update to 1.26.0

- add Sergey Kandaurov's PGP public key
- add Roman Arutyunyan's PGP public key
- remove Maxim Dounin's PGP public key
- enable experimental HTTP/3 module
- refresh patches
- update default config http2 directive
- remove outdated custom error pages, reducing maintenance burden
This commit is contained in:
Luboš Uhliarik 2024-05-23 23:03:41 +02:00
parent a1782b1ee5
commit 21d57124fa
11 changed files with 323 additions and 438 deletions

View File

@ -1,7 +1,7 @@
From 00cab63102084b89de0a3494a1d023c4b1d4982b Mon Sep 17 00:00:00 2001 From d4b67917818eb4c2bda9ccc5a2677926cfa0cc81 Mon Sep 17 00:00:00 2001
From: Felix Kaechele <felix@kaechele.ca> From: Felix Kaechele <felix@kaechele.ca>
Date: Sun, 7 Jun 2020 12:14:02 -0400 Date: Sun, 7 Jun 2020 12:14:02 -0400
Subject: [PATCH 1/2] remove Werror in upstream build scripts Subject: [PATCH 1/3] remove Werror in upstream build scripts
removes -Werror in upstream build scripts. -Werror conflicts with removes -Werror in upstream build scripts. -Werror conflicts with
-D_FORTIFY_SOURCE=2 causing warnings to turn into errors. -D_FORTIFY_SOURCE=2 causing warnings to turn into errors.
@ -12,7 +12,7 @@ Signed-off-by: Felix Kaechele <felix@kaechele.ca>
1 file changed, 3 insertions(+), 1 deletion(-) 1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/auto/cc/gcc b/auto/cc/gcc diff --git a/auto/cc/gcc b/auto/cc/gcc
index a5c5c18..cdbbadb 100644 index a5c5c18fba3f..cdbbadb54023 100644
--- a/auto/cc/gcc --- a/auto/cc/gcc
+++ b/auto/cc/gcc +++ b/auto/cc/gcc
@@ -166,7 +166,9 @@ esac @@ -166,7 +166,9 @@ esac
@ -27,5 +27,5 @@ index a5c5c18..cdbbadb 100644
# debug # debug
CFLAGS="$CFLAGS -g" CFLAGS="$CFLAGS -g"
-- --
2.31.1 2.44.0

View File

@ -1,7 +1,7 @@
From 62470498cca9a209aa9904668c1949f5229123af Mon Sep 17 00:00:00 2001 From 29c20440c27d6b13a4f933279da59fd8b442f5d7 Mon Sep 17 00:00:00 2001
From: Felix Kaechele <felix@kaechele.ca> From: Felix Kaechele <felix@kaechele.ca>
Date: Tue, 20 Apr 2021 21:28:18 -0400 Date: Tue, 20 Apr 2021 21:28:18 -0400
Subject: [PATCH 2/2] fix PIDFile handling Subject: [PATCH 2/3] fix PIDFile handling
Corresponding RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1869026 Corresponding RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1869026
@ -13,7 +13,7 @@ From original patch:
Author: Tj <ubuntu@iam.tj> Author: Tj <ubuntu@iam.tj>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1581864 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1581864
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876365 Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876365
iLast-Update: 2020-06-24 Last-Update: 2020-06-24
Signed-off-by: Felix Kaechele <felix@kaechele.ca> Signed-off-by: Felix Kaechele <felix@kaechele.ca>
--- ---
@ -22,10 +22,10 @@ Signed-off-by: Felix Kaechele <felix@kaechele.ca>
2 files changed, 27 insertions(+), 5 deletions(-) 2 files changed, 27 insertions(+), 5 deletions(-)
diff --git a/src/core/nginx.c b/src/core/nginx.c diff --git a/src/core/nginx.c b/src/core/nginx.c
index 48a20e9..32c0afe 100644 index 0deb27b7f98a..23edb59ff105 100644
--- a/src/core/nginx.c --- a/src/core/nginx.c
+++ b/src/core/nginx.c +++ b/src/core/nginx.c
@@ -339,14 +339,21 @@ main(int argc, char *const *argv) @@ -340,14 +340,21 @@ main(int argc, char *const *argv)
ngx_process = NGX_PROCESS_MASTER; ngx_process = NGX_PROCESS_MASTER;
} }
@ -48,7 +48,7 @@ index 48a20e9..32c0afe 100644
return 1; return 1;
} }
@@ -359,8 +366,19 @@ main(int argc, char *const *argv) @@ -360,8 +367,19 @@ main(int argc, char *const *argv)
#endif #endif
@ -71,7 +71,7 @@ index 48a20e9..32c0afe 100644
if (ngx_log_redirect_stderr(cycle) != NGX_OK) { if (ngx_log_redirect_stderr(cycle) != NGX_OK) {
diff --git a/src/os/unix/ngx_daemon.c b/src/os/unix/ngx_daemon.c diff --git a/src/os/unix/ngx_daemon.c b/src/os/unix/ngx_daemon.c
index 385c49b..3719854 100644 index 385c49b6c3d1..3719854c52b0 100644
--- a/src/os/unix/ngx_daemon.c --- a/src/os/unix/ngx_daemon.c
+++ b/src/os/unix/ngx_daemon.c +++ b/src/os/unix/ngx_daemon.c
@@ -7,14 +7,17 @@ @@ -7,14 +7,17 @@
@ -104,5 +104,5 @@ index 385c49b..3719854 100644
ngx_parent = ngx_pid; ngx_parent = ngx_pid;
-- --
2.31.1 2.44.0

