Skip to content

Commit

Permalink
Merge pull request #72 from essentialkaos/develop
Browse files Browse the repository at this point in the history 
 Version 1.15.4
  • Loading branch information
@andyone
andyone authored Sep 27, 2018
2 parents 672a2a5 + 2a22474 commit c7e6765
Show file tree
Hide file tree
Showing 11 changed files with 154 additions and 338 deletions.
16 changes: 8 additions & 8 deletions SOURCES/boringssl.patch
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,17 @@
diff -ur nginx-1.11.6/src/event/ngx_event_openssl.c nginx-1.11.6-patched/src/event/ngx_event_openssl.c
--- nginx-1.11.6/src/event/ngx_event_openssl.c 2016-11-15 15:11:47.000000000 +0000
+++ nginx-1.11.6-patched/src/event/ngx_event_openssl.c 2016-11-16 23:39:22.792289533 +0000
@@ -2016,7 +2016,9 @@

/* handshake failures */
if (n == SSL_R_BAD_CHANGE_CIPHER_SPEC /* 103 */
diff -urN nginx-1.15.4-orig/src/event/ngx_event_openssl.c nginx-1.15.4-boring/src/event/ngx_event_openssl.c
--- nginx-1.15.4-orig/src/event/ngx_event_openssl.c 2018-09-25 18:11:39.000000000 +0300
+++ nginx-1.15.4-boring/src/event/ngx_event_openssl.c 2018-09-27 14:21:12.000000000 +0300
@@ -2591,7 +2591,9 @@
#ifdef SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM
|| n == SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM /* 118 */
#endif
+#ifdef SSL_R_BLOCK_CIPHER_PAD_IS_WRONG
|| n == SSL_R_BLOCK_CIPHER_PAD_IS_WRONG /* 129 */
+#endif
|| n == SSL_R_DIGEST_CHECK_FAILED /* 149 */
|| n == SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST /* 151 */
|| n == SSL_R_EXCESSIVE_MESSAGE_SIZE /* 152 */
@@ -2024,7 +2026,9 @@
@@ -2601,7 +2603,9 @@
#ifdef SSL_R_NO_CIPHERS_PASSED
|| n == SSL_R_NO_CIPHERS_PASSED /* 182 */
#endif
Expand Down
12 changes: 0 additions & 12 deletions SOURCES/ngx_pagespeed-build-force.patch
View file

This file was deleted.

1 change: 0 additions & 1 deletion SOURCES/pagespeed-access.pswd
View file

This file was deleted.

29 changes: 0 additions & 29 deletions SOURCES/pagespeed-enabled.conf
View file

This file was deleted.

27 changes: 0 additions & 27 deletions SOURCES/pagespeed.conf
View file

This file was deleted.

47 changes: 23 additions & 24 deletions SOURCES/webkaos-dynamic-tls-records.patch
View file
Original file line number Diff line number Diff line change
@@ -1,15 +1,15 @@
diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.c nginx-1.15.3/src/event/ngx_event_openssl.c
--- nginx-1.15.3-orig/src/event/ngx_event_openssl.c 2018-08-28 18:36:00.000000000 +0300
+++ nginx-1.15.3/src/event/ngx_event_openssl.c 2018-09-02 01:18:43.000000000 +0300
@@ -1239,6 +1239,7 @@
diff -urN nginx-1.15.4-orig/src/event/ngx_event_openssl.c nginx-1.15.4-dyntls/src/event/ngx_event_openssl.c
--- nginx-1.15.4-orig/src/event/ngx_event_openssl.c 2018-09-25 18:11:39.000000000 +0300
+++ nginx-1.15.4-dyntls/src/event/ngx_event_openssl.c 2018-09-27 14:01:16.000000000 +0300
@@ -1267,6 +1267,7 @@

sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
sc->buffer_size = ssl->buffer_size;
+ sc->dyn_rec = ssl->dyn_rec;

sc->session_ctx = ssl->ctx;

