This is done by passing AI_ADDRCONFIG to getaddrinfo().
On Linux, setting net.ipv6.conf.all.disable_ipv6 to 1 will now be
respected.
On FreeBSD, AI_ADDRCONFIG filtering is currently implemented by
attempting to create a datagram socket for the corresponding family,
which succeeds even if the system doesn't in fact have any addresses
of that family configured. That is, if the system with IPv6 support
in the kernel doesn't have IPv6 addresses configured, AI_ADDRCONFIG
will filter out IPv6 only inside a jail without IPv6 addresses or
with IPv6 disabled.
The $NGX_AUTO_CONFIG_H added to perl module Makefile dependencies to
make sure it's always rebuild after a configure. It is needed as we
expand various variables used for Makefile generation during configure
(in particular, nginx version).
Dependancy tracking introduced in r5169 were not handled absolute path
names properly. Absolute names might appear in CORE_DEPS if --with-openssl
or --with-pcre configure arguments are used to build OpenSSL/PCRE
libraries.
Additionally, revert part of r5169 to set NGX_INCS from Makefile
variables. Makefile variables have $ngx_include_opt in them, which
might result in wrong include paths being used. As a side effect,
this also restores build with --with-http_perl_module and --without-http
at the same time.
To avoid further breaks it's now done properly, all the dependencies
are now passed to Makefile.PL. While here, fixed include list passed to
Makefile.PL to use Makefile variables rather than a list expanded during
configure.
Filename extension used for dynamically loaded perl modules isn't
necessarily ".so" (e.g., it's ".bundle" on Mac OS X).
This fixes "make" after "make" unnecessarily rebuilding perl module.
Added missing dependencies for perl module's Makefile.
Simplified dependencies for perl module nginx.so: it depends
on Makefile that in turn depends on other perl bits.
Note: the "-p" argument of cp(1) dropped intentionally, to force nginx.so
rebuild. It is considered too boring to properly list all dependencies
in Makefile.PL.
This includes "debug_connection", upstreams, "proxy_pass", etc.
(ticket #92)
To preserve compatibility, "listen" specified with a domain name
selects the first IPv4 address, if available. If not available,
the first IPv6 address will be used (ticket #186).
On Mac OS X system toolchain by default prefers include files
from /usr/local/include, but libraries from /usr/lib. This might result in
various problems, in particular the one outlined below.
If the PCRE library is installed into /usr/local/, this results in pcre.h
being used from /usr/local/include (with PCRE_CONFIG_JIT defined), but
libpcre from /usr/lib (as shipped with the OS, without pcre_free_study()
symbol). As a result build fails as we use pcre_free_study() function
if we try to compile with PCRE JIT support.
Obvious workaround is to the root cause is to ask compiler to prefer
library from /usr/local/lib via ./configure --with-ld-opt="-L/usr/local/lib".
On the other hand, in any case it would be good to check if the function
we are going to use is available, hence the change.
See thread here for details:
http://mailman.nginx.org/pipermail/nginx-devel/2012-December/003074.html
Prodded by Piotr Sikora.
Very basic version without any OCSP responder query code, assuming valid
DER-encoded OCSP response is present in a ssl_stapling_file configured.
Such file might be produced with openssl like this:
openssl ocsp -issuer root.crt -cert domain.crt -respout domain.staple \
-url http://ocsp.example.com
HP-UX needs _HPUX_ALT_XOPEN_SOCKET_API to be defined to be able to
use various POSIX versions of networking functions. Notably sendmsg()
resulted in "sendmsg() failed (9: Bad file number)" alerts without it.
See xopen_networking(7) for more details.
This fixes alignment problems observerd on ARMs, and likely also needed
for MIPSes. Unless we know alignment is not required just assume we
need 16, which appears to be safe default for all architectures.
See here for details:
http://mailman.nginx.org/pipermail/nginx/2012-June/034139.html
New versions of icc confuse auto/cc/name due to introduced handling
of a "icc -v":
$ icc -v
icc version 12.1.3 (gcc version 4.6.0 compatibility)
$ icc -V
Intel(R) C Compiler XE for applications running on IA-32, Version 12.1.3.293 Build 20120212
Copyright (C) 1985-2012 Intel Corporation. All rights reserved.
FOR NON-COMMERCIAL USE ONLY
See report here:
http://mailman.nginx.org/pipermail/nginx/2012-February/032177.html
in the sys_nerr test.
o When sys_nerr and _sys_nerr are missed on a particular platform
and our euristic for a maximum errno detection applied always
print the maximum errno number we reached instead of printing void.[*]
* patch from Maxim Dounin
This commit makes possible to build nginx on AIX 7.1.
NetBSD 5.0+ has SO_ACCEPTFILTER support merged from FreeBSD, and having
accept filter check in FreeBSD-specific ngx_freebsd_config.h prevents it
from being used on NetBSD. Therefore move the check into configure (and
do the same for Linux-specific TCP_DEFER_ACCEPT, just to be in line).