View File

@ -1,8 +1,29 @@
From 679397c62265a5ee93953d0913dc834b163a5aec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= <luhliari@redhat.com>
Date: Wed, 22 May 2024 22:23:08 +0200
Subject: [PATCH 3/3] Add SSL passphrase dialog
---
contrib/vim/syntax/nginx.vim | 1 +
src/event/ngx_event_openssl.c | 126 +++++++++++++++++++++--
src/event/ngx_event_openssl.h | 14 ++-
src/http/modules/ngx_http_grpc_module.c | 2 +-
src/http/modules/ngx_http_proxy_module.c | 2 +-
src/http/modules/ngx_http_ssl_module.c | 70 ++++++++++++-
src/http/modules/ngx_http_ssl_module.h | 2 +
src/http/modules/ngx_http_uwsgi_module.c | 2 +-
src/mail/ngx_mail_ssl_module.c | 66 +++++++++++-
src/mail/ngx_mail_ssl_module.h | 2 +
src/stream/ngx_stream_proxy_module.c | 2 +-
src/stream/ngx_stream_ssl_module.c | 61 ++++++++++-
src/stream/ngx_stream_ssl_module.h | 2 +
13 files changed, 335 insertions(+), 17 deletions(-)
diff --git a/contrib/vim/syntax/nginx.vim b/contrib/vim/syntax/nginx.vim diff --git a/contrib/vim/syntax/nginx.vim b/contrib/vim/syntax/nginx.vim
index 7d587fc..15b21e2 100644 index 29eef7a..e7227eb 100644
--- a/contrib/vim/syntax/nginx.vim --- a/contrib/vim/syntax/nginx.vim
+++ b/contrib/vim/syntax/nginx.vim +++ b/contrib/vim/syntax/nginx.vim
@@ -617,6 +617,7 @@ syn keyword ngxDirective contained ssl_ocsp @@ -593,6 +593,7 @@ syn keyword ngxDirective contained ssl_ocsp
syn keyword ngxDirective contained ssl_ocsp_cache syn keyword ngxDirective contained ssl_ocsp_cache
syn keyword ngxDirective contained ssl_ocsp_responder syn keyword ngxDirective contained ssl_ocsp_responder
syn keyword ngxDirective contained ssl_password_file syn keyword ngxDirective contained ssl_password_file
@ -11,32 +32,27 @@ index 7d587fc..15b21e2 100644
syn keyword ngxDirective contained ssl_preread syn keyword ngxDirective contained ssl_preread
syn keyword ngxDirective contained ssl_protocols syn keyword ngxDirective contained ssl_protocols
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 104e8da..8cf777e 100644 index 89f277f..6f7f2a2 100644
--- a/src/event/ngx_event_openssl.c --- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c
@@ -9,9 +9,8 @@ @@ -11,6 +11,7 @@
#include <ngx_core.h>
#include <ngx_event.h>
-
#define NGX_SSL_PASSWORD_BUFFER_SIZE 4096 #define NGX_SSL_PASSWORD_BUFFER_SIZE 4096
-
+#define NGX_PASS_PHRASE_ARG_MAX_LEN 255 +#define NGX_PASS_PHRASE_ARG_MAX_LEN 255
typedef struct {
ngx_uint_t engine; /* unsigned engine:1; */
@@ -20,8 +19,8 @@ typedef struct {
typedef struct {
@@ -21,7 +22,7 @@ typedef struct {
static X509 *ngx_ssl_load_certificate(ngx_pool_t *pool, char **err, static X509 *ngx_ssl_load_certificate(ngx_pool_t *pool, char **err,
ngx_str_t *cert, STACK_OF(X509) **chain); ngx_str_t *cert, STACK_OF(X509) **chain);
-static EVP_PKEY *ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err, static EVP_PKEY *ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err,
- ngx_str_t *key, ngx_array_t *passwords); - ngx_str_t *key, ngx_array_t *passwords);
+static EVP_PKEY *ngx_ssl_load_certificate_key(ngx_pool_t *pool, + ngx_str_t *key, ngx_array_t *passwords, ngx_ssl_ppdialog_conf_t *dlg);
+ char **err, ngx_str_t *key, ngx_array_t *passwords, ngx_ssl_ppdialog_conf_t *dlg);
static int ngx_ssl_password_callback(char *buf, int size, int rwflag, static int ngx_ssl_password_callback(char *buf, int size, int rwflag,
void *userdata); void *userdata);
static int ngx_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store); static int ngx_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
@@ -88,6 +87,12 @@ static time_t ngx_ssl_parse_time( @@ -85,6 +86,12 @@ static time_t ngx_ssl_parse_time(
#endif #endif
ASN1_TIME *asn1time, ngx_log_t *log); ASN1_TIME *asn1time, ngx_log_t *log);
@ -49,7 +65,7 @@ index 104e8da..8cf777e 100644
static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); static void *ngx_openssl_create_conf(ngx_cycle_t *cycle);
static char *ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); static char *ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
static void ngx_openssl_exit(ngx_cycle_t *cycle); static void ngx_openssl_exit(ngx_cycle_t *cycle);
@@ -398,7 +403,7 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data) @@ -432,7 +439,7 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data)
ngx_int_t ngx_int_t
ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *certs, ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *certs,
@ -58,7 +74,7 @@ index 104e8da..8cf777e 100644
{ {
ngx_str_t *cert, *key; ngx_str_t *cert, *key;
ngx_uint_t i; ngx_uint_t i;
@@ -408,7 +413,7 @@ ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *certs, @@ -442,7 +449,7 @@ ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *certs,
for (i = 0; i < certs->nelts; i++) { for (i = 0; i < certs->nelts; i++) {
@ -67,7 +83,7 @@ index 104e8da..8cf777e 100644
!= NGX_OK) != NGX_OK)
{ {
return NGX_ERROR; return NGX_ERROR;
@@ -421,12 +426,13 @@ ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *certs, @@ -455,12 +462,13 @@ ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_array_t *certs,
ngx_int_t ngx_int_t
ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert, ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
@ -82,7 +98,7 @@ index 104e8da..8cf777e 100644
x509 = ngx_ssl_load_certificate(cf->pool, &err, cert, &chain); x509 = ngx_ssl_load_certificate(cf->pool, &err, cert, &chain);
if (x509 == NULL) { if (x509 == NULL) {
@@ -516,8 +522,19 @@ ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert, @@ -550,8 +558,23 @@ ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *cert,
} }
#endif #endif
@ -94,7 +110,11 @@ index 104e8da..8cf777e 100644
+ "X509_get_pubkey() failed"); + "X509_get_pubkey() failed");
+ return NGX_ERROR; + return NGX_ERROR;
+ } + }
+
+ if (dlg) {
+ dlg->cryptosystem = EVP_PKEY_get_base_id(pubkey); + dlg->cryptosystem = EVP_PKEY_get_base_id(pubkey);
+ }
+
+ EVP_PKEY_free(pubkey); + EVP_PKEY_free(pubkey);
+ +
+ pkey = ngx_ssl_load_certificate_key(cf->pool, &err, key, passwords, dlg); + pkey = ngx_ssl_load_certificate_key(cf->pool, &err, key, passwords, dlg);
@ -104,7 +124,7 @@ index 104e8da..8cf777e 100644
if (err != NULL) { if (err != NULL) {
ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0, ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
"cannot load certificate key \"%s\": %s", "cannot load certificate key \"%s\": %s",
@@ -587,7 +604,7 @@ ngx_ssl_connection_certificate(ngx_connection_t *c, ngx_pool_t *pool, @@ -621,7 +644,7 @@ ngx_ssl_connection_certificate(ngx_connection_t *c, ngx_pool_t *pool,
#endif #endif
@ -113,7 +133,7 @@ index 104e8da..8cf777e 100644
if (pkey == NULL) { if (pkey == NULL) {
if (err != NULL) { if (err != NULL) {
ngx_ssl_error(NGX_LOG_ERR, c->log, 0, ngx_ssl_error(NGX_LOG_ERR, c->log, 0,
@@ -700,10 +717,81 @@ ngx_ssl_load_certificate(ngx_pool_t *pool, char **err, ngx_str_t *cert, @@ -734,10 +757,82 @@ ngx_ssl_load_certificate(ngx_pool_t *pool, char **err, ngx_str_t *cert,
return x509; return x509;
} }
@ -191,18 +211,18 @@ index 104e8da..8cf777e 100644
+} +}
static EVP_PKEY * static EVP_PKEY *
-ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err, ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err,
- ngx_str_t *key, ngx_array_t *passwords) - ngx_str_t *key, ngx_array_t *passwords)
+ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err, ngx_str_t *key, ngx_array_t *passwords, ngx_ssl_ppdialog_conf_t *dlg) + ngx_str_t *key, ngx_array_t *passwords, ngx_ssl_ppdialog_conf_t *dlg)
{ {
BIO *bio; BIO *bio;
EVP_PKEY *pkey; EVP_PKEY *pkey;
@@ -791,11 +879,26 @@ ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err, @@ -825,6 +920,21 @@ ngx_ssl_load_certificate_key(ngx_pool_t *pool, char **err,
tries = 1; tries = 1;
pwd = NULL; pwd = NULL;
cb = NULL; cb = NULL;
+ +
+ /** directive format: ssl_pass_phrase_dialog buildin|exec:filepath */ + /** directive format: ssl_pass_phrase_dialog builtin|exec:filepath */
+ if (dlg && ngx_strncasecmp(dlg->data->data, (u_char *)"exec:", 5) == 0){ + if (dlg && ngx_strncasecmp(dlg->data->data, (u_char *)"exec:", 5) == 0){
+ pwd = (void *)dlg; + pwd = (void *)dlg;
+ cb = ngx_ssl_pass_phrase_callback; + cb = ngx_ssl_pass_phrase_callback;
@ -210,26 +230,20 @@ index 104e8da..8cf777e 100644
+ pwd = NULL; + pwd = NULL;
+ cb = NULL; + cb = NULL;
+ } + }
} + }
+
- for ( ;; ) {
+ /* skip decrypting private keys in config test phase to avoid + /* skip decrypting private keys in config test phase to avoid
+ asking for pass phase twice */ + asking for pass phase twice */
+ if (ngx_test_config){ + if (ngx_test_config){
+ return NULL; + return NULL;
+ }
+ for ( ;; ) {
pkey = PEM_read_bio_PrivateKey(bio, NULL, cb, pwd);
+
if (pkey != NULL) {
break;
} }
for ( ;; ) {
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
index 860ea26..41f4501 100644 index ebb2c35..761f48d 100644
--- a/src/event/ngx_event_openssl.h --- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h +++ b/src/event/ngx_event_openssl.h
@@ -74,9 +74,19 @@ @@ -82,9 +82,19 @@
#define ERR_peek_error_data(d, f) ERR_peek_error_line_data(NULL, NULL, d, f) #define ERR_peek_error_data(d, f) ERR_peek_error_line_data(NULL, NULL, d, f)
