Commit Graph

6470 Commits

Author SHA1 Message Date
Ruslan Ermilov
3d87688bc6 Geo: IPv6 support.
The "ranges" mode is still limited to IPv4 only.
2012-12-25 08:21:56 +00:00
Valentin Bartenev
dd46cc659a Upstream: fixed state resetting when switching to backup servers.
Based on patch by Thomas Chen (ticket #257).
2012-12-25 08:02:21 +00:00
Valentin Bartenev
cb90df084f Fixed HEAD requests handling when proxying is used (closes #261). 2012-12-24 17:32:53 +00:00
Ruslan Ermilov
2189c87aa7 Trailing whitespace fix. 2012-12-24 16:40:55 +00:00
Valentin Bartenev
70d1a45c7c Access log: the "gzip" parameter of the "access_log" directive.
Note: this requires zlib version 1.2.0.4 or above to work.
2012-12-23 19:09:33 +00:00
Valentin Bartenev
e90df45519 Configure: added the NGX_ZLIB define.
This was introduced for conditional compilation of the code that requires
the zlib library.
2012-12-23 16:04:14 +00:00
Valentin Bartenev
fcdb4655aa Access log: the "flush" parameter of the "access_log" directive. 2012-12-23 15:51:47 +00:00
Valentin Bartenev
a8ffed5751 Reopening log files code moved to a separate function.
The code refactored in a way to call custom handler that can do appropriate
cleanup work (if any), like flushing buffers, finishing compress streams,
finalizing connections to log daemon, etc..
2012-12-23 15:36:52 +00:00
Valentin Bartenev
df71cd1125 Access log: fixed redundant buffer reallocation.
Previously a new buffer was allocated for every "access_log" directive with the
same file path and "buffer=" parameters, while only one buffer per file is used.
2012-12-23 15:27:55 +00:00
Ruslan Ermilov
7c4068d349 Properly initialize "struct in6_addr" with zeroes. 2012-12-22 20:03:38 +00:00
Maxim Dounin
4b6f8dcd2a Core: crypt_r() error handling fixed.
The crypt_r() function returns NULL on errors, check it explicitly instead
of assuming errno will remain 0 if there are no errors (per POSIX, the
setting of errno after a successful call to a function is unspecified
unless the description of that function specifies that errno shall not
be modified).

Additionally, dropped unneeded ngx_set_errno(0) and fixed error handling
of memory allocation after normal crypt(), which was inapropriate and
resulted in null pointer dereference on allocation failures.
2012-12-21 16:13:03 +00:00
Maxim Dounin
f25549210d Image filter: fixed image_filter rotate inheritance.
Configurations like

    location /i/ {
        image_filter resize 200 200;
        image_filter rotate 180;

        location /i/foo/ {
            image_filter resize 200 200;
        }
   }

resulted in rotation incorrectly applied in the location /i/foo, without
any way to clear it.  Fix is to handle conf->angle/conf->acv consistently
with other filter variables and do not try to inherit them if there are
transformations defined for current location.
2012-12-21 15:07:45 +00:00
Ruslan Ermilov
f1819242fc Geo: ensure that default entry is always present.
If 0.0.0.0/32 entry was present and there was no explicit "default",
we failed to add an empty string as a default value.
2012-12-21 08:46:52 +00:00
Ruslan Ermilov
a0caa70c98 There's no need to normalize address returned by ngx_ptocidr(). 2012-12-21 08:44:39 +00:00
Maxim Dounin
717acb74a7 Image filter: configuration inheritance fixes.
The image_filter_jpeg_quality, image_filter_sharpen and "image_filter rotate"
were inherited incorrectly if a directive with variables was defined, and
then redefined to a literal value, i.e. in configurations like

    image_filter_jpeg_quality $arg_q;

    location / {
        image_filter_jpeg_quality 50;
    }

Patch by Ian Babrou, with minor changes.
2012-12-20 19:04:28 +00:00
Ruslan Ermilov
f4b9d89103 Brought the link to ngx_http_perl_module documentation up to date. 2012-12-20 15:34:37 +00:00
Ruslan Ermilov
d03ea4d842 Fixed return type of internal function that allocates radix tree nodes. 2012-12-20 11:16:03 +00:00
Ruslan Ermilov
7ae79fb8e7 Let "add_header" affect 201 responses (ticket #125). 2012-12-19 10:33:56 +00:00
Ruslan Ermilov
30390ea492 Slightly optimized code that handles special headers in "add_header". 2012-12-19 10:30:45 +00:00
Maxim Dounin
4bad9d0505 Avoid sending "100 Continue" on 413 Request Entity Too Large.
Patch by Igor Sysoev.
2012-12-18 18:39:39 +00:00
Ruslan Ermilov
c865f8dfa2 Added checks that disallow adding a variable with an empty name.
Added variable name syntax checks to "geo" and "map" directives.
2012-12-17 19:03:33 +00:00
Ruslan Ermilov
b8a90c6903 Implemented IPv6 support for URLs specified using domain names.
This includes "debug_connection", upstreams, "proxy_pass", etc.
(ticket #92)

