From d801978fb203343b1523270188aefe910e9f76ea Mon Sep 17 00:00:00 2001 From: Gleb Goncharov Date: Tue, 9 Aug 2016 17:26:09 +0400 Subject: [PATCH 1/2] webkaos: updated to 1.11.3. --- SOURCES/webkaos.patch | 58 +++++++++++++++++++++---------------------- webkaos-centos6.spec | 5 +++- webkaos-centos7.spec | 2 +- 3 files changed, 34 insertions(+), 31 deletions(-) diff --git a/SOURCES/webkaos.patch b/SOURCES/webkaos.patch index 84a88b5..67fca24 100644 --- a/SOURCES/webkaos.patch +++ b/SOURCES/webkaos.patch @@ -1,6 +1,6 @@ -diff -urN nginx-1.11.2-orig/auto/lib/openssl/make nginx-1.11.2/auto/lib/openssl/make ---- nginx-1.11.2-orig/auto/lib/openssl/make 2016-07-12 18:27:54.827769832 -0400 -+++ nginx-1.11.2/auto/lib/openssl/make 2016-07-12 18:54:29.616445352 -0400 +diff -urN nginx-1.11.3-orig/auto/lib/openssl/make nginx-1.11.3/auto/lib/openssl/make +--- nginx-1.11.3-orig/auto/lib/openssl/make 2016-07-12 18:27:54.827769832 -0400 ++++ nginx-1.11.3/auto/lib/openssl/make 2016-07-12 18:54:29.616445352 -0400 @@ -45,18 +45,18 @@ /*) ngx_prefix="$OPENSSL/.openssl" ;; *) ngx_prefix="$PWD/$OPENSSL/.openssl" ;; @@ -24,9 +24,9 @@ diff -urN nginx-1.11.2-orig/auto/lib/openssl/make nginx-1.11.2/auto/lib/openssl/ ;; esac -diff -urN nginx-1.11.2-orig/src/core/nginx.c nginx-1.11.2/src/core/nginx.c ---- nginx-1.11.2-orig/src/core/nginx.c 2016-07-12 18:27:54.864769825 -0400 -+++ nginx-1.11.2/src/core/nginx.c 2016-07-12 18:55:27.651473539 -0400 +diff -urN nginx-1.11.3-orig/src/core/nginx.c nginx-1.11.3/src/core/nginx.c +--- nginx-1.11.3-orig/src/core/nginx.c 2016-07-12 18:27:54.864769825 -0400 ++++ nginx-1.11.3/src/core/nginx.c 2016-07-12 18:55:27.651473539 -0400 @@ -378,9 +378,9 @@ if (ngx_show_help) { @@ -40,13 +40,13 @@ diff -urN nginx-1.11.2-orig/src/core/nginx.c nginx-1.11.2/src/core/nginx.c "Options:" NGX_LINEFEED " -?,-h : this help" NGX_LINEFEED " -v : show version and exit" NGX_LINEFEED -diff -urN nginx-1.11.2-orig/src/core/nginx.h nginx-1.11.2/src/core/nginx.h ---- nginx-1.11.2-orig/src/core/nginx.h 2016-07-12 18:27:54.868769825 -0400 -+++ nginx-1.11.2/src/core/nginx.h 2016-07-12 18:55:41.000000000 -0400 +diff -urN nginx-1.11.3-orig/src/core/nginx.h nginx-1.11.3/src/core/nginx.h +--- nginx-1.11.3-orig/src/core/nginx.h 2016-07-12 18:27:54.868769825 -0400 ++++ nginx-1.11.3/src/core/nginx.h 2016-07-12 18:55:41.000000000 -0400 @@ -11,7 +11,7 @@ - #define nginx_version 1011002 - #define NGINX_VERSION "1.11.2" + #define nginx_version 1011003 + #define NGINX_VERSION "1.11.3" -#define NGINX_VER "nginx/" NGINX_VERSION +#define NGINX_VER "webkaos/" NGINX_VERSION @@ -61,9 +61,9 @@ diff -urN nginx-1.11.2-orig/src/core/nginx.h nginx-1.11.2/src/core/nginx.h #define NGX_OLDPID_EXT ".oldbin" -diff -urN nginx-1.11.2-orig/src/core/ngx_log.c nginx-1.11.2/src/core/ngx_log.c ---- nginx-1.11.2-orig/src/core/ngx_log.c 2016-07-12 18:27:54.867769824 -0400 -+++ nginx-1.11.2/src/core/ngx_log.c 2016-07-12 18:57:00.359519372 -0400 +diff -urN nginx-1.11.3-orig/src/core/ngx_log.c nginx-1.11.3/src/core/ngx_log.c +--- nginx-1.11.3-orig/src/core/ngx_log.c 