Welcome to Centmin Mod Community
Register Now

Nginx Freenginx

Discussion in 'Nginx and PHP-FPM news & discussions' started by buik, Feb 15, 2024.

  1. buik

    buik “The best traveler is one without a camera.”

    1,944
    507
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,620
    Local Time:
    12:36 PM
    After Angie, another Nginx fork: Freenginx is released, by former lead developer: Maxim Dounin.


    Also the same reason why Nginx has been almost unreleased for years in terms of features and options. Since most of the original Nginx developers are out (Nginx is originally a Russian company).

    One point of surprise, though. Maxim is now using the name ....Nginx, which is a brand name, for his own company. He could get a problem with that to Nginx brand holder: F5.
     
  2. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    Wow sad unfortunate situation [nginx-announce] announcing freenginx.org. But grateful for his dedication to Nginx!

    Yeah tricky situation.

    Thanks for the heads up. Busy with client work so will have to look at Freenginx a bit later. Looks like Freenginx code right now is same just different download urls and Mercurial source control repo. So can add optional Freenginx support to Centmin Mod just like I did for Angie Nginx fork https://community.centminmod.com/th...-that-was-forked-from-nginx.24378/#post-98352
     
  3. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
  4. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    Looks like made the news on Phoronix too https://www.phoronix.com/news/Nginx-Forked-To-Freenginx and their comments https://www.phoronix.com/forums/node/1443374

    https://www.phoronix.com/forums/for...b-server-into-freenginx?p=1443452#post1443452

    Knowing this info and why Official Nginx 1.25.4 was released today, I'm siding with F5 on this as I would want to know of security bugs even if Nginx HTTP/3 is experimental code still. Would also make me cautious using Maxim's Freenginx fork if his philosophy is not to assign CVE security labels to Nginx code that he thinks is experimental
     
  5. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    Added to 130.00beta01 optional freenginx forked Nginx support via variable FREENGINX_INSTALL='y' that you can optionally set in the persistent config file /etc/centminmod/custom_config.inc (disabled by default), which will have Nginx version build tagged with -freengx :)

     
  6. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    More info at Nginx core developer quits project in security dispute, starts “freenginx” fork

    Also comment on ARS article from a person familar with CNA
     
  7. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    Freenginx: Core Nginx developer announces fork | Hacker News

     
  8. buik

    buik “The best traveler is one without a camera.”

    1,944
    507
    113
    Apr 29, 2016
    Flanders
    Ratings:
    +1,620
    Local Time:
    12:36 PM
    Very neat what he did those 2 years. If I were him I would never ever have done the same: Being fired and then continuing the same work voluntarily.

    And as for the brand name. The website and domain are hosted in Europe. F5 (American), can do little in Russia. But Europe is a different story. Curious to see how that will play out.
     
  9. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    Copyright holders have at their discretion the right to or not to pursue their rights. Not sure it would be wise to pursue Maxim legally for use of Nginx name and risk pissing off the Nginx developer/contributor/own staff/ community and users.

    I 100% understand his feelings as almost exact similar situation happened to me recently when a 12+ years old working client relationship ended with my client passing away and having eventually been taken advantage of by his relative who didn't pay me for my work in saving the server and site from overdue web hosting bill termination when no known relatives had been found yet and even wanted to take false unsubstantiated legal action against me. I did it anyway knowing there was a possibility of such outcome as 12yrs is a long time working on my deceased client's server and I considered it almost apart of set of babies and had a attachment to seeing them survive and continue in the way I designed and configured it for.
     
  10. atomi

    atomi New Member

    21
    6
    3
    Jul 14, 2018
    Ratings:
    +15
    Local Time:
    1:36 PM
    1.25.x
    10
    Freenginx 1.25.4 was released yesterday and the latest beta seems to work just fine with it

    Code:
    nginx version: nginx/1.25.4 (210224-203505-almalinux8-lxc-03cbe97-br-a71f931-freengx)
    built with OpenSSL 1.1.1w+quic  11 Sep 2023
    TLS SNI support enabled
     
  11. eva2000

    eva2000 Administrator Staff Member

    51,210
    11,898
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,372
    Local Time:
    9:36 PM
    Nginx 1.25.x
    MariaDB 10.x
    Thanks for heads up. Notice the differences in Change logs! Clearly Maxmim doesn't like HTTP/3 security bugs being labelled with CVEs :LOL: Personally I prefer CVE labelled security classed bugs for Nginx HTTP/3 :)

    http://freenginx.org/en/CHANGES

    Code (Text):
    Changes with freenginx 1.25.4                                    20 Feb 2024
    
       *) Change: now the "freenginx" name is used in responses.
    
       *) Bugfix: "open socket left" alerts might appear in logs during worker
          processes shutdown when using AIO.
    
       *) Bugfix: a segmentation fault might occur in a worker process if AIO
          was used in subrequests.
    
       *) Bugfix: a segmentation fault might occur in a worker process if the
          "image_filter" directive was used, and errors with code 415 were
          redirected with the "error_page" directive.
    
       *) Bugfix: a segmentation fault might occur in a worker process when
          handling cached responses with the "X-Accel-Redirect" header.
          Thanks to Jiří Setnička.
    
       *) Bugfix: a segmentation fault might occur in a worker process when
          using HTTP/3.
    
       *) Bugfixes and improvements in HTTP/3.
    


    Nginx http://nginx.org/en/CHANGES

    Code (Text):
    Changes with nginx 1.25.4                                        14 Feb 2024
    
       *) Security: when using HTTP/3 a segmentation fault might occur in a
          worker process while processing a specially crafted QUIC session
          (CVE-2024-24989, CVE-2024-24990).
    
       *) Bugfix: connections with pending AIO operations might be closed
          prematurely during graceful shutdown of old worker processes.
    
       *) Bugfix: socket leak alerts no longer logged when fast shutdown was
          requested after graceful shutdown of old worker processes.
    
       *) Bugfix: a socket descriptor error, a socket leak, or a segmentation
          fault in a worker process (for SSL proxying) might occur if AIO was
          used in a subrequest.
    
       *) Bugfix: a segmentation fault might occur in a worker process if SSL
          proxying was used along with the "image_filter" directive and errors
          with code 415 were redirected with the "error_page" directive.
    
       *) Bugfixes and improvements in HTTP/3.