applied the official patch for the nginx core to address the recent nginx security vulnerability CVE-2013-2070.

patches/nginx-1.2.7-cve-2013-2070.patch

@@ -0,0 +1,13 @@
+--- src/http/modules/ngx_http_proxy_module.c
++++ src/http/modules/ngx_http_proxy_module.c
+@@ -1865,6 +1865,10 @@ data:
+ 
+     }
+ 
++    if (ctx->size < 0 || ctx->length < 0) {
++        goto invalid;
++    }
++
+     return rc;
+ 
+ done:

patches/nginx-1.2.7-dtrace.patch

@@ -454,10 +454,10 @@ index efbc244..8d81aab 100644
  
 diff --git a/src/dtrace/nginx.stp b/src/dtrace/nginx.stp
 new file mode 100644
-index 0000000..8a5a54a
+index 0000000..4c228bd
 --- /dev/null
 +++ b/src/dtrace/nginx.stp
-@@ -0,0 +1,278 @@
+@@ -0,0 +1,288 @@
 +/* tapset for nginx */
 +
 +
@@ -598,6 +598,12 @@ index 0000000..8a5a54a
 +}
 +
 +
++function ngx_buf_last_in_chain(b)
++{
++    return @cast(b, "ngx_buf_t", "/home/agentzh/git/lua-nginx-module/work/nginx/sbin/nginx")->last_in_chain
++}
++
++
 +function ngx_buf_sync(b)
 +{
 +    return @cast(b, "ngx_buf_t", "/home/agentzh/git/lua-nginx-module/work/nginx/sbin/nginx")->sync
@@ -651,7 +657,11 @@ index 0000000..8a5a54a
 +        }
 +
 +        if (ngx_buf_last_buf(buf)) {
-+            out .= "<eof>"
++            out .= "<last_buf>"
++        }
++
++        if (ngx_buf_last_in_chain(buf)) {
++            out .= "<last_in_chain>"
 +        }
 +
 +        if (ngx_buf_sync(buf)) {

patches/nginx-1.2.7-nonbuffered-upstream-truncation.patch

@@ -1,63 +0,0 @@
---- nginx-1.2.7/src/http/ngx_http_upstream.c	2012-08-06 10:34:08.000000000 -0700
-+++ nginx-1.2.7-patched/src/http/ngx_http_upstream.c	2012-09-09 21:58:04.727761891 -0700
-@@ -2383,7 +2383,7 @@
- 
-     if (c->read->timedout) {
-         ngx_connection_error(c, NGX_ETIMEDOUT, "upstream timed out");
--        ngx_http_upstream_finalize_request(r, u, 0);
-+        ngx_http_upstream_finalize_request(r, u, NGX_HTTP_GATEWAY_TIME_OUT);
-         return;
-     }
- 
-@@ -2430,13 +2430,17 @@
-             if (u->busy_bufs == NULL) {
- 
-                 if (u->length == 0
--                    || upstream->read->eof
--                    || upstream->read->error)
-+                    || (upstream->read->eof && u->headers_in.content_length_n == -1))
-                 {
-                     ngx_http_upstream_finalize_request(r, u, 0);
-                     return;
-                 }
- 
-+                if (upstream->read->eof || upstream->read->error) {
-+                    ngx_http_upstream_finalize_request(r, u, NGX_HTTP_BAD_GATEWAY);
-+                    return;
-+                }
-+
-                 b->pos = b->start;
-                 b->last = b->start;
-             }
-@@ -2710,7 +2714,16 @@
- #if 0
-             ngx_http_busy_unlock(u->conf->busy_lock, &u->busy_lock);
- #endif
--            ngx_http_upstream_finalize_request(r, u, 0);
-+
-+            if (p->upstream_done
-+                || (p->upstream_eof && u->headers_in.content_length_n == -1))
-+            {
-+                ngx_http_upstream_finalize_request(r, u, 0);
-+
-+            } else {
-+                ngx_http_upstream_finalize_request(r, u, NGX_HTTP_BAD_GATEWAY);
-+            }
-+
-             return;
-         }
-     }
-@@ -3073,6 +3086,13 @@
-         && rc != NGX_HTTP_REQUEST_TIME_OUT
-         && (rc == NGX_ERROR || rc >= NGX_HTTP_SPECIAL_RESPONSE))
-     {
-+        if (rc == NGX_ERROR) {
-+            r->headers_out.status = NGX_HTTP_INTERNAL_SERVER_ERROR;
-+
-+        } else {
-+            r->headers_out.status = rc;
-+        }
-+
-         rc = 0;
-     }
- 