@@ -1806,6 +1807,41 @@
@@ -2115,6 +2116,41 @@

for ( ;; ) {

Expand Down Expand Up @@ -51,7 +51,7 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.c nginx-1.15.3/src/event
while (in && buf->last < buf->end && send < limit) {
if (in->buf->last_buf || in->buf->flush) {
flush = 1;
@@ -1907,6 +1943,9 @@
@@ -2222,6 +2258,9 @@

if (n > 0) {

Expand All @@ -61,10 +61,10 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.c nginx-1.15.3/src/event
if (c->ssl->saved_read_handler) {

c->read->handler = c->ssl->saved_read_handler;
diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.h nginx-1.15.3/src/event/ngx_event_openssl.h
--- nginx-1.15.3-orig/src/event/ngx_event_openssl.h 2018-08-28 18:36:00.000000000 +0300
+++ nginx-1.15.3/src/event/ngx_event_openssl.h 2018-09-02 01:20:39.000000000 +0300
@@ -58,6 +58,13 @@
diff -urN nginx-1.15.4-orig/src/event/ngx_event_openssl.h nginx-1.15.4-dyntls/src/event/ngx_event_openssl.h
--- nginx-1.15.4-orig/src/event/ngx_event_openssl.h 2018-09-25 18:11:39.000000000 +0300
+++ nginx-1.15.4-dyntls/src/event/ngx_event_openssl.h 2018-09-27 14:05:40.000000000 +0300
@@ -58,6 +58,12 @@
#define ngx_ssl_session_t SSL_SESSION
#define ngx_ssl_conn_t SSL

Expand All @@ -74,30 +74,29 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.h nginx-1.15.3/src/event
+ size_t size_lo;
+ size_t size_hi;
+} ngx_ssl_dyn_rec_t;
+

#if (OPENSSL_VERSION_NUMBER < 0x10002000L)
#define SSL_is_server(s) (s)->server
@@ -68,6 +75,7 @@
@@ -68,6 +74,7 @@
SSL_CTX *ctx;
ngx_log_t *log;
size_t buffer_size;
+ ngx_ssl_dyn_rec_t dyn_rec;
};


@@ -93,6 +101,10 @@
unsigned no_wait_shutdown:1;
unsigned no_send_shutdown:1;
unsigned handshake_buffer_set:1;
@@ -98,6 +105,10 @@
unsigned try_early_data:1;
unsigned in_early:1;
unsigned early_preread:1;
+
+ ngx_ssl_dyn_rec_t dyn_rec;
+ ngx_msec_t dyn_rec_last_write;
+ ngx_uint_t dyn_rec_records_sent;
};


@@ -102,7 +114,7 @@
@@ -107,7 +118,7 @@
#define NGX_SSL_DFLT_BUILTIN_SCACHE -5


Expand All @@ -106,9 +105,9 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.h nginx-1.15.3/src/event

typedef struct ngx_ssl_sess_id_s ngx_ssl_sess_id_t;

diff -urN nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.c nginx-1.15.3/src/http/modules/ngx_http_ssl_module.c
--- nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.c 2018-08-28 18:36:00.000000000 +0300
+++ nginx-1.15.3/src/http/modules/ngx_http_ssl_module.c 2018-09-02 01:24:26.000000000 +0300
diff -urN nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.c nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.c
--- nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.c 2018-09-25 18:11:39.000000000 +0300
+++ nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.c 2018-09-27 14:08:12.000000000 +0300
@@ -246,6 +246,41 @@
offsetof(ngx_http_ssl_srv_conf_t, early_data),
NULL },
Expand Down Expand Up @@ -208,14 +207,14 @@ diff -urN nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.c nginx-1.15.3/
+
+ } else {
+ conf->ssl.dyn_rec.timeout = 0;
+ }
+ }
+
return NGX_CONF_OK;
}

diff -urN nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.h nginx-1.15.3/src/http/modules/ngx_http_ssl_module.h
--- nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.h 2018-08-28 18:36:00.000000000 +0300
+++ nginx-1.15.3/src/http/modules/ngx_http_ssl_module.h 2018-09-02 01:25:11.000000000 +0300
diff -urN nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.h nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.h
--- nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.h 2018-09-25 18:11:39.000000000 +0300
+++ nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.h 2018-09-27 14:09:20.000000000 +0300
@@ -58,6 +58,12 @@

