Merge pull request #28 from essentialkaos/develop

Version 1.11.6

SOURCES/boring.patch

@@ -1,6 +1,6 @@
-diff -ur nginx-1.11.5/src/event/ngx_event_openssl.c nginx-1.11.5-patched/src/event/ngx_event_openssl.c
---- nginx-1.11.5/src/event/ngx_event_openssl.c	2016-09-13 16:39:24.000000000 +0100
-+++ nginx-1.11.5-patched/src/event/ngx_event_openssl.c	2016-09-17 17:33:34.705709306 +0100
+diff -ur nginx-1.11.6/src/event/ngx_event_openssl.c nginx-1.11.6-patched/src/event/ngx_event_openssl.c
+--- nginx-1.11.6/src/event/ngx_event_openssl.c	2016-11-15 15:11:47.000000000 +0000
++++ nginx-1.11.6-patched/src/event/ngx_event_openssl.c	2016-11-16 23:39:22.792289533 +0000
 @@ -2016,7 +2016,9 @@
 
              /* handshake failures */
@@ -21,15 +21,3 @@ diff -ur nginx-1.11.5/src/event/ngx_event_openssl.c nginx-1.11.5-patched/src/eve
              || n == SSL_R_NO_COMPRESSION_SPECIFIED                   /*  187 */
              || n == SSL_R_NO_SHARED_CIPHER                           /*  193 */
              || n == SSL_R_RECORD_LENGTH_MISMATCH                     /*  213 */
-diff -ur nginx-1.11.5/src/http/ngx_http_upstream.c nginx-1.11.5-patched/src/http/ngx_http_upstream.c
---- nginx-1.11.5/src/http/ngx_http_upstream.c	2016-09-13 16:39:25.000000000 +0100
-+++ nginx-1.11.5-patched/src/http/ngx_http_upstream.c	2016-09-17 17:34:15.882031550 +0100
-@@ -1694,7 +1694,7 @@
-     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
-                    "upstream SSL server name: \"%s\"", name.data);
-
--    if (SSL_set_tlsext_host_name(c->ssl->connection, name.data) == 0) {
-+    if (SSL_set_tlsext_host_name(c->ssl->connection, (const char*) name.data) == 0) {
-         ngx_ssl_error(NGX_LOG_ERR, r->connection->log, 0,
-                       "SSL_set_tlsext_host_name(\"%s\") failed", name.data);
-         return NGX_ERROR;

SOURCES/webkaos.patch

@@ -1,6 +1,6 @@
-diff -urN nginx-1.11.5-orig/auto/lib/openssl/make nginx-1.11.5/auto/lib/openssl/make
---- nginx-1.11.5-orig/auto/lib/openssl/make	2016-10-13 19:43:12.433021795 -0400
-+++ nginx-1.11.5/auto/lib/openssl/make	2016-10-13 19:45:29.774029162 -0400
+diff -urN nginx-1.11.6-orig/auto/lib/openssl/make nginx-1.11.6/auto/lib/openssl/make
+--- nginx-1.11.6-orig/auto/lib/openssl/make	2016-11-17 16:51:14.782409651 -0500
++++ nginx-1.11.6/auto/lib/openssl/make	2016-11-17 17:33:34.008215772 -0500
 @@ -45,18 +45,18 @@
              /*) ngx_prefix="$OPENSSL/.openssl" ;;
              *)  ngx_prefix="$PWD/$OPENSSL/.openssl" ;;
@@ -24,9 +24,9 @@ diff -urN nginx-1.11.5-orig/auto/lib/openssl/make nginx-1.11.5/auto/lib/openssl/
      ;;
 
