Vim ftplugin not available in this nginx version

Conflicts:
	.gitignore
	nginx.spec
	sources

.gitignore

@@ -1,8 +1,8 @@
-nginx-0.8.53.tar.gz
 *~
 nginx*/
 x86_64/
 .*.log
 *swp
 *.rpm
-/nginx-1.0.0.tar.gz
+/nginx-*.tar.gz
+/nginx-*.tar.gz.asc

404.html

@@ -92,7 +92,7 @@
                     <p>Something has triggered missing webpage on your
                     website. This is the default 404 error page for
                     <strong>nginx</strong> that is distributed with
-                    Fedora.  It is located
+                    EPEL.  It is located
                     <tt>/usr/share/nginx/html/404.html</tt></p>
 
                     <p>You should customize this error page for your own
@@ -105,13 +105,13 @@
 
             <div class="logos">
                 <a href="http://nginx.net/"><img
-                    src="nginx-logo.png" 
+                    src="/nginx-logo.png"
                     alt="[ Powered by nginx ]"
                     width="121" height="32" /></a>
 
                 <a href="http://fedoraproject.org/"><img 
-                    src="poweredby.png" 
-                    alt="[ Powered by Fedora ]" 
+                    src="/poweredby.png"
+                    alt="[ Powered by Fedora EPEL ]"
                     width="88" height="31" /></a>
             </div>
         </div>

50x.html

@@ -92,7 +92,7 @@
                     <p>Something has triggered an error on your
                     website.  This is the default error page for
                     <strong>nginx</strong> that is distributed with
-                    Fedora.  It is located
+                    EPEL.  It is located
                     <tt>/usr/share/nginx/html/50x.html</tt></p>
 
                     <p>You should customize this error page for your own
@@ -105,13 +105,13 @@
 
             <div class="logos">
                 <a href="http://nginx.net/"><img
-                    src="nginx-logo.png" 
+                    src="/nginx-logo.png"
                     alt="[ Powered by nginx ]"
                     width="121" height="32" /></a>
 
                 <a href="http://fedoraproject.org/"><img 
-                    src="poweredby.png" 
-                    alt="[ Powered by Fedora ]" 
+                    src="/poweredby.png"
+                    alt="[ Powered by Fedora EPEL ]"
                     width="88" height="31" /></a>
             </div>
         </div>

README.dynamic

@@ -0,0 +1,20 @@
+###############
+Dynamic modules
+###############
+
+Dynamic modules are loaded using the "load_modules" directive. The RPM package
+for each module has a '.conf' file in the /usr/share/nginx/modules directory.
+The '.conf' file contains a single "load_modules" directive.
+
+This means that whenever a new dynamic module is installed, it will
+automatically be enabled and Nginx will be reloaded.
+
+--------------------------------------------------------
+Prevent dynamic modules from being enabled automatically
+--------------------------------------------------------
+
+You may want to avoid dynamic modules being enabled automatically. Simply
+remove this line from the top of /etc/nginx/nginx.conf:
+
+    include /usr/lib64/nginx/modules/*.conf;
+

UPGRADE-NOTES-0.8-to-1.10

@@ -0,0 +1,235 @@
+#############
+Upgrade notes
+#############
+
+To resolve numerous security flaws, the nginx package was updated to 1.10.x.
+
+You should review your configuration files in /etc/nginx to determine if there
+are any incompatibilities. Below is a summary of the main incompatible changes.
+Some nginx directives have been changed or removed, so you may need to modify
+your configuration.
+
+Please see upstream release notes for a complete list of new features,
+bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
+(Please note, the version of OpenSSL on RHEL 5 doesn't support HTTP/2.)
+
+Nginx gained support for dynamic modules. As part of this update, dynamic
+modules have been split into subpackages. For the time being these are hard
+dependencies to aid the upgrade path. When you install nginx, all of these
+modules are installed and enabled by default:
+  - nginx-mod-http-geoip
+  - nginx-mod-http-image-filter
+  - nginx-mod-http-perl
+  - nginx-mod-http-xslt-filter
+  - nginx-mod-mail
+  - nginx-mod-stream
+
+Changes with nginx 1.10.x
+
+    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
+       passed to the next server by default if a request has been sent to a
+       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
+       directive explicitly allows retrying such requests.
+
+    *) Change: now the "output_buffers" directive uses two buffers by
+       default.
+
+    *) Change: now nginx limits subrequests recursion, not simultaneous
+       subrequests.
+
+    *) Change: now nginx checks the whole cache key when returning a
+       response from cache.
+       Thanks to Gena Makhomed and Sergey Brester.
+
+    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
+       directives of the stream module are replaced with the
+       "proxy_buffer_size" directive.
+
+    *) Change: duplicate "http", "mail", and "stream" blocks are now
+       disallowed.
+
+    *) Change: now SSLv3 protocol is disabled by default.
+
+    *) Change: some long deprecated directives are not supported anymore.
+
+    *) Change: obsolete aio and rtsig event methods have been removed.
+
+Changes with nginx 1.8.x
+
+    *) Change: the "sendfile" parameter of the "aio" directive is
+       deprecated; now nginx automatically uses AIO to pre-load data for
+       sendfile if both "aio" and "sendfile" directives are used.
+
+    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
+       header lines are passed to a backend while caching if nginx knows in
+       advance that the response will not be cached (e.g., when using
+       proxy_cache_min_uses).
+
+    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
+       backend with caching disabled; the new directives
+       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
+       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
+       after which the lock will be released and another attempt to cache a
+       response will be made.
+
+    *) Change: the "log_format" directive can now be used only at http
+       level.
+
+    *) Change: now nginx takes into account the "Vary" header line in a
+       backend response while caching.
+
+    *) Change: the deprecated "limit_zone" directive is not supported
+       anymore.
+
+    *) Change: now the "stub_status" directive does not require a parameter.
+
+    *) Change: URI escaping now uses uppercase hexadecimal digits.
+       Thanks to Piotr Sikora.
+
+Changes with nginx 1.6.x
+
+    *) Change: improved hash table handling; the default values of the
+       "variables_hash_max_size" and "types_hash_bucket_size" were changed
+       to 1024 and 64 respectively.
+
+    *) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.
+
+    *) Change: a logging level of auth_basic errors about no user/password
+       provided has been lowered from "error" to "info".
+
+    *) Change: now nginx assumes HTTP/1.0 by default if it is not able to
+       detect protocol reliably.
+
+    *) Change: the "js" extension MIME type has been changed to
+       "application/javascript"; default value of the "charset_types"
+       directive was changed accordingly.
+
+    *) Change: now the "image_filter" directive with the "size" parameter
+       returns responses with the "application/json" MIME type.
+
+    *) Change in internal API: now u->length defaults to -1 if working with
+       backends in unbuffered mode.
+
+    *) Change: now after receiving an incomplete response from a backend
+       server nginx tries to send an available part of the response to a
+       client, and then closes client connection.
+
+Changes with nginx 1.4.x
+
+    *) Change: opening and closing a connection without sending any data in
+       it is no longer logged to access_log with error code 400.
+
+    *) Change: a compiler with name "cc" is now used by default.
+
+    *) Change: domain names specified in configuration file are now resolved
+       to IPv6 addresses as well as IPv4 ones.
+
+    *) Change: now if the "include" directive with mask is used on Unix
+       systems, included files are sorted in alphabetical order.
+
+    *) Change: the "add_header" directive adds headers to 201 responses.
+
+    *) Change: the ngx_http_mp4_module module no longer skips tracks in
+       formats other than H.264 and AAC.
+
+    *) Change: the "ipv6only" parameter is now turned on by default for
+       listening IPv6 sockets.
+
+    *) Change: the "single" parameter of the "keepalive" directive is now
+       ignored.
+
+    *) Change: SSL compression is now disabled when using all versions of
+       OpenSSL, including ones prior to 1.0.0.
+
+Changes with nginx 1.2.x
+
+    *) Change: now if the "include" directive with mask is used on Unix
+       systems, included files are sorted in alphabetical order.
+
+    *) Change: the "add_header" directive adds headers to 201 responses.
+
+    *) Change: the "single" parameter of the "keepalive" directive is now
+       ignored.
+
+    *) Change: SSL compression is now disabled when using all versions of
+       OpenSSL, including ones prior to 1.0.0.
+
+    *) Change: keepalive connections are no longer disabled for Safari by
+       default.
+
+    *) Change: the simultaneous subrequest limit has been raised to 200.
+
+    *) Change: a "proxy_pass" directive without URI part now uses changed
+       URI after redirection with the "error_page" directive.
+       Thanks to Lanshun Zhou.
+
+    *) Change: now double quotes are encoded in an "echo" SSI-command
+       output.
+       Thanks to Zaur Abasmirzoev.
+
+    *) Change: the ngx_http_limit_zone_module was renamed to the
+       ngx_http_limit_conn_module.
+
+    *) Change: the "limit_zone" directive was superseded by the
+       "limit_conn_zone" directive with a new syntax.
+
+    *) Change in internal API: now module context data are cleared while
+       internal redirect to named location.
+       Requested by Yichun Zhang.
+
+    *) Change: if a server in an upstream failed, only one request will be
+       sent to it after fail_timeout; the server will be considered alive if
+       it will successfully respond to the request.
+
+    *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an
+       access_log.
+
+    *) Change: now if total size of all ranges is greater than source
+       response size, then nginx disables ranges and returns just the source
+       response.
+
+    *) Change: now cache loader processes either as many files as specified
+       by "loader_files" parameter or works no longer than time specified by
+       the "loader_threshold" parameter during each iteration.
+
+    *) Change: now SIGWINCH signal works only in daemon mode.
+
+Changes with nginx 1.0.x
+
+    *) Change: now double quotes are encoded in an "echo" SSI-command
+       output.
+       Thanks to Zaur Abasmirzoev.
+
+    *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an
+       access_log.
+
+    *) Change: now SIGWINCH signal works only in daemon mode.
+
+    *) Change: now if total size of all ranges is greater than source
+       response size, then nginx disables ranges and returns just the source
+       response.
+
+    *) Change: now default SSL ciphers are "HIGH:!aNULL:!MD5".
+       Thanks to Rob Stradling.
+
+    *) Change: now regular expressions case sensitivity in the "map"
+       directive is given by prefixes "~" or "~*".
+
+    *) Change: now the "split_clients" directive uses MurmurHash2 algorithm
+       because of better distribution.
+       Thanks to Oleg Mamontov.
+
+    *) Change: now long strings starting with zero are not considered as
+       false values.
+       Thanks to Maxim Dounin.
+
+    *) Change: now nginx uses a default listen backlog value 511 on Linux.
+
+    *) Change: now nginx uses a default listen backlog value -1 on Linux.
+       Thanks to Andrei Nigmatulin.
+
+    *) Change: the "secure_link_expires" directive has been canceled.
+
+    *) Change: a logging level of resolver errors has been lowered from
+       "alert" to "error".
+

