Merge pull request #72 from essentialkaos/develop

 Version 1.15.4

Author: andyone

SOURCES/boringssl.patch

@@ -1,17 +1,17 @@
-diff -ur nginx-1.11.6/src/event/ngx_event_openssl.c nginx-1.11.6-patched/src/event/ngx_event_openssl.c
---- nginx-1.11.6/src/event/ngx_event_openssl.c	2016-11-15 15:11:47.000000000 +0000
-+++ nginx-1.11.6-patched/src/event/ngx_event_openssl.c	2016-11-16 23:39:22.792289533 +0000
-@@ -2016,7 +2016,9 @@
- 
-             /* handshake failures */
-         if (n == SSL_R_BAD_CHANGE_CIPHER_SPEC                        /*  103 */
+diff -urN nginx-1.15.4-orig/src/event/ngx_event_openssl.c nginx-1.15.4-boring/src/event/ngx_event_openssl.c
+--- nginx-1.15.4-orig/src/event/ngx_event_openssl.c	2018-09-25 18:11:39.000000000 +0300
++++ nginx-1.15.4-boring/src/event/ngx_event_openssl.c	2018-09-27 14:21:12.000000000 +0300
+@@ -2591,7 +2591,9 @@
+ #ifdef SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM
+             || n == SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM            /*  118 */
+ #endif
 +#ifdef SSL_R_BLOCK_CIPHER_PAD_IS_WRONG
              || n == SSL_R_BLOCK_CIPHER_PAD_IS_WRONG                  /*  129 */
 +#endif
              || n == SSL_R_DIGEST_CHECK_FAILED                        /*  149 */
              || n == SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST              /*  151 */
              || n == SSL_R_EXCESSIVE_MESSAGE_SIZE                     /*  152 */
-@@ -2024,7 +2026,9 @@
+@@ -2601,7 +2603,9 @@
  #ifdef SSL_R_NO_CIPHERS_PASSED
              || n == SSL_R_NO_CIPHERS_PASSED                          /*  182 */
  #endif

SOURCES/ngx_pagespeed-build-force.patch

@@ -1,15 +1,15 @@
-diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.c nginx-1.15.3/src/event/ngx_event_openssl.c
---- nginx-1.15.3-orig/src/event/ngx_event_openssl.c	2018-08-28 18:36:00.000000000 +0300
-+++ nginx-1.15.3/src/event/ngx_event_openssl.c	2018-09-02 01:18:43.000000000 +0300
-@@ -1239,6 +1239,7 @@
+diff -urN nginx-1.15.4-orig/src/event/ngx_event_openssl.c nginx-1.15.4-dyntls/src/event/ngx_event_openssl.c
+--- nginx-1.15.4-orig/src/event/ngx_event_openssl.c	2018-09-25 18:11:39.000000000 +0300
++++ nginx-1.15.4-dyntls/src/event/ngx_event_openssl.c	2018-09-27 14:01:16.000000000 +0300
+@@ -1267,6 +1267,7 @@
 
      sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
      sc->buffer_size = ssl->buffer_size;
 +    sc->dyn_rec = ssl->dyn_rec;
 
      sc->session_ctx = ssl->ctx;
 
-@@ -1806,6 +1807,41 @@
+@@ -2115,6 +2116,41 @@
 
      for ( ;; ) {
 
@@ -51,7 +51,7 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.c nginx-1.15.3/src/event
          while (in && buf->last < buf->end && send < limit) {
              if (in->buf->last_buf || in->buf->flush) {
                  flush = 1;
-@@ -1907,6 +1943,9 @@
+@@ -2222,6 +2258,9 @@
 
      if (n > 0) {
 
@@ -61,10 +61,10 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.c nginx-1.15.3/src/event
          if (c->ssl->saved_read_handler) {
 