patches/nginx-1.2.7-run_posted_requests_in_resolver.patch

@@ -0,0 +1,46 @@
+diff -ruNp nginx-1.2.7/src/http/ngx_http_upstream.c nginx-1.2.7_zls/src/http/ngx_http_upstream.c
+--- nginx-1.2.7/src/http/ngx_http_upstream.c	2013-02-18 23:08:46.000000000 +0800
++++ nginx-1.2.7_zls/src/http/ngx_http_upstream.c	2013-03-13 00:01:01.490582380 +0800
+@@ -878,11 +878,13 @@ ngx_http_upstream_cache_send(ngx_http_re
+ static void
+ ngx_http_upstream_resolve_handler(ngx_resolver_ctx_t *ctx)
+ {
++    ngx_connection_t              *c;
+     ngx_http_request_t            *r;
+     ngx_http_upstream_t           *u;
+     ngx_http_upstream_resolved_t  *ur;
+ 
+     r = ctx->data;
++    c = r->connection;
+ 
+     u = r->upstream;
+     ur = u->resolved;
+@@ -894,7 +896,8 @@ ngx_http_upstream_resolve_handler(ngx_re
+                       ngx_resolver_strerror(ctx->state));
+ 
+         ngx_http_upstream_finalize_request(r, u, NGX_HTTP_BAD_GATEWAY);
+-        return;
++
++        goto posted_requests;
+     }
+ 
+     ur->naddrs = ctx->naddrs;
+@@ -919,13 +922,17 @@ ngx_http_upstream_resolve_handler(ngx_re
+     if (ngx_http_upstream_create_round_robin_peer(r, ur) != NGX_OK) {
+         ngx_http_upstream_finalize_request(r, u,
+                                            NGX_HTTP_INTERNAL_SERVER_ERROR);
+-        return;
++        goto posted_requests;
+     }
+ 
+     ngx_resolve_name_done(ctx);
+     ur->ctx = NULL;
+ 
+     ngx_http_upstream_connect(r, u);
++
++posted_requests:
++
++    ngx_http_run_posted_requests(c);
+ }
+ 
+ 