#endif #endif
@ -249,15 +263,7 @@ index 860ea26..41f4501 100644
struct ngx_ssl_s { struct ngx_ssl_s {
SSL_CTX *ctx; SSL_CTX *ctx;
@@ -84,7 +94,6 @@ struct ngx_ssl_s { @@ -192,9 +202,9 @@ ngx_int_t ngx_ssl_init(ngx_log_t *log);
size_t buffer_size;
};
-
struct ngx_ssl_connection_s {
ngx_ssl_conn_t *connection;
SSL_CTX *session_ctx;
@@ -184,9 +193,9 @@ ngx_int_t ngx_ssl_init(ngx_log_t *log);
ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data); ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data);
ngx_int_t ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_int_t ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl,
@ -296,23 +302,21 @@ index 9cc202c..2c938d7 100644
{ {
return NGX_ERROR; return NGX_ERROR;
diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 4c4a598..a147054 100644 index 1c92d9f..35132b9 100644
--- a/src/http/modules/ngx_http_ssl_module.c --- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c +++ b/src/http/modules/ngx_http_ssl_module.c
@@ -17,8 +17,9 @@ typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, @@ -21,6 +21,8 @@ typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
#define NGX_DEFAULT_CIPHERS "HIGH:!aNULL:!MD5" #define NGX_DEFAULT_CIPHERS "HIGH:!aNULL:!MD5"
#define NGX_DEFAULT_ECDH_CURVE "auto" #define NGX_DEFAULT_ECDH_CURVE "auto"
-#define NGX_HTTP_ALPN_PROTOS "\x08http/1.1\x08http/1.0\x08http/0.9"
+static ngx_str_t ngx_ssl_server_null = ngx_string(NGX_SSL_SERVER_NULL); +static ngx_str_t ngx_ssl_server_null = ngx_string(NGX_SSL_SERVER_NULL);
+
#define NGX_HTTP_ALPN_PROTOS "\x08http/1.1\x08http/1.0\x08http/0.9"
+#define NGX_HTTP_ALPN_PROTOS "\x08http/1.1\x08http/1.0\x08http/0.9"
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation @@ -59,6 +61,9 @@ static ngx_int_t ngx_http_ssl_quic_compat_init(ngx_conf_t *cf,
static int ngx_http_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, ngx_http_conf_addr_t *addr);
@@ -53,6 +54,9 @@ static char *ngx_http_ssl_conf_command_check(ngx_conf_t *cf, void *post, #endif
static ngx_int_t ngx_http_ssl_init(ngx_conf_t *cf);
+static char *ngx_conf_set_pass_phrase_dialog(ngx_conf_t *cf, ngx_command_t *cmd, +static char *ngx_conf_set_pass_phrase_dialog(ngx_conf_t *cf, ngx_command_t *cmd,
+ void *conf); + void *conf);
@ -320,7 +324,7 @@ index 4c4a598..a147054 100644
static ngx_conf_bitmask_t ngx_http_ssl_protocols[] = { static ngx_conf_bitmask_t ngx_http_ssl_protocols[] = {
{ ngx_string("SSLv2"), NGX_SSL_SSLv2 }, { ngx_string("SSLv2"), NGX_SSL_SSLv2 },
@@ -296,6 +300,13 @@ static ngx_command_t ngx_http_ssl_commands[] = { @@ -290,6 +295,13 @@ static ngx_command_t ngx_http_ssl_commands[] = {
offsetof(ngx_http_ssl_srv_conf_t, reject_handshake), offsetof(ngx_http_ssl_srv_conf_t, reject_handshake),
NULL }, NULL },
@ -334,25 +338,15 @@ index 4c4a598..a147054 100644
ngx_null_command ngx_null_command
}; };
@@ -555,7 +566,7 @@ ngx_http_ssl_add_variables(ngx_conf_t *cf) @@ -609,6 +621,7 @@ ngx_http_ssl_create_srv_conf(ngx_conf_t *cf)
static void *
ngx_http_ssl_create_srv_conf(ngx_conf_t *cf)
{
- ngx_http_ssl_srv_conf_t *sscf;
+ ngx_http_ssl_srv_conf_t *sscf;
sscf = ngx_pcalloc(cf->pool, sizeof(ngx_http_ssl_srv_conf_t));
if (sscf == NULL) {
@@ -577,6 +588,8 @@ ngx_http_ssl_create_srv_conf(ngx_conf_t *cf)
* sscf->ocsp_responder = { 0, NULL }; * sscf->ocsp_responder = { 0, NULL };
* sscf->stapling_file = { 0, NULL }; * sscf->stapling_file = { 0, NULL };
* sscf->stapling_responder = { 0, NULL }; * sscf->stapling_responder = { 0, NULL };
+ * sscf->pass_phrase_dialog = NULL; + * sscf->pass_phrase_dialog = NULL;
+ *
*/ */
sscf->enable = NGX_CONF_UNSET; sscf->prefer_server_ciphers = NGX_CONF_UNSET;
@@ -608,6 +621,8 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) @@ -639,6 +652,8 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
{ {
ngx_http_ssl_srv_conf_t *prev = parent; ngx_http_ssl_srv_conf_t *prev = parent;
ngx_http_ssl_srv_conf_t *conf = child; ngx_http_ssl_srv_conf_t *conf = child;
@ -361,7 +355,7 @@ index 4c4a598..a147054 100644
ngx_pool_cleanup_t *cln; ngx_pool_cleanup_t *cln;
@@ -674,6 +689,9 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) @@ -694,6 +709,9 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_str_value(conf->stapling_responder, ngx_conf_merge_str_value(conf->stapling_responder,
prev->stapling_responder, ""); prev->stapling_responder, "");
@ -370,12 +364,12 @@ index 4c4a598..a147054 100644
+ +
conf->ssl.log = cf->log; conf->ssl.log = cf->log;
if (conf->enable) { if (conf->certificates) {
@@ -736,6 +754,30 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) @@ -726,6 +744,30 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
cln->handler = ngx_ssl_cleanup_ctx; cln->handler = ngx_ssl_cleanup_ctx;
cln->data = &conf->ssl; cln->data = &conf->ssl;
+ /** directive format: ssl_pass_phrase_dialog buildin|exec:filepath */ + /** directive format: ssl_pass_phrase_dialog builtin|exec:filepath */
+ if (ngx_strncasecmp(conf->pass_phrase_dialog.data, (u_char *)"exec:", 5) == 0){ + if (ngx_strncasecmp(conf->pass_phrase_dialog.data, (u_char *)"exec:", 5) == 0){
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0, + ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
+ "ssl_pass_phrase_dialog config directive SET: %s ", conf->pass_phrase_dialog.data); + "ssl_pass_phrase_dialog config directive SET: %s ", conf->pass_phrase_dialog.data);
@ -402,7 +396,7 @@ index 4c4a598..a147054 100644
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
if (SSL_CTX_set_tlsext_servername_callback(conf->ssl.ctx, if (SSL_CTX_set_tlsext_servername_callback(conf->ssl.ctx,
@@ -786,7 +828,7 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) @@ -776,7 +818,7 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
/* configure certificates */ /* configure certificates */
if (ngx_ssl_certificates(cf, &conf->ssl, conf->certificates, if (ngx_ssl_certificates(cf, &conf->ssl, conf->certificates,
@ -411,11 +405,10 @@ index 4c4a598..a147054 100644
!= NGX_OK) != NGX_OK)
{ {
return NGX_CONF_ERROR; return NGX_CONF_ERROR;
@@ -1335,3 +1377,31 @@ ngx_http_ssl_init(ngx_conf_t *cf) @@ -1329,6 +1371,32 @@ ngx_http_ssl_init(ngx_conf_t *cf)
return NGX_OK; return NGX_OK;
} }
+
+static char * +static char *
+ngx_conf_set_pass_phrase_dialog(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_conf_set_pass_phrase_dialog(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{ +{
@ -442,25 +435,27 @@ index 4c4a598..a147054 100644
+ +
+ return NGX_CONF_OK; + return NGX_CONF_OK;
+} +}
+
#if (NGX_QUIC_OPENSSL_COMPAT)
diff --git a/src/http/modules/ngx_http_ssl_module.h b/src/http/modules/ngx_http_ssl_module.h diff --git a/src/http/modules/ngx_http_ssl_module.h b/src/http/modules/ngx_http_ssl_module.h
index 7ab0f7e..2f83d75 100644 index c69c8ff..79f1506 100644
--- a/src/http/modules/ngx_http_ssl_module.h --- a/src/http/modules/ngx_http_ssl_module.h
+++ b/src/http/modules/ngx_http_ssl_module.h +++ b/src/http/modules/ngx_http_ssl_module.h
@@ -67,6 +67,8 @@ typedef struct { @@ -62,6 +62,8 @@ typedef struct {
ngx_flag_t stapling_verify;
u_char *file; ngx_str_t stapling_file;
ngx_uint_t line; ngx_str_t stapling_responder;
+ +
+ ngx_str_t pass_phrase_dialog; + ngx_str_t pass_phrase_dialog;
} ngx_http_ssl_srv_conf_t; } ngx_http_ssl_srv_conf_t;
diff --git a/src/http/modules/ngx_http_uwsgi_module.c b/src/http/modules/ngx_http_uwsgi_module.c diff --git a/src/http/modules/ngx_http_uwsgi_module.c b/src/http/modules/ngx_http_uwsgi_module.c
index e4f721b..61efa99 100644 index c1731ff..ab9d98a 100644
--- a/src/http/modules/ngx_http_uwsgi_module.c --- a/src/http/modules/ngx_http_uwsgi_module.c
+++ b/src/http/modules/ngx_http_uwsgi_module.c +++ b/src/http/modules/ngx_http_uwsgi_module.c
@@ -2564,7 +2564,7 @@ ngx_http_uwsgi_set_ssl(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *uwcf) @@ -2567,7 +2567,7 @@ ngx_http_uwsgi_set_ssl(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *uwcf)
if (ngx_ssl_certificate(cf, uwcf->upstream.ssl, if (ngx_ssl_certificate(cf, uwcf->upstream.ssl,
&uwcf->upstream.ssl_certificate->value, &uwcf->upstream.ssl_certificate->value,
&uwcf->upstream.ssl_certificate_key->value, &uwcf->upstream.ssl_certificate_key->value,
@ -470,7 +465,7 @@ index e4f721b..61efa99 100644
{ {
return NGX_ERROR; return NGX_ERROR;
diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index 28737ac..728181d 100644 index aebb4cc..5d95f44 100644
--- a/src/mail/ngx_mail_ssl_module.c --- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c +++ b/src/mail/ngx_mail_ssl_module.c
@@ -13,6 +13,7 @@ @@ -13,6 +13,7 @@
@ -481,7 +476,7 @@ index 28737ac..728181d 100644
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
static int ngx_mail_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn, static int ngx_mail_ssl_alpn_select(ngx_ssl_conn_t *ssl_conn,
@@ -35,6 +36,8 @@ static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd, @@ -33,6 +34,8 @@ static char *ngx_mail_ssl_session_cache(ngx_conf_t *cf, ngx_command_t *cmd,
static char *ngx_mail_ssl_conf_command_check(ngx_conf_t *cf, void *post, static char *ngx_mail_ssl_conf_command_check(ngx_conf_t *cf, void *post,
