From 63d3d4b465b74f8d6d348b557c61ff70ed2fbfe2 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis <yatiohi@ideopolis.gr>
Date: Tue, 14 Feb 2017 10:31:19 +0200
Subject: [PATCH 1/4] Build against openssl 1.0.2 enabling ALPN support for
 http/2

---
 debian/control | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/debian/control b/debian/control
index 89a7abc..bcdb717 100644
--- a/debian/control
+++ b/debian/control
@@ -20,7 +20,7 @@ Build-Depends: autotools-dev,
                libpam0g-dev,
                libpcre3-dev,
                libperl-dev,
-               libssl-dev,
+               libssl-dev (>= 1.0.2),
                libxslt1-dev,
                po-debconf,
                quilt,

From ee717e1b42d2f72bdeacd657c0364c26b46d7132 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis <yatiohi@ideopolis.gr>
Date: Tue, 14 Feb 2017 10:33:06 +0200
Subject: [PATCH 2/4] Explicitly disable PIE as it breaks shared libs

---
 debian/rules | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/debian/rules b/debian/rules
index b4389c0..50c9a8f 100755
--- a/debian/rules
+++ b/debian/rules
@@ -1,13 +1,13 @@
 #!/usr/bin/make -f
 export DH_VERBOSE=1
 
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all
+export DEB_BUILD_MAINT_OPTIONS=hardening=+bindnow,-pie
 debian_cflags:=$(shell dpkg-buildflags --get CFLAGS) $(shell dpkg-buildflags --get CPPFLAGS)
 debian_ldflags:=$(shell dpkg-buildflags --get LDFLAGS)
 
 # export necessary perl hardenging flags
 # see: src/http/modules/perl/Makefile.PL
-DEBIAN_NGINX_PERL_LDFLAGS:= $(shell DEB_BUILD_MAINT_OPTIONS=hardening=+all dpkg-buildflags --get LDFLAGS)
+DEBIAN_NGINX_PERL_LDFLAGS:= $(shell DEB_BUILD_MAINT_OPTIONS=hardening=+bindnow,-pie dpkg-buildflags --get LDFLAGS)
 export DEBIAN_NGINX_PERL_LDFLAGS
 
 FLAVOURS := full light extras

From d71a2f28b636550cc8e726facb0596e26310ada9 Mon Sep 17 00:00:00 2001
From: Christos Trochalakis <yatiohi@ideopolis.gr>
Date: Fri, 24 Feb 2017 12:44:42 +0200
Subject: [PATCH 3/4] Disable ec-x25519 test

---
 debian/tests/control | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/debian/tests/control b/debian/tests/control
index 03cd901..2bc571a 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -2,10 +2,6 @@ Tests: light-simple
 Restrictions: allow-stderr isolation-container
 Depends: nginx-light, curl
 
-Tests: ec-x25519
-Restrictions: allow-stderr isolation-container needs-root
-Depends: nginx-light, ssl-cert, curl
-
 Tests: full-simple
 Restrictions: allow-stderr isolation-container
 Depends: nginx-full, curl

From 5c9ff149585c585a344c44fffe0608389c60752f Mon Sep 17 00:00:00 2001
From: Christos Trochalakis <yatiohi@ideopolis.gr>
Date: Thu, 23 Feb 2017 09:09:58 +0200
Subject: [PATCH 4/4] Release 1.10.3-1~bpo8+1

---
 debian/changelog | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index d73f283..82cc9ea 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+nginx (1.10.3-1~bpo8+1) jessie-backports; urgency=medium
+
+  * Rebuild for jessie-backports.
+  * Build against openssl 1.0.2 enabling ALPN support for http/2.
+  * Explicitly disable PIE as it breaks shared libs.
+  * Disable ec-x25519 test.
+
+ -- Christos Trochalakis <ctrochalakis@debian.org>  Thu, 23 Feb 2017 09:09:34 +0200
+
 nginx (1.10.3-1) unstable; urgency=medium
 
   * New upstream release. (Closes: #855113)