  esac
-diff -urN nginx-1.11.5-orig/src/core/nginx.c nginx-1.11.5/src/core/nginx.c
---- nginx-1.11.5-orig/src/core/nginx.c	2016-10-13 19:43:12.479022089 -0400
-+++ nginx-1.11.5/src/core/nginx.c	2016-10-13 19:45:29.789027430 -0400
+diff -urN nginx-1.11.6-orig/src/core/nginx.c nginx-1.11.6/src/core/nginx.c
+--- nginx-1.11.6-orig/src/core/nginx.c	2016-11-17 16:51:14.823406279 -0500
++++ nginx-1.11.6/src/core/nginx.c	2016-11-17 17:33:34.025216124 -0500
 @@ -378,9 +378,9 @@
 
      if (ngx_show_help) {
@@ -40,13 +40,13 @@ diff -urN nginx-1.11.5-orig/src/core/nginx.c nginx-1.11.5/src/core/nginx.c
              "Options:" NGX_LINEFEED
              "  -?,-h         : this help" NGX_LINEFEED
              "  -v            : show version and exit" NGX_LINEFEED
-diff -urN nginx-1.11.5-orig/src/core/nginx.h nginx-1.11.5/src/core/nginx.h
---- nginx-1.11.5-orig/src/core/nginx.h	2016-10-13 19:43:12.482022088 -0400
-+++ nginx-1.11.5/src/core/nginx.h	2016-10-13 20:15:46.000000000 -0400
+diff -urN nginx-1.11.6-orig/src/core/nginx.h nginx-1.11.6/src/core/nginx.h
+--- nginx-1.11.6-orig/src/core/nginx.h	2016-11-17 16:51:14.827406083 -0500
++++ nginx-1.11.6/src/core/nginx.h	2016-11-17 17:35:27.000000000 -0500
 @@ -11,7 +11,7 @@
 
- #define nginx_version      1011005
- #define NGINX_VERSION      "1.11.5"
+ #define nginx_version      1011006
+ #define NGINX_VERSION      "1.11.6"
 -#define NGINX_VER          "nginx/" NGINX_VERSION
 +#define NGINX_VER          "webkaos/" NGINX_VERSION
 
@@ -61,9 +61,9 @@ diff -urN nginx-1.11.5-orig/src/core/nginx.h nginx-1.11.5/src/core/nginx.h
  #define NGX_OLDPID_EXT     ".oldbin"
 
 
-diff -urN nginx-1.11.5-orig/src/core/ngx_log.c nginx-1.11.5/src/core/ngx_log.c
---- nginx-1.11.5-orig/src/core/ngx_log.c	2016-10-13 19:43:12.481022088 -0400
-+++ nginx-1.11.5/src/core/ngx_log.c	2016-10-13 19:45:29.807025840 -0400
+diff -urN nginx-1.11.6-orig/src/core/ngx_log.c nginx-1.11.6/src/core/ngx_log.c
+--- nginx-1.11.6-orig/src/core/ngx_log.c	2016-11-17 16:51:14.826406129 -0500
++++ nginx-1.11.6/src/core/ngx_log.c	2016-11-17 17:33:34.047216153 -0500
 @@ -202,9 +202,9 @@
          return;
      }
@@ -94,9 +94,9 @@ diff -urN nginx-1.11.5-orig/src/core/ngx_log.c nginx-1.11.5/src/core/ngx_log.c
          return NGX_CONF_ERROR;
  #endif
 
-diff -urN nginx-1.11.5-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1.11.5/src/http/modules/ngx_http_autoindex_module.c
---- nginx-1.11.5-orig/src/http/modules/ngx_http_autoindex_module.c	2016-10-13 19:43:12.461022088 -0400
-+++ nginx-1.11.5/src/http/modules/ngx_http_autoindex_module.c	2016-10-13 19:45:29.821024648 -0400
+diff -urN nginx-1.11.6-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1.11.6/src/http/modules/ngx_http_autoindex_module.c
+--- nginx-1.11.6-orig/src/http/modules/ngx_http_autoindex_module.c	2016-11-17 16:51:14.808407309 -0500
++++ nginx-1.11.6/src/http/modules/ngx_http_autoindex_module.c	2016-11-17 17:33:34.063216154 -0500
 @@ -445,9 +445,11 @@
      ;
 
