Package: src:nginx Followup-For: Bug #733107 Dear Maintainer,
I have checked-out the nginx source package from collab-maint git repository and prepared the patch to fix this bug, please find the attached file. Best regards, Neutron Soutmun -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash
From 8dc8b9e6a71b745f9bf070a1f1866d0a46b73c7f Mon Sep 17 00:00:00 2001 From: Neutron Soutmun <neo.neut...@gmail.com> Date: Wed, 25 Dec 2013 22:07:52 +0700 Subject: [PATCH] Fix FTBFS against the recent libssl-dev --- debian/changelog | 4 ++++ .../guard-use-of-deprecated-openssl-definition.patch | 19 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 24 insertions(+) create mode 100644 debian/patches/guard-use-of-deprecated-openssl-definition.patch diff --git a/debian/changelog b/debian/changelog index 94a8a67..f922545 100644 --- a/debian/changelog +++ b/debian/changelog @@ -21,6 +21,10 @@ nginx (1.4.4-2) UNRELEASED; urgency=low + Host header should be passed unmodified to the proxied server. + Pass X-Forwarded-Proto header to the proxied server. + [ Neutron Soutmun ] + * debian/patches/guard-use-of-deprecated-openssl-definition.patch: + + Fix FTBFS against the recent libssl-dev. (Closes: #733107) + -- Michael Lustfield <mich...@forge.lustfield.net> Sun, 24 Nov 2013 15:59:52 -0600 nginx (1.4.4-1) unstable; urgency=low diff --git a/debian/patches/guard-use-of-deprecated-openssl-definition.patch b/debian/patches/guard-use-of-deprecated-openssl-definition.patch new file mode 100644 index 0000000..1ebc8bc --- /dev/null +++ b/debian/patches/guard-use-of-deprecated-openssl-definition.patch @@ -0,0 +1,19 @@ +Description: guard use of SSL_OP_MSIE_SSLV2_RSA_PADDING + This option had no effect since 0.9.7h / 0.9.8b and it was removed + in recent OpenSSL +Author: Piotr Sikora <pi...@cloudflare.com> +Origin: http://trac.nginx.org/nginx/changeset/a73678f5f96ffead0b616b2c03dfcfd5445d443b/nginx + +Index: src/event/ngx_event_openssl.c +=================================================================== +--- a/src/event/ngx_event_openssl.c ++++ b/src/event/ngx_event_openssl.c +@@ -186,6 +186,8 @@ + SSL_CTX_set_options(ssl->ctx, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER); + ++#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING + /* this option allow a potential SSL 2.0 rollback (CAN-2005-2969) */ + SSL_CTX_set_options(ssl->ctx, SSL_OP_MSIE_SSLV2_RSA_PADDING); ++#endif + + SSL_CTX_set_options(ssl->ctx, SSL_OP_SSLEAY_080_CLIENT_DH_BUG); diff --git a/debian/patches/series b/debian/patches/series index 73f535e..f4cd23e 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1 +1,2 @@ perl-use-dpkg-buildflags.patch +guard-use-of-deprecated-openssl-definition.patch -- 1.8.5.2
signature.asc
Description: Digital signature