diff --git a/0001-nghttp2-1.13.0-armv7hl-sigsegv.patch b/0001-nghttp2-1.13.0-armv7hl-sigsegv.patch new file mode 100644 index 0000000..b4b3027 --- /dev/null +++ b/0001-nghttp2-1.13.0-armv7hl-sigsegv.patch @@ -0,0 +1,99 @@ +From 9fcf3200342603e9aa86a4bd3ba62f890237a200 Mon Sep 17 00:00:00 2001 +From: Kamil Dudka +Date: Tue, 26 Jul 2016 12:58:46 +0200 +Subject: [PATCH] nghttpx: avoid using std::function to fix crash on armv7hl + +Bug: https://bugzilla.redhat.com/1358845 +--- + src/shrpx_client_handler.cc | 8 ++++---- + src/shrpx_client_handler.h | 6 ++++-- + src/shrpx_http_downstream_connection.cc | 6 +++--- + src/shrpx_http_downstream_connection.h | 5 +++-- + 4 files changed, 14 insertions(+), 11 deletions(-) + +diff --git a/src/shrpx_client_handler.cc b/src/shrpx_client_handler.cc +index 2c9b2a1..890143e 100644 +--- a/src/shrpx_client_handler.cc ++++ b/src/shrpx_client_handler.cc +@@ -654,12 +654,12 @@ int ClientHandler::validate_next_proto() { + return -1; + } + +-int ClientHandler::do_read() { return read_(*this); } +-int ClientHandler::do_write() { return write_(*this); } ++int ClientHandler::do_read() { return (this->*read_)(); } ++int ClientHandler::do_write() { return (this->*write_)(); } + + int ClientHandler::on_read() { + if (rb_.chunk_avail()) { +- auto rv = on_read_(*this); ++ auto rv = (this->*on_read_)(); + if (rv != 0) { + return rv; + } +@@ -667,7 +667,7 @@ int ClientHandler::on_read() { + conn_.handle_tls_pending_read(); + return 0; + } +-int ClientHandler::on_write() { return on_write_(*this); } ++int ClientHandler::on_write() { return (this->*on_write_)(); } + + const StringRef &ClientHandler::get_ipaddr() const { return ipaddr_; } + +diff --git a/src/shrpx_client_handler.h b/src/shrpx_client_handler.h +index bdfdafd..08f42b3 100644 +--- a/src/shrpx_client_handler.h ++++ b/src/shrpx_client_handler.h +@@ -185,8 +185,10 @@ private: + StringRef forwarded_for_; + // lowercased TLS SNI which client sent. + StringRef sni_; +- std::function read_, write_; +- std::function on_read_, on_write_; ++ int (ClientHandler::*read_)(); ++ int (ClientHandler::*write_)(); ++ int (ClientHandler::*on_read_)(); ++ int (ClientHandler::*on_write_)(); + // Address of frontend listening socket + const UpstreamAddr *faddr_; + Worker *worker_; +diff --git a/src/shrpx_http_downstream_connection.cc b/src/shrpx_http_downstream_connection.cc +index 077844c..8a38788 100644 +--- a/src/shrpx_http_downstream_connection.cc ++++ b/src/shrpx_http_downstream_connection.cc +@@ -1449,13 +1449,13 @@ int HttpDownstreamConnection::connected() { + return 0; + } + +-int HttpDownstreamConnection::on_read() { return on_read_(*this); } ++int HttpDownstreamConnection::on_read() { return (this->*on_read_)(); } + +-int HttpDownstreamConnection::on_write() { return on_write_(*this); } ++int HttpDownstreamConnection::on_write() { return (this->*on_write_)(); } + + void HttpDownstreamConnection::on_upstream_change(Upstream *upstream) {} + +-void HttpDownstreamConnection::signal_write() { signal_write_(*this); } ++void HttpDownstreamConnection::signal_write() { (this->*signal_write_)(); } + + int HttpDownstreamConnection::actual_signal_write() { + ev_feed_event(conn_.loop, &conn_.wev, EV_WRITE); +diff --git a/src/shrpx_http_downstream_connection.h b/src/shrpx_http_downstream_connection.h +index 8fad535..0ab430c 100644 +--- a/src/shrpx_http_downstream_connection.h ++++ b/src/shrpx_http_downstream_connection.h +@@ -91,8 +91,9 @@ public: + + private: + Connection conn_; +- std::function on_read_, on_write_, +- signal_write_; ++ int (HttpDownstreamConnection::*on_read_)(); ++ int (HttpDownstreamConnection::*on_write_)(); ++ int (HttpDownstreamConnection::*signal_write_)(); + Worker *worker_; + // nullptr if TLS is not used. + SSL_CTX *ssl_ctx_; +-- +2.5.5 + diff --git a/nghttp2-1.7.0-gcc6.patch b/nghttp2-1.7.0-gcc6.patch deleted file mode 100644 index 7bb898b..0000000 --- a/nghttp2-1.7.0-gcc6.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 74bbd628eb904b8aa4d6258692d581edfe3865e5 Mon Sep 17 00:00:00 2001 -From: Tatsuhiro Tsujikawa -Date: Sat, 30 Jan 2016 18:41:27 +0900 -Subject: [PATCH] Fix compile error with gcc-6 which enables C++14 by default - -Upstream-commit: 4e44fccdcf1d0fea6a8cd88916040e06fc75d9db -Signed-off-by: Kamil Dudka ---- - src/template.h | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/template.h b/src/template.h -index 0346034..b5862d5 100644 ---- a/src/template.h -+++ b/src/template.h -@@ -38,6 +38,9 @@ - - namespace nghttp2 { - -+#if __cplusplus > 201103L -+using std::make_unique; -+#else // __cplusplus <= 201103L - template - typename std::enable_if::value, std::unique_ptr>::type - make_unique(U &&... u) { -@@ -49,6 +52,7 @@ typename std::enable_if::value, std::unique_ptr>::type - make_unique(size_t size) { - return std::unique_ptr(new typename std::remove_extent::type[size]()); - } -+#endif // __cplusplus <= 201103L - - // std::forward is constexpr since C++14 - template --- -2.5.0 - diff --git a/nghttp2.spec b/nghttp2.spec index 86391e1..7aa58b8 100644 --- a/nghttp2.spec +++ b/nghttp2.spec @@ -1,16 +1,17 @@ Summary: Experimental HTTP/2 client, server and proxy Name: nghttp2 -Version: 1.7.1 +Version: 1.21.0 Release: 1%{?dist} License: MIT Group: Applications/Internet URL: https://nghttp2.org/ Source0: https://github.com/tatsuhiro-t/nghttp2/releases/download/v%{version}/nghttp2-%{version}.tar.xz -# make the package compile with gcc-6 -Patch1: nghttp2-1.7.0-gcc6.patch +# prevent nghttpx from crashing on armv7hl (#1358845) +Patch1: 0001-nghttp2-1.13.0-armv7hl-sigsegv.patch BuildRequires: CUnit-devel +BuildRequires: c-ares-devel BuildRequires: libev-devel BuildRequires: openssl-devel BuildRequires: zlib-devel @@ -105,6 +106,9 @@ make %{?_smp_mflags} check %changelog +* Mon Apr 03 2017 Kamil Dudka 1.21.0-1 +- update to the latest upstream release (#1438364) + * Thu Feb 11 2016 Kamil Dudka 1.7.1-1 - update to the latest upstream release (fixes CVE-2016-1544)