@@ -172,9 +172,9 @@ diff -urN nginx-1.11.5-orig/src/http/modules/ngx_http_autoindex_module.c nginx-1
                                tm.ngx_tm_mday,
                                months[tm.ngx_tm_mon - 1],
                                tm.ngx_tm_year,
-diff -urN nginx-1.11.5-orig/src/http/ngx_http_header_filter_module.c nginx-1.11.5/src/http/ngx_http_header_filter_module.c
---- nginx-1.11.5-orig/src/http/ngx_http_header_filter_module.c	2016-10-13 19:43:12.470022089 -0400
-+++ nginx-1.11.5/src/http/ngx_http_header_filter_module.c	2016-10-13 19:45:29.833023482 -0400
+diff -urN nginx-1.11.6-orig/src/http/ngx_http_header_filter_module.c nginx-1.11.6/src/http/ngx_http_header_filter_module.c
+--- nginx-1.11.6-orig/src/http/ngx_http_header_filter_module.c	2016-11-17 16:51:14.815406766 -0500
++++ nginx-1.11.6/src/http/ngx_http_header_filter_module.c	2016-11-17 17:33:34.075216155 -0500
 @@ -46,7 +46,7 @@
  };
 
@@ -228,9 +228,9 @@ diff -urN nginx-1.11.5-orig/src/http/ngx_http_header_filter_module.c nginx-1.11.
  #define NGX_HTTP_OFF_5XX   (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX)
 
      ngx_string("500 Internal Server Error"),
-diff -urN nginx-1.11.5-orig/src/http/ngx_http_special_response.c nginx-1.11.5/src/http/ngx_http_special_response.c
---- nginx-1.11.5-orig/src/http/ngx_http_special_response.c	2016-10-13 19:43:12.471022089 -0400
-+++ nginx-1.11.5/src/http/ngx_http_special_response.c	2016-10-13 20:21:05.000000000 -0400
+diff -urN nginx-1.11.6-orig/src/http/ngx_http_special_response.c nginx-1.11.6/src/http/ngx_http_special_response.c
+--- nginx-1.11.6-orig/src/http/ngx_http_special_response.c	2016-11-17 16:51:14.816406699 -0500
++++ nginx-1.11.6/src/http/ngx_http_special_response.c	2016-11-17 17:46:04.000000000 -0500
 @@ -19,14 +19,14 @@
 
 
@@ -683,9 +683,9 @@ diff -urN nginx-1.11.5-orig/src/http/ngx_http_special_response.c nginx-1.11.5/sr
  #define NGX_HTTP_OFF_5XX   (NGX_HTTP_LAST_4XX - 400 + NGX_HTTP_OFF_4XX)
 
      ngx_string(ngx_http_error_494_page), /* 494, request header too large */
-diff -urN nginx-1.11.5-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.11.5/src/http/v2/ngx_http_v2_filter_module.c
---- nginx-1.11.5-orig/src/http/v2/ngx_http_v2_filter_module.c	2016-10-13 19:43:12.474022089 -0400
-+++ nginx-1.11.5/src/http/v2/ngx_http_v2_filter_module.c	2016-10-13 19:45:29.852022348 -0400
+diff -urN nginx-1.11.6-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.11.6/src/http/v2/ngx_http_v2_filter_module.c
+--- nginx-1.11.6-orig/src/http/v2/ngx_http_v2_filter_module.c	2016-11-17 16:51:14.819406507 -0500
++++ nginx-1.11.6/src/http/v2/ngx_http_v2_filter_module.c	2016-11-17 17:48:41.000000000 -0500
 @@ -139,7 +139,7 @@
      ngx_http_core_srv_conf_t  *cscf;
      u_char                     addr[NGX_SOCKADDR_STRLEN];
@@ -704,9 +704,9 @@ diff -urN nginx-1.11.5-orig/src/http/v2/ngx_http_v2_filter_module.c nginx-1.11.5
 
