From 5617cda4393fade2ba269dafad2bad13d5390edc Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Wed, 21 Jun 2023 14:26:35 +0300 Subject: [PATCH 1/3] Version 1.24.0 --- SOURCES/boringssl-urand-test-disable.patch | 24 --------- SOURCES/webkaos.patch | 58 +++++++++++----------- webkaos.spec | 10 ++-- 3 files changed, 35 insertions(+), 57 deletions(-) delete mode 100644 SOURCES/boringssl-urand-test-disable.patch diff --git a/SOURCES/boringssl-urand-test-disable.patch b/SOURCES/boringssl-urand-test-disable.patch deleted file mode 100644 index 4567960..0000000 --- a/SOURCES/boringssl-urand-test-disable.patch +++ /dev/null @@ -1,24 +0,0 @@ -diff -urN boringssl-orig/crypto/CMakeLists.txt boringssl/crypto/CMakeLists.txt ---- boringssl-orig/crypto/CMakeLists.txt 2019-11-08 14:59:15.000000000 +0300 -+++ boringssl/crypto/CMakeLists.txt 2019-11-08 18:19:21.000000000 +0300 -@@ -453,20 +453,6 @@ - target_link_libraries(crypto libcxx) - endif() - --# urandom_test is a separate binary because it needs to be able to observe the --# PRNG initialisation, which means that it can't have other tests running before --# it does. --add_executable( -- urandom_test -- -- fipsmodule/rand/urandom_test.cc --) -- --target_link_libraries(urandom_test test_support_lib boringssl_gtest crypto) -- --add_dependencies(urandom_test global_target) --add_dependencies(all_tests urandom_test) -- - add_executable( - crypto_test - diff --git a/SOURCES/webkaos.patch b/SOURCES/webkaos.patch index 638a3ba..0ef2ed3 100644 --- a/SOURCES/webkaos.patch +++ b/SOURCES/webkaos.patch @@ -1,6 +1,6 @@ -diff -urN nginx-1.23.4-orig/auto/lib/openssl/make nginx-1.23.4/auto/lib/openssl/make ---- nginx-1.23.4-orig/auto/lib/openssl/make 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/auto/lib/openssl/make 2023-03-29 13:08:48.000000000 +0300 +diff --color -urN nginx-1.24.0-orig/auto/lib/openssl/make nginx-1.24.0/auto/lib/openssl/make +--- nginx-1.24.0-orig/auto/lib/openssl/make 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/auto/lib/openssl/make 2023-06-21 13:58:20.000000000 +0300 @@ -58,18 +58,18 @@ /*) ngx_prefix="$OPENSSL/.openssl" ;; *) ngx_prefix="$PWD/$OPENSSL/.openssl" ;; @@ -24,9 +24,9 @@ diff -urN nginx-1.23.4-orig/auto/lib/openssl/make nginx-1.23.4/auto/lib/openssl/ ;; esac -diff -urN nginx-1.23.4-orig/src/core/nginx.c nginx-1.23.4/src/core/nginx.c ---- nginx-1.23.4-orig/src/core/nginx.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/core/nginx.c 2023-03-29 12:59:12.184527558 +0300 +diff --color -urN nginx-1.24.0-orig/src/core/nginx.c nginx-1.24.0/src/core/nginx.c +--- nginx-1.24.0-orig/src/core/nginx.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/core/nginx.c 2023-06-21 13:55:59.855364774 +0300 @@ -390,13 +390,13 @@ static void ngx_show_version_info(void) @@ -45,13 +45,13 @@ diff -urN nginx-1.23.4-orig/src/core/nginx.c nginx-1.23.4/src/core/nginx.c "Options:" NGX_LINEFEED " -?,-h : this help" NGX_LINEFEED " -v : show version and exit" NGX_LINEFEED -diff -urN nginx-1.23.4-orig/src/core/nginx.h nginx-1.23.4/src/core/nginx.h ---- nginx-1.23.4-orig/src/core/nginx.h 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/core/nginx.h 2023-03-29 13:09:16.000000000 +0300 +diff --color -urN nginx-1.24.0-orig/src/core/nginx.h nginx-1.24.0/src/core/nginx.h +--- nginx-1.24.0-orig/src/core/nginx.h 