patches/nginx-1.2.7-upstream_truncation.patch

@@ -0,0 +1,149 @@
+diff --exclude '*~' --exclude '*.swp' -urp nginx-1.2.7/src/http/modules/ngx_http_scgi_module.c nginx-1.2.7-patched/src/http/modules/ngx_http_scgi_module.c
+--- nginx-1.2.7/src/http/modules/ngx_http_scgi_module.c	2013-02-09 19:08:42.000000000 -0800
++++ nginx-1.2.7-patched/src/http/modules/ngx_http_scgi_module.c	2013-04-07 12:09:55.900492634 -0700
+@@ -39,6 +39,7 @@ static ngx_int_t ngx_http_scgi_process_s
+ static ngx_int_t ngx_http_scgi_process_header(ngx_http_request_t *r);
+ static void ngx_http_scgi_abort_request(ngx_http_request_t *r);
+ static void ngx_http_scgi_finalize_request(ngx_http_request_t *r, ngx_int_t rc);
++static ngx_int_t ngx_http_scgi_input_filter_init(void *data);
+ 
+ static void *ngx_http_scgi_create_loc_conf(ngx_conf_t *cf);
+ static char *ngx_http_scgi_merge_loc_conf(ngx_conf_t *cf, void *parent,
+@@ -446,6 +447,8 @@ ngx_http_scgi_handler(ngx_http_request_t
+     u->pipe->input_filter = ngx_event_pipe_copy_input_filter;
+     u->pipe->input_ctx = r;
+ 
++    u->input_filter_init = ngx_http_scgi_input_filter_init;
++
+     rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init);
+ 
+     if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+@@ -1046,6 +1049,17 @@ ngx_http_scgi_finalize_request(ngx_http_
+ }
+ 
+ 
++static ngx_int_t
++ngx_http_scgi_input_filter_init(void *data)
++{
++    ngx_http_request_t    *r = data;
++
++    r->upstream->length = -1;
++
++    return NGX_OK;
++}
++
++
+ static void *
+ ngx_http_scgi_create_loc_conf(ngx_conf_t *cf)
+ {
+diff --exclude '*~' --exclude '*.swp' -urp nginx-1.2.7/src/http/modules/ngx_http_uwsgi_module.c nginx-1.2.7-patched/src/http/modules/ngx_http_uwsgi_module.c
+--- nginx-1.2.7/src/http/modules/ngx_http_uwsgi_module.c	2013-02-09 19:08:42.000000000 -0800
++++ nginx-1.2.7-patched/src/http/modules/ngx_http_uwsgi_module.c	2013-04-07 11:58:24.546915778 -0700
+@@ -46,6 +46,7 @@ static ngx_int_t ngx_http_uwsgi_process_
+ static void ngx_http_uwsgi_abort_request(ngx_http_request_t *r);
+ static void ngx_http_uwsgi_finalize_request(ngx_http_request_t *r,
+     ngx_int_t rc);
++static ngx_int_t ngx_http_uwsgi_input_filter_init(void *data);
+ 
+ static void *ngx_http_uwsgi_create_loc_conf(ngx_conf_t *cf);
+ static char *ngx_http_uwsgi_merge_loc_conf(ngx_conf_t *cf, void *parent,
+@@ -479,6 +480,8 @@ ngx_http_uwsgi_handler(ngx_http_request_
+     u->pipe->input_filter = ngx_event_pipe_copy_input_filter;
+     u->pipe->input_ctx = r;
+ 
++    u->input_filter_init = ngx_http_uwsgi_input_filter_init;
++
+     rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init);
+ 
+     if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+@@ -1086,6 +1089,17 @@ ngx_http_uwsgi_finalize_request(ngx_http
+ }
+ 
+ 
++static ngx_int_t
++ngx_http_uwsgi_input_filter_init(void *data)
++{
++    ngx_http_request_t    *r = data;