          *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_SERVER_INDEX);
 
-diff -urN nginx-1.11.5-orig/src/os/unix/ngx_setproctitle.c nginx-1.11.5/src/os/unix/ngx_setproctitle.c
---- nginx-1.11.5-orig/src/os/unix/ngx_setproctitle.c	2016-10-13 19:43:12.442022001 -0400
-+++ nginx-1.11.5/src/os/unix/ngx_setproctitle.c	2016-10-13 19:45:29.870021555 -0400
+diff -urN nginx-1.11.6-orig/src/os/unix/ngx_setproctitle.c nginx-1.11.6/src/os/unix/ngx_setproctitle.c
+--- nginx-1.11.6-orig/src/os/unix/ngx_setproctitle.c	2016-11-17 16:51:14.790409055 -0500
++++ nginx-1.11.6/src/os/unix/ngx_setproctitle.c	2016-11-17 17:33:34.104216158 -0500
 @@ -89,7 +89,7 @@
 
      ngx_os_argv[1] = NULL;

patch-proc.sh

@@ -4,30 +4,27 @@
 
 NORM=0
 BOLD=1
+UNLN=4
 RED=31
 GREEN=32
 BROWN=33
 BLUE=34
 MAG=35
 CYAN=36
-GREY=90
+GREY=37
+DARK=90
 
 CL_NORM="\e[${NORM}m"
 CL_BOLD="\e[${BOLD}m"
-CL_RED="\e[0;${RED};49m"
-CL_GREEN="\e[0;${GREEN};49m"
-CL_BROWN="\e[0;${BROWN};49m"
-CL_BLUE="\e[0;${BLUE};49m"
-CL_MAG="\e[0;${MAG};49m"
-CL_CYAN="\e[0;${CYAN};49m"
-CL_GREY="\e[0;${GREY};49m"
-CL_BL_RED="\e[1;${RED};49m"
-CL_BL_GREEN="\e[1;${GREEN};49m"
-CL_BL_BROWN="\e[1;${BROWN};49m"
-CL_BL_BLUE="\e[1;${BLUE};49m"
-CL_BL_MAG="\e[1;${MAG};49m"
-CL_BL_CYAN="\e[1;${CYAN};49m"
-CL_BL_GREY="\e[1;${GREY};49m"
+CL_UNLN="\e[${UNLN}m"
+CL_RED="\e[${RED}m"
+CL_GREEN="\e[${GREEN}m"
+CL_BROWN="\e[${BROWN}m"
+CL_BLUE="\e[${BLUE}m"
+CL_MAG="\e[${MAG}m"
+CL_CYAN="\e[${CYAN}m"
+CL_GREY="\e[${GREY}m"
+CL_DARK="\e[${DARK}m"
 
 ###############################################################################
 
@@ -37,62 +34,90 @@ main() {
   shift
 
   case $cmd in
-    "check") check $@ ;;
-    "copy")   copy $@ ;;
-    *)          usage ;;  
+    "check") check "$@" ;;
+    "copy")   copy "$@" ;;
+    *)            usage ;;  
   esac
 }
 
 check() {
-  local patch_file="$1"
-  local data_dir="$2"
-  local old_ver="$3"
-  local new_ver="$4"
+  local patch_file data_dir old_ver new_ver old_ver_dir new_ver_dir
+  local sources old_ver_hash new_ver_hash diff_size
+
+  patch_file="$1"
+  data_dir="$2"
+  old_ver="$3"
+  new_ver="$4"
 
-  local old_ver_dir="${data_dir}/nginx-${old_ver}-orig"
-  local new_ver_dir="${data_dir}/nginx-${new_ver}-orig"
+  old_ver_dir="${data_dir}/nginx-${old_ver}-orig"
+  new_ver_dir="${data_dir}/nginx-${new_ver}-orig"
 