UPGRADE-NOTES-1.0-to-1.10

@@ -0,0 +1,196 @@
+#############
+Upgrade notes
+#############
+
+To resolve numerous security flaws, the nginx package was updated to 1.10.x.
+
+You should review your configuration files in /etc/nginx to determine if there
+are any incompatibilities. Below is a summary of the main incompatible changes.
+Some nginx directives have been changed or removed, so you may need to modify
+your configuration.
+
+Please see upstream release notes for a complete list of new features,
+bug fixes, and changes: http://nginx.org/en/CHANGES-1.10
+One notable feature is support for HTTP/2.
+
+Nginx gained support for dynamic modules. As part of this update, dynamic
+modules have been split into subpackages. For the time being these are hard
+dependencies to aid the upgrade path. When you install nginx, all of these
+modules are installed and enabled by default:
+  - nginx-mod-http-geoip
+  - nginx-mod-http-image-filter
+  - nginx-mod-http-perl
+  - nginx-mod-http-xslt-filter
+  - nginx-mod-mail
+  - nginx-mod-stream
+
+Changes with nginx 1.10.x
+
+    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
+       passed to the next server by default if a request has been sent to a
+       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
+       directive explicitly allows retrying such requests.
+
+    *) Change: now the "output_buffers" directive uses two buffers by
+       default.
+
+    *) Change: now nginx limits subrequests recursion, not simultaneous
+       subrequests.
+
+    *) Change: now nginx checks the whole cache key when returning a
+       response from cache.
+       Thanks to Gena Makhomed and Sergey Brester.
+
+    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
+       directives of the stream module are replaced with the
+       "proxy_buffer_size" directive.
+
+    *) Change: duplicate "http", "mail", and "stream" blocks are now
+       disallowed.
+
+    *) Change: now SSLv3 protocol is disabled by default.
+
+    *) Change: some long deprecated directives are not supported anymore.
+
+    *) Change: obsolete aio and rtsig event methods have been removed.
+
+Changes with nginx 1.8.x
+
+    *) Change: the "sendfile" parameter of the "aio" directive is
+       deprecated; now nginx automatically uses AIO to pre-load data for
+       sendfile if both "aio" and "sendfile" directives are used.
+
+    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
+       header lines are passed to a backend while caching if nginx knows in
+       advance that the response will not be cached (e.g., when using
+       proxy_cache_min_uses).
+
+    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
+       backend with caching disabled; the new directives
+       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
+       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
+       after which the lock will be released and another attempt to cache a
+       response will be made.
+
+    *) Change: the "log_format" directive can now be used only at http
+       level.
+
+    *) Change: now nginx takes into account the "Vary" header line in a
+       backend response while caching.
+
+    *) Change: the deprecated "limit_zone" directive is not supported
+       anymore.
+
+    *) Change: now the "stub_status" directive does not require a parameter.
+
+    *) Change: URI escaping now uses uppercase hexadecimal digits.
+       Thanks to Piotr Sikora.
+
+Changes with nginx 1.6.x
+
+    *) Change: improved hash table handling; the default values of the
+       "variables_hash_max_size" and "types_hash_bucket_size" were changed
+       to 1024 and 64 respectively.
+
+    *) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.
+
+    *) Change: a logging level of auth_basic errors about no user/password
+       provided has been lowered from "error" to "info".
+
+    *) Change: now nginx assumes HTTP/1.0 by default if it is not able to
+       detect protocol reliably.
+
+    *) Change: the "js" extension MIME type has been changed to
+       "application/javascript"; default value of the "charset_types"
+       directive was changed accordingly.
+
+    *) Change: now the "image_filter" directive with the "size" parameter
+       returns responses with the "application/json" MIME type.
+
+    *) Change in internal API: now u->length defaults to -1 if working with
+       backends in unbuffered mode.
+
+    *) Change: now after receiving an incomplete response from a backend
+       server nginx tries to send an available part of the response to a
+       client, and then closes client connection.
+
+Changes with nginx 1.4.x
+
+    *) Change: opening and closing a connection without sending any data in
+       it is no longer logged to access_log with error code 400.
+
+    *) Change: a compiler with name "cc" is now used by default.
+
+    *) Change: domain names specified in configuration file are now resolved
+       to IPv6 addresses as well as IPv4 ones.
+
+    *) Change: now if the "include" directive with mask is used on Unix
+       systems, included files are sorted in alphabetical order.
+
+    *) Change: the "add_header" directive adds headers to 201 responses.
+
+    *) Change: the ngx_http_mp4_module module no longer skips tracks in
+       formats other than H.264 and AAC.
+
+    *) Change: the "ipv6only" parameter is now turned on by default for
+       listening IPv6 sockets.
+
+    *) Change: the "single" parameter of the "keepalive" directive is now
+       ignored.
+
+    *) Change: SSL compression is now disabled when using all versions of
+       OpenSSL, including ones prior to 1.0.0.
+
+Changes with nginx 1.2.x
+
+    *) Change: now if the "include" directive with mask is used on Unix
+       systems, included files are sorted in alphabetical order.
+
+    *) Change: the "add_header" directive adds headers to 201 responses.
+
+    *) Change: the "single" parameter of the "keepalive" directive is now
+       ignored.
+
+    *) Change: SSL compression is now disabled when using all versions of
+       OpenSSL, including ones prior to 1.0.0.
+
+    *) Change: keepalive connections are no longer disabled for Safari by
+       default.
+
+    *) Change: the simultaneous subrequest limit has been raised to 200.
+
+    *) Change: a "proxy_pass" directive without URI part now uses changed
+       URI after redirection with the "error_page" directive.
+       Thanks to Lanshun Zhou.
+
+    *) Change: now double quotes are encoded in an "echo" SSI-command
+       output.
+       Thanks to Zaur Abasmirzoev.
+
+    *) Change: the ngx_http_limit_zone_module was renamed to the
+       ngx_http_limit_conn_module.
+
+    *) Change: the "limit_zone" directive was superseded by the
+       "limit_conn_zone" directive with a new syntax.
+
+    *) Change in internal API: now module context data are cleared while
+       internal redirect to named location.
+       Requested by Yichun Zhang.
+
+    *) Change: if a server in an upstream failed, only one request will be
+       sent to it after fail_timeout; the server will be considered alive if
+       it will successfully respond to the request.
+
+    *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an
+       access_log.
+
+    *) Change: now if total size of all ranges is greater than source
+       response size, then nginx disables ranges and returns just the source
+       response.
+
+    *) Change: now cache loader processes either as many files as specified
+       by "loader_files" parameter or works no longer than time specified by
+       the "loader_threshold" parameter during each iteration.
+
+    *) Change: now SIGWINCH signal works only in daemon mode.
+