++
++    r->upstream->length = -1;
++
++    return NGX_OK;
++}
++
++
+ static void *
+ ngx_http_uwsgi_create_loc_conf(ngx_conf_t *cf)
+ {
+diff --exclude '*~' --exclude '*.swp' -urp nginx-1.2.7/src/http/ngx_http_upstream.c nginx-1.2.7-patched/src/http/ngx_http_upstream.c
+--- nginx-1.2.7/src/http/ngx_http_upstream.c	2013-02-11 06:39:49.000000000 -0800
++++ nginx-1.2.7-patched/src/http/ngx_http_upstream.c	2013-04-08 16:37:48.326752696 -0700
+@@ -2399,7 +2399,7 @@ ngx_http_upstream_process_non_buffered_u
+ 
+     if (c->read->timedout) {
+         ngx_connection_error(c, NGX_ETIMEDOUT, "upstream timed out");
+-        ngx_http_upstream_finalize_request(r, u, 0);
++        ngx_http_upstream_finalize_request(r, u, NGX_HTTP_GATEWAY_TIME_OUT);
+         return;
+     }
+ 
+@@ -2446,13 +2446,20 @@ ngx_http_upstream_process_non_buffered_r
+             if (u->busy_bufs == NULL) {
+ 
+                 if (u->length == 0
+-                    || upstream->read->eof
+-                    || upstream->read->error)
++                    || (upstream->read->eof
++                        && u->length == -1
++                        && u->pipe
++                        && u->pipe->length <= 0))
+                 {
+                     ngx_http_upstream_finalize_request(r, u, 0);
+                     return;
+                 }
+ 
++                if (upstream->read->eof || upstream->read->error) {
++                    ngx_http_upstream_finalize_request(r, u, NGX_HTTP_BAD_GATEWAY);
++                    return;
++                }
++
+                 b->pos = b->start;
+                 b->last = b->start;
+             }
+@@ -2720,7 +2727,9 @@ ngx_http_upstream_process_request(ngx_ht
+ 
+ #endif
+ 
+-        if (p->upstream_done || p->upstream_eof || p->upstream_error) {
++        if (p->upstream_done
++            || (p->upstream_eof && u->length == -1 && p->length <= 0))
++        {
+             ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+                            "http upstream exit: %p", p->out);
+ #if 0
+@@ -2729,6 +2738,14 @@ ngx_http_upstream_process_request(ngx_ht
+             ngx_http_upstream_finalize_request(r, u, 0);
+             return;
+         }
++
++        if (p->upstream_eof || p->upstream_error) {
++            ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                           "http upstream exit: %p", p->out);
++
++            ngx_http_upstream_finalize_request(r, u, NGX_HTTP_BAD_GATEWAY);
++            return;
++       }
+     }
+ 
+     if (p->downstream_error) {
+@@ -3087,9 +3104,9 @@ ngx_http_upstream_finalize_request(ngx_h
+ 
+     if (u->header_sent
+         && rc != NGX_HTTP_REQUEST_TIME_OUT
+-        && (rc == NGX_ERROR || rc >= NGX_HTTP_SPECIAL_RESPONSE))
++        && rc >= NGX_HTTP_SPECIAL_RESPONSE)
+     {
+-        rc = 0;
++        rc = NGX_ERROR;
+     }
+ 
+     if (rc == NGX_DECLINED) {

