diff options
-rw-r--r-- | unit-github639.patch | 55 | ||||
-rw-r--r-- | unit-openssl3.patch | 59 | ||||
-rw-r--r-- | unit-syspol.patch | 32 | ||||
-rw-r--r-- | unit.spec | 110 |
4 files changed, 82 insertions, 174 deletions
diff --git a/unit-github639.patch b/unit-github639.patch deleted file mode 100644 index a06e79c..0000000 --- a/unit-github639.patch +++ /dev/null @@ -1,55 +0,0 @@ -# HG changeset patch -# User Zhidao HONG <z.hong@f5.com> -# Date 1645410293 -28800 -# Mon Feb 21 10:24:53 2022 +0800 -# Node ID 5419d81ccd877b80249bfee71e37b122a68eda6d -# Parent 00faecc2c4b6ad1bddb5b4d083e415851e9f93b1 -Improved realloc() wrapper. - -This closes #639 issue on Github. - -diff -r 00faecc2c4b6 -r 5419d81ccd87 src/nxt_malloc.c ---- a/src/nxt_malloc.c Tue Feb 15 21:43:02 2022 +0000 -+++ b/src/nxt_malloc.c Mon Feb 21 10:24:53 2022 +0800 -@@ -61,6 +61,33 @@ nxt_zalloc(size_t size) - } - - -+#if (NXT_DEBUG) -+ -+void * -+nxt_realloc(void *p, size_t size) -+{ -+ void *n; -+ uintptr_t ptr; -+ -+ ptr = (uintptr_t) p; -+ -+ n = realloc(p, size); -+ -+ if (nxt_fast_path(n != NULL)) { -+ nxt_log_debug(nxt_malloc_log(), "realloc(%p, %uz): %p", ptr, size, n); -+ -+ } else { -+ nxt_log_alert_moderate(&nxt_malloc_log_moderation, nxt_malloc_log(), -+ "realloc(%p, %uz) failed %E", -+ ptr, size, nxt_errno); -+ } -+ -+ return n; -+} -+ -+ -+#else -+ - void * - nxt_realloc(void *p, size_t size) - { -@@ -80,6 +107,8 @@ nxt_realloc(void *p, size_t size) - return n; - } - -+#endif /* NXT_DEBUG */ -+ - - /* nxt_lvlhsh_* functions moved here to avoid references from nxt_lvlhsh.c. */ diff --git a/unit-openssl3.patch b/unit-openssl3.patch deleted file mode 100644 index 38f2587..0000000 --- a/unit-openssl3.patch +++ /dev/null @@ -1,59 +0,0 @@ -From 988aa2115ec67111e8a124d4d6c0abccb63db05f Mon Sep 17 00:00:00 2001 -From: Remi Collet <remi@remirepo.net> -Date: Thu, 18 Nov 2021 17:47:39 +0100 -Subject: [PATCH 1/2] use ERR_get_error_all with openssl 3 - ---- - src/nxt_openssl.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/src/nxt_openssl.c b/src/nxt_openssl.c -index 1e08015e..22242538 100644 ---- a/src/nxt_openssl.c -+++ b/src/nxt_openssl.c -@@ -14,7 +14,6 @@ - #include <openssl/bio.h> - #include <openssl/evp.h> - -- - typedef struct { - SSL *session; - nxt_conn_t *conn; -@@ -1781,7 +1780,11 @@ nxt_openssl_copy_error(u_char *p, u_char *end) - clear = 0; - - for ( ;; ) { -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+ err = ERR_get_error_all(NULL, NULL, NULL, &data, &flags); -+#else - err = ERR_get_error_line_data(NULL, NULL, &data, &flags); -+#endif - if (err == 0) { - break; - } - -From 22ad9572ccb3b5f0d49219290e1f92911836cb8d Mon Sep 17 00:00:00 2001 -From: Remi Collet <remi@remirepo.net> -Date: Thu, 18 Nov 2021 17:48:19 +0100 -Subject: [PATCH 2/2] temporarily ignore openssl 3 deprecations - ---- - src/nxt_openssl.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/src/nxt_openssl.c b/src/nxt_openssl.c -index 22242538..606cdadf 100644 ---- a/src/nxt_openssl.c -+++ b/src/nxt_openssl.c -@@ -14,6 +14,11 @@ - #include <openssl/bio.h> - #include <openssl/evp.h> - -+#if OPENSSL_VERSION_NUMBER >= 0x30000000L -+/* TODO removed when SSL_CTX_set_tlsext_ticket_key_cb updated to SSL_CTX_set_tlsext_ticket_key_evp_cb */ -+# pragma GCC diagnostic ignored "-Wdeprecated-declarations" -+#endif -+ - typedef struct { - SSL *session; - nxt_conn_t *conn; diff --git a/unit-syspol.patch b/unit-syspol.patch deleted file