default.conf

@@ -1,53 +1,26 @@
 #
 # The default server
 #
+
 server {
-    listen       80;
+    listen       80 default_server;
+    listen       [::]:80 default_server;
     server_name  _;
+    root         /usr/share/nginx/html;
 
-    #charset koi8-r;
-
-    #access_log  logs/host.access.log  main;
+    # Load configuration files for the default server block.
+    include /etc/nginx/default.d/*.conf;
 
     location / {
-        root   /usr/share/nginx/html;
-        index  index.html index.htm;
     }
 
-    error_page  404              /404.html;
-    location = /404.html {
-        root   /usr/share/nginx/html;
+    error_page 404 /404.html;
+        location = /40x.html {
     }
 
-    # redirect server error pages to the static page /50x.html
-    #
-    error_page   500 502 503 504  /50x.html;
-    location = /50x.html {
-        root   /usr/share/nginx/html;
+    error_page 500 502 503 504 /50x.html;
+        location = /50x.html {
     }
 
-    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
-    #
-    #location ~ \.php$ {
-    #    proxy_pass   http://127.0.0.1;
-    #}
-
-    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
-    #
-    #location ~ \.php$ {
-    #    root           html;
-    #    fastcgi_pass   127.0.0.1:9000;
-    #    fastcgi_index  index.php;
-    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
-    #    include        fastcgi_params;
-    #}
-
-    # deny access to .htaccess files, if Apache's document root
-    # concurs with nginx's one
-    #
-    #location ~ /\.ht {
-    #    deny  all;
-    #}
 }
 
-

index.html

@@ -2,7 +2,7 @@
 
 <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
     <head>
-        <title>Test Page for the Nginx HTTP Server on Fedora</title>
+        <title>Test Page for the Nginx HTTP Server on EPEL</title>
         <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
         <style type="text/css">
             /*<![CDATA[*/
@@ -74,7 +74,7 @@
     </head>
 
     <body>
-        <h1>Welcome to <strong>nginx</strong> on Fedora!</h1>
+        <h1>Welcome to <strong>nginx</strong> on EPEL!</h1>
 
         <div class="content">
             <p>This page is used to test the proper operation of the
@@ -88,7 +88,7 @@
                 <div class="content">
                     <p>This is the default <tt>index.html</tt> page that
                     is distributed with <strong>nginx</strong> on
-                    Fedora.  It is located in
+                    EPEL.  It is located in
                     <tt>/usr/share/nginx/html</tt>.</p>
 
                     <p>You should now put your content in a location of
@@ -108,7 +108,7 @@
 
                 <a href="http://fedoraproject.org/"><img 
                     src="poweredby.png" 
-                    alt="[ Powered by Fedora ]" 
+                    alt="[ Powered by Fedora EPEL ]"
                     width="88" height="31" /></a>
             </div>
         </div>

nginx.conf

@@ -1,69 +1,38 @@
-#######################################################################
-#
-# This is the main Nginx configuration file.  
-#
-# More information about the configuration options is available on 
-#   * the English wiki - http://wiki.nginx.org/Main
-#   * the Russian documentation - http://sysoev.ru/nginx/
-#
-#######################################################################
+# For more information on configuration, see:
+#   * Official English Documentation: http://nginx.org/en/docs/
+#   * Official Russian Documentation: http://nginx.org/ru/docs/
 
-#----------------------------------------------------------------------
-# Main Module - directives that cover basic functionality
-#
-#   http://wiki.nginx.org/NginxHttpMainModule
-#
-#----------------------------------------------------------------------
+user nginx;
+worker_processes auto;
+error_log /var/log/nginx/error.log;
+pid /var/run/nginx.pid;
 
