From cc509a2a07a7955a0e7b13c7f8e0973862701b24 Mon Sep 17 00:00:00 2001 From: Wonderfall Date: Wed, 20 Sep 2017 19:12:55 +0200 Subject: [PATCH] reverse: add full HPACK encoding support --- reverse/Dockerfile | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/reverse/Dockerfile b/reverse/Dockerfile index eed9ce4..0784754 100644 --- a/reverse/Dockerfile +++ b/reverse/Dockerfile @@ -100,6 +100,10 @@ RUN NB_CORES=${BUILD_CORES-$(getconf _NPROCESSORS_CONF)} \ && echo "All seems good, now unpacking ${NGINX_TARBALL}..." \ && tar xzf ${NGINX_TARBALL} && cd nginx-${NGINX_VERSION} \ +# Nginx patch : full HPACK encoding + && wget -q https://gist.githubusercontent.com/Wonderfall/da386e52e8c65c81d358c64066c85ace/raw/e9ee0228eaf37c9da3fd70129700651f6a9d5839/nginx-http2-hpack.patch \ + && patch -p1 < nginx-http2-hpack.patch \ + # Nginx patch : dynamic TLS records && wget -q https://raw.githubusercontent.com/cujanovic/nginx-dynamic-tls-records-patch/master/nginx__dynamic_tls_records_1.13.0%2B.patch -O dynamic_records.patch \ && patch -p1 < dynamic_records.patch \ @@ -108,10 +112,11 @@ RUN NB_CORES=${BUILD_CORES-$(getconf _NPROCESSORS_CONF)} \ && ./configure \ --prefix=/nginx \ --sbin-path=/usr/local/sbin/nginx \ - --with-cc-opt="-O3 -fPIE -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -Wno-deprecated-declarations -I ../boringssl/.openssl/include/" \ - --with-ld-opt="-lrt -ljemalloc -Wl,-Bsymbolic-functions -Wl,-z,relro -L ../boringssl/.openssl/lib" \ + --with-cc-opt="-O3 -fPIE -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -Wno-deprecated-declarations -Wno-error=strict-aliasing" \ + --with-ld-opt="-lrt -ljemalloc -Wl,-Bsymbolic-functions -Wl,-z,relro" \ --with-openssl-opt='no-async enable-ec_nistp_64_gcc_128 no-shared no-ssl2 no-ssl3 no-comp no-idea no-weak-ssl-ciphers -DOPENSSL_NO_HEARTBEATS -O3 -fPIE -fstack-protector-strong -D_FORTIFY_SOURCE=2' \ --with-openssl=/tmp/openssl-${OPENSSL_VERSION} \ + --with-http_v2_hpack_enc \ --http-log-path=/nginx/log/nginx_access.log \ --error-log-path=/nginx/log/nginx_error.log \ --pid-path=/nginx/run/nginx.pid \