-  local sources=$(grep '+++' "$patch_file" | tr "\t" " " | cut -f2 -d" " | cut -f2-99 -d "/")
+  sources=$(grep '+++' "$patch_file" | tr "\t" " " | cut -f2 -d" " | cut -f2-99 -d "/")
 
   show ""
 
   for source_file in $sources ; do
-    local old_ver_hash=$(getHash "$old_ver_dir/$source_file")
-    local new_ver_hash=$(getHash "$new_ver_dir/$source_file")
+    old_ver_hash=$(getHash "$old_ver_dir/$source_file")
+    new_ver_hash=$(getHash "$new_ver_dir/$source_file")
 
     if [[ "$old_ver_hash" == "$new_ver_hash" ]] ; then
       show " ${CL_GREEN}✔ ${CL_NORM}$source_file"
     else
-      local diff_size=$(diff -U 0 "$old_ver_dir/$source_file" "$new_ver_dir/$source_file" | grep -v ^@ | wc -l)
-      show " ${CL_RED}✖ ${CL_NORM}$source_file ${CL_GREY}(± $diff_size lines)${CL_NORM}"
+      diff_size=$(getDiffSize "$old_ver_dir/$source_file" "$new_ver_dir/$source_file")
+      show " ${CL_RED}✖ ${CL_NORM}${CL_BOLD}$source_file ${CL_DARK}(± $diff_size lines)${CL_NORM}"
+      showDiff "$old_ver_dir/$source_file" "$new_ver_dir/$source_file"
     fi
   done
 
   show ""
 }
 
+getDiffSize() {
+  local file1="$1"
+  local file2="$2"
+
+  local diff_size=$(diff -U 0 "$file1" "$file2" | wc -l)
+
+  diff_size=$(( diff_size - 3 ))
+
+  echo "$diff_size"
+}
+
+showDiff() {
+  local file1="$1"
+  local file2="$2"
+
+  show "$CL_GREY"
+  diff -U 0 "$file1" "$file2" | sed -n 3,9999p | sed 's/^/   /g' | sed 's/@@ //g' | sed 's/ @@//g'
+  show "$CL_NORM"
+}
+
 copy() {
-  local patch_file="$1"
-  local data_dir="$2"
-  local old_ver="$3"
-  local new_ver="$4"
+  local patch_file data_dir old_ver new_ver
+  local old_ver_dir new_ver_dir old_ver_pt_dir new_ver_pt_dir
+  local sources old_ver_hash new_ver_hash
+
+  patch_file="$1"
+  data_dir="$2"
+  old_ver="$3"
+  new_ver="$4"
 
-  local old_ver_dir="${data_dir}/nginx-${old_ver}-orig"
-  local new_ver_dir="${data_dir}/nginx-${new_ver}-orig"
-  local old_ver_pt_dir="${data_dir}/nginx-${old_ver}"
-  local new_ver_pt_dir="${data_dir}/nginx-${new_ver}"
+  old_ver_dir="${data_dir}/nginx-${old_ver}-orig"
+  new_ver_dir="${data_dir}/nginx-${new_ver}-orig"
+  old_ver_pt_dir="${data_dir}/nginx-${old_ver}"
+  new_ver_pt_dir="${data_dir}/nginx-${new_ver}"
 
-  local sources=$(grep '+++' "$patch_file" | tr "\t" " " | cut -f2 -d" " | cut -f2-99 -d "/")
+  sources=$(grep '+++' "$patch_file" | tr "\t" " " | cut -f2 -d" " | cut -f2-99 -d "/")
 
   show ""
 
   for source_file in $sources ; do
-    local old_ver_hash=$(getHash "$old_ver_dir/$source_file")
-    local new_ver_hash=$(getHash "$new_ver_dir/$source_file")
+    old_ver_hash=$(getHash "$old_ver_dir/$source_file")
+    new_ver_hash=$(getHash "$new_ver_dir/$source_file")
 
     if [[ "$old_ver_hash" == "$new_ver_hash" ]] ; then
-      show " $old_ver_pt_dir/$source_file → $new_ver_pt_dir/$source_file"
-      cp $old_ver_pt_dir/$source_file $new_ver_pt_dir/$source_file
+      show " $data_dir/${CL_BOLD}{$old_ver → $new_ver}${CL_NORM}/$source_file"
+      cp "$old_ver_pt_dir/$source_file" "$new_ver_pt_dir/$source_file"
     fi
   done
 
