Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package nginx for openSUSE:Factory checked in at 2024-06-04 12:50:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nginx (Old)
and /work/SRC/openSUSE:Factory/.nginx.new.24587 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx"
Tue Jun 4 12:50:42 2024 rev:90 rq:1177870 version:1.27.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2024-05-13 01:19:21.563171865 +0200
+++ /work/SRC/openSUSE:Factory/.nginx.new.24587/nginx.changes 2024-06-04 12:51:08.967866511 +0200
@@ -1,0 +2,12 @@
+Fri May 31 08:48:36 UTC 2024 - Илья Индиго
+
+- Updated to 1.27.0
+ * Changed nginx.keyring to Sergey Kandaurov’s PGP public key.
+ * https://nginx.org/en/CHANGES
+ * Added variables support in the "proxy_limit_rate", "fastcgi_limit_rate",
+ "scgi_limit_rate", and "uwsgi_limit_rate" directives.
+ * Fixed reduced memory consumption for long-lived requests if "gzip",
+ "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
+ * Fixed building with gcc 14 with --with-atomic option.
+
+-------------------------------------------------------------------
Old:
----
nginx-1.25.5.tar.gz
nginx-1.25.5.tar.gz.asc
New:
----
nginx-1.27.0.tar.gz
nginx-1.27.0.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ nginx.spec ++++++
--- /var/tmp/diff_new_pack.yJ986f/_old 2024-06-04 12:51:10.031905123 +0200
+++ /var/tmp/diff_new_pack.yJ986f/_new 2024-06-04 12:51:10.031905123 +0200
@@ -23,7 +23,7 @@
%bcond_with ngx_google_perftools
#
Name: nginx
-Version: 1.25.5
+Version: 1.27.0
Release: 0
Summary: A HTTP server and IMAP/POP3 proxy server
License: BSD-2-Clause
@@ -31,7 +31,7 @@
URL: https://nginx.org
Source0: https://nginx.org/download/%{name}-%{version}.tar.gz
Source1: https://nginx.org/download/%{name}-%{version}.tar.gz.asc
-Source2: https://nginx.org/keys/arut.key#/%{name}.keyring
+Source2: https://nginx.org/keys/pluknet.key#/%{name}.keyring
Source3: %{name}.rpmlintrc
Source4: %{name}.logrotate
Source5: %{name}.service
++++++ nginx-1.25.5.tar.gz -> nginx-1.27.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/CHANGES new/nginx-1.27.0/CHANGES
--- old/nginx-1.25.5/CHANGES 2024-04-16 16:37:23.000000000 +0200
+++ new/nginx-1.27.0/CHANGES 2024-05-29 16:30:32.000000000 +0200
@@ -1,4 +1,27 @@
+Changes with nginx 1.27.0 29 May 2024
+
+ *) Security: when using HTTP/3, processing of a specially crafted QUIC
+ session might cause a worker process crash, worker process memory
+ disclosure on systems with MTU larger than 4096 bytes, or might have
+ potential other impact (CVE-2024-32760, CVE-2024-31079,
+ CVE-2024-35200, CVE-2024-34161).
+ Thanks to Nils Bars of CISPA.
+
+ *) Feature: variables support in the "proxy_limit_rate",
+ "fastcgi_limit_rate", "scgi_limit_rate", and "uwsgi_limit_rate"
+ directives.
+
+ *) Bugfix: reduced memory consumption for long-lived requests if "gzip",
+ "gunzip", "ssi", "sub_filter", or "grpc_pass" directives are used.
+
+ *) Bugfix: nginx could not be built by gcc 14 if the --with-atomic
+ option was used.
+ Thanks to Edgar Bonet.
+
+ *) Bugfixes in HTTP/3.
+
+
Changes with nginx 1.25.5 16 Apr 2024
*) Feature: virtual servers in the stream module.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/CHANGES.ru new/nginx-1.27.0/CHANGES.ru
--- old/nginx-1.25.5/CHANGES.ru 2024-04-16 16:37:23.000000000 +0200
+++ new/nginx-1.27.0/CHANGES.ru 2024-05-29 16:30:32.000000000 +0200
@@ -1,4 +1,27 @@
+Изменения в nginx 1.27.0 29.05.2024
+
+ *) Безопасность: при использовании HTTP/3 обработка специально созданной
+ QUIC-сессии могла приводить к падению рабочего процесса, отправке
+ клиенту содержимого памяти рабочего процесса на системах с MTU больше
+ 4096 байт, а также потенциально могла иметь другие последствия
+ (CVE-2024-32760, CVE-2024-31079, CVE-2024-35200, CVE-2024-34161).
+ Спасибо Nils Bars из CISPA.
+
+ *) Добавление: директивы proxy_limit_rate, fastcgi_limit_rate,
+ scgi_limit_rate и uwsgi_limit_rate поддерживают переменные.
+
+ *) Исправление: уменьшено потребление памяти для долгоживущих запросов,
+ если используются директивы gzip, gunzip, ssi, sub_filter или
+ grpc_pass.
+
+ *) Исправление: nginx не собирался gcc 14, если использовался параметр
+ --with-atomic.
+ Спасибо Edgar Bonet.
+
+ *) Исправления в HTTP/3.
