summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--unit-github639.patch55
-rw-r--r--unit-openssl3.patch59
-rw-r--r--unit-syspol.patch32
-rw-r--r--unit.spec21
4 files changed, 6 insertions, 161 deletions
diff --git a/unit-github639.patch b/unit-github639.patch
deleted file mode 100644
index a06e79c..0000000
--- a/unit-github639.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-# HG changeset patch
-# User Zhidao HONG <z.hong@f5.com>
-# Date 1645410293 -28800
-# Mon Feb 21 10:24:53 2022 +0800
-# Node ID 5419d81ccd877b80249bfee71e37b122a68eda6d
-# Parent 00faecc2c4b6ad1bddb5b4d083e415851e9f93b1
-Improved realloc() wrapper.
-
-This closes #639 issue on Github.
-
-diff -r 00faecc2c4b6 -r 5419d81ccd87 src/nxt_malloc.c
---- a/src/nxt_malloc.c Tue Feb 15 21:43:02 2022 +0000
-+++ b/src/nxt_malloc.c Mon Feb 21 10:24:53 2022 +0800
-@@ -61,6 +61,33 @@ nxt_zalloc(size_t size)
- }
-
-
-+#if (NXT_DEBUG)
-+
-+void *
-+nxt_realloc(void *p, size_t size)
-+{
-+ void *n;
-+ uintptr_t ptr;
-+
-+ ptr = (uintptr_t) p;
-+
-+ n = realloc(p, size);
-+
-+ if (nxt_fast_path(n != NULL)) {
-+ nxt_log_debug(nxt_malloc_log(), "realloc(%p, %uz): %p", ptr, size, n);
-+
-+ } else {
-+ nxt_log_alert_moderate(&nxt_malloc_log_moderation, nxt_malloc_log(),
-+ "realloc(%p, %uz) failed %E",
-+ ptr, size, nxt_errno);
-+ }
-+
-+ return n;
-+}
-+
-+
-+#else
-+
- void *
- nxt_realloc(void *p, size_t size)
- {
-@@ -80,6 +107,8 @@ nxt_realloc(void *p, size_t size)
- return n;
- }
-
-+#endif /* NXT_DEBUG */
-+
-
- /* nxt_lvlhsh_* functions moved here to avoid references from nxt_lvlhsh.c. */
diff --git a/unit-openssl3.patch b/unit-openssl3.patch
deleted file mode 100644
index 38f2587..0000000
--- a/unit-openssl3.patch
+++ /dev/null
@@ -1,59 +0,0 @@
-From 988aa2115ec67111e8a124d4d6c0abccb63db05f Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@remirepo.net>
-Date: Thu, 18 Nov 2021 17:47:39 +0100
-Subject: [PATCH 1/2] use ERR_get_error_all with openssl 3
-
----
- src/nxt_openssl.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/nxt_openssl.c b/src/nxt_openssl.c
-index 1e08015e..22242538 100644
---- a/src/nxt_openssl.c
-+++ b/src/nxt_openssl.c
-@@ -14,7 +14,6 @@
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
--
- typedef struct {
- SSL *session;
- nxt_conn_t *conn;
-@@ -1781,7 +1780,11 @@ nxt_openssl_copy_error(u_char *p, u_char *end)
- clear = 0;
-
- for ( ;; ) {
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+ err = ERR_get_error_all(NULL, NULL, NULL, &data, &flags);
-+#else
- err = ERR_get_error_line_data(NULL, NULL, &data, &flags);
-+#endif
- if (err == 0) {
- break;
- }
-
-From 22ad9572ccb3b5f0d49219290e1f92911836cb8d Mon Sep 17 00:00:00 2001
-From: Remi Collet <remi@remirepo.net>
-Date: Thu, 18 Nov 2021 17:48:19 +0100
-Subject: [PATCH 2/2] temporarily ignore openssl 3 deprecations
-
----
- src/nxt_openssl.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/nxt_openssl.c b/src/nxt_openssl.c
-index 22242538..606cdadf 100644
---- a/src/nxt_openssl.c
-+++ b/src/nxt_openssl.c
