struct uwsgi_spooler { + + struct uwsgi_route { + +- pcre *pattern; +- pcre_extra *pattern_extra; ++ uwsgi_pcre *pattern; + + char *orig_route; + +@@ -1292,15 +1307,14 @@ struct uwsgi_alarm_fd { + + struct uwsgi_alarm_fd *uwsgi_add_alarm_fd(int, char *, size_t, char *, size_t); + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_alarm_ll { + struct uwsgi_alarm_instance *alarm; + struct uwsgi_alarm_ll *next; + }; + + struct uwsgi_alarm_log { +- pcre *pattern; +- pcre_extra *pattern_extra; ++ uwsgi_pcre *pattern; + int negate; + struct uwsgi_alarm_ll *alarms; + struct uwsgi_alarm_log *next; +@@ -2234,7 +2248,7 @@ struct uwsgi_server { + struct uwsgi_string_list *requested_log_encoders; + struct uwsgi_string_list *requested_log_req_encoders; + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + int pcre_jit; + struct uwsgi_regexp_list *log_drain_rules; + struct uwsgi_regexp_list *log_filter_rules; +@@ -2316,7 +2330,7 @@ struct uwsgi_server { + int static_gzip_all; + struct uwsgi_string_list *static_gzip_dir; + struct uwsgi_string_list *static_gzip_ext; +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *static_gzip; + #endif + +@@ -2715,7 +2729,7 @@ struct uwsgi_server { + int ssl_sessions_timeout; + struct uwsgi_cache *ssl_sessions_cache; + char *ssl_tmp_dir; +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *sni_regexp; + #endif + struct uwsgi_string_list *sni; +@@ -3584,7 +3598,7 @@ void uwsgi_shutdown_all_sockets(void); + void uwsgi_close_all_unshared_sockets(void); + + struct uwsgi_string_list *uwsgi_string_new_list(struct uwsgi_string_list **, char *); +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *uwsgi_regexp_custom_new_list(struct uwsgi_regexp_list **, char *, char *); + #define uwsgi_regexp_new_list(x, y) uwsgi_regexp_custom_new_list(x, y, NULL); + #endif +@@ -3838,7 +3852,7 @@ void uwsgi_opt_add_addr_list(char *, cha + void uwsgi_opt_add_string_list_custom(char *, char *, void *); + void uwsgi_opt_add_dyn_dict(char *, char *, void *); + void uwsgi_opt_binary_append_data(char *, char *, void *); +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + void uwsgi_opt_pcre_jit(char *, char *, void *); + void uwsgi_opt_add_regexp_dyn_dict(char *, char *, void *); + void uwsgi_opt_add_regexp_list(char *, char *, void *); +--- a/.github/workflows/compile-test.yml ++++ b/.github/workflows/compile-test.yml +@@ -9,6 +9,10 @@ on: + jobs: + build: + ++ strategy: ++ matrix: ++ libpcre: [libpcre3-dev, libpcre2-dev] ++ + runs-on: ubuntu-20.04 + + steps: +@@ -20,7 +24,7 @@ jobs: + run: | + sudo apt update -qq + sudo apt install --no-install-recommends -qqyf python3.8-dev \ +- libxml2-dev libpcre3-dev libcap2-dev \ ++ libxml2-dev ${{ matrix.libpcre }} libcap2-dev \ + libargon2-0-dev libsodium-dev \ + php7.4-dev libphp7.4-embed \ + liblua5.1-0-dev ruby2.7-dev \ +--- a/.github/workflows/test.yml ++++ b/.github/workflows/test.yml +@@ -21,7 +21,7 @@ jobs: + run: | + sudo apt update -qq + sudo apt install --no-install-recommends -qqyf python${{ matrix.python-version }}-dev \ +- libpcre3-dev libjansson-dev libcap2-dev \ ++ libpcre2-dev libjansson-dev libcap2-dev \ + curl check + - name: Install distutils + if: contains(fromJson('["3.6","3.7","3.8","3.9","3.10","3.11"]'), matrix.python-version) +--- a/plugins/php/php_plugin.c ++++ b/plugins/php/php_plugin.c +@@ -16,7 +16,7 @@ struct uwsgi_php { + struct uwsgi_string_list *index; + struct uwsgi_string_list *set; + struct uwsgi_string_list *append_config; +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *app_bypass; + #endif + struct uwsgi_string_list *vars; +@@ -63,7 +63,7 @@ struct uwsgi_option uwsgi_php_options[] + {"php-fallback", required_argument, 0, "run the specified php script when the requested one does not exist", uwsgi_opt_set_str, &uphp.fallback, 0}, + {"php-fallback2", required_argument, 0, "run the specified php script relative to the document root when the requested one