2016-07-12 18:27:54.867769824 -0400 ++++ nginx-1.11.3/src/core/ngx_log.c 2016-07-12 18:57:00.359519372 -0400 @@ -202,9 +202,9 @@ return; } @@ -94,9 +94,9 @@ diff -urN nginx-1.11.2-orig/src/core/ngx_log.c nginx-1.11.2/src/core/ngx_log.c return NGX_CONF_ERROR; #endif -diff -urN nginx-1.11.2-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1.11.2/src/http/modules/ngx_http_autoindex_module.c ---- nginx-1.11.2-orig/src/http/modules/ngx_http_autoindex_module.c 2016-07-12 18:27:54.850769821 -0400 -+++ nginx-1.11.2/src/http/modules/ngx_http_autoindex_module.c 2016-07-12 18:57:24.517531092 -0400 +diff -urN nginx-1.11.3-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1.11.3/src/http/modules/ngx_http_autoindex_module.c +--- nginx-1.11.3-orig/src/http/modules/ngx_http_autoindex_module.c 2016-07-12 18:27:54.850769821 -0400 ++++ nginx-1.11.3/src/http/modules/ngx_http_autoindex_module.c 2016-07-12 18:57:24.517531092 -0400 @@ -445,9 +445,11 @@ ; @@ -172,9 +172,9 @@ diff -urN nginx-1.11.2-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1 tm.ngx_tm_mday, months[tm.ngx_tm_mon - 1], tm.ngx_tm_year, -diff -urN nginx-1.11.2-orig/src/http/ngx_http_header_filter_module.c nginx-1.11.2/src/http/ngx_http_header_filter_module.c ---- nginx-1.11.2-orig/src/http/ngx_http_header_filter_module.c 2016-07-12 18:27:54.855769823 -0400 -+++ nginx-1.11.2/src/http/ngx_http_header_filter_module.c 2016-07-12 19:01:30.000000000 -0400 +diff -urN nginx-1.11.3-orig/src/http/ngx_http_header_filter_module.c nginx-1.11.3/src/http/ngx_http_header_filter_module.c +--- nginx-1.11.3-orig/src/http/ngx_http_header_filter_module.c 2016-07-12 18:27:54.855769823 -0400 ++++ nginx-1.11.3/src/http/ngx_http_header_filter_module.c 2016-07-12 19:01:30.000000000 -0400 @@ -46,7 +46,7 @@ }; @@ -228,9 +228,9 @@ diff -urN nginx-1.11.2-orig/src/http/ngx_http_header_filter_module.c nginx-1.11. #define NGX_HTTP_OFF_5XX (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX) ngx_string("500 Internal Server Error"), -diff -urN nginx-1.11.2-orig/src/http/ngx_http_special_response.c nginx-1.11.2/src/http/ngx_http_special_response.c ---- nginx-1.11.2-orig/src/http/ngx_http_special_response.c 2016-07-12 18:27:54.857769823 -0400 -+++ nginx-1.11.2/src/http/ngx_http_special_response.c 2016-07-12 18:57:48.265543888 -0400 +diff -urN nginx-1.11.3-orig/src/http/ngx_http_special_response.c nginx-1.11.3/src/http/ngx_http_special_response.c +--- nginx-1.11.3-orig/src/http/ngx_http_special_response.c 2016-07-12 18:27:54.857769823 -0400 ++++ nginx-1.11.3/src/http/ngx_http_special_response.c 2016-07-12 18:57:48.265543888 -0400 @@ -19,14 +19,14 @@ @@ -683,9 +683,9 @@ diff -urN nginx-1.11.2-orig/src/http/ngx_http_special_response.c nginx-1.11.2/sr #define NGX_HTTP_OFF_5XX (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX) ngx_string(ngx_http_error_494_page), /* 494, request header too large */ -diff -urN nginx-1.11.2-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.11.2/src/http/v2/ngx_http_v2_filter_module.c ---- nginx-1.11.2-orig/src/http/v2/ngx_http_v2_filter_module.c 