[-]
[+]
|
Added |
nginx.changes
|
|
[-]
[+]
|
Changed |
nginx.spec
^
|
|
[-]
[+]
|
Added |
2bc1dac6fb3ed263529decb211ec784824132bf4.patch
^
|
@@ -0,0 +1,38 @@
+From 2bc1dac6fb3ed263529decb211ec784824132bf4 Mon Sep 17 00:00:00 2001
+From: Chris Lea <chris.lea@gmail.com>
+Date: Tue, 15 Nov 2016 22:26:35 -0800
+Subject: [PATCH] default_port was removed in 1.11.6.
+
+---
+ ngx_http_upstream_fair_module.c | 9 ++++++++-
+ 1 file changed, 8 insertions(+), 1 deletion(-)
+
+diff --git a/ngx_http_upstream_fair_module.c b/ngx_http_upstream_fair_module.c
+index a4419ca..66144e9 100644
+--- a/ngx_http_upstream_fair_module.c
++++ b/ngx_http_upstream_fair_module.c
+@@ -540,7 +540,11 @@ ngx_http_upstream_init_fair_rr(ngx_conf_t *cf, ngx_http_upstream_srv_conf_t *us)
+
+ /* an upstream implicitly defined by proxy_pass, etc. */
+
++#if nginx_version < 1011006
+ if (us->port == 0 && us->default_port == 0) {
++#else
++ if (us->port == 0) {
++#endif
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
+ "no port in upstream \"%V\" in %s:%ui",
+ &us->host, us->file_name, us->line);
+@@ -550,8 +554,11 @@ ngx_http_upstream_init_fair_rr(ngx_conf_t *cf, ngx_http_upstream_srv_conf_t *us)
+ ngx_memzero(&u, sizeof(ngx_url_t));
+
+ u.host = us->host;
++#if nginx_version < 1011006
+ u.port = (in_port_t) (us->port ? us->port : us->default_port);
+-
++#else
++ u.port = (in_port_t) us->port;
++#endif
+ if (ngx_inet_resolve_host(cf->pool, &u) != NGX_OK) {
+ if (u.err) {
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
|
[-]
[+]
|
Added |
check_1.7.5+.patch
^
|
@@ -0,0 +1,195 @@
+diff --git a/src/http/modules/ngx_http_upstream_ip_hash_module.c b/src/http/modules/ngx_http_upstream_ip_hash_module.c
+index 148d73a..913e395 100644
+--- a/src/http/modules/ngx_http_upstream_ip_hash_module.c
++++ b/src/http/modules/ngx_http_upstream_ip_hash_module.c
+@@ -9,6 +9,9 @@
+ #include <ngx_core.h>
+ #include <ngx_http.h>
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++#include "ngx_http_upstream_check_module.h"
++#endif
+
+ typedef struct {
+ /* the round robin data must be first */
+@@ -212,6 +215,15 @@ ngx_http_upstream_get_ip_hash_peer(ngx_peer_connection_t *pc, void *data)
+ goto next_try;
+ }
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
++ "get ip_hash peer, check_index: %ui",
++ peer->check_index);
++ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
++ goto next_try;
++ }
++#endif
++
+ if (peer->max_fails
+ && peer->fails >= peer->max_fails
+ && now - peer->checked <= peer->fail_timeout)
+diff --git a/src/http/modules/ngx_http_upstream_least_conn_module.c b/src/http/modules/ngx_http_upstream_least_conn_module.c
+index 623bc9b..a223839 100644
+--- a/src/http/modules/ngx_http_upstream_least_conn_module.c
++++ b/src/http/modules/ngx_http_upstream_least_conn_module.c
+@@ -9,6 +9,9 @@
+ #include <ngx_core.h>
+ #include <ngx_http.h>
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++#include "ngx_http_upstream_check_module.h"
++#endif
+
+ typedef struct {
+ ngx_uint_t *conns;
+@@ -203,6 +206,16 @@ ngx_http_upstream_get_least_conn_peer(ngx_peer_connection_t *pc, void *data)
+ continue;
+ }
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
++ "get least_conn peer, check_index: %ui",
++ peer->check_index);
++
++ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
++ continue;
++ }
++#endif
++
+ if (peer->max_fails
+ && peer->fails >= peer->max_fails
+ && now - peer->checked <= peer->fail_timeout)
+@@ -256,6 +269,16 @@ ngx_http_upstream_get_least_conn_peer(ngx_peer_connection_t *pc, void *data)
+ continue;
+ }
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
++ "get least_conn peer, check_index: %ui",
++ peer->check_index);
++
++ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
++ continue;
++ }
++#endif
++
+ if (lcp->conns[i] * best->weight != lcp->conns[p] * peer->weight) {
+ continue;
+ }
+diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c
+index 2d0649b..b9789eb 100644
+--- a/src/http/ngx_http_upstream_round_robin.c
++++ b/src/http/ngx_http_upstream_round_robin.c
+@@ -9,6 +9,9 @@
+ #include <ngx_core.h>
+ #include <ngx_http.h>
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++#include "ngx_http_upstream_check_module.h"
++#endif
+
+ #define ngx_http_upstream_tries(p) ((p)->number \
+ + ((p)->next ? (p)->next->number : 0))
+@@ -92,6 +95,14 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
+ peer[n].fail_timeout = server[i].fail_timeout;
+ peer[n].down = server[i].down;
+ peer[n].server = server[i].name;
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ if (!server[i].down) {
++ peers->peer[n].check_index =
++ ngx_http_upstream_check_add_peer(cf, us, &server[i].addrs[j]);
++ } else {
++ peers->peer[n].check_index = (ngx_uint_t) NGX_ERROR;
++ }
++#endif
+ n++;
+ }
+ }
+@@ -148,6 +159,15 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
+ peer[n].fail_timeout = server[i].fail_timeout;
+ peer[n].down = server[i].down;
+ peer[n].server = server[i].name;
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ if (!server[i].down) {
++ backup->peer[n].check_index =
++ ngx_http_upstream_check_add_peer(cf, us, &server[i].addrs[j]);
++ }
++ else {
++ backup->peer[n].check_index = (ngx_uint_t) NGX_ERROR;
++ }
++#endif
+ n++;
+ }
+ }
+@@ -207,6 +227,9 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
+ peer[i].current_weight = 0;
+ peer[i].max_fails = 1;
+ peer[i].fail_timeout = 10;
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ peers->peer[i].check_index = (ngx_uint_t) NGX_ERROR;
++#endif
+ }
+
+ us->peer.data = peers;
+@@ -316,7 +339,9 @@ ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r,
+ peer[0].current_weight = 0;
+ peer[0].max_fails = 1;
+ peer[0].fail_timeout = 10;
+-
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ peers->peer[0].check_index = (ngx_uint_t) NGX_ERROR;
++#endif
+ } else {
+
+ for (i = 0; i < ur->naddrs; i++) {
+@@ -356,6 +381,9 @@ ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r,
+ peer[i].current_weight = 0;
+ peer[i].max_fails = 1;
+ peer[i].fail_timeout = 10;
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ peers->peer[i].check_index = (ngx_uint_t) NGX_ERROR;
++#endif
+ }
+ }
+
+@@ -415,6 +443,12 @@ ngx_http_upstream_get_round_robin_peer(ngx_peer_connection_t *pc, void *data)
+ goto failed;
+ }
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
++ goto failed;
++ }
++#endif
++
+ } else {
+
+ /* there are several peers */
+@@ -507,6 +541,12 @@ ngx_http_upstream_get_peer(ngx_http_upstream_rr_peer_data_t *rrp)
+ continue;
+ }
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
++ continue;
++ }
++#endif
++
+ if (peer->max_fails
+ && peer->fails >= peer->max_fails
+ && now - peer->checked <= peer->fail_timeout)
+diff --git a/src/http/ngx_http_upstream_round_robin.h b/src/http/ngx_http_upstream_round_robin.h
+index 9db82a6..6e19a65 100644
+--- a/src/http/ngx_http_upstream_round_robin.h
++++ b/src/http/ngx_http_upstream_round_robin.h
+@@ -31,6 +31,10 @@ typedef struct {
+ ngx_uint_t max_fails;
+ time_t fail_timeout;
+
++#if (NGX_HTTP_UPSTREAM_CHECK)
++ ngx_uint_t check_index;
++#endif
++
+ ngx_uint_t down; /* unsigned down:1; */
+
+ #if (NGX_HTTP_SSL)
|
[-]
[+]
|
Added |
nginx-0.4.0-no_Werror.patch
^
|
@@ -0,0 +1,13 @@
+Index: auto/cc/gcc
+===================================================================
+--- auto/cc/gcc.orig
++++ auto/cc/gcc
+@@ -171,7 +171,7 @@
+
+
+ # stop on warning
+-CFLAGS="$CFLAGS -Werror"
++CFLAGS="$CFLAGS"
+
+ # debug
+ CFLAGS="$CFLAGS -g"
|
[-]
[+]
|
Added |
nginx-0.4.0-perl_vendor_install.patch
^
|
@@ -0,0 +1,13 @@
+Index: auto/install
+===================================================================
+--- auto/install.orig
++++ auto/install
+@@ -7,7 +7,7 @@
+ cat << END >> $NGX_MAKEFILE
+
+ install_perl_modules:
+- cd $NGX_OBJS/src/http/modules/perl && make install
++ cd $NGX_OBJS/src/http/modules/perl && make install_vendor
+ END
+
+ NGX_INSTALL_PERL_MODULES=install_perl_modules
|
[-]
[+]
|
Added |
nginx-0.6.31-DESTDIR.patch
^
|
@@ -0,0 +1,75 @@
+Index: auto/install
+===================================================================
+--- auto/install.orig 2007-07-30 12:51:55.000000000 +0200
++++ auto/install 2008-05-29 18:00:45.383221398 +0200
+@@ -19,45 +19,45 @@ cat << END
+
+ install: $NGX_OBJS${ngx_dirsep}nginx${ngx_binext} \
+ $NGX_INSTALL_PERL_MODULES
+- test -d '$NGX_PREFIX' || mkdir -p '$NGX_PREFIX'
++ test -d '\$(DESTDIR)$NGX_PREFIX' || mkdir -p '\$(DESTDIR)$NGX_PREFIX'
+
+- test -d '`dirname "$NGX_SBIN_PATH"`' \
+- || mkdir -p '`dirname "$NGX_SBIN_PATH"`'
+- test ! -f '$NGX_SBIN_PATH' || mv '$NGX_SBIN_PATH' '$NGX_SBIN_PATH.old'
+- cp $NGX_OBJS/nginx '$NGX_SBIN_PATH'
++ test -d '\$(DESTDIR)`dirname "$NGX_SBIN_PATH"`' \
++ || mkdir -p '\$(DESTDIR)`dirname "$NGX_SBIN_PATH"`'
++ test ! -f '\$(DESTDIR)$NGX_SBIN_PATH' || mv '\$(DESTDIR)$NGX_SBIN_PATH' '\$(DESTDIR)$NGX_SBIN_PATH.old'
++ cp $NGX_OBJS/nginx '\$(DESTDIR)$NGX_SBIN_PATH'
+
+- test -d '$NGX_CONF_PREFIX' || mkdir -p '$NGX_CONF_PREFIX'
++ test -d '\$(DESTDIR)$NGX_CONF_PREFIX' || mkdir -p '\$(DESTDIR)$NGX_CONF_PREFIX'
+
+- cp conf/koi-win '$NGX_CONF_PREFIX'
+- cp conf/koi-utf '$NGX_CONF_PREFIX'
+- cp conf/win-utf '$NGX_CONF_PREFIX'
++ cp conf/koi-win '\$(DESTDIR)$NGX_CONF_PREFIX'
++ cp conf/koi-utf '\$(DESTDIR)$NGX_CONF_PREFIX'
++ cp conf/win-utf '\$(DESTDIR)$NGX_CONF_PREFIX'
+
+- test -f '$NGX_CONF_PREFIX/mime.types' \
+- || cp conf/mime.types '$NGX_CONF_PREFIX'
+- cp conf/mime.types '$NGX_CONF_PREFIX/mime.types.default'
++ test -f '\$(DESTDIR)$NGX_CONF_PREFIX/mime.types' \
++ || cp conf/mime.types '\$(DESTDIR)$NGX_CONF_PREFIX'
++ cp conf/mime.types '\$(DESTDIR)$NGX_CONF_PREFIX/mime.types.default'
+
+- test -f '$NGX_CONF_PREFIX/fastcgi_params' \
+- || cp conf/fastcgi_params '$NGX_CONF_PREFIX'
+- cp conf/fastcgi_params '$NGX_CONF_PREFIX/fastcgi_params.default'
++ test -f '\$(DESTDIR)$NGX_CONF_PREFIX/fastcgi_params' \
++ || cp conf/fastcgi_params '\$(DESTDIR)$NGX_CONF_PREFIX'
++ cp conf/fastcgi_params '\$(DESTDIR)$NGX_CONF_PREFIX/fastcgi_params.default'
+
+- test -f '$NGX_CONF_PATH' || cp conf/nginx.conf '$NGX_CONF_PREFIX'
+- cp conf/nginx.conf '$NGX_CONF_PREFIX/nginx.conf.default'
++ test -f '\$(DESTDIR)$NGX_CONF_PATH' || cp conf/nginx.conf '\$(DESTDIR)$NGX_CONF_PREFIX'
++ cp conf/nginx.conf '\$(DESTDIR)$NGX_CONF_PREFIX/nginx.conf.default'
+
+- test -d '`dirname "$NGX_PID_PATH"`' \
+- || mkdir -p '`dirname "$NGX_PID_PATH"`'
++ test -d '\$(DESTDIR)`dirname "$NGX_PID_PATH"`' \
++ || mkdir -p '\$(DESTDIR)`dirname "$NGX_PID_PATH"`'
+
+- test -d '`dirname "$NGX_HTTP_LOG_PATH"`' || \
+- mkdir -p '`dirname "$NGX_HTTP_LOG_PATH"`'
++ test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \
++ mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
+
+- test -d '$NGX_PREFIX/html' || cp -r html '$NGX_PREFIX'
++ test -d '\$(DESTDIR)$NGX_PREFIX/html' || cp -r html '\$(DESTDIR)$NGX_PREFIX'
+ END
+
+
+-if test -n "$NGX_ERROR_LOG_PATH"; then
++if test -n "\$(DESTDIR)$NGX_ERROR_LOG_PATH"; then
+ cat << END >> $NGX_MAKEFILE
+
+- test -d '`dirname "$NGX_ERROR_LOG_PATH"`' || \
+- mkdir -p '`dirname "$NGX_ERROR_LOG_PATH"`'
++ test -d '\$(DESTDIR)`dirname "$NGX_ERROR_LOG_PATH"`' || \
++ mkdir -p '\$(DESTDIR)`dirname "$NGX_ERROR_LOG_PATH"`'
+ END
+
+ fi
|
[-]
[+]
|
Added |
nginx-0.6.31_default_config.patch
^
|
@@ -0,0 +1,71 @@
+Index: conf/nginx.conf
+===================================================================
+--- conf/nginx.conf.orig 2009-04-06 15:43:46.000000000 +0200
++++ conf/nginx.conf 2009-05-08 20:19:55.436773498 +0200
+@@ -1,12 +1,12 @@
+
+-#user nobody;
++user nginx;
+ worker_processes 1;
+
+-#error_log logs/error.log;
+-#error_log logs/error.log notice;
+-#error_log logs/error.log info;
++#error_log /var/log/nginx/error.log;
++#error_log /var/log/nginx/error.log notice;
++#error_log /var/log/nginx/error.log info;
+
+-#pid logs/nginx.pid;
++#pid /var/run/nginx.pid;
+
+
+ events {
+@@ -22,7 +22,7 @@ http {
+ # '$status $body_bytes_sent "$http_referer" '
+ # '"$http_user_agent" "$http_x_forwarded_for"';
+
+- #access_log logs/access.log main;
++ #access_log /var/log/nginx/access.log main;
+
+ sendfile on;
+ #tcp_nopush on;
+@@ -38,10 +38,10 @@ http {
+
+ #charset koi8-r;
+
+- #access_log logs/host.access.log main;
++ #access_log /var/log/nginx/host.access.log main;
+
+ location / {
+- root html;
++ root /srv/www/htdocs/;
+ index index.html index.htm;
+ }
+
+@@ -51,7 +51,7 @@ http {
+ #
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+- root html;
++ root /srv/www/htdocs/;
+ }
+
+ # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+@@ -87,7 +87,7 @@ http {
+ # server_name somename alias another.alias;
+
+ # location / {
+- # root html;
++ # root /srv/www/htdocs/;
+ # index index.html index.htm;
+ # }
+ #}
+@@ -110,7 +110,7 @@ http {
+ # ssl_prefer_server_ciphers on;
+
+ # location / {
+- # root html;
++ # root /srv/www/htdocs/;
+ # index index.html index.htm;
+ # }
+ #}
|
[-]
[+]
|
Added |
nginx-0.6.38-html.patch
^
|
@@ -0,0 +1,14 @@
+Index: auto/install
+===================================================================
+--- auto/install.orig
++++ auto/install
+@@ -54,8 +54,7 @@
+ test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \
+ mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
+
+- test -d '\$(DESTDIR)$NGX_PREFIX/html' \
+- || cp -r html '\$(DESTDIR)$NGX_PREFIX'
++ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs'
+ END
+
+
|
[-]
[+]
|
Added |
openssl-rc4tilt.patch
^
|
@@ -0,0 +1,17 @@
+Nur in openssl-1.0.1j-norc4: openssl__disable_rc4.patch.
+diff -ru openssl-1.0.1j/ssl/s3_lib.c openssl-1.0.1j-norc4/ssl/s3_lib.c
+--- openssl-1.0.1j/ssl/s3_lib.c 2014-10-15 14:53:39.000000000 +0200
++++ openssl-1.0.1j-norc4/ssl/s3_lib.c 2014-10-23 18:57:16.468131600 +0200
+@@ -3844,6 +3844,11 @@
+ (TLS1_get_version(s) < TLS1_2_VERSION))
+ continue;
+
++ /* Disable RC4 for TLS v1.1+ */
++ if ((c->algorithm_enc == SSL_RC4) &&
++ (TLS1_get_version(s) >= TLS1_1_VERSION))
++ continue;
++
+ ssl_set_cert_masks(cert,c);
+ mask_k = cert->mask_k;
+ mask_a = cert->mask_a;
+Nur in openssl-1.0.1j-norc4/ssl: s3_lib.c.orig.
|
[-]
[+]
|
Added |
openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch
^
|
@@ -0,0 +1,5227 @@
+From d21c75c622eb13a80080ed15fa30474f806a0a0f Mon Sep 17 00:00:00 2001
+From: Vlad Krasnov <vlad@cloudflare.com>
+Date: Fri, 12 Feb 2016 18:25:11 -0800
+Subject: [PATCH] Implementation of draft and RFC versions of CHACHA20-POLY1305
+ ciphers
+
+---
+ Configure | 48 +-
+ Makefile.org | 4 +-
+ apps/speed.c | 30 +-
+ crypto/chacha20poly1305/Makefile | 97 +++
+ crypto/chacha20poly1305/asm/chacha20_avx.pl | 408 +++++++++++
+ crypto/chacha20poly1305/asm/chacha20_avx2.pl | 443 ++++++++++++
+ crypto/chacha20poly1305/asm/poly1305_avx.pl | 732 ++++++++++++++++++++
+ crypto/chacha20poly1305/asm/poly1305_avx2.pl | 984 +++++++++++++++++++++++++++
+ crypto/chacha20poly1305/asm/poly1305_x64.pl | 281 ++++++++
+ crypto/chacha20poly1305/chacha20.c | 162 +++++
+ crypto/chacha20poly1305/chacha20poly1305.h | 79 +++
+ crypto/chacha20poly1305/chapolytest.c | 470 +++++++++++++
+ crypto/chacha20poly1305/poly1305.c | 287 ++++++++
+ crypto/cryptlib.c | 10 -
+ crypto/evp/Makefile | 7 +-
+ crypto/evp/e_chacha20poly1305.c | 435 ++++++++++++
+ crypto/evp/evp.h | 4 +
+ ssl/s3_lib.c | 119 ++++
+ ssl/ssl.h | 2 +
+ ssl/ssl_ciph.c | 60 +-
+ ssl/ssl_locl.h | 2 +
+ ssl/tls1.h | 28 +
+ test/Makefile | 17 +-
+ 23 files changed, 4655 insertions(+), 54 deletions(-)
+ create mode 100644 crypto/chacha20poly1305/Makefile
+ create mode 100644 crypto/chacha20poly1305/asm/chacha20_avx.pl
+ create mode 100644 crypto/chacha20poly1305/asm/chacha20_avx2.pl
+ create mode 100644 crypto/chacha20poly1305/asm/poly1305_avx.pl
+ create mode 100644 crypto/chacha20poly1305/asm/poly1305_avx2.pl
+ create mode 100644 crypto/chacha20poly1305/asm/poly1305_x64.pl
+ create mode 100644 crypto/chacha20poly1305/chacha20.c
+ create mode 100644 crypto/chacha20poly1305/chacha20poly1305.h
+ create mode 100644 crypto/chacha20poly1305/chapolytest.c
+ create mode 100644 crypto/chacha20poly1305/poly1305.c
+ create mode 100644 crypto/evp/e_chacha20poly1305.c
+
+diff --git a/Configure b/Configure
+index 4a715dc..f3ab6cd 100755
+--- a/Configure
++++ b/Configure
+@@ -146,25 +146,25 @@ my $tlib="-lnsl -lsocket";
+ my $bits1="THIRTY_TWO_BIT ";
+ my $bits2="SIXTY_FOUR_BIT ";
+
+-my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o::des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
++my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o::des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o::";
+
+ my $x86_elf_asm="$x86_asm:elf";
+
+-my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o:ecp_nistz256.o ecp_nistz256-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o:";
+-my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
+-my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o::des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o::void";
+-my $sparcv8_asm=":sparcv8.o::des_enc-sparc.o fcrypt_b.o:::::::::::::void";
+-my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::sha1-alpha.o:::::::ghash-alpha.o::void";
+-my $mips64_asm=":bn-mips.o mips-mont.o:::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
++my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o:ecp_nistz256.o ecp_nistz256-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o::chacha20_avx.o chacha20_avx2.o poly1305_x64.o poly1305_avx2.o";
++my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o:::void";
++my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o::des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o:::void";
++my $sparcv8_asm=":sparcv8.o::des_enc-sparc.o fcrypt_b.o::::::::::::::void";
++my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::sha1-alpha.o:::::::ghash-alpha.o:::void";
++my $mips64_asm=":bn-mips.o mips-mont.o:::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o:::::::::";
+ my $mips32_asm=$mips64_asm; $mips32_asm =~ s/\s*sha512\-mips\.o//;
+-my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o:::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
+-my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o:::aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o ghashv8-armx.o::void";
+-my $aarch64_asm="armcap.o arm64cpuid.o mem_clr.o::::aes_core.o aes_cbc.o aesv8-armx.o:::sha1-armv8.o sha256-armv8.o sha512-armv8.o:::::::ghashv8-armx.o:";
+-my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
+-my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
+-my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o:::aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o:::::::ghashp8-ppc.o:";
++my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o:::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o::";
++my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o:::aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o ghashv8-armx.o:::void";
++my $aarch64_asm="armcap.o arm64cpuid.o mem_clr.o::::aes_core.o aes_cbc.o aesv8-armx.o:::sha1-armv8.o sha256-armv8.o sha512-armv8.o:::::::ghashv8-armx.o::";
++my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o:::32";
++my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o:::64";
++my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o:::aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o:::::::ghashp8-ppc.o::";
+ my $ppc32_asm=$ppc64_asm;
+-my $no_asm="::::::::::::::::void";
++my $no_asm=":::::::::::::::::void";
+
+ # As for $BSDthreads. Idea is to maintain "collective" set of flags,
+ # which would cover all BSD flavors. -pthread applies to them all,
+@@ -710,6 +710,7 @@ my $idx_wp_obj = $idx++;
+ my $idx_cmll_obj = $idx++;
+ my $idx_modes_obj = $idx++;
+ my $idx_engines_obj = $idx++;
++my $idx_chapoly_obj = $idx++;
+ my $idx_perlasm_scheme = $idx++;
+ my $idx_dso_scheme = $idx++;
+ my $idx_shared_target = $idx++;
+@@ -752,6 +753,7 @@ my $bf ="crypto/bf/bf_locl.h";
+ my $bn_asm ="bn_asm.o";
+ my $des_enc="des_enc.o fcrypt_b.o";
+ my $aes_enc="aes_core.o aes_cbc.o";
++my $chapoly_enc="";
+ my $bf_enc ="bf_enc.o";
+ my $cast_enc="c_enc.o";
+ my $rc4_enc="rc4_enc.o rc4_skey.o";
+@@ -1210,7 +1212,7 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/]
+
+ print "IsMK1MF=$IsMK1MF\n";
+
+-my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
++my @fields = split(/\s*:\s*/,$table{$target} . ":" x 31 , -1);
+ my $cc = $fields[$idx_cc];
+ # Allow environment CC to override compiler...