does not exist", uwsgi_opt_set_str, &uphp.fallback2, 0}, + {"php-fallback-qs", required_argument, 0, "php-fallback with QUERY_STRING set", uwsgi_opt_set_str, &uphp.fallback_qs, 0}, +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + {"php-app-bypass", required_argument, 0, "if the regexp matches the uri the --php-app is bypassed", uwsgi_opt_add_regexp_list, &uphp.app_bypass, 0}, + #endif + {"php-var", required_argument, 0, "add/overwrite a CGI variable at each request", uwsgi_opt_add_string_list, &uphp.vars, 0}, +@@ -810,10 +810,14 @@ int uwsgi_php_request(struct wsgi_reques + wsgi_req->document_root_len = strlen(wsgi_req->document_root); + + if (uphp.app) { +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + struct uwsgi_regexp_list *bypass = uphp.app_bypass; + while (bypass) { ++#ifdef UWSGI_PCRE2 ++ if (uwsgi_regexp_match(bypass->pattern, wsgi_req->uri, wsgi_req->uri_len) >= 0) { ++#else + if (uwsgi_regexp_match(bypass->pattern, bypass->pattern_extra, wsgi_req->uri, wsgi_req->uri_len) >= 0) { ++#endif + goto oldstyle; + } + bypass = bypass->next; +@@ -849,7 +853,7 @@ appready: + goto secure2; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + oldstyle: + #endif + +--- a/core/config.c ++++ b/core/config.c +@@ -314,7 +314,7 @@ int uwsgi_logic_opt_if_not_hostname(char + return 0; + } + +-#ifdef UWSGI_PCRE ++#if defined(UWSGI_PCRE) || defined(UWSGI_PCRE2) + int uwsgi_logic_opt_if_hostname_match(char *key, char *value) { + if (uwsgi_regexp_match_pattern(uwsgi.logic_opt_data, uwsgi.hostname)) { + add_exported_option(key, uwsgi_substitute(value, "%(_)", uwsgi.logic_opt_data), 0); From 6cd80e07273d7e7f291f15601f0cf77f88732351 Mon Sep 17 00:00:00 2001 From: Dengfeng Liu Date: Fri, 22 Sep 2023 03:40:23 +0000 Subject: [PATCH 24/29] xfrpc: update to version 2.9.644 Release notes: https://github.com/liudf0716/xfrpc/releases/tag/2.9.644 Signed-off-by: Dengfeng Liu --- net/xfrpc/Makefile | 4 ++-- net/xfrpc/files/xfrpc.init | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/net/xfrpc/Makefile b/net/xfrpc/Makefile index d25c6b01c..684bb84fb 100644 --- a/net/xfrpc/Makefile +++ b/net/xfrpc/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=xfrpc -PKG_VERSION:=2.6.633 +PKG_VERSION:=2.9.644 PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/liudf0716/xfrpc.git PKG_SOURCE_VERSION:=$(PKG_VERSION) -PKG_MIRROR_HASH:=b9d5c2f8dd0d323169a824bb59d65bcc27fe6e0564c6aede5b966220b99ccc7b +PKG_MIRROR_HASH:=99cda337c641664d94abc3fe4e144c13a7f3191951e917e7a837ab88a7df4515 PKG_MAINTAINER:=Dengfeng Liu PKG_LICENSE:=GPL-3.0-or-later diff --git a/net/xfrpc/files/xfrpc.init b/net/xfrpc/files/xfrpc.init index 3b0ddedaf..cc803b0a2 100755 --- a/net/xfrpc/files/xfrpc.init +++ b/net/xfrpc/files/xfrpc.init @@ -28,7 +28,7 @@ handle_xfrpc() { echo "local_ip = $local_ip" >> "$config" echo "local_port = $local_port" >> "$config" case "$type" in - tcp) + tcp|mstsc|socks5) config_get remote_port "$name" remote_port echo "remote_port = $remote_port" >> "$config" ;; From c6371813da093e30d337524fb71a57147bc48bd1 Mon Sep 17 00:00:00 2001 From: Javier Marcet Date: Thu, 21 Sep 2023 19:28:23 +0200 Subject: [PATCH 25/29] docker-compose: Update to version 2.22.0 Signed-off-by: Javier Marcet --- utils/docker-compose/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/docker-compose/Makefile b/utils/docker-compose/Makefile index 139148a8c..1d3e7424f 100644 --- a/utils/docker-compose/Makefile +++ b/utils/docker-compose/Makefile @@ -1,14 +1,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=compose -PKG_VERSION:=2.21.0 +PKG_VERSION:=2.22.0 PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE PKG_SOURCE:=v$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/docker/compose/tar.gz/v${PKG_VERSION}? -PKG_HASH:=0014b23382a50c90f91849e491500568366052882e22011822ca2d8a3b2976f2 +PKG_HASH:=82bd4622729cff061b3489bad96b54849a7f4b462345aade1bd374c879db9019 PKG_MAINTAINER:=Javier Marcet From 830552b624a5be6ebc6dcdb39096d18d31cadf5d Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Sat, 23 Sep 2023 22:48:16 +0800 Subject: [PATCH 26/29] dnsproxy: Update to 0.55.0 Signed-off-by: Tianling Shen --- net/dnsproxy/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/dnsproxy/Makefile b/net/dnsproxy/Makefile index b791903f1..f8b4735f0 100644 --- a/net/dnsproxy/Makefile +++ b/net/dnsproxy/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnsproxy -PKG_VERSION:=0.54.0 +PKG_VERSION:=0.55.