+
+
Изменения в nginx 1.25.5 16.04.2024
*) Добавление: виртуальные сервера в модуле stream.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/auto/lib/libatomic/conf new/nginx-1.27.0/auto/lib/libatomic/conf
--- old/nginx-1.25.5/auto/lib/libatomic/conf 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/auto/lib/libatomic/conf 2024-05-28 15:22:30.000000000 +0200
@@ -19,7 +19,7 @@
#include "
ngx_feature_path=
ngx_feature_libs="-latomic_ops"
- ngx_feature_test="long n = 0;
+ ngx_feature_test="AO_t n = 0;
if (!AO_compare_and_swap(&n, 0, 1))
return 1;
if (AO_fetch_and_add(&n, 1) != 1)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/core/nginx.h new/nginx-1.27.0/src/core/nginx.h
--- old/nginx-1.25.5/src/core/nginx.h 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/core/nginx.h 2024-05-28 15:22:30.000000000 +0200
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1025005
-#define NGINX_VERSION "1.25.5"
+#define nginx_version 1027000
+#define NGINX_VERSION "1.27.0"
#define NGINX_VER "nginx/" NGINX_VERSION
#ifdef NGX_BUILD
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/core/ngx_output_chain.c new/nginx-1.27.0/src/core/ngx_output_chain.c
--- old/nginx-1.25.5/src/core/ngx_output_chain.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/core/ngx_output_chain.c 2024-05-28 15:22:30.000000000 +0200
@@ -117,7 +117,10 @@
ngx_debug_point();
- ctx->in = ctx->in->next;
+ cl = ctx->in;
+ ctx->in = cl->next;
+
+ ngx_free_chain(ctx->pool, cl);
continue;
}
@@ -203,7 +206,10 @@
/* delete the completed buf from the ctx->in chain */
if (ngx_buf_size(ctx->in->buf) == 0) {
- ctx->in = ctx->in->next;
+ cl = ctx->in;
+ ctx->in = cl->next;
+
+ ngx_free_chain(ctx->pool, cl);
}
cl = ngx_alloc_chain_link(ctx->pool);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/event/ngx_event_openssl.c new/nginx-1.27.0/src/event/ngx_event_openssl.c
--- old/nginx-1.25.5/src/event/ngx_event_openssl.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/event/ngx_event_openssl.c 2024-05-28 15:22:30.000000000 +0200
@@ -764,13 +764,13 @@
engine = ENGINE_by_id((char *) p);
+ *last++ = ':';
+
if (engine == NULL) {
*err = "ENGINE_by_id() failed";
return NULL;
}
- *last++ = ':';
-
pkey = ENGINE_load_private_key(engine, (char *) last, 0, 0);
if (pkey == NULL) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/event/quic/ngx_event_quic_frames.c new/nginx-1.27.0/src/event/quic/ngx_event_quic_frames.c
--- old/nginx-1.25.5/src/event/quic/ngx_event_quic_frames.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/event/quic/ngx_event_quic_frames.c 2024-05-28 15:22:30.000000000 +0200
@@ -648,6 +648,7 @@
ngx_quic_free_chain(c, qb->chain);
qb->chain = NULL;
+ qb->last_chain = NULL;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/event/quic/ngx_event_quic_ssl.c new/nginx-1.27.0/src/event/quic/ngx_event_quic_ssl.c
--- old/nginx-1.25.5/src/event/quic/ngx_event_quic_ssl.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/event/quic/ngx_event_quic_ssl.c 2024-05-28 15:22:30.000000000 +0200
@@ -326,6 +326,11 @@
ngx_quic_crypto_frame_t *f;
qc = ngx_quic_get_connection(c);
+
+ if (!ngx_quic_keys_available(qc->keys, pkt->level, 0)) {
+ return NGX_OK;
+ }
+
ctx = ngx_quic_get_send_ctx(qc, pkt->level);
f = &frame->u.crypto;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/event/quic/ngx_event_quic_transport.c new/nginx-1.27.0/src/event/quic/ngx_event_quic_transport.c
--- old/nginx-1.25.5/src/event/quic/ngx_event_quic_transport.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/event/quic/ngx_event_quic_transport.c 2024-05-28 15:22:30.000000000 +0200
@@ -1750,6 +1750,14 @@
return NGX_ERROR;
}
+ if ((size_t) (end - p) < len) {
+ ngx_log_error(NGX_LOG_INFO, log, 0,
+ "quic failed to parse"
+ " transport param id:0x%xL, data length %uL too long",
+ id, len);
+ return NGX_ERROR;
+ }
+
rc = ngx_quic_parse_transport_param(p, p + len, id, tp);
if (rc == NGX_ERROR) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_fastcgi_module.c new/nginx-1.27.0/src/http/modules/ngx_http_fastcgi_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_fastcgi_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_fastcgi_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -375,7 +375,7 @@
{ ngx_string("fastcgi_limit_rate"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