patches/ngx_http_redis-0.3.6-variables_in_redis_pass.patch

@@ -0,0 +1,190 @@
+--- ngx_http_redis-0.3.6/ngx_http_redis_module.c	2013-03-21 17:51:09.224660165 -0700
++++ ngx_http_redis-0.3.6-patched/ngx_http_redis_module.c	2013-03-21 17:50:51.928599875 -0700
+@@ -18,6 +18,8 @@ typedef struct {
+     ngx_int_t                  index;
+     ngx_int_t                  db;
+     ngx_uint_t                 gzip_flag;
++
++    ngx_http_complex_value_t  *complex_target; /* for redis_pass */
+ } ngx_http_redis_loc_conf_t;
+ 
+ 
+@@ -44,6 +46,9 @@ static char *ngx_http_redis_merge_loc_co
+ 
+ static char *ngx_http_redis_pass(ngx_conf_t *cf, ngx_command_t *cmd,
+     void *conf);
++static ngx_http_upstream_srv_conf_t *
++    ngx_http_redis_upstream_add(ngx_http_request_t *r, ngx_url_t *url);
++
+ 
+ static ngx_conf_bitmask_t  ngx_http_redis_next_upstream_masks[] = {
+     { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR },
+@@ -185,11 +190,43 @@ ngx_http_redis_handler(ngx_http_request_
+         return NGX_HTTP_INTERNAL_SERVER_ERROR;
+     }
+ 
++    rlcf = ngx_http_get_module_loc_conf(r, ngx_http_redis_module);
++    if (rlcf->complex_target) {
++        ngx_str_t           target;
++        ngx_url_t           url;
++
++        /* variables used in the redis_pass directive */
++
++        if (ngx_http_complex_value(r, rlcf->complex_target, &target)
++                != NGX_OK)
++        {
++            return NGX_ERROR;
++        }
++
++        if (target.len == 0) {
++            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                    "handler: empty \"redis_pass\" target");
++            return NGX_HTTP_INTERNAL_SERVER_ERROR;
++        }
++
++        url.host = target;
++        url.port = 0;
++        url.default_port = 6379;
++        url.no_resolve = 1;
++
++        rlcf->upstream.upstream = ngx_http_redis_upstream_add(r, &url);
++
++        if (rlcf->upstream.upstream == NULL) {
++            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
++                   "redis: upstream \"%V\" not found", &target);
++
++            return NGX_HTTP_INTERNAL_SERVER_ERROR;
++        }
++    }
++
+ #if defined nginx_version && nginx_version >= 8011
+     if (ngx_http_upstream_create(r) != NGX_OK) {
+ #else
+-    rlcf = ngx_http_get_module_loc_conf(r, ngx_http_redis_module);
+-
+     u = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_t));
+     if (u == NULL) {
+ #endif
+@@ -214,9 +251,7 @@ ngx_http_redis_handler(ngx_http_request_
+     u->peer.log_error = NGX_ERROR_ERR;
+ #endif
+ 
+-#if defined nginx_version && nginx_version >= 8011
+-    rlcf = ngx_http_get_module_loc_conf(r, ngx_http_redis_module);
+-#else
++#if !defined(nginx_version) || nginx_version < 8011
+     u->output.tag = (ngx_buf_tag_t) &ngx_http_redis_module;
+ #endif
+ 
+@@ -835,24 +870,15 @@ ngx_http_redis_pass(ngx_conf_t *cf, ngx_
+ 
+     ngx_str_t                 *value;
+     ngx_url_t                  u;
++    ngx_uint_t                 n;
+     ngx_http_core_loc_conf_t  *clcf;
+ 
++    ngx_http_compile_complex_value_t         ccv;
++
+     if (rlcf->upstream.upstream) {
+         return "is duplicate";
+     }
+ 
+-    value = cf->args->elts;
+-
+-    ngx_memzero(&u, sizeof(ngx_url_t));
+-
+-    u.url = value[1];
+-    u.no_resolve = 1;
+-
+-    rlcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0);
+-    if (rlcf->upstream.upstream == NULL) {
+-        return NGX_CONF_ERROR;
+-    }
+-
+     clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+ 
+     clcf->handler = ngx_http_redis_handler;
+@@ -869,6 +895,41 @@ ngx_http_redis_pass(ngx_conf_t *cf, ngx_
+ 
+     rlcf->db = ngx_http_get_variable_index(cf, &ngx_http_redis_db);
+ 
++    value = cf->args->elts;
++
++    n = ngx_http_script_variables_count(&value[1]);
++    if (n) {
++        rlcf->complex_target = ngx_palloc(cf->pool,
++                                          sizeof(ngx_http_complex_value_t));
++
++        if (rlcf->complex_target == NULL) {
++            return NGX_CONF_ERROR;
++        }
++
++        ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
++        ccv.cf = cf;
++        ccv.value = &value[1];
++        ccv.complex_value = rlcf->complex_target;
++
++        if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
++            return NGX_CONF_ERROR;
++        }
++
++        return NGX_CONF_OK;
++    }
++
++    rlcf->complex_target = NULL;
++
++    ngx_memzero(&u, sizeof(ngx_url_t));
++
++    u.url = value[1];
++    u.no_resolve = 1;
++
++    rlcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0);
++    if (rlcf->upstream.upstream == NULL) {
++        return NGX_CONF_ERROR;
++    }
++
+     return NGX_CONF_OK;
+ }
+ 
+@@ -906,3 +967,41 @@ ngx_http_redis_add_variables(ngx_conf_t
+ 
+     return NGX_OK;
+ }
++
++
++static ngx_http_upstream_srv_conf_t *
++ngx_http_redis_upstream_add(ngx_http_request_t *r, ngx_url_t *url)
++{
++    ngx_http_upstream_main_conf_t  *umcf;
++    ngx_http_upstream_srv_conf_t  **uscfp;
++    ngx_uint_t                      i;
++
++    umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);
++
++    uscfp = umcf->upstreams.elts;
++
++    for (i = 0; i < umcf->upstreams.nelts; i++) {
++
++        if (uscfp[i]->host.len != url->host.len
++            || ngx_strncasecmp(uscfp[i]->host.data, url->host.data,
++               url->host.len) != 0)
++        {
++            continue;
++        }
++
++        if (uscfp[i]->port != url->port) {
++            continue;
++        }
++
++        if (uscfp[i]->default_port
++            && url->default_port
++            && uscfp[i]->default_port != url->default_port)
++        {
++            continue;
++        }
++
++        return uscfp[i];
++    }
++
++    return NULL;
++}