void *data); void *data);
@ -490,7 +485,7 @@ index 28737ac..728181d 100644
static ngx_conf_enum_t ngx_mail_starttls_state[] = { static ngx_conf_enum_t ngx_mail_starttls_state[] = {
{ ngx_string("off"), NGX_MAIL_STARTTLS_OFF }, { ngx_string("off"), NGX_MAIL_STARTTLS_OFF },
@@ -216,6 +219,13 @@ static ngx_command_t ngx_mail_ssl_commands[] = { @@ -202,6 +205,13 @@ static ngx_command_t ngx_mail_ssl_commands[] = {
offsetof(ngx_mail_ssl_conf_t, conf_commands), offsetof(ngx_mail_ssl_conf_t, conf_commands),
&ngx_mail_ssl_conf_command_post }, &ngx_mail_ssl_conf_command_post },
@ -504,7 +499,7 @@ index 28737ac..728181d 100644
ngx_null_command ngx_null_command
}; };
@@ -345,6 +355,8 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -330,6 +340,8 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
{ {
ngx_mail_ssl_conf_t *prev = parent; ngx_mail_ssl_conf_t *prev = parent;
ngx_mail_ssl_conf_t *conf = child; ngx_mail_ssl_conf_t *conf = child;
@ -513,7 +508,7 @@ index 28737ac..728181d 100644
char *mode; char *mode;
ngx_pool_cleanup_t *cln; ngx_pool_cleanup_t *cln;
@@ -388,6 +400,8 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -372,6 +384,8 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_ptr_value(conf->conf_commands, prev->conf_commands, NULL); ngx_conf_merge_ptr_value(conf->conf_commands, prev->conf_commands, NULL);
@ -522,11 +517,11 @@ index 28737ac..728181d 100644
conf->ssl.log = cf->log; conf->ssl.log = cf->log;
@@ -449,6 +463,29 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -430,6 +444,29 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
cln->handler = ngx_ssl_cleanup_ctx; cln->handler = ngx_ssl_cleanup_ctx;
cln->data = &conf->ssl; cln->data = &conf->ssl;
+ /** directive format: ssl_pass_phrase_dialog buildin|exec:filepath */ + /** directive format: ssl_pass_phrase_dialog builtin|exec:filepath */
+ if (ngx_strncasecmp(conf->pass_phrase_dialog.data, (u_char *)"exec:", 5) == 0){ + if (ngx_strncasecmp(conf->pass_phrase_dialog.data, (u_char *)"exec:", 5) == 0){
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0, + ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
+ "ssl_pass_phrase_dialog config directive SET: %s ", conf->pass_phrase_dialog.data); + "ssl_pass_phrase_dialog config directive SET: %s ", conf->pass_phrase_dialog.data);
@ -552,7 +547,7 @@ index 28737ac..728181d 100644
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
SSL_CTX_set_alpn_select_cb(conf->ssl.ctx, ngx_mail_ssl_alpn_select, NULL); SSL_CTX_set_alpn_select_cb(conf->ssl.ctx, ngx_mail_ssl_alpn_select, NULL);
#endif #endif
@@ -461,7 +498,7 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -442,7 +479,7 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
} }
if (ngx_ssl_certificates(cf, &conf->ssl, conf->certificates, if (ngx_ssl_certificates(cf, &conf->ssl, conf->certificates,
@ -561,7 +556,7 @@ index 28737ac..728181d 100644
!= NGX_OK) != NGX_OK)
{ {
return NGX_CONF_ERROR; return NGX_CONF_ERROR;
@@ -745,3 +782,32 @@ ngx_mail_ssl_conf_command_check(ngx_conf_t *cf, void *post, void *data) @@ -692,3 +729,30 @@ ngx_mail_ssl_conf_command_check(ngx_conf_t *cf, void *post, void *data)
return NGX_CONF_OK; return NGX_CONF_OK;
#endif #endif
} }
@ -592,13 +587,11 @@ index 28737ac..728181d 100644
+ +
+ return NGX_CONF_OK; + return NGX_CONF_OK;
+} +}
+
+
diff --git a/src/mail/ngx_mail_ssl_module.h b/src/mail/ngx_mail_ssl_module.h diff --git a/src/mail/ngx_mail_ssl_module.h b/src/mail/ngx_mail_ssl_module.h
index a0a6113..3d87d50 100644 index c0eb6a3..02b4d4f 100644
--- a/src/mail/ngx_mail_ssl_module.h --- a/src/mail/ngx_mail_ssl_module.h
+++ b/src/mail/ngx_mail_ssl_module.h +++ b/src/mail/ngx_mail_ssl_module.h
@@ -57,6 +57,8 @@ typedef struct { @@ -56,6 +56,8 @@ typedef struct {
u_char *file; u_char *file;
ngx_uint_t line; ngx_uint_t line;
@ -621,7 +614,7 @@ index ed275c0..1747aed 100644
{ {
return NGX_ERROR; return NGX_ERROR;
diff --git a/src/stream/ngx_stream_ssl_module.c b/src/stream/ngx_stream_ssl_module.c diff --git a/src/stream/ngx_stream_ssl_module.c b/src/stream/ngx_stream_ssl_module.c
index 1ba1825..ba70547 100644 index ba44477..43cd7e0 100644
--- a/src/stream/ngx_stream_ssl_module.c --- a/src/stream/ngx_stream_ssl_module.c
+++ b/src/stream/ngx_stream_ssl_module.c +++ b/src/stream/ngx_stream_ssl_module.c
@@ -17,6 +17,8 @@ typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c, @@ -17,6 +17,8 @@ typedef ngx_int_t (*ngx_ssl_variable_handler_pt)(ngx_connection_t *c,
@ -643,7 +636,7 @@ index 1ba1825..ba70547 100644
static ngx_int_t ngx_stream_ssl_init(ngx_conf_t *cf); static ngx_int_t ngx_stream_ssl_init(ngx_conf_t *cf);
@@ -226,6 +231,13 @@ static ngx_command_t ngx_stream_ssl_commands[] = { @@ -233,6 +238,13 @@ static ngx_command_t ngx_stream_ssl_commands[] = {
0, 0,
NULL }, NULL },
@ -651,21 +644,21 @@ index 1ba1825..ba70547 100644
+ NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, + NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_pass_phrase_dialog, + ngx_conf_set_pass_phrase_dialog,
+ NGX_STREAM_SRV_CONF_OFFSET, + NGX_STREAM_SRV_CONF_OFFSET,
+ offsetof(ngx_stream_ssl_conf_t, pass_phrase_dialog), + offsetof(ngx_stream_ssl_srv_conf_t, pass_phrase_dialog),
+ NULL }, + NULL },
+ +
ngx_null_command ngx_null_command
}; };
@@ -690,6 +702,7 @@ ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -802,6 +814,7 @@ ngx_stream_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
{ {
ngx_stream_ssl_conf_t *prev = parent; ngx_stream_ssl_srv_conf_t *prev = parent;
ngx_stream_ssl_conf_t *conf = child; ngx_stream_ssl_srv_conf_t *conf = child;
+ ngx_ssl_ppdialog_conf_t dlg; + ngx_ssl_ppdialog_conf_t dlg;
ngx_pool_cleanup_t *cln; ngx_pool_cleanup_t *cln;
@@ -732,6 +745,8 @@ ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -846,6 +859,8 @@ ngx_stream_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
ngx_conf_merge_ptr_value(conf->conf_commands, prev->conf_commands, NULL); ngx_conf_merge_ptr_value(conf->conf_commands, prev->conf_commands, NULL);
@ -674,11 +667,11 @@ index 1ba1825..ba70547 100644
conf->ssl.log = cf->log; conf->ssl.log = cf->log;
@@ -779,6 +794,23 @@ ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -879,6 +894,23 @@ ngx_stream_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
cln->handler = ngx_ssl_cleanup_ctx; cln->handler = ngx_ssl_cleanup_ctx;
cln->data = &conf->ssl; cln->data = &conf->ssl;
+ /** directive format: ssl_pass_phrase_dialog buildin|exec:filepath */ + /** directive format: ssl_pass_phrase_dialog builtin|exec:filepath */
+ if (ngx_strncasecmp(conf->pass_phrase_dialog.data, (u_char *)"exec:", 5) == 0){ + if (ngx_strncasecmp(conf->pass_phrase_dialog.data, (u_char *)"exec:", 5) == 0){
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0, + ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
+ "ssl_pass_phrase_dialog config directive SET: %s ", conf->pass_phrase_dialog.data); + "ssl_pass_phrase_dialog config directive SET: %s ", conf->pass_phrase_dialog.data);
@ -698,7 +691,7 @@ index 1ba1825..ba70547 100644
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
SSL_CTX_set_tlsext_servername_callback(conf->ssl.ctx, SSL_CTX_set_tlsext_servername_callback(conf->ssl.ctx,
ngx_stream_ssl_servername); ngx_stream_ssl_servername);
@@ -823,7 +855,7 @@ ngx_stream_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child) @@ -923,7 +955,7 @@ ngx_stream_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
/* configure certificates */ /* configure certificates */
if (ngx_ssl_certificates(cf, &conf->ssl, conf->certificates, if (ngx_ssl_certificates(cf, &conf->ssl, conf->certificates,
@ -707,7 +700,7 @@ index 1ba1825..ba70547 100644
!= NGX_OK) != NGX_OK)
{ {
return NGX_CONF_ERROR; return NGX_CONF_ERROR;
@@ -1209,3 +1241,31 @@ ngx_stream_ssl_init(ngx_conf_t *cf) @@ -1371,3 +1403,30 @@ ngx_stream_ssl_init(ngx_conf_t *cf)
return NGX_OK; return NGX_OK;
} }
@ -715,7 +708,7 @@ index 1ba1825..ba70547 100644
+static char * +static char *
+ngx_conf_set_pass_phrase_dialog(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +ngx_conf_set_pass_phrase_dialog(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{ +{
+ ngx_stream_ssl_conf_t *sscf = conf; + ngx_stream_ssl_srv_conf_t *sscf = conf;
+ ngx_str_t *value; + ngx_str_t *value;
+ +
+ if (sscf->pass_phrase_dialog.data){ + if (sscf->pass_phrase_dialog.data){
@ -738,17 +731,19 @@ index 1ba1825..ba70547 100644
+ +
+ return NGX_CONF_OK; + return NGX_CONF_OK;
+} +}
+
diff --git a/src/stream/ngx_stream_ssl_module.h b/src/stream/ngx_stream_ssl_module.h diff --git a/src/stream/ngx_stream_ssl_module.h b/src/stream/ngx_stream_ssl_module.h
index e7c825e..d80daa4 100644 index 6f6d9ae..870640d 100644
--- a/src/stream/ngx_stream_ssl_module.h --- a/src/stream/ngx_stream_ssl_module.h
+++ b/src/stream/ngx_stream_ssl_module.h +++ b/src/stream/ngx_stream_ssl_module.h
@@ -56,6 +56,8 @@ typedef struct { @@ -53,6 +53,8 @@ typedef struct {
u_char *file; ngx_flag_t session_tickets;
ngx_uint_t line; ngx_array_t *session_ticket_keys;
+ +
+ ngx_str_t pass_phrase_dialog; + ngx_str_t pass_phrase_dialog;
} ngx_stream_ssl_conf_t; } ngx_stream_ssl_srv_conf_t;
--
2.44.0