At least Sun Studio 12 has problems with bit-fields exposed by nginx code
(caught by test suite). They seems to be fixed in Sun Studio 12.1. As a
workaround use "-fast -xalias_level=any" for older versions, it resolves
the problem.
Catch up with new Linux version numbering scheme as announced at [1] and
suppress unrecognized versions to actually use default 0.
[1] https://lkml.org/lkml/2011/5/29/204
This configure test must run before auto/make, because it adds library.
auto/unix was placed after auto/make just for historical reasons.
Patch by Denis F. Latypoff
Solaris strerror() invalid error code behaviour depends on version:
Solaris 10 returns "Unknown error" and sets errno to EINVAL,
Solaris 9 returns "Unknown error" and leaves errno intact,
Solaris 2 returns NULL.
options as --with-zlib=../zlib-1.2.3. It seems there is no common way
to learn the current directory in Win32 make's: although nmake has MAKEDIR
variable, nevertheless Borland make's MAKEDIR is the directory where make
is installed, and OpenWatcom wmake has no MAKEDIR at all.
this fixes wrong linking with /usr/local/lib/libmd5.so from libwww package
on FreeBSD. The library uses long's instead of int32_t's in MD5_CTX
and on 64-bit platforms its MD5_CTX is bigger than defined in <md5.h>
unsupported threaded environment, but now they complicate code:
*) perl_clone() requires at least duplicating nginx stash;
*) the multiplicity requires to re-evalute all precompiled subroutines
and nginx stash in new interpreter context.
*) Change in internal API: the HTTP modules initialization was moved
from the init module phase to the HTTP postconfiguration phase.
*) Change: now the request body is not read beforehand for the
ngx_http_perl_module: it's required to start the reading using the
$r->has_request_body method.
*) Feature: the ngx_http_perl_module supports the DECLINED return code.
*) Feature: the ngx_http_dav_module supports the incoming "Date" header
line for the PUT method.
*) Feature: the "ssi" directive is available inside the "if" block.
*) Bugfix: a segmentation fault occurred if there was an "index"
directive with variables and the first index name was without
variables; the bug had appeared in 0.1.29.
*) Feature: now is possible to do several redirection using the
"error_page" directive.
*) Bugfix: the "dav_access" directive did not support three parameters.
*) Bugfix: the "error_page" directive did not changes the
"Content-Type" header line after the "X-Accel-Redirect" was used;
the bug had appeared in 0.3.58.
*) Feature: the "dav_access" directive.
*) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e",
"-x", and "!-x" operators.
*) Bugfix: a segmentation fault occurred if a request returned a
redirect and some sent to client header lines were logged in the
access log.
*) Feature: the "stub" parameter in the "include" SSI command.
*) Feature: the "block" SSI command.
*) Feature: the unicode2nginx script was added to contrib.
*) Bugfix: if a "root" was specified by variable only, then the root
was relative to a server prefix.
*) Bugfix: if the request contained "//" or "/./" and escaped symbols
after them, then the proxied request was sent unescaped.
*) Bugfix: the $r->headers_in("Cookie") of the ngx_http_perl_module now
returns all "Cookie" header lines.
*) Bugfix: a segmentation fault occurred if
"client_body_in_file_only on" was used and nginx switched to a next
upstream.
*) Bugfix: on some condition while reconfiguration character codes
inside the "charset_map" may be treated invalid; the bug had
appeared in 0.3.50.
*) Feature: nginx now logs the subrequest information to the error log.
*) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and
"memcached_next_upstream" directives support the "off" parameter.
*) Feature: the "debug_connection" directive supports the CIDR address
form.
*) Bugfix: if a response of proxied server or FastCGI server was
converted from UTF-8 or back, then it may be transferred incomplete.
*) Bugfix: the $upstream_response_time variable had the time of the
first request to a backend only.
*) Bugfix: nginx could not be built on amd64 platform; the bug had
appeared in 0.3.53.
*) Change: the "proxy_redirect_errors" and "fastcgi_redirect_errors"
directives was renamed to the "proxy_intercept_errors" and
"fastcgi_intercept_errors" directives.
*) Feature: the ngx_http_charset_module supports the recoding from the
single byte encodings to the UTF-8 encoding and back.
*) Feature: the "X-Accel-Charset" response header line is supported in
proxy and FastCGI mode.
*) Bugfix: the "\" escape symbol in the "\"" and "\'" pairs in the SSI
command was removed only if the command also has the "$" symbol.
*) Bugfix: the "<!--" string might be added on some conditions in the
SSI after inclusion.
*) Bugfix: if the "Content-Length: 0" header line was in response, then
in nonbuffered proxying mode the client connection was not closed.
*) Change: now the ngx_http_charset_module works for subrequests, if
the response has no "Content-Type" header line.
