Commit graph

4360 commits

Author SHA1 Message Date
Maxim Dounin
4bcfb3d7c1 release-1.3.12 tag 2013-02-05 14:07:01 +00:00
Maxim Dounin
2258d26b3e nginx-1.3.12-RELEASE 2013-02-05 14:06:41 +00:00
Maxim Dounin
963fb4d535 Updated OpenSSL used for win32 builds. 2013-02-05 13:41:48 +00:00
Ruslan Ermilov
e6c96519f6 GeoIP: removed pseudo-support of "proxy" and "netspeed" databases. 2013-02-04 16:44:22 +00:00
Maxim Dounin
37e741775e FastCGI: proper handling of split fastcgi end request.
If fastcgi end request record was split between several network packets,
with fastcgi_keep_conn it was possible that connection was saved in incorrect
state (e.g. with padding bytes not yet read).
2013-02-01 14:41:50 +00:00
Maxim Dounin
74f81e76ee FastCGI: unconditional state transitions.
Checks for f->padding before state transitions make code hard to follow,
remove them and make sure we always do another loop iteration after
f->state is set to ngx_http_fastcgi_st_padding.
2013-02-01 14:41:07 +00:00
Maxim Dounin
12a3a4d569 FastCGI: fixed wrong connection close with fastcgi_keep_conn.
With fastcgi_keep_conn it was possible that connection was closed after
FCGI_STDERR record with zero padding and without any further data read yet.
This happended as f->state was set to ngx_http_fastcgi_st_padding and then
"break" happened, resulting in p->length being set to f->padding, i.e. 0
(which in turn resulted in connection close).

Fix is to make sure we continue the loop after f->state is set.
2013-02-01 14:40:19 +00:00
Maxim Dounin
4f9b68a9a9 Request body: fixed client_body_in_file_only.
After introduction of chunked request body reading support in 1.3.9 (r4931),
the rb->bufs wasn't set if request body was fully preread while calling the
ngx_http_read_client_request_body() function.

Reported by Yichun Zhang (agentzh).
2013-02-01 14:38:18 +00:00
Maxim Dounin
fabab386ed SSL: fixed ngx_ssl_handshake() with level-triggered event methods.
Missing calls to ngx_handle_write_event() and ngx_handle_read_event()
resulted in a CPU hog during SSL handshake if an level-triggered event
method (e.g. select) was used.
2013-02-01 14:37:43 +00:00
Valentin Bartenev
5ef334fff4 SSL: take into account data in the buffer while limiting output.
In some rare cases this can result in a more smooth sending rate.
2013-01-28 15:41:12 +00:00
Valentin Bartenev
bfe4ae8a88 SSL: avoid calling SSL_write() with zero data size.
According to documentation, calling SSL_write() with num=0 bytes to be sent
results in undefined behavior.

We don't currently call ngx_ssl_send_chain() with empty chain and buffer.
This check handles the case of a chain with total data size that is
a multiple of NGX_SSL_BUFSIZE, and with the special buffer at the end.

In practice such cases resulted in premature connection close and critical
error "SSL_write() failed (SSL:)" in the error log.
2013-01-28 15:40:25 +00:00
Valentin Bartenev
3df8fe1d19 SSL: calculation of buffer size moved closer to its usage.
No functional changes.
2013-01-28 15:38:36 +00:00
Valentin Bartenev
822e47a69a SSL: preservation of flush flag for buffered data.
Previously, if SSL buffer was not sent we lost information that the data
must be flushed.
2013-01-28 15:37:11 +00:00
Valentin Bartenev
e1a24144cb SSL: resetting of flush flag after the data was written.
There is no need to flush next chunk of data if it does not contain a buffer
with the flush or last_buf flags set.
2013-01-28 15:35:12 +00:00
Valentin Bartenev
df5156a062 SSL: removed conditions that always hold true. 2013-01-28 15:34:09 +00:00
Ruslan Ermilov
c3c61f20d9 Secure_link: fixed configuration inheritance.
The "secure_link_secret" directive was always inherited from the outer
configuration level even when "secure_link" and "secure_link_md5" were
specified on the inner level.
2013-01-28 14:42:07 +00:00
Ruslan Ermilov
c03dd581d0 Events: fixed null pointer dereference with resolver and poll.
A POLLERR signalled by poll() without POLLIN/POLLOUT, as seen on
Linux, would generate both read and write events, but there's no
write event handler for resolver events.  A fix is to only call
event handler of an active event.
2013-01-25 09:59:28 +00:00
Ruslan Ermilov
c2e6604ff8 GeoIP: IPv6 support.
When using IPv6 databases, IPv4 addresses are looked up as IPv4-mapped
IPv6 addresses.

Mostly based on a patch by Gregor Kališnik (ticket #250).
2013-01-24 16:15:51 +00:00
Ruslan Ermilov
cd4c54ee05 Configure: fixed GeoIP library detection. 2013-01-24 16:15:07 +00:00
Ruslan Ermilov
cb50a5a269 Configure: fixed style of include directories. 2013-01-24 16:14:12 +00:00
Maxim Dounin
82af8b89cd Proxy: fixed proxy_method to always add space.
Before the patch if proxy_method was specified at http{} level the code
to add trailing space wasn't executed, resulting in incorrect requests
to upstream.
2013-01-22 12:36:00 +00:00
Sergey Budnevitch
5875127661 Removed redundant variable assignment. 2013-01-21 15:05:54 +00:00
Ruslan Ermilov
cb433e7483 Variables $pipe, $request_length, $time_iso8601, and $time_local.
Log module counterparts are preserved for efficiency.