- ngx_conf_set_size_slot,
+ ngx_http_set_complex_value_size_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_fastcgi_loc_conf_t, upstream.limit_rate),
NULL },
@@ -2898,7 +2898,7 @@
conf->upstream.send_lowat = NGX_CONF_UNSET_SIZE;
conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
- conf->upstream.limit_rate = NGX_CONF_UNSET_SIZE;
+ conf->upstream.limit_rate = NGX_CONF_UNSET_PTR;
conf->upstream.busy_buffers_size_conf = NGX_CONF_UNSET_SIZE;
conf->upstream.max_temp_file_size_conf = NGX_CONF_UNSET_SIZE;
@@ -3015,8 +3015,8 @@
prev->upstream.buffer_size,
(size_t) ngx_pagesize);
- ngx_conf_merge_size_value(conf->upstream.limit_rate,
- prev->upstream.limit_rate, 0);
+ ngx_conf_merge_ptr_value(conf->upstream.limit_rate,
+ prev->upstream.limit_rate, NULL);
ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_grpc_module.c new/nginx-1.27.0/src/http/modules/ngx_http_grpc_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_grpc_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_grpc_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -1231,7 +1231,7 @@
ngx_buf_t *b;
ngx_int_t rc;
ngx_uint_t next, last;
- ngx_chain_t *cl, *out, **ll;
+ ngx_chain_t *cl, *out, *ln, **ll;
ngx_http_upstream_t *u;
ngx_http_grpc_ctx_t *ctx;
ngx_http_grpc_frame_t *f;
@@ -1459,7 +1459,10 @@
last = 1;
}
+ ln = in;
in = in->next;
+
+ ngx_free_chain(r->pool, ln);
}
ctx->in = in;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_gunzip_filter_module.c new/nginx-1.27.0/src/http/modules/ngx_http_gunzip_filter_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_gunzip_filter_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_gunzip_filter_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -333,6 +333,8 @@
ngx_http_gunzip_filter_add_data(ngx_http_request_t *r,
ngx_http_gunzip_ctx_t *ctx)
{
+ ngx_chain_t *cl;
+
if (ctx->zstream.avail_in || ctx->flush != Z_NO_FLUSH || ctx->redo) {
return NGX_OK;
}
@@ -344,8 +346,11 @@
return NGX_DECLINED;
}
- ctx->in_buf = ctx->in->buf;
- ctx->in = ctx->in->next;
+ cl = ctx->in;
+ ctx->in_buf = cl->buf;
+ ctx->in = cl->next;
+
+ ngx_free_chain(r->pool, cl);
ctx->zstream.next_in = ctx->in_buf->pos;
ctx->zstream.avail_in = ctx->in_buf->last - ctx->in_buf->pos;
@@ -374,6 +379,7 @@
ngx_http_gunzip_filter_get_buf(ngx_http_request_t *r,
ngx_http_gunzip_ctx_t *ctx)
{
+ ngx_chain_t *cl;
ngx_http_gunzip_conf_t *conf;
if (ctx->zstream.avail_out) {
@@ -383,8 +389,12 @@
conf = ngx_http_get_module_loc_conf(r, ngx_http_gunzip_filter_module);
if (ctx->free) {
- ctx->out_buf = ctx->free->buf;
- ctx->free = ctx->free->next;
+
+ cl = ctx->free;
+ ctx->out_buf = cl->buf;
+ ctx->free = cl->next;
+
+ ngx_free_chain(r->pool, cl);
ctx->out_buf->flush = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_gzip_filter_module.c new/nginx-1.27.0/src/http/modules/ngx_http_gzip_filter_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_gzip_filter_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_gzip_filter_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -985,10 +985,14 @@
ngx_http_gzip_filter_free_copy_buf(ngx_http_request_t *r,
ngx_http_gzip_ctx_t *ctx)
{
- ngx_chain_t *cl;
+ ngx_chain_t *cl, *ln;
- for (cl = ctx->copied; cl; cl = cl->next) {
- ngx_pfree(r->pool, cl->buf->start);
+ for (cl = ctx->copied; cl; /* void */) {
+ ln = cl;
+ cl = cl->next;
+
+ ngx_pfree(r->pool, ln->buf->start);
+ ngx_free_chain(r->pool, ln);
}
ctx->copied = NULL;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_proxy_module.c new/nginx-1.27.0/src/http/modules/ngx_http_proxy_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_proxy_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_proxy_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -494,7 +494,7 @@
{ ngx_string("proxy_limit_rate"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
- ngx_conf_set_size_slot,
+ ngx_http_set_complex_value_size_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_proxy_loc_conf_t, upstream.limit_rate),
NULL },
@@ -3371,7 +3371,7 @@
conf->upstream.send_lowat = NGX_CONF_UNSET_SIZE;
conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
- conf->upstream.limit_rate = NGX_CONF_UNSET_SIZE;
+ conf->upstream.limit_rate = NGX_CONF_UNSET_PTR;
conf->upstream.busy_buffers_size_conf = NGX_CONF_UNSET_SIZE;
conf->upstream.max_temp_file_size_conf = NGX_CONF_UNSET_SIZE;
