pool/nginx
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 399657 from server:http

Browse Source 
- in the sysvinit script use the pid file in /var/run

- update to 1.10.1 (bsc# 982505)
  Security: a segmentation fault might occur in a worker process
  while writing a specially crafted request body to a temporary
  file (CVE-2016-4450); the bug had appeared in 1.3.9.

- improve conditionals
  - merge the 12.2 and 12.1 based conditionals into 1 as both of
    them are out of support now.
  - enable pcre JIT
  - make use if libatomic_ops on Leap

- enable dynamic modules for intree modules. The following modules
  are built as loadable modules now:
  ngx_http_geoip_module.so
  ngx_http_image_filter_module.so
  ngx_http_perl_module.so
  ngx_http_xslt_filter_module.so
  ngx_mail_module.so
  ngx_stream_module.so
  You will have to load those modules with load_module.
  http://nginx.org/en/docs/ngx_core_module.html#load_module
  The correct syntax for this package is:
  # For 64bit machines:
  load_module lib64/nginx/modules/ngx_http_geoip_module.so;
  # For 32bit machines:
  load_module lib/nginx/modules/ngx_http_geoip_module.so;
  Examples for all the intree modules have been added to the
  default nginx.conf

OBS-URL: https://build.opensuse.org/request/show/399657
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/nginx?expand=0&rev=4
This commit is contained in:
Dominique Leuenberger 2016-06-07 21:47:00 +00:00 committed by Git OBS Bridge
commit 062cc29c3f
6 changed files with 98 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nginx-1.10.0.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:8ed647c3dd65bc4ced03b0e0f6bf9e633eff6b01bac772bcf97077d58bc2be4d
size 908954

3
nginx-1.10.1.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:1fd35846566485e03c0e318989561c135c598323ff349c503a6c14826487a801
size 909077

23
nginx-1.6.1-default_config.patch
View File

@ -1,8 +1,8 @@
Index: conf/nginx.conf
===================================================================
--- conf.orig/nginx.conf
--- conf/nginx.conf.orig
+++ conf/nginx.conf
@@ -1,16 +1,17 @@
@@ -1,16 +1,24 @@
-#user nobody;
+#user nginx;
@ -11,6 +11,13 @@ Index: conf/nginx.conf
-#error_log logs/error.log;
-#error_log logs/error.log notice;
-#error_log logs/error.log info;
+# load_module #LIBDIR#/nginx/modules/ngx_http_geoip_module.so;
+# load_module #LIBDIR#/nginx/modules/ngx_http_image_filter_module.so;
+# load_module #LIBDIR#/nginx/modules/ngx_http_perl_module.so;
+# load_module #LIBDIR#/nginx/modules/ngx_http_xslt_filter_module.so;
+# load_module #LIBDIR#/nginx/modules/ngx_mail_module.so;
+# load_module #LIBDIR#/nginx/modules/ngx_stream_module.so;
+
+#error_log /var/log/nginx/error.log;
+#error_log /var/log/nginx/error.log notice;
+#error_log /var/log/nginx/error.log info;
@ -25,7 +32,7 @@ Index: conf/nginx.conf
}
@@ -22,7 +23,7 @@ http {
@@ -22,7 +30,7 @@ http {
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
@ -34,7 +41,7 @@ Index: conf/nginx.conf
sendfile on;
#tcp_nopush on;
@@ -32,16 +33,18 @@ http {
@@ -32,16 +40,18 @@ http {
#gzip on;
@ -55,7 +62,7 @@ Index: conf/nginx.conf
index index.html index.htm;
}
@@ -51,7 +54,7 @@ http {
@@ -51,7 +61,7 @@ http {
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
@ -64,7 +71,7 @@ Index: conf/nginx.conf
}
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
@@ -63,7 +66,7 @@ http {
@@ -63,7 +73,7 @@ http {
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
@ -73,7 +80,7 @@ Index: conf/nginx.conf
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
@@ -87,7 +90,7 @@ http {
@@ -87,7 +97,7 @@ http {
# server_name somename alias another.alias;
# location / {
@ -82,7 +89,7 @@ Index: conf/nginx.conf
# index index.html index.htm;
# }
#}
@@ -109,9 +112,11 @@ http {
@@ -109,9 +119,11 @@ http {
# ssl_prefer_server_ciphers on;
# location / {

51
nginx.changes
View File

@ -1,3 +1,54 @@
-------------------------------------------------------------------
Thu Jun 2 11:55:19 UTC 2016 - mrueckert@suse.de
- in the sysvinit script use the pid file in /var/run
-------------------------------------------------------------------
Wed Jun 1 12:33:55 UTC 2016 - mrueckert@suse.de
- update to 1.10.1 (bsc# 982505)
Security: a segmentation fault might occur in a worker process
while writing a specially crafted request body to a temporary
file (CVE-2016-4450); the bug had appeared in 1.3.9.
-------------------------------------------------------------------
Sun May 15 11:03:18 UTC 2016 - mrueckert@suse.de
- improve conditionals
- merge the 12.2 and 12.1 based conditionals into 1 as both of
them are out of support now.
- enable pcre JIT
- make use if libatomic_ops on Leap
-------------------------------------------------------------------
Sun May 15 10:36:19 UTC 2016 - mrueckert@suse.de
- enable dynamic modules for intree modules. The following modules
are built as loadable modules now:
ngx_http_geoip_module.so
ngx_http_image_filter_module.so
ngx_http_perl_module.so
ngx_http_xslt_filter_module.so
ngx_mail_module.so
ngx_stream_module.so
You will have to load those modules with load_module.
http://nginx.org/en/docs/ngx_core_module.html#load_module
The correct syntax for this package is:
# For 64bit machines:
load_module lib64/nginx/modules/ngx_http_geoip_module.so;
# For 32bit machines:
load_module lib/nginx/modules/ngx_http_geoip_module.so;
Examples for all the intree modules have been added to the
default nginx.conf
- patches updated:
nginx-1.6.1-default_config.patch - added load_module example
-------------------------------------------------------------------
Sun May 15 05:34:35 UTC 2016 - mrueckert@suse.de