              c->read->handler = c->ssl->saved_read_handler;
-diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.h nginx-1.15.3/src/event/ngx_event_openssl.h
---- nginx-1.15.3-orig/src/event/ngx_event_openssl.h	2018-08-28 18:36:00.000000000 +0300
-+++ nginx-1.15.3/src/event/ngx_event_openssl.h	2018-09-02 01:20:39.000000000 +0300
-@@ -58,6 +58,13 @@
+diff -urN nginx-1.15.4-orig/src/event/ngx_event_openssl.h nginx-1.15.4-dyntls/src/event/ngx_event_openssl.h
+--- nginx-1.15.4-orig/src/event/ngx_event_openssl.h	2018-09-25 18:11:39.000000000 +0300
++++ nginx-1.15.4-dyntls/src/event/ngx_event_openssl.h	2018-09-27 14:05:40.000000000 +0300
+@@ -58,6 +58,12 @@
  #define ngx_ssl_session_t       SSL_SESSION
  #define ngx_ssl_conn_t          SSL
 
@@ -74,30 +74,29 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.h nginx-1.15.3/src/event
 +    size_t                      size_lo;
 +    size_t                      size_hi;
 +} ngx_ssl_dyn_rec_t;
-+
 
  #if (OPENSSL_VERSION_NUMBER < 0x10002000L)
  #define SSL_is_server(s)        (s)->server
-@@ -68,6 +75,7 @@
+@@ -68,6 +74,7 @@
      SSL_CTX                    *ctx;
      ngx_log_t                  *log;
      size_t                      buffer_size;
 +    ngx_ssl_dyn_rec_t           dyn_rec;
  };
 
 
-@@ -93,6 +101,10 @@
-     unsigned                    no_wait_shutdown:1;
-     unsigned                    no_send_shutdown:1;
-     unsigned                    handshake_buffer_set:1;
+@@ -98,6 +105,10 @@
+     unsigned                    try_early_data:1;
+     unsigned                    in_early:1;
+     unsigned                    early_preread:1;
 +
 +    ngx_ssl_dyn_rec_t           dyn_rec;
 +    ngx_msec_t                  dyn_rec_last_write;
 +    ngx_uint_t                  dyn_rec_records_sent;
  };
 
 
-@@ -102,7 +114,7 @@
+@@ -107,7 +118,7 @@
  #define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
 
 
@@ -106,9 +105,9 @@ diff -urN nginx-1.15.3-orig/src/event/ngx_event_openssl.h nginx-1.15.3/src/event
 
  typedef struct ngx_ssl_sess_id_s  ngx_ssl_sess_id_t;
 
-diff -urN nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.c nginx-1.15.3/src/http/modules/ngx_http_ssl_module.c
---- nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.c	2018-08-28 18:36:00.000000000 +0300
-+++ nginx-1.15.3/src/http/modules/ngx_http_ssl_module.c	2018-09-02 01:24:26.000000000 +0300
+diff -urN nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.c nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.c
+--- nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.c	2018-09-25 18:11:39.000000000 +0300
++++ nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.c	2018-09-27 14:08:12.000000000 +0300
 @@ -246,6 +246,41 @@
        offsetof(ngx_http_ssl_srv_conf_t, early_data),
        NULL },
@@ -208,14 +207,14 @@ diff -urN nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.c nginx-1.15.3/
 +
 +    } else {
 +        conf->ssl.dyn_rec.timeout = 0;
-+    }
++    }   
 +
      return NGX_CONF_OK;
  }
 
-diff -urN nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.h nginx-1.15.3/src/http/modules/ngx_http_ssl_module.h
---- nginx-1.15.3-orig/src/http/modules/ngx_http_ssl_module.h	2018-08-28 18:36:00.000000000 +0300
-+++ nginx-1.15.3/src/http/modules/ngx_http_ssl_module.h	2018-09-02 01:25:11.000000000 +0300
+diff -urN nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.h nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.h
+--- nginx-1.15.4-orig/src/http/modules/ngx_http_ssl_module.h	2018-09-25 18:11:39.000000000 +0300
++++ nginx-1.15.4-dyntls/src/http/modules/ngx_http_ssl_module.h	2018-09-27 14:09:20.000000000 +0300
 @@ -58,6 +58,12 @@
 
      u_char                         *file;