@@ -3515,8 +3515,8 @@
prev->upstream.buffer_size,
(size_t) ngx_pagesize);
- ngx_conf_merge_size_value(conf->upstream.limit_rate,
- prev->upstream.limit_rate, 0);
+ ngx_conf_merge_ptr_value(conf->upstream.limit_rate,
+ prev->upstream.limit_rate, NULL);
ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
8, ngx_pagesize);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_scgi_module.c new/nginx-1.27.0/src/http/modules/ngx_http_scgi_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_scgi_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_scgi_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -223,7 +223,7 @@
{ ngx_string("scgi_limit_rate"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
- ngx_conf_set_size_slot,
+ ngx_http_set_complex_value_size_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_scgi_loc_conf_t, upstream.limit_rate),
NULL },
@@ -1301,7 +1301,7 @@
conf->upstream.send_lowat = NGX_CONF_UNSET_SIZE;
conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
- conf->upstream.limit_rate = NGX_CONF_UNSET_SIZE;
+ conf->upstream.limit_rate = NGX_CONF_UNSET_PTR;
conf->upstream.busy_buffers_size_conf = NGX_CONF_UNSET_SIZE;
conf->upstream.max_temp_file_size_conf = NGX_CONF_UNSET_SIZE;
@@ -1413,8 +1413,8 @@
prev->upstream.buffer_size,
(size_t) ngx_pagesize);
- ngx_conf_merge_size_value(conf->upstream.limit_rate,
- prev->upstream.limit_rate, 0);
+ ngx_conf_merge_ptr_value(conf->upstream.limit_rate,
+ prev->upstream.limit_rate, NULL);
ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_ssi_filter_module.c new/nginx-1.27.0/src/http/modules/ngx_http_ssi_filter_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_ssi_filter_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_ssi_filter_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -482,9 +482,13 @@
while (ctx->in || ctx->buf) {
if (ctx->buf == NULL) {
- ctx->buf = ctx->in->buf;
- ctx->in = ctx->in->next;
+
+ cl = ctx->in;
+ ctx->buf = cl->buf;
+ ctx->in = cl->next;
ctx->pos = ctx->buf->pos;
+
+ ngx_free_chain(r->pool, cl);
}
if (ctx->state == ssi_start_state) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_sub_filter_module.c new/nginx-1.27.0/src/http/modules/ngx_http_sub_filter_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_sub_filter_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_sub_filter_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -335,9 +335,13 @@
while (ctx->in || ctx->buf) {
if (ctx->buf == NULL) {
- ctx->buf = ctx->in->buf;
- ctx->in = ctx->in->next;
+
+ cl = ctx->in;
+ ctx->buf = cl->buf;
+ ctx->in = cl->next;
ctx->pos = ctx->buf->pos;
+
+ ngx_free_chain(r->pool, cl);
}
if (ctx->buf->flush || ctx->buf->recycled) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/modules/ngx_http_uwsgi_module.c new/nginx-1.27.0/src/http/modules/ngx_http_uwsgi_module.c
--- old/nginx-1.25.5/src/http/modules/ngx_http_uwsgi_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/modules/ngx_http_uwsgi_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -289,7 +289,7 @@
{ ngx_string("uwsgi_limit_rate"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
- ngx_conf_set_size_slot,
+ ngx_http_set_complex_value_size_slot,
NGX_HTTP_LOC_CONF_OFFSET,
offsetof(ngx_http_uwsgi_loc_conf_t, upstream.limit_rate),
NULL },
@@ -1532,7 +1532,7 @@
conf->upstream.send_lowat = NGX_CONF_UNSET_SIZE;
conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
- conf->upstream.limit_rate = NGX_CONF_UNSET_SIZE;
+ conf->upstream.limit_rate = NGX_CONF_UNSET_PTR;
conf->upstream.busy_buffers_size_conf = NGX_CONF_UNSET_SIZE;
conf->upstream.max_temp_file_size_conf = NGX_CONF_UNSET_SIZE;
@@ -1656,8 +1656,8 @@
prev->upstream.buffer_size,
(size_t) ngx_pagesize);
- ngx_conf_merge_size_value(conf->upstream.limit_rate,
- prev->upstream.limit_rate, 0);
+ ngx_conf_merge_ptr_value(conf->upstream.limit_rate,
+ prev->upstream.limit_rate, NULL);
ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/ngx_http_upstream.c new/nginx-1.27.0/src/http/ngx_http_upstream.c
--- old/nginx-1.25.5/src/http/ngx_http_upstream.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/ngx_http_upstream.c 2024-05-28 15:22:30.000000000 +0200
@@ -3236,7 +3236,7 @@
p->downstream = c;
p->pool = r->pool;
p->log = c->log;
- p->limit_rate = u->conf->limit_rate;
+ p->limit_rate = ngx_http_complex_value_size(r, u->conf->limit_rate, 0);