+ if($ENV{CC}) {
+@@ -1239,6 +1241,7 @@ my $wp_obj = $fields[$idx_wp_obj];
+ my $cmll_obj = $fields[$idx_cmll_obj];
+ my $modes_obj = $fields[$idx_modes_obj];
+ my $engines_obj = $fields[$idx_engines_obj];
++my $chapoly_obj = $fields[$idx_chapoly_obj];
+ my $perlasm_scheme = $fields[$idx_perlasm_scheme];
+ my $dso_scheme = $fields[$idx_dso_scheme];
+ my $shared_target = $fields[$idx_shared_target];
+@@ -1405,7 +1408,7 @@ if ($no_asm)
+ {
+ $cpuid_obj=$bn_obj=$ec_obj=
+ $des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
+- $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
++ $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj=$chapoly_obj="";
+ }
+
+ if (!$no_shared)
+@@ -1558,6 +1561,14 @@ $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+ $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
+ $rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
+ $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
++if ($chapoly_obj =~ /\.o$/)
++ {
++ $cflags.=" -DCHAPOLY_x86_64_ASM";
++ }
++else
++ {
++ $chapoly_obj=$chapoly_enc;
++ }
+ if ($sha1_obj =~ /\.o$/)
+ {
+ # $sha1_obj=$sha1_enc;
+@@ -1740,6 +1751,7 @@ while (<IN>)
+ s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
+ s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
+ s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
++ s/^CHAPOLY_ENC=.*$/CHAPOLY_ENC= $chapoly_obj/;
+ s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
+ s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
+ s/^PROCESSOR=.*/PROCESSOR= $processor/;
+@@ -1802,6 +1814,7 @@ print "RMD160_OBJ_ASM=$rmd160_obj\n";
+ print "CMLL_ENC =$cmll_obj\n";
+ print "MODES_OBJ =$modes_obj\n";
+ print "ENGINES_OBJ =$engines_obj\n";
++print "CHAPOLY_ENC =$chapoly_obj\n";
+ print "PROCESSOR =$processor\n";
+ print "RANLIB =$ranlib\n";
+ print "ARFLAGS =$arflags\n";
+@@ -2200,7 +2213,7 @@ sub print_table_entry
+ my ($cc, $cflags, $unistd, $thread_cflag, $sys_id, $lflags,
+ $bn_ops, $cpuid_obj, $bn_obj, $ec_obj, $des_obj, $aes_obj, $bf_obj,
+ $md5_obj, $sha1_obj, $cast_obj, $rc4_obj, $rmd160_obj,
+- $rc5_obj, $wp_obj, $cmll_obj, $modes_obj, $engines_obj,
++ $rc5_obj, $wp_obj, $cmll_obj, $modes_obj, $engines_obj, $chapoly_obj,
+ $perlasm_scheme, $dso_scheme, $shared_target, $shared_cflag,
+ $shared_ldflag, $shared_extension, $ranlib, $arflags, $multilib)=
+ split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
+@@ -2231,6 +2244,7 @@ sub print_table_entry
+ \$cmll_obj = $cmll_obj
+ \$modes_obj = $modes_obj
+ \$engines_obj = $engines_obj
++\$chapoly_obj = $chapoly_obj
+ \$perlasm_scheme = $perlasm_scheme
+ \$dso_scheme = $dso_scheme
+ \$shared_target= $shared_target
+diff --git a/Makefile.org b/Makefile.org
+index 76fdbdf..6556ef6 100644
+--- a/Makefile.org
++++ b/Makefile.org
+@@ -91,6 +91,7 @@ BN_ASM= bn_asm.o
+ EC_ASM=
+ DES_ENC= des_enc.o fcrypt_b.o
+ AES_ENC= aes_core.o aes_cbc.o
++CHAPOLY_ENC=
+ BF_ENC= bf_enc.o
+ CAST_ENC= c_enc.o
+ RC4_ENC= rc4_enc.o
+@@ -148,7 +149,7 @@ SDIRS= \
+ bn ec rsa dsa ecdsa dh ecdh dso engine \
+ buffer bio stack lhash rand err \
+ evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
+- cms pqueue ts jpake srp store cmac
++ cms pqueue ts jpake srp store cmac chacha20poly1305
+ # keep in mind that the above list is adjusted by ./Configure
+ # according to no-xxx arguments...
+
+@@ -234,6 +235,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
|
|
Changed |
1.12.34.2-x64.tar.gz
^
|
|
Added |
1.13.35.1-x64.tar.gz
^
|
[-]
[+]
|
Changed |
_link
^
|
@@ -1,4 +1,4 @@
-<link project="home:kries" package="proceed-nginx" rev="7d7a511ad78a3e4e73824981c498d4bd" baserev="89b251a0a09a5511e7eb1eb30eabf435">
+<link project="home:kries:proceed" package="nginx" baserev="2e3af6d4577ab91222c91545b5041e43">
<patches>
<branch/>
</patches>
|
[-]
[+]
|
Changed |
_service
^
|
@@ -2,11 +2,6 @@
<service name="download_url">
<param name="host">nginx.org</param>
<param name="protocol">http</param>
- <param name="path">/download/nginx-1.20.1.tar.gz</param>
+ <param name="path">/download/nginx-1.13.7.tar.gz</param>
</service>
- <service name="download_url">
- <param name="host">www.openssl.org</param>
- <param name="protocol">https</param>
- <param name="path">/source/openssl-1.1.1l.tar.gz</param>
- </service>
-</services>
+<service name="download_url"><param name="host">nginx.org</param><param name="protocol">http</param><param name="path">/download/nginx-1.13.7.tar.gz</param></service><service name="download_url"><param name="host">www.openssl.org</param><param name="protocol">https</param><param name="path">/source/openssl-1.1.0g.tar.gz</param></service></services>
\ No newline at end of file
|
[-]
[+]
|
Added |
blockips.conf
^
|
@@ -0,0 +1,718 @@
+### updates are avail. at raw.githubusercontent.com/mariusv/nginx-badbot-blocker/master/blockips.conf
+
+
+deny 178.238.234.1;
+deny 76.90.254.19;
+deny 85.17.26.68; # spammy comments - Leaseweb
+deny 85.17.230.23; # spammy comments - Leaseweb
+deny 173.234.11.105; # junk referrers
+deny 173.234.31.9; # junk referrers - Ubiquityservers
+deny 173.234.38.25; # spammy comments
+deny 173.234.153.30; # junk referrers
+deny 173.234.153.106; # spammy comments - Ubiquityservers
+deny 173.234.175.68; # spammy comments
+deny 190.152.223.27; # junk referrers
+deny 195.191.54.90; # odd behaviour, Mozilla, doesnt fetch js/css. Ended up doing a POST, prob a spambot
+deny 195.229.241.174; # spammy comments - United Arab Emirates
+deny 210.212.194.60; # junk referrers + spammy comments
+deny 76.91.248.49; # bad bot
+deny 1.4.0.0/17;
+deny 1.10.16.0/20;
+deny 1.116.0.0/14;
+deny 5.34.242.0/23;
+deny 5.72.0.0/14;
+deny 5.134.128.0/19;
+deny 14.4.0.0/14;
+deny 14.245.0.0/16;
+deny 23.235.48.0/20;
+deny 27.111.48.0/20;
+deny 27.122.32.0/20;
+deny 27.126.160.0/20;
+deny 31.11.43.0/24;
+deny 31.222.200.0/21;
+deny 36.0.8.0/21;
+deny 36.37.48.0/20;
+deny 37.139.49.0/24;
+deny 37.148.216.0/21;
+deny 37.246.0.0/16;
+deny 41.72.64.0/19;
+deny 42.0.32.0/19;
+deny 42.1.56.0/22;
+deny 42.1.128.0/17;
+deny 42.52.0.0/14;
+deny 42.83.80.0/22;
+deny 42.96.0.0/18;
+deny 42.123.36.0/22;
+deny 42.128.0.0/12;
+deny 42.160.0.0/12;
+deny 42.194.8.0/22;
+deny 42.194.12.0/22;
+deny 42.194.128.0/17;
+deny 43.229.52.0/22;
+deny 43.236.0.0/16;
+deny 43.250.64.0/22;
+deny 43.250.116.0/22;
+deny 43.252.80.0/22;
+deny 43.252.152.0/22;
+deny 43.252.180.0/22;
+deny 43.255.188.0/22;
+deny 45.64.88.0/22;
+deny 45.117.208.0/22;
+deny 45.121.144.0/22;
+deny 46.29.248.0/22;
+deny 46.29.248.0/21;
+deny 46.148.112.0/20;
+deny 46.151.48.0/21;
+deny 46.232.192.0/21;
+deny 46.243.140.0/24;
+deny 46.243.142.0/24;
+deny 49.8.0.0/14;
+deny 49.128.104.0/22;
+deny 58.87.64.0/18;
+deny 59.254.0.0/15;
+deny 60.233.0.0/16;
+deny 61.11.224.0/19;
+deny 61.13.128.0/17;
+deny 61.45.251.0/24;
+deny 62.182.152.0/21;
+deny 64.234.224.0/20;
+deny 66.231.64.0/20;
+deny 67.213.128.0/20;
+deny 67.218.208.0/20;
+deny 72.13.16.0/20;
+deny 78.31.184.0/21;
+deny 78.31.211.0/24;
+deny 79.173.104.0/21;
+deny 80.76.8.0/21;
+deny 81.22.152.0/23;
+deny 83.175.0.0/18;
+deny 85.121.39.0/24;
+deny 86.55.40.0/23;
+deny 86.55.42.0/23;
+deny 88.135.16.0/20;
+deny 91.194.254.0/23;
+deny 91.195.254.0/23;
+deny 91.198.127.0/24;
+deny 91.200.248.0/22;
+deny 91.203.20.0/22;
+deny 91.207.4.0/22;
+deny 91.209.12.0/24;
+deny 91.212.104.0/24;
+deny 91.212.198.0/24;
+deny 91.212.201.0/24;
+deny 91.212.220.0/24;
+deny 91.213.126.0/24;
+deny 91.213.172.0/24;
+deny 91.216.3.0/24;
+deny 91.217.10.0/23;
+deny 91.220.35.0/24;
+deny 91.220.62.0/24;
+deny 91.220.163.0/24;
+deny 91.223.89.0/24;
+deny 91.226.97.0/24;
+deny 91.229.210.0/24;
+deny 91.230.110.0/24;
+deny 91.230.252.0/23;
+deny 91.234.36.0/24;
+deny 91.235.2.0/24;
+deny 91.236.74.0/23;
+deny 91.236.120.0/24;
+deny 91.237.198.0/24;
+deny 91.238.82.0/24;
+deny 91.239.24.0/24;
+deny 91.239.238.0/24;
+deny 91.240.163.0/24;
+deny 91.240.165.0/24;
+deny 91.242.217.0/24;
+deny 91.243.115.0/24;
+deny 93.175.240.0/20;
+deny 94.26.112.0/20;
+deny 94.154.128.0/18;
+deny 95.216.0.0/15;
+deny 101.192.0.0/14;
+deny 101.199.0.0/16;
+deny 101.202.0.0/16;
+deny 101.203.128.0/19;
+deny 101.248.0.0/15;
+deny 101.252.0.0/15;
+deny 103.2.44.0/22;
+deny 103.10.68.0/22;
+deny 103.12.216.0/22;
+deny 103.16.76.0/24;
+deny 103.20.36.0/22;
+deny 103.23.8.0/22;
+deny 103.36.64.0/22;
+deny 103.41.124.0/22;
+deny 103.41.180.0/22;
+deny 103.42.115.0/24;
+deny 103.55.28.0/22;
+deny 103.57.248.0/22;
+deny 103.61.4.0/22;
+deny 103.228.60.0/22;
+deny 103.229.36.0/22;
+deny 103.230.144.0/22;
+deny 103.231.84.0/22;
+deny 103.232.136.0/22;
+deny 103.232.172.0/22;
+deny 103.236.32.0/22;
+deny 103.242.184.0/22;
+deny 104.143.112.0/20;
+deny 104.255.136.0/21;
+deny 106.96.0.0/14;
+deny 108.166.224.0/19;
+deny 109.94.208.0/20;
+deny 110.44.128.0/20;
+deny 110.232.160.0/20;
+deny 113.20.160.0/19;
+deny 114.8.0.0/16;
+deny 115.85.133.0/24;
+deny 116.78.0.0/15;
+deny 116.128.0.0/10;
+deny 116.144.0.0/15;
+deny 116.146.0.0/15;
+deny 117.100.0.0/15;
+deny 118.177.0.0/16;
+deny 118.185.0.0/16;
+deny 119.232.0.0/16;
+deny 120.48.0.0/15;
+deny 120.92.0.0/17;
+deny 120.92.128.0/18;
+deny 120.92.192.0/19;
+deny 120.92.224.0/20;
+deny 121.100.128.0/18;
+deny 122.129.0.0/18;
+deny 122.202.96.0/19;
+deny 123.136.80.0/20;
+deny 124.68.0.0/15;
+deny 124.70.0.0/15;
+deny 124.157.0.0/18;
+deny 124.242.0.0/16;
+deny 124.245.0.0/16;
+deny 125.31.192.0/18;
+deny 125.58.0.0/18;
+deny 125.169.0.0/16;
+deny 128.13.0.0/16;
+deny 128.168.0.0/16;
+deny 128.191.0.0/16;
+deny 129.47.0.0/16;
+deny 129.76.64.0/18;
+deny 130.148.0.0/16;
|
[-]
[+]
|
Changed |
changelog
^
|
@@ -1,9 +1,3 @@
-* Tu Oct 26 2021 Kilian Ries <kr@internetx.com> - 1.20.1
-- 1.20.1 bump
-- cleanup old files
-- update all modules to latest version
-- openssl 1.1.1l
-
* Sun Mar 05 2016 Juergen Gotteswinter <jg@internetx.com> - 1.9.12-1
- 1.9.12 bump
- enabled http splice module
@@ -134,4 +128,4 @@
- version bump to 0.7.63
* Fri Oct 23 2009 Juergen Gotteswinter <jg at internetx.de> 0.7.62-3
-- included nginx-socket-patch for unix socket support
+- included nginx-socket-patch for unix socket support
\ No newline at end of file
|
[-]
[+]
|
Added |
config
^
|
@@ -0,0 +1,856 @@
+
+
+
+
+
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta charset='utf-8'>
+ <meta http-equiv="X-UA-Compatible" content="chrome=1">
+ <title>config at master from bigplum/Nginx-limit-traffic-rate-module - GitHub</title>
+ <link rel="search" type="application/opensearchdescription+xml" href="/opensearch.xml" title="GitHub" />
+ <link rel="fluid-icon" href="https://github.com/fluidicon.png" title="GitHub" />
+
+ <link href="https://assets0.github.com/stylesheets/bundle_common.css?594c3ba479ae702f0f0215dba898d5fb809fc253" media="screen" rel="stylesheet" type="text/css" />
+<link href="https://assets3.github.com/stylesheets/bundle_github.css?594c3ba479ae702f0f0215dba898d5fb809fc253" media="screen" rel="stylesheet" type="text/css" />
+
+ <script type="text/javascript">
+ if (typeof console == "undefined" || typeof console.log == "undefined")
+ console = { log: function() {} }
+ </script>
+ <script type="text/javascript" charset="utf-8">
+ var GitHub = {}
+ var github_user = null
+
+ </script>
+ <script src="https://assets2.github.com/javascripts/jquery/jquery-1.4.2.min.js?594c3ba479ae702f0f0215dba898d5fb809fc253" type="text/javascript"></script>
+ <script src="https://assets2.github.com/javascripts/bundle_common.js?594c3ba479ae702f0f0215dba898d5fb809fc253" type="text/javascript"></script>
+<script src="https://assets3.github.com/javascripts/bundle_github.js?594c3ba479ae702f0f0215dba898d5fb809fc253" type="text/javascript"></script>
+
+
+ <script type="text/javascript" charset="utf-8">
+ GitHub.spy({
+ repo: "bigplum/Nginx-limit-traffic-rate-module"
+ })
+ </script>
+
+
+ <link href="https://github.com/bigplum/Nginx-limit-traffic-rate-module/commits/master.atom" rel="alternate" title="Recent Commits to Nginx-limit-traffic-rate-module:master" type="application/atom+xml" />
+
+ <meta name="description" content="Limiting rate by given variables(like $request_uri, $remote_addr, etc..)." />
+ <script type="text/javascript">
+ GitHub.nameWithOwner = GitHub.nameWithOwner || "bigplum/Nginx-limit-traffic-rate-module";
+ GitHub.currentRef = 'master';
+ GitHub.commitSHA = "c0c90f55a8cb545559b73eafb91a0af3f2d8474a";
+ GitHub.currentPath = 'config';
+ GitHub.masterBranch = "master";
+
+
+ </script>
+
+
+ <script type="text/javascript">
+ var _gaq = _gaq || [];
+ _gaq.push(['_setAccount', 'UA-3769691-2']);
+ _gaq.push(['_setDomainName', 'none']);
+ _gaq.push(['_trackPageview']);
+ (function() {
+ var ga = document.createElement('script');
+ ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
+ ga.setAttribute('async', 'true');
+ document.documentElement.firstChild.appendChild(ga);
+ })();
+ </script>
+
+
+ </head>
+
+
+
+ <body class="logged_out page-blob">
+
+
+
+
+
+
+
+
+
+
+ <div class="subnavd" id="main">
+ <div id="header" class="true">
+
+ <a class="logo boring" href="https://github.com">
+ <img src="/images/modules/header/logov3.png?changed" class="default" alt="github" />
+ <!--[if (gt IE 8)|!(IE)]><!-->
+ <img src="/images/modules/header/logov3-hover.png" class="hover" alt="github" />
+ <!--<![endif]-->
+ </a>
+
+
+ <div class="topsearch">
+
+ <ul class="nav logged_out">
+ <li class="pricing"><a href="/plans">Pricing and Signup</a></li>
+ <li class="explore"><a href="/explore">Explore GitHub</a></li>
+ <li class="features"><a href="/features">Features</a></li>
+ <li class="blog"><a href="/blog">Blog</a></li>
+ <li class="login"><a href="/login?return_to=https://github.com/bigplum/Nginx-limit-traffic-rate-module/blob/master/config">Login</a></li>
+ </ul>
+
+</div>
+
+ </div>
+
+
+
+
+ <div class="site">
+ <div class="pagehead repohead vis-public ">
+
+
+
+ <div class="title-actions-bar">
+ <h1>
+ <a href="/bigplum">bigplum</a> / <strong><a href="https://github.com/bigplum/Nginx-limit-traffic-rate-module">Nginx-limit-traffic-rate-module</a></strong>
+
+
+ </h1>
+
+
+ <ul class="actions">
+
+
+
+ <li class="for-owner" style="display:none"><a href="https://github.com/bigplum/Nginx-limit-traffic-rate-module/admin" class="minibutton btn-admin "><span><span class="icon"></span>Admin</span></a></li>
+ <li>
+ <a href="/bigplum/Nginx-limit-traffic-rate-module/toggle_watch" class="minibutton btn-watch " id="watch_button" onclick="var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;var s = document.createElement('input'); s.setAttribute('type', 'hidden'); s.setAttribute('name', 'authenticity_token'); s.setAttribute('value', '5fb90cea03b51d302598461c3969cdb3211d3084'); f.appendChild(s);f.submit();return false;" style="display:none"><span><span class="icon"></span>Watch</span></a>
+ <a href="/bigplum/Nginx-limit-traffic-rate-module/toggle_watch" class="minibutton btn-watch " id="unwatch_button" onclick="var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;var s = document.createElement('input'); s.setAttribute('type', 'hidden'); s.setAttribute('name', 'authenticity_token'); s.setAttribute('value', '5fb90cea03b51d302598461c3969cdb3211d3084'); f.appendChild(s);f.submit();return false;" style="display:none"><span><span class="icon"></span>Unwatch</span></a>
+ </li>
+
+
+ <li class="for-notforked" style="display:none"><a href="/bigplum/Nginx-limit-traffic-rate-module/fork" class="minibutton btn-fork " id="fork_button" onclick="var f = document.createElement('form'); f.style.display = 'none'; this.parentNode.appendChild(f); f.method = 'POST'; f.action = this.href;var s = document.createElement('input'); s.setAttribute('type', 'hidden'); s.setAttribute('name', 'authenticity_token'); s.setAttribute('value', '5fb90cea03b51d302598461c3969cdb3211d3084'); f.appendChild(s);f.submit();return false;"><span><span class="icon"></span>Fork</span></a></li>
+ <li class="for-hasfork" style="display:none"><a href="#" class="minibutton btn-fork " id="your_fork_button"><span><span class="icon"></span>Your Fork</span></a></li>
+
+
+
+
+
+
+ <li class="repostats">
+ <ul class="repo-stats">
+ <li class="watchers"><a href="/bigplum/Nginx-limit-traffic-rate-module/watchers" title="Watchers" class="tooltipped downwards">3</a></li>
+ <li class="forks"><a href="/bigplum/Nginx-limit-traffic-rate-module/network" title="Forks" class="tooltipped downwards">2</a></li>
+ </ul>
+ </li>
+ </ul>
+
+ </div>
+
+
+ <ul class="tabs">
+ <li><a href="https://github.com/bigplum/Nginx-limit-traffic-rate-module" class="selected" highlight="repo_source">Source</a></li>
+ <li><a href="https://github.com/bigplum/Nginx-limit-traffic-rate-module/commits/master" highlight="repo_commits">Commits</a></li>
+ <li><a href="/bigplum/Nginx-limit-traffic-rate-module/network" highlight="repo_network">Network</a></li>