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/core/nginx.h 2023-06-21 13:54:08.000000000 +0300 @@ -11,7 +11,7 @@ - #define nginx_version 1023004 - #define NGINX_VERSION "1.23.4" + #define nginx_version 1024000 + #define NGINX_VERSION "1.24.0" -#define NGINX_VER "nginx/" NGINX_VERSION +#define NGINX_VER "webkaos/" NGINX_VERSION @@ -66,9 +66,9 @@ diff -urN nginx-1.23.4-orig/src/core/nginx.h nginx-1.23.4/src/core/nginx.h #define NGX_OLDPID_EXT ".oldbin" -diff -urN nginx-1.23.4-orig/src/core/ngx_log.c nginx-1.23.4/src/core/ngx_log.c ---- nginx-1.23.4-orig/src/core/ngx_log.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/core/ngx_log.c 2023-03-29 12:59:12.195527524 +0300 +diff --color -urN nginx-1.24.0-orig/src/core/ngx_log.c nginx-1.24.0/src/core/ngx_log.c +--- nginx-1.24.0-orig/src/core/ngx_log.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/core/ngx_log.c 2023-06-21 13:55:59.869365935 +0300 @@ -202,9 +202,9 @@ return; } @@ -99,9 +99,9 @@ diff -urN nginx-1.23.4-orig/src/core/ngx_log.c nginx-1.23.4/src/core/ngx_log.c return NGX_CONF_ERROR; #endif -diff -urN nginx-1.23.4-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1.23.4/src/http/modules/ngx_http_autoindex_module.c ---- nginx-1.23.4-orig/src/http/modules/ngx_http_autoindex_module.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/http/modules/ngx_http_autoindex_module.c 2023-03-29 12:59:12.201527505 +0300 +diff --color -urN nginx-1.24.0-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1.24.0/src/http/modules/ngx_http_autoindex_module.c +--- nginx-1.24.0-orig/src/http/modules/ngx_http_autoindex_module.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/http/modules/ngx_http_autoindex_module.c 2023-06-21 13:55:59.878366682 +0300 @@ -449,9 +449,11 @@ ; @@ -177,9 +177,9 @@ diff -urN nginx-1.23.4-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1 tm.ngx_tm_mday, months[tm.ngx_tm_mon - 1], tm.ngx_tm_year, -diff -urN nginx-1.23.4-orig/src/http/ngx_http_header_filter_module.c nginx-1.23.4/src/http/ngx_http_header_filter_module.c ---- nginx-1.23.4-orig/src/http/ngx_http_header_filter_module.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/http/ngx_http_header_filter_module.c 2023-03-29 12:59:12.207527487 +0300 +diff --color -urN nginx-1.24.0-orig/src/http/ngx_http_header_filter_module.c nginx-1.24.0/src/http/ngx_http_header_filter_module.c +--- nginx-1.24.0-orig/src/http/ngx_http_header_filter_module.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/http/ngx_http_header_filter_module.c 2023-06-21 13:55:59.888367511 +0300 @@ -46,7 +46,7 @@ }; @@ -230,9 +230,9 @@ diff -urN nginx-1.23.4-orig/src/http/ngx_http_header_filter_module.c nginx-1.23. #define NGX_HTTP_OFF_5XX (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX) ngx_string("500 Internal Server Error"), -diff -urN nginx-1.23.4-orig/src/http/ngx_http_special_response.c nginx-1.23.4/src/http/ngx_http_special_response.c ---- nginx-1.23.4-orig/src/http/ngx_http_special_response.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/http/ngx_http_special_response.c 2023-03-29 12:59:12.214527465 +0300 +diff --color -urN nginx-1.24.0-orig/src/http/ngx_http_special_response.c nginx-1.24.0/src/http/ngx_http_special_response.c +--- nginx-1.24.0-orig/src/http/ngx_http_special_response.