SOURCES/pagespeed-access.pswd

@@ -6,9 +6,6 @@
 # most cases, but not for all. Check all configuration values before webkaos   #
 # usage.                                                                       #
 #                                                                              #
-# More information about pagespeed configuration you may find on this page:    #
-# https://developers.google.com/speed/pagespeed/                               #
-#                                                                              #
 ################################################################################
 
 user  webkaos;
@@ -134,12 +131,6 @@ http {
   # Header with unique request identifier.
   add_header X-Request-ID "$request_id";
 
-  ##############################################################################
-  
-  # Main configuration for pagespeed. Pagespeed globally disabled, include
-  # xtra/pagespeed-enabled.conf in your server block to enable pagespeed.
-  include xtra/pagespeed.conf;
-
   ##############################################################################
 
   server {

SOURCES/pagespeed-enabled.conf

@@ -39,7 +39,6 @@ binary=${BINARY:-/usr/sbin/webkaos}
 conf_file=${CONF_FILE:-/etc/webkaos/webkaos.conf}
 cache_dir=${CACHE_DIR:-/var/cache/webkaos}
 log_dir=${LOG_DIR:-/var/log/webkaos}
-pagespeed_cache=${PAGESPEED_CACHE:-/var/cache/webkaos/pagespeed}
 ssl_dir=${SSL_DIR:-/etc/webkaos/ssl}
 dh_param=${DH_PARAM:-/etc/webkaos/ssl/dhparam.pem}
 
@@ -70,8 +69,6 @@ kv.addCommandAlias "check"   "configtest"
 kv.addCommandAlias "restart" "condrestart"
 kv.addCommandAlias "config"  "conf"
 
-[[ $pagespeed_cache ]] && kv.addCommand "clean" "Clean pagespeed cache" "clean"
-
 kv.addHandler "start"   "startServiceHandler"
 kv.addHandler "start"   "preStartServiceHandler" "pre"
 kv.addHandler "stop"    "stopServiceHandler"
@@ -93,7 +90,6 @@ prepare() {
 
   if kv.isRoot ; then
     [[ ! -w $cache_dir ]] && has_errors=true && kv.error "<CACHE_DIR> must be writable directory"
-    [[ ! -w $pagespeed_cache ]] && has_errors=true && kv.error "<PAGESPEED_CACHE> must be writable directory"
   fi
 
   [[ $has_errors ]] && kv.exit $ACTION_ERROR
@@ -233,20 +229,6 @@ reload() {
   return $status
 }
 
-clean() {
-  kv.showProcessMessage "Cleaning pagespeed cache"
-
-  cleanPagespeedCache
-
-  local status=$?
-
-  kv.showStatusMessage "$status"
-
-  [[ $status -eq $ACTION_OK ]] && kv.log "pagespeed cache cleaned by ${kv[real_user]}."
-
-  return $status
-}
-
 ###############################################################################
 
 preStartServiceHandler() {
@@ -348,20 +330,6 @@ testServiceConfig() {
   [[ $status -eq $ACTION_OK ]] && return $ACTION_OK || return $ACTION_ERROR
 }
 
-cleanPagespeedCache() {
-  if [[ -d $pagespeed_cache ]] ; then
-    if kv.statusIs "$STATUS_WORKS" ; then
-      touch $pagespeed_cache/cache.flush
-    else
-      rm -rf $pagespeed_cache/* &> /dev/null
-    fi
-
-    [[ $? -eq $ACTION_OK ]] && return $ACTION_OK || $ACTION_ERROR
-  fi
-
-  return $ACTION_ERROR
-}
-
 updateOwner() {
   local user=$(getUserFromConfig)
 
@@ -371,10 +339,6 @@ updateOwner() {
     chown -R $user: $cache_dir -R
   fi
 
-  if [[ $pagespeed_cache && -d $pagespeed_cache ]] ; then
-    chown -R $user: $pagespeed_cache -R
-  fi
-
   if [[ $log_dir && -d $log_dir ]] ; then
     chown -R $user: $log_dir -R
   fi