+ <li><a href="/bigplum/Nginx-limit-traffic-rate-module/pulls" highlight="repo_pulls">Pull Requests (0)</a></li>
+
+
+
+
+
+ <li><a href="/bigplum/Nginx-limit-traffic-rate-module/issues" highlight="issues">Issues (0)</a></li>
+
+
+
+ <li><a href="/bigplum/Nginx-limit-traffic-rate-module/graphs" highlight="repo_graphs">Graphs</a></li>
+
+ <li class="contextswitch nochoices">
+ <span class="toggle leftwards" >
+ <em>Branch:</em>
+ <code>master</code>
+ </span>
+ </li>
+ </ul>
+
+ <div style="display:none" id="pl-description"><p><em class="placeholder">click here to add a description</em></p></div>
+ <div style="display:none" id="pl-homepage"><p><em class="placeholder">click here to add a homepage</em></p></div>
+
+ <div class="subnav-bar">
+
+ <ul>
+ <li>
+ <a href="#" class="dropdown">Switch Branches (1)</a>
+ <ul>
+
+
+ <li><strong>master ✓</strong></li>
+
+ </ul>
+ </li>
+ <li>
+ <a href="#" class="dropdown defunct">Switch Tags (0)</a>
+
+ </li>
+ <li>
+
+ <a href="/bigplum/Nginx-limit-traffic-rate-module/branches" class="manage">Branch List</a>
+
|
|
Deleted |
cscope.tmplst
^
|
[-]
[+]
|
Added |
magento-sample.conf-disabled
^
|
@@ -0,0 +1,113 @@
+server {
+ include /etc/nginx/port.conf;
+ server_name example.com;
+ return 301 $scheme://www.example.com$request_uri;
+}
+
+server {
+ include /etc/nginx/port.conf;
+ #listen 443 ssl;
+ server_name www.example.com; ## Domain is here
+ root /var/www/html;
+ access_log /var/log/nginx/access_www.example.com.log main;
+
+ if ($http_user_agent = "") { return 444;}
+
+ ####################################################################################
+ ## SSL CONFIGURATION
+
+ #ssl_certificate /etc/ssl/certs/www_server_com.chained.crt;
+ #ssl_certificate_key /etc/ssl/certs/server.key;
+
+ ####################################################################################
+ ## Server maintenance block. insert dev ip 1.2.3.4 static address www.whatismyip.com
+
+ #if ($remote_addr !~ "^(1.2.3.4|1.2.3.4)$") {
+ #return 503;
+ #}
+
+ #error_page 503 @maintenance;
+ #location @maintenance {
+ #rewrite ^(.*)$ /error_page/503.html break;
+ #internal;
+ #access_log off;
+ #log_not_found off;
+ #}
+
+ ####################################################################################
+ ## 403 error log/page
+
+ #error_page 403 /403.html;
+ #location = /403.html {
+ #root /var/www/html/error_page;
+ #internal;
+ #access_log /var/log/nginx/403.log error403;
+ #}
+
+ ####################################################################################
+ ## Main Magento location
+
+ location / {
+ try_files $uri $uri/ @handler;
+ }
+
+ ####################################################################################
+ ## These locations would be hidden by .htaccess normally, protected
+
+ location ~ (/(app/|includes/|pkginfo/|var/|errors/local.xml)|/\.) {
+ deny all;
+ }
+
+ ####################################################################################
+ ## Protecting /admin/ and /downloader/ 1.2.3.4 = static ip (www.whatismyip.com)
+
+ #location /downloader/ {
+ #allow 1.2.3.4; allow 1.2.3.4; deny all;
+ #rewrite ^/downloader/(.*)$ /downloader/index.php$1;
+ #}
+ #location /admin {
+ #allow 1.2.3.4; allow 1.2.3.4; deny all;
+ #rewrite / /@handler;
+ #}
+
+ ####################################################################################
+ ## Images, scripts and styles set far future Expires header
+
+ location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+ open_file_cache max=10000 inactive=8h;
+ open_file_cache_valid 1h;
+ open_file_cache_min_uses 2;
+ open_file_cache_errors off;
+ expires max;
+ log_not_found off;
+ access_log off;
+ }
+
+ ####################################################################################
+ ## Main Magento location
+
+ location @handler {
+ rewrite / /index.php?$args;
+ }
+
+ location ~ .php/ { ## Forward paths like /js/index.php/x.js to relevant handler
+ rewrite ^(.*.php)/ $1 last;
+ }
+
+ ####################################################################################
+ ## Execute PHP scripts
+
+ location ~ .php$ {
+ add_header X-UA-Compatible 'IE=Edge,chrome=1';
+ add_header X-Time-Spent $request_time;
+ try_files $uri $uri/ =404;
+ fastcgi_pass 127.0.0.1:9000;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ ## Store code with multi domain
+ #fastcgi_param MAGE_RUN_CODE $storecode;
+ ## Default Store code
+ fastcgi_param MAGE_RUN_CODE default;
+ fastcgi_param MAGE_RUN_TYPE store; ## or website;
+ include fastcgi_params; ## See /etc/nginx/fastcgi_params
+ }
+ }
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/.travis.yml
^
|
@@ -10,7 +10,7 @@
env:
global:
- VER_NGINX=1.9.11
- - COV=0
+ - COV=1
compiler:
- clang
@@ -27,7 +27,7 @@
- cd ./naxsi_src
- if [ "$CC" == "clang" ]; then COV=0; fi
- make
- - sudo cpanm -v --notest Test::Nginx
+ - cpanm -v --notest Test::Nginx
before_script:
- lcov --directory "../nginx-${VER_NGINX}" --zerocounters
@@ -39,3 +39,7 @@
- cat /tmp/ngx_error.log
- cat /tmp/ngx_access.log
+after_success:
+ - lcov --list naxsi.info
+ - coveralls-lcov --repo-token ${COVERALLS_TOKEN} naxsi.info
+
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/README.md
^
|
@@ -4,8 +4,6 @@
[![travis-ci](https://travis-ci.org/nbs-system/naxsi.svg?branch=master)](https://travis-ci.org/nbs-system/naxsi)
[![coveralls](https://coveralls.io/repos/github/nbs-system/naxsi/badge.svg?branch=master)](https://coveralls.io/github/nbs-system/naxsi?branch=master)
[![codecov](http://codecov.io/github/nbs-system/naxsi/coverage.svg?branch=master)](http://codecov.io/github/nbs-system/naxsi?branch=master)
-[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/740/badge)](https://bestpractices.coreinfrastructure.org/projects/740)
-[![Gitter](https://img.shields.io/gitter/room/nwjs/nw.js.svg)](https://gitter.im/nbs-system/naxsi)
### We need your help
@@ -43,7 +41,7 @@
and free (as in free beer) to use.
## What does it run on?
-Naxsi should be compatible with any nginx version.
+Naxsi is compatible with any nginx version, although it currently doesn't play well with the new HTTPv2 protocol added in recent nginx versions. See [issue #227]( https://github.com/nbs-system/naxsi/issues/227 ) for more details.
It depends on `libpcre` for its regexp support, and is reported to work great on NetBSD, FreeBSD, OpenBSD, Debian, Ubuntu and CentOS.
@@ -52,12 +50,3 @@
- The [documentation](https://github.com/nbs-system/naxsi/wiki)
- Some [rules]( https://github.com/nbs-system/naxsi-rules ) for mainstream software
- The [nxapi/nxtool]( https://github.com/nbs-system/naxsi/tree/master/nxapi ) to generate rules
-
-
-<img alt="nxapi-dashboard logo" src="https://raw.githubusercontent.com/wiki/nbs-system/naxsi/Images/kibana.png" align="center"/>
-
-## Security issues
-If you find a security issue, please send it by email to `tko@nbs-system.com`;
-you can use the gpg key
-[0x251A28DE2685AED4](https://pgp.mit.edu/pks/lookup?op=vindex&search=0x251A28DE2685AED4)
-to encrypt it.
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/naxsi_config/naxsi_core.rules
^
|
@@ -69,7 +69,7 @@
MainRule "str:]" "msg:close square bracket (]), possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
MainRule "str:~" "msg:tilde (~) character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
MainRule "str:`" "msg:grave accent (`)" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-MainRule "rx:%[23]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+MainRule "rx:%[2|3]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
####################################
## Evading tricks IDs: 1400-1500 ##
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/naxsi_src/Makefile
^
|
@@ -1,113 +1,75 @@
CORE_VERS := $(shell grep NAXSI_VERSION naxsi.h | cut -d '"' -f 2)
MOD_PATH := $(shell pwd)
-TMP_DIR := /tmp/nginx/
+TMP_DIR := /tmp/nginx/
# Keys for coverity
CAN :=
CAK :=
-#Mode: coverage, fuzz, or base
-COV ?= 0
-FUZZ ?= 0
-STOCK ?= 1
+#Set to 1 if you want coverage report
+COV ?= 1
#Allows to force for specific UT only
-#TEST := ""
-NGINX_VERS := "1.12.2"
+#TEST := "29*.t"
+NGINX_VERS := "1.9.11"
-
-NGINX_OPTIONS="--with-select_module"
+NGINX_OPTIONS="--error-log-path=/tmp/naxsi_ut/error.log"
NGINX_OPTIONS+="--conf-path=/tmp/naxsi_ut/nginx.conf"
NGINX_OPTIONS+="--http-client-body-temp-path=/tmp/naxsi_ut/body/"
NGINX_OPTIONS+="--http-fastcgi-temp-path=/tmp/naxsi_ut/fastcgi/"
+NGINX_OPTIONS+="--http-log-path=/tmp/naxsi_ut/access.log"
NGINX_OPTIONS+="--http-proxy-temp-path=/tmp/naxsi_ut/proxy/"
NGINX_OPTIONS+="--lock-path=/tmpnginx.lock"
NGINX_OPTIONS+="--pid-path=/tmp/naxsi_ut/nginx.pid"
NGINX_OPTIONS+="--modules-path=/tmp/naxsi_ut/modules/"
+NGINX_OPTIONS+="--with-http_ssl_module"
NGINX_OPTIONS+="--without-mail_pop3_module"
NGINX_OPTIONS+="--without-mail_smtp_module"
NGINX_OPTIONS+="--without-mail_imap_module"
-NGINX_OPTIONS+="--with-http_v2_module"
NGINX_OPTIONS+="--without-http_uwsgi_module"
NGINX_OPTIONS+="--without-http_scgi_module"
-#dynamic or not NGINX_OPTIONS+="--add-dynamic-module=$(MOD_PATH)"
+NGINX_OPTIONS+="--add-dynamic-module=$(MOD_PATH)"
+NGINX_OPTIONS+="--with-ipv6"
NGINX_OPTIONS+="--prefix=/tmp"
+NGINX_OPTIONS+="--with-debug"
-CFLAGS:="-Wall -Wextra -Werror"
+CFLAGS:="-Wall -Wextra"
all: nginx_download configure build install deploy
re: clean all test
-
-FUZZ_PATH := "../fuzz"
-AFL_PATH := $(PWD)"/"$(FUZZ_PATH)"/afl/"
-
-install_afl:
- mkdir -p $(FUZZ_PATH)
- cd $(FUZZ_PATH) && (wget -nc --no-clobber "http://lcamtuf.coredump.cx/afl/releases/afl-latest.tgz" || exit 1)
- cd $(FUZZ_PATH) && (test -d $(AFL_PATH) || (mkdir $(FUZZ_PATH)"/afl" && tar -C $(AFL_PATH)/ -xzf afl-latest.tgz --strip-components=1))
- cd $(FUZZ_PATH) && (make -C $(AFL_PATH) && make -C $(AFL_PATH)"/llvm_mode" clean all afl-clang-fast)
-
-install_preeny:
- cd $(FUZZ_PATH) && (test -d preeny || git clone https://github.com/zardus/preeny.git)
- cd $(FUZZ_PATH) && make -C preeny/src/
-
-fuzz_build: install_afl install_preeny
- mkdir -p $(FUZZ_PATH)
- STOCK=0 FUZZ=1 make nginx_download
- cd $(TMP_DIR) && patch -p1 "./src/core/ngx_cycle.c" < $(MOD_PATH)"/../t/confs/ngx_cycle.patch"
- cd $(TMP_DIR) && patch -p1 "./src/os/unix/ngx_process_cycle.c" < $(MOD_PATH)"/../t/confs/ngx_process_cycle.patch"
- STOCK=0 FUZZ=1 make configure build install deploy
-
-fuzz:
- LD_PRELOAD=$(FUZZ_PATH)"/preeny/src/desock.so" $(AFL_PATH)"afl-fuzz" -t 10 -i "../t/fuzz/" -o $(FUZZ_PATH)/findings $(TMP_DIR)/objs/nginx
-
clean:
rm -f "nginx-"$(NGINX_VERS)".tar.gz"
rm -f "nginx-"$(NGINX_VERS)".tar.gz.asc"
rm -rf /tmp/naxsi_ut/
rm -rf $(TMP_DIR)/
- rm -rf $(FUZZ_PATH)/
nginx_download:
wget --no-clobber "http://nginx.org/download/nginx-"$(NGINX_VERS)".tar.gz" || exit 1
wget --no-clobber "http://nginx.org/download/nginx-"$(NGINX_VERS)".tar.gz.asc" || exit 1
-# gpg --keyserver pgp.key-server.io --recv-keys 0x251a28de2685aed4 0x520A9993A1C052F8
-# gpg --verify "nginx-"$(NGINX_VERS)".tar.gz.asc" "nginx-"$(NGINX_VERS)".tar.gz" || exit 1
+ gpg --keyserver pgp.key-server.io --recv-keys 0x251a28de2685aed4 0x520A9993A1C052F8
+ gpg --verify "nginx-"$(NGINX_VERS)".tar.gz.asc" "nginx-"$(NGINX_VERS)".tar.gz" || exit 1
mkdir -p $(TMP_DIR)/
tar -C $(TMP_DIR)/ -xzf nginx-$(NGINX_VERS).tar.gz --strip-components=1
configure:
-#build non dynamic module (faster) for fuzz/afl
-ifeq ($(FUZZ),1)
- cd $(TMP_DIR)/ && AFL_PATH=$(AFL_PATH) ./configure --with-cc=$(AFL_PATH)"/llvm_mode/afl-clang-fast" --with-cc-opt="-O3" $(NGINX_OPTIONS) --add-module=$(MOD_PATH) --error-log-path=/dev/null --http-log-path=/dev/null
-endif
-
ifeq ($(COV),1)
- cd $(TMP_DIR)/ && ./configure --with-cc-opt="--coverage -g3 -gstabs" --with-ld-opt="-lgcov" $(NGINX_OPTIONS) --add-dynamic-module=$(MOD_PATH) --error-log-path=/tmp/naxsi_ut/error.log --conf-path=/tmp/naxsi_ut/nginx.conf
-endif
-
-ifeq ($(STOCK),1)
- cd $(TMP_DIR)/ && ./configure --with-cc-opt="-g3 -ggdb" $(NGINX_OPTIONS) --add-dynamic-module=$(MOD_PATH) --error-log-path=/tmp/naxsi_ut/error.log --conf-path=/tmp/naxsi_ut/nginx.conf
+ cd $(TMP_DIR)/ && ./configure --with-cc-opt="--coverage -g3 -gstabs" --with-ld-opt="-lgcov" $(NGINX_OPTIONS)
+else
+ cd $(TMP_DIR)/ && ./configure --with-cc-opt="-g3 -ggdb" $(NGINX_OPTIONS)
endif
-
build:
- AFL_PATH=$(AFL_PATH) make -C $(TMP_DIR)
- if [ -d "/tmp/naxsi_ut" ] && [ -f $(TMP_DIR)/objs/ngx_http_naxsi_module.so ] ; then cp $(TMP_DIR)/objs/ngx_http_naxsi_module.so /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so ; fi
+ cd $(TMP_DIR)/ && make
+ if [ -d "/tmp/naxsi_ut" ] ; then cp $(TMP_DIR)/objs/ngx_http_naxsi_module.so /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so ; fi
install:
- make -C $(TMP_DIR) install
+ cd $(TMP_DIR)/ && make install
-deploy:
-ifeq ($(FUZZ),1)
- @cp ../t/confs/nginx_fuzz.conf.example /tmp/naxsi_ut/nginx.conf
-else
- @cp ../t/confs/nginx.conf.example /tmp/naxsi_ut/nginx.conf
-endif
+deploy:
+ @cp ./nginx.conf.example /tmp/naxsi_ut/nginx.conf
@cp ../naxsi_config/naxsi_core.rules /tmp/naxsi_ut/naxsi_core.rules
- @openssl req -batch -x509 -nodes -days 365 -newkey rsa:2048 -keyout /tmp/nginx.key -out /tmp/nginx.crt
# RUN UNIT TESTS
@@ -115,10 +77,13 @@
ifeq ($(COV),1)
lcov --directory $(TMP_DIR) --zerocounters
endif
+
if [ ! $(TEST) ] ; then TEST="*.t" ; fi
+
export PATH="$(TMP_DIR)/objs/:"$(PATH) ; \
- export PERL5LIB="~/perl5/lib/perl5/" ;\
+ export PERL5LIB="~/perl5/lib/perl5/:/home/travis/perl5/lib/perl5/" ; \
cd .. ; prove -r "t/$(TEST)"
+
ifeq ($(COV),1)
lcov --directory $(TMP_DIR)/objs/addon/naxsi_src/ --capture --output-file naxsi.info --base-directory $(TMP_DIR)
genhtml -s -o /tmp/naxsicov.html naxsi.info
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/naxsi_src/naxsi.h
^
|
@@ -32,7 +32,7 @@
#ifndef __FOO_H__
#define __FOO_H__
-#define NAXSI_VERSION "0.56"
+#define NAXSI_VERSION "0.55.3"
#include <nginx.h>
#include <ngx_config.h>
@@ -548,7 +548,6 @@
ngx_http_request_t *r);
int nx_check_ids(ngx_int_t match_id, ngx_array_t *wl_ids);
int naxsi_unescape(ngx_str_t *str);
-u_int naxsi_escape_nullbytes(ngx_str_t *str);
void ngx_http_dummy_json_parse(ngx_http_request_ctx_t *ctx,
ngx_http_request_t *r,
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/naxsi_src/naxsi_json.c
^
|
@@ -91,7 +91,6 @@
if (*(js->src+js->off) == '\\') {
js->off += 2;
if (js->off >= js->len) break;
- continue;
}
if (*(js->src+js->off) == '"') {
vn_end = js->src+js->off;
@@ -162,7 +161,7 @@
ngx_http_basestr_ruleset_n(js->r->pool, &js->ckey, &val,
js->main_cf->body_rules, js->r, js->ctx,
BODY);
- NX_DEBUG(_debug_json, NGX_LOG_DEBUG_HTTP, js->r->connection->log, 0, "quoted-JSON '%V' : '%V'",
+ NX_DEBUG(_debug_json, NGX_LOG_DEBUG_HTTP, js->r->connection->log, 0, "JSON '%V' : '%V'",
&(js->ckey), &(val));
}
return (ret);
@@ -319,7 +318,7 @@
{
ngx_json_t *js;
-
+
js = ngx_pcalloc(r->pool, sizeof(ngx_json_t));
if (!js) return ;
js->json.data = js->src = src;
@@ -328,7 +327,7 @@
js->ctx = ctx;
js->loc_cf = ngx_http_get_module_loc_conf(r, ngx_http_naxsi_module);
js->main_cf = ngx_http_get_module_main_conf(r, ngx_http_naxsi_module);
-
+
if (ngx_http_nx_json_seek(js, '{')) {
ngx_http_apply_rulematch_v_n(&nx_int__invalid_json, ctx, r, NULL, NULL, BODY, 1, 0);
return ;
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/naxsi_src/naxsi_runtime.c
^
|
@@ -108,14 +108,6 @@
ngx_http_rule_t *nx_int__libinject_sql; /*ID:17*/
ngx_http_rule_t *nx_int__libinject_xss; /*ID:18*/
-ngx_http_rule_t nx_int__no_rules = {/*type*/ 0, /*whitelist flag*/ 0,
- /*wl_id ptr*/ NULL, /*rule_id*/ 19,
- /*log_msg*/ NULL, /*score*/ 0,
- /*sscores*/ NULL,
- /*sc_block*/ 0, /*sc_allow*/ 0,
- /*block*/ 0, /*allow*/ 0, /*drop*/ 1, /*log*/ 0,
- /*br ptrs*/ NULL};
-
@@ -349,44 +341,38 @@
}
ngx_http_whitelist_rule_t *
-nx_find_wl_in_hash(
- ngx_http_request_t *req,
- ngx_str_t *mstr,
- ngx_http_dummy_loc_conf_t *cf,
- enum DUMMY_MATCH_ZONE zone)
+nx_find_wl_in_hash(ngx_str_t *mstr,
+ ngx_http_dummy_loc_conf_t *cf,
+ enum DUMMY_MATCH_ZONE zone)
{
+
ngx_int_t k;
ngx_http_whitelist_rule_t *b = NULL;
size_t i;
- ngx_str_t scratch = {.data = mstr->data, .len = mstr->len};
-
- if (zone == HEADERS) {
- scratch.data = ngx_pcalloc(req->pool, scratch.len+1);
- memcpy(scratch.data, mstr->data, scratch.len);
- }
-
- for (i = 0; i < scratch.len; i++)
- scratch.data[i] = tolower(scratch.data[i]);
-
- k = ngx_hash_key_lc(scratch.data, scratch.len);
+
+ for (i = 0; i < mstr->len; i++)
+ mstr->data[i] = tolower(mstr->data[i]);
+
+ k = ngx_hash_key_lc(mstr->data, mstr->len);
+
if ((zone == BODY || zone == FILE_EXT) && cf->wlr_body_hash && cf->wlr_body_hash->size > 0)
b = (ngx_http_whitelist_rule_t*) ngx_hash_find(cf->wlr_body_hash, k,
- (u_char*) scratch.data,
- scratch.len);
+ (u_char*) mstr->data,
+ mstr->len);
else if (zone == HEADERS && cf->wlr_headers_hash &&