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/http/ngx_http_special_response.c 2023-06-21 13:55:59.898368341 +0300 @@ -19,21 +19,21 @@ @@ -705,9 +705,9 @@ diff -urN nginx-1.23.4-orig/src/http/ngx_http_special_response.c nginx-1.23.4/sr #define NGX_HTTP_OFF_5XX (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX) ngx_string(ngx_http_error_494_page), /* 494, request header too large */ -diff -urN nginx-1.23.4-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.23.4/src/http/v2/ngx_http_v2_filter_module.c ---- nginx-1.23.4-orig/src/http/v2/ngx_http_v2_filter_module.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/http/v2/ngx_http_v2_filter_module.c 2023-03-29 12:59:12.221527443 +0300 +diff --color -urN nginx-1.24.0-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.24.0/src/http/v2/ngx_http_v2_filter_module.c +--- nginx-1.24.0-orig/src/http/v2/ngx_http_v2_filter_module.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/http/v2/ngx_http_v2_filter_module.c 2023-06-21 13:55:59.907369088 +0300 @@ -148,7 +148,7 @@ ngx_http_core_srv_conf_t *cscf; u_char addr[NGX_SOCKADDR_STRLEN]; @@ -726,9 +726,9 @@ diff -urN nginx-1.23.4-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.23.4 } *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_SERVER_INDEX); -diff -urN nginx-1.23.4-orig/src/os/unix/ngx_setproctitle.c nginx-1.23.4/src/os/unix/ngx_setproctitle.c ---- nginx-1.23.4-orig/src/os/unix/ngx_setproctitle.c 2023-03-28 18:01:54.000000000 +0300 -+++ nginx-1.23.4/src/os/unix/ngx_setproctitle.c 2023-03-29 12:59:12.227527425 +0300 +diff --color -urN nginx-1.24.0-orig/src/os/unix/ngx_setproctitle.c nginx-1.24.0/src/os/unix/ngx_setproctitle.c +--- nginx-1.24.0-orig/src/os/unix/ngx_setproctitle.c 2023-04-11 04:45:34.000000000 +0300 ++++ nginx-1.24.0/src/os/unix/ngx_setproctitle.c 2023-06-21 13:55:59.918370000 +0300 @@ -89,7 +89,7 @@ ngx_os_argv[1] = NULL; diff --git a/webkaos.spec b/webkaos.spec index 297fe4f..1266b35 100644 --- a/webkaos.spec +++ b/webkaos.spec @@ -23,7 +23,7 @@ %define service_name %{name} %define service_home %{_cachedir}/%{service_name} -%define nginx_version 1.23.4 +%define nginx_version 1.24.0 %define lua_module_ver 0.10.24 %define lua_resty_core_ver 0.1.26 %define lua_resty_lru_ver 0.13 @@ -38,7 +38,7 @@ # 1. Open https://chromiumdash.appspot.com/releases?platform=Linux and note the latest stable version. # 2. Open https://chromium.googlesource.com/chromium/src/+/refs/tags//DEPS and note . -%define boring_commit 45b8d7bbd771cbf7e116db2ba1f1cc7af959497e +%define boring_commit 4b6d950d8921d6dd5365de0797fcc97302b9561b ################################################################################ @@ -92,7 +92,6 @@ Patch2: %{name}-dynamic-tls-records.patch # https://github.com/ajhaydock/BoringNginx/blob/master/patches Patch3: boringssl.patch Patch5: boringssl-tls13-support.patch -Patch8: boringssl-urand-test-disable.patch Patch12: naxsi-compat.patch @@ -202,7 +201,6 @@ tar xzvf %{SOURCE60} pushd boringssl %patch5 -p1 -%patch8 -p1 popd pushd naxsi-%{naxsi_ver} @@ -671,6 +669,10 @@ rm -rf %{buildroot} ################################################################################ %changelog +* Wed Jun 21 2023 Anton Novojilov - 1.24.0-0 +- Nginx updated to 1.24.0 (mainline → stable) +- BoringSSL updated to the latest stable version for Chromium + * Wed Mar 29 2023 Anton Novojilov - 1.23.4-0 - Nginx updated to 1.23.4 - lua-nginx-module updated to 0.10.24 From 