p->start_sec = ngx_time();
p->cacheable = u->cacheable || u->store;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/ngx_http_upstream.h new/nginx-1.27.0/src/http/ngx_http_upstream.h
--- old/nginx-1.25.5/src/http/ngx_http_upstream.h 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/ngx_http_upstream.h 2024-05-28 15:22:30.000000000 +0200
@@ -156,7 +156,7 @@
size_t send_lowat;
size_t buffer_size;
- size_t limit_rate;
+ ngx_http_complex_value_t *limit_rate;
size_t busy_buffers_size;
size_t max_temp_file_size;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/v3/ngx_http_v3_parse.c new/nginx-1.27.0/src/http/v3/ngx_http_v3_parse.c
--- old/nginx-1.25.5/src/http/v3/ngx_http_v3_parse.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/v3/ngx_http_v3_parse.c 2024-05-28 15:22:30.000000000 +0200
@@ -810,6 +810,7 @@
st->literal.length = st->pint.value;
if (st->literal.length == 0) {
+ st->value.data = (u_char *) "";
goto done;
}
@@ -932,6 +933,7 @@
st->literal.length = st->pint.value;
if (st->literal.length == 0) {
+ st->value.data = (u_char *) "";
goto done;
}
@@ -1072,6 +1074,7 @@
st->literal.length = st->pint.value;
if (st->literal.length == 0) {
+ st->value.data = (u_char *) "";
goto done;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/v3/ngx_http_v3_request.c new/nginx-1.27.0/src/http/v3/ngx_http_v3_request.c
--- old/nginx-1.25.5/src/http/v3/ngx_http_v3_request.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/v3/ngx_http_v3_request.c 2024-05-28 15:22:30.000000000 +0200
@@ -134,7 +134,17 @@
}
}
- return ngx_http_v3_send_settings(c);
+ if (ngx_http_v3_send_settings(c) != NGX_OK) {
+ return NGX_ERROR;
+ }
+
+ if (h3scf->max_table_capacity > 0) {
+ if (ngx_http_v3_get_uni_stream(c, NGX_HTTP_V3_STREAM_DECODER) == NULL) {
+ return NGX_ERROR;
+ }
+ }
+
+ return NGX_OK;
}
@@ -398,14 +408,12 @@
void
ngx_http_v3_reset_stream(ngx_connection_t *c)
{
- ngx_http_v3_session_t *h3c;
- ngx_http_v3_srv_conf_t *h3scf;
-
- h3scf = ngx_http_v3_get_module_srv_conf(c, ngx_http_v3_module);
+ ngx_http_v3_session_t *h3c;
h3c = ngx_http_v3_get_session(c);
- if (h3scf->max_table_capacity > 0 && !c->read->eof && !h3c->hq
+ if (!c->read->eof && !h3c->hq
+ && h3c->known_streams[NGX_HTTP_V3_STREAM_SERVER_DECODER]
&& (c->quic->id & NGX_QUIC_STREAM_UNIDIRECTIONAL) == 0)
{
(void) ngx_http_v3_send_cancel_stream(c, c->quic->id);
@@ -1575,6 +1583,15 @@
/* rc == NGX_OK */
if (max != -1 && (uint64_t) (max - rb->received) < st->length) {
+
+ if (r->headers_in.content_length_n != -1) {
+ ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
+ "client intended to send body data "
+ "larger than declared");
+
+ return NGX_HTTP_BAD_REQUEST;
+ }
+
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client intended to send too large "
"body: %O+%ui bytes",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/v3/ngx_http_v3_table.c new/nginx-1.27.0/src/http/v3/ngx_http_v3_table.c
--- old/nginx-1.25.5/src/http/v3/ngx_http_v3_table.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/v3/ngx_http_v3_table.c 2024-05-28 15:22:30.000000000 +0200
@@ -308,7 +308,7 @@
prev_max = dt->capacity / 32;
if (max > prev_max) {
- elts = ngx_alloc(max * sizeof(void *), c->log);
+ elts = ngx_alloc((max + 1) * sizeof(void *), c->log);
if (elts == NULL) {
return NGX_ERROR;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/v3/ngx_http_v3_uni.c new/nginx-1.27.0/src/http/v3/ngx_http_v3_uni.c
--- old/nginx-1.25.5/src/http/v3/ngx_http_v3_uni.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/v3/ngx_http_v3_uni.c 2024-05-28 15:22:30.000000000 +0200
@@ -20,8 +20,6 @@
static void ngx_http_v3_uni_read_handler(ngx_event_t *rev);
static void ngx_http_v3_uni_dummy_read_handler(ngx_event_t *wev);
static void ngx_http_v3_uni_dummy_write_handler(ngx_event_t *wev);
-static ngx_connection_t *ngx_http_v3_get_uni_stream(ngx_connection_t *c,
- ngx_uint_t type);
void
@@ -307,7 +305,7 @@
}
-static ngx_connection_t *
+ngx_connection_t *
ngx_http_v3_get_uni_stream(ngx_connection_t *c, ngx_uint_t type)
{
u_char buf[NGX_HTTP_V3_VARLEN_INT_LEN];
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/http/v3/ngx_http_v3_uni.h new/nginx-1.27.0/src/http/v3/ngx_http_v3_uni.h
--- old/nginx-1.25.5/src/http/v3/ngx_http_v3_uni.h 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/http/v3/ngx_http_v3_uni.h 2024-05-28 15:22:30.000000000 +0200