cf->wlr_headers_hash->size > 0)
b = (ngx_http_whitelist_rule_t*) ngx_hash_find(cf->wlr_headers_hash, k,
- (u_char*) scratch.data,
- scratch.len);
+ (u_char*) mstr->data,
+ mstr->len);
else if (zone == URL && cf->wlr_url_hash && cf->wlr_url_hash->size > 0)
b = (ngx_http_whitelist_rule_t*) ngx_hash_find(cf->wlr_url_hash, k,
- (u_char*) scratch.data,
- scratch.len);
+ (u_char*) mstr->data,
+ mstr->len);
else if (zone == ARGS && cf->wlr_args_hash && cf->wlr_args_hash->size > 0)
b = (ngx_http_whitelist_rule_t*) ngx_hash_find(cf->wlr_args_hash, k,
- (u_char*) scratch.data,
- scratch.len);
+ (u_char*) mstr->data,
+ mstr->len);
return (b);
}
@@ -653,7 +639,7 @@
if (name->len > 0) {
NX_DEBUG(_debug_whitelist_compat, NGX_LOG_DEBUG_HTTP, req->connection->log, 0, "hashing varname [%V] (rule:%d) - 'wl:X_VAR:%V'", name, r->rule_id, name);
/* try to find in hashtables */
- b = nx_find_wl_in_hash(req, name, cf, zone);
+ b = nx_find_wl_in_hash(name, cf, zone);
if (b && ngx_http_dummy_is_whitelist_adapted(b, name, zone, r, req, NAME_ONLY, target_name))
return (1);
/*prefix hash with '#', to find whitelists that would be done only on ARGS_VAR:X|NAME */
@@ -663,7 +649,7 @@
tmp_hashname.data[0] = '#';
memcpy(tmp_hashname.data+1, name->data, name->len);
NX_DEBUG(_debug_whitelist_compat, NGX_LOG_DEBUG_HTTP, req->connection->log, 0, "hashing varname [%V] (rule:%d) - 'wl:X_VAR:%V|NAME'", name, r->rule_id, name);
- b = nx_find_wl_in_hash(req, &tmp_hashname, cf, zone);
+ b = nx_find_wl_in_hash(&tmp_hashname, cf, zone);
ngx_pfree(req->pool, tmp_hashname.data);
tmp_hashname.data = NULL;
if (b && ngx_http_dummy_is_whitelist_adapted(b, name, zone, r, req, NAME_ONLY, target_name))
@@ -699,7 +685,7 @@
tmp_hashname.len = req->uri.len;
ngx_memcpy(tmp_hashname.data, req->uri.data, req->uri.len);
NX_DEBUG(_debug_whitelist_compat, NGX_LOG_DEBUG_HTTP, req->connection->log, 0, "hashing uri#1 [%V] (rule:%d) ($URL:X|URI)", &(tmp_hashname), r->rule_id);
- b = nx_find_wl_in_hash(req, &(tmp_hashname), cf, zone);
+ b = nx_find_wl_in_hash(&(tmp_hashname), cf, zone);
ngx_pfree(req->pool, tmp_hashname.data);
tmp_hashname.data = NULL;
if (b && ngx_http_dummy_is_whitelist_adapted(b, name, zone, r, req, URI_ONLY, target_name))
@@ -713,7 +699,7 @@
tmp_hashname.data[0] = '#';
ngx_memcpy(tmp_hashname.data+1, req->uri.data, req->uri.len);
NX_DEBUG(_debug_whitelist_compat, NGX_LOG_DEBUG_HTTP, req->connection->log, 0, "hashing uri#3 [%V] (rule:%d) ($URL:X|ZONE|NAME)", &(tmp_hashname), r->rule_id);
- b = nx_find_wl_in_hash(req, &(tmp_hashname), cf, zone);
+ b = nx_find_wl_in_hash(&(tmp_hashname), cf, zone);
ngx_pfree(req->pool, tmp_hashname.data);
tmp_hashname.data = NULL;
if (b && ngx_http_dummy_is_whitelist_adapted(b, name, zone, r, req, URI_ONLY, target_name))
@@ -732,7 +718,7 @@
strncat((char*)tmp_hashname.data, (char*)name->data, name->len);
NX_DEBUG(_debug_whitelist_compat, NGX_LOG_DEBUG_HTTP, req->connection->log, 0, "hashing MIX [%V] ($URL:x|$X_VAR:y) or ($URL:x|$X_VAR:y|NAME)", &tmp_hashname);
- b = nx_find_wl_in_hash(req, &(tmp_hashname), cf, zone);
+ b = nx_find_wl_in_hash(&(tmp_hashname), cf, zone);
ngx_pfree(req->pool, tmp_hashname.data);
if (b && ngx_http_dummy_is_whitelist_adapted(b, name, zone, r, req, MIXED, target_name))
@@ -811,10 +797,6 @@
if (!tmp_uri)
return (NGX_ERROR);
*ret_uri = tmp_uri;
-
- if (r->uri.len >= (NGX_MAX_UINT32_VALUE/4)-1) {
- r->uri.len /= 4;
- }
tmp_uri->len = r->uri.len + (2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len,
NGX_ESCAPE_ARGS));
@@ -898,21 +880,9 @@
strcat(tmp_zone, "FILE_EXT");
if (mr[i].target_name)
strcat(tmp_zone, "|NAME");
-
- ngx_str_t tmp_val;
-
- if (mr[i].name->len >= (NGX_MAX_UINT32_VALUE/4)-1) {
- mr[i].name->len /= 4;
- }
-
- tmp_val.len = mr[i].name->len + (2 * ngx_escape_uri(NULL, mr[i].name->data, mr[i].name->len, NGX_ESCAPE_URI_COMPONENT));
-
- tmp_val.data = ngx_pcalloc(r->pool, tmp_val.len+1);
- ngx_escape_uri(tmp_val.data, mr[i].name->data, mr[i].name->len, NGX_ESCAPE_URI_COMPONENT);
-
sub = snprintf(0, 0, fmt_rm, i, tmp_zone, i,
- mr[i].rule->rule_id, i, tmp_val.len,
- tmp_val.data);
+ mr[i].rule->rule_id, i, mr[i].name->len,
+ mr[i].name->data);
/*
** This one would not fit :
** append a seed to the current fragment,
@@ -926,7 +896,7 @@
}
sub = snprintf((char *)fragment->data+offset, sz_left,
fmt_rm, i, tmp_zone, i, mr[i].rule->rule_id, i,
- tmp_val.len, tmp_val.data);
+ mr[i].name->len, mr[i].name->data);
if (sub >= sz_left)
sub = sz_left - 1;
offset += sub;
@@ -1196,7 +1166,7 @@
*/
int
ngx_http_spliturl_ruleset(ngx_pool_t *pool,
- ngx_str_t *nx_str,
+ char *str,
ngx_array_t *rules,
ngx_array_t *main_rules,
ngx_http_request_t *req,
@@ -1204,23 +1174,14 @@
enum DUMMY_MATCH_ZONE zone)
{
ngx_str_t name, val;
- char *eq, *ev, *orig, *str;
+ char *eq, *ev, *orig;
int len, full_len;
int nullbytes=0;
-
-
- if (naxsi_escape_nullbytes(nx_str) > 0) {
- ngx_str_t dummy;
- dummy.data = NULL;
- dummy.len = 0;
- ngx_http_apply_rulematch_v_n(&nx_int__uncommon_hex_encoding, ctx, req, &dummy, &dummy, zone, 1, 0);
- }
- str = (char *)nx_str->data;
-
NX_DEBUG(_debug_spliturl_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
"XX-check url-like [%s]", str);
-
+
+
orig = str;
full_len = strlen(orig);
while (str < (orig+full_len) && *str) {
@@ -1340,8 +1301,8 @@
enum DUMMY_MATCH_ZONE zone) {
/*
** Libinjection integration :
- ** 1 - check if libinjection_sql is explicitly enabled
- ** 2 - check if libinjection_xss is explicitly enabled
+ ** 1 - check if libinjection_sql is explicitely enabled
+ ** 2 - check if libinjection_xss is explicitely enabled
** if 1 is true : perform check on both name and content,
** in case of match, apply internal rule
** increasing the LIBINJECTION_SQL score
@@ -1384,12 +1345,12 @@
}
int
-ngx_http_basestr_ruleset_n(ngx_pool_t *pool,
+ngx_http_basestr_ruleset_n(ngx_pool_t *pool,
ngx_str_t *name,
ngx_str_t *value,
- ngx_array_t *rules,
- ngx_http_request_t *req,
- ngx_http_request_ctx_t *ctx,
+ ngx_array_t *rules,
+ ngx_http_request_t *req,
+ ngx_http_request_ctx_t *ctx,
enum DUMMY_MATCH_ZONE zone)
{
ngx_http_rule_t *r;
@@ -1428,7 +1389,7 @@
"XX-RULE %d : START", r[i].rule_id);
/* does the rule have a custom location ? custom location means checking only on a specific argument */
- if (name && r[i].br->custom_location) {
+ if (name && name->len > 0 && r[i].br->custom_location) {
location = r[i].br->custom_locations->elts;
/*
@@ -1440,23 +1401,18 @@
*/
for (z = 0; z < r[i].br->custom_locations->nelts; z++) {
- if (location[z].specific_url) {
+ if (location[z].specific_url) {
+
/* if matchzone is a regex, ensure it matches (ie. BODY_VAR_X / ARGS_VAR_X / ..) */
- if (r[i].br->rx_mz) {
-
- if (ngx_http_dummy_pcre_wrapper(location[z].target_rx, req->uri.data, req->uri.len) == -1) {
- uri_constraint_ok = 0;
- }
- }
+ if (r[i].br->rx_mz && ngx_http_dummy_pcre_wrapper(location[z].target_rx, req->uri.data, req->uri.len) == -1)
+ uri_constraint_ok = 0;
/* if it was a static string, ensure it matches (ie. BODY_VAR / ARGS_VAR / ..) */
- if (!r[i].br->rx_mz) {
- if (req->uri.len != location[z].target.len || strncasecmp((const char *) req->uri.data,
- (const char *) location[z].target.data,
- req->uri.len) != 0) {
- uri_constraint_ok = 0;
- }
- }
+ if ( (!r[i].br->rx_mz) && strncasecmp((const char *) req->uri.data,
+ (const char *) location[z].target.data,
+ req->uri.len) )
+ uri_constraint_ok = 0;
+
break;
}
}
@@ -1465,11 +1421,8 @@
** if one of the custom location rule specifies an $URL/$URL_X
** and it was mismatched, skip the rule.
*/
- if (uri_constraint_ok == 0) {
- NX_DEBUG(_debug_basestr_ruleset , NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
- "XX URI CONSTRAINT MISMATCH, SKIP");
+ if (uri_constraint_ok == 0)
continue;
- }
/* for each custom location */
for (z = 0; z < r[i].br->custom_locations->nelts; z++) {
@@ -1480,7 +1433,7 @@
!(zone == HEADERS && location[z].headers_var != 0) &&
!(zone == ARGS && location[z].args_var != 0))
continue;
-
+
/* if matchzone is a regex, ensure it matches (ie. BODY_VAR_X / ARGS_VAR_X / ..) */
if (r[i].br->rx_mz && ngx_http_dummy_pcre_wrapper(location[z].target_rx, name->data, name->len) == -1)
continue;
@@ -1492,6 +1445,7 @@
location[z].target.len)) )
continue;
+
NX_DEBUG(_debug_basestr_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
"XX-[SPECIFIC] check one rule [%d] iteration %d * %d", r[i].rule_id, i, z);
@@ -1536,25 +1490,20 @@
(zone == FILE_EXT && r[i].br->file_ext) ) {
- /*
- ** If the Rule **specifically** targets name (ie. mz:BODY|NAME), only check against name
- */
- if (!r[i].br->target_name) {
- NX_DEBUG(_debug_basestr_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
- "XX-test rulematch (value) [zone-wide]!1 [%V]=[%V] [rule =%d] (%d times)", name, value, r[i].rule_id, nb_match);
-
+ NX_DEBUG(_debug_basestr_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
+ "XX-test rulematch [zone-wide]!1 [%V]=[%V] [rule =%d] (%d times)", name, value, r[i].rule_id, nb_match);
+
- /* check the rule against the value*/
- ret = ngx_http_process_basic_rule_buffer(value, &(r[i]), &nb_match);
- /*if our rule matched, apply effects (score etc.)*/
- if (ret == 1) {
- NX_DEBUG(_debug_basestr_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
- "XX-apply rulematch (value) [%V]=[%V] [rule=%d] (%d times)", name, value, r[i].rule_id, nb_match);
-
- ngx_http_apply_rulematch_v_n(&(r[i]), ctx, req, name, value, zone, nb_match, 0);
- }
+ /* check the rule against the value*/
+ ret = ngx_http_process_basic_rule_buffer(value, &(r[i]), &nb_match);
+ /*if our rule matched, apply effects (score etc.)*/
+ if (ret == 1) {
+ NX_DEBUG(_debug_basestr_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
+ "XX-apply rulematch!1 [%V]=[%V] [rule=%d] (%d times)", name, value, r[i].rule_id, nb_match);
+
+ ngx_http_apply_rulematch_v_n(&(r[i]), ctx, req, name, value, zone, nb_match, 0);
}
-
+
if (!r[i].br->negative) {
NX_DEBUG(_debug_basestr_ruleset, NGX_LOG_DEBUG_HTTP, req->connection->log, 0,
"XX-test rulematch [against-name]!1 [%V]=[%V] [rule=%d] (%d times)", name, value, r[i].rule_id, nb_match);
@@ -2051,8 +2000,8 @@
NX_DEBUG(_debug_post_heavy, NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"XX-POST DATA [%V]", &tmp);
-
- if(ngx_http_spliturl_ruleset(r->pool, &tmp,
+
+ if(ngx_http_spliturl_ruleset(r->pool, (char *)tmp.data,
cf->body_rules, main_cf->body_rules,
r, ctx, BODY)) {
ngx_http_apply_rulematch_v_n(&nx_int__uncommon_url, ctx, r, NULL, NULL, BODY, 1, 0);
@@ -2069,11 +2018,6 @@
(u_char *) "application/json", 16)) {
ngx_http_dummy_json_parse(ctx, r, full_body, full_body_len);
}
- /* 22 = echo -n "application/csp-report" | wc -c */
- else if (!ngx_strncasecmp(r->headers_in.content_type->value.data,
- (u_char *) "application/csp-report", 22)) {
- ngx_http_dummy_json_parse(ctx, r, full_body, full_body_len);
- }
else {
ngx_log_debug(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"[POST] Unknown content-type");
@@ -2113,9 +2057,7 @@
if ( (ctx->block && !ctx->learning) || ctx->drop )
return ;
if (!main_cf->generic_rules && !cf->generic_rules) {
- tmp.data = NULL;
- tmp.len = 0;
- ngx_http_apply_rulematch_v_n(&nx_int__no_rules, ctx, r, &tmp, &tmp, URL, 1, 0);
+ dummy_error_fatal(ctx, r, "no generic rules ?!");
return ;
}
tmp.len = r->uri.len;
@@ -2125,12 +2067,6 @@
return ;
}
memcpy(tmp.data, r->uri.data, r->uri.len);
- if (naxsi_escape_nullbytes(&tmp) > 0) {
- ngx_str_t tmp_name, tmp_val;
- tmp_name.data = tmp_val.data = NULL;
- tmp_name.len = tmp_val.len = 0;
- ngx_http_apply_rulematch_v_n(&nx_int__uncommon_hex_encoding, ctx, r, &tmp_name, &tmp_val, URL, 1, 0);
- }
name.data = NULL;
name.len = 0;
if (cf->generic_rules)
@@ -2162,8 +2098,7 @@
return ;
}
memcpy(tmp.data, r->args.data, r->args.len);
-
- if(ngx_http_spliturl_ruleset(r->pool, &tmp,
+ if(ngx_http_spliturl_ruleset(r->pool, (char *)tmp.data,
cf->get_rules, main_cf->get_rules, r,
ctx, ARGS)) {
dummy_error_fatal(ctx, r,
@@ -2181,7 +2116,6 @@
ngx_list_part_t *part;
ngx_table_elt_t *h;
unsigned int i;
- ngx_str_t lowcase_header;
if (!cf->header_rules && !main_cf->header_rules)
return ;
@@ -2199,19 +2133,11 @@
h = part->elts;
i = 0;
}
- lowcase_header.data = h[i].lowcase_key;
- lowcase_header.len = h[i].key.len;
- if (naxsi_escape_nullbytes(&lowcase_header) > 0) {
- ngx_http_apply_rulematch_v_n(&nx_int__uncommon_hex_encoding, ctx, r, &h[i].key, &h[i].value, HEADERS, 1, 1);
- }
- if (naxsi_escape_nullbytes(&h[i].value) > 0) {
- ngx_http_apply_rulematch_v_n(&nx_int__uncommon_hex_encoding, ctx, r, &h[i].key, &h[i].value, HEADERS, 1, 0);
- }
if (cf->header_rules)
- ngx_http_basestr_ruleset_n(r->pool, &lowcase_header, &(h[i].value),
+ ngx_http_basestr_ruleset_n(r->pool, &(h[i].key), &(h[i].value),
cf->header_rules, r, ctx, HEADERS);
if (main_cf->header_rules)
- ngx_http_basestr_ruleset_n(r->pool, &lowcase_header, &(h[i].value),
+ ngx_http_basestr_ruleset_n(r->pool, &(h[i].key), &(h[i].value),
main_cf->header_rules, r, ctx, HEADERS);
}
return ;
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/naxsi_src/naxsi_utils.c
^
|
@@ -85,20 +85,6 @@
return (NULL);
}
-u_int naxsi_escape_nullbytes(ngx_str_t *str) {
-
- size_t i = 0;
- u_int nullbytes = 0;
-
- for (i = 0; i < str->len; i++) {
- if (str->data[i] == 0) {
- str->data[i] = '0';
- nullbytes++;
- }
- }
- return nullbytes;
-}
-
/* unescape routine, returns number of nullbytes present */
int naxsi_unescape(ngx_str_t *str) {
u_char *dst, *src;
@@ -770,32 +756,32 @@
//encode uri
tmp_uri.len = req->uri.len + (2 * ngx_escape_uri(NULL, req->uri.data, req->uri.len,
- NGX_ESCAPE_URI_COMPONENT));
+ NGX_ESCAPE_ARGS));
tmp_uri.data = ngx_pcalloc(req->pool, tmp_uri.len+1);
if (tmp_uri.data == NULL)
return ;
- ngx_escape_uri(tmp_uri.data, req->uri.data, req->uri.len, NGX_ESCAPE_URI_COMPONENT);
+ ngx_escape_uri(tmp_uri.data, req->uri.data, req->uri.len, NGX_ESCAPE_ARGS);
//encode val
if (val->len <= 0)
tmp_val = empty;
else {
tmp_val.len = val->len + (2 * ngx_escape_uri(NULL, val->data, val->len,
- NGX_ESCAPE_URI_COMPONENT));
+ NGX_ESCAPE_ARGS));
tmp_val.data = ngx_pcalloc(req->pool, tmp_val.len+1);
if (tmp_val.data == NULL)
return ;
- ngx_escape_uri(tmp_val.data, val->data, val->len, NGX_ESCAPE_URI_COMPONENT);
+ ngx_escape_uri(tmp_val.data, val->data, val->len, NGX_ESCAPE_ARGS);
}
//encode name
if (name->len <= 0)
tmp_name = empty;
else {
tmp_name.len = name->len + (2 * ngx_escape_uri(NULL, name->data, name->len,
- NGX_ESCAPE_URI_COMPONENT));
+ NGX_ESCAPE_ARGS));
tmp_name.data = ngx_pcalloc(req->pool, tmp_name.len+1);
if (tmp_name.data == NULL)
return ;
- ngx_escape_uri(tmp_name.data, name->data, name->len, NGX_ESCAPE_URI_COMPONENT);
+ ngx_escape_uri(tmp_name.data, name->data, name->len, NGX_ESCAPE_ARGS);
}
ngx_log_error(NGX_LOG_ERR, req->connection->log, 0,
|
[-]
[+]
|
Added |
naxsi-0.55.3.tar.gz/naxsi_src/nginx.conf.example
^
|
@@ -0,0 +1,36 @@
+master_process off;
+worker_processes 1;
+load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
+events {
+ worker_connections 1024;
+}
+http {
+ include /tmp/naxsi_ut/naxsi_core.rules;
+ include mime.types;
+ default_type application/octet-stream;
+ sendfile on;
+ keepalive_timeout 65;
+ server {
+ listen 4242;
+ server_name localhost;
+ location / {
+ LearningMode;
+ SecRulesEnabled;
+ DeniedUrl "/50x.html";
+ CheckRule "$SQL >= 8" BLOCK;
+ CheckRule "$RFI >= 8" BLOCK;
+ CheckRule "$TRAVERSAL >= 4" BLOCK;
+ CheckRule "$EVADE >= 4" BLOCK;
+ CheckRule "$XSS >= 8" BLOCK;
+ error_log /tmp/ngx_error.log debug;
+ access_log /tmp/ngx_access.log;
+ root html;
+ index index.html index.htm;
+ }
+ error_page 500 502 503 504 /50x.html;
+ location = /50x.html {
+ root html;
+ }
+ }
+}
+
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/nxapi/README.md
^
|
@@ -311,20 +311,18 @@
}
Here is how nxtool will use this to generate whitelists:
-
-1. extract global_filters from nxapi.json, and create the base ES filter: `{ "whitelisted" : "false" }`
-2. merge base ES filter with provided cmd line filter (`--filter`, `-s www.x1.fr`): `{ "whitelisted" : "false", "server" : "www.x1.fr" }`
-3. For each static field of the template, merge it in base ES filter: `{ "whitelisted" : "false", "server" : "www.x1.fr", "zone" : "HEADERS", "var_name" : "cookie" }`
-4. For each field to be expanded (value is `?`) :
-
- 4.1. select all possible values for this field (id) matching base ES filter, (ie. 1000 and 1001 here)
-
- 4.2. attempt to generate a whitelist for each possible value, and evaluate its scores:
-
- { "whitelisted" : "false", "server" : "www.x1.fr", "zone" : "HEADERS", "var_name" : "cookie", "id" : "1000"}
- { "whitelisted" : "false", "server" : "www.x1.fr", "zone" : "HEADERS", "var_name" : "cookie", "id" : "1001"}
-
-5. For each final set that provided results, output a whitelist.
