cd0a0f605e
License-Update: copyright year bump. Changelog: 1.29.5: - Security: an attacker might inject plain text data in the response from an SSL backend (CVE-2026-1642). - Bugfix: use-after-free might occur after switching to the next gRPC or HTTP/2 backend. - Bugfix: an invalid HTTP/2 request might be sent after switching to the next upstream. - Bugfix: a response with multiple ranges might be larger than the source response. - Bugfix: fixed setting HTTP_HOST when proxying to FastCGI, SCGI, and uwsgi backends. - Bugfix: fixed warning when compiling with MSVC 2022 x86. - Change: the logging level of the "ech_required" SSL error has been lowered from "crit" to "info". 1.29.4: - Feature: the ngx_http_proxy_module supports HTTP/2. - Feature: Encrypted ClientHello TLS extension support when using OpenSSL ECH feature branch; the "ssl_ech_file" directive. Thanks to Stephen Farrell. - Change: validation of host and port in the request line, "Host" header field, and ":authority" pseudo-header field has been changed to follow RFC 3986. - Change: now a single LF used as a line terminator in a chunked request or response body is considered an error. - Bugfix: when using HTTP/3 with OpenSSL 3.5.1 or newer a segmentation fault might occur in a worker process; the bug had appeared in 1.29.1. Thanks to Jan Svojanovsky. - Bugfix: a segmentation fault might occur in a worker process if the "try_files" directive and "proxy_pass" with a URI were used. 1.29.3: - Feature: the "add_header_inherit" and "add_trailer_inherit" directives. - Feature: the $request_port and $is_request_port variables. - Feature: the $ssl_sigalg and $ssl_client_sigalg variables. - Feature: the "volatile" parameter of the "geo" directive. - Feature: now certificate compression is available with BoringSSL. - Bugfix: now certificate compression is disabled with OCSP stapling. 1.29.2 - Feature: now nginx can be built with AWS-LC. Thanks Samuel Chiang. - Bugfix: now the "ssl_protocols" directive works in a virtual server different from the default server when using OpenSSL 1.1.1 or newer. - Bugfix: SSL handshake always failed when using TLSv1.3 with OpenSSL and client certificates and resuming a session with a different SNI value; the bug had appeared in 1.27.4. - Bugfix: the "ignoring stale global SSL error" alerts might appear in logs when using QUIC and the "ssl_reject_handshake" directive; the bug had appeared in 1.29.0. Thanks to Vladimir Homutov. - Bugfix: in delta-seconds processing in the "Cache-Control" backend response header line. - Bugfix: an XCLIENT command didn't use the xtext encoding. Thanks to Igor Morgenstern of Aisle Research. - Bugfix: in SSL certificate caching during reconfiguration. Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
meta-webserver
This layer provides support for building web servers, web-based applications and related software.
Dependencies
This layer depends on:
URI: git://git.openembedded.org/openembedded-core subdirectory: meta branch: master
For some recipes, the meta-oe layer is required:
URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-oe branch: master
Layout
- recipes-httpd/ Web servers
- recipes-php/ PHP applications
- recipes-support/ Miscellaneous support recipes
- recipes-webadmin/ Standalone web administration interfaces
Notes
-
This layer used to provide a modphp recipe that built mod_php, but this is now built as part of the php recipe in meta-oe. However, since apache2 is required to build mod_php, and apache2 recipe is in this layer and recipes in meta-oe can't depend on it, mod_php is not built by default. If you do wish to use mod_php, you need to add "apache2" to the PACKAGECONFIG value for the php recipe in order to enable it. See here for info on how to do that:
http://www.yoctoproject.org/docs/current/ref-manual/ref-manual.html#var-PACKAGECONFIG
Maintenance
Send patches / pull requests to openembedded-devel@lists.openembedded.org with '[meta-webserver]' in the subject.
When sending single patches, please use something like:
git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-webserver][PATCH"
Layer maintainer: Derek Straka derek@asterius.io
License
All metadata is MIT licensed unless otherwise stated. Source code included in tree for individual recipes is under the LICENSE stated in each recipe (.bb file) unless otherwise stated.
This README document is Copyright (C) 2012 Intel Corporation.