@@ -19,6 +19,8 @@
ngx_int_t ngx_http_v3_cancel_stream(ngx_connection_t *c, ngx_uint_t stream_id);
+ngx_connection_t *ngx_http_v3_get_uni_stream(ngx_connection_t *c,
+ ngx_uint_t type);
ngx_int_t ngx_http_v3_send_settings(ngx_connection_t *c);
ngx_int_t ngx_http_v3_send_goaway(ngx_connection_t *c, uint64_t id);
ngx_int_t ngx_http_v3_send_ack_section(ngx_connection_t *c,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.25.5/src/stream/ngx_stream_pass_module.c new/nginx-1.27.0/src/stream/ngx_stream_pass_module.c
--- old/nginx-1.25.5/src/stream/ngx_stream_pass_module.c 2024-04-16 16:29:59.000000000 +0200
+++ new/nginx-1.27.0/src/stream/ngx_stream_pass_module.c 2024-05-28 15:22:30.000000000 +0200
@@ -83,6 +83,11 @@
c->log->action = "passing connection to port";
+ if (c->type == SOCK_DGRAM) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0, "cannot pass udp connection");
+ goto failed;
+ }
+
if (c->buffer && c->buffer->pos != c->buffer->last) {
ngx_log_error(NGX_LOG_ERR, c->log, 0,
"cannot pass connection with preread data");
@@ -217,6 +222,10 @@
static ngx_int_t
ngx_stream_pass_match(ngx_listening_t *ls, ngx_addr_t *addr)
{
+ if (ls->type == SOCK_DGRAM) {
+ return NGX_DECLINED;
+ }
+
if (!ls->wildcard) {
return ngx_cmp_sockaddr(ls->sockaddr, ls->socklen,
addr->sockaddr, addr->socklen, 1);
++++++ nginx.keyring ++++++
--- /var/tmp/diff_new_pack.yJ986f/_old 2024-06-04 12:51:10.355916880 +0200
+++ /var/tmp/diff_new_pack.yJ986f/_new 2024-06-04 12:51:10.359917026 +0200
@@ -1,115 +1,66 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
-mQINBGYXyiQBEAC4jm1y+ODV4+YDGj9vp2BgHB4FJeQdgrBiVX+Mb2qCrEqJgeKV
-fVwKjkVYqnb76TTybdOKqCP5wdQrncKAKlXsMq6sdsiwPSrdRcjkeiE29WWrtbB4
-i+VObnoWklMblMxFQ1XQIkjs2wviidKjJw2VV3i4XnLSrHhWaWqviTLZCMQymoPs
-F+Tfu1WX9OUfOquekZ5KjkyBxB4ep6+NPeuIkPnW0SiTUhU8tbi8v0aBZEHSZLqE
-mq8KLROVuYSPvtU+NtaXAM09BHEVCfb409aDps9p6AFT+IN8yoOegGdEZjp6hJvS
-HxbhuwqNEtg4dTEV515YUCgKabqU1QaqI/Y0+Pdkpep1KRFc9YUYttDkCw7Ybu2u
-fwTGzwAbD+ThAIOdzmMDodzZaEMf+9fQG4bnO1PdNbXzyP7Kv9qzGa65+9oGCPOS
-qTpISR8pvzoI8w/Z/vG71ob/nQ6Xm0L986ksErdGhu16ZI7lW2eDYqy2IoFfbeSz
-HHxk484/pEibrlCRbP2Id+zULfxo1HGOGg+PAY9Q2uNzABsGDMnOhIvXHS+hP7oB
-sO9A4Prqu6K6cMp3QI219tmmOUegJpmGGPzoNgxR7H30wNcjZPv4PWr/c0fP70Ny
-ilgbdcEMDSHks30AmiuIvcUxo3A21p2nnpxsKAKYx42UJkyEK0HILMzcqwARAQAB
-tCZSb21hbiBBcnV0eXVueWFuIDxyLmFydXR5dW55YW5AZjUuY29tPokCTgQTAQgA
-OBYhBEM4eCXdsbuX7Da6XQB8jXwV2HNpBQJmF8pXAhsDBQsJCAcCBhUKCQgLAgQW
-AgMBAh4BAheAAAoJEAB8jXwV2HNppvQP/AjzdPKkGRzJkb1ioto/IEP1YhA/Eayk
-hvejJ0vyWVHXXH7FLW9fIZoApcsD1J8/7zIANm+62IfT3QNbL2R44IyhJB3AY22l
-t0ToLxodfugegF3NPYYyFOSRUoPD4g2T/dMCPOBX4MNEAnAlCmxAMaJNmQUO76IY
-GwELa3CH3Aqf7bthKy8P36G11hu7NgH6V9mVIRIpfnfpXFQIztj+vsWtswu4M5t7
-BNJwx4a2KTCVQpTdff5/0dO/5drQDxLbIg681WZk3Oe8Eu6nSc0Ud02NIkg1TQH/
-MryAp7o/ua3LRem+W/cktnT60p4uXPVZ3Rvg3zOmJSNJ+eIXY2+sDeZEPaROKldA
-IbnBacTsZjdswIlrbzinY8ZVRosaFlvHg/ESTBRItALHWCRdzOR1Wv1qy/PQfEEL
-qftDsCTQhssP1MHJWlejeqPlND3iT2vBDeOxqd6WhKuAc+L04iyBB6p867pwrgDF
-ecg82DPehsAnO2XBAFuIE/SLewkYm0B9HK7/J4LZqPwTAksPf/dnbMAmHWoBDqsu
-4U4U4SsJKsZ87R9ao8qO7IWCzHrXavHFmnbqweFfHToeKF/L4PB+tYoW3YmUOged
-CglpJv13bNWmRwL7+x8b7BwpVwClxHBHteDX4RIN5iPH9h20J4jIpzRa1kNJsTu1
-v4ZkqLWJlkiiiQEzBBABCAAdFiEEcziXMGntP0Q/TTffpk/VsXrbOagFAmYdpjsA
-CgkQpk/VsXrbOahISgf/U7ZO0yK0PsOcAFTB0TQBCNsAhxtJAEJoVoweuYiLk8jR
-0OeDRCy0BC//qWDLFT7NKuP50SM2u0Csbg+n6b0bdy+vXbbGVzIAYzG09rPYe2Q5
-qwqyAx+MMzyICXul9lGNU2qN2qjUXMb0mCWUhxwMvzRUeS7shT1CBhGrnpoYkY56
-NhWj7iG1BbLwYVQzDZC/Rp6rvwJQgZo7+DjaMjryGAEI0ujpUp8ywrPaJpwIuXDI
-D5BhcyUaEd3XOondHQNedlgERXHT4pN+oNMPWwN3+DeQYLS3FHiqyz05ZvoeWnao
-A2/fWNA+BqIdjilp/TDDI4Ef7c9hp13weaZggYB3M4kBMwQQAQgAHRYhBFc7/Ws9
-j7xkEHmmq6v1vYJ72b9iBQJmHabkAAoJEKv1vYJ72b9iDgoIAP1QJjl4ynLAV9Bo
-Ol4AAzxZ3x/2NEgLSnjLfhb/OduDxQlL9oPulWoLDG41xiZJkepEnQWmSsIYF6Xe
-RsAB+eREU2uCxqCvBXpyIs5npXvVDV2/PQuVEop7HByx6Hjr9XK8hugihnEi1p+9
-Ecbu+89fi93m3C/5uIIil46cHByjRZ+5Yy1UFUB/wsYud1qMcYmvDaqEo5AqWNcM
-gWUFhUfgGTtBbyvIWTeX0NHnrbzHP7lhmPfWsfOjAtO8PpM8Gz5RdNRq44DdRKdG
-uWVby/kni868H+8/tHalDR0I9/Mmg2Uax0eggTVpECv/4+xBduqSB2iPwgRnSzhZ
-6SVKJvKJAjMEEAEIAB0WIQT5TVS8DF1qZBfIzz/oLBEYr5TfbgUCZh5KVgAKCRDo
-LBEYr5TfbitgD/wMamMFfFZnPS7JS1NWEMb5fbhHob1EkmedIpbpRDXUtj0ksehW
-ZAEpmVF9btqS4B+B9tSK1VS2sy4XwEGodNVSGxdtF9W8+iAHAb6Hq1Z7ifWyb991
