Security update from 0.7.62 to 0.7.63.

Illuminate http_image_filter module.
Merge extra patch for fancy_index module from www/nginx-devel.

<ChangeLog>

*) Security: now "/../" are disabled in "Destination" request header
   line.

*) Change: minimum supported OpenSSL version is 0.9.7.

*) Change: the "ask" parameter of the "ssl_verify_client" directive was
   changed to the "optional" parameter and now it checks a client
   certificate if it was offered.
   Thanks to Brice Figureau.

*) Feature: now the "-V" switch shows TLS SNI support.

*) Feature: the $ssl_client_verify variable.
   Thanks to Brice Figureau.

*) Feature: the "ssl_crl" directive.
   Thanks to Brice Figureau.

*) Bugfix: the $ssl_client_cert variable usage corrupted memory; the
   bug had appeared in 0.7.7.
   Thanks to Sergey Zhuravlev.

*) Feature: now the start cache loader runs in a separate process; this
   should improve large caches handling.

*) Feature: now temporary files and permanent storage area may reside
   at different file systems.

*) Bugfix: nginx counted incorrectly disk cache size.

*) Change: now directive "gzip_disable msie6" does not disable gzipping
   for MSIE 6.0 SV1.

*) Bugfix: nginx always added "Vary: Accept-Encoding" response header
   line, if both "gzip_static" and "gzip_vary" were on.

*) Feature: the "proxy" parameter of the "geo" directive.

*) Feature: the ngx_http_geoip_module.

*) Feature: the "limit_rate_after" directive.
   Thanks to Ivan Debnar.

*) Feature: the "limit_req_log_level" and "limit_conn_log_level"
   directives.

*) Bugfix: now "limit_req" directive conforms to the leaky bucket
   algorithm.
   Thanks to Maxim Dounin.

*) Bugfix: in ngx_http_limit_req_module.
   Thanks to Maxim Dounin.

*) Bugfix: now nginx allows underscores in a request method.

*) Bugfix: "proxy_pass_header" and "fastcgi_pass_header" directives did
   not pass to a client the "X-Accel-Redirect", "X-Accel-Limit-Rate",
   "X-Accel-Buffering", and "X-Accel-Charset" lines from backend
   response header.
   Thanks to Maxim Dounin.

*) Bugfix: in handling "Last-Modified" and "Accept-Ranges" backend
   response header lines; the bug had appeared in 0.7.44.
   Thanks to Maxim Dounin.

*) Feature: the "image_filter_transparency" directive.

*) Feature: the "image_filter" directive supports variables for setting
   size.

*) Bugfix: in PNG alpha-channel support in the
   ngx_http_image_filter_module.

*) Bugfix: in transparency support in the ngx_http_image_filter_module.

*) Feature: now several "perl_modules" directives may be used.

*) Bugfix: ngx_http_perl_module responses did not work in subrequests.

*) Bugfix: nginx sent '\0' in a "Location" response header line on
   MKCOL request.
   Thanks to Xie Zhenye.

*) Bugfix: an "error_page" directive did not redirect a 413 error; the
   bug had appeared in 0.6.10.

*) Bugfix: in memory allocation error handling.
   Thanks to Maxim Dounin and Kirill A. Korinskiy.

</ChangeLog>

3 files changed, 38 insertions, 9 deletions

diff --git a/www/nginx/Makefile b/www/nginx/Makefile
index 5c80a06845db..08ebf920e3f3 100644
--- a/www/nginx/Makefile
+++ b/www/nginx/Makefile
@@ -6,7 +6,7 @@
 #
 
 PORTNAME=	nginx
-PORTVERSION=	0.7.62
+PORTVERSION=	0.7.63
 CATEGORIES=	www
 MASTER_SITES=	http://sysoev.ru/nginx/
 MASTER_SITES+=	${MASTER_SITE_LOCAL}
@@ -25,6 +25,7 @@ OPTIONS=	DEBUG			"Enable nginx debugging" off \
 		HTTP_DAV_MODULE		"Enable http_webdav module" off \
 		HTTP_FLV_MODULE		"Enable http_flv module" off \
 		HTTP_GZIP_STATIC_MODULE "Enable http_gzip_static module" off \
+		HTTP_IMAGE_FILTER_MODULE "Enable http_image_filter module" off \
 		HTTP_PERL_MODULE	"Enable http_perl module" off \
 		HTTP_RANDOM_INDEX_MODULE "Enable http_random_index module" off \
 		HTTP_REALIP_MODULE	"Enable http_realip module" off \
@@ -161,6 +162,10 @@ CONFIGURE_ARGS+=--with-http_flv_module
 CONFIGURE_ARGS+=--with-http_gzip_static_module
 .endif
 
