git: dddd3616414a - main - www/angie: Update 1.8.1 => 1.9.1 (fixes CVE-2025-23419)
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Thu, 19 Jun 2025 14:48:12 UTC
The branch main has been updated by vvd:
URL: https://cgit.FreeBSD.org/ports/commit/?id=dddd3616414ad476275e7e8a2893c70e68912f82
commit dddd3616414ad476275e7e8a2893c70e68912f82
Author: Vladimir Druzenko <vvd@FreeBSD.org>
AuthorDate: 2025-06-19 14:11:42 +0000
Commit: Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2025-06-19 14:39:35 +0000
www/angie: Update 1.8.1 => 1.9.1 (fixes CVE-2025-23419)
Changelogs:
https://github.com/webserver-llc/angie/releases/tag/Angie-1.8.2
https://github.com/webserver-llc/angie/releases/tag/Angie-1.8.3
https://github.com/webserver-llc/angie/releases/tag/Angie-1.9.0
https://github.com/webserver-llc/angie/releases/tag/Angie-1.9.1
Improve port:
- Create/delete logs directory using hooks (author oleg@mamontov.net)
- Fix indentations: replace spaces with tabs, remove unnecessary tabs
- Fix warnings from portclippy - sort options
- Reduce the number of if statements to determine master/slave
PR: 287316 275300
Approved by: oleg@mamontov.net (maintainer, timeout 2 weeks)
Security: CVE-2025-23419
MFH: 2025Q2
---
www/angie/Makefile | 227 ++++++++++++++++++++++++++--------------------------
www/angie/distinfo | 6 +-
www/angie/pkg-plist | 8 +-
3 files changed, 122 insertions(+), 119 deletions(-)
diff --git a/www/angie/Makefile b/www/angie/Makefile
index 97361cc17f29..85409be0f36d 100644
--- a/www/angie/Makefile
+++ b/www/angie/Makefile
@@ -1,118 +1,115 @@
-PORTNAME?= angie
-DISTVERSION= 1.8.1
-CATEGORIES+= www
-MASTER_SITES+= https://download.angie.software/files/:angie
-DISTNAME= angie-${DISTVERSIONFULL}
-DISTFILES+= ${DISTNAME}${EXTRACT_SUFX}:angie
-
-MAINTAINER?= oleg@mamontov.net
-COMMENT?= Efficient, powerful and scalable reverse proxy and web server
-WWW?= https://angie.software/en/
-
-LICENSE?= BSD2CLAUSE
-.if ${PORTNAME} == angie
-LICENSE_FILE= ${WRKSRC}/LICENSE
-.else
-LICENSE_FILE?= ${WRKSRC_module}/LICENSE
-.endif
-
-.if ${PORTNAME} == angie
-LIB_DEPENDS= libpcre2-8.so:devel/pcre2
-.else
-BUILD_DEPENDS+= pcre2>=0:devel/pcre2
-RUN_DEPENDS+= angie==${PKGVERSION}:www/angie
-.endif
+PORTNAME?= angie
+DISTVERSION= 1.9.1
+CATEGORIES+= www
+MASTER_SITES+= https://download.angie.software/files/:angie
+DISTNAME= angie-${DISTVERSIONFULL}
+DISTFILES+= ${DISTNAME}${EXTRACT_SUFX}:angie
-USES+= localbase:ldflags ssl
-USE_GITHUB= nodefault
+MAINTAINER?= oleg@mamontov.net
+COMMENT?= Efficient, powerful and scalable reverse proxy and web server
+WWW?= https://angie.software/en/
-HAS_CONFIGURE?= yes