-Kt/pVk/8adxlU4G8h1fq0idhpnI8KvkAlPJR7+PoJOEN1+VdHS6tkE5LMTf6dF9F
-iVxKQczOS1b/GmfL3kYfu6UvI07ZuaP+90mOt/TZTwkzsWjRY2vofCIPSDY94rLj
-m6PmVFoU3PHLKW7yDz1YXkVE6SgQYGZ2bqB6OHJZnDXUTSHncHTbDVzZQekIs1lP
-V6e5N8Xo/VOpv28feKAsBqQ8ML53djmGUL0azjEz1g2kgPmTuZdKzZ5kcUsULdQV
-aRKcfyYD1oRpwwlw9GJAxliJHck1IdGGaCslrHtzkh3RMULlloAYitzD9jtKsrOj
-R19s+JK/tIfFZZ5gR5qhzgOL8WgkSrIaq2o9R4sigBz1IxnXXC573RDA2F5FAeE/
-K6EmAO+BqVkImZcmP1JsLtr+OM+jihXIILACEJwhOKPtZth9zrLYkXWB1nCaDxHp
-XEUpp6UPCQNgNX8NCghnJr5gis/SmYppgFlO9R9yZ7/LtP0tUX0CmhOeqGMnHt4R
-F8n8D7EBwMWvWjlUbsDkMKX4JORgojguHJZciWQC1gVRwJ0iTH/ImtzDnbQhUm9t
-YW4gQXJ1dHl1bnlhbiA8YXJ1dEBuZ2lueC5jb20+iQJOBBMBCAA4FiEEQzh4Jd2x
-u5fsNrpdAHyNfBXYc2kFAmYXyiQCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA
-CgkQAHyNfBXYc2kRFw//VFuCnW3EwoLCWWgWCikgI9kbVDr0/Qiyf2Gb9sfOyzBN
-q/+ZGjTs7EqTHbYUiCTgjy8t0SNKizoCXjSWLToTAXhOeTY3wDuHkdc3C2OPMPgm
-HPGmdnfplmsZjj689sy0MTnlLmU/87texR/f3REAKtchVjo5AojuZxXJi+ryBvoz
-KXi82M1JaYlIr15T+OiRtfZ3cgfTkb5CRa0YRV7QQ1zhOiF0AFKVVikFwRuquphT
-y2cSLILLzOpwG/CjMJzO4VOASmGJmdicIfYSsZSzz37RrcfeYwR6quJ55Y9QF9IU
-fg5AHWufpXaf6FbMsW1U1mOq0tMvwvdcO+u5I5SBj6IkqO4zavmW/i5zkxaq96wF
-Qn6+oRkqHnNNn0hl/B4MWdEjDJsaDXfkQ3Snn4Bfl1JPT6cH2NDVYQn1siIOim/W
-G5lhGLNB1TOAVLHblQ2xILadK0T33y6lfRUV3BOW01BDoF0ndyd7LjG5Di/cjfSo
-1hvhTkW7QJGfzVV4IAAxEyHKlmgONfggZoplqukuPsq7eNNRPhvlZq632QXIqt6Y
-xE43Nk0O41rX/tWtB7eNcPvfNOc+sGljnCSwpRWyx9xO7plELVD9KdtcyHrIgora
-Flh7KsSbppSQ/iUKRNP+lfCQsMa1yrnQyxazss8OGlB7YpUJL4trQW35f/jXFD+J
-ATMEEAEIAB0WIQRzOJcwae0/RD9NN9+mT9Wxets5qAUCZh2mQQAKCRCmT9Wxets5
-qPBjB/0SDkET7h/Vw2PJKxuYujsL+tn3SKXshgyCM2u00njJM9TqpZbZV681unKM
-l8uHtj9b0Z4U0nHoNEC37wI5FJlxy1hLBw5f2fd/yi8LsD1KP2htjMUW+I2xjcdo
-FusQsIF0s8SyW1DZ3vvN2WcZpKHwub1sY9ZFBfxRc6w+33N4dJwXVXP57kj3Ci8j
-LDLfkaKyiuYgMtFYZiKKX0tfvaM5pXxLvLOzma9vwfjIMIllooZHDSI65jrbmMv0
-rfDKOX9Ws5Xi8n85jq6Oyq28QPLZUsmymCbhvBwq4FcdiyTl9sxCY4HLq0MzmJJ5
-DMhlFd2Ds3BopFTWCB2fvYyVoXRaiQEzBBABCAAdFiEEVzv9az2PvGQQeaarq/W9
-gnvZv2IFAmYdpugACgkQq/W9gnvZv2Jk4Qf+N0P/7FIHowlO01XmBB5KaztBmVb2
-Tj+jtYgPDHRf86O0kW40Rjx++zMlIRNWK4Ue5PKAi82Yue5uvZcVlpWpx/sMvL+N
-C4Xds3Q3qnkxkoemoIMqUKGvePjBpyUWArBkBQ3FrvZtywnzyFWNrvOpeM+5HIuz
-WBri/SHBHzQm1/Jl2r5pHcbUdSxB2o1v3f+SaS2vGxwigIf8v44pRfyeWgkoxYgN
-+2zR0Ing6URZCYkAbwILsmmWGxJIuq+N9Xs1CQ1WZd5S78p/JBMDQ1prUDLCLFMc
-AvlZpQ0HvzEbKGiIVNa1LEQRF4ZWjQOHaPJhg/D3r/Q7VaFlgsOqrwtQaYkCMwQQ
-AQgAHRYhBPlNVLwMXWpkF8jPP+gsERivlN9uBQJmHkpZAAoJEOgsERivlN9u8fYQ
-AK0s0CvQNTXrg/Oe92Ajj+CpFIGhEUgXsufpg3OF+4doXOoRrVcv6y/0dGC+u899
-Qiz5rzP8JkgT3Bvs/oFbQnESX7zob/GuBiRAnaanQQGjQsc8tXUcIgIB8vZI6Hxr
-BZYyjXMrc1fAp1zy6F3YfVtjntp6Zt740zlcFSHPL6pKeNC8lCas7f7EPGm9ERlf
-XvPOsMyKVDRTrtYVrQ17pgmWzMFl9eYzAV81X/cK7O9BmTvLb9HB9THl9QM6iKWd
-UPNNhMseMA55i1y1trvv2rQSP2tm7xAijlffNu/LHyVjOJA+63rk9JqpQi2O/sI6
-naCZ5kLky3+OisbzJLtsIv3KWGF4jnpZJwPI97UbRAxrBCPd8BDXW06qQ0xfF9GA
-sW46IDnf5uNV5Fj9T1IhZUUCU6XwwhcTENwcaJ2hubPzW19gvxieRpxdvnXhjUxR
-UgqgFjtlpyBSABYr2REiaBTHkR1qVMa8tThpSyzfmfBNe9chBGQBdDMzTTUDf4dU
-cw4UGGPXqrBEapleoZBszXLrZxQxCNmLGFBW3vcJDfRRTvg/OMCIwD72kfd8KY1t
-SRRi5vQ3CvV8E0EEXshjxVk0fwS+5muM1thWZM4xCSgyH6Ka/5biMeUv1VNcKJne
-J51xs9jfS/JltrT/ahWG4J9msJFtmYyrLh/nMxccXK75uQINBGYXyiQBEAC5tT5O
-uysy75BcwAg8jIK+Cw6hNy+riOoCIzsMen8ps4tyDFLmRdpJmVOpmtvESaix2MHf
-Hc/t9hOsQ8LmF3kDG/JisDXcB/v28EOiDpp5Ug/5UOFBnbu4DkxbakJF8KF/rQ9t
-i29lt03saGCf2XbqzTLI6FvZ2TT8hDwAZF5aOtDEHV3ChBPn6gplnJADiZ9DioMZ
-ji1HnL8Zu4IYHMNOgpxULi6TMhBH/MkHbyycOdt/EsQFamnLGeV8KR2fubYjrpbH
-pLZzSRepQyvKIhHAFj6DUeDyEt2XAitxI8YI40IVO75Zu8ZZq0qYGML8Am+t6ZjJ
-3ZR8/DWjxRUYeo+YVEe5f+oRl5GRNkLtGvTAD38Nb2/7SUYdSXA3y3Ocfo/bySwa
-qggeFpDqK5eHXmrO4hvRqYoEyNyW4VQlGyvYq4s2cLeCF/S2w6dV8OFsksIoq8uq
-R1/IQ8Bonsf7iAYpsMAZZOGKiJzr01W3GA4Ka3B/MmZP5CysUhFlFxMsDr3/TWfg
-p3CHd5yGAnuWWWkjqVQzx0tcub3gyDsHCPuws8P2OKJ2lzNPqpp08MjYMMRZb4Y6
-9REXkKw7kXU8zM5+1IpW2U+z83NU86QR08PTpjATz05ltdGqF82Z+Ygl2nav8oqV
-RqNd/k+WE60e1eJmgykjmz6nPbm0S2jt1C7QLQARAQABiQI2BBgBCAAgFiEEQzh4
-Jd2xu5fsNrpdAHyNfBXYc2kFAmYXyiQCGwwACgkQAHyNfBXYc2mTihAAqB+sv9lw
-kRorE6iXwvvj2Dt2iIy7jc1AhZQOH/j7B4GHpV3Ej/ptdUwuzj/aX5EnEeDPZ2JU
-sSKy2q0RpKGKdKOvgy5yVfd8xqujkawXv26QU53mgyfgQCZLhFFhq0MIAqnxPb8h
-SCQeol18Wqs++LjeDMwkgMrHJeNhW2U2llqTS37YfRMOo0Vr022ZHlMlkyMz1sQH
-+C2/nzmmtkI4+vlPeccoN+3239YzndW1+XM8S3dXNcsGTyLAbkCowfpuqQdIP0MY
-lBwx/Xj9fxBNAuqGVCjrjGMg7mozMkeCDzrAoZiaD3Kud8zSs9VpAyAymrPQJSSS
-96b+vr2mDKbV11QJeJZv/d02n4JMjK7Ai//3j/TqkJF4UoYH45g5hvGSrym1UKrf