+ 1. extract global_filters from nxapi.json, and create the base ES filter :
+ { "whitelisted" : "false" }
+ 2. merge base ES filter with provided cmd line filter (--filter, -s www.x1.fr)
+ { "whitelisted" : "false", "server" : "www.x1.fr" }
+ 3. For each static field of the template, merge it in base ES filter :
+ { "whitelisted" : "false", "server" : "www.x1.fr", "zone" : "HEADERS", "var_name" : "cookie" }
+ 4. For each field to be expanded (value is `?`) :
+ 4.1. select all possible values for this field (id) matching base ES filter, (ie. 1000 and 1001 here)
+ 4.2. attempt to generate a whitelist for each possible value, and evaluate its scores.
+ { "whitelisted" : "false", "server" : "www.x1.fr", "zone" : "HEADERS", "var_name" : "cookie", "id" : "1000"}
+ { "whitelisted" : "false", "server" : "www.x1.fr", "zone" : "HEADERS", "var_name" : "cookie", "id" : "1001"}
+ 5. For each final set that provided results, output a whitelist.
Templates support :
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/nxapi/nxapi.json
^
|
@@ -3,8 +3,6 @@
"host" : "127.0.0.1:9200",
"use_ssl" : false,
"index" : "nxapi",
- "number_of_shards" : "4",
- "number_of_replicas" : "0",
"doctype" : "events",
"default_ttl" : "7200",
"max_size" : "1000",
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/nxapi/nxapi/nxparse.py
^
|
@@ -67,7 +67,6 @@
print "Unable to get syslog host and port"
sys.exit(1)
s = socket.socket(socket.AF_INET,socket.SOCK_STREAM)
- s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
try:
s.bind((host,port))
s.listen(10)
@@ -407,12 +406,6 @@
try:
self.es.indices.create(
index=self.cfg["elastic"]["index"],
- body = {
- "settings" : {
- "number_of_shards": self.cfg["elastic"]["number_of_shards"],
- "number_of_replicas": self.cfg["elastic"]["number_of_replicas"]
- }
- },
ignore=400 # Ignore 400 cause by IndexAlreadyExistsException when creating an index
)
except Exception as idxadd_error:
@@ -446,12 +439,7 @@
index=self.cfg["elastic"]["index"],
doc_type=self.cfg["elastic"]["doctype"],
# id=repo_name,
- body = {
- "settings" : {
- "number_of_shards": self.cfg["elastic"]["number_of_shards"],
- "number_of_replicas": self.cfg["elastic"]["number_of_replicas"]
- }
- },
+ body={},
ignore=409 # 409 - conflict - would be returned if the document is already there
)
except Exception as idxadd_error:
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/nxapi/nxtool.py
^
|
@@ -275,12 +275,7 @@
# statistics
if options.stats is True:
print translate.red.format("# Whitelist(ing) ratio :")
- for e in translate.fetch_top(cfg.cfg["global_filters"], "whitelisted", limit=2):
- try:
- list_e = e.split()
- print '# {0} {1} {2}{3}'.format(translate.grn.format(list_e[0]), list_e[1], list_e[2], list_e[3])
- except:
- print "--malformed--"
+ translate.fetch_top(cfg.cfg["global_filters"], "whitelisted", limit=2)
print translate.red.format("# Top servers :")
for e in translate.fetch_top(cfg.cfg["global_filters"], "server", limit=10):
try:
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/t/01naxsi_whitelists.t
^
|
@@ -272,7 +272,7 @@
return 412;
}
--- more_headers
-cookie: foobar
+Cookie: foobar
--- request
GET /another-page
--- error_code: 200
@@ -361,7 +361,7 @@
return 412;
}
--- more_headers
-cookie: foobar
+COOKIE: foobar
--- request
GET /another-page
--- error_code: 200
@@ -1192,81 +1192,3 @@
--- request
GET /?a123a=lol
--- error_code: 200
-=== WL TEST 20.0 : wl:0 in cookies (#405)
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
-MainRule id:4242 "str:123" "mz:$HEADERS_VAR:cookie" s:BLOCK;
---- config
-location / {
- SecRulesEnabled;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- more_headers
-Cookie: 123
---- request
-GET /
---- error_code: 412
-=== WL TEST 20.1 : wl:0 in cookies (#405)
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
-MainRule id:4242 "str:123" "mz:$HEADERS_VAR:cookie" s:BLOCK;
---- config
-location / {
- SecRulesEnabled;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- more_headers
-Cookie: 124
---- request
-GET /
---- error_code: 200
-=== WL TEST 20.0 : wl:0 in cookies (#405)
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
-MainRule id:4242 "str:123" "mz:$HEADERS_VAR:cookie" s:BLOCK;
---- config
-location / {
- SecRulesEnabled;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- BasicRule wl:0 "mz:$HEADERS_VAR:cookie";
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- more_headers
-Cookie: 123
---- request
-GET /
---- error_code: 200
-
-
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/t/02naxsi_bypass.t
^
|
@@ -317,30 +317,3 @@
--- request
GET /?val&
--- error_code: 412
-=== TEST 5.1: DENY : XSS bypass vector true nullbyte
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
---- config
-location / {
- #LearningMode;
- SecRulesEnabled;
- DeniedUrl "/RequestDenied";
-CheckRule "$SQL >= 8" BLOCK;
-CheckRule "$RFI >= 2" BLOCK;
-CheckRule "$TRAVERSAL >= 4" BLOCK;
-CheckRule "$XSS >= 8" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- more_headers
-Content-Type: application/x-www-form-urlencoded
---- request eval
-use URI::Escape;
-"POST /foobar
-a=a�<><><>"
---- error_code: 412
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/t/11naxsi_newstyle_config.t
^
|
@@ -75,7 +75,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -134,7 +134,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -193,7 +193,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -252,7 +252,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -311,7 +311,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -370,7 +370,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -429,7 +429,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -493,7 +493,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -557,7 +557,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -621,7 +621,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -681,7 +681,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -741,7 +741,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -808,7 +808,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -877,7 +877,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -946,7 +946,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1015,7 +1015,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1078,7 +1078,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1146,7 +1146,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1211,7 +1211,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1276,7 +1276,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1343,7 +1343,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1411,7 +1411,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1478,7 +1478,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1547,7 +1547,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1615,7 +1615,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1682,7 +1682,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1749,7 +1749,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1816,7 +1816,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1880,7 +1880,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -1947,7 +1947,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -2011,7 +2011,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -2075,7 +2075,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -2139,7 +2139,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -2203,7 +2203,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -2267,7 +2267,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
@@ -2331,7 +2331,7 @@
main_rule "str:]" "msg:], possible js" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1311;
main_rule "str:~" "msg:~ character" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$XSS:4" id:1312;
main_rule "str:`" "msg:grave accent !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-main_rule "rx:%[23]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
+main_rule "rx:%[2|3]." "msg:double encoding !" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
main_rule "str:&#" "msg: utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
main_rule "str:%U" "msg: M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
main_rule negative "rx:multipart/form-data|application/x-www-form-urlencoded" "msg:Content is neither mulipart/x-www-form.." "mz:$HEADERS_VAR:Content-type" "s:$EVADE:4" id:1402;
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/t/14json.t
^
|
@@ -740,35 +740,3 @@
\"fu\" : { \"aa\" : \"bb\"
}"
--- error_code: 412
-
-=== JSON14 : bug_418
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
---- config
-set $naxsi_extensive_log 1;
-location / {
- SecRulesEnabled;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
- error_page 405 = $uri;
-}
-location /RequestDenied {
- return 412;
-}
---- more_headers
-Content-Type: application/json
---- request eval
-use URI::Escape;
-"POST /
-{
- \"error\":
- \"ERROR_REPORT:{\\\"request\\\":{\\\"bar\\\":\\\"\\\"},\\\"response\\\":{\\\"bar\\\":[{\\\"schema_id\\\":\\\"foo\\\"}]}}\"
-}"
---- error_code: 412
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/t/28log.t
^
|
@@ -79,8 +79,8 @@
--- error_code: 404
--- error_log eval
[qr@NAXSI_FMT: ip=127\.0\.0\.1&server=localhost&uri=/x,y&learning=1&vers=[^&]+&total_processed=1&total_blocked=1&block=1&cscore0=\$SQL&score0=8&zone0=URL&id0=1015&var_name0=&zone1=ARGS&id1=1015&var_name1=uuu@,
-qr@NAXSI_EXLOG: ip=127\.0\.0\.1&server=localhost&uri=%2Fx%2Cy&id=1015&zone=URL&var_name=&content=%2Fx%2Cy@,
-qr@NAXSI_EXLOG: ip=127\.0\.0\.1&server=localhost&uri=%2Fx%2Cy&id=1015&zone=ARGS&var_name=uuu&content=b%2Cc@
+qr@NAXSI_EXLOG: ip=127\.0\.0\.1&server=localhost&uri=/x,y&id=1015&zone=URL&var_name=&content=/x,y,@,
+qr@NAXSI_EXLOG: ip=127\.0\.0\.1&server=localhost&uri=/x,y&id=1015&zone=ARGS&var_name=uuu&content=b,c@
]
=== TEST 1.4 : learning + no-block score + naxsi_extensive_log, NAXSI_EXLOG only
--- main_config
@@ -104,7 +104,7 @@
GET /x,y?uuu=bc
--- error_code: 404
--- error_log eval
-qr@NAXSI_EXLOG: ip=127\.0\.0\.1&server=localhost&uri=%2Fx%2Cy&id=1015&zone=URL&var_name=&content=%2Fx%2Cy, client: 127\.0\.0\.1,@
+qr@NAXSI_EXLOG: ip=127\.0\.0\.1&server=localhost&uri=/x,y&id=1015&zone=URL&var_name=&content=/x,y, client: 127\.0\.0\.1,@
--- no_error_log
NAXSI_FMT
=== TEST 1.6 : learning + block-score + naxsi_extensive_log, NAXSI_EXLOG only
|
[-]
[+]
|
Changed |
naxsi-0.55.3.tar.gz/t/29regression.t
^
|
@@ -209,70 +209,3 @@
"POST /wp-json/wp/v2/posts/111
id=1a&foo2=bar2"
--- error_code: 412
-=== WL TEST 3.0: false-positive on virtual-patch with empty var name
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
-MainRule "rx:FOOBAR" "mz:$URL:/wp-includes/js/plupload/plupload.flash.swf|ARGS" "msg:Wordpress PlUpload XSS" "s:$UWA:8,$XSS_UWA:1" id:42000485;
---- config
-location / {
- SecRulesEnabled;
- CheckRule "$LOG_TEST >= 1" LOG;
- CheckRule "$UWA >= 8" BLOCK;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 4" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- request
-GET /?a=bui&FOOBAR
---- error_code: 200
-=== WL TEST 3.0: false-positive on virtual-patch with empty var name
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
-MainRule "rx:FOOBAR" "mz:$URL:/wp-includes/js/plupload/plupload.flash.swf|ARGS" "msg:Wordpress PlUpload XSS" "s:$UWA:8,$XSS_UWA:1" id:42000485;
---- config
-location / {
- SecRulesEnabled;
- CheckRule "$LOG_TEST >= 1" LOG;
- CheckRule "$UWA >= 8" BLOCK;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 4" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- request
-GET /wp-includes/js/plupload/plupload.flash.swf?a=bui&FOOBAR
---- error_code: 412
-=== WL TEST 3.01: false-positive on virtual-patch with empty var name
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
-MainRule "rx:FOOBAR" "mz:$URL:/wp-includes/js/plupload/plupload.flash.swf|ARGS" "msg:Wordpress PlUpload XSS" "s:$UWA:8,$XSS_UWA:1" id:42000485;
---- config
-location / {
- SecRulesEnabled;
- CheckRule "$LOG_TEST >= 1" LOG;
- CheckRule "$UWA >= 8" BLOCK;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 4" BLOCK;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- request
-GET /wp-includes/js/plupload/plupload.flash.swf/xxx/?a=bui&FOOBAR
---- error_code: 404
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/30regr.t
^
|
@@ -1,121 +0,0 @@
-#vi:filetype=perl
-
-
-# A AJOUTER :
-# TEST CASE AVEC UNE REGLE SUR UN HEADER GENERIQUE
-# La même sur des arguments :)
-
-use lib 'lib';
-use Test::Nginx::Socket;
-
-repeat_each(3);
-
-plan tests => repeat_each(1) * blocks();
-no_root_location();
-no_long_string();
-$ENV{TEST_NGINX_SERVROOT} = server_root();
-run_tests();
-
-
-__DATA__
-=== TEST 1: rule target body|name
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
---- config
-location / {
- SecRulesEnabled;
- LearningMode;
- BasicRule id:100054 "msg:Weird binary content" "rx:[^-0-9a-z_+.\[\]]" "mz:BODY|NAME" "s:$TEST_LOG:8";
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- CheckRule "$TEST_LOG >= 8" DROP;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
- error_page 405 = $uri;
-}
-location /RequestDenied {
- return 412;
- # return 412;
-}
---- more_headers
-Content-Type: application/x-www-form-urlencoded
---- request eval
-use URI::Escape;
-"POST /
-9p7jslna,ire(ul\)v`2q8u]h)bfuzpcgsa_3`s\twfw)gy)\%3Fc=]@&foo2=bar2"
---- error_code: 412
-
-=== TEST 1: rule target body|name
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
---- config
-location / {
- SecRulesEnabled;
- LearningMode;
- BasicRule id:100054 "msg:Weird binary content" "rx:[^-0-9a-z_+.\[\]]" "mz:BODY|NAME" "s:$TEST_LOG:8";
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- CheckRule "$TEST_LOG >= 8" DROP;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
- error_page 405 = $uri;
-}
-location /RequestDenied {
- return 412;
- # return 412;
-}
---- more_headers
-Content-Type: application/x-www-form-urlencoded
---- request eval
-use URI::Escape;
-"POST /
-9p7jslna,ire(ul\)v`2q8u]h)bfuzpcgsa_3`s\twfw)gy)\%3Fc=ww&foo2=bar2"
---- error_code: 412
-
-
-=== TEST 1: rule target body|name
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- http_config
-include /tmp/naxsi_ut/naxsi_core.rules;
---- config
-location / {
- SecRulesEnabled;
- LearningMode;
- BasicRule id:100054 "msg:Weird binary content" "rx:[^-0-9a-z_+.\[\]]" "mz:BODY|NAME" "s:$TEST_LOG:8";
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- CheckRule "$TEST_LOG >= 8" DROP;
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
- error_page 405 = $uri;
-}
-location /RequestDenied {
- return 412;
- # return 412;
-}
---- more_headers
-Content-Type: application/x-www-form-urlencoded
---- request eval
-use URI::Escape;
-"POST /
-ww=9p7jslna,ire(ul\)v`2q8u]h)bfuzpcgsa_3`s\twfw)gy)\%3Fc&foo2=bar2"
---- error_code: 200
-
-
-
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/31norules.t
^
|
@@ -1,73 +0,0 @@
-#vi:filetype=perl
-
-
-# A AJOUTER :
-# TEST CASE AVEC UNE REGLE SUR UN HEADER GENERIQUE
-# La même sur des arguments :)
-
-use lib 'lib';
-use Test::Nginx::Socket;
-
-repeat_each(3);
-
-plan tests => repeat_each(1) * blocks();
-no_root_location();
-no_long_string();
-$ENV{TEST_NGINX_SERVROOT} = server_root();
-run_tests();
-
-
-__DATA__
-=== TEST 1: Basic GET request with no rules, drop
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- config
-location / {
- SecRulesEnabled;
- LearningMode;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- LibInjectionXss;
- CheckRule "$LIBINJECTION_XSS >= 8" BLOCK;
- LibInjectionSql;
- CheckRule "$LIBINJECTION_SQL >= 8" BLOCK;
-
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- request
-GET /?a=buibui
---- error_code: 412
-=== TEST 1.1: Basic GET request with no rules, whitelist the special rule.
---- main_config
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
---- config
-location / {
- SecRulesEnabled;
- BasicRule wl:19;
- LearningMode;
- DeniedUrl "/RequestDenied";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- LibInjectionXss;
- CheckRule "$LIBINJECTION_XSS >= 8" BLOCK;
- LibInjectionSql;
- CheckRule "$LIBINJECTION_SQL >= 8" BLOCK;
-
- root $TEST_NGINX_SERVROOT/html/;
- index index.html index.htm;
-}
-location /RequestDenied {
- return 412;
-}
---- request
-GET /?a=buibui
---- error_code: 200
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/confs
^
|
-(directory)
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/confs/nginx.conf.example
^
|
@@ -1,44 +0,0 @@
-master_process off;
-#worker_processes 1;
-daemon off;
-
-load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
-events {
- worker_connections 1024;
- use select;
-}
-http {
- include /tmp/naxsi_ut/naxsi_core.rules;
- include mime.types;
- default_type application/octet-stream;
- sendfile on;
- keepalive_timeout 65;
- server {
- listen 4242 ssl http2;
- ssl_certificate /tmp/nginx.crt;
- ssl_certificate_key /tmp/nginx.key;
- server_name localhost;
- set $naxsi_extensive_log 1;
- location / {
- LearningMode;
- SecRulesEnabled;
- DeniedUrl "/50x.html";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$EVADE >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- return 200;
-# error_log /tmp/ngx_error.log debug;
-# access_log /tmp/ngx_access.log;
-# root html;
-# index index.html index.htm;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- return 500;
- # root html;
- }
- }
-}
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/confs/nginx_fuzz.conf.example
^
|
@@ -1,48 +0,0 @@
-master_process off;
-daemon off;
-
-#load_module /tmp/naxsi_ut/modules/ngx_http_naxsi_module.so;
-events {
- worker_connections 1024;
- use select;
-}
-http {
-MainRule "rx:select|union|update|delete|insert|table|from|ascii|hex|unhex|drop" "msg:sql keywords" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:4" id:1000;
-MainRule "str:\"" "msg:double quote" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8,$XSS:8" id:1001;
-MainRule "str:0x" "msg:0x, possible hex encoding" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:2" id:1002;
-## Hardcore rules
-MainRule "str:/*" "msg:mysql comment (/*)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1003;
-MainRule "str:*/" "msg:mysql comment (*/)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1004;
-MainRule "str:|" "msg:mysql keyword (|)" "mz:BODY|URL|ARGS|$HEADERS_VAR:Cookie" "s:$SQL:8" id:1005;
-MainRule "str:`" "msg:grave accent (`)" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1314;
-MainRule "rx:%[23]." "msg:double encoding" "mz:ARGS|URL|BODY|$HEADERS_VAR:Cookie" "s:$XSS:8" id:1315;
-MainRule "str:&#" "msg:utf7/8 encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1400;
-MainRule "str:%U" "msg:M$ encoding" "mz:ARGS|BODY|URL|$HEADERS_VAR:Cookie" "s:$EVADE:4" id:1401;
-MainRule "rx:\.ph|\.asp|\.ht" "msg:asp/php file upload" "mz:FILE_EXT" "s:$UPLOAD:8" id:1500;
-
-# include /tmp/naxsi_ut/naxsi_core.rules;
-# include mime.types;
- default_type application/octet-stream;
- sendfile on;
- keepalive_timeout 65;
- server {
- listen 4242;
- server_name localhost;
- location / {
- LearningMode;
- SecRulesEnabled;
- DeniedUrl "/50x.html";
- CheckRule "$SQL >= 8" BLOCK;
- CheckRule "$RFI >= 8" BLOCK;
- CheckRule "$TRAVERSAL >= 4" BLOCK;
- CheckRule "$EVADE >= 4" BLOCK;
- CheckRule "$XSS >= 8" BLOCK;
- return 200;
- }
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
- return 500;
- }
- }
-}
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/confs/ngx_cycle.patch
^
|
@@ -1,13 +0,0 @@
---- a/src/core/ngx_cycle.c.orig 2016-02-09 15:11:57.000000000 +0100
-+++ b/src/core/ngx_cycle.c 2016-12-12 18:05:53.832725017 +0100
---- nginx/src/core/ngx_cycle.c 2016-02-09 15:11:57.000000000 +0100
-+++ ngx_cycle.c 2016-12-13 09:49:47.762221499 +0100
-@@ -602,6 +602,8 @@
- }
- }
-
-+ __AFL_INIT();
-+
- if (ngx_open_listening_sockets(cycle) != NGX_OK) {
- goto failed;
- }
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/confs/ngx_process_cycle.patch
^
|
@@ -1,25 +0,0 @@
---- a/src/os/unix/ngx_process_cycle.c.orig 2016-02-09 15:11:58.000000000 +0100
-+++ a/src/os/unix/ngx_process_cycle.c 2016-12-12 15:05:21.000000000 +0100
-@@ -303,7 +303,11 @@
- }
- }
-
-+
-+ int ran_once=0;
-+
- for ( ;; ) {
-+
- ngx_log_debug0(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "worker cycle");
-
- ngx_process_events_and_timers(cycle);
-@@ -337,6 +341,11 @@
- ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "reopening logs");
- ngx_reopen_files(cycle, (ngx_uid_t) -1);
- }
-+
-+ ran_once += 1;
-+ //printf("ran : %d\n", ran_once);
-+ if (ran_once == 2) exit(0);
-+
- }
- }
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz
^
|
-(directory)
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/big-json-post
^
|
@@ -1,30 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: application/json
-Content-Length: 542
-
-{
- "glossary": {
- "title": "example glossary",
-"GlossDiv": {
- "title": "S",
-"GlossList": {
- "GlossEntry": {
- "ID": "SGML",
-"SortAs": "SGML",
-"GlossTerm": "Standard Generalized Markup Language",
-"Acronym": "SGML",
-"Abbrev": "ISO 8879:1986",
-"GlossDef": {
- "para": "A meta-markup language used to create markup languages such as DocBook.",
-"GlossSeeAlso": ["GML", "XML"]
- },
-"GlossSee": "markup"
- }
- }
- }
- }
-
-}}
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/big-multipart-post
^
|
@@ -1,22 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: multipart/form-data; boundary=---------------------------103832778631715
-Content-Length: 4449
-
------------------------------103832778631715
-Content-Disposition: form-data; name="name"
-
-azzzo
-
-
------------------------------103832778631715
-Content-Disposition: form-data; name="married"
-
-not single
------------------------------103832778631715
-Content-Disposition: form-data; name="male"
-
-AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
------------------------------103832778631715--
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/med-get-bad-format
^
|
@@ -1,4 +0,0 @@
-GET /?a=1%23PTTmJopxdWJ%0AAND%23cWfcVRPV%0A9227=9227 HTTP/1.0
-
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/med-get-with-path
^
|
@@ -1,6 +0,0 @@
-GET /bla?/bla=1999&bu=1998 HTTP/1.1
-Host: localhost
-Connection: close
-
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/med-json-post
^
|
@@ -1,14 +0,0 @@
-POST /test_uri HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: application/json
-Content-Length: 183
-
-{
- "oh" : ["there", "is", "no", "way"],
- "this" : { "will" : ["work", "does"],
- "it" : "??" },
- "trigger" : {"test_1234" : ["foobar", "will", "trigger", "it"]},
- "foo" : "baar"
-}
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/med-multipart-file-post
^
|
@@ -1,26 +0,0 @@
-POST /foobar HTTP/1.1
-Host: 127.0.0.1
-Connection: Close
-User-Agent: Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10
-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
-Accept-Language: en-us,en;q=0.5
-Accept-Encoding: gzip, deflate
-Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
-Referer: http://127.0.0.1/
-Content-Type: multipart/form-data; boundary=---------------------------1919886344942015258287623957
-Content-Length: 394
-
------------------------------1919886344942015258287623957
-Content-Disposition: form-data; name="textline"
-
-valid text and small file
------------------------------1919886344942015258287623957
-Content-Disposition: form-data; name="datafile"; filename="bla.txt"; name="bla.txt"
-Content-Type: text/plain
-
-buibuibubi
-buibuibuib
-
------------------------------1919886344942015258287623957--
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/med-multipart-post
^
|
@@ -1,21 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: multipart/form-data; boundary=---------------------------103832778631715
-Content-Length: 42
-
------------------------------103832778631715
-Content-Disposition: form-data; name="name"
-
-MyName
------------------------------103832778631715
-Content-Disposition: form-data; name="married"
-
-not single
------------------------------103832778631715
-Content-Disposition: form-data; name="male"
-
-yes
------------------------------103832778631715--
-
-
|
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/med-post-non-ascii
^
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-get-nohost
^
|
@@ -1,4 +0,0 @@
-GET /?a=1%20UnioN%20SeLEct%201 HTTP/1.0
-
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-get-sig
^
|
@@ -1,4 +0,0 @@
-GET /?a=1+/*!30000AND+2>1*/-- HTTP/1.0
-
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-json-post
^
|
@@ -1,10 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: application/json
-Content-Length: 18
-
-{
- "lol" : "bar"
-}
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-ko-get
^
|
@@ -1,6 +0,0 @@
-GET /?==yesone&&& HTTP/1.1
-Host: localhost
-Connection: close
-
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-multipart-post
^
|
@@ -1,26 +0,0 @@
-POST /foobar HTTP/1.1
-Host: 127.0.0.1
-Connection: Close
-User-Agent: Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B334b Safari/531.21.10
-Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
-Accept-Language: en-us,en;q=0.5
-Accept-Encoding: gzip, deflate
-Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
-Referer: http://127.0.0.1/
-Content-Type: multipart/form-data; boundary=---------------------------1919886344942015258287623957
-Content-Length: 378
-
------------------------------1919886344942015258287623957
-Content-Disposition: form-data; name="textline"
-
-valid text and small file
------------------------------1919886344942015258287623957
-Content-Disposition: form-data; name="datafile"; filename="bla.txt"
-Content-Type: text/plain
-
-buibuibubi
-buibuibuib
-
------------------------------1919886344942015258287623957--
-
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-ok-get
^
|
@@ -1,6 +0,0 @@
-GET /?a=<> HTTP/1.1
-Host: localhost
-Connection: close
-
-
-
|
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-unknown-CT-post
^
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-urlencded-post-2
^
|
@@ -1,8 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: application/x-www-form-urlencoded
-Content-Length: 32
-
-foo1='><script>alert(1)</script>
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/mini-urlencoded-post
^
|
@@ -1,8 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: application/x-www-form-urlencoded
-Content-Length: 9
-
-a1=trolol
-
|
[-]
[+]
|
Deleted |
naxsi-0.56.tar.gz/t/fuzz/small-multipart-post
^
|
@@ -1,20 +0,0 @@
-POST / HTTP/1.1
-Host: localhost
-Connection: close
-Content-Type: multipart/form-data; boundary=---------------------------103832778631715
-Content-Length: 353
-
------------------------------103832778631715
-Content-Disposition: form-data; name="name"
-
-MyName
------------------------------103832778631715
-Content-Disposition: form-data; name="married"
-
-not single
------------------------------103832778631715
-Content-Disposition: form-data; name="male"
-
-yes
------------------------------103832778631715--
-
|
|
Deleted |
naxsi-1.3.tar.gz
^
|
|
Deleted |
nginx-module-vts-0.1.18.tar.gz
^
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/HEAD
^
|
@@ -0,0 +1 @@
+ref: refs/heads/master
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/config
^
|
@@ -0,0 +1,12 @@
+[core]
+ repositoryformatversion = 0
+ filemode = true
+ bare = false
+ logallrefupdates = true
+ ignorecase = true
+[remote "origin"]
+ fetch = +refs/heads/*:refs/remotes/origin/*
+ url = https://github.com/arut/nginx-rtmp-module.git
+[branch "master"]
+ remote = origin
+ merge = refs/heads/master
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/description
^
|
@@ -0,0 +1 @@
+Unnamed repository; edit this file 'description' to name the repository.