2016-07-12 18:27:54.860769824 -0400 -+++ nginx-1.11.2/src/http/v2/ngx_http_v2_filter_module.c 2016-07-12 19:03:04.000000000 -0400 +diff -urN nginx-1.11.3-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.11.3/src/http/v2/ngx_http_v2_filter_module.c +--- nginx-1.11.3-orig/src/http/v2/ngx_http_v2_filter_module.c 2016-07-12 18:27:54.860769824 -0400 ++++ nginx-1.11.3/src/http/v2/ngx_http_v2_filter_module.c 2016-07-12 19:03:04.000000000 -0400 @@ -139,7 +139,7 @@ ngx_http_core_srv_conf_t *cscf; u_char addr[NGX_SOCKADDR_STRLEN]; @@ -704,9 +704,9 @@ diff -urN nginx-1.11.2-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.11.2 *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_SERVER_INDEX); -diff -urN nginx-1.11.2-orig/src/os/unix/ngx_setproctitle.c nginx-1.11.2/src/os/unix/ngx_setproctitle.c ---- nginx-1.11.2-orig/src/os/unix/ngx_setproctitle.c 2016-07-12 18:27:54.836769823 -0400 -+++ nginx-1.11.2/src/os/unix/ngx_setproctitle.c 2016-07-12 18:58:12.202554002 -0400 +diff -urN nginx-1.11.3-orig/src/os/unix/ngx_setproctitle.c nginx-1.11.3/src/os/unix/ngx_setproctitle.c +--- nginx-1.11.3-orig/src/os/unix/ngx_setproctitle.c 2016-07-12 18:27:54.836769823 -0400 ++++ nginx-1.11.3/src/os/unix/ngx_setproctitle.c 2016-07-12 18:58:12.202554002 -0400 @@ -89,7 +89,7 @@ ngx_os_argv[1] = NULL; diff --git a/webkaos-centos6.spec b/webkaos-centos6.spec index 3489594..a9f0625 100644 --- a/webkaos-centos6.spec +++ b/webkaos-centos6.spec @@ -58,7 +58,7 @@ Summary: Superb high performance web server Name: webkaos -Version: 1.11.2 +Version: 1.11.3 Release: 0%{?dist} License: 2-clause BSD-like license Group: System Environment/Daemons @@ -464,6 +464,9 @@ fi ############################################################################### %changelog +* Tue Aug 09 2016 Gleb Goncharov - 1.11.3-0 +- Nginx updated to 1.11.3 + * Wed Jul 13 2016 Anton Novojilov - 1.11.2-0 - Nginx updated to 1.11.2 - PageSpeed updated to 1.11.33.2 diff --git a/webkaos-centos7.spec b/webkaos-centos7.spec index 18c765e..8beca8a 100644 --- a/webkaos-centos7.spec +++ b/webkaos-centos7.spec @@ -58,7 +58,7 @@ Summary: Superb high performance web server Name: webkaos -Version: 1.11.2 +Version: 1.11.3 Release: 0%{?dist} License: 2-clause BSD-like license Group: System Environment/Daemons From b9faffbe24bc0804e5269812d051fb25849318a0 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Wed, 10 Aug 2016 18:30:22 -0400 Subject: [PATCH 2/2] Fixes --- SOURCES/ssl-wildcard.conf | 3 +++ SOURCES/ssl.conf | 5 +---- webkaos-centos6.spec | 8 ++++++-- webkaos-centos7.spec | 11 +++++++++-- 4 files changed, 19 insertions(+), 8 deletions(-) create mode 100644 SOURCES/ssl-wildcard.conf diff --git a/SOURCES/ssl-wildcard.conf b/SOURCES/ssl-wildcard.conf new file mode 100644 index 0000000..8dd06f4 --- /dev/null +++ b/SOURCES/ssl-wildcard.conf @@ -0,0 +1,3 @@ +# config to enable HSTS(HTTP Strict Transport Security) https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security +# to avoid ssl stripping https://en.wikipedia.org/wiki/SSL_stripping#SSL_stripping +add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" always; diff --git a/SOURCES/ssl.conf b/SOURCES/ssl.conf index 7f9b273..d6389cf 100644 --- a/SOURCES/ssl.conf +++ b/SOURCES/ssl.conf @@ -1,6 +1,3 @@ # config to enable HSTS(HTTP Strict Transport Security) https://developer.mozilla.org/en-US/docs/Security/HTTP_Strict_Transport_Security # to avoid ssl stripping https://en.wikipedia.org/wiki/SSL_stripping#SSL_stripping -add_header Strict-Transport-Security "max-age=31536000; preload"; - -# For wilcard certs you can use next rule -# add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"; +add_header Strict-Transport-Security "max-age=31536000; preload" always; diff --git a/webkaos-centos6.spec b/webkaos-centos6.spec index a9f0625..49d37b6 100644 --- a/webkaos-centos6.spec +++ b/webkaos-centos6.spec @@ -75,8 +75,9 @@ Source20: pagespeed.conf Source21: pagespeed-enabled.conf Source22: pagespeed-access.pswd Source23: ssl.conf -Source24: common.conf -Source25: bots.conf +Source24: ssl-wildcard.conf +Source25: common.conf +Source26: bots.conf Source30: %{name}-index.html @@ -331,6 +332,8 @@ install -pm 644 %{SOURCE24} \ %{buildroot}%{_sysconfdir}/%{name}/xtra/ install -pm 644 %{SOURCE25} \ %{buildroot}%{_sysconfdir}/%{name}/xtra/ +install -pm 644 %{SOURCE26} \ + %{buildroot}%{_sysconfdir}/%{name}/xtra/ install -dm 755 %{buildroot}%{_sysconfdir}/sysconfig @@ -425,6 +428,7 @@ fi %config(noreplace) %{_sysconfdir}/%{name}/xtra/pagespeed-enabled.conf %config %{_sysconfdir}/%{name}/xtra/common.conf %config %{_sysconfdir}/%{name}/xtra/ssl.conf +%config %{_sysconfdir}/%{name}/xtra/ssl-wildcard.conf %config %{_sysconfdir}/%{name}/xtra/bots.conf %config %{_sysconfdir}/%{name}/mime.types diff --git a/webkaos-centos7.spec b/webkaos-centos7.spec index 8beca8a..6e62bec 100644 --- a/webkaos-centos7.spec +++ b/webkaos-centos7.spec @@ -75,8 +75,9 @@ Source20: pagespeed.conf Source21: pagespeed-enabled.conf Source22: pagespeed-access.pswd Source23: ssl.conf -Source24: common.conf -Source25: bots.conf +Source24: ssl-wildcard.conf +Source25: common.conf +Source26: bots.conf Source30: %{name}-index.html @@ -327,6 +328,8 @@ install -pm 644 %{SOURCE24} \ %{buildroot}%{_sysconfdir}/%{name}/xtra/ install -pm 644 %{SOURCE25} \ %{buildroot}%{_sysconfdir}/%{name}/xtra/ +install -pm 644 %{SOURCE26} \ + %{buildroot}%{_sysconfdir}/%{name}/xtra/ install -dm 755 %{buildroot}%{_sysconfdir}/sysconfig @@ -421,6 +424,7 @@ fi %config(noreplace) %{_sysconfdir}/%{name}/xtra/pagespeed-enabled.conf %config %{_sysconfdir}/%{name}/xtra/common.conf %config %{_sysconfdir}/%{name}/xtra/ssl.conf +%config %{_sysconfdir}/%{name}/xtra/ssl-wildcard.conf %config %{_sysconfdir}/%{name}/xtra/bots.conf %config %{_sysconfdir}/%{name}/mime.types @@ -460,6 +464,9 @@ fi ############################################################################### %changelog +* Tue Aug 09 2016 Gleb Goncharov - 1.11.3-0 +- Nginx updated to 1.11.3 + * Wed Jul 13 2016 Anton Novojilov - 1.11.2-0 - Nginx updated to 1.11.2 - PCRE updated to 8.39