119
404.html
View File

@ -1,119 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>The page is not found</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #294172;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #3C6EB4;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #294172;
}
h3 {
text-align: center;
background-color: #ff0000;
padding: 0.5em;
color: #fff;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1><strong>nginx error!</strong></h1>
<div class="content">
<h3>The page you are looking for is not found.</h3>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>Something has triggered missing webpage on your
website. This is the default 404 error page for
<strong>nginx</strong> that is distributed with
Fedora. It is located
<tt>/usr/share/nginx/html/404.html</tt></p>
<p>You should customize this error page for your own
site or edit the <tt>error_page</tt> directive in
the <strong>nginx</strong> configuration file
<tt>/etc/nginx/nginx.conf</tt>.</p>
</div>
</div>
<div class="logos">
<a href="http://nginx.net/"><img
src="/nginx-logo.png"
alt="[ Powered by nginx ]"
width="121" height="32" /></a>
<a href="http://fedoraproject.org/"><img
src="/poweredby.png"
alt="[ Powered by Fedora ]"
width="88" height="31" /></a>
</div>
</div>
</body>
</html>

119
50x.html
View File

@ -1,119 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>The page is temporarily unavailable</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #294172;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #3C6EB4;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #294172;
}
h3 {
text-align: center;
background-color: #ff0000;
padding: 0.5em;
color: #fff;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1><strong>nginx error!</strong></h1>
<div class="content">
<h3>The page you are looking for is temporarily unavailable. Please try again later.</h3>
<div class="alert">
<h2>Website Administrator</h2>
<div class="content">
<p>Something has triggered an error on your
website. This is the default error page for
<strong>nginx</strong> that is distributed with
Fedora. It is located
<tt>/usr/share/nginx/html/50x.html</tt></p>
<p>You should customize this error page for your own
site or edit the <tt>error_page</tt> directive in
the <strong>nginx</strong> configuration file
<tt>/etc/nginx/nginx.conf</tt>.</p>
</div>
</div>
<div class="logos">
<a href="http://nginx.net/"><img
src="/nginx-logo.png"
alt="[ Powered by nginx ]"
width="121" height="32" /></a>
<a href="http://fedoraproject.org/"><img
src="/poweredby.png"
alt="[ Powered by Fedora ]"
width="88" height="31" /></a>
</div>
</div>
</body>
</html>

