Commit Graph

6554 Commits

Author SHA1 Message Date
Maxim Dounin
25250a20d2 Fixed wrong sizeof() in ngx_http_init_locations().
There is no real difference on all known platforms, but it's still wrong.

Found by Coverity (CID 400876).
2014-06-26 03:34:13 +04:00
Maxim Dounin
1a5cdafa82 Core: plugged socket leak during configuration test.
This isn't really important as configuration testing shortly ends with
a process termination which will free all sockets, though Coverity
complains.

Prodded by Coverity (CID 400872).
2014-06-26 03:34:05 +04:00
Maxim Dounin
e5e6e606e6 Configure: style. 2014-06-26 03:34:02 +04:00
Maxim Dounin
46ac5c760c Upstream: cache revalidation using If-None-Match. 2014-06-26 02:35:01 +04:00
Maxim Dounin
b812961677 Cache: ETag now saved into cache header. 2014-06-26 02:28:23 +04:00
Maxim Dounin
c2e49a4196 Cache: version in cache files.
This allows to change the structure of cache files without spamming logs
with false alerts.
2014-06-26 02:27:21 +04:00
Maxim Dounin
8f9fb9570e Entity tags: explicit flag to skip not modified filter.
Previously, last_modified_time was tested against -1 to check if the
not modified filter should be skipped.  Notably, this prevented nginx
from additional If-Modified-Since (et al.) checks on proxied responses.
Such behaviour is suboptimal in some cases though, as checks are always
skipped on responses from a cache with ETag only (without Last-Modified),
resulting in If-None-Match being ignored in such cases.  Additionally,
it was not possible to return 412 from the If-Unmodified-Since if last
modification time was not known for some reason.

This change introduces explicit r->disable_not_modified flag instead,
which is set by ngx_http_upstream_process_headers().
2014-06-26 02:27:11 +04:00
Maxim Dounin
feb1649049 Entity tags: weak comparison for If-None-Match. 2014-06-26 02:21:20 +04:00
Maxim Dounin
def16742a1 Entity tags: downgrade strong etags to weak ones as needed.
See http://mailman.nginx.org/pipermail/nginx-devel/2013-November/004523.html.
2014-06-26 02:21:01 +04:00
Maxim Dounin
5d477a76fe Upstream: fixed cache revalidation with SSI.
Previous code in ngx_http_upstream_send_response() used last modified time
from r->headers_out.last_modified_time after the header filter chain was
already called.  At this point, last_modified_time may be already cleared,
e.g., with SSI, resulting in incorrect last modified time stored in a
cache file.  Fix is to introduce u->headers_in.last_modified_time instead.
2014-06-26 02:20:09 +04:00
Maxim Dounin
6c25c848cb Upstream: removed unused offset to content_length.
It's not needed since introduction of ngx_http_upstream_content_length()
in 103b0d9afe07.
2014-06-26 02:20:05 +04:00
Maxim Dounin
4e275cc73a Upstream: no need to clear r->headers_out.last_modified_time.
Clearing of the r->headers_out.last_modified_time field if a response
isn't cacheable in ngx_http_upstream_send_response() was introduced
in 3b6afa999c2f, the commit to enable not modified filter for cacheable
responses.  It doesn't make sense though, as at this point header was
already sent, and not modified filter was already executed.  Therefore,
the line was removed to simplify code.
2014-06-26 02:19:58 +04:00
Maxim Dounin
05dfc054f0 Not modified filter: debug log format fixed. 2014-06-26 02:19:55 +04:00
Ruslan Ermilov
02e39a3ecb Upstream: reduced diffs to the plus version of nginx.
No functional changes.
2014-06-20 12:55:41 +04:00
Sergey Kandaurov
80e5163f64 FreeBSD has migrated to Bugzilla. 2014-06-19 13:55:59 +04:00
Ruslan Ermilov
05d717b35d Core: added ngx_slab_calloc() and ngx_slab_calloc_locked().
These functions return zeroed memory, analogous to ngx_pcalloc().
2014-06-04 15:09:19 +04:00
Ruslan Ermilov
d1ba20d0c9 Version bump. 2014-06-18 13:39:20 +04:00
Maxim Dounin
16945aeeae release-1.7.2 tag 2014-06-17 16:51:25 +04:00
Maxim Dounin
a22a4f4847 nginx-1.7.2-RELEASE 2014-06-17 16:51:25 +04:00
Maxim Dounin
52222dcda6 Configure: workaround for system perl on OS X (ticket #576). 2014-06-17 12:07:06 +04:00
Maxim Dounin
bec7415b85 Updated OpenSSL used for win32 builds. 2014-06-17 11:38:55 +04:00
Ruslan Ermilov
20038acbfc Upstream: simplified some code that accesses peers.
No functional changes.
2014-06-12 21:13:24 +04:00
Piotr Sikora
a1a8defb49 Access log: fix default value, broken by cb308813b453.
log->filter ("if" parameter) was uninitialized when the default value
was being used, which would lead to a crash (SIGSEGV) when access_log
directive wasn't specified in the configuration.