mode 100644 index 1ab0ddf..0000000 --- a/unit-syspol.patch +++ /dev/null @@ -1,32 +0,0 @@ -diff -up ./src/nxt_openssl.c.syspol ./src/nxt_openssl.c ---- ./src/nxt_openssl.c.syspol 2021-08-19 16:52:54.000000000 +0200 -+++ ./src/nxt_openssl.c 2021-08-24 07:43:45.844605992 +0200 -@@ -278,7 +278,7 @@ nxt_openssl_server_init(nxt_task_t *task - nxt_tls_init_t *tls_init, nxt_bool_t last) - { - SSL_CTX *ctx; -- const char *ciphers, *ca_certificate; -+ const char *ca_certificate; - nxt_tls_conf_t *conf; - STACK_OF(X509_NAME) *list; - nxt_tls_bundle_conf_t *bundle; -@@ -339,13 +339,13 @@ nxt_openssl_server_init(nxt_task_t *task - } - */ - -- ciphers = (conf->ciphers != NULL) ? conf->ciphers : "HIGH:!aNULL:!MD5"; -- -- if (SSL_CTX_set_cipher_list(ctx, ciphers) == 0) { -- nxt_openssl_log_error(task, NXT_LOG_ALERT, -+ if (conf->ciphers) { /* else use system crypto policy */ -+ if (SSL_CTX_set_cipher_list(ctx, conf->ciphers) == 0) { -+ nxt_openssl_log_error(task, NXT_LOG_ALERT, - "SSL_CTX_set_cipher_list(\"%s\") failed", -- ciphers); -- goto fail; -+ conf->ciphers); -+ goto fail; -+ } - } - - #if (NXT_HAVE_OPENSSL_CONF_CMD) @@ -1,24 +1,26 @@ # remirepo/fedora spec file for unit-php # -# Copyright (c) 2019-2021 Remi Collet -# License: CC-BY-SA +# Copyright (c) 2019-2024 Remi Collet +# License: CC-BY-SA-4.0 # http://creativecommons.org/licenses/by-sa/4.0/ # # Please, preserve the changelog entries # %bcond_without tests +# require ONLINE build for sources download +%bcond_with wasm %global gh_owner nginx %global project unit -%global gh_commit 3d1fa29f1d03e392df534b6589d3e1d2ed883671 +%global gh_commit 48d79170596d9923f2612d25e5a62ca0999b4313 %global gh_short %(c=%{gh_commit}; echo ${c:0:7}) Name: unit Summary: NGINX Unit application server -Version: 1.27.0 +Version: 1.32.1 Release: 1%{?dist} -License: ASL 2.0 +License: Apache-2.0 URL: https://unit.nginx.org/ Source0: https://github.com/%{gh_owner}/%{project}/archive/%{gh_commit}/%{project}-%{version}-%{gh_short}.tar.gz @@ -27,27 +29,29 @@ Source2: unit.init Source3: unit.sysconf Source4: unit.logrotate -# Use system crypto policy -# https://github.com/nginx/unit/pull/215 -Patch0: %{project}-syspol.patch -# Workaround for OpenSSL 3.0 -# https://github.com/nginx/unit/pull/598 -Patch1: %{project}-openssl3.patch -# Woraroung use-afer-free -# https://github.com/nginx/unit/issues/639 -Patch2: %{project}-github639.patch - BuildRequires: make BuildRequires: gcc BuildRequires: openssl-devel BuildRequires: pcre2-devel +# command tool only to pull library dependencies +BuildRequires: njs +BuildRequires: libnjs-devel = 0.8.2 BuildRequires: systemd +%if %{with wasm} +BuildRequires: clang +BuildRequires: llvm +%endif +%if 0%{?rhel} == 7 %{?systemd_requires} +%else +%{?systemd_ordering} +%endif Requires(pre): /usr/sbin/useradd Requires: logrotate Provides: nginx-unit = %{version}-%{release} +Provides: unit-r%{version} %description @@ -69,11 +73,6 @@ Library and include files required for NGINX Unit modules development. %prep %setup -qn %{project}-%{gh_commit} -%patch0 -p1 -b .syspol -%patch1 -p1 -b .openssl3 -%patch2 -p1 -b .gcc12 - -cp pkg/rpm/rpmbuild/SOURCES/unit.example.config example.config %build @@ -84,36 +83,46 @@ unitconf() { ./configure \ --libdir=%{_libdir} \ --prefix=%{_prefix} \ - --state=%{_sharedstatedir}/unit \ + --statedir=%{_sharedstatedir}/unit \ --control="unix:/run/unit/control.sock" \ --pid=/run/unit/unit.pid \ + --runstatedir=/var/run \ --log=/var/log/unit/unit.log \ - --tmp=/var/tmp \ + --logdir=/var/log \ + --tmpdir=/var/tmp \ --user=unit \ --group=unit \ --openssl \ --cc-opt="%{optflags}" \ --tests \ + --njs \ $* } unitconf \ - --modules=%{_libdir}/unit/debug-modules \ + --modulesdir=%{_libdir}/unit/debug-modules \ --debug make %{?