114
arut.key Normal file
View File

@ -0,0 +1,114 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGYXyiQBEAC4jm1y+ODV4+YDGj9vp2BgHB4FJeQdgrBiVX+Mb2qCrEqJgeKV
fVwKjkVYqnb76TTybdOKqCP5wdQrncKAKlXsMq6sdsiwPSrdRcjkeiE29WWrtbB4
i+VObnoWklMblMxFQ1XQIkjs2wviidKjJw2VV3i4XnLSrHhWaWqviTLZCMQymoPs
F+Tfu1WX9OUfOquekZ5KjkyBxB4ep6+NPeuIkPnW0SiTUhU8tbi8v0aBZEHSZLqE
mq8KLROVuYSPvtU+NtaXAM09BHEVCfb409aDps9p6AFT+IN8yoOegGdEZjp6hJvS
HxbhuwqNEtg4dTEV515YUCgKabqU1QaqI/Y0+Pdkpep1KRFc9YUYttDkCw7Ybu2u
fwTGzwAbD+ThAIOdzmMDodzZaEMf+9fQG4bnO1PdNbXzyP7Kv9qzGa65+9oGCPOS
qTpISR8pvzoI8w/Z/vG71ob/nQ6Xm0L986ksErdGhu16ZI7lW2eDYqy2IoFfbeSz
HHxk484/pEibrlCRbP2Id+zULfxo1HGOGg+PAY9Q2uNzABsGDMnOhIvXHS+hP7oB
sO9A4Prqu6K6cMp3QI219tmmOUegJpmGGPzoNgxR7H30wNcjZPv4PWr/c0fP70Ny
ilgbdcEMDSHks30AmiuIvcUxo3A21p2nnpxsKAKYx42UJkyEK0HILMzcqwARAQAB
tCZSb21hbiBBcnV0eXVueWFuIDxyLmFydXR5dW55YW5AZjUuY29tPokCTgQTAQgA
OBYhBEM4eCXdsbuX7Da6XQB8jXwV2HNpBQJmF8pXAhsDBQsJCAcCBhUKCQgLAgQW
AgMBAh4BAheAAAoJEAB8jXwV2HNppvQP/AjzdPKkGRzJkb1ioto/IEP1YhA/Eayk
hvejJ0vyWVHXXH7FLW9fIZoApcsD1J8/7zIANm+62IfT3QNbL2R44IyhJB3AY22l
t0ToLxodfugegF3NPYYyFOSRUoPD4g2T/dMCPOBX4MNEAnAlCmxAMaJNmQUO76IY
GwELa3CH3Aqf7bthKy8P36G11hu7NgH6V9mVIRIpfnfpXFQIztj+vsWtswu4M5t7
BNJwx4a2KTCVQpTdff5/0dO/5drQDxLbIg681WZk3Oe8Eu6nSc0Ud02NIkg1TQH/
MryAp7o/ua3LRem+W/cktnT60p4uXPVZ3Rvg3zOmJSNJ+eIXY2+sDeZEPaROKldA
IbnBacTsZjdswIlrbzinY8ZVRosaFlvHg/ESTBRItALHWCRdzOR1Wv1qy/PQfEEL
qftDsCTQhssP1MHJWlejeqPlND3iT2vBDeOxqd6WhKuAc+L04iyBB6p867pwrgDF
ecg82DPehsAnO2XBAFuIE/SLewkYm0B9HK7/J4LZqPwTAksPf/dnbMAmHWoBDqsu
4U4U4SsJKsZ87R9ao8qO7IWCzHrXavHFmnbqweFfHToeKF/L4PB+tYoW3YmUOged
CglpJv13bNWmRwL7+x8b7BwpVwClxHBHteDX4RIN5iPH9h20J4jIpzRa1kNJsTu1
v4ZkqLWJlkiiiQEzBBABCAAdFiEEcziXMGntP0Q/TTffpk/VsXrbOagFAmYdpjsA
CgkQpk/VsXrbOahISgf/U7ZO0yK0PsOcAFTB0TQBCNsAhxtJAEJoVoweuYiLk8jR
0OeDRCy0BC//qWDLFT7NKuP50SM2u0Csbg+n6b0bdy+vXbbGVzIAYzG09rPYe2Q5
qwqyAx+MMzyICXul9lGNU2qN2qjUXMb0mCWUhxwMvzRUeS7shT1CBhGrnpoYkY56
NhWj7iG1BbLwYVQzDZC/Rp6rvwJQgZo7+DjaMjryGAEI0ujpUp8ywrPaJpwIuXDI
D5BhcyUaEd3XOondHQNedlgERXHT4pN+oNMPWwN3+DeQYLS3FHiqyz05ZvoeWnao
A2/fWNA+BqIdjilp/TDDI4Ef7c9hp13weaZggYB3M4kBMwQQAQgAHRYhBFc7/Ws9
j7xkEHmmq6v1vYJ72b9iBQJmHabkAAoJEKv1vYJ72b9iDgoIAP1QJjl4ynLAV9Bo
Ol4AAzxZ3x/2NEgLSnjLfhb/OduDxQlL9oPulWoLDG41xiZJkepEnQWmSsIYF6Xe
RsAB+eREU2uCxqCvBXpyIs5npXvVDV2/PQuVEop7HByx6Hjr9XK8hugihnEi1p+9
Ecbu+89fi93m3C/5uIIil46cHByjRZ+5Yy1UFUB/wsYud1qMcYmvDaqEo5AqWNcM
gWUFhUfgGTtBbyvIWTeX0NHnrbzHP7lhmPfWsfOjAtO8PpM8Gz5RdNRq44DdRKdG
uWVby/kni868H+8/tHalDR0I9/Mmg2Uax0eggTVpECv/4+xBduqSB2iPwgRnSzhZ
6SVKJvKJAjMEEAEIAB0WIQT5TVS8DF1qZBfIzz/oLBEYr5TfbgUCZh5KVgAKCRDo
LBEYr5TfbitgD/wMamMFfFZnPS7JS1NWEMb5fbhHob1EkmedIpbpRDXUtj0ksehW
ZAEpmVF9btqS4B+B9tSK1VS2sy4XwEGodNVSGxdtF9W8+iAHAb6Hq1Z7ifWyb991
Kt/pVk/8adxlU4G8h1fq0idhpnI8KvkAlPJR7+PoJOEN1+VdHS6tkE5LMTf6dF9F
iVxKQczOS1b/GmfL3kYfu6UvI07ZuaP+90mOt/TZTwkzsWjRY2vofCIPSDY94rLj
m6PmVFoU3PHLKW7yDz1YXkVE6SgQYGZ2bqB6OHJZnDXUTSHncHTbDVzZQekIs1lP
V6e5N8Xo/VOpv28feKAsBqQ8ML53djmGUL0azjEz1g2kgPmTuZdKzZ5kcUsULdQV
aRKcfyYD1oRpwwlw9GJAxliJHck1IdGGaCslrHtzkh3RMULlloAYitzD9jtKsrOj
R19s+JK/tIfFZZ5gR5qhzgOL8WgkSrIaq2o9R4sigBz1IxnXXC573RDA2F5FAeE/
K6EmAO+BqVkImZcmP1JsLtr+OM+jihXIILACEJwhOKPtZth9zrLYkXWB1nCaDxHp
XEUpp6UPCQNgNX8NCghnJr5gis/SmYppgFlO9R9yZ7/LtP0tUX0CmhOeqGMnHt4R
F8n8D7EBwMWvWjlUbsDkMKX4JORgojguHJZciWQC1gVRwJ0iTH/ImtzDnbQhUm9t
YW4gQXJ1dHl1bnlhbiA8YXJ1dEBuZ2lueC5jb20+iQJOBBMBCAA4FiEEQzh4Jd2x
u5fsNrpdAHyNfBXYc2kFAmYXyiQCGwMFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AA
CgkQAHyNfBXYc2kRFw//VFuCnW3EwoLCWWgWCikgI9kbVDr0/Qiyf2Gb9sfOyzBN
q/+ZGjTs7EqTHbYUiCTgjy8t0SNKizoCXjSWLToTAXhOeTY3wDuHkdc3C2OPMPgm
HPGmdnfplmsZjj689sy0MTnlLmU/87texR/f3REAKtchVjo5AojuZxXJi+ryBvoz
KXi82M1JaYlIr15T+OiRtfZ3cgfTkb5CRa0YRV7QQ1zhOiF0AFKVVikFwRuquphT
y2cSLILLzOpwG/CjMJzO4VOASmGJmdicIfYSsZSzz37RrcfeYwR6quJ55Y9QF9IU
fg5AHWufpXaf6FbMsW1U1mOq0tMvwvdcO+u5I5SBj6IkqO4zavmW/i5zkxaq96wF
Qn6+oRkqHnNNn0hl/B4MWdEjDJsaDXfkQ3Snn4Bfl1JPT6cH2NDVYQn1siIOim/W
G5lhGLNB1TOAVLHblQ2xILadK0T33y6lfRUV3BOW01BDoF0ndyd7LjG5Di/cjfSo
1hvhTkW7QJGfzVV4IAAxEyHKlmgONfggZoplqukuPsq7eNNRPhvlZq632QXIqt6Y
xE43Nk0O41rX/tWtB7eNcPvfNOc+sGljnCSwpRWyx9xO7plELVD9KdtcyHrIgora
Flh7KsSbppSQ/iUKRNP+lfCQsMa1yrnQyxazss8OGlB7YpUJL4trQW35f/jXFD+J
ATMEEAEIAB0WIQRzOJcwae0/RD9NN9+mT9Wxets5qAUCZh2mQQAKCRCmT9Wxets5
qPBjB/0SDkET7h/Vw2PJKxuYujsL+tn3SKXshgyCM2u00njJM9TqpZbZV681unKM
l8uHtj9b0Z4U0nHoNEC37wI5FJlxy1hLBw5f2fd/yi8LsD1KP2htjMUW+I2xjcdo
FusQsIF0s8SyW1DZ3vvN2WcZpKHwub1sY9ZFBfxRc6w+33N4dJwXVXP57kj3Ci8j
LDLfkaKyiuYgMtFYZiKKX0tfvaM5pXxLvLOzma9vwfjIMIllooZHDSI65jrbmMv0
rfDKOX9Ws5Xi8n85jq6Oyq28QPLZUsmymCbhvBwq4FcdiyTl9sxCY4HLq0MzmJJ5
DMhlFd2Ds3BopFTWCB2fvYyVoXRaiQEzBBABCAAdFiEEVzv9az2PvGQQeaarq/W9
gnvZv2IFAmYdpugACgkQq/W9gnvZv2Jk4Qf+N0P/7FIHowlO01XmBB5KaztBmVb2
Tj+jtYgPDHRf86O0kW40Rjx++zMlIRNWK4Ue5PKAi82Yue5uvZcVlpWpx/sMvL+N
C4Xds3Q3qnkxkoemoIMqUKGvePjBpyUWArBkBQ3FrvZtywnzyFWNrvOpeM+5HIuz
WBri/SHBHzQm1/Jl2r5pHcbUdSxB2o1v3f+SaS2vGxwigIf8v44pRfyeWgkoxYgN
+2zR0Ing6URZCYkAbwILsmmWGxJIuq+N9Xs1CQ1WZd5S78p/JBMDQ1prUDLCLFMc
AvlZpQ0HvzEbKGiIVNa1LEQRF4ZWjQOHaPJhg/D3r/Q7VaFlgsOqrwtQaYkCMwQQ
AQgAHRYhBPlNVLwMXWpkF8jPP+gsERivlN9uBQJmHkpZAAoJEOgsERivlN9u8fYQ
AK0s0CvQNTXrg/Oe92Ajj+CpFIGhEUgXsufpg3OF+4doXOoRrVcv6y/0dGC+u899
Qiz5rzP8JkgT3Bvs/oFbQnESX7zob/GuBiRAnaanQQGjQsc8tXUcIgIB8vZI6Hxr
BZYyjXMrc1fAp1zy6F3YfVtjntp6Zt740zlcFSHPL6pKeNC8lCas7f7EPGm9ERlf
XvPOsMyKVDRTrtYVrQ17pgmWzMFl9eYzAV81X/cK7O9BmTvLb9HB9THl9QM6iKWd
UPNNhMseMA55i1y1trvv2rQSP2tm7xAijlffNu/LHyVjOJA+63rk9JqpQi2O/sI6
naCZ5kLky3+OisbzJLtsIv3KWGF4jnpZJwPI97UbRAxrBCPd8BDXW06qQ0xfF9GA
sW46IDnf5uNV5Fj9T1IhZUUCU6XwwhcTENwcaJ2hubPzW19gvxieRpxdvnXhjUxR
UgqgFjtlpyBSABYr2REiaBTHkR1qVMa8tThpSyzfmfBNe9chBGQBdDMzTTUDf4dU
cw4UGGPXqrBEapleoZBszXLrZxQxCNmLGFBW3vcJDfRRTvg/OMCIwD72kfd8KY1t
SRRi5vQ3CvV8E0EEXshjxVk0fwS+5muM1thWZM4xCSgyH6Ka/5biMeUv1VNcKJne
J51xs9jfS/JltrT/ahWG4J9msJFtmYyrLh/nMxccXK75uQINBGYXyiQBEAC5tT5O
uysy75BcwAg8jIK+Cw6hNy+riOoCIzsMen8ps4tyDFLmRdpJmVOpmtvESaix2MHf
Hc/t9hOsQ8LmF3kDG/JisDXcB/v28EOiDpp5Ug/5UOFBnbu4DkxbakJF8KF/rQ9t
i29lt03saGCf2XbqzTLI6FvZ2TT8hDwAZF5aOtDEHV3ChBPn6gplnJADiZ9DioMZ
ji1HnL8Zu4IYHMNOgpxULi6TMhBH/MkHbyycOdt/EsQFamnLGeV8KR2fubYjrpbH
pLZzSRepQyvKIhHAFj6DUeDyEt2XAitxI8YI40IVO75Zu8ZZq0qYGML8Am+t6ZjJ
3ZR8/DWjxRUYeo+YVEe5f+oRl5GRNkLtGvTAD38Nb2/7SUYdSXA3y3Ocfo/bySwa
qggeFpDqK5eHXmrO4hvRqYoEyNyW4VQlGyvYq4s2cLeCF/S2w6dV8OFsksIoq8uq
R1/IQ8Bonsf7iAYpsMAZZOGKiJzr01W3GA4Ka3B/MmZP5CysUhFlFxMsDr3/TWfg
p3CHd5yGAnuWWWkjqVQzx0tcub3gyDsHCPuws8P2OKJ2lzNPqpp08MjYMMRZb4Y6
9REXkKw7kXU8zM5+1IpW2U+z83NU86QR08PTpjATz05ltdGqF82Z+Ygl2nav8oqV
RqNd/k+WE60e1eJmgykjmz6nPbm0S2jt1C7QLQARAQABiQI2BBgBCAAgFiEEQzh4
Jd2xu5fsNrpdAHyNfBXYc2kFAmYXyiQCGwwACgkQAHyNfBXYc2mTihAAqB+sv9lw
kRorE6iXwvvj2Dt2iIy7jc1AhZQOH/j7B4GHpV3Ej/ptdUwuzj/aX5EnEeDPZ2JU
sSKy2q0RpKGKdKOvgy5yVfd8xqujkawXv26QU53mgyfgQCZLhFFhq0MIAqnxPb8h
SCQeol18Wqs++LjeDMwkgMrHJeNhW2U2llqTS37YfRMOo0Vr022ZHlMlkyMz1sQH
+C2/nzmmtkI4+vlPeccoN+3239YzndW1+XM8S3dXNcsGTyLAbkCowfpuqQdIP0MY
lBwx/Xj9fxBNAuqGVCjrjGMg7mozMkeCDzrAoZiaD3Kud8zSs9VpAyAymrPQJSSS
96b+vr2mDKbV11QJeJZv/d02n4JMjK7Ai//3j/TqkJF4UoYH45g5hvGSrym1UKrf
n8TqHdtTFjcxAMXLbWICHdDk7/0ole8Bl8csiSHyKy/sGJ0b/7zcB88CS8OfsR3C
OanK13emeD6rHOp8wEWA1/PA1JoAC5suS/uIgPWa5ujLaViJ9pW6ohfzMqOtLABF
BB/FgD/qgPF+uTPPLQZw3XO8Q61kFq6x0RJGNgBEOpseounx+T6FCxZqrvjWm/WK
VQUiRBtJIvD7Z8UCP+NUzdj3hwLAXpXrPz0gkcbI+hdlTJHCC6i61Qf5OIWnhtw6
kZv2zEcTtzlAYNEumy8KrJzICmPLS7BEC8w=
=ilJ3
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -1,33 +0,0 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.11 (FreeBSD)
mQENBE7SKu8BCADQo6x4ZQfAcPlJMLmL8zBEBUS6GyKMMMDtrTh3Yaq481HB54oR
0cpKL05Ff9upjrIzLD5TJUCzYYM9GQOhguDUP8+ZU9JpSz3yO2TvH7WBbUZ8FADf
hblmmUBLNgOWgLo3W+FYhl3mz1GFS2Fvid6Tfn02L8CBAj7jxbjL1Qj/OA/WmLLc
m6BMTqI7IBlYW2vyIOIHasISGiAwZfp0ucMeXXvTtt14LGa8qXVcFnJTdwbf03AS
ljhYrQnKnpl3VpDAoQt8C68YCwjaNJW59hKqWB+XeIJ9CW98+EOAxLAFszSyGanp
rCqPd0numj9TIddjcRkTA/ZbmCWK+xjpVBGXABEBAAG0IU1heGltIERvdW5pbiA8
bWRvdW5pbkBtZG91bmluLnJ1PokBOAQTAQIAIgUCTtIq7wIbAwYLCQgHAwIGFQgC
CQoLBBYCAwECHgECF4AACgkQUgqZk6HAUvj+iwf/b4FS6zVzJ5T0v1vcQGD4ZzXe
D5xMC4BJW414wVMU15rfX7aCdtoCYBNiApPxEd7SwiyxWRhRA9bikUq87JEgmnyV
0iYbHZvCvc1jOkx4WR7E45t1Mi29KBoPaFXA9X5adZkYcOQLDxa2Z8m6LGXnlF6N
tJkxQ8APrjZsdrbDvo3HxU9muPcq49ydzhgwfLwpUs11LYkwB0An9WRPuv3jporZ
/XgI6RfPMZ5NIx+FRRCjn6DnfHboY9rNF6NzrOReJRBhXCi6I+KkHHEnMoyg8XET
9lVkfHTOl81aIZqrAloX3/00TkYWyM2zO9oYpOg6eUFCX/Lw4MJZsTcT5EKVxIhG
BBARAgAGBQJO01Y/AAoJEOzw6QssFyCDVyQAn3qwTZlcZgyyzWu9Cs8gJ0CXREaS
AJ92QjGLT9DijTcbB+q9OS/nl16Z/IhGBBARAgAGBQJO02JDAAoJEKk3YTmlJMU+
P64AnjCKEXFelSVMtgefJk3+vpyt3QX1AKCH9M3MbTWPeDUL+MpULlfdyfvjj7kB
DQRO0irvAQgA0LjCc8S6oZzjiap2MjRNhRFA5BYjXZRZBdKF2VP74avt2/RELq8G
W0n7JWmKn6vvrXabEGLyfkCngAhTq9tJ/K7LPx/bmlO5+jboO/1inH2BTtLiHjAX
vicXZk3oaZt2Sotx5mMI3yzpFQRVqZXsi0LpUTPJEh3oS8IdYRjslQh1A7P5hfCZ
wtzwb/hKm8upODe/ITUMuXeWfLuQj/uEU6wMzmfMHb+jlYMWtb+v98aJa2FODeKP
mWCXLa7bliXp1SSeBOEfIgEAmjM6QGlDx5sZhr2Ss2xSPRdZ8DqD7oiRVzmstX1Y
oxEzC0yXfaefC7SgM0nMnaTvYEOYJ9CH3wARAQABiQEfBBgBAgAJBQJO0irvAhsM
AAoJEFIKmZOhwFL4844H/jo8icCcS6eOWvnen7lg0FcCo1fIm4wW3tEmkQdchSHE
CJDq7pgTloN65pwB5tBoT47cyYNZA9eTfJVgRc74q5cexKOYrMC3KuAqWbwqXhkV
s0nkWxnOIidTHSXvBZfDFA4Idwte94Thrzf8Pn8UESudTiqrWoCBXk2UyVsl03gJ
blSJAeJGYPPeo+Yj6m63OWe2+/S2VTgmbPS/RObn0Aeg7yuff0n5+ytEt2KL51gO
QE2uIxTCawHr12PsllPkbqPk/PagIttfEJqn9b0CrqPC3HREePb2aMJ/Ctw/76CO
wn0mtXeIXLCTvBmznXfaMKllsqbsy2nCJ2P2uJjOntw=
=Tavt
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -42,21 +42,14 @@ http {
# Load configuration files for the default server block. # Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf; include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
} }
# Settings for a TLS enabled server. # Settings for a TLS enabled server.
# #
# server { # server {
# listen 443 ssl http2; # listen 443 ssl;
# listen [::]:443 ssl http2; # listen [::]:443 ssl;
# http2 on;
# server_name _; # server_name _;
# root /usr/share/nginx/html; # root /usr/share/nginx/html;
# #
@ -69,14 +62,6 @@ http {
# #
# # Load configuration files for the default server block. # # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf; # include /etc/nginx/default.d/*.conf;
#
# error_page 404 /404.html;
# location = /404.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# } # }
} }