-user              nginx;
-worker_processes  1;
-
-error_log  /var/log/nginx/error.log;
-#error_log  /var/log/nginx/error.log  notice;
-#error_log  /var/log/nginx/error.log  info;
-
-pid        /var/run/nginx.pid;
-
-
-#----------------------------------------------------------------------
-# Events Module 
-#
-#   http://wiki.nginx.org/NginxHttpEventsModule
-#
-#----------------------------------------------------------------------
+# Load dynamic modules. See /usr/share/nginx/README.dynamic.
+include /usr/share/nginx/modules/*.conf;
 
 events {
     worker_connections  1024;
 }
 
 
-#----------------------------------------------------------------------
-# HTTP Core Module
-#
-#   http://wiki.nginx.org/NginxHttpCoreModule 
-#
-#----------------------------------------------------------------------
-
 http {
-    include       /etc/nginx/mime.types;
-    default_type  application/octet-stream;
-
     log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                       '$status $body_bytes_sent "$http_referer" '
                       '"$http_user_agent" "$http_x_forwarded_for"';
 
     access_log  /var/log/nginx/access.log  main;
 
-    sendfile        on;
-    #tcp_nopush     on;
+    sendfile            on;
+    tcp_nopush          on;
+    tcp_nodelay         on;
+    keepalive_timeout   65;
+    types_hash_max_size 2048;
 
-    #keepalive_timeout  0;
-    keepalive_timeout  65;
+    include             /etc/nginx/mime.types;
+    default_type        application/octet-stream;
 
-    #gzip  on;
-    
-    # Load config files from the /etc/nginx/conf.d directory
-    # The default server is in conf.d/default.conf
+    # Load modular configuration files from the /etc/nginx/conf.d directory.
+    # See http://nginx.org/en/docs/ngx_core_module.html#include
+    # for more information.
     include /etc/nginx/conf.d/*.conf;
-
 }

nginx.logrotate

@@ -6,7 +6,7 @@
     compress
     sharedscripts
     postrotate
-        /etc/init.d/nginx reopen_logs
+        /bin/kill -USR1 $(cat /var/run/nginx.pid 2>/dev/null) 2>/dev/null || :
     endscript
 }
 

nginx.spec

@@ -1,196 +1,471 @@
-%define nginx_user      nginx
-%define nginx_group     %{nginx_user}
-%define nginx_home      %{_localstatedir}/lib/nginx
-%define nginx_home_tmp  %{nginx_home}/tmp
-%define nginx_logdir    %{_localstatedir}/log/nginx
-%define nginx_confdir   %{_sysconfdir}/nginx
-%define nginx_datadir   %{_datadir}/nginx
-%define nginx_webroot   %{nginx_datadir}/html
+%global  _hardened_build     1
+%global  nginx_user          nginx
 
-Name:           nginx
-Version:        1.0.0
-Release:        3%{?dist}
-Summary:        Robust, small and high performance HTTP and reverse proxy server
-Group:          System Environment/Daemons   
+Name:              nginx
+Version:           1.10.3
+Release:           1%{?dist}
 
+Summary:           A high performance web server and reverse proxy server
+Group:             System Environment/Daemons
 # BSD License (two clause)
 # http://www.freebsd.org/copyright/freebsd-license.html
-License:        BSD
-URL:            http://nginx.net/ 
-BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+License:           BSD
+URL:               http://nginx.org/
+%if 0%{?rhel} == 5
+BuildRoot:        %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+%endif
 
-BuildRequires:      pcre-devel,zlib-devel,openssl-devel,perl-devel,perl(ExtUtils::Embed)
-BuildRequires:      libxslt-devel,GeoIP-devel,gd-devel
-Requires:           pcre,openssl,GeoIP,gd
-Requires:           perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
-# for /usr/sbin/useradd
-Requires(pre):      shadow-utils
-Requires(post):     chkconfig
-# for /sbin/service
-Requires(preun):    chkconfig, initscripts
-Requires(postun):   initscripts
-Provides:           webserver
-
-Source0:    http://sysoev.ru/nginx/nginx-%{version}.tar.gz
-Source1:    %{name}.init
-Source2:    %{name}.logrotate
-Source3:    virtual.conf
-Source4:    ssl.conf
-Source5:    %{name}.sysconfig
-Source6:    nginx.conf
-Source7:    default.conf
-Source100:  index.html
-Source101:  poweredby.png
-Source102:  nginx-logo.png
-Source103:  50x.html
-Source104:  404.html
+Source0:           http://nginx.org/download/nginx-%{version}.tar.gz
+Source1:           http://nginx.org/download/nginx-%{version}.tar.gz.asc
+Source10:          nginx.init
+Source11:          nginx.logrotate
+Source12:          nginx.conf
+Source13:          default.conf
+Source14:          ssl.conf
+Source15:          virtual.conf
+Source16:          nginx.sysconfig
+Source100:         index.html
+Source101:         poweredby.png
+Source102:         nginx-logo.png
+Source103:         404.html
+Source104:         50x.html
+Source200:         README.dynamic
+Source210:         UPGRADE-NOTES-0.8-to-1.10
+Source211:         UPGRADE-NOTES-1.0-to-1.10
 
 # removes -Werror in upstream build scripts.  -Werror conflicts with
 # -D_FORTIFY_SOURCE=2 causing warnings to turn into errors.
-Patch0:     nginx-auto-cc-gcc.patch
+Patch0:            nginx-auto-cc-gcc.patch
+
+BuildRequires:     openssl-devel
+BuildRequires:     pcre-devel
+BuildRequires:     zlib-devel
+
+Requires:          nginx-filesystem = %{version}-%{release}
+# Introduced at 1.10.1-1 to ease upgrade path. To be removed later.
+Requires:          nginx-all-modules = %{version}-%{release}
+
+Requires:          openssl
+Requires:          pcre
+Requires(pre):     nginx-filesystem
+Requires(post):    chkconfig
+Requires(preun):   chkconfig, initscripts
+Requires(postun):  initscripts
+Provides:          webserver
 
 %description
-Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3
-proxy server written by Igor Sysoev.
+Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and
+IMAP protocols, with a strong focus on high concurrency, performance and low
+memory usage.
+
+%package all-modules
+Group:             System Environment/Daemons
+Summary:           A meta package that installs all available Nginx modules
+%if 0%{?rhel} > 5
+BuildArch:         noarch
+%endif
+
+Requires:          nginx-mod-http-geoip = %{version}-%{release}
+Requires:          nginx-mod-http-image-filter = %{version}-%{release}
+Requires:          nginx-mod-http-perl = %{version}-%{release}
+Requires:          nginx-mod-http-xslt-filter = %{version}-%{release}
+Requires:          nginx-mod-mail = %{version}-%{release}
+Requires:          nginx-mod-stream = %{version}-%{release}
+
+%description all-modules
+%{summary}.
+The main nginx package depends on this to ease the upgrade path. After a grace
+period of several months, modules will become optional.
+
+%package filesystem
+Group:             System Environment/Daemons
+Summary:           The basic directory layout for the Nginx server
+%if 0%{?rhel} > 5
+BuildArch:         noarch
+%endif
+Requires(pre):     shadow-utils
+
+%description filesystem
+The nginx-filesystem package contains the basic directory layout
+for the Nginx server including the correct permissions for the
+directories.
+
+%package mod-http-geoip
+Group:             System Environment/Daemons
+Summary:           Nginx HTTP geoip module
+BuildRequires:     GeoIP-devel
+Requires:          nginx
+Requires:          GeoIP
+
+%description mod-http-geoip
+%{summary}.
+
+%package mod-http-image-filter
+Group:             System Environment/Daemons
+Summary:           Nginx HTTP image filter module
+BuildRequires:     gd-devel
+Requires:          nginx
+Requires:          gd
+
+%description mod-http-image-filter
+%{summary}.
+
+%package mod-http-perl
+Group:             System Environment/Daemons
+Summary:           Nginx HTTP perl module
+%if 0%{?rhel} > 5
+BuildRequires:     perl-devel
+%endif
+BuildRequires:     perl(ExtUtils::Embed)
+Requires:          nginx
+Requires:          perl(:MODULE_COMPAT_%(eval "`%{__perl} -V:version`"; echo $version))
+
+%description mod-http-perl
+%{summary}.
+
+%package mod-http-xslt-filter
+Group:             System Environment/Daemons
+Summary:           Nginx XSLT module
+BuildRequires:     libxslt-devel
+Requires:          nginx
+
+%description mod-http-xslt-filter
+%{summary}.
+
+%package mod-mail
+Group:             System Environment/Daemons
+Summary:           Nginx mail modules
+Requires:          nginx
+
+%description mod-mail
+%{summary}.
+
+%package mod-stream
+Group:             System Environment/Daemons
+Summary:           Nginx stream modules
+Requires:          nginx
+
+%description mod-stream
+%{summary}.
+
 