Based on patch by Kiril Kalchev.
2013-01-21 13:15:29 +00:00
Ruslan Ermilov
b6ffb27779 Version bump. 2013-01-17 09:55:36 +00:00
Ruslan Ermilov
8bc682efb6 Fixed and improved the "*_bind" directives of proxying modules.
The "proxy_bind", "fastcgi_bind", "uwsgi_bind", "scgi_bind" and
"memcached_bind" directives are now inherited; inherited value
can be reset by the "off" parameter.  Duplicate directives are
now detected.  Parameter value can now contain variables.
2013-01-16 09:42:57 +00:00
Maxim Dounin
38fe4b6e8f release-1.3.11 tag 2013-01-10 13:17:29 +00:00
Maxim Dounin
4745aee8d2 nginx-1.3.11-RELEASE 2013-01-10 13:17:04 +00:00
Ruslan Ermilov
9d386e446a Fixed "proxy_pass" with IP address and no port (ticket #276).
Upstreams created by "proxy_pass" with IP address and no port were
broken in 1.3.10, by not initializing port in u->sockaddr.

API change: ngx_parse_url() was modified to always initialize port
(in u->sockaddr and in u->port), even for the u->no_resolve case;
ngx_http_upstream() and ngx_http_upstream_add() were adopted.
2013-01-10 12:58:55 +00:00
Maxim Dounin
0217be18c2 Updated PCRE used for win32 builds. 2013-01-10 11:38:14 +00:00
Maxim Dounin
af5325b724 SSL: speedup loading of configs with many ssl servers.
The patch saves one EC_KEY_generate_key() call per server{} block by
informing OpenSSL about SSL_OP_SINGLE_ECDH_USE we are going to use before
the SSL_CTX_set_tmp_ecdh() call.

For a configuration file with 10k simple server{} blocks with SSL enabled
this change reduces startup time from 18s to 5s on a slow test box here.
2013-01-09 14:11:48 +00:00
Valentin Bartenev
ce2a924ba8 Events: added check for duplicate "events" directive. 2013-01-08 14:03:37 +00:00
Valentin Bartenev
4f956c6f03 The data pointer in ngx_open_file_t objects must be initialized.
Uninitialized pointer may result in arbitrary segfaults if access_log is used
without buffer and without variables in file path.

Patch by Tatsuhiko Kubo (ticket #268).
2013-01-08 14:01:57 +00:00
Ruslan Ermilov
b24b8f1e5a Year 2013. 2012-12-31 22:08:19 +00:00
Ruslan Ermilov
ae9a0bc8e3 Geo: improved code readability. 2012-12-27 21:35:47 +00:00
Ruslan Ermilov
700804cc89 Upstream keepalive: detect duplicate "keepalive" directive.
A failure to detect duplicate "keepalive" directive resulted in
stack exhaustion.
2012-12-26 14:46:06 +00:00
Ruslan Ermilov
51b8a56c35 Version bump. 2012-12-26 09:29:37 +00:00
Ruslan Ermilov
25f9c0baee Geo: made "default" affect both IPv4 and IPv6 when using prefixes.
Previously, "default" was equivalent to specifying 0.0.0.0/0, now
it's equivalent to specifying both 0.0.0.0/0 and ::/0 (if support
for IPv6 is enabled) with the same value.
2012-12-26 05:03:51 +00:00
Maxim Dounin
dcfe818780 release-1.3.10 tag 2012-12-25 14:24:12 +00:00
Maxim Dounin
4bca1fcd89 nginx-1.3.10-RELEASE 2012-12-25 14:23:45 +00:00
Ruslan Ermilov
0a59862a03 Geo: properly initialize ngx_cidr_t when dealing with "default". 2012-12-25 10:00:39 +00:00
Ruslan Ermilov
7e4b7e2ff3 Geo: IPv6 support.
The "ranges" mode is still limited to IPv4 only.
2012-12-25 08:21:56 +00:00
Valentin Bartenev
1ca4dbf377 Upstream: fixed state resetting when switching to backup servers.
Based on patch by Thomas Chen (ticket #257).
2012-12-25 08:02:21 +00:00
Valentin Bartenev
0ace09e871 Fixed HEAD requests handling when proxying is used (closes #261). 2012-12-24 17:32:53 +00:00
Ruslan Ermilov
494a072638 Trailing whitespace fix. 2012-12-24 16:40:55 +00:00
Valentin Bartenev
7ec3beaa31 Access log: the "gzip" parameter of the "access_log" directive.
Note: this requires zlib version 1.2.0.4 or above to work.
2012-12-23 19:09:33 +00:00
Valentin Bartenev
c72c078ba1 Configure: added the NGX_ZLIB define.
This was introduced for conditional compilation of the code that requires
the zlib library.
2012-12-23 16:04:14 +00:00
Valentin Bartenev
848dbbfc6c Access log: the "flush" parameter of the "access_log" directive. 2012-12-23 15:51:47 +00:00
Valentin Bartenev
5d215d4806 Reopening log files code moved to a separate function.
The code refactored in a way to call custom handler that can do appropriate
cleanup work (if any), like flushing buffers, finishing compress streams,
finalizing connections to log daemon, etc..
2012-12-23 15:36:52 +00:00
Valentin Bartenev
a03123e95e Access log: fixed redundant buffer reallocation.
Previously a new buffer was allocated for every "access_log" directive with the
same file path and "buffer=" parameters, while only one buffer per file is used.
2012-12-23 15:27:55 +00:00
Ruslan Ermilov
ac372c084f Properly initialize "struct in6_addr" with zeroes. 2012-12-22 20:03:38 +00:00