Zero-fill the whole structure instead of zeroing fields one-by-one
in order to prevent similar issues in the future.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-06-03 10:53:48 -07:00
Maxim Dounin
afb4aafc6e Core: slab allocator free pages defragmentation.
Large allocations from a slab pool result in free page blocks being fragmented,
eventually leading to a situation when no further allocation larger than a page
size are possible from the pool.  While this isn't a problem for nginx itself,
it is known to be bad for various 3rd party modules.  Fix is to merge adjacent
blocks of free pages in the ngx_slab_free_pages() function.

Prodded by Wandenberg Peixoto and Yichun Zhang.
2014-06-03 17:53:03 +04:00
Roman Arutyunyan
9b5a17b5e2 Upstream: generic hash module. 2014-06-02 16:16:22 +04:00
Valentin Bartenev
68336e1ede SPDY: fixed operator precedence in uint16/uint32 write macros.
Since the type cast has precedence higher than the bit shift operator,
all values were truncated to 8 bits.

These macros are used to construct header block for SYN_REPLY frame on
platforms with strict alignment requirements.  As a result, any response
that contains a header with name or value longer than 255 bytes was
corrupted on such platforms.
2014-05-29 21:15:19 +04:00
Sergey Kandaurov
0750df4f16 Fixed config parsing of the last try_files parameter.
Do not taste the last parameter against directory, as otherwise it would
result in the trailing slash being cut from the parameter value.

Notably, this prevents an internal redirect to an empty URI
if the parameter is set to the literal slash:

    location / { try_files $uri /; }
2014-05-28 20:18:05 +04:00
Maxim Dounin
e9a70114a2 Configure: added -Wno-deprecated-declarations on OS X.
Previous workaround to avoid warnings on OS X due to deprecated system
OpenSSL library (introduced in a3870ea96ccd) no longer works, as
the MAC_OS_X_VERSION_MIN_REQUIRED macro is ignored on OS X 10.9
if a compiler used supports __attribute__(availability).
2014-05-28 17:41:44 +04:00
Maxim Dounin
ffe21776fa Version bump. 2014-05-28 17:41:33 +04:00
Maxim Dounin
437cb7b663 release-1.7.1 tag 2014-05-27 17:58:09 +04:00
Maxim Dounin
6865efd475 nginx-1.7.1-RELEASE 2014-05-27 17:58:08 +04:00
Maxim Dounin
e36718de4b Sub filter: fixed subrequests handling.
In particular, properly output partial match at the end of a subrequest
response (much like we do at the end of a response), and reset/set the
last_in_chain flag as appropriate.