 %prep
 %setup -q
-
 %patch0 -p0
+cp %{SOURCE200} .
+cp %{SOURCE210} .
+cp %{SOURCE211} .
+
+%if 0%{?rhel} < 6
+# OpenSSL on RHEL 5 is too old for HTTP/2 support.
+sed -i -e 's/http2 //g' %{SOURCE14}
+%endif
 
 %build
 # nginx does not utilize a standard configure script.  It has its own
 # and the standard configure options cause the nginx configure script
 # to error out.  This is is also the reason for the DESTDIR environment
-# variable.  The configure script(s) have been patched (Patch1 and
-# Patch2) in order to support installing into a build environment.
+# variable.
 export DESTDIR=%{buildroot}
 ./configure \
+    --prefix=%{_datadir}/nginx \
+    --sbin-path=%{_sbindir}/nginx \
+    --modules-path=%{_libdir}/nginx/modules \
+    --conf-path=%{_sysconfdir}/nginx/nginx.conf \
+    --error-log-path=%{_localstatedir}/log/nginx/error.log \
+    --http-log-path=%{_localstatedir}/log/nginx/access.log \
+    --http-client-body-temp-path=%{_localstatedir}/lib/nginx/tmp/client_body \
+    --http-proxy-temp-path=%{_localstatedir}/lib/nginx/tmp/proxy \
+    --http-fastcgi-temp-path=%{_localstatedir}/lib/nginx/tmp/fastcgi \
+    --http-uwsgi-temp-path=%{_localstatedir}/lib/nginx/tmp/uwsgi \
+    --http-scgi-temp-path=%{_localstatedir}/lib/nginx/tmp/scgi \
+    --pid-path=%{_localstatedir}/run/nginx.pid \
+    --lock-path=%{_localstatedir}/lock/subsys/nginx \
     --user=%{nginx_user} \
-    --group=%{nginx_group} \
-    --prefix=%{nginx_datadir} \
-    --sbin-path=%{_sbindir}/%{name} \
-    --conf-path=%{nginx_confdir}/%{name}.conf \
-    --error-log-path=%{nginx_logdir}/error.log \
-    --http-log-path=%{nginx_logdir}/access.log \
-    --http-client-body-temp-path=%{nginx_home_tmp}/client_body \
-    --http-proxy-temp-path=%{nginx_home_tmp}/proxy \
-    --http-fastcgi-temp-path=%{nginx_home_tmp}/fastcgi \
-    --http-uwsgi-temp-path=%{nginx_home_tmp}/uwsgi \
-    --http-scgi-temp-path=%{nginx_home_tmp}/scgi \
-    --pid-path=%{_localstatedir}/run/%{name}.pid \
-    --lock-path=%{_localstatedir}/lock/subsys/%{name} \
+    --group=%{nginx_user} \
+    --with-file-aio \
+    --with-ipv6 \
     --with-http_ssl_module \
+    --with-http_v2_module \
     --with-http_realip_module \
     --with-http_addition_module \
-    --with-http_xslt_module \
-    --with-http_image_filter_module \
-    --with-http_geoip_module \
+    --with-http_xslt_module=dynamic \
+    --with-http_image_filter_module=dynamic \
+    --with-http_geoip_module=dynamic \
     --with-http_sub_module \
     --with-http_dav_module \
     --with-http_flv_module \
+    --with-http_mp4_module \
+    --with-http_gunzip_module \
     --with-http_gzip_static_module \
     --with-http_random_index_module \
     --with-http_secure_link_module \
     --with-http_degradation_module \
+    --with-http_slice_module \
     --with-http_stub_status_module \
-    --with-http_perl_module \
-    --with-mail \
-    --with-file-aio \
+    --with-http_perl_module=dynamic \
+    --with-mail=dynamic \
     --with-mail_ssl_module \
-    --with-ipv6 \
+    --with-pcre \
+    --with-pcre-jit \
+    --with-stream=dynamic \
+    --with-stream_ssl_module \
+    --with-debug \
     --with-cc-opt="%{optflags} $(pcre-config --cflags)" \
-    --with-ld-opt="-Wl,-E" # so the perl module finds its symbols
-make %{?_smp_mflags} 
+    --with-ld-opt="$RPM_LD_FLAGS -Wl,-E" # so the perl module finds its symbols
+
+make %{?_smp_mflags}
+
 
 %install
-rm -rf %{buildroot}
 make install DESTDIR=%{buildroot} INSTALLDIRS=vendor
-find %{buildroot} -type f -name .packlist -exec rm -f {} \;
-find %{buildroot} -type f -name perllocal.pod -exec rm -f {} \;
-find %{buildroot} -type f -empty -exec rm -f {} \;
-find %{buildroot} -type f -exec chmod 0644 {} \;
-find %{buildroot} -type f -name '*.so' -exec chmod 0755 {} \;
-chmod 0755 %{buildroot}%{_sbindir}/nginx
-%{__install} -p -D -m 0755 %{SOURCE1} %{buildroot}%{_initrddir}/%{name}
-%{__install} -p -D -m 0644 %{SOURCE2} %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
-%{__install} -p -D -m 0644 %{SOURCE5} %{buildroot}%{_sysconfdir}/sysconfig/%{name}
-%{__install} -p -d -m 0755 %{buildroot}%{nginx_confdir}/conf.d
-%{__install} -p -m 0644 %{SOURCE3} %{SOURCE4} %{SOURCE7} %{buildroot}%{nginx_confdir}/conf.d
-%{__install} -p -m 0644 %{SOURCE6} %{buildroot}%{nginx_confdir}
-%{__install} -p -d -m 0755 %{buildroot}%{nginx_home_tmp}
-%{__install} -p -d -m 0755 %{buildroot}%{nginx_logdir}
-%{__install} -p -d -m 0755 %{buildroot}%{nginx_webroot}
-%{__install} -p -m 0644 %{SOURCE100} %{SOURCE101} %{SOURCE102} %{SOURCE103} %{SOURCE104} %{buildroot}%{nginx_webroot}
 