To preserve compatibility, "listen" specified with a domain name
selects the first IPv4 address, if available.  If not available,
the first IPv6 address will be used (ticket #186).
2012-12-17 12:08:53 +00:00
Ruslan Ermilov
2f8c1b73b8 Fixed URL parsing code.
The URL parsing code is not expected to initialize port from default port
when in "no_resolve" mode.  This got broken in r4671 for the case of IPv6
literals.
2012-12-17 09:44:46 +00:00
Ruslan Ermilov
bbf7043fe7 Simplified URL parsing code.
Except for the "listen" directive, "*" specified as a hostname is
no longer treated specially.
2012-12-17 09:31:53 +00:00
Ruslan Ermilov
18a7e1b359 Geo: fixed the "ranges" without ranges case.
The following configuration returned an empty value for $geo:

    geo $geo {
        ranges;
        default default;
    }
2012-12-14 19:56:03 +00:00
Ruslan Ermilov
cd04ca3546 Geo: improved ngx_http_geo_block() code readability. 2012-12-14 19:35:37 +00:00
Valentin Bartenev
fac3b341da Fixed handling of ngx_write_fd() and ngx_read_fd() errors.
The ngx_write_fd() and ngx_read_fd() functions return -1 in case of error,
so the incorrect comparison with NGX_FILE_ERROR (which is 0 on windows
platforms) might result in inaccurate error message in the error log.

Also the ngx_errno global variable is being set only if the returned value
is -1.
2012-12-14 15:24:24 +00:00
Valentin Bartenev
e86279e9f3 Gzip: fixed zlib memLevel adjusting.
An incorrect memLevel (lower than 1) might be passed to deflateInit2() if the
"gzip_hash" directive is set to a value less than the value of "gzip_window"
directive. This resulted in "deflateInit2() failed: -2" alert and an empty
reply.
2012-12-14 15:17:58 +00:00
Maxim Dounin
658296290c Upstream: fixed SIGSEGV with the "if" directive.
Configuration like

    location / {
        set $true 1;

        if ($true) {
            proxy_pass http://backend;
        }

        if ($true) {
            # nothing
        }
    }

resulted in segmentation fault due to NULL pointer dereference as the
upstream configuration wasn't initialized in an implicit location created
by the last if(), but the r->content_handler was set due to first if().

Instead of committing a suicide by dereferencing a NULL pointer, return
500 (Internal Server Error) in such cases, i.e. if uscf is NULL.  Better
fix would be to avoid such cases by fixing the "if" directive handling,
but it's out of scope of this patch.

Prodded by Piotr Sikora.
2012-12-13 16:05:59 +00:00
Ruslan Ermilov
ba290091cf Fixed variable syntax checking in "set", "geo", "limit_conn_zone",
and "perl_set" directives.
2012-12-13 15:05:19 +00:00
Maxim Dounin
b3430993f1 Proxy: better error message about unexpected data.
Requested by Igor Sysoev.
2012-12-13 13:45:39 +00:00
Valentin Bartenev
1a6ed2e3b1 Limit rate: fixed integer overflow in limit calculation (ticket #256).
Patch by Alexey Antropov.
2012-12-12 14:48:48 +00:00
Maxim Dounin
8ae9e7903f Configure: better check for PCRE JIT.
On Mac OS X system toolchain by default prefers include files
from /usr/local/include, but libraries from /usr/lib.  This might result in
various problems, in particular the one outlined below.

If the PCRE library is installed into /usr/local/, this results in pcre.h
being used from /usr/local/include (with PCRE_CONFIG_JIT defined), but
libpcre from /usr/lib (as shipped with the OS, without pcre_free_study()
symbol).  As a result build fails as we use pcre_free_study() function
if we try to compile with PCRE JIT support.

Obvious workaround is to the root cause is to ask compiler to prefer
library from /usr/local/lib via ./configure --with-ld-opt="-L/usr/local/lib".
On the other hand, in any case it would be good to check if the function
we are going to use is available, hence the change.

