mirror/nginx
1
0
Fork 0
mirror of https://github.com/nginx/nginx.git synced 2024-12-03 04:39:00 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
4,882 Commits 21 Branches 568 Tags 86 MiB
0fd4f76e68
Commit Graph

4882 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ruslan Ermilov
336bcb22d1 Detect more unsafe URIs in ngx_http_parse_unsafe_uri(). 
The following URIs were considered safe: "..", "../foo", and "/foo/..".
 2013-12-23 18:11:56 +04:00
Ruslan Ermilov
3f36c684a1 Upstream: keep $upstream_http_x_accel_redirect intact. 
When processing the X-Accel-Redirect header, the value of the
$upstream_http_x_accel_redirect variable was also overwritten.
 2013-12-23 18:11:46 +04:00
Ruslan Ermilov
bf800822df Fixed the first argument to getsockopt(). 
While here, always initialize the last argument.
 2013-12-19 13:43:18 +04:00
Maxim Dounin
37b7de6df7 SSL: ssl_buffer_size directive. 2013-12-20 16:18:25 +04:00
Vladimir Homutov
c7a0b04665 Upstream: simplified peer selection loop in the "ip_hash" module. 
Conditions for skipping ineligible peers are rewritten to make adding of new
conditions simpler and be in line with the "round_robin" and "least_conn"
modules.  No functional changes.
 2013-12-09 13:43:27 +04:00
Ruslan Ermilov
85e6d211d0 Resolver: use minimum TTL for caching (ticket #329). 2013-12-16 19:12:23 +04:00
Maxim Dounin
b156dc9635 Typo fixed. 2013-12-19 13:50:23 +04:00
Valentin Bartenev
c8f3f9fa12 SPDY: use predefined constant for size of the Stream-ID field. 
No functional changes.
 2013-12-18 18:39:29 +04:00
Valentin Bartenev
bf3ff5bca7 Version bump. 2013-12-18 18:37:48 +04:00
Maxim Dounin
dd8c382ca2 release-1.5.8 tag 2013-12-17 17:46:26 +04:00
Maxim Dounin
c36c45d62b nginx-1.5.8-RELEASE 2013-12-17 17:46:26 +04:00
Ruslan Ermilov
3fd727566a Resolver: lookups are case-insensitive. 2013-12-13 20:49:52 +04:00
Ruslan Ermilov
e0caf51711 The "ipv6=" boolean parameter of the "resolver" directive. 
When set to "off", only IPv4 addresses will be resolved,
and no AAAA queries are ever sent.
 2013-12-09 10:53:30 +04:00
Ruslan Ermilov
769eded732 Resolver: implemented IPv6 name to address resolving. 2013-12-09 10:53:28 +04:00
Ruslan Ermilov
809bee30b7 Resolver: implemented IPv6 address to name resolving. 2013-12-06 14:30:28 +04:00
Ruslan Ermilov
3aeefbcaea Changed resolver API to use ngx_addr_t. 2013-12-06 14:30:27 +04:00
Ruslan Ermilov
552e15ba1c Resolver: fixed indentation. 2013-12-13 19:22:44 +04:00
Ruslan Ermilov
efd0e0e177 Core: externalized ngx_cmp_sockaddr(). 
It's also extended with the "cmp_port" argument to indicate
whether ports should be compared as well, or only addresses.
 2013-12-06 14:30:27 +04:00
Ruslan Ermilov
159486239f Resolver: fixes in PTR processing. 
Verify that class of RR is "IN".
Verify that RR data length is non-zero.
 2013-12-06 14:30:27 +04:00
Ruslan Ermilov
f57350cd86 Resolver: fixes in A processing. 
Verify that class of RR is "IN".
Verify that RR data length is exactly four octets.
Correctly shift to the next RR if RR type is unknown.
 2013-12-06 14:30:27 +04:00
Ruslan Ermilov
f3a271f3fd Resolver: fixed response processing. 
Stricten response header checks: ensure that reserved bits are zeroes,
and that the opcode is "standard query".

Fixed the "zero-length domain name in DNS response" condition.
 2013-12-06 14:30:27 +04:00
Ruslan Ermilov
23071835a3 Resolver: removed unnecessary casts. 2013-12-06 14:30:27 +04:00
Ruslan Ermilov
3d245d4792 Resolver: improved code readability. 
Renamed ngx_resolver_query_t to ngx_resolver_hdr_t as it describes
the header that is common to DNS queries and answers.

Replaced the magic number 12 by the size of the header structure.

The other changes are self-explanatory.
 2013-12-06 14:30:27 +04:00
Maxim Dounin
0c585adfd4 Trailing whitespace fix. 2013-12-12 20:28:48 +04:00
Valentin Bartenev
2576530c51 Use ngx_chain_get_free_buf() in pipe input filters. 
No functional changes.
 2013-12-11 21:30:38 +04:00
Valentin Bartenev
7f54528ca0 SPDY: drop the "delayed" flag when finalizing connection. 
This flag in SPDY fake write events serves the same purposes as the "ready"
flag in real events, and it must be dropped if request needs to be handled.
Otherwise, it can prevent the request from finalization if ngx_http_writer()
was set, which results in a connection leak.