_smp_mflags} -make %{?_smp_mflags} build/libunit.a +make %{?_smp_mflags} build/lib/libunit.a mv build build-debug +%if %{with wasm} +make %{?_smp_mflags} -C pkg/contrib .libunit-wasm +%endif + unitconf \ - --modules=%{_libdir}/unit/modules + --modulesdir=%{_libdir}/unit/modules make %{?_smp_mflags} %install DESTDIR=%{buildroot} make unitd-install libunit-install manpage-install -install -m755 build-debug/unitd %{buildroot}%{_sbindir}/unitd-debug -install -m644 build-debug/libunit.a %{buildroot}%{_libdir}/libunit-debug.a +install -m755 -D tools/unitc %{buildroot}%{_bindir}/unitc +install -m755 -D tools/setup-unit %{buildroot}%{_bindir}/setup-unit + +install -m755 build-debug/sbin/unitd %{buildroot}%{_sbindir}/unitd-debug +install -m644 build-debug/lib/libunit.a %{buildroot}%{_libdir}/libunit-debug.a mkdir -p %{buildroot}%{_sysconfdir}/%{name} mkdir -p %{buildroot}%{_libdir}/%{name}/modules @@ -128,6 +137,12 @@ install -p -D -m 0644 %{SOURCE4} %{buildroot}%{_sysconfdir}/logrotate.d/%{name} install -p -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service mkdir -p %{buildroot}%{_sysconfdir}/systemd/system/%{name}.service.d +%if %{with wasm} +mkdir -p %{buildroot}%{_includedir}/unit/ +install -m 644 pkg/contrib/libunit-wasm/src/c/libunit-wasm.a %{buildroot}%{_libdir}/ +install -m 644 pkg/contrib/libunit-wasm/src/c/include/unit/unit-wasm.h %{buildroot}%{_includedir}/unit/ +%endif + %check %if %{with tests} @@ -171,7 +186,8 @@ BANNER %{!?_licensedir:%global license %%doc} %license LICENSE %doc NOTICE CHANGES *.md -%doc example.config +%attr(0755,root,root) %{_bindir}/unitc +%attr(0755,root,root) %{_bindir}/setup-unit %attr(0755,root,root) %{_sbindir}/unitd %attr(0755,root,root) %{_sbindir}/unitd-debug %dir %{_sysconfdir}/unit @@ -191,10 +207,48 @@ BANNER # API is not stable YET, so keep the static library for now (like upstream packages) %{_libdir}/libunit.a %{_libdir}/libunit-debug.a +%if %{with wasm} +%{_libdir}/libunit-wasm.a +%dir %{_includedir}/unit +%{_includedir}/unit/*.h +%endif %{_includedir}/nxt_*.h +%{_datadir}/pkgconfig/unit.pc %changelog +* Tue Mar 26 2024 Remi Collet <remi@remirepo.net> - 1.32.1-1 +- update to 1.32.1 + +* Tue Feb 27 2024 Remi Collet <remi@remirepo.net> - 1.32.0-1 +- update to 1.32.0 using njs 0.8.2 + +* Wed Dec 20 2023 Remi Collet <remi@remirepo.net> - 1.31.1-3 +- enable NGINX JavaScript (njs) configuration extension + +* Mon Nov 6 2023 Remi Collet <remi@remirepo.net> - 1.31.1-2 +- weak dependencies on systemd + +* Thu Oct 19 2023 Remi Collet <remi@remirepo.net> - 1.31.1-1 +- update to 1.31.1 + +* Thu Aug 31 2023 Remi Collet <remi@remirepo.net> - 1.31.0-1 +- update to 1.31.0 + +* Thu May 11 2023 Remi Collet <remi@remirepo.net> - 1.30.0-1 +- update to 1.30.0 +- add unitc and setup-unit commands + +* Wed Mar 1 2023 Remi Collet <remi@remirepo.net> - 1.29.1-1 +- update to 1.29.1 + +* Thu Dec 15 2022 Remi Collet <remi@remirepo.net> - 1.29.0-1 +- update to 1.29.0 +- drop patches merged upstream + +* Tue Sep 13 2022 Remi Collet <remi@remirepo.net> - 1.28.0-1 +- update to 1.28.0 + * Thu Jun 2 2022 Remi Collet <remi@remirepo.net> - 1.27.0-1 - update to 1.27.0 |