View File

@ -55,7 +55,7 @@
Name: nginx Name: nginx
Epoch: 1 Epoch: 1
Version: 1.24.0 Version: 1.26.0
Release: %autorelease Release: %autorelease
Summary: A high performance web server and reverse proxy server Summary: A high performance web server and reverse proxy server
@ -66,9 +66,10 @@ Source0: https://nginx.org/download/nginx-%{version}.tar.gz
Source1: https://nginx.org/download/nginx-%{version}.tar.gz.asc Source1: https://nginx.org/download/nginx-%{version}.tar.gz.asc
# Keys are found here: https://nginx.org/en/pgp_keys.html # Keys are found here: https://nginx.org/en/pgp_keys.html
Source2: https://nginx.org/keys/maxim.key Source2: https://nginx.org/keys/maxim.key
Source3: https://nginx.org/keys/mdounin.key Source3: https://nginx.org/keys/arut.key
Source4: https://nginx.org/keys/sb.key Source4: https://nginx.org/keys/pluknet.key
Source5: https://nginx.org/keys/thresh.key Source5: https://nginx.org/keys/sb.key
Source6: https://nginx.org/keys/thresh.key
Source10: nginx.service Source10: nginx.service
Source11: nginx.logrotate Source11: nginx.logrotate
Source12: nginx.conf Source12: nginx.conf
@ -78,8 +79,6 @@ Source15: macros.nginxmods.in
Source16: nginxmods.attr Source16: nginxmods.attr
Source17: nginx-ssl-pass-dialog Source17: nginx-ssl-pass-dialog
Source102: nginx-logo.png Source102: nginx-logo.png
Source103: 404.html
Source104: 50x.html
Source200: README.dynamic Source200: README.dynamic
Source210: UPGRADE-NOTES-1.6-to-1.10 Source210: UPGRADE-NOTES-1.6-to-1.10
@ -93,7 +92,7 @@ Patch1: 0002-fix-PIDFile-handling.patch
# downstream patch - Add ssl-pass-phrase-dialog helper script for # downstream patch - Add ssl-pass-phrase-dialog helper script for
# encrypted private keys with pass phrase decryption # encrypted private keys with pass phrase decryption
Patch2: 0003-add-ssl-pass-phrase-dialog.patch Patch2: 0003-Add-SSL-passphrase-dialog.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
@ -253,7 +252,7 @@ Requires: zlib-devel
%prep %prep
# Combine all keys from upstream into one file # Combine all keys from upstream into one file
cat %{S:2} %{S:3} %{S:4} %{S:5} > %{_builddir}/%{name}.gpg cat %{S:2} %{S:3} %{S:4} %{S:5} %{S:6} > %{_builddir}/%{name}.gpg
%{gpgverify} --keyring='%{_builddir}/%{name}.gpg' --signature='%{SOURCE1}' --data='%{SOURCE0}' %{gpgverify} --keyring='%{_builddir}/%{name}.gpg' --signature='%{SOURCE1}' --data='%{SOURCE0}'
%autosetup -p1 %autosetup -p1
cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} . cp %{SOURCE200} %{SOURCE210} %{SOURCE10} %{SOURCE12} .
@ -329,6 +328,7 @@ if ! ./configure \
--with-http_stub_status_module \ --with-http_stub_status_module \
--with-http_sub_module \ --with-http_sub_module \
--with-http_v2_module \ --with-http_v2_module \
--with-http_v3_module \
--with-http_xslt_module=dynamic \ --with-http_xslt_module=dynamic \
--with-mail=dynamic \ --with-mail=dynamic \
--with-mail_ssl_module \ --with-mail_ssl_module \
@ -408,9 +408,6 @@ ln -s ../../pixmaps/system-noindex-logo.png \
%{buildroot}%{_datadir}/nginx/html/system_noindex_logo.png %{buildroot}%{_datadir}/nginx/html/system_noindex_logo.png
%endif %endif
install -p -m 0644 %{SOURCE103} %{SOURCE104} \
%{buildroot}%{_datadir}/nginx/html
%if 0%{?with_mailcap_mimetypes} %if 0%{?with_mailcap_mimetypes}
rm -f %{buildroot}%{_sysconfdir}/nginx/mime.types rm -f %{buildroot}%{_sysconfdir}/nginx/mime.types
%endif %endif