Found by Xiaochen Wang.
 2013-12-10 20:27:33 +04:00
Ruslan Ermilov
fa512fdb76 Fixed handling of UNIX-domain sockets. 
When evaluating $local_port, $server_port, and $server_addr,
UNIX-domain sockets were mistakenly interpreted as IPv4 sockets.
 2013-12-09 10:16:44 +04:00
Ruslan Ermilov
675e73e3bd Core: keep the length of the local sockaddr. 2013-12-09 10:14:51 +04:00
Piotr Sikora
19f475276d Fixed incorrect ngx_str_set() usage, broken in c82b2e020b9f. 
Found by Coverity Scan CID 1135525.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
 2013-12-06 16:00:49 -08:00
Maxim Dounin
eada942342 Contrib: added vim to README. 2013-12-06 19:58:27 +04:00
Evan Miller
61a2667954 Contrib: add vim scripts to contrib/ directory. 
I've been maintaining these scripts independently for a while now, even though
I'm no longer active in the community. Seems to me that contrib/ is a good
long-term home for the scripts.
 2013-12-04 14:45:44 -08:00
Ruslan Ermilov
618e12f679 Configure: enable -Wconditional-uninitialized with clang. 2013-12-06 13:16:56 +04:00
Maxim Dounin
67b0d16546 Fixed build without SSL, broken by c82b2e020b9f. 2013-12-04 23:13:13 +04:00
Maxim Dounin
24e1db93a8 SSL support in the uwsgi module. 
Based on patch by Roberto De Ioris.
 2013-12-04 23:01:27 +04:00
Mathew Rodley
84f5c2136e Added support for TCP_FASTOPEN supported in Linux >= 3.7.1. 
---
 auto/unix                       | 12 ++++++++++++
 src/core/ngx_connection.c       | 32 ++++++++++++++++++++++++++++++++
 src/core/ngx_connection.h       |  4 ++++
 src/http/ngx_http.c             |  4 ++++
 src/http/ngx_http_core_module.c | 21 +++++++++++++++++++++
 src/http/ngx_http_core_module.h |  3 +++
 6 files changed, 76 insertions(+)
 2013-12-03 22:07:03 +04:00
Maxim Dounin
a8a7de3f78 Fixed "setfib=" on non-first listening socket. 2013-12-03 21:44:08 +04:00
Vladimir Homutov
71b9cca835 Improved code readablity in ngx_http_upstream_init_round_robin(). 
Changed initialization order of the peer structure in one of the
cases to be in line with the rest.

No functional changes.
 2013-12-03 17:12:16 +04:00
Ruslan Ermilov
0419933283 Fixed null pointer dereference with $upstream_cache_last_modified. 2013-12-03 15:11:24 +04:00
Maxim Dounin
bfda85b6e4 Win32: fixed init_process without master process (ticket #453). 
Init process callbacks are called by ngx_worker_thread(), there is no
need to call them in ngx_single_process_cycle().
 2013-11-29 17:23:47 +04:00
Maxim Dounin
3dec2b131c Upstream: skip empty cache headers. 
Notably this fixes HTTP_IF_MODIFIED_SINCE which was always sent with
cache enabled in fastcgi/scgi/uwsgi after 43ccaf8e8728.
 2013-11-29 17:23:38 +04:00
Maxim Dounin
067c1d2a4f SSL: fixed c->read->ready handling in ngx_ssl_recv(). 
If c->read->ready was reset, but later some data were read from a socket
buffer due to a call to ngx_ssl_recv(), the c->read->ready flag should
be restored if not all data were read from OpenSSL buffers (as kernel
won't notify us about the data anymore).

More details are available here:
http://mailman.nginx.org/pipermail/nginx/2013-November/041178.html
 2013-11-29 17:16:06 +04:00
Maxim Dounin
6b7e88f36b Version bump. 2013-11-29 17:11:36 +04:00
Maxim Dounin
6991b925fd release-1.5.7 tag 2013-11-19 14:03:47 +04:00
Maxim Dounin
4f82b16aca nginx-1.5.7-RELEASE 2013-11-19 14:03:47 +04:00
Ruslan Ermilov
d47c435e9e Proper backtracking after space in a request line. 2013-11-19 06:57:58 +04:00
Maxim Dounin
1ac2693a33 Upstream: cache revalidation with conditional requests. 
The following new directives are introduced: proxy_cache_revalidate,
fastcgi_cache_revalidate, scgi_cache_revalidate, uwsgi_cache_revalidate.
Default is off.  When set to on, they enable cache revalidation using
conditional requests with If-Modified-Since for expired cache items.

As of now, no attempts are made to merge headers given in a 304 response
during cache revalidation with headers previously stored in a cache item.
Headers in a 304 response are only used to calculate new validity time
of a cache item.
 2013-11-18 20:48:22 +04:00
Valentin Bartenev
df2fc6a9df SPDY: fixed request hang with the auth request module. 
We should just call post_handler() when subrequest wants to read body, like
it happens for HTTP since rev. f458156fd46a.  An attempt to init request body
for subrequests results in hang if the body was not already read.
 2013-11-11 18:49:35 +04:00
Piotr Sikora
fa40777611 Configure: call "make distclean" for libatomic. 
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
 2013-11-11 01:59:47 -08:00
Piotr Sikora
49282c8e9d Configure: call "make clean" for OpenSSL only if Makefile exists. 
This change allows to build nginx against git checkout of OpenSSL.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
 2013-11-04 17:00:25 -08:00
Maxim Dounin
b0f025f4fe Win32: plugged memory leak. 2013-10-31 18:23:49 +04:00