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/applypatch-msg.sample
^
|
@@ -0,0 +1,15 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message taken by
+# applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit. The hook is
+# allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "applypatch-msg".
+
+. git-sh-setup
+test -x "$GIT_DIR/hooks/commit-msg" &&
+ exec "$GIT_DIR/hooks/commit-msg" ${1+"$@"}
+:
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/commit-msg.sample
^
|
@@ -0,0 +1,24 @@
+#!/bin/sh
+#
+# An example hook script to check the commit log message.
+# Called by "git commit" with one argument, the name of the file
+# that has the commit message. The hook should exit with non-zero
+# status after issuing an appropriate message if it wants to stop the
+# commit. The hook is allowed to edit the commit message file.
+#
+# To enable this hook, rename this file to "commit-msg".
+
+# Uncomment the below to add a Signed-off-by line to the message.
+# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
+# hook is more suited to it.
+#
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
+
+# This example catches duplicate Signed-off-by lines.
+
+test "" = "$(grep '^Signed-off-by: ' "$1" |
+ sort | uniq -c | sed -e '/^[ ]*1[ ]/d')" || {
+ echo >&2 Duplicate Signed-off-by lines.
+ exit 1
+}
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/post-update.sample
^
|
@@ -0,0 +1,8 @@
+#!/bin/sh
+#
+# An example hook script to prepare a packed repository for use over
+# dumb transports.
+#
+# To enable this hook, rename this file to "post-update".
+
+exec git update-server-info
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/pre-applypatch.sample
^
|
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# An example hook script to verify what is about to be committed
+# by applypatch from an e-mail message.
+#
+# The hook should exit with non-zero status after issuing an
+# appropriate message if it wants to stop the commit.
+#
+# To enable this hook, rename this file to "pre-applypatch".
+
+. git-sh-setup
+test -x "$GIT_DIR/hooks/pre-commit" &&
+ exec "$GIT_DIR/hooks/pre-commit" ${1+"$@"}
+:
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/pre-commit.sample
^
|
@@ -0,0 +1,50 @@
+#!/bin/sh
+#
+# An example hook script to verify what is about to be committed.
+# Called by "git commit" with no arguments. The hook should
+# exit with non-zero status after issuing an appropriate message if
+# it wants to stop the commit.
+#
+# To enable this hook, rename this file to "pre-commit".
+
+if git rev-parse --verify HEAD >/dev/null 2>&1
+then
+ against=HEAD
+else
+ # Initial commit: diff against an empty tree object
+ against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
+fi
+
+# If you want to allow non-ascii filenames set this variable to true.
+allownonascii=$(git config hooks.allownonascii)
+
+# Redirect output to stderr.
+exec 1>&2
+
+# Cross platform projects tend to avoid non-ascii filenames; prevent
+# them from being added to the repository. We exploit the fact that the
+# printable range starts at the space character and ends with tilde.
+if [ "$allownonascii" != "true" ] &&
+ # Note that the use of brackets around a tr range is ok here, (it's
+ # even required, for portability to Solaris 10's /usr/bin/tr), since
+ # the square bracket bytes happen to fall in the designated range.
+ test $(git diff --cached --name-only --diff-filter=A -z $against |
+ LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0
+then
+ echo "Error: Attempt to add a non-ascii file name."
+ echo
+ echo "This can cause problems if you want to work"
+ echo "with people on other platforms."
+ echo
+ echo "To be portable it is advisable to rename the file ..."
+ echo
+ echo "If you know what you are doing you can disable this"
+ echo "check using:"
+ echo
+ echo " git config hooks.allownonascii true"
+ echo
+ exit 1
+fi
+
+# If there are whitespace errors, print the offending file names and fail.
+exec git diff-index --check --cached $against --
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/pre-rebase.sample
^
|
@@ -0,0 +1,169 @@
+#!/bin/sh
+#
+# Copyright (c) 2006, 2008 Junio C Hamano
+#
+# The "pre-rebase" hook is run just before "git rebase" starts doing
+# its job, and can prevent the command from running by exiting with
+# non-zero status.
+#
+# The hook is called with the following parameters:
+#
+# $1 -- the upstream the series was forked from.
+# $2 -- the branch being rebased (or empty when rebasing the current branch).
+#
+# This sample shows how to prevent topic branches that are already
+# merged to 'next' branch from getting rebased, because allowing it
+# would result in rebasing already published history.
+
+publish=next
+basebranch="$1"
+if test "$#" = 2
+then
+ topic="refs/heads/$2"
+else
+ topic=`git symbolic-ref HEAD` ||
+ exit 0 ;# we do not interrupt rebasing detached HEAD
+fi
+
+case "$topic" in
+refs/heads/??/*)
+ ;;
+*)
+ exit 0 ;# we do not interrupt others.
+ ;;
+esac
+
+# Now we are dealing with a topic branch being rebased
+# on top of master. Is it OK to rebase it?
+
+# Does the topic really exist?
+git show-ref -q "$topic" || {
+ echo >&2 "No such branch $topic"
+ exit 1
+}
+
+# Is topic fully merged to master?
+not_in_master=`git rev-list --pretty=oneline ^master "$topic"`
+if test -z "$not_in_master"
+then
+ echo >&2 "$topic is fully merged to master; better remove it."
+ exit 1 ;# we could allow it, but there is no point.
+fi
+
+# Is topic ever merged to next? If so you should not be rebasing it.
+only_next_1=`git rev-list ^master "^$topic" ${publish} | sort`
+only_next_2=`git rev-list ^master ${publish} | sort`
+if test "$only_next_1" = "$only_next_2"
+then
+ not_in_topic=`git rev-list "^$topic" master`
+ if test -z "$not_in_topic"
+ then
+ echo >&2 "$topic is already up-to-date with master"
+ exit 1 ;# we could allow it, but there is no point.
+ else
+ exit 0
+ fi
+else
+ not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
+ /usr/bin/perl -e '
+ my $topic = $ARGV[0];
+ my $msg = "* $topic has commits already merged to public branch:\n";
+ my (%not_in_next) = map {
+ /^([0-9a-f]+) /;
+ ($1 => 1);
+ } split(/\n/, $ARGV[1]);
+ for my $elem (map {
+ /^([0-9a-f]+) (.*)$/;
+ [$1 => $2];
+ } split(/\n/, $ARGV[2])) {
+ if (!exists $not_in_next{$elem->[0]}) {
+ if ($msg) {
+ print STDERR $msg;
+ undef $msg;
+ }
+ print STDERR " $elem->[1]\n";
+ }
+ }
+ ' "$topic" "$not_in_next" "$not_in_master"
+ exit 1
+fi
+
+exit 0
+
+################################################################
+
+This sample hook safeguards topic branches that have been
+published from being rewound.
+
+The workflow assumed here is:
+
+ * Once a topic branch forks from "master", "master" is never
+ merged into it again (either directly or indirectly).
+
+ * Once a topic branch is fully cooked and merged into "master",
+ it is deleted. If you need to build on top of it to correct
+ earlier mistakes, a new topic branch is created by forking at
+ the tip of the "master". This is not strictly necessary, but
+ it makes it easier to keep your history simple.
+
+ * Whenever you need to test or publish your changes to topic
+ branches, merge them into "next" branch.
+
+The script, being an example, hardcodes the publish branch name
+to be "next", but it is trivial to make it configurable via
+$GIT_DIR/config mechanism.
+
+With this workflow, you would want to know:
+
+(1) ... if a topic branch has ever been merged to "next". Young
+ topic branches can have stupid mistakes you would rather
+ clean up before publishing, and things that have not been
+ merged into other branches can be easily rebased without
+ affecting other people. But once it is published, you would
+ not want to rewind it.
+
+(2) ... if a topic branch has been fully merged to "master".
+ Then you can delete it. More importantly, you should not
+ build on top of it -- other people may already want to
+ change things related to the topic as patches against your
+ "master", so if you need further changes, it is better to
+ fork the topic (perhaps with the same name) afresh from the
+ tip of "master".
+
+Let's look at this example:
+
+ o---o---o---o---o---o---o---o---o---o "next"
+ / / / /
+ / a---a---b A / /
+ / / / /
+ / / c---c---c---c B /
+ / / / \ /
+ / / / b---b C \ /
+ / / / / \ /
+ ---o---o---o---o---o---o---o---o---o---o---o "master"
+
+
+A, B and C are topic branches.
+
+ * A has one fix since it was merged up to "next".
+
+ * B has finished. It has been fully merged up to "master" and "next",
+ and is ready to be deleted.
+
+ * C has not merged to "next" at all.
+
+We would want to allow C to be rebased, refuse A, and encourage
+B to be deleted.
+
+To compute (1):
+
+ git rev-list ^master ^topic next
+ git rev-list ^master next
+
+ if these match, topic has not merged in next at all.
+
+To compute (2):
+
+ git rev-list master..topic
+
+ if this is empty, it is fully merged to "master".
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/prepare-commit-msg.sample
^
|
@@ -0,0 +1,36 @@
+#!/bin/sh
+#
+# An example hook script to prepare the commit log message.
+# Called by "git commit" with the name of the file that has the
+# commit message, followed by the description of the commit
+# message's source. The hook's purpose is to edit the commit
+# message file. If the hook fails with a non-zero status,
+# the commit is aborted.
+#
+# To enable this hook, rename this file to "prepare-commit-msg".
+
+# This hook includes three examples. The first comments out the
+# "Conflicts:" part of a merge commit.
+#
+# The second includes the output of "git diff --name-status -r"
+# into the message, just before the "git status" output. It is
+# commented because it doesn't cope with --amend or with squashed
+# commits.
+#
+# The third example adds a Signed-off-by line to the message, that can
+# still be edited. This is rarely a good idea.
+
+case "$2,$3" in
+ merge,)
+ /usr/bin/perl -i.bak -ne 's/^/# /, s/^# #/#/ if /^Conflicts/ .. /#/; print' "$1" ;;
+
+# ,|template,)
+# /usr/bin/perl -i.bak -pe '
+# print "\n" . `git diff --cached --name-status -r`
+# if /^#/ && $first++ == 0' "$1" ;;
+
+ *) ;;
+esac
+
+# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
+# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/update.sample
^
|
@@ -0,0 +1,128 @@
+#!/bin/sh
+#
+# An example hook script to blocks unannotated tags from entering.
+# Called by "git receive-pack" with arguments: refname sha1-old sha1-new
+#
+# To enable this hook, rename this file to "update".
+#
+# Config
+# ------
+# hooks.allowunannotated
+# This boolean sets whether unannotated tags will be allowed into the
+# repository. By default they won't be.
+# hooks.allowdeletetag
+# This boolean sets whether deleting tags will be allowed in the
+# repository. By default they won't be.
+# hooks.allowmodifytag
+# This boolean sets whether a tag may be modified after creation. By default
+# it won't be.
+# hooks.allowdeletebranch
+# This boolean sets whether deleting branches will be allowed in the
+# repository. By default they won't be.
+# hooks.denycreatebranch
+# This boolean sets whether remotely creating branches will be denied
+# in the repository. By default this is allowed.
+#
+
+# --- Command line
+refname="$1"
+oldrev="$2"
+newrev="$3"
+
+# --- Safety check
+if [ -z "$GIT_DIR" ]; then
+ echo "Don't run this script from the command line." >&2
+ echo " (if you want, you could supply GIT_DIR then run" >&2
+ echo " $0 <ref> <oldrev> <newrev>)" >&2
+ exit 1
+fi
+
+if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
+ echo "Usage: $0 <ref> <oldrev> <newrev>" >&2
+ exit 1
+fi
+
+# --- Config
+allowunannotated=$(git config --bool hooks.allowunannotated)
+allowdeletebranch=$(git config --bool hooks.allowdeletebranch)
+denycreatebranch=$(git config --bool hooks.denycreatebranch)
+allowdeletetag=$(git config --bool hooks.allowdeletetag)
+allowmodifytag=$(git config --bool hooks.allowmodifytag)
+
+# check for no description
+projectdesc=$(sed -e '1q' "$GIT_DIR/description")
+case "$projectdesc" in
+"Unnamed repository"* | "")
+ echo "*** Project description file hasn't been set" >&2
+ exit 1
+ ;;
+esac
+
+# --- Check types
+# if $newrev is 0000...0000, it's a commit to delete a ref.
+zero="0000000000000000000000000000000000000000"
+if [ "$newrev" = "$zero" ]; then
+ newrev_type=delete
+else
+ newrev_type=$(git cat-file -t $newrev)
+fi
+
+case "$refname","$newrev_type" in
+ refs/tags/*,commit)
+ # un-annotated tag
+ short_refname=${refname##refs/tags/}
+ if [ "$allowunannotated" != "true" ]; then
+ echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2
+ echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2
+ exit 1
+ fi
+ ;;
+ refs/tags/*,delete)
+ # delete tag
+ if [ "$allowdeletetag" != "true" ]; then
+ echo "*** Deleting a tag is not allowed in this repository" >&2
+ exit 1
+ fi
+ ;;
+ refs/tags/*,tag)
+ # annotated tag
+ if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1
+ then
+ echo "*** Tag '$refname' already exists." >&2
+ echo "*** Modifying a tag is not allowed in this repository." >&2
+ exit 1
+ fi
+ ;;
+ refs/heads/*,commit)
+ # branch
+ if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then
+ echo "*** Creating a branch is not allowed in this repository" >&2
+ exit 1
+ fi
+ ;;
+ refs/heads/*,delete)
+ # delete branch
+ if [ "$allowdeletebranch" != "true" ]; then
+ echo "*** Deleting a branch is not allowed in this repository" >&2
+ exit 1
+ fi
+ ;;
+ refs/remotes/*,commit)
+ # tracking branch
+ ;;
+ refs/remotes/*,delete)
+ # delete tracking branch
+ if [ "$allowdeletebranch" != "true" ]; then
+ echo "*** Deleting a tracking branch is not allowed in this repository" >&2
+ exit 1
+ fi
+ ;;
+ *)
+ # Anything else (is there anything else?)
+ echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2
+ exit 1
+ ;;
+esac
+
+# --- Finished
+exit 0
|
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/index
^
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/info
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/info/exclude
^
|
@@ -0,0 +1,6 @@
+# git ls-files --others --exclude-from=.git/info/exclude
+# Lines that start with '#' are comments.