Reported by KAWAHARA Masashi.
2014-05-27 16:37:35 +04:00
Vladimir Homutov
21655ae097 Syslog: fixed message sending on win32. 2014-05-27 15:42:34 +04:00
Vladimir Homutov
8e82f06d3e Syslog: fixed possible resource leak and more verbose logging.
Found by Coverity (CID 1215646).
2014-05-26 23:34:44 +04:00
Ruslan Ermilov
5c17030671 Events: use eventfd() instead of syscall(SYS_eventfd) if possible.
This fixes --with-file-aio support on systems that lack eventfd()
syscall, notably aarch64 Linux.

The syscall(SYS_eventfd) may still be necessary on systems that
have eventfd() syscall in the kernel but lack it in glibc, e.g.
as seen in the current CentOS 5 release.
2014-05-23 16:37:05 +04:00
Roman Arutyunyan
3e279a8eb4 Upstream: fix tries check in ip_hash.
Make two checks for maximum number of tries consistent.
The other one checks '>' condition.
2014-05-23 13:47:05 +04:00
Ruslan Ermilov
7808ac0d42 Mail: output client port number on client connects (ticket #531). 2014-05-22 00:16:17 +04:00
Ruslan Ermilov
056e88ea11 Core: output client port number when logging accept event. 2014-05-22 00:16:09 +04:00
Maxim Dounin
ca02a1020c Mail: added a check for the number of arguments in MAIL/RCPT.
Missed during introduction of the SMTP pipelining support (04e43d03e153,
1.5.6).  Previously, the check wasn't needed as s->buffer was used directly
and the number of arguments didn't matter.

Reported by Svyatoslav Nikolsky.
2014-05-21 21:56:20 +04:00
Vladimir Homutov
493b898ae9 Added syslog support for error_log and access_log directives. 2014-05-12 16:34:15 +04:00
Ruslan Ermilov
1736c180f4 Configure: the --build= option.
If set, its value is output in "nginx -v" and in the error log.
2014-05-20 16:10:07 +04:00
Sergey Budnevitch
27899a923a SSL: $ssl_client_fingerprint variable. 2014-05-20 14:03:03 +04:00
Maxim Dounin
84409ec8e0 Setting $args now invalidates unparsed uri.
Prodded by Yichun Zhang.
2014-05-19 22:45:35 +04:00
Maxim Dounin
4884cd611e Charset filter: fixed charset setting on encoded replies.
If response is gzipped we can't recode response, but in case it's not
needed we still can add charset to Content-Type.

The r->ignore_content_encoding is dropped accordingly, charset with gzip_static
now properly works without any special flags.
2014-05-19 22:45:34 +04:00
Maxim Dounin
ffba0eeefb Fixed alias in regex locations with limit_except/if.
The ngx_http_map_uri_to_path() function used clcf->regex to detect if
it's working within a location given by a regular expression and have
to replace full URI with alias (instead of a part matching the location
prefix).  This is incorrect due to clcf->regex being false in implicit
locations created by if and limit_except.

Fix is to preserve relevant information in clcf->alias instead, by setting
it to NGX_MAX_SIZE_T_VALUE if an alias was specified in a regex location.
2014-05-16 17:42:24 +04:00
Valentin Bartenev
a785be76f6 SPDY: added protection from overrun of the receive buffer. 2014-04-30 20:34:20 +04:00
Valentin Bartenev
3f023a4193 SPDY: added a debug point to the state buffer overflow protection. 2014-04-30 20:34:20 +04:00
Valentin Bartenev
57e5c3e86d SPDY: refactored ngx_http_spdy_state_headers().
This change is similar to d2ac5cf4056d.  Special flag of completeness looks
surplus when there is also a counter of frame bytes left.
2014-04-30 20:34:20 +04:00
Valentin Bartenev
d04a714a6d SPDY: improved logging. 2014-04-30 20:34:20 +04:00
Valentin Bartenev
d51d168066 SPDY: set log action for PROXY protocol only while parsing it.
Handling of PROXY protocol for SPDY connection is currently implemented as
a SPDY state.  And while nginx waiting for PROXY protocol data it continues
to process SPDY connection: initializes zlib context, sends control frames.
2014-05-15 19:22:06 +04:00