-# convert to UTF-8 all files that give warnings.
-for textfile in CHANGES
-do
-    mv $textfile $textfile.old
-    iconv --from-code ISO8859-1 --to-code UTF-8 --output $textfile $textfile.old
-    rm -f $textfile.old
+find %{buildroot} -type f -name .packlist -exec rm -f '{}' \;
+find %{buildroot} -type f -name perllocal.pod -exec rm -f '{}' \;
+find %{buildroot} -type f -empty -exec rm -f '{}' \;
+find %{buildroot} -type f -iname '*.so' -exec chmod 0755 '{}' \;
+
+install -p -D -m 0755 %{SOURCE10} \
+    %{buildroot}%{_initrddir}/nginx
+install -p -D -m 0644 %{SOURCE11} \
+    %{buildroot}%{_sysconfdir}/logrotate.d/nginx
+install -p -D -m 0644 %{SOURCE16} \
+    %{buildroot}%{_sysconfdir}/sysconfig/nginx
+
+install -p -d -m 0755 %{buildroot}%{_sysconfdir}/nginx/conf.d
+install -p -d -m 0755 %{buildroot}%{_sysconfdir}/nginx/default.d
+
+install -p -d -m 0700 %{buildroot}%{_localstatedir}/lib/nginx
+install -p -d -m 0700 %{buildroot}%{_localstatedir}/lib/nginx/tmp
+install -p -d -m 0700 %{buildroot}%{_localstatedir}/log/nginx
+
+install -p -d -m 0755 %{buildroot}%{_datadir}/nginx/html
+install -p -d -m 0755 %{buildroot}%{_datadir}/nginx/modules
+install -p -d -m 0755 %{buildroot}%{_libdir}/nginx/modules
+
+install -p -m 0644 %{SOURCE12} \
+    %{buildroot}%{_sysconfdir}/nginx
+install -p -m 0644 %{SOURCE13} %{SOURCE14} %{SOURCE15} \
+    %{buildroot}%{_sysconfdir}/nginx/conf.d
+install -p -m 0644 %{SOURCE100} \
+    %{buildroot}%{_datadir}/nginx/html
+install -p -m 0644 %{SOURCE101} %{SOURCE102} \
+    %{buildroot}%{_datadir}/nginx/html
+install -p -m 0644 %{SOURCE103} %{SOURCE104} \
+    %{buildroot}%{_datadir}/nginx/html
+
+install -p -D -m 0644 %{_builddir}/nginx-%{version}/man/nginx.8 \
+    %{buildroot}%{_mandir}/man8/nginx.8
+
+for i in ftdetect indent syntax; do
+    install -p -D -m644 contrib/vim/${i}/nginx.vim \
+        %{buildroot}%{_datadir}/vim/vimfiles/${i}/nginx.vim
 done
 
-%clean
-rm -rf %{buildroot}
+echo 'load_module "%{_libdir}/nginx/modules/ngx_http_geoip_module.so";' \
+    > %{buildroot}%{_datadir}/nginx/modules/mod-http-geoip.conf
+echo 'load_module "%{_libdir}/nginx/modules/ngx_http_image_filter_module.so";' \
+    > %{buildroot}%{_datadir}/nginx/modules/mod-http-image-filter.conf
+echo 'load_module "%{_libdir}/nginx/modules/ngx_http_perl_module.so";' \
+    > %{buildroot}%{_datadir}/nginx/modules/mod-http-perl.conf
+echo 'load_module "%{_libdir}/nginx/modules/ngx_http_xslt_filter_module.so";' \
+    > %{buildroot}%{_datadir}/nginx/modules/mod-http-xslt-filter.conf
+echo 'load_module "%{_libdir}/nginx/modules/ngx_mail_module.so";' \
+    > %{buildroot}%{_datadir}/nginx/modules/mod-mail.conf
+echo 'load_module "%{_libdir}/nginx/modules/ngx_stream_module.so";' \
+    > %{buildroot}%{_datadir}/nginx/modules/mod-stream.conf
 
-%pre
-if [ $1 == 1 ]; then
-    %{_sbindir}/useradd -c "Nginx user" -s /bin/false -r -d %{nginx_home} %{nginx_user} 2>/dev/null || :
-fi
+%pre filesystem
+getent group %{nginx_user} > /dev/null || groupadd -r %{nginx_user}
+getent passwd %{nginx_user} > /dev/null || \
+    useradd -r -d %{_localstatedir}/lib/nginx -g %{nginx_user} \
+    -s /sbin/nologin -c "Nginx web server" %{nginx_user}
+exit 0
 
 %post
-if [ $1 == 1 ]; then
+if [ $1 -eq 1 ]; then
     /sbin/chkconfig --add %{name}
 fi
+if [ $1 -eq 2 ]; then
+    # Make sure these directories are not world readable.
+    chmod 700 %{_localstatedir}/lib/nginx
+    chmod 700 %{_localstatedir}/lib/nginx/tmp
+    chmod 700 %{_localstatedir}/log/nginx
+fi
 
 %preun
-if [ $1 = 0 ]; then
+if [ $1 -eq 0 ]; then
     /sbin/service %{name} stop >/dev/null 2>&1
     /sbin/chkconfig --del %{name}
 fi
 
 %postun
-if [ $1 == 2 ]; then
+if [ $1 -eq 2 ]; then
     /sbin/service %{name} upgrade || :
 fi
 