+LICENSE?= BSD2CLAUSE
.if ${PORTNAME} == angie
-ALL_TARGET= build
-SUB_FILES= angie.conf.sample \
- default.conf.sample \
- example.conf.sample \
- pkg-message
-USE_RC_SUBR= angie
+LICENSE_FILE= ${WRKSRC}/LICENSE
+LIB_DEPENDS= libpcre2-8.so:devel/pcre2
+USE_RC_SUBR= angie
+ALL_TARGET= build
+SUB_FILES= angie.conf.sample \
+ default.conf.sample \
+ example.conf.sample \
+ pkg-message
.else
-ALL_TARGET?= modules
-CONFIGURE_ADD?= --add-dynamic-module=${WRKSRC_module}
+LICENSE_FILE?= ${WRKSRC_module}/LICENSE
+BUILD_DEPENDS+= pcre2>=0:devel/pcre2
+RUN_DEPENDS+= angie==${PKGVERSION}:www/angie
+ALL_TARGET?= modules
+CONFIGURE_ADD?= --add-dynamic-module=${WRKSRC_module}
.endif
-# modules always have their own assets
-PATCHDIR?= ${.CURDIR}/files
-FILESDIR?= ${.CURDIR}/files
-SCRIPTDIR?= ${.CURDIR}/scripts
-PKGDIR?= ${.CURDIR}
+USES+= localbase:ldflags ssl
+USE_GITHUB= nodefault
+
+HAS_CONFIGURE?= yes
+CONFIGURE_ARGS= --prefix=${PREFIX}/etc/angie \
+ --conf-path=${PREFIX}/etc/angie/angie.conf \
+ --error-log-path=${LOGDIR}/error.log \
+ --http-log-path=${LOGDIR}/access.log \
+ --lock-path=${RUNDIR}/angie.lock \
+ --modules-path=${MODDIR} \
+ --pid-path=${RUNDIR}/angie.pid \
+ --sbin-path=${PREFIX}/sbin/angie \
+ --http-client-body-temp-path=${CACHEDIR}/client_temp \
+ --http-fastcgi-temp-path=${CACHEDIR}/fastcgi_temp \
+ --http-proxy-temp-path=${CACHEDIR}/proxy_temp \
+ --http-scgi-temp-path=${CACHEDIR}/scgi_temp \
+ --http-uwsgi-temp-path=${CACHEDIR}/uwsgi_temp \
+ --user=${WWWOWN} \
+ --group=${WWWGRP} \
+ --with-file-aio \
+ --with-http_addition_module \
+ --with-http_auth_request_module \
+ --with-http_dav_module \
+ --with-http_flv_module \
+ --with-http_gunzip_module \
+ --with-http_gzip_static_module \
+ --with-http_mp4_module \
+ --with-http_random_index_module \
+ --with-http_realip_module \
+ --with-http_secure_link_module \
+ --with-http_slice_module \
+ --with-http_ssl_module \
+ --with-http_stub_status_module \
+ --with-http_sub_module \
+ --with-http_v2_module \
+ --with-http_v3_module \
+ --with-mail \
+ --with-mail_ssl_module \
+ --with-stream \
+ --with-stream_realip_module \
+ --with-stream_ssl_module \
+ --with-stream_ssl_preread_module \
+ --with-threads \
+ --with-cc-opt="${CFLAGS}" \
+ --with-ld-opt="${LDFLAGS}" \
+ ${CONFIGURE_ADD}
# angie-specific variables
-CACHEDIR= /var/cache/angie
-LOGDIR= /var/log/angie
-MODDIR= ${PREFIX}/libexec/angie
-RUNDIR= /var/run
-WRKSRC_DEBUG= ${WRKSRC}-debug
-
-PLIST_SUB+= CACHEDIR=${CACHEDIR} \
- LOGDIR=${LOGDIR} \
- MODDIR=${MODDIR} \
- RUNDIR=${RUNDIR}
-
-SUB_LIST+= CACHEDIR=${CACHEDIR} \
- LOGDIR=${LOGDIR} \
- MODDIR=${MODDIR} \