65
pluknet.key Normal file
View File

@ -0,0 +1,65 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
mQINBGKE4psBEADpHSM/IxFD1nXBmnODYXzcl2A+6b6m9m1m2Y4Dlr0ed+y5Lxne
QidE9I74A2KSm6+eHW2yh4i1ZwZbmwpmQqM+j5BMt7axoXOdKSyN+fYtUakzNbBN
EDRKT79q/zIzkgTJradHkCQkwF1W3go+qPXjR2ZEnLma9dZED9VNI6PmOpeYaASo
IkEfbKbwa/vPrvnDSSYY6Y02RXSRk5U1NvQgVUTJP9WGK7NlPUcTBDELLQv6fFPU
kjBOel6MecsQ+v8iq4RJF2cbVF0hNjbAiNldjLV74Xd7yWVRlCbdb2agyvQjMNrD
jHSvbEMiNB3R8yBHVW2Zldv8q0XjcwoDfdiZYFJe3lRUYmv6I2p+/DptD4r/3ILI
peGZtSeOdQEw+vvODL/Ehq03anTrzcpZ6sDLfLrYJhYcrltj0/LMUnLDAjciwRUq
XI46EfxwqsdLeqoZFQeO3LOFsh0kJKR2xOrUHIVy84NJ4Gmro6WmUkb1NfdjyHzF
z8Lfbo46NKoTcwFsFF0q74jVVIVNUyIS91DusiMqLCsP8jqDOz/kyP4bOJQ+aUXf
BANn4Ll1TFWsJ417moxz+Pi5sTaI0na8z2XB1N9WPsSml3FS75hJPJshN2T3VIea
zB7GFWqk33ynSDt+cAisG5nsK9fFdcH+t5wm59oobyFbFhKxwX6ROuxlZwARAQAB
tCRTZXJnZXkgS2FuZGF1cm92IDxwbHVrbmV0QG5naW54LmNvbT6JAk4EEwEKADgW
IQTWeGzjA9mpAimY3GzIRk1UmvdcCgUCYoTimwIbAwULCQgHAwUVCgkICwUWAwIB
AAIeAQIXgAAKCRDIRk1UmvdcCqbOD/9Htgk3mWvUFmrApkWQTIDNmLACZ1Sw1PXj
Uqte8StYB0bYY+nmAXs7O5eC2h1ViParl7En1joEEMQQmH0qSnw4X1CM/hA8TAYW
mBPITTNWo/R52WoyWeWGFnFNIperQmuIZc+pXm0VEFVPiX/2DXbCIu+jaXySvlCN
LekmOD4VC7dJS8/ohoaXOR2T8ufS+1CsyPXomEb+COhqRZ3EVBa+k7pnElkFft3Y
a1fR0AgatZFQpy+ukePhK7s/M5RGhDJWHgSAZFkf+X2jVV4NRJ+XsY80gU5DD2ZX
QT6Je6Knxqk7FnWNSxkhReH6Ss5flZSoGDCmJ2AsPtGeUhus2fGqeN+waGKTZC35
die2V4/cro1SWswSI6Y5GFDZT1olIUztPmSXU/A3oyizJI7XZybwUbpk5kK83VXm
el3U/7Qr/VErlDWFefZWeUvT1RILZ8IRoNj4dv158RnKHt9G508A5qz4hUPKoSeq
SiXhYwfkc31WPzIJ4ev+X5Ka2sG/CKbEMJ7qwc0Kadiu+ePPfqqbXjpTWRyrbcRM
hRNcLNUi1SLWMBClOQG+5GNG1dPPHkbj4dO1OZuaUMwQdu8R8NlsGoVWS40bmVv5
pXstzYCl7k/UnC/Ytlq61GeAoq8ILa6jGj0EWqlhvi0ZNMN+fROhzrRlTzIr/+WE
Xf8EiVNFSbQlU2VyZ2V5IEthbmRhdXJvdiA8cy5rYW5kYXVyb3ZAZjUuY29tPokC
TgQTAQoAOBYhBNZ4bOMD2akCKZjcbMhGTVSa91wKBQJihO2zAhsDBQsJCAcDBRUK
CQgLBRYDAgEAAh4BAheAAAoJEMhGTVSa91wKgLQQANaf4UMndkWoefDQPkJ5qR4K
fuV0WRz59riZEApTkVpPXzl8Y1i8Rgt9pa1v1i12vPyIXKav1rJXQcuDEzqrhQ2G
yvuAE2U/t2mYaMUmwxWO2d8JA3slvBSgOkiYpbLooDizAdKMT5UQWGyw31Wm51iz
HjoztebsyXeXgq9VDjv3D8LUBr/OY3Hguj6HV+zRtC95qgXYadW2FiCtvBK6RTDb
iShTuseLSheGh9dZIUSnzaOiJpDA61ZDYtFZxSpe67vEzhSfHVsF+ZdCjoWhhVv+
+2wR4E0VQQtOM9uX1PMlZ5Ymr02/gidsXCM0ZjYXx4cDDhnq+nKomN64VloXWY9t
PIi86XmzcSWlGUd+Ac6LyW7/f64bUWs4Ih0Idl0PF0sAr/6axKUsIs1nbn5MEtXk
ZPAjcDLqLb9IIQaXRurm/il8v+bLXVBOJq33YUuGRuz8pu4vPA5Q97zglqhlIgbu
prHMJ9hl5q39JwS3As2rK0o6Q9VVKr29rqSEfk4wEttvk0QMMU5zEvVl8MtqPj42
qURqpHOadFbYMTwhUmRBUszRZPa5/pWqq0gWOtpyCWFVAsHFWQGJM1Eo6gGEyHZM
YgBp+d29p2p409r1+06U67GBnXvUy0RyIpkLQtU+lyOJ6vvrBmmsDs/gc69GnlSC
tZmCt0pLesJ7ZJzGdDkduQINBGKE4psBEADQr/enuDeVT11v6ejuYrg7aaZaGFUe
3i28bQ4pRUKNfxs7zVYDDHi2i2bhS5j2yQnbsQtGcgoenw6lapmdQRzr4vjQAz9o
kT6l4qpqvFFQM0wZTnigVDmmO9vTHR8Uk3iCKTd2ax3oko/xPWWYJautJ6ex8cOA
coHSDeOjuIWSxCKq0BDFp6LoxkM8nuyLAX2cbhI3LncaZhVveMeN+Fmcsv+WpkKs
yhX92umZuGwlraSyFy23FiRWSZPu9qVIxMMHvVrQJIgfhyWaHFzoF4M4qDoSKx92
uWfUWgFwPOxOJ6/YcPsX4T8qTl9htmwPN0BibPTlcWaIFXtiU5bE1MivUPeACrI/
gwUfCR3Mg+GYc13C6jzepREUhI7PLi3+A203PlMZd/aaSZkP6j+h4cwdapH5P4uF
7T1EQ0MSdx3neAvu5p0IM6JpriwxfT3HsG+Y952T6MIeXcjNRebsBrygJhJ0/vyr
wV5t8jL0yQty4CiE/QFnBs42l+rngi7K7Y1AZRBGK7JA09XaoLrfLmS+PrbYPsaJ
flkM8GzUB7BBCLozxDHPzmPkf/A1w3XHZnYuZmS+pvjWCIoKpLQHI99oSUGho/TR
gMRO4v7EAzluqCiepMl0xwFfHB115ND/mATazc4Pt6FxUsqffzfZrN01e1UVPrp5
4x6YLO80JnOY6QARAQABiQI2BBgBCgAgFiEE1nhs4wPZqQIpmNxsyEZNVJr3XAoF
AmKE4psCGwwACgkQyEZNVJr3XAp9ghAAgCgErxQYn/Lh/mzsxYXPnisggcBpceks
mGw7knj1EGkXqq9CHn3EjCw8dB5N857UFlUr++DHwpFL5O36PRQo33RIUFbmBypG
8C/xX1jWGu3xcaqS3P1ncsSSl6ckdvy9pjMxThm/RkXO0eJCn7FcanwPJXEB3Pbb
mm0wLI2OXl/m7l5QAr7kErnPvGNzcbX6G35Q/MY8mumBWQ9H53R5ZPpi+OS40Wfn
pZNKdh/Acwa7+2RokPqoOcJfxVdBOUigXTzb45qZgqEsSR7bkZAy2E80A/sJKPqs
OGjp9cog3rBYyNBn5dasfR9KeBtluKnjUbzutXsQoKUSECY00YGrtneSXMku5hoE
Dguk68w/L63ZApYHO/JTgJAYvqPOErAVUegPIw2CT1/2qi5vpClBcKkNS7RXrssA
X+lElE0zbzX3bNG+lQuXby7jNUFYltkEiz6vTtc4HuHy8u40DHMswzkoDr0T8IE0
7ZRAWXwV1nlA/dI337cHCsWMJyqem5wZZO13iqe07qaCg1uvBPeqDo81hOCn1us7
l5SYRUTlt7KSFEHZ+Sx4bmVneAuRi5okaQdmrepy/ss/vVpRwWuQxsPkvT8boS7s
mqOVsZFcNOuUJPUyOz1dHUL6FMYpk1dw+9n41gO4fLBzJekFTB/fxL6SRbYFWWn7
x0VGHDmuaYQ=
=HmVo
-----END PGP PUBLIC KEY BLOCK-----

View File

@ -1,2 +1,2 @@
SHA512 (nginx-1.24.0.tar.gz) = 1114e37de5664a8109c99cfb2faa1f42ff8ac63c932bcf3780d645e5ed32c0b2ac446f80305b4465994c8f9430604968e176ae464fd80f632d1cb2c8f6007ff3 SHA512 (nginx-1.26.0.tar.gz) = 1f604a4a29f1b74eb56de7f1d8b0e5610fa055280b4ad2d3550c56926460de24da81b17485cffb358d8814061d4a9db1e0e5079af7921f1dc329e283e2775791
SHA512 (nginx-1.24.0.tar.gz.asc) = a6b6b0b8bd28338465737c54e058a95747330f68bd0b5d1113341eea6025e5092c0707c2fbc5d58eb18e6eedd321c797274f4e3174652ed13f40b9ccf7705436 SHA512 (nginx-1.26.0.tar.gz.asc) = c2ca6b81c8ffda64bc7efa21a48031fe2628756334cdf32f1cf5133635cb4d4744410769a593cbe766c9ada1af669b6304c3e645687ef9b9f87287204f274124