-n8TqHdtTFjcxAMXLbWICHdDk7/0ole8Bl8csiSHyKy/sGJ0b/7zcB88CS8OfsR3C
-OanK13emeD6rHOp8wEWA1/PA1JoAC5suS/uIgPWa5ujLaViJ9pW6ohfzMqOtLABF
-BB/FgD/qgPF+uTPPLQZw3XO8Q61kFq6x0RJGNgBEOpseounx+T6FCxZqrvjWm/WK
-VQUiRBtJIvD7Z8UCP+NUzdj3hwLAXpXrPz0gkcbI+hdlTJHCC6i61Qf5OIWnhtw6
-kZv2zEcTtzlAYNEumy8KrJzICmPLS7BEC8w=
-=ilJ3
+mQINBGKE4psBEADpHSM/IxFD1nXBmnODYXzcl2A+6b6m9m1m2Y4Dlr0ed+y5Lxne
+QidE9I74A2KSm6+eHW2yh4i1ZwZbmwpmQqM+j5BMt7axoXOdKSyN+fYtUakzNbBN
+EDRKT79q/zIzkgTJradHkCQkwF1W3go+qPXjR2ZEnLma9dZED9VNI6PmOpeYaASo
+IkEfbKbwa/vPrvnDSSYY6Y02RXSRk5U1NvQgVUTJP9WGK7NlPUcTBDELLQv6fFPU
+kjBOel6MecsQ+v8iq4RJF2cbVF0hNjbAiNldjLV74Xd7yWVRlCbdb2agyvQjMNrD
+jHSvbEMiNB3R8yBHVW2Zldv8q0XjcwoDfdiZYFJe3lRUYmv6I2p+/DptD4r/3ILI
+peGZtSeOdQEw+vvODL/Ehq03anTrzcpZ6sDLfLrYJhYcrltj0/LMUnLDAjciwRUq
+XI46EfxwqsdLeqoZFQeO3LOFsh0kJKR2xOrUHIVy84NJ4Gmro6WmUkb1NfdjyHzF
+z8Lfbo46NKoTcwFsFF0q74jVVIVNUyIS91DusiMqLCsP8jqDOz/kyP4bOJQ+aUXf
+BANn4Ll1TFWsJ417moxz+Pi5sTaI0na8z2XB1N9WPsSml3FS75hJPJshN2T3VIea
+zB7GFWqk33ynSDt+cAisG5nsK9fFdcH+t5wm59oobyFbFhKxwX6ROuxlZwARAQAB
+tCRTZXJnZXkgS2FuZGF1cm92IDxwbHVrbmV0QG5naW54LmNvbT6JAk4EEwEKADgW
+IQTWeGzjA9mpAimY3GzIRk1UmvdcCgUCYoTimwIbAwULCQgHAwUVCgkICwUWAwIB
+AAIeAQIXgAAKCRDIRk1UmvdcCqbOD/9Htgk3mWvUFmrApkWQTIDNmLACZ1Sw1PXj
+Uqte8StYB0bYY+nmAXs7O5eC2h1ViParl7En1joEEMQQmH0qSnw4X1CM/hA8TAYW
+mBPITTNWo/R52WoyWeWGFnFNIperQmuIZc+pXm0VEFVPiX/2DXbCIu+jaXySvlCN
+LekmOD4VC7dJS8/ohoaXOR2T8ufS+1CsyPXomEb+COhqRZ3EVBa+k7pnElkFft3Y
+a1fR0AgatZFQpy+ukePhK7s/M5RGhDJWHgSAZFkf+X2jVV4NRJ+XsY80gU5DD2ZX
+QT6Je6Knxqk7FnWNSxkhReH6Ss5flZSoGDCmJ2AsPtGeUhus2fGqeN+waGKTZC35
+die2V4/cro1SWswSI6Y5GFDZT1olIUztPmSXU/A3oyizJI7XZybwUbpk5kK83VXm
+el3U/7Qr/VErlDWFefZWeUvT1RILZ8IRoNj4dv158RnKHt9G508A5qz4hUPKoSeq
+SiXhYwfkc31WPzIJ4ev+X5Ka2sG/CKbEMJ7qwc0Kadiu+ePPfqqbXjpTWRyrbcRM
+hRNcLNUi1SLWMBClOQG+5GNG1dPPHkbj4dO1OZuaUMwQdu8R8NlsGoVWS40bmVv5
+pXstzYCl7k/UnC/Ytlq61GeAoq8ILa6jGj0EWqlhvi0ZNMN+fROhzrRlTzIr/+WE
+Xf8EiVNFSbQlU2VyZ2V5IEthbmRhdXJvdiA8cy5rYW5kYXVyb3ZAZjUuY29tPokC
+TgQTAQoAOBYhBNZ4bOMD2akCKZjcbMhGTVSa91wKBQJihO2zAhsDBQsJCAcDBRUK
+CQgLBRYDAgEAAh4BAheAAAoJEMhGTVSa91wKgLQQANaf4UMndkWoefDQPkJ5qR4K
+fuV0WRz59riZEApTkVpPXzl8Y1i8Rgt9pa1v1i12vPyIXKav1rJXQcuDEzqrhQ2G
+yvuAE2U/t2mYaMUmwxWO2d8JA3slvBSgOkiYpbLooDizAdKMT5UQWGyw31Wm51iz
+HjoztebsyXeXgq9VDjv3D8LUBr/OY3Hguj6HV+zRtC95qgXYadW2FiCtvBK6RTDb
+iShTuseLSheGh9dZIUSnzaOiJpDA61ZDYtFZxSpe67vEzhSfHVsF+ZdCjoWhhVv+
++2wR4E0VQQtOM9uX1PMlZ5Ymr02/gidsXCM0ZjYXx4cDDhnq+nKomN64VloXWY9t
+PIi86XmzcSWlGUd+Ac6LyW7/f64bUWs4Ih0Idl0PF0sAr/6axKUsIs1nbn5MEtXk
+ZPAjcDLqLb9IIQaXRurm/il8v+bLXVBOJq33YUuGRuz8pu4vPA5Q97zglqhlIgbu
+prHMJ9hl5q39JwS3As2rK0o6Q9VVKr29rqSEfk4wEttvk0QMMU5zEvVl8MtqPj42
+qURqpHOadFbYMTwhUmRBUszRZPa5/pWqq0gWOtpyCWFVAsHFWQGJM1Eo6gGEyHZM
+YgBp+d29p2p409r1+06U67GBnXvUy0RyIpkLQtU+lyOJ6vvrBmmsDs/gc69GnlSC
+tZmCt0pLesJ7ZJzGdDkduQINBGKE4psBEADQr/enuDeVT11v6ejuYrg7aaZaGFUe
+3i28bQ4pRUKNfxs7zVYDDHi2i2bhS5j2yQnbsQtGcgoenw6lapmdQRzr4vjQAz9o
+kT6l4qpqvFFQM0wZTnigVDmmO9vTHR8Uk3iCKTd2ax3oko/xPWWYJautJ6ex8cOA
+coHSDeOjuIWSxCKq0BDFp6LoxkM8nuyLAX2cbhI3LncaZhVveMeN+Fmcsv+WpkKs
+yhX92umZuGwlraSyFy23FiRWSZPu9qVIxMMHvVrQJIgfhyWaHFzoF4M4qDoSKx92
+uWfUWgFwPOxOJ6/YcPsX4T8qTl9htmwPN0BibPTlcWaIFXtiU5bE1MivUPeACrI/
+gwUfCR3Mg+GYc13C6jzepREUhI7PLi3+A203PlMZd/aaSZkP6j+h4cwdapH5P4uF
+7T1EQ0MSdx3neAvu5p0IM6JpriwxfT3HsG+Y952T6MIeXcjNRebsBrygJhJ0/vyr
+wV5t8jL0yQty4CiE/QFnBs42l+rngi7K7Y1AZRBGK7JA09XaoLrfLmS+PrbYPsaJ
+flkM8GzUB7BBCLozxDHPzmPkf/A1w3XHZnYuZmS+pvjWCIoKpLQHI99oSUGho/TR
+gMRO4v7EAzluqCiepMl0xwFfHB115ND/mATazc4Pt6FxUsqffzfZrN01e1UVPrp5
+4x6YLO80JnOY6QARAQABiQI2BBgBCgAgFiEE1nhs4wPZqQIpmNxsyEZNVJr3XAoF
+AmKE4psCGwwACgkQyEZNVJr3XAp9ghAAgCgErxQYn/Lh/mzsxYXPnisggcBpceks
+mGw7knj1EGkXqq9CHn3EjCw8dB5N857UFlUr++DHwpFL5O36PRQo33RIUFbmBypG
+8C/xX1jWGu3xcaqS3P1ncsSSl6ckdvy9pjMxThm/RkXO0eJCn7FcanwPJXEB3Pbb
+mm0wLI2OXl/m7l5QAr7kErnPvGNzcbX6G35Q/MY8mumBWQ9H53R5ZPpi+OS40Wfn
+pZNKdh/Acwa7+2RokPqoOcJfxVdBOUigXTzb45qZgqEsSR7bkZAy2E80A/sJKPqs
+OGjp9cog3rBYyNBn5dasfR9KeBtluKnjUbzutXsQoKUSECY00YGrtneSXMku5hoE
+Dguk68w/L63ZApYHO/JTgJAYvqPOErAVUegPIw2CT1/2qi5vpClBcKkNS7RXrssA
+X+lElE0zbzX3bNG+lQuXby7jNUFYltkEiz6vTtc4HuHy8u40DHMswzkoDr0T8IE0
+7ZRAWXwV1nlA/dI337cHCsWMJyqem5wZZO13iqe07qaCg1uvBPeqDo81hOCn1us7
+l5SYRUTlt7KSFEHZ+Sx4bmVneAuRi5okaQdmrepy/ss/vVpRwWuQxsPkvT8boS7s
+mqOVsZFcNOuUJPUyOz1dHUL6FMYpk1dw+9n41gO4fLBzJekFTB/fxL6SRbYFWWn7
+x0VGHDmuaYQ=
+=HmVo
-----END PGP PUBLIC KEY BLOCK-----