 %files
-%defattr(-,root,root,-)
-%doc LICENSE CHANGES README
-%{nginx_datadir}/
-%{_sbindir}/%{name}
-%{_mandir}/man3/%{name}.3pm.gz
-%{_initrddir}/%{name}
-%dir %{nginx_confdir}
-%dir %{nginx_confdir}/conf.d
-%dir %{nginx_logdir}
-%config(noreplace) %{nginx_confdir}/conf.d/*.conf
-%config(noreplace) %{nginx_confdir}/win-utf
-%config(noreplace) %{nginx_confdir}/%{name}.conf.default
-%config(noreplace) %{nginx_confdir}/mime.types.default
-%config(noreplace) %{nginx_confdir}/fastcgi.conf
-%config(noreplace) %{nginx_confdir}/fastcgi.conf.default
-%config(noreplace) %{nginx_confdir}/fastcgi_params
-%config(noreplace) %{nginx_confdir}/fastcgi_params.default
-%config(noreplace) %{nginx_confdir}/scgi_params
-%config(noreplace) %{nginx_confdir}/scgi_params.default
-%config(noreplace) %{nginx_confdir}/uwsgi_params
-%config(noreplace) %{nginx_confdir}/uwsgi_params.default
-%config(noreplace) %{nginx_confdir}/koi-win
-%config(noreplace) %{nginx_confdir}/koi-utf
-%config(noreplace) %{nginx_confdir}/%{name}.conf
-%config(noreplace) %{nginx_confdir}/mime.types
-%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
-%config(noreplace) %{_sysconfdir}/sysconfig/%{name}
-%dir %{perl_vendorarch}/auto/%{name}
-%{perl_vendorarch}/%{name}.pm
-%{perl_vendorarch}/auto/%{name}/%{name}.so
-%attr(-,%{nginx_user},%{nginx_group}) %dir %{nginx_home}
-%attr(-,%{nginx_user},%{nginx_group}) %dir %{nginx_home_tmp}
+%doc LICENSE CHANGES README README.dynamic
+%if 0%{?rhel} == 5
+%doc UPGRADE-NOTES-0.8-to-1.10
+%else
+%doc UPGRADE-NOTES-1.0-to-1.10
+%endif
+%{_datadir}/nginx/html/*
+%{_sbindir}/nginx
+%{_datadir}/vim/vimfiles/ftdetect/nginx.vim
+%{_datadir}/vim/vimfiles/syntax/nginx.vim
+%{_datadir}/vim/vimfiles/indent/nginx.vim
+%{_mandir}/man3/nginx.3pm*
+%{_mandir}/man8/nginx.8*
+%config(noreplace) %{_sysconfdir}/sysconfig/nginx
+%{_initrddir}/nginx
+%config(noreplace) %{_sysconfdir}/nginx/fastcgi.conf
+%config(noreplace) %{_sysconfdir}/nginx/fastcgi.conf.default
+%config(noreplace) %{_sysconfdir}/nginx/fastcgi_params
+%config(noreplace) %{_sysconfdir}/nginx/fastcgi_params.default
+%config(noreplace) %{_sysconfdir}/nginx/koi-utf
+%config(noreplace) %{_sysconfdir}/nginx/koi-win
+%config(noreplace) %{_sysconfdir}/nginx/mime.types
+%config(noreplace) %{_sysconfdir}/nginx/mime.types.default
+%config(noreplace) %{_sysconfdir}/nginx/nginx.conf
+%config(noreplace) %{_sysconfdir}/nginx/nginx.conf.default
+%config(noreplace) %{_sysconfdir}/nginx/scgi_params
+%config(noreplace) %{_sysconfdir}/nginx/scgi_params.default
+%config(noreplace) %{_sysconfdir}/nginx/uwsgi_params
+%config(noreplace) %{_sysconfdir}/nginx/uwsgi_params.default
+%config(noreplace) %{_sysconfdir}/nginx/win-utf
+%config(noreplace) %{_sysconfdir}/nginx/conf.d/*.conf
+%config(noreplace) %{_sysconfdir}/logrotate.d/nginx
+%attr(700,%{nginx_user},%{nginx_user}) %dir %{_localstatedir}/lib/nginx
+%attr(700,%{nginx_user},%{nginx_user}) %dir %{_localstatedir}/lib/nginx/tmp
+%attr(700,%{nginx_user},%{nginx_user}) %dir %{_localstatedir}/log/nginx
+%dir %{_libdir}/nginx/modules
+
+%files all-modules
+
+%files filesystem
+%dir %{_datadir}/nginx
+%dir %{_datadir}/nginx/html
+%dir %{_sysconfdir}/nginx
+%dir %{_sysconfdir}/nginx/conf.d
+%dir %{_sysconfdir}/nginx/default.d
+
+%files mod-http-geoip
+%{_datadir}/nginx/modules/mod-http-geoip.conf
+%{_libdir}/nginx/modules/ngx_http_geoip_module.so
+
+%files mod-http-image-filter
+%{_datadir}/nginx/modules/mod-http-image-filter.conf
+%{_libdir}/nginx/modules/ngx_http_image_filter_module.so
+
+%files mod-http-perl
+%{_datadir}/nginx/modules/mod-http-perl.conf
+%{_libdir}/nginx/modules/ngx_http_perl_module.so
+%dir %{perl_vendorarch}/auto/nginx
+%{perl_vendorarch}/nginx.pm
+%{perl_vendorarch}/auto/nginx/nginx.so
+
+%files mod-http-xslt-filter
+%{_datadir}/nginx/modules/mod-http-xslt-filter.conf
+%{_libdir}/nginx/modules/ngx_http_xslt_filter_module.so
+
+%files mod-mail
+%{_datadir}/nginx/modules/mod-mail.conf
+%{_libdir}/nginx/modules/ngx_mail_module.so
+
+%files mod-stream
+%{_datadir}/nginx/modules/mod-stream.conf
+%{_libdir}/nginx/modules/ngx_stream_module.so
 
 
 %changelog
+* Tue May 07 2019 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.10.3-1
+- Update to upstream release 1.10.3
+
+* Mon Oct 31 2016 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.10.2-1
+- update to upstream release 1.10.2
+
+* Sat Jul 02 2016 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.10.1-1
+- update to upstream release 1.10.1
+- split dynamic modules into subpackages
+- spec file cleanup
+
+* Tue Jun 16 2015 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-12
+- fix path to png images in error pages (#1232277)
+- optimize png images with optipng
+
+* Tue Nov 11 2014 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-11
+- fix CVE-2013-4547 security bypass due to whitespace parsing
+  (#1032266, #1032270)
+
+* Wed Oct 22 2014 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-10
+- add vim files (#1142849)
+
+* Wed Oct 22 2014 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-9
+- use default.d directory
+
+* Wed Oct 08 2014 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-8
+- fix typo in Requires
+
+* Mon Sep 22 2014 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-7
+- create nginx-filesystem subpackage (patch from Remi Collet)
+
+* Mon Sep 22 2014 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-6
+- fix CVE-2014-3616 virtual host confusion (#1142573, #1142576)
+
+* Fri Apr 26 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-5
+- enable debugging (#956845)
+- trim changelog
+
+* Fri Feb 22 2013 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-4
+- make sure nginx directories are not world readable (#913734, #913736)
+
+* Sun Oct 28 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-3
+- add nginx man page (#870738)
+- link to official documentation not the community wiki (#870733)
+- default.conf: add "default_server" to the "listen" directive (#842738)
+
+* Mon May 14 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-2
+- fix postrotate script in nginx.logrotate (#705264)
+
+* Thu Apr 19 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.15-1
+- update to upstream release 1.0.15
+- CVE-2012-2089 (#812093)
+
+* Thu Mar 15 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.14-1
+- update to upstream release 1.0.14
+- CVE-2012-1180 (#803856)
+
+* Sun Mar 04 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.13-2
+- remove incorrect BR
+
+* Sat Mar 03 2012 Jamie Nguyen <jamielinux@fedoraproject.org> - 1.0.13-1
+- update to upstream release 1.0.13
+- general spec file cleanup to match rawhide (for easier diff), including:
+- replace %%define with %%global
+- amend nginx.init and nginx.conf
+- amend %%pre scriptlet to match with guidelines
+- remove obsolete BuildRoot tag, %%clean section and %%defattr
+- remove various unnecessary commands
+
+* Sun Feb 19 2012 Jeremy Hinegardner <jeremy at hinegardner dot org> - 1.0.12-1
+- Update to 1.0.12
+
+* Wed Dec 14 2011 Keiran "Affix" Smith <fedora@affix.me> - 1.0.10-2
+- Fix Build Issue
+
+* Thu Nov 17 2011 Keiran "Affix" Smith <fedora@affix.me> - 1.0.10-1
+- Bugfix: a segmentation fault might occur in a worker process if resolver got a big DNS response. Thanks to Ben Hawkes.
+- Bugfix: in cache key calculation if internal MD5 implementation wasused; the bug had appeared in 1.0.4.
+- Bugfix: the module ngx_http_mp4_module sent incorrect "Content-Length" response header line if the "start" argument was used. Thanks to Piotr Sikora.
+
+* Thu Oct 27 2011 Keiran "Affix" Smith <fedora@affix.me> - 1.0.8-1
+- Update to new 1.0.8 stable release
+
+* Fri Aug 26 2011 Keiran "Affix" Smith <fedora@affix.me> - 1.0.5-1
+- Update nginx to Latest Stable Release
+
 * Fri Jun 17 2011 Marcela Mašláňová <mmaslano@redhat.com> - 1.0.0-3
 - Perl mass rebuild
 