*) Bugfix: if the "proxy_pass" directive has no URI part, then the
"proxy_redirect default" directive add the unnecessary slash in
start of the rewritten redirect.
*) Bugfix: the internal redirect always transform client's HTTP method
to GET, now the transformation is made for the "X-Accel-Redirect"
redirects only and if the method is not HEAD; the bug had appeared
in 0.3.42.
*) Bugfix: the ngx_http_perl_module could not be built, if the perl was
built with the threads support; the bug had appeared in 0.3.46.
*) Feature: the "wait" parameter in the "include" SSI command.
*) Feature: the Ukrainian and Byelorussian characters were added to
koi-win conversion table.
*) Bugfix: in the SSI.
*) Feature: the "bind" option of the "listen" directive in IMAP/POP3
proxy.
*) Bugfix: if the same capture in the "rewrite" directive was used more
then once.
*) Bugfix: the $sent_http_content_type, $sent_http_content_length,
$sent_http_last_modified, $sent_http_connection,
$sent_http_keep_alive, and $sent_http_transfer_encoding variables
were not written to access log.
*) Bugfix: the $sent_http_cache_control returned value of the single
"Cache-Control" response header line.
*) Feature: the ngx_http_dav_module supports the MKCOL method.
*) Feature: the "create_full_put_path" directive.
*) Feature: the "$limit_rate" variable.
*) Feature: the "uninitialized_variable_warn" directive; the logging
level of the "uninitialized variable" message was lowered from
"alert" to "warn".
*) Feature: the "override_charset" directive.
*) Change: now if the unknown variable is used in the "echo" and "if
expr='$name'" SSI-commands, then the "unknown variable" message is
not logged.
*) Bugfix: the active connection counter increased on the exceeding of
the connection limit specified by the "worker_connections"
directive; the bug had appeared in 0.2.0.
*) Bugfix: the limit rate might not work on some condition; the bug had
appeared in 0.3.38.
*) Feature: the ngx_http_dav_module.
*) Change: the ngx_http_perl_module optimizations.
Thanks to Sergey Skvortsov.
*) Feature: the ngx_http_perl_module supports the $r->request_body_file
method.
*) Feature: the "client_body_in_file_only" directive.
*) Workaround: now on disk overflow nginx tries to write access logs
once a second only.
Thanks to Anton Yuzhaninov and Maxim Dounin.
*) Bugfix: now the "limit_rate" directive more precisely limits rate if
rate is more than 100 Kbyte/s.
Thanks to ForJest.
*) Bugfix: now the IMAP/POP3 proxy escapes the "\r" and "\n" symbols in
login and password to pass authorization server.
Thanks to Maxim Dounin.
*) Feature: the "limit_except" directive.
*) Feature: the "if" directive supports the "!~", "!~*", "-f", and
"!-f" operators.
*) Feature: the ngx_http_perl_module supports the $r->request_body
method.
*) Bugfix: in the ngx_http_addition_filter_module.
*) Feature: the ngx_http_addition_filter_module.
*) Feature: the "proxy_pass" and "fastcgi_pass" directives may be used
inside the "if" block.
*) Feature: the "proxy_ignore_client_abort" and
"fastcgi_ignore_client_abort" directives.
*) Feature: the "$request_completion" variable.
*) Feature: the ngx_http_perl_module supports the $r->request_method
and $r->remote_addr.
*) Feature: the ngx_http_ssi_module supports the "elif" command.
*) Bugfix: the "\/" string in the expression of the "if" command of the
ngx_http_ssi_module was treated incorrectly.
*) Bugfix: in the regular expressions in the "if" command of the
ngx_http_ssi_module.
*) Bugfix: if the relative path was specified in the
"client_body_temp_path", "proxy_temp_path", "fastcgi_temp_path", and
"perl_modules" directives, then the directory was used relatively to
a current path but not to a server prefix.
*) Feature: the "http_503" parameter of the "proxy_next_upstream" or
"fastcgi_next_upstream" directives.
*) Bugfix: ngx_http_perl_module did not work with inlined in the
configuration code, if it was not started with the "sub" word.
*) Bugfix: in the "post_action" directive.
*) Change: now nginx passes the malformed proxied backend responses.
*) Feature: the "listen" directives support the address in the "*:port"
form.
*) Feature: the EVFILER_TIMER support in MacOSX 10.4.
*) Workaround: for MacOSX 64-bit kernel kqueue millisecond timeout
bug.
Thanks to Andrei Nigmatulin.
*) Bugfix: if there were several "listen" directives listening one
various addresses inside one server, then server names like
"*.domain.tld" worked for first address only; the bug had appeared
in 0.3.18.
*) Bugfix: if the HTTPS protocol was used in the "proxy_pass" directive
and the request body was in temporarily file then the request was
not transferred.
*) Bugfix: perl 5.8.8 compatibility.