+.if defined(WITH_HTTP_IMAGE_FILTER_MODULE)
+CONFIGURE_ARGS+=--with-http_image_filter_module
+.endif
+
 .if defined(WITH_HTTP_MOGILEFS_MODULE)
 NGINX_MOGILEFS_MODULE_VERSION=	1.0.2
 MASTER_SITES+=	http://www.grid.net.ru/nginx/download/:mogilefs
diff --git a/www/nginx/distinfo b/www/nginx/distinfo
index e86d2a56cc89..023bade2c1e7 100644
--- a/www/nginx/distinfo
+++ b/www/nginx/distinfo
@@ -1,6 +1,6 @@
-MD5 (nginx-0.7.62.tar.gz) = ab22f1b7f098a90d803a3abb94d23f7e
-SHA256 (nginx-0.7.62.tar.gz) = 60ee0e9f7f43a7387fec7752a47ff0d06166d2a37a6ad4cfe7aff77162378d2d
-SIZE (nginx-0.7.62.tar.gz) = 595995
+MD5 (nginx-0.7.63.tar.gz) = ddbdbeca5206dcc0cd7a4d9cbac00240
+SHA256 (nginx-0.7.63.tar.gz) = 06c1c61e1df3e4b56fbeab29eee66fe2b19bfe9eef20fdb484b2adfd8c1074c8
+SIZE (nginx-0.7.63.tar.gz) = 600683
 MD5 (nginx-accesskey-2.0.3.tar.gz) = 9b5304346d5139b1841f5baa01ab0cbe
 SHA256 (nginx-accesskey-2.0.3.tar.gz) = d9e94321e78a02de16c57f3e048fd31059fd8116ed03d6de7180f435c52502b1
 SIZE (nginx-accesskey-2.0.3.tar.gz) = 2632
diff --git a/www/nginx/files/extra-patch-ngx_http_fancyindex_module.c b/www/nginx/files/extra-patch-ngx_http_fancyindex_module.c
index 0fce6e00699b..2b7512e39db6 100644
--- a/www/nginx/files/extra-patch-ngx_http_fancyindex_module.c
+++ b/www/nginx/files/extra-patch-ngx_http_fancyindex_module.c
@@ -1,6 +1,6 @@
 --- ../nginx-fancyindex-0.1_beta5/ngx_http_fancyindex_module.c.orig	2007-09-29 01:02:05.000000000 +0400
-+++ ../nginx-fancyindex-0.1_beta5/ngx_http_fancyindex_module.c	2008-08-11 17:33:42.810249087 +0400
-@@ -290,7 +290,7 @@
++++ ../nginx-fancyindex-0.1_beta5/ngx_http_fancyindex_module.c	2009-06-03 16:41:36.000000000 +0400
+@@ -290,12 +290,12 @@
      ngx_http_fancyindex_entry_t *entry;
  
      off_t        length;
@@ -9,16 +9,40 @@
      u_char      *filename, *last, scale;
      ngx_tm_t     tm;
      ngx_array_t  entries;
-@@ -426,7 +426,7 @@
+     ngx_time_t  *tp;
+-    ngx_uint_t   i;
++    ngx_uint_t   i, utf8;
+     ngx_int_t    size;
+     ngx_str_t    path;
+     ngx_str_t    readme_path;
+@@ -355,6 +355,15 @@
+     filename = path.data;
+     filename[path.len] = '/';
+ 
++    if (r->headers_out.charset.len == 5
++        && ngx_strncasecmp(r->headers_out.charset.data, (u_char *) "utf-8", 5)
++           == 0)
++    {
++        utf8 = 1;
++    } else {
++        utf8 = 0;
++    }
++
+     /* Read directory entries and their associated information. */
+     for (;;) {
+         ngx_set_errno(0);
+@@ -425,8 +434,8 @@
+         entry->dir     = ngx_de_is_dir(&dir);
          entry->mtime   = ngx_de_mtime(&dir);
          entry->size    = ngx_de_size(&dir);
-         entry->utf_len = (r->utf8)
+-        entry->utf_len = (r->utf8)
 -            ?  ngx_utf_length(entry->name.data, entry->name.len)
++        entry->utf_len = utf8
 +            ?  ngx_utf8_length(entry->name.data, entry->name.len)
              : len;
      }
  
-@@ -563,12 +563,13 @@
+@@ -563,12 +572,13 @@
  
          if (entry[i].name.len - len) {
              if (len > NGX_HTTP_FANCYINDEX_NAME_LEN) {