+# For a project mostly in C, the following would be a good set of
+# exclude patterns (uncomment them if you want to use them):
+# *.[oa]
+# *~
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/HEAD
^
|
@@ -0,0 +1 @@
+0000000000000000000000000000000000000000 5150993accb5edefa61d71e1c81ad8c02f515428 U-arrakis\jg <jg@arrakis.(none)> 1481905161 +0100 clone: from https://github.com/arut/nginx-rtmp-module.git
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/refs
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/refs/heads
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/refs/heads/master
^
|
@@ -0,0 +1 @@
+0000000000000000000000000000000000000000 5150993accb5edefa61d71e1c81ad8c02f515428 U-arrakis\jg <jg@arrakis.(none)> 1481905161 +0100 clone: from https://github.com/arut/nginx-rtmp-module.git
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/info
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/pack
^
|
+(directory)
|
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/pack/pack-3912c9200a41c4fbd876afb583ab7ecb4733401b.idx
^
|
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/pack/pack-3912c9200a41c4fbd876afb583ab7ecb4733401b.pack
^
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/packed-refs
^
|
@@ -0,0 +1,369 @@
+# pack-refs with: peeled
+406d3a9527e08ea148e7c10ffa4009e0e5070b11 refs/remotes/origin/access-log
+e19ff641b06d3abd30b3bad5cfb491d158835713 refs/remotes/origin/aggregate
+eee52d83c4bdafe712685be06822acb051d407a7 refs/remotes/origin/async-client-handshake
+87686029aa2cfddfea765c626be7161981583482 refs/remotes/origin/atc
+3d5f6df7311594b051fdd26d3ae120d4ae708bb4 refs/remotes/origin/atc-only
+3c2e29f215fb09e5b4cb29040d1e5e092ce73849 refs/remotes/origin/auto-push
+f39d3f66a3ea6bb15b50737b90004b12056a3ad1 refs/remotes/origin/avc-parser
+205664d8c5e040a61b36ae0b74ddf17bc16d2150 refs/remotes/origin/big-endian
+10bcbf0e8daf38e3f3569ba84050f85fd46dd2d0 refs/remotes/origin/big-hls-buffer
+fad4f4717b47ab368d80ff480f2889631edc6521 refs/remotes/origin/big-nal-buffer
+f6ccfb6fa1d05d3babc1bb20ca7003802f85f2f0 refs/remotes/origin/chunksizefix
+d9579d627d727d8ad5edd2a0054f66324bebd459 refs/remotes/origin/close-stream
+aeae84bf8babcd7130f71b5941834eeb4fafa61a refs/remotes/origin/cmd-handler-init
+ebc47f03a43758c4f44ae90c193f4111f9ab1e16 refs/remotes/origin/codec
+cb4623aa4f7e6c2d1cb4c9c9f55ea6107f3a3985 refs/remotes/origin/const-fix
+0b757e8a49480a88f5e051f6590f25e6c4de3288 refs/remotes/origin/control
+ef424df677eb545ba5277649ee99fbea7e38bb55 refs/remotes/origin/control-director
+5e5dd797c2307b40a11409df806f07a427b3cd57 refs/remotes/origin/control-redirect
+b07e0e2dee3a2019dc2be34591b1c4e27730b2a0 refs/remotes/origin/dash
+e8081fd94f1d7ae4483f0a5ca002af8a79d447eb refs/remotes/origin/dash-discont
+fe4877f2168e7e62d6a45cb26708d662f0416961 refs/remotes/origin/dash-timeline
+39717828d67359329797d0ab5f297162b5d5e248 refs/remotes/origin/default-buflen
+90f985fa2f015e8bdfe92a9b57a5d04b779d7be1 refs/remotes/origin/defclose
+63d19ada51b6a1932e1cd73d9895a08cb1ae7827 refs/remotes/origin/drop-old-publisher
+6c79085d5c4203d11d9aa53d456ef7195de8cdc4 refs/remotes/origin/drop-restart
+fe8bf2d6974834ab346b82533151bc953fdfaa7b refs/remotes/origin/drop-restart-mstat
+52c2ef3f91569c3b1c10a40fd1bf56bb4dc1d9de refs/remotes/origin/enotify
+57a96ac2bc1812188aa81237ad582ca115f4391f refs/remotes/origin/envivo-fix
+87686029aa2cfddfea765c626be7161981583482 refs/remotes/origin/exec-fix
+67aa7d5d0da67a43683e8b05467afbdff5622532 refs/remotes/origin/exec-init
+f79aa206ec572c225c8bd32b5c2b1d7cc5ede692 refs/remotes/origin/exec-logging
+b62651efbdcaa77f7836ef5c52ddccfdf9ca473f refs/remotes/origin/exec-pull
+a6913ea68ad017eff14d098f4086c5dafae12af6 refs/remotes/origin/exec-pull-ext
+8c39b37131d150f152aa21a03f076501f39bf4a1 refs/remotes/origin/exec-static
+5e55f62b88f439dc1fbe311060bef53dfcfbc42e refs/remotes/origin/fast-start
+0210f7ca83f8fd65261c4b9040743edf30a258fc refs/remotes/origin/flv-append-fix
+fac68de376a2e20aed5627681ffc90d6374bf295 refs/remotes/origin/flv-header-mask
+b31539ce95d2f84ce8be22b9d11cb4abcd3cb90a refs/remotes/origin/fmle-reset-byte-counter
+990222d643b30a3c9e0db31209416ae9b47e16d3 refs/remotes/origin/fmle-time-fix
+cbccd06babfc66ab920e7e2331d125516715f709 refs/remotes/origin/freebsd-auto-push
+6f2808c7d11564e2269e9f64b9671f8c080c893d refs/remotes/origin/get-notify
+12a0d39bed54bfb3c30272d8d1328d74378853ce refs/remotes/origin/gh-pages
+76211a4bd254e5145d38c0275ad790dc9fac8fd4 refs/remotes/origin/good-logger
+ec282438514e88f7267653728b42c77e3df23bc3 refs/remotes/origin/handshakefix
+d34c6393f6ff22ef6cff6cb2c4ef7c1fe6cd35fa refs/remotes/origin/hls-async-delete
+49a3ee0dc6d5b85fe1164995c8d94424a0971838 refs/remotes/origin/hls-base-url
+4906e816bec876e3e81b129622de3f5e430dcc32 refs/remotes/origin/hls-continuous
+764a039c5856bb8bfb251ff15f4c95cf1c82e54b refs/remotes/origin/hls-debug
+a43bafe3de4641268d04f9105f6ef409abb8ede2 refs/remotes/origin/hls-discont-fix
+8acacd0d7906820039bc5e1e22a4ba332caada3e refs/remotes/origin/hls-encrypt
+7500b4bd90fc942468f94dd3a12dbcdf9c3199a6 refs/remotes/origin/hls-encrypt-auto
+78dcfbcc359f8275a55b7a14d6228e9928c75816 refs/remotes/origin/hls-ensure-directory
+737ea5ce34c8270479811acfacba02112e202625 refs/remotes/origin/hls-event
+546c42efeb910fb6b7b592293f5737324ddd606a refs/remotes/origin/hls-granularity
+2ed36a2611c1674d495f754ef3066c4a8bf98aa3 refs/remotes/origin/hls-nocache
+21174b2ee743c9ea1a0bccb46436c56c871febd3 refs/remotes/origin/hls-nocrackle
+6298aa7e1d95df8b806a262196a6589159284c74 refs/remotes/origin/hls-offset-fix
+059dba448ddeed901d06f825ed84e5e85c0f64cc refs/remotes/origin/hls-read-playlist
+0aaf2a625903ba6d4d9e1e761a0e866215149994 refs/remotes/origin/hls-restart
+2bb16425da9b593f5f9568f7c91bf06a5a1012f1 refs/remotes/origin/hls-restart-on-audio
+3d54d69e252bb537dc8fb03cc96ada084bd5da8d refs/remotes/origin/hls-trailer
+4ff1bd09fcbd8a77618bd528fd8d32fb72bd2661 refs/remotes/origin/hls-ts-discont
+2f1091679b60b8741e59f257ac2c59905cec8206 refs/remotes/origin/hls-variant
+dc698edf242a1ba6d806571e2b32e50fb4d6fcae refs/remotes/origin/hlslight
+7b88858b44371ae03d29052fe6d398750fba851e refs/remotes/origin/http
+050a4e7586552003baff9dd920d28d51eaf8ab22 refs/remotes/origin/idle-streams
+3fc1598db94b234b2ec5f368c34c5d3e877040a0 refs/remotes/origin/init_queue
+d9d749af5b156ea2b4623f7e8d0efa5139885924 refs/remotes/origin/interleave
+5150993accb5edefa61d71e1c81ad8c02f515428 refs/remotes/origin/master
+67443c28b4aff60023ce143475c2d287c264f2f7 refs/remotes/origin/meta-copy
+266e206afcda93cf2880e660fb796eb99fb6df6c refs/remotes/origin/mixed-codecs
+58491f8feddbe801557704dd1d1ac9d0950cdf3f refs/remotes/origin/mp4
+af5703b35756667eb008bdffb22626616bbae020 refs/remotes/origin/mp4-choose-track
+3f9451fdfd2707e91536bb3b942cd0a8202ebc31 refs/remotes/origin/mpeg-dash
+05a23dbc8b8a23bcb49ea71978239ab1e2e79d5d refs/remotes/origin/mstat
+cbe760aa8ad43d3908b7c9408d7f3946747981b1 refs/remotes/origin/msvc-fix1
+4ec43349ad5e16a9216844430695a3479ff6d558 refs/remotes/origin/multi-pull
+004accda9aef265eb1b4df39846156e6892d6a30 refs/remotes/origin/multi-record
+41515325899813d996e092ce4219204cec56ae3a refs/remotes/origin/multiplay
+4ec43349ad5e16a9216844430695a3479ff6d558 refs/remotes/origin/multipull
+1894d333aa9fd76e857532efe6c64d343df137e7 refs/remotes/origin/native-hls
+e22ca286044d343745a4a28b15c6298f80a9fb61 refs/remotes/origin/native-hls-rr
+b5461f61c6833aee803b5134f2285aa652978e09 refs/remotes/origin/new-live
+903abb6646153c9eca2697727231d46804a0c1b7 refs/remotes/origin/new-live2
+02dd440a25097e8528d9cdfa85132b6920649547 refs/remotes/origin/new-live3
+22de95e634b92e23eae85134c05e54c98404e34f refs/remotes/origin/new-relay
+7b5c5e99327c19600ab2bab89960ba217be52949 refs/remotes/origin/new-stat
+591d7f5f3f0a2381f466f578a768ff19344cfbb0 refs/remotes/origin/newhandshake
+cbaff8f1df7c7eabc9474909104f8f4f05324930 refs/remotes/origin/notify-addr
+7f7fcc8d5c0e8468db2b37de9a4ef3ec392c52a7 refs/remotes/origin/notify-redirect
+8d28f7f1de08a81ce356f55c6e29141369bf7aec refs/remotes/origin/notify-redirect-md5
+58bd6029463c79347d45be4488a3786abe5cebb8 refs/remotes/origin/notify-relay
+f89bbae2354ea09cb5d8b04d24ba4df8415e7f09 refs/remotes/origin/on-connect
+62e03d710cd02043156ac86da3b07e5186c78e11 refs/remotes/origin/on-update
+15405e8edde4db9e3c6b56c3a17edbf7dcd974f0 refs/remotes/origin/optsend
+9788b1a5309d40809df6832e81593392f3b381a2 refs/remotes/origin/out-metadata
+2fdec454604b76b40d322b83106ec1a35b98dfce refs/remotes/origin/out-queue-settings
+0478c4445f26f55d33e360a91a7ab4cd57f44f3b refs/remotes/origin/pause
+940ff260099958edf27eb11fe0b959e881fd5dfa refs/remotes/origin/peer-timestamp
+067c73710d15f046945ada24d5ca25d50b2751c7 refs/remotes/origin/play-publish-done
+5d3189ad97c87bbdac9fb455f7505d0d4d5eb058 refs/remotes/origin/play-seek
+8a8f28f3b67d0177f79e754c478e845bac70eb58 refs/remotes/origin/play2
+521f8998b0cf1e197152655b214285ebde974fd3 refs/remotes/origin/play2-continue
+3e25f91004b83c1a1fa25a8993cdd691f65bf658 refs/remotes/origin/postconf-handler-init
+4ec43349ad5e16a9216844430695a3479ff6d558 refs/remotes/origin/preemption
+a72e33ea411ed5f55df04ea9ab9dfceb09137642 refs/remotes/origin/proxy-protocol
+6ab14605ba4a410b39916543302a9a9eb4d19698 refs/remotes/origin/publish-optional-type
+1c2470975e4f23742d3e468649c2ad2bbfb77e7f refs/remotes/origin/publish-time-fix2
+dbc3ac2438757b23a65e1612c36b5691e7173585 refs/remotes/origin/push-reconnect
+0b6a84b0b829c6794c0635dd30a2aa6712417c8f refs/remotes/origin/record-append
+abc2704db1193bd993b886463063059d1ff5050e refs/remotes/origin/record-done
+8658d99529384a487113bb9b80aaffd7714f16a7 refs/remotes/origin/record-keyframes
+9b3471d79f43382db134b407cfce4f5b4ee24ae0 refs/remotes/origin/record-lock
+f79aa206ec572c225c8bd32b5c2b1d7cc5ede692 refs/remotes/origin/record-name-format
+bff1c355ec7db875972da6682e2553d65ac847ad refs/remotes/origin/record-notify
+b69efd3e94113f627f25d0ab67fcd1036eab5fb1 refs/remotes/origin/reentrant-relay
+1f9072bbe69e015021a31784b3ac66f0b296c911 refs/remotes/origin/relay
+c9973fc68a91284c632f3afb736303d6402f6c4e refs/remotes/origin/relay-vars
+7aa513cfcd5fd345ea477ea582faa8858628974d refs/remotes/origin/reltime
+de2a4258d77aecdc2fab34b5857ca4529b1fe0ba refs/remotes/origin/remote-redirect
+60038b6ea15ae34dc1f177625adc73ddb39eb984 refs/remotes/origin/rooms
+35753c5f6221c31edad65a2f70802b856e642fe3 refs/remotes/origin/rooms2
+4a1358723a7ce288aeec9583da97166c260b38dd refs/remotes/origin/rtmp-ads
+71f92aca8d631cbc800c8eed235535e0b0a52991 refs/remotes/origin/safe-amf-parser
+87d1cebfe2822d75f9c97fe2487723029abc272a refs/remotes/origin/sample-access
+57dd1406bd59224eea4e0aabf9dbfe4c82e6be9a refs/remotes/origin/session-relay
+22de95e634b92e23eae85134c05e54c98404e34f refs/remotes/origin/shared-live-streams
+5d7a5ea535ed40e7a9459967dc607bb52b10db12 refs/remotes/origin/shared_record
+18e4762db29139ada9c8be4b36070005e8d01efc refs/remotes/origin/smart-drop
+a8d148473db0fe5fb17e5e7527a3cafcfafb1fff refs/remotes/origin/smartos-compilation-fix
+2cff2a58210c2f964f4d2ee76a8461fb81e28610 refs/remotes/origin/stat-no-underline
+e3be78bc6b6f91fea27ba235a6393dee50817bcf refs/remotes/origin/stat-redesign
+3bd60857bd5ea2f3024e7de248bdc3d64b58859d refs/remotes/origin/static-relay
+7a35372e30dca2a10c843219597bc4bc481fdda0 refs/remotes/origin/static-relay-cleanup
+882b4f15b287b3e313088a67b2a4a543fbb6511d refs/remotes/origin/static-relay2
+ac13bbf1af345532a009a88d93ac4b7869ffe456 refs/remotes/origin/sync
+9b4725a01a9615dfa7133d659ff936bd69e91345 refs/remotes/origin/sync-atc
+7fbfb36440d99786f3c4ecc723ae61fcdedc3ce5 refs/remotes/origin/sync-atc-fmle
+466c1fdf168646d57f0f43c463ad524143917e01 refs/remotes/origin/sync-atc-fmle2
+93b669273561ebd80fbf106b8b482d28a4377b81 refs/remotes/origin/sync-enotify
+c8ad56e2d232933453d54767db55e96e00dd3d6c refs/remotes/origin/video-key
+6ad152ee4c43238bd6a9f71f36b8e5a1757909a0 refs/remotes/origin/video-on-demand
+b6194ed6e6a01ce14026c1778148db61a9a6765e refs/remotes/origin/virtual
+4adc5f7487b0bb27cf027c3e792b00821ad30ada refs/remotes/origin/vod-http
+0f337fe9a482e3da10ca7e8055ae1d8a2ccb9037 refs/remotes/origin/vod-sample-access
+98d959ac5374bd14123f53318e6c8a8d481ffd92 refs/remotes/origin/vod-seek
+770e67b1f33134c7db41e99f27ef167b16be8032 refs/remotes/origin/vod-stat
+5db5d5af24af798f698fcc0f6eeecbac52932139 refs/remotes/origin/vod-stat2
+658f5ec639e290476f19eb91f371e2bf453616c0 refs/remotes/origin/win
+289ee42c53f49728eb134f2226a2ef9ca7a32414 refs/remotes/origin/win1
+92d4c071d91b9de67e7293efcb72ad97c28285a7 refs/tags/freebsd-native-hls
+^1894d333aa9fd76e857532efe6c64d343df137e7
+316b05d54e7e290546872cb26ad5b431b2a935af refs/tags/v0.0.1
+^eda826a386f10109816c57db9ed0908bdca92330
+2ba5b409dfac19e28befd698e0e03ea8f3799517 refs/tags/v0.0.10
+^d943d519754d1c08073298114807a8afb154d07f
+f00415d4264d303b1a2771a3c6a36c026217e000 refs/tags/v0.0.11
+^bcd601832a0a2dc968621e065f1dbeaa14b77bb6
+3080d5f1e2f6e7b4da23585fb538152cbe91bf77 refs/tags/v0.0.12
+^caec91b85772dc5e078a3152cb6ed436c26bfbc3
+740f8034ec343eeab3c19c5e777fc1af05af12e5 refs/tags/v0.0.13
+^d3c5ad11969c6bfba083a33c5c7540d79692ab0a
+18719a9ae0332480c80acac56b54e87b6131f46c refs/tags/v0.0.14
+^cf1976cd05a6e73cdf5fb1506f84508a297688b6
+903e750ce238efa3cde37a40a00c83d0efa7190b refs/tags/v0.0.15
+^6295147db1d44c9e8430b09cf2bf3d0a43c16b56
+93cd6b10d401382dfc8f740dd8e995fc5241eacc refs/tags/v0.0.16
+^359c346d3516403f5545dac0e9d8fe57ff09238e
+88536319dc71fa9e8202eb000dcce7f1aa864321 refs/tags/v0.0.17
+^15405e8edde4db9e3c6b56c3a17edbf7dcd974f0
+6eba477d8578b5c488e034ab25d45e34e30636f5 refs/tags/v0.0.2
+^8204245eb223290cfed21f6748860a4bec510ed1
+4793210ff635d428fc37692d88a1107e32f3839e refs/tags/v0.0.3
+^96ebed857347b368cb78749de3515797eb0d9364
+110118d72aa68bced1a7da6d427c4a1473153f8b refs/tags/v0.0.4
+^b9ee8dbe097b2ab9cd60786c1cfa9a48237c51dd
+49d4548bbc229885290915256d3b75f5d0b2863e refs/tags/v0.0.5
+^1e9a7e6efcd6990662f41e54587f27ab3f28ba87
+1c620f4121a3c4c64ccc71ca9a3aee100b702221 refs/tags/v0.0.6
+^3980a5923715131c8ac011410e63250ef5d13c93
+dbad1b31d510f290c5ebac4f073f5b7c3ef97e04 refs/tags/v0.0.7
+^7b70e9241327b93d04554cd7b8d2eeadb2acc4e6
+41ca3077bdbd20c2ddefdcc5f03a26b9ab6c358b refs/tags/v0.0.8
+^e563c3146e31eb8ce48634262435978bab26f7f0
+dc702ef73579582157563de257bf906d5ac77e18 refs/tags/v0.0.9
+^31d18ed4478684571476aed6125e942bfc738d77
+e2dcb0bea3859e6a66a7601356a7d90434d5ef4f refs/tags/v0.1.0
+^c61d7ac56f4895dc3f0513344b45d74943d4da19
+a0e0796bff7e6a33181d4cb6a1981a9889cf791c refs/tags/v0.1.1
+^f6ccfb6fa1d05d3babc1bb20ca7003802f85f2f0
+80db4c48b3cc30ad12112b5bde3831520c81a92a refs/tags/v0.1.10
+^88346934e51595118518957553316afda5a8b771
+b103795c7f1f41a51451dace848f8de085d59840 refs/tags/v0.1.11
+^45cd9825a2bb882c3b65a9c1139342bc59e40750
+8c8410a1def03c6f535110352398a0fc463d08f8 refs/tags/v0.1.12
+^63c4269a9146370db970894512523b9f3893ffad
+951872e641cbebbd925c17cb8e8cc8a0289fe9cd refs/tags/v0.1.13
+^1719ef4433de03e8d95be7838a933326d717f1ee
+6432ba9937589a7bbd58975d2e253a65e433e17b refs/tags/v0.1.14
+^fa3630d63d77ec4e6dcfa14a88afb5804b1b3596
+4b89a9819cc22c6ca1852613c518e0f400c6c048 refs/tags/v0.1.15
+^8def5f394543b822b6b450e79bdbf9a73f1d0a99
+40d6554b7196933e96aff91bba15f6b31c99dedb refs/tags/v0.1.2
+^4e713b75e8e3cd8f5456303e2f7f4803776f33de
+a33ca7451cbd32dc2f43e01b3b87552f055a56ae refs/tags/v0.1.3
+^d82c16499de14965ff1259c457b33b5a81614c40
+dd9683b203e09b13d08e717e20304060c1d320cb refs/tags/v0.1.4
+^a4f48c5baa427c9d9093c0ceee339820c2167624
+d216f3dd61f67da413503b492af4b1f5c3e58451 refs/tags/v0.1.5
+^32279ddf26a9d9e0f34ff62d460bf4c1b14e2088
+2dab9cce52024dbf7ae3273770e159e73db21618 refs/tags/v0.1.6
+^49382c826b041589badb32b5f5f512592405a736
+c83a64c91d926c1bc5ac35036d49c31f87165466 refs/tags/v0.1.7
+^63e19f8d67d4f442f2700103c4d8ee9d137c0116
+0ab4039b703078ddacd4e70adc67b99efd946de3 refs/tags/v0.1.8
+^4bb48483be9d91a74a2efd5cb80fa136918ae466
+c9d359554132dc807d599b8d28b3193c8e37d841 refs/tags/v0.1.9
+^6143abc41803be6da47bfc4e15bbfe1d315de832
+4d20bb15480652145358c20f444f77ddbe2eeac6 refs/tags/v0.2.0
+^eb4e9e8d9033cb7c1775eec114cd7b90af26b047
+9df13315600aa2752fc99e80fb8b73a78e0f0fbf refs/tags/v0.2.1
+^1a2a8e2867f4d1cd64853bc49af9e725ee7f8343
+7e8b090de600016d965d3080b0cd6bc81eb60f67 refs/tags/v0.2.2
+^4e475cccb507951e5091f0ff5f1d4ef1903fd439
+f7f24bade80cca3a09e7286f250bb464cfab2df1 refs/tags/v0.2.3
+^295551947a187a265e5c60e6cccdf4c894a21e24
+2bf2e04da1cd97187612ba73ce9010c96393b76a refs/tags/v0.3.0
+^58491f8feddbe801557704dd1d1ac9d0950cdf3f
+aded30326d7e233283346dab1258d4fdf69c31e7 refs/tags/v0.4.0
+^3c2e29f215fb09e5b4cb29040d1e5e092ce73849
+3381f10c50c161b0350ca8030535a97f43977940 refs/tags/v0.4.1
+^067c73710d15f046945ada24d5ca25d50b2751c7
+943ca88b8160225ef8decfab7aa3c6ba40c012a7 refs/tags/v0.4.2
+^ff247dafff1cab945c85ceefcf97d76fa1972c0e
+2864097d4bf7e81a95bc85d133121beaf8262fc9 refs/tags/v0.4.3