u_char *file;
Expand Down
9 changes: 0 additions & 9 deletions SOURCES/webkaos.conf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,9 +6,6 @@
# most cases, but not for all. Check all configuration values before webkaos #
# usage. #
# #
# More information about pagespeed configuration you may find on this page: #
# https://developers.google.com/speed/pagespeed/ #
# #
################################################################################

user webkaos;
Expand Down Expand Up @@ -134,12 +131,6 @@ http {
# Header with unique request identifier.
add_header X-Request-ID "$request_id";

##############################################################################

# Main configuration for pagespeed. Pagespeed globally disabled, include
# xtra/pagespeed-enabled.conf in your server block to enable pagespeed.
include xtra/pagespeed.conf;

##############################################################################

server {
Expand Down
36 changes: 0 additions & 36 deletions SOURCES/webkaos.init
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,6 @@ binary=${BINARY:-/usr/sbin/webkaos}
conf_file=${CONF_FILE:-/etc/webkaos/webkaos.conf}
cache_dir=${CACHE_DIR:-/var/cache/webkaos}
log_dir=${LOG_DIR:-/var/log/webkaos}
pagespeed_cache=${PAGESPEED_CACHE:-/var/cache/webkaos/pagespeed}
ssl_dir=${SSL_DIR:-/etc/webkaos/ssl}
dh_param=${DH_PARAM:-/etc/webkaos/ssl/dhparam.pem}

Expand Down Expand Up @@ -70,8 +69,6 @@ kv.addCommandAlias "check" "configtest"
kv.addCommandAlias "restart" "condrestart"
kv.addCommandAlias "config" "conf"

[[ $pagespeed_cache ]] && kv.addCommand "clean" "Clean pagespeed cache" "clean"

kv.addHandler "start" "startServiceHandler"
kv.addHandler "start" "preStartServiceHandler" "pre"
kv.addHandler "stop" "stopServiceHandler"
Expand All @@ -93,7 +90,6 @@ prepare() {

if kv.isRoot ; then
[[ ! -w $cache_dir ]] && has_errors=true && kv.error "<CACHE_DIR> must be writable directory"
[[ ! -w $pagespeed_cache ]] && has_errors=true && kv.error "<PAGESPEED_CACHE> must be writable directory"
fi

[[ $has_errors ]] && kv.exit $ACTION_ERROR
Expand Down Expand Up @@ -233,20 +229,6 @@ reload() {
return $status
}

clean() {
kv.showProcessMessage "Cleaning pagespeed cache"

cleanPagespeedCache

local status=$?

kv.showStatusMessage "$status"

[[ $status -eq $ACTION_OK ]] && kv.log "pagespeed cache cleaned by ${kv[real_user]}."

return $status
}

###############################################################################

preStartServiceHandler() {
Expand Down Expand Up @@ -348,20 +330,6 @@ testServiceConfig() {
[[ $status -eq $ACTION_OK ]] && return $ACTION_OK || return $ACTION_ERROR
}

cleanPagespeedCache() {
if [[ -d $pagespeed_cache ]] ; then
if kv.statusIs "$STATUS_WORKS" ; then
touch $pagespeed_cache/cache.flush
else
rm -rf $pagespeed_cache/* &> /dev/null
fi

[[ $? -eq $ACTION_OK ]] && return $ACTION_OK || $ACTION_ERROR
fi

return $ACTION_ERROR
}

updateOwner() {
local user=$(getUserFromConfig)

Expand All @@ -371,10 +339,6 @@ updateOwner() {
chown -R $user: $cache_dir -R
fi

if [[ $pagespeed_cache && -d $pagespeed_cache ]] ; then
chown -R $user: $pagespeed_cache -R
fi

if [[ $log_dir && -d $log_dir ]] ; then
chown -R $user: $log_dir -R
fi
Expand Down
Loading

0 comments on commit c7e6765

Please sign in to comment.