- RUNDIR=${RUNDIR} \
- WWWOWN=${WWWOWN}
-
-SUB_FILES?= pkg-message
-
-OPTIONS_SUB= yes
-
-CONFIGURE_ARGS= --prefix=${PREFIX}/etc/angie \
- --conf-path=${PREFIX}/etc/angie/angie.conf \
- --error-log-path=${LOGDIR}/error.log \
- --http-log-path=${LOGDIR}/access.log \
- --lock-path=${RUNDIR}/angie.lock \
- --modules-path=${MODDIR} \
- --pid-path=${RUNDIR}/angie.pid \
- --sbin-path=${PREFIX}/sbin/angie \
- --http-client-body-temp-path=${CACHEDIR}/client_temp \
- --http-fastcgi-temp-path=${CACHEDIR}/fastcgi_temp \
- --http-proxy-temp-path=${CACHEDIR}/proxy_temp \
- --http-scgi-temp-path=${CACHEDIR}/scgi_temp \
- --http-uwsgi-temp-path=${CACHEDIR}/uwsgi_temp \
- --user=${WWWOWN} \
- --group=${WWWGRP} \
- --with-file-aio \
- --with-http_addition_module \
- --with-http_auth_request_module \
- --with-http_dav_module \
- --with-http_flv_module \
- --with-http_gunzip_module \
- --with-http_gzip_static_module \
- --with-http_mp4_module \
- --with-http_random_index_module \
- --with-http_realip_module \
- --with-http_secure_link_module \
- --with-http_slice_module \
- --with-http_ssl_module \
- --with-http_stub_status_module \
- --with-http_sub_module \
- --with-http_v2_module \
- --with-http_v3_module \
- --with-mail \
- --with-mail_ssl_module \
- --with-stream \
- --with-stream_realip_module \
- --with-stream_ssl_module \
- --with-stream_ssl_preread_module \
- --with-threads \
- --with-cc-opt="${CFLAGS}" \
- --with-ld-opt="${LDFLAGS}" \
- ${CONFIGURE_ADD}
+CACHEDIR= /var/cache/angie
+DBDIR= /var/db/angie
+ETCDIR= ${PREFIX}/etc/angie
+LOGDIR= /var/log/angie
+MODDIR= ${PREFIX}/libexec/angie
+RUNDIR= /var/run
+WRKSRC_DEBUG= ${WRKSRC}-debug
+# modules always have their own assets
+FILESDIR?= ${.CURDIR}/files
+PATCHDIR?= ${.CURDIR}/files
+PKGDIR?= ${.CURDIR}
+SCRIPTDIR?= ${.CURDIR}/scripts
+
+SUB_FILES?= pkg-message
+SUB_LIST+= CACHEDIR=${CACHEDIR} \
+ DBDIR=${DBDIR} \
+ ETCDIR=${ETCDIR} \
+ LOGDIR=${LOGDIR} \
+ MODDIR=${MODDIR} \
+ RUNDIR=${RUNDIR} \
+ WWWGRP=${WWWGRP} \
+ WWWOWN=${WWWOWN}
+
+PLIST_SUB+= CACHEDIR=${CACHEDIR} \
+ DBDIR=${DBDIR} \
+ LOGDIR=${LOGDIR} \
+ MODDIR=${MODDIR} \
+ RUNDIR=${RUNDIR} \
+ WWWGRP=${WWWGRP} \
+ WWWOWN=${WWWOWN}
OPTIONS_DEFINE?= DEBUG
OPTIONS_DEFAULT?= DEBUG
+OPTIONS_SUB= yes
DEBUG_DESC?= Include debug version
.include <bsd.port.options.mk>
@@ -124,17 +121,17 @@ post-configure-DEBUG-on:
@(cd ${WRKSRC_DEBUG} && \
${SET_LATE_CONFIGURE_ARGS} \
if ! ${SETENV} CC="${CC}" CPP="${CPP}" CXX="${CXX}" \
- CFLAGS="${CFLAGS} -g" CPPFLAGS="${CPPFLAGS}" CXXFLAGS="${CXXFLAGS}" \
- LDFLAGS="${LDFLAGS}" LIBS="${LIBS}" \
- INSTALL="/usr/bin/install -c" \
- INSTALL_DATA="${INSTALL_DATA}" \