util/dist-check

@@ -0,0 +1,98 @@
+#!/usr/bin/env perl
+
+use strict;
+use warnings;
+
+use Getopt::Std qw(getopts);
+use Cwd qw/cwd/;
+
+sub sh ($);
+
+my %opts;
+getopts("lf:", \%opts) or die "Usage: $0 [-f] <cores>\n";
+
+my $jobs = shift || 4;
+
+my $cwd = cwd();
+if ($cwd !~ /ngx_openresty-(\d+(?:\.\d+)+)$/) {
+    die "Bad current working directory: $cwd\n";
+}
+
+my $ver = $1;
+
+my ($make, $lua);
+
+if ($^O eq 'freebsd' || $^O eq 'solaris') {
+    $make = 'gmake';
+
+} else {
+    $make = 'make';
+}
+
+my $cfg_opts = "--with-http_iconv_module";
+
+if ($opts{l}) {
+    $lua = 'Lua';
+
+} else {
+    $lua = 'LuaJIT';
+    $cfg_opts .= " --with-luajit";
+}
+
+my $prefix;
+
+warn "=== Normal Build ===\n";
+$prefix = "/usr/local/openresty";
+unless ($opts{f}) {
+    sh "./configure $cfg_opts -j$jobs > /dev/null";
+}
+sh "$make -j$jobs > /dev/null";
+sh "sudo $make install > /dev/null";
+sh "$prefix/nginx/sbin/nginx -V 2>&1 |grep $ver";
+system "sudo killall nginx > /dev/null 2>&1";
+sh "sudo $prefix/nginx/sbin/nginx";
+sh "curl -si localhost/lua|grep $lua";
+sh "curl -si localhost/lua|grep $ver";
+sh "sudo $prefix/nginx/sbin/nginx -sstop";
+
+warn "\n=== Debug Build ===\n";
+$prefix = "/usr/local/openresty-debug";
+unless ($opts{f}) {
+    sh "./configure --with-debug $cfg_opts --prefix=$prefix -j$jobs > /dev/null";
+}
+sh "$make -j$jobs > /dev/null";
+sh "sudo $make install > /dev/null";
+sh "$prefix/nginx/sbin/nginx -V 2>&1 |grep $ver";
+sh "$prefix/nginx/sbin/nginx -V 2>&1 |grep '\\--with-debug'";
+system "sudo killall nginx > /dev/null 2>&1";
+sh "sudo $prefix/nginx/sbin/nginx";
+sh "curl -si localhost/lua|grep $lua";
+sh "curl -si localhost/lua|grep $ver";
+sh "sudo $prefix/nginx/sbin/nginx -sstop";
+
+warn "\n=== DTrace Build ===\n";
+$prefix = "/usr/local/openresty-dtrace";
+unless ($opts{f}) {
+    sh "./configure $cfg_opts --with-dtrace-probes --prefix=$prefix -j$jobs > /dev/null";
+}
+sh "$make -j$jobs > /dev/null";
+sh "sudo $make install > /dev/null";
+sh "$prefix/nginx/sbin/nginx -V 2>&1 |grep $ver";
+sh "$prefix/nginx/sbin/nginx -V 2>&1 |grep '\\--with-dtrace-probes'";
+system "sudo killall nginx > /dev/null 2>&1";
+sh "sudo $prefix/nginx/sbin/nginx";
+sh "curl -si localhost/lua|grep $lua";
+sh "curl -si localhost/lua|grep $ver";
+if ($^O eq 'linux') {
+    sh "stap -L 'process(\"$prefix/nginx/sbin/nginx\").mark(\"*\")'|grep http__lua__coroutine__done";
+
+} elsif ($^O eq 'freebsd' || $^O eq 'darwin' || $^O eq 'solaris') {
+    sh "sudo dtrace -l|grep http-lua-coroutine-done";
+}
+
+sh "sudo $prefix/nginx/sbin/nginx -sstop";
+
+sub sh ($) {
+    my $cmd = shift;
+    system($cmd) == 0 or die "Command \"$cmd\" failed";
+}

util/mirror-tarballs

@@ -109,8 +109,8 @@ echo "$info_txt applying the location_if_inherits_proxy patch for nginx"
 patch -p1 < $root/patches/nginx-$main_ver-location_if_inherits_proxy.patch || exit 1
 echo
 