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/AdguardTeam/dnsproxy/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=13d25158408387995cbb294efe630f14bf1340f50305e895854c950e1a34d498 +PKG_HASH:=fecda5ee48a2f43edce47fe3e384ab931c36abd24aa09198014f8fd90f6a4664 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=Apache-2.0 @@ -21,7 +21,7 @@ PKG_BUILD_PARALLEL:=1 PKG_BUILD_FLAGS:=no-mips16 GO_PKG:=github.com/AdguardTeam/dnsproxy -GO_PKG_LDFLAGS_X:=main.VersionString=v$(PKG_VERSION) +GO_PKG_LDFLAGS_X:=$(GO_PKG)/internal/version.version=v$(PKG_VERSION) include $(INCLUDE_DIR)/package.mk include ../../lang/golang/golang-package.mk From eb711e2eb2ab896018751bf3c7a66cbff6a43317 Mon Sep 17 00:00:00 2001 From: Tianling Shen Date: Sat, 23 Sep 2023 22:48:27 +0800 Subject: [PATCH 27/29] dnslookup: Update to 1.10.0 Signed-off-by: Tianling Shen --- net/dnslookup/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/net/dnslookup/Makefile b/net/dnslookup/Makefile index 3ac257c33..306b35bde 100644 --- a/net/dnslookup/Makefile +++ b/net/dnslookup/Makefile @@ -5,12 +5,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dnslookup -PKG_VERSION:=1.9.2 +PKG_VERSION:=1.10.0 PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/ameshkov/dnslookup/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=0f9b19f57c0d2fbae03e6ba2f652af017e3ceb8f8ed2a3efb3f983e48bc304fe +PKG_HASH:=6001fa5b54ba3a1b29f68eed4d12b026a1b716b1578342621f398fd4d569d199 PKG_MAINTAINER:=Tianling Shen PKG_LICENSE:=MIT From 992807ca35ce3a8ef3dae8f71d9b1e6dbe724e22 Mon Sep 17 00:00:00 2001 From: Tyler Young Date: Wed, 20 Sep 2023 01:37:16 +0000 Subject: [PATCH 28/29] tailscale: update to version 1.48.2 Release notes: https://github.com/tailscale/tailscale/releases/tag/v1.48.2 Signed-off-by: Tyler Young --- net/tailscale/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/tailscale/Makefile b/net/tailscale/Makefile index 48152ec90..f9c7488c1 100644 --- a/net/tailscale/Makefile +++ b/net/tailscale/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=tailscale -PKG_VERSION:=1.48.1 -PKG_RELEASE:=2 +PKG_VERSION:=1.48.2 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/tailscale/tailscale/tar.gz/v$(PKG_VERSION)? -PKG_HASH:=6b3152cdd9ed915c01ce30f3967c0d4e04e2a81053eddeb93792d93088fe2d72 +PKG_HASH:=1c34c5c2c3b78e59ffb824b356418ff828653c62885b126d0d05f300218b36b5 PKG_MAINTAINER:=Jan Pavlinec PKG_LICENSE:=BSD-3-Clause From 5b3e517be4a1d2674fc12ea81a60ba885423758a Mon Sep 17 00:00:00 2001 From: Dengfeng Liu Date: Fri, 22 Sep 2023 02:00:21 +0000 Subject: [PATCH 29/29] apfree-wifidog: Update to v6.08.1950 Fixed some memory leak bug Signed-off-by: Dengfeng Liu --- net/apfree-wifidog/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/net/apfree-wifidog/Makefile b/net/apfree-wifidog/Makefile index f106385d3..8cf93e017 100644 --- a/net/apfree-wifidog/Makefile +++ b/net/apfree-wifidog/Makefile @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk PKG_NAME:=apfree-wifidog -PKG_VERSION:=6.02.1939 -PKG_RELEASE:=6 +PKG_VERSION:=6.08.1950 +PKG_RELEASE:=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL:=https://github.com/liudf0716/apfree-wifidog.git PKG_SOURCE_VERSION:=$(PKG_VERSION) -PKG_MIRROR_HASH:=b9e059c06427ad87312ea8a63c47d713dbad82ab0875778efe9f889e9c6b9c20 +PKG_MIRROR_HASH:=1fb8f80970b29e7af382c6d35cb23ee6eb932483579ce9497e21ce0fb65a381f PKG_MAINTAINER:=Dengfeng Liu PKG_LICENSE:=GPL-3.0-or-later