See thread here for details:
http://mailman.nginx.org/pipermail/nginx-devel/2012-December/003074.html

Prodded by Piotr Sikora.
2012-12-12 13:50:07 +00:00
Ruslan Ermilov
1596399e82 The "auth_basic" directive gained support of variables. 2012-12-10 13:11:11 +00:00
Ruslan Ermilov
73fb7e878f Allow the complex value to be defined as an empty string.
This makes conversion from strings to complex values possible
without the loss of functionality.
2012-12-06 23:03:53 +00:00
Ruslan Ermilov
8e8201486c Xslt: prevented infinite loop.
If XSLT transformation failed and error 500 was handled in the same
location, an infinite loop occured that exhausted the stack.
2012-12-06 21:22:58 +00:00
Ruslan Ermilov
760c55a702 Fixed build with embedded perl in certain setups (ticket #48). 2012-12-03 16:00:26 +00:00
Ruslan Ermilov
f707bea0ee Fixed the NGX_SOCKADDR_STRLEN macro definition.
The ngx_sock_ntop() function, when told to print both address and port,
prints IPv6 address in square brackets, followed by colon and port.
2012-11-30 11:26:50 +00:00
Maxim Dounin
b63da701e5 Core: removed GLOB_NOSORT glob option.
This will result in alphabetical sorting of included files if
the "include" directive with wildcards is used.

Note that the behaviour is now different from that on Windows, where
alphabetical sorting is not guaranteed for FindFirsFile()/FindNextFile()
(used to be alphabetical on NTFS, but not on FAT).

Approved by Igor Sysoev, prodded by many.
2012-11-29 23:15:41 +00:00
Maxim Dounin
ea1ff4199d Version bump. 2012-11-29 23:13:18 +00:00
Maxim Dounin
3e17e12ba5 release-1.3.9 tag 2012-11-27 13:55:54 +00:00
Maxim Dounin
ea235785cd nginx-1.3.9-RELEASE 2012-11-27 13:55:34 +00:00
Maxim Dounin
0c563970be Gunzip: added missing ngx_http_clear_etag(). 2012-11-26 21:30:45 +00:00
Maxim Dounin
1469b51451 Core: fixed ngx_write_chain_to_file() with IOV_MAX reached.
Catched by dav_chunked.t on Solaris.  In released versions this might
potentially result in corruption of complex protocol responses if they
were written to disk and there were more distinct buffers than IOV_MAX
in a single write.
2012-11-26 21:19:57 +00:00
Maxim Dounin
e769544a7d Request body: block write events while reading body.
If write events are not blocked, an extra write event might happen for
various reasons (e.g. as a result of a http pipelining), resulting in
incorrect body being passed to a post handler.

The problem manifested itself with the dav module only, as this is
the only module which reads the body from a content phase handler (in
contrast to exclusive content handlers like proxy).  Additionally, dav
module used to dump core in such situations due to ticket #238.

See reports here:

http://mailman.nginx.org/pipermail/nginx-devel/2012-November/002981.html
http://serverfault.com/questions/449195/nginx-webdav-server-with-auth-request
2012-11-26 18:01:49 +00:00
Maxim Dounin
aa955a2097 Request body: error checking fixes, negative rb->rest handling.
Negative rb->rest can't happen with current code, but it's good to have
it handled anyway.

Found by Coverity (CID 744846, 744847, 744848).
2012-11-26 18:01:08 +00:00
Maxim Dounin
c4a4a6a5d8 Request body: improved handling of incorrect chunked request body.
While discarding chunked request body in some cases after detecting
request body corruption no error was returned, while it was possible
to correctly return 400 Bad Request.  If error is detected too late,
make sure to properly close connection.

Additionally, in ngx_http_special_response_handler() don't return body
of 500 Internal Server Error to a client if ngx_http_discard_request_body()
fails, but disable keepalive and continue.
2012-11-26 18:00:14 +00:00
Maxim Dounin
61feb90d74 Request body: fixed discard of chunked request body.
Even if there is no preread data, make sure to always call
ngx_http_discard_request_body_filter() in case of chunked request
body to initialize r->headers_in.content_length_n for later use.
2012-11-26 17:59:30 +00:00
Ruslan Ermilov
a94a101c79 Core: don't reuse shared memory zone that changed ownership (ticket #210).
nginx doesn't allow the same shared memory zone to be used for different
purposes, but failed to check this on reconfiguration.  If a shared memory
zone was used for another purpose in the new configuration, nginx attempted
to reuse it and crashed.
2012-11-23 12:43:58 +00:00
Ruslan Ermilov
9f385870f6 Fixed location of debug message in ngx_shmtx_lock(). 2012-11-21 14:23:26 +00:00