@@ -103,6 +128,14 @@ getHash() {
   sha256sum "$1" | cut -f1 -d" "
 }
 
+show() {
+  if [[ -n "$2" ]] ; then
+    echo -e "\e[${2}m${1}\e[0m"
+  else
+    echo -e "$*"
+  fi
+}
+
 usage() {
   show ""
   show "${CL_BOLD}Usage:${CL_NORM} ./patch-proc.sh ${CL_BROWN}{command}${CL_NORM} webkaos.patch data-dir prev-ver new-ver"
@@ -114,18 +147,14 @@ usage() {
   show ""
   show "Examples" $BOLD
   show ""
-  show "  ./patch-proc.sh SOURCES/webkaos.patch /some/dir 1.11.1 1.11.2"
+  show "  ./patch-proc.sh check SOURCES/webkaos.patch /some/dir 1.11.5 1.11.6"
+  show "  Check patch compatibility with newer version" $DARK
+  show ""
+  show "  ./patch-proc.sh copy SOURCES/webkaos.patch /some/dir 1.11.5 1.11.6"
+  show "  Copy unchanged files from previous patched version" $DARK
   show ""
-}
-
-show() {
-  if [[ -n "$2" ]] ; then
-    echo -e "\e[${2}m${1}${CL_NORM}"
-  else
-    echo -e "$@"
-  fi
 }
 
 ###############################################################################
 
-main $@
+main "$@"

webkaos-centos6.spec

@@ -43,7 +43,7 @@
 %define service_name         %{name}
 %define service_home         %{_cachedir}/%{service_name}
 
-%define boring_commit        11a7b3c2d902ddb039e42fe19933e2a942f585f0
+%define boring_commit        fbbef12918ff23e7e296b976fe47d6fc93d71837
 %define psol_ver             1.11.33.4
 %define lua_module_ver       0.10.7
 %define mh_module_ver        0.32
@@ -58,8 +58,8 @@
 
 Summary:              Superb high performance web server
 Name:                 webkaos
-Version:              1.11.5
-Release:              2%{?dist}
+Version:              1.11.6
+Release:              0%{?dist}
 License:              2-clause BSD-like license
 Group:                System Environment/Daemons
 Vendor:               Nginx / Google / CloudFlare / ESSENTIALKAOS
@@ -93,7 +93,7 @@ Patch0:               %{name}.patch
 Patch1:               mime.patch
 # https://github.com/cloudflare/sslconfig/blob/master/patches/nginx__1.11.5_dynamic_tls_records.patch
 Patch2:               %{name}-dynamic-tls-records.patch
-# https://github.com/ajhaydock/BoringNginx/blob/master/1.11.4/src/boring.patch
+# https://github.com/ajhaydock/BoringNginx/blob/master/patches/1.11.6.patch
 Patch3:               boring.patch
 
 BuildRoot:            %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -523,6 +523,10 @@ rm -rf %{buildroot}
 ###############################################################################
 
 %changelog
+* Fri Nov 18 2016 Anton Novojilov <andy@essentialkaos.com> - 1.11.6-0
+- Nginx updated to 1.11.6
+- BoringSSL updated to latest version
+
 * Sun Nov 13 2016 Anton Novojilov <andy@essentialkaos.com> - 1.11.5-2
 - Added dynamic modules support
 - Added fix for CVE-2016-1247