2
nginx.init
View File

@ -115,7 +115,7 @@ NGINX_BIN=/usr/sbin/nginx
test -x $NGINX_BIN || { echo "$NGINX_BIN not installed";
if [ "$1" = "stop" ]; then exit 0;
else exit 5; fi; }
NGINX_PID=/run/nginx.pid
NGINX_PID=/var/run/nginx.pid
# Check for existence of needed config file and read it
#NGINX_CONFIG=/etc/sysconfig/nginx

43
nginx.spec
View File

@ -20,7 +20,7 @@
%bcond_with google_perftools
%bcond_without fancyindex
%if 0%{?suse_version} != 1315
%if 0%{?suse_version} != 1315 || 0%{?is_opensuse}
%bcond_without libatomic
%else
%bcond_with libatomic
@ -28,19 +28,18 @@
%if 0%{?suse_version} > 1220
%bcond_without http2
%else
%bcond_with http2
%endif
%if 0%{?suse_version} >= 1210
%bcond_without pcre_jit
%bcond_without systemd
%else
%bcond_with systemd
%bcond_with http2
%bcond_with pcre_jit
%bcond_with systemd
%endif
%define pkg_name nginx
%define ngx_prefix %{_prefix}
%define ngx_sbin_path %{_sbindir}/nginx
%define ngx_module_dir %{_libdir}/nginx/modules
%define ngx_conf_dir %{_sysconfdir}/nginx
%define ngx_conf_path %{ngx_conf_dir}/nginx.conf
%define ngx_log_dir %{_localstatedir}/log/nginx
@ -63,7 +62,7 @@
%endif
#
Name: nginx
Version: 1.10.0
Version: 1.10.1
Release: 0
%define fancyindex_version 0.3.5
Summary: A HTTP server and IMAP/POP3 proxy server
@ -135,6 +134,8 @@ It has been running on many heavily loaded Russian sites for more than two years
%patch4 -p1
perl -pi -e 's|\r\n|\n|g' contrib/geo2nginx.pl
# we just use lib here because nginx loads them relative to _prefix
perl -pi -e 's|#LIBDIR#|%{_lib}|g' conf/nginx.conf
%if %{with fancyindex}
mkdir -p ngx-fancyindex-%{fancyindex_version}
@ -151,6 +152,7 @@ sed -i "s/\/var\/run/\/run/" %{_sourcedir}/nginx.init
./configure \
--prefix=%{ngx_prefix}/ \
--sbin-path=%{ngx_sbin_path} \
--modules-path=%{ngx_module_dir} \
--conf-path=%{ngx_conf_path} \
--error-log-path=%{ngx_error_log} \
--http-log-path=%{ngx_access_log} \
@ -173,9 +175,9 @@ sed -i "s/\/var\/run/\/run/" %{_sourcedir}/nginx.init
%endif
--with-http_realip_module \
--with-http_addition_module \
--with-http_xslt_module \
--with-http_image_filter_module \
--with-http_geoip_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
@ -188,12 +190,15 @@ sed -i "s/\/var\/run/\/run/" %{_sourcedir}/nginx.init
--with-http_degradation_module \
--with-http_slice_module \
--with-http_stub_status_module \
--with-http_perl_module \
--with-http_perl_module=dynamic \
--with-perl=%{_bindir}/perl \
--with-mail \
--with-stream \
--with-mail=dynamic \
--with-stream=dynamic \
--with-mail_ssl_module \
--with-pcre \
%if %{with pcre_jit}
--with-pcre-jit \
%endif
%if %{with libatomic}
--with-libatomic \
%endif
@ -209,7 +214,7 @@ sed -i "s/\/var\/run/\/run/" %{_sourcedir}/nginx.init
--with-md5=%{_prefix} \
--with-sha1=%{_prefix} \
%if 0%{?suse_version} > 1220
--with-cc-opt="%{optflags} -fPIE -D_GNU_SOURCE -std=gnu99 -fstack-protector" \
--with-cc-opt="%{optflags} -fPIC -D_GNU_SOURCE -std=gnu99 -fstack-protector" \
--with-ld-opt="-Wl,-z,relro,-z,now -pie"
%else
--with-cc-opt="%{optflags}"
@ -285,6 +290,14 @@ rm %{buildroot}/srv/www/htdocs/index.html
%{perl_vendorarch}/auto/nginx/
%{perl_vendorarch}/nginx.pm
%{ngx_sbin_path}
%dir %{_libdir}/nginx/
%dir %{ngx_module_dir}/
%{ngx_module_dir}/ngx_http_geoip_module.so
%{ngx_module_dir}/ngx_http_image_filter_module.so
%{ngx_module_dir}/ngx_http_perl_module.so
%{ngx_module_dir}/ngx_http_xslt_filter_module.so
%{ngx_module_dir}/ngx_mail_module.so
%{ngx_module_dir}/ngx_stream_module.so
%{_mandir}/man3/nginx.3pm*
/srv/www/htdocs/50x.html
%if 0%{?suse_version} && 0%{?suse_version} < 1140