+^ed5f06db8a90746059730fe8b55cf9ddc64ca67e
+ed9bef4dc07d34078749b79d072cde59f385084a refs/tags/v0.5.0
+^abc2704db1193bd993b886463063059d1ff5050e
+eb94d37c69842eb563fa3e7c9cc286cc942fd2e8 refs/tags/v0.5.1
+^6485716fb4734d5fc25ba12d849e2dedab63707d
+0b020f1757f052a24a4d4c2061fcc4f8e1dbd440 refs/tags/v0.5.2
+^87686029aa2cfddfea765c626be7161981583482
+053bdc9277034a6db7edcc3d46c042ab8c62989b refs/tags/v0.5.3
+^cc632eb6b683eacdced09bfbe905e510779d5efc
+307f468efdffa4ad07e79c0e39eab9f9eb195307 refs/tags/v0.5.4
+^bff1c355ec7db875972da6682e2553d65ac847ad
+98438d54995ad4d11d7a020ff6b77919ca368448 refs/tags/v0.6.0
+^72d175ed7f5dfb4874ac6e002b737d866a0553d7
+f1eeb39f851366614b7dc1afa1fba21e1595475f refs/tags/v0.6.1
+^21174b2ee743c9ea1a0bccb46436c56c871febd3
+2b20008d1f3cb4b357d74ee288e2c00ac801d415 refs/tags/v0.6.2
+^795c1538a3602d5eedf7617c6d13c775721a66b9
+6b1f2547203b946cbac8c60bd86e5f04ad1a9a1d refs/tags/v0.6.3
+^c86e30fd270103b00c244f136c8780fb3a51b921
+d623935695e9ac6418a1baa24283bd35a42fef81 refs/tags/v0.6.4
+^f65f07deb32565b144e22faece57638f8961d62f
+d3a7be773484e670119dfa20ff56cb0a91a8554f refs/tags/v0.6.5
+^4adc5f7487b0bb27cf027c3e792b00821ad30ada
+293ebabd1220ec4615e2eb89d19ca3e7a381d1a3 refs/tags/v0.7.0
+^101b43a478bb44018733e75a3bf3b1f8adc5b2e5
+4b12afb07c889648864458c3a6096dc274c7420e refs/tags/v0.7.1
+^98d959ac5374bd14123f53318e6c8a8d481ffd92
+eb5ccb5fb1f735b82da3a43ee0d8d398bd932840 refs/tags/v0.7.2
+^6f2808c7d11564e2269e9f64b9671f8c080c893d
+23fe9e844ecafd18a5d713618a36fb68846db951 refs/tags/v0.7.3
+^62e03d710cd02043156ac86da3b07e5186c78e11
+09b1e2bab6467a8d50e37939b4d1fc0b9777adfd refs/tags/v0.7.4
+^696e488ecb089236a297939248d4616d4665d347
+fa8752466e94879be074386c2f0420640cec3b41 refs/tags/v0.8.0
+^02dd440a25097e8528d9cdfa85132b6920649547
+7c3df8e2c78a85ef7f5d2e8f100e5f54573c71c7 refs/tags/v0.8.1
+^9f4296c08382b1374018346cce3bb5d40036f47a
+f8899c67c2508ded911a93117b3186df6df631bd refs/tags/v0.8.2
+^ac924d7f940f05063d7ef0503aa7f3a1576bf380
+683a29d4d0a536b6a97c07d1deeacb8cc11a6af7 refs/tags/v0.8.3
+^3d54d69e252bb537dc8fb03cc96ada084bd5da8d
+2aeefa379b700de0c9c1b4ed94e186e0d1d1a580 refs/tags/v0.8.4
+^f2f28cbe487883caed333ffb4f5f7942bed64c09
+5ea2a003691a63630e6c1d492c96d6581338efb8 refs/tags/v0.8.5
+^bd562e4ff7c10cad71711828548cbb584bd4a80b
+11ee9f81e8b8a077113cdf96d655d7cf9961a03d refs/tags/v0.8.6
+^e5e5766ebb51e1c36b6804fe0ddc02ee8ca19cc6
+544c73b3b27c93df0d61172c62a7eee2e8252953 refs/tags/v0.8.7
+^3eaa43a7a327646acdebe87000422c6fd086adbe
+83055d17d104c267aeebda070246b0917dbfffb2 refs/tags/v0.9.0
+^406d3a9527e08ea148e7c10ffa4009e0e5070b11
+37a1511c0e7c6a1a522bab7355289a71a7876ad2 refs/tags/v0.9.1
+^ea65ac688cdd89dad65bcdc3b62d5e152b47f1ec
+ee0df070f78e83f3857301aa0e4340c15743403d refs/tags/v0.9.10
+^6923889e5386abad1aa07e2c29462fc469d3a5d4
+cb5e1df91a1b8d020de63d6cbbacd9f74097a375 refs/tags/v0.9.11
+^3aa528fccd2c3500b2eeafa6589c3f8f07564186
+6d328d3291833a9991cb27df45d1c82cfc3bc5fb refs/tags/v0.9.12
+^11e3f53fd259f0297a4d8f440afceb8395b45622
+b63100856c3a795440047324aaf863c6339e859f refs/tags/v0.9.13
+^0a8f0ee6c560edc032f66a25d527e9cd7ed6b62b
+e13bcdadf3b57f91e8eca678846480522eb214ba refs/tags/v0.9.14
+^612fc4dd7514b3da2ac774a6daeb7baa60314f36
+1c92b49d30e7215483d5c0c038da2d09d6ac1d16 refs/tags/v0.9.15
+^7b5c5e99327c19600ab2bab89960ba217be52949
+bc3fe7a8ebf166e5187f7bac00c70e40a9b192fe refs/tags/v0.9.16
+^c0fc4bbdccf1d328eaa098f3287e427e369517c0
+d5288d89f8c1e1c8c82218a23deedfabb845fa1c refs/tags/v0.9.17
+^f79aa206ec572c225c8bd32b5c2b1d7cc5ede692
+bce7ea3e62682b29d61d56cc6bcc0e794857d557 refs/tags/v0.9.18
+^c61e99a36878fc618e29633db0e9652be13f6284
+39cb7ca0a51e7e4bfc400b285141a71ac7b565c7 refs/tags/v0.9.19
+^a47b23204b43d5b823feeb52b0c868b2c96847ca
+43dd6489282d965072eb48479af5e8d90ac6ad38 refs/tags/v0.9.2
+^af5703b35756667eb008bdffb22626616bbae020
+73e60038c62b281fd0e4ff5565f35797fed46a1a refs/tags/v0.9.20
+^e29e64ed7d262904d22ce0a708e67cc02115f497
+828fcd80c23df5caf0b7fdbf897ba45a92f3dce7 refs/tags/v0.9.3
+^aeae84bf8babcd7130f71b5941834eeb4fafa61a
+31f684d189aec37550e82e4c7cf3ac751a781ade refs/tags/v0.9.4
+^f358a2e8f9269afef85d82549de4945942b39d6c
+63540cc06386523c08857cf435ad9c2f6daaef8a refs/tags/v0.9.5
+^c0ad999f37675dd1bbed11d901f34259827bb405
+e7fe15e6ca0cb0f81ec42b5b309ce6f720525193 refs/tags/v0.9.6
+^5325df0135c467d21cf93cd5c5df6af60a87a9e8
+0dda255fe75318707bb20e0078ace6da1f160cd2 refs/tags/v0.9.7
+^138c330da2ace7617af3c6b671fbee049f387fb7
+568ce8f0a850d3d7e00c33247edffe366cff0d51 refs/tags/v0.9.8
+^6903ac23e430b4170b108bb2f631562560c37fe0
+2d5bc52527e46171d2e2a7c4d9c87fa2a4e39fee refs/tags/v0.9.9
+^af8446a0985ba76873c25a6aae5125e47c7a3194
+d27f964d1f45d546419795b058fea60f3f1f21ab refs/tags/v1.0.0
+^613234b866fd08ea2221d183edfd9eb6d8a8bf4d
+421d9ff41f699cc344845df9869dccff0ce4ad86 refs/tags/v1.0.1
+^cbe760aa8ad43d3908b7c9408d7f3946747981b1
+e1ec6d2f08937878a985bfa7d4f49e93312dc7e0 refs/tags/v1.0.2
+^6b92cd6b29ddeea5a113b6e5d8d854b6986e3fd1
+7749d54fb000641dfa6c8eebfb8765175f187a13 refs/tags/v1.0.3
+^7b4df729c1c4d86589f8ccadc0bd20ee733416f9
+aaeca4ff01f858cd719ea5b86eef7dcc3ba259ca refs/tags/v1.0.4
+^67443c28b4aff60023ce143475c2d287c264f2f7
+d7e1af79c4d152d16bcacfcd2ca18d58e6b3201b refs/tags/v1.0.5
+^737ea5ce34c8270479811acfacba02112e202625
+0acf1123a044c8afd68112387712abd59e45a2eb refs/tags/v1.0.6
+^1cfb7aeb582789f3b15a03da5b662d1811e2a3f1
+bd4f1b4cf7c58e55298c326184e5ad1a15c3aff0 refs/tags/v1.0.7
+^995688b9cfea4fb01a5b8ad0e110fec0866e501c
+5beda43a6b388af5e7c1bcc55384163d97dcf836 refs/tags/v1.0.8
+^d01ffc0c88d9ce736be3dee99b4f9d3fcc07b685
+f792dab070dbdedc3b968483287fa59e6ae48a03 refs/tags/v1.0.9
+^471d299f5d5348dfbba6132779587553c3a709a7
+a08c7835b05e2bd816efb1f8036cb7c9bf59b906 refs/tags/v1.1.0
+^8542e21e17587ee2e928cdfedc1cb82996df7719
+e9d11158cb1b18a0631a94c4e8599c0f8c64adb7 refs/tags/v1.1.1
+^8608faad1e0b25c80b1f9b93439d6fd450db5c15
+cf710155b2666d2456a58a49dac1af4d93b215ce refs/tags/v1.1.10
+^5150993accb5edefa61d71e1c81ad8c02f515428
+2a721794867c76e9ac9e653e76da9503cbc9d60f refs/tags/v1.1.2
+^65cd61e43350c0de0a69103aed1ecf7f2b081ab8
+c130de320738a9ae084ba3d54f033c98e6e82d65 refs/tags/v1.1.3
+^6f768dc4eb2a2cb7798e31c7465af77b94ca2733
+3fdbbcc01249d7a3f0559192debfe09f844aef6e refs/tags/v1.1.4
+^8c2229cce5d4d4574e8fb7b130281497f746f0fa
+28618cde22c864eef6ecdba9da636a2f2f611b20 refs/tags/v1.1.5
+^7500b4bd90fc942468f94dd3a12dbcdf9c3199a6
+1706bc84f5b0882dec6f1854d9054be7e3d12ab2 refs/tags/v1.1.6
+^7a35372e30dca2a10c843219597bc4bc481fdda0
+c0a5fb42c214d585a84967b2e172889d9278d325 refs/tags/v1.1.7
+^f62a0838064baf089ad9fe3c8f6f2ffe0775afb2
+1fe006d50fbca7537984fc080dd32906b9cb5455 refs/tags/v1.1.8
+^cb54ed4ac0994e36b92d21a51313af44ecdfdadd
+c7447b49ee18232dab330fadf6c2dfb5fa2bbfb2 refs/tags/v1.1.9
+^c0bf381d10de05c135f913921c58272838d5e1ee
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/heads
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/heads/master
^
|
@@ -0,0 +1 @@
+5150993accb5edefa61d71e1c81ad8c02f515428
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/remotes
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/remotes/origin
^
|
+(directory)
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/remotes/origin/HEAD
^
|
@@ -0,0 +1 @@
+ref: refs/remotes/origin/master
|
[-]
[+]
|
Added |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/tags
^
|
+(directory)
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/dash/ngx_rtmp_dash_module.c
^
|
@@ -52,7 +52,7 @@
ngx_str_t playlist_bak;
ngx_str_t name;
ngx_str_t stream;
- time_t start_time;
+ ngx_time_t start_time;
ngx_uint_t nfrags;
ngx_uint_t frag;
@@ -228,8 +228,8 @@
ngx_rtmp_dash_app_conf_t *dacf;
static u_char buffer[NGX_RTMP_DASH_BUFSIZE];
- static u_char start_time[sizeof("1970-09-28T12:00:00Z")];
- static u_char pub_time[sizeof("1970-09-28T12:00:00Z")];
+ static u_char start_time[sizeof("1970-09-28T12:00:00+06:00")];
+ static u_char end_time[sizeof("1970-09-28T12:00:00+06:00")];
dacf = ngx_rtmp_get_module_app_conf(s, ngx_rtmp_dash_module);
ctx = ngx_rtmp_get_module_ctx(s, ngx_rtmp_dash_module);
@@ -252,16 +252,18 @@
return NGX_ERROR;
}
+
#define NGX_RTMP_DASH_MANIFEST_HEADER \
"<?xml version=\"1.0\"?>\n" \
"<MPD\n" \
" type=\"dynamic\"\n" \
" xmlns=\"urn:mpeg:dash:schema:mpd:2011\"\n" \
" availabilityStartTime=\"%s\"\n" \
- " publishTime=\"%s\"\n" \
+ " availabilityEndTime=\"%s\"\n" \
" minimumUpdatePeriod=\"PT%uiS\"\n" \
" minBufferTime=\"PT%uiS\"\n" \
- " timeShiftBufferDepth=\"PT%uiS\"\n" \
+ " timeShiftBufferDepth=\"PT0H0M0.00S\"\n" \
+ " suggestedPresentationDelay=\"PT%uiS\"\n" \
" profiles=\"urn:hbbtv:dash:profile:isoff-live:2012," \
"urn:mpeg:dash:profile:isoff-live:2011\"\n" \
" xmlns:xsi=\"http://www.w3.org/2011/XMLSchema-instance\"\n" \
@@ -283,9 +285,11 @@
" width=\"%ui\"\n" \
" height=\"%ui\"\n" \
" frameRate=\"%ui\"\n" \
+ " sar=\"1:1\"\n" \
" startWithSAP=\"1\"\n" \
" bandwidth=\"%ui\">\n" \
" <SegmentTemplate\n" \
+ " presentationTimeOffset=\"0\"\n" \
" timescale=\"1000\"\n" \
" media=\"%V%s$Time$.m4v\"\n" \
" initialization=\"%V%sinit.m4v\">\n" \
@@ -319,6 +323,7 @@
" startWithSAP=\"1\"\n" \
" bandwidth=\"%ui\">\n" \
" <SegmentTemplate\n" \
+ " presentationTimeOffset=\"0\"\n" \
" timescale=\"1000\"\n" \
" media=\"%V%s$Time$.m4a\"\n" \
" initialization=\"%V%sinit.m4a\">\n" \
@@ -336,33 +341,38 @@
" </Period>\n" \
"</MPD>\n"
- ngx_libc_gmtime(ctx->start_time, &tm);
+ ngx_libc_localtime(ctx->start_time.sec +
+ ngx_rtmp_dash_get_frag(s, 0)->timestamp / 1000, &tm);
- ngx_sprintf(start_time, "%4d-%02d-%02dT%02d:%02d:%02dZ%Z",
- tm.tm_year + 1900, tm.tm_mon + 1,
- tm.tm_mday, tm.tm_hour,
- tm.tm_min, tm.tm_sec);
-
- ngx_libc_gmtime(ngx_time(), &tm);
-
- ngx_sprintf(pub_time, "%4d-%02d-%02dT%02d:%02d:%02dZ%Z",
- tm.tm_year + 1900, tm.tm_mon + 1,
- tm.tm_mday, tm.tm_hour,
- tm.tm_min, tm.tm_sec);
+ *ngx_sprintf(start_time, "%4d-%02d-%02dT%02d:%02d:%02d%c%02d:%02d",
+ tm.tm_year + 1900, tm.tm_mon + 1,
+ tm.tm_mday, tm.tm_hour,
+ tm.tm_min, tm.tm_sec,
+ ctx->start_time.gmtoff < 0 ? '-' : '+',
+ ngx_abs(ctx->start_time.gmtoff / 60),
+ ngx_abs(ctx->start_time.gmtoff % 60)) = 0;
+
+ ngx_libc_localtime(ctx->start_time.sec +
+ (ngx_rtmp_dash_get_frag(s, ctx->nfrags - 1)->timestamp +
+ ngx_rtmp_dash_get_frag(s, ctx->nfrags - 1)->duration) /
+ 1000, &tm);
+
+ *ngx_sprintf(end_time, "%4d-%02d-%02dT%02d:%02d:%02d%c%02d:%02d",
+ tm.tm_year + 1900, tm.tm_mon + 1,
+ tm.tm_mday, tm.tm_hour,
+ tm.tm_min, tm.tm_sec,
+ ctx->start_time.gmtoff < 0 ? '-' : '+',
+ ngx_abs(ctx->start_time.gmtoff / 60),
+ ngx_abs(ctx->start_time.gmtoff % 60)) = 0;
last = buffer + sizeof(buffer);
p = ngx_slprintf(buffer, last, NGX_RTMP_DASH_MANIFEST_HEADER,
start_time,
- pub_time,
+ end_time,
(ngx_uint_t) (dacf->fraglen / 1000),
(ngx_uint_t) (dacf->fraglen / 1000),
- (ngx_uint_t) (dacf->fraglen / 250 + 1));
-
- /*
- * timeShiftBufferDepth formula:
- * 2 * minBufferTime + max_fragment_length + 1
- */
+ (ngx_uint_t) (dacf->fraglen / 500));
n = ngx_write_fd(fd, buffer, p - buffer);
@@ -942,7 +952,7 @@
"dash: playlist='%V' playlist_bak='%V' stream_pattern='%V'",
&ctx->playlist, &ctx->playlist_bak, &ctx->stream);
- ctx->start_time = ngx_time();
+ ctx->start_time = *ngx_cached_time;
if (ngx_rtmp_dash_ensure_directory(s) != NGX_OK) {
return NGX_ERROR;
@@ -998,11 +1008,6 @@
f->duration = timestamp - f->timestamp;
hit = (f->duration >= dacf->fraglen);
- /* keep fragment lengths within 2x factor for dash.js */
- if (f->duration >= dacf->fraglen * 2) {
- boundary = 1;
- }
-
} else {
/* sometimes clients generate slightly unordered frames */
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/hls/ngx_rtmp_hls_module.c
^
|
@@ -1951,7 +1951,6 @@
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"hls: error appending AUD NAL");
}
- /* fall through */
case 9:
aud_sent = 1;
break;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp.h
^
|
@@ -135,8 +135,6 @@
#define NGX_RTMP_MSG_AGGREGATE 22
#define NGX_RTMP_MSG_MAX 22
-#define NGX_RTMP_MAX_CHUNK_SIZE 10485760
-
#define NGX_RTMP_CONNECT NGX_RTMP_MSG_MAX + 1
#define NGX_RTMP_DISCONNECT NGX_RTMP_MSG_MAX + 2
#define NGX_RTMP_HANDSHAKE_DONE NGX_RTMP_MSG_MAX + 3
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_access_module.c
^
|
@@ -410,8 +410,8 @@
break;
}
+ /* "all" passes through */
#endif
- /* fall through */
default: /* AF_INET */
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_amf.c
^
|
@@ -331,7 +331,6 @@
if (elts->type & NGX_RTMP_AMF_OPTIONAL) {
return NGX_OK;
}
- /* fall through */
case NGX_ERROR:
return NGX_ERROR;
}
@@ -399,7 +398,6 @@
if (ngx_rtmp_amf_get(ctx, &max_index, 4) != NGX_OK) {
return NGX_ERROR;
}
- /* fall through */
case NGX_RTMP_AMF_OBJECT:
if (ngx_rtmp_amf_read_object(ctx, data,
@@ -594,7 +592,6 @@
if (ngx_rtmp_amf_put(ctx, &max_index, 4) != NGX_OK) {
return NGX_ERROR;
}
- /* fall through */
case NGX_RTMP_AMF_OBJECT:
type8 = NGX_RTMP_AMF_END;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_eval.c
^
|
@@ -154,7 +154,6 @@
name.len = p - name.data;
ngx_rtmp_eval_append_var(ctx, &b, e, &name, log);
- /* fall through */
case NORMAL:
switch (c) {
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_handler.c
^
|
@@ -821,12 +821,6 @@
ngx_log_debug1(NGX_LOG_DEBUG_RTMP, s->connection->log, 0,
"setting chunk_size=%ui", size);
- if (size > NGX_RTMP_MAX_CHUNK_SIZE) {
- ngx_log_error(NGX_LOG_ALERT, s->connection->log, 0,
- "too big RTMP chunk size:%ui", size);
- return NGX_ERROR;
- }
-
cscf = ngx_rtmp_get_module_srv_conf(s, ngx_rtmp_core_module);
s->in_old_pool = s->in_pool;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_handshake.c
^
|
@@ -104,37 +104,30 @@
ngx_rtmp_make_digest(ngx_str_t *key, ngx_buf_t *src,
u_char *skip, u_char *dst, ngx_log_t *log)
{
- static HMAC_CTX *hmac;
+ static HMAC_CTX hmac;
+ static unsigned hmac_initialized;
unsigned int len;
- if (hmac == NULL) {
-#if OPENSSL_VERSION_NUMBER < 0x10100000L
- static HMAC_CTX shmac;
- hmac = &shmac;
- HMAC_CTX_init(hmac);
-#else
- hmac = HMAC_CTX_new();
- if (hmac == NULL) {
- return NGX_ERROR;
- }
-#endif
+ if (!hmac_initialized) {
+ HMAC_CTX_init(&hmac);
+ hmac_initialized = 1;
}
- HMAC_Init_ex(hmac, key->data, key->len, EVP_sha256(), NULL);
+ HMAC_Init_ex(&hmac, key->data, key->len, EVP_sha256(), NULL);
if (skip && src->pos <= skip && skip <= src->last) {
if (skip != src->pos) {
- HMAC_Update(hmac, src->pos, skip - src->pos);
+ HMAC_Update(&hmac, src->pos, skip - src->pos);
}
if (src->last != skip + NGX_RTMP_HANDSHAKE_KEYLEN) {
- HMAC_Update(hmac, skip + NGX_RTMP_HANDSHAKE_KEYLEN,
+ HMAC_Update(&hmac, skip + NGX_RTMP_HANDSHAKE_KEYLEN,
src->last - skip - NGX_RTMP_HANDSHAKE_KEYLEN);
}
} else {
- HMAC_Update(hmac, src->pos, src->last - src->pos);
+ HMAC_Update(&hmac, src->pos, src->last - src->pos);
}
- HMAC_Final(hmac, dst, &len);
+ HMAC_Final(&hmac, dst, &len);
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_init.c
^
|
@@ -79,7 +79,6 @@
case AF_UNIX:
unix_socket = 1;
- /* fall through */
default: /* AF_INET */
sin = (struct sockaddr_in *) sa;
@@ -111,7 +110,6 @@
case AF_UNIX:
unix_socket = 1;
- /* fall through */
default: /* AF_INET */
addr = port->addrs;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.1.15.tar.gz/ngx_rtmp_notify_module.c
^
|
@@ -892,7 +892,6 @@
n = 0;
state = parse_name;
- /* fall through */
case parse_name:
switch (c) {
@@ -920,7 +919,6 @@
break;
}
state = parse_value;
- /* fall through */
case parse_value:
if (c == '\n') {
|
|
Deleted |
nginx-rtmp-module-1.2.2.tar.gz
^
|
|
Added |
nginx_upstream_check_module-master.tar.gz
^
|
|
Deleted |
ngx_http_substitutions_filter_module-master.zip
^
|
|
Added |
ngx_pagespeed-1.12.34.2-stable.zip
^
|
|
Added |
ngx_pagespeed-1.12.34.3-stable.zip
^
|
|
Added |
ngx_pagespeed-1.13.35.1-beta.zip
^
|
|
Deleted |
ngx_pagespeed-1.13.35.2-stable.zip
^
|
|
Added |
ngx_pagespeed-latest-testing.zip
^
|
|
Added |
openssl-1.1.0c.tar.gz
^
|
|
Added |
openssl-1.1.0e.tar.gz
^
|
|
Added |
openssl-1.1.0f.tar.gz
^
|
|
Added |
openssl-1.1.0g.tar.gz
^
|
|
Added |
release-1.11.33.2-beta.zip
^
|
[-]
[+]
|
Added |
removed_link
^
|
@@ -0,0 +1,5 @@
+<link project="internetx:projects:http" baserev="237c0be32f188ec780a60222265cfcb9">
+ <patches>
+ <branch/>
+ </patches>
+</link>
|
[-]
[+]
|
Changed |
ssl-ciphersample
^
|
@@ -1,15 +1,3 @@
-## IX Examples from https://ssl-config.mozilla.org
-
-## intermediate configuration
-#ssl_protocols TLSv1.2 TLSv1.3;
-#ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
-#ssl_prefer_server_ciphers off;
-
-## modern configuration
-#ssl_protocols TLSv1.3;
-#ssl_prefer_server_ciphers off;
-
-## old configuration
-#ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
-#ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA;
-#ssl_prefer_server_ciphers on;
+ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ssl_ciphers EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5;
+ssl_prefer_server_ciphers on;
|
|
Added |
v1.10.33.6-beta.zip
^
|