-echo "$info_txt applying the nonbuffered-upstream-truncation patch for nginx"
-patch -p1 < $root/patches/nginx-$main_ver-nonbuffered-upstream-truncation.patch || exit 1
+echo "$info_txt applying the upstream_truncation patch for nginx"
+patch -p1 < $root/patches/nginx-$main_ver-upstream_truncation.patch || exit 1
 echo
 
 echo "$info_txt applying the channel-uninit-params patch for nginx"
@@ -139,6 +139,14 @@ if [ "$answer" = "N" ]; then
     echo
 fi
 
+echo "$info_txt applying the run_posted_requests_in_resolver patch for nginx"
+patch -p1 < $root/patches/nginx-$main_ver-run_posted_requests_in_resolver.patch || exit 1
+echo
+
+echo "$info_txt applying patches/nginx-$main_ver-cve-2013-2070.patch for nginx"
+patch -p0 < $root/patches/nginx-$main_ver-cve-2013-2070.patch || exit 1
+echo
+
 rm -f *.patch || exit 1
 
 cd .. || exit 1
@@ -152,7 +160,7 @@ rm -rf no-pool-nginx-$ver
 
 #################################
 
-ver=0.42
+ver=0.45
 $root/util/get-tarball "http://github.com/agentzh/echo-nginx-module/tarball/v$ver" -O echo-nginx-module-$ver.tar.gz || exit 1
 tar -xzf echo-nginx-module-$ver.tar.gz || exit 1
 mv agentzh-echo-nginx-module-* echo-nginx-module-$ver || exit 1
@@ -201,14 +209,14 @@ mv agentzh-headers-more-nginx-module-* headers-more-nginx-module-$ver || exit 1
 
 #################################
 
-ver=0.1.4
+ver=0.1.5
 $root/util/get-tarball "http://github.com/chaoslawful/drizzle-nginx-module/tarball/v$ver" -O drizzle-nginx-module-$ver.tar.gz || exit 1
 tar -xzf drizzle-nginx-module-$ver.tar.gz || exit 1
 mv chaoslawful-drizzle-nginx-module-* drizzle-nginx-module-$ver || exit 1
 
 #################################
 
-ver=0.7.16
+ver=0.7.21
 $root/util/get-tarball "http://github.com/chaoslawful/lua-nginx-module/tarball/v$ver" -O lua-nginx-module-$ver.tar.gz || exit 1
 tar -xzf lua-nginx-module-$ver.tar.gz || exit 1
 mv chaoslawful-lua-nginx-module-* ngx_lua-$ver || exit 1
@@ -243,14 +251,14 @@ mv calio-form-input-nginx-module-* form-input-nginx-module-$ver || exit 1
 
 #################################
 
-ver=0.10rc7
+ver=0.10
 $root/util/get-tarball "http://github.com/calio/iconv-nginx-module/tarball/v$ver" -O iconv-nginx-module-$ver.tar.gz || exit 1
 tar -xzf iconv-nginx-module-$ver.tar.gz || exit 1
 mv calio-iconv-nginx-module-* iconv-nginx-module-$ver || exit 1
 
 #################################
 
-ver=0.02
+ver=0.03
 $root/util/get-tarball "http://github.com/agentzh/encrypted-session-nginx-module/tarball/v$ver" -O encrypted-session-nginx-module-$ver.tar.gz || exit 1
 tar -xzf encrypted-session-nginx-module-$ver.tar.gz || exit 1
 mv agentzh-encrypted-session-nginx-module-* encrypted-session-nginx-module-$ver || exit 1
@@ -277,6 +285,11 @@ $root/util/get-tarball "http://people.freebsd.org/~osa/ngx_http_redis-$ver.tar.g
 tar -xzf redis-nginx-module-$ver.tar.gz || exit 1
 mv ngx_http_redis-* redis-nginx-module-$ver || exit 1
 