407c6c640a9177ff9941283c28a76ca97b90af7f Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Wed, 21 Jun 2023 14:30:02 +0300 Subject: [PATCH 2/3] Update dockerfiles --- .docker/centos7-unprivileged.docker | 2 +- .docker/centos7.docker | 2 +- .docker/ol7-unprivileged.docker | 2 +- .docker/ol7.docker | 2 +- .docker/ol8-unprivileged.docker | 2 +- .docker/ol8.docker | 2 +- .docker/ol9-unprivileged.docker | 2 +- .docker/ol9.docker | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.docker/centos7-unprivileged.docker b/.docker/centos7-unprivileged.docker index 7498f8a..38fbd1d 100644 --- a/.docker/centos7-unprivileged.docker +++ b/.docker/centos7-unprivileged.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS (Unprivileged)" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/centos7.docker b/.docker/centos7.docker index 8655620..1cb3430 100644 --- a/.docker/centos7.docker +++ b/.docker/centos7.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/ol7-unprivileged.docker b/.docker/ol7-unprivileged.docker index 6eacd2b..0696a0f 100644 --- a/.docker/ol7-unprivileged.docker +++ b/.docker/ol7-unprivileged.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS (Unprivileged)" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/ol7.docker b/.docker/ol7.docker index 4f2eb10..343da54 100644 --- a/.docker/ol7.docker +++ b/.docker/ol7.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/ol8-unprivileged.docker b/.docker/ol8-unprivileged.docker index c9ffe4f..8b8633e 100644 --- a/.docker/ol8-unprivileged.docker +++ b/.docker/ol8-unprivileged.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS (Unprivileged)" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/ol8.docker b/.docker/ol8.docker index c0221a8..4f62bc8 100644 --- a/.docker/ol8.docker +++ b/.docker/ol8.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/ol9-unprivileged.docker b/.docker/ol9-unprivileged.docker index 7d30d1d..84a9783 100644 --- a/.docker/ol9-unprivileged.docker +++ b/.docker/ol9-unprivileged.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS (Unprivileged)" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release diff --git a/.docker/ol9.docker b/.docker/ol9.docker index 3b45cf8..7062cd9 100644 --- a/.docker/ol9.docker +++ b/.docker/ol9.docker @@ -14,7 +14,7 @@ LABEL org.opencontainers.image.title="WEBKAOS" \ org.opencontainers.image.url="https://kaos.sh/webkaos" \ org.opencontainers.image.source="https://github.com/essentialkaos/webkaos" -ARG WEBKAOS_VER=1.23.4 +ARG WEBKAOS_VER=1.24.0 ARG BROTLI_VER=0.1.5 ARG REPOSITORY=kaos-release From 1c766898d5f36699aef16cecad04ba1b9e529ed0 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Thu, 22 Jun 2023 13:26:37 +0300 Subject: [PATCH 3/3] Bump modules release --- webkaos.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/webkaos.spec b/webkaos.spec index 1266b35..be01d29 100644 --- a/webkaos.spec +++ b/webkaos.spec @@ -151,7 +151,7 @@ Links for nginx compatibility. Summary: Module for Brotli compression Version: 0.1.5 -Release: 14%{?dist} +Release: 15%{?dist} Group: System Environment/Daemons Requires: %{name} = %{nginx_version} @@ -165,7 +165,7 @@ Module for Brotli compression. Summary: High performance, low rules maintenance WAF Version: %{naxsi_ver} -Release: 13%{?dist} +Release: 14%{?dist} Group: System Environment/Daemons Requires: %{name} = %{nginx_version}