-@@ -14,6 +14,11 @@
- #include <openssl/bio.h>
- #include <openssl/evp.h>
-
-+#if OPENSSL_VERSION_NUMBER >= 0x30000000L
-+/* TODO removed when SSL_CTX_set_tlsext_ticket_key_cb updated to SSL_CTX_set_tlsext_ticket_key_evp_cb */
-+# pragma GCC diagnostic ignored "-Wdeprecated-declarations"
-+#endif
-+
- typedef struct {
- SSL *session;
- nxt_conn_t *conn;
diff --git a/unit-syspol.patch b/unit-syspol.patch
deleted file mode 100644
index 1ab0ddf..0000000
--- a/unit-syspol.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-diff -up ./src/nxt_openssl.c.syspol ./src/nxt_openssl.c
---- ./src/nxt_openssl.c.syspol 2021-08-19 16:52:54.000000000 +0200
-+++ ./src/nxt_openssl.c 2021-08-24 07:43:45.844605992 +0200
-@@ -278,7 +278,7 @@ nxt_openssl_server_init(nxt_task_t *task
- nxt_tls_init_t *tls_init, nxt_bool_t last)
- {
- SSL_CTX *ctx;
-- const char *ciphers, *ca_certificate;
-+ const char *ca_certificate;
- nxt_tls_conf_t *conf;
- STACK_OF(X509_NAME) *list;
- nxt_tls_bundle_conf_t *bundle;
-@@ -339,13 +339,13 @@ nxt_openssl_server_init(nxt_task_t *task
- }
- */
-
-- ciphers = (conf->ciphers != NULL) ? conf->ciphers : "HIGH:!aNULL:!MD5";
--
-- if (SSL_CTX_set_cipher_list(ctx, ciphers) == 0) {
-- nxt_openssl_log_error(task, NXT_LOG_ALERT,
-+ if (conf->ciphers) { /* else use system crypto policy */
-+ if (SSL_CTX_set_cipher_list(ctx, conf->ciphers) == 0) {
-+ nxt_openssl_log_error(task, NXT_LOG_ALERT,
- "SSL_CTX_set_cipher_list(\"%s\") failed",
-- ciphers);
-- goto fail;
-+ conf->ciphers);
-+ goto fail;
-+ }
- }
-
- #if (NXT_HAVE_OPENSSL_CONF_CMD)
diff --git a/unit.spec b/unit.spec
index 13c7bcd..e017813 100644
--- a/unit.spec
+++ b/unit.spec
@@ -11,12 +11,12 @@
%global gh_owner nginx
%global project unit
-%global gh_commit 38bd7e76a134084ab95a4ee3125af1ccd7b35864
+%global gh_commit 87a1a9c0d275c6869e50bc9f3dfca1227ec54868
%global gh_short %(c=%{gh_commit}; echo ${c:0:7})
Name: unit
Summary: NGINX Unit application server
-Version: 1.28.0
+Version: 1.29.0
Release: 1%{?dist}
License: ASL 2.0
URL: https://unit.nginx.org/
@@ -27,16 +27,6 @@ Source2: unit.init
Source3: unit.sysconf
Source4: unit.logrotate
-# Use system crypto policy
-# https://github.com/nginx/unit/pull/215
-Patch0: %{project}-syspol.patch
-# Workaround for OpenSSL 3.0
-# https://github.com/nginx/unit/pull/598
-Patch1: %{project}-openssl3.patch
-# Workaround use-afer-free
-# https://github.com/nginx/unit/issues/639
-Patch2: %{project}-github639.patch
-
BuildRequires: make
BuildRequires: gcc
BuildRequires: openssl-devel
@@ -69,9 +59,6 @@ Library and include files required for NGINX Unit modules development.
%prep
%setup -qn %{project}-%{gh_commit}
-%patch0 -p1 -b .syspol
-%patch1 -p1 -b .openssl3
-%patch2 -p1 -b .gcc12
cp pkg/rpm/rpmbuild/SOURCES/unit.example.config example.config
@@ -195,6 +182,10 @@ BANNER
%changelog
+* Thu Dec 15 2022 Remi Collet <remi@remirepo.net> - 1.29.0-1
+- update to 1.29.0
+- drop patches merged upstream
+
* Tue Sep 13 2022 Remi Collet <remi@remirepo.net> - 1.28.0-1
- update to 1.28.0