Commit Graph

1550 Commits

Author SHA1 Message Date
Maxim Dounin
71ce7a13ed Gzip filter: handling of empty flush buffers.
Empty flush buffers are legitimate and may happen e.g. due to $r->flush()
calls in embedded perl.  If there are no data buffered in zlib, deflate()
will return Z_BUF_ERROR (i.e. no progress possible) without adding anything
to output.  Don't treat Z_BUF_ERROR as fatal and correctly send empty flush
buffer if we have no data in output at all.

See this thread for details:
http://mailman.nginx.org/pipermail/nginx/2010-November/023693.