- INSTALL_LIB="${INSTALL_LIB}" \
- INSTALL_PROGRAM="${INSTALL_PROGRAM}" \
- INSTALL_SCRIPT="${INSTALL_SCRIPT}" \
- ${CONFIGURE_ENV} ${CONFIGURE_CMD} ${CONFIGURE_ARGS} --with-debug; then \
- ${ECHO_MSG} "===> Script \"${CONFIGURE_SCRIPT}\" failed unexpectedly."; \
- (${ECHO_CMD} ${CONFIGURE_FAIL_MESSAGE}) | ${FMT_80} ; \
- ${FALSE}; \
+ CFLAGS="${CFLAGS} -g" CPPFLAGS="${CPPFLAGS}" CXXFLAGS="${CXXFLAGS}" \
+ LDFLAGS="${LDFLAGS}" LIBS="${LIBS}" \
+ INSTALL="/usr/bin/install -c" \
+ INSTALL_DATA="${INSTALL_DATA}" \
+ INSTALL_LIB="${INSTALL_LIB}" \
+ INSTALL_PROGRAM="${INSTALL_PROGRAM}" \
+ INSTALL_SCRIPT="${INSTALL_SCRIPT}" \
+ ${CONFIGURE_ENV} ${CONFIGURE_CMD} ${CONFIGURE_ARGS} --with-debug; then \
+ ${ECHO_MSG} "===> Script \"${CONFIGURE_SCRIPT}\" failed unexpectedly."; \
+ (${ECHO_CMD} ${CONFIGURE_FAIL_MESSAGE}) | ${FMT_80} ; \
+ ${FALSE}; \
fi \
)
@@ -144,10 +141,10 @@ post-build-DEBUG-on:
.if ${PORTNAME} == angie
do-install:
${MKDIR} ${STAGEDIR}${CACHEDIR}
+ ${MKDIR} ${STAGEDIR}${DBDIR}
${MKDIR} ${STAGEDIR}${DOCSDIR}
${MKDIR} ${STAGEDIR}${ETCDIR}/http.d
${MKDIR} ${STAGEDIR}${ETCDIR}/stream.d
- ${MKDIR} ${STAGEDIR}${LOGDIR}
${MKDIR} ${STAGEDIR}${MODDIR}
${MKDIR} ${STAGEDIR}${WWWDIR}/html
diff --git a/www/angie/distinfo b/www/angie/distinfo
index 69f05d2e6e3b..44465aaf3daa 100644
--- a/www/angie/distinfo
+++ b/www/angie/distinfo
@@ -1,6 +1,6 @@
-TIMESTAMP = 1737668800
-SHA256 (angie-1.8.1.tar.gz) = db30b69045cf9a40f144911814414d9e1b4d4370f6693d008f4017dcb4370b4c
-SIZE (angie-1.8.1.tar.gz) = 1672621
+TIMESTAMP = 1749050000
+SHA256 (angie-1.9.1.tar.gz) = af11cc06dfebe7c17832375b348a8d786af052cefce5ffafaaa898484e18ce36
+SIZE (angie-1.9.1.tar.gz) = 1723240
SHA256 (kjdev-nginx-auth-jwt-0.9.0_GH0.tar.gz) = d7c72634261a053afaacc2cb762eccf9ce4c462ca738ad0c4809eb964ddf3c0c
SIZE (kjdev-nginx-auth-jwt-0.9.0_GH0.tar.gz) = 75474
SHA256 (stnoonan-spnego-http-auth-nginx-module-v1.1.2_GH0.tar.gz) = 72b4dfe3e3cee4feaa698c5710ec1590f85bfbe4cd50e8e8d1700c210c82150a
diff --git a/www/angie/pkg-plist b/www/angie/pkg-plist
index 4f1d8cbb5921..d942c89a5322 100644
--- a/www/angie/pkg-plist
+++ b/www/angie/pkg-plist
@@ -1,7 +1,13 @@
+@preexec test -e %%LOGDIR%% || install -d -m 755 -o root -g wheel %%LOGDIR%%
+@preexec test -e %%DBDIR%%/state || install -d -m 755 -o %%WWWOWN%% -g %%WWWGRP%% %%DBDIR%%/state
+
+@postunexec test -d %%DBDIR%%/state && rmdir %%DBDIR%%/state 2>/dev/null || :
+@postunexec test -d %%LOGDIR%% && rmdir %%LOGDIR%% 2>/dev/null || :
+
@dir %%ETCDIR%%/http.d
@dir %%ETCDIR%%/stream.d
@dir %%CACHEDIR%%
-@dir %%LOGDIR%%
+@dir %%DBDIR%%
@dir %%MODDIR%%
%%ETCDIR%%/modules