@@ -240,140 +515,3 @@ fi
 
 * Fri Dec 04 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.64-1
 - Update to new stable 0.7.64
-
-* Tue Oct 29 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.63-1
-- Update to new stable 0.7.63
-- reinstate zlib dependency
-
-* Mon Sep 14 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.62-1
-- Update to new stable 0.7.62
-- fixes CVE-2009-2629
-- fix rpmlint zlib dependency complaint
-
-* Fri Aug 21 2009 Tomas Mraz <tmraz@redhat.com> - 0.7.61-2
-- rebuilt with new openssl
-
-* Sun Aug 02 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.7.61-1
-- Update to new stable 0.7.61
-
-* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.36-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
-
-* Sun May 17 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.36-2
-- init script updates from Gena Makhomed
-- remove nginx-upstream-fair
-
-* Sat Apr 11 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.36-1
--  update to 0.6.36
-
-* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.6.35-3
-- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
-
-* Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-2
-- rebuild
-
-* Thu Feb 19 2009 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.35-1
-- update to 0.6.35
-
-* Sat Jan 17 2009 Tomas Mraz <tmraz@redhat.com> - 0.6.34-2
-- rebuild with new openssl
-
-* Tue Dec 30 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.34-1
-- update to 0.6.34
-
-* Thu Dec  4 2008 Michael Schwendt <mschwendt@fedoraproject.org> - 0.6.33-2
-- Fix inclusion of /usr/share/nginx tree => no unowned directories.
-
-* Sun Nov 23 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.33-1
-- update to 0.6.33
-
-* Tue Jul 22 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.32-1
-- update to 0.6.32
-- nginx now supports DESTDIR so removed the patches that enabled it 
-
-* Mon May 26 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.31-3
-- init script fixes
-- resolve 'listen 80 default' [#447873]
-
-* Mon May 12 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.31-2
-- update to 0.6.31
-
-* Sun May 11 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.6.30-2
-- upate to new upstream stable branch 0.6
-- added 3rd party module nginx-upstream-fair
-- added default webpages
-
-* Sun Apr 20 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.5.35-2
-- update init script to match recommended guidelines
-- add /etc/nginx/conf.d support [#443280]
-- use /etc/sysconfig/nginx to determine nginx.conf [#442708]
-
-* Tue Mar 18 2008 Tom "spot" Callaway <tcallawa@redhat.com> - 0.5.35-3
-- add Requires for versioned perl (libperl.so)
-- drop silly file Requires
-
-* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org> - 0.5.35-2
-- Autorebuild for GCC 4.3
-
-* Sat Jan 19 2008 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.5.35-1
-- update to 0.5.35
-
-* Sat Dec 15 2007 Jeremy Hinegardner <jeremy at hinegardner dot org> - 0.5.34-1
-- update to 0.5.34
-
-* Wed Dec 05 2007 Release Engineering <rel-eng at fedoraproject dot org> - 0.5.33-2
- - Rebuild for deps
-
-* Sun Nov 11 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.33-1
-- update to 0.5.33
-
-* Mon Sep 24 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.32-1
-- updated to 0.5.32
-- fixed rpmlint UTF-8 complaints.
-
-* Sat Aug 18 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.31-2
-- added --with-http_stub_status_module build option.
-- added --with-http_sub_module build option.
-- added use of pcre-config --cflags
-
-* Fri Aug 17 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.31-1
-- Update to 0.5.31
-- specify license is BSD
-
-* Sat Aug 11 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.30-2
-- Add BuildRequires: perl-devel - fixing rawhide build
-
-* Mon Jul 30 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.30-1
-- Update to 0.5.30
-
-* Tue Jul 24 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.29-1
-- Update to 0.5.29
-
-* Wed Jul 18 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.28-1
-- Update to 0.5.28
-
-* Mon Jul 09 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.27-1
-- Update to 0.5.27
-
-* Mon Jun 18 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.26-1
-- Update to 0.5.26
-
-* Sat Apr 28 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.19-1
-- Update to 0.5.19
-
-* Mon Apr 02 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.17-1
-- Update to 0.5.17
-
-* Mon Mar 26 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.16-1
-- Update to 0.5.16
-- add ownership of /usr/share/nginx/html (#233950)
-
-* Fri Mar 23 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.15-3
-- fixed package review bugs (#235222) given by ruben@rubenkerkhof.com
-
-* Thu Mar 22 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.15-2
-- fixed package review bugs (#233522) given by kevin@tummy.com
-
-* Thu Mar 22 2007 Jeremy Hinegardner <jeremy@hinegardner.org> - 0.5.15-1
-- create patches to assist with building for Fedora
-- initial packaging for Fedora

sources

@@ -1 +1,2 @@
-5751c920c266ea5bb5fc38af77e9c71c  nginx-1.0.0.tar.gz
+SHA512 (nginx-1.10.3.tar.gz) = 25cddbe5c419700aeca41bff3be5b7c3accfb38ad846ec8d91d81ab7c15f10db719f02d9263edf1fa12f59805ff7001b62864dc2885370b24afeea1d7d2afbbf
+SHA512 (nginx-1.10.3.tar.gz.asc) = 64835f2e27c8bd4e138baf28066660d046791bc71b25fd91c07e5ab4ed36ae073588696cdc64b6f6160135866fc62d0b79903d4c100a6004846473376a125ae1

ssl.conf

@@ -3,22 +3,30 @@
 #
 
 #server {
-#    listen       443;
+#    listen       443 ssl http2 default_server;
+#    listen       [::]:443 ssl;
 #    server_name  _;
-
-#    ssl                  on;
-#    ssl_certificate      cert.pem;
-#    ssl_certificate_key  cert.key;
-
-#    ssl_session_timeout  5m;
-
-#    ssl_protocols  SSLv2 SSLv3 TLSv1;
-#    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
-#    ssl_prefer_server_ciphers   on;
-
+#    root         /usr/share/nginx/html;
+#
+#    ssl_certificate cert.pem;
+#    ssl_certificate_key cert.key;
+#    ssl_session_cache shared:SSL:1m;
+#    ssl_session_timeout  10m;
+#    ssl_ciphers HIGH:!aNULL:!MD5;
+#    ssl_prefer_server_ciphers on;
+#
+#    # Load configuration files for the default server block.
+#    include /etc/nginx/default.d/*.conf;
+#
 #    location / {
-#        root   html;
-#        index  index.html index.htm;
+#    }
+#
+#    error_page 404 /404.html;
+#        location = /40x.html {
+#    }
+#
+#    error_page 500 502 503 504 /50x.html;
+#        location = /50x.html {
 #    }
 #}