+cd redis-nginx-module-$ver
+echo "applying ngx_http_redis-$ver-variables_in_redis_pass.patch"
+patch -p1 < $root/patches/ngx_http_redis-$ver-variables_in_redis_pass.patch || exit 1
+cd ..
+
 #################################
 
 ver=1.0rc2
@@ -293,7 +306,7 @@ mv FRiCKLE-ngx_coolkit-* ngx_coolkit-$ver || exit 1
 
 #################################
 
-ver=0.09
+ver=0.10
 $root/util/get-tarball "http://github.com/agentzh/redis2-nginx-module/tarball/v$ver" -O redis2-nginx-module-$ver.tar.gz || exit 1
 tar -xzf redis2-nginx-module-$ver.tar.gz || exit 1
 mv agentzh-redis2-nginx-module-* redis2-nginx-module-$ver || exit 1
@@ -326,10 +339,12 @@ ver=2.0.1
 $root/util/get-tarball "http://luajit.org/download/LuaJIT-$ver.tar.gz" -O "LuaJIT-$ver.tar.gz" || exit 1
 tar -xzf LuaJIT-$ver.tar.gz || exit 1
 
-#echo "$info_txt applying luajit-2.0.0-2ad9834d.patch for luajit 2.0.0"
-#cd LuaJIT-$ver || exit 1;
-#patch -p1 < $root/patches/luajit-2.0.0-2ad9834d.patch || exit 1
-#cd .. || exit 1
+echo "$info_txt applying luajit-$ver hotfix #1 patch for luajit $ver"
+$root/util/get-tarball http://luajit.org/download/v2.0.1_hotfix1.patch -O hotfix.patch
+cd LuaJIT-$ver || exit 1;
+patch -p1 < ../hotfix.patch || exit 1
+rm ../hotfix.patch
+cd .. || exit 1
 
 #$root/util/get-tarball http://luajit.org/download/beta11_hotfix1.patch -O beta11_hotfix1.patch
 #patch -p1 < beta11_hotfix1.patch || exit 1
@@ -370,7 +385,7 @@ mv agentzh-lua-resty-dns-* lua-resty-dns-$ver || exit 1
 
 #################################
 
-ver=0.10
+ver=0.11
 $root/util/get-tarball "http://github.com/agentzh/lua-resty-memcached/tarball/v$ver" -O "lua-resty-memcached-$ver.tar.gz" || exit 1
 tar -xzf lua-resty-memcached-$ver.tar.gz || exit 1
 mv agentzh-lua-resty-memcached-* lua-resty-memcached-$ver || exit 1
@@ -384,14 +399,14 @@ mv agentzh-lua-resty-redis-* lua-resty-redis-$ver || exit 1
 
 #################################
 
-ver=0.12
+ver=0.13
 $root/util/get-tarball "http://github.com/agentzh/lua-resty-mysql/tarball/v$ver" -O "lua-resty-mysql-$ver.tar.gz" || exit 1
 tar -xzf lua-resty-mysql-$ver.tar.gz || exit 1
 mv agentzh-lua-resty-mysql-* lua-resty-mysql-$ver || exit 1
 
 #################################
 
-ver=0.07
+ver=0.08
 $root/util/get-tarball "http://github.com/agentzh/lua-resty-upload/tarball/v$ver" -O "lua-resty-upload-$ver.tar.gz" || exit 1
 tar -xzf lua-resty-upload-$ver.tar.gz || exit 1
 mv agentzh-lua-resty-upload-* lua-resty-upload-$ver || exit 1

util/ver

@@ -2,7 +2,7 @@
 
 #main_ver=1.3.11
 main_ver=1.2.7
-minor_ver=1
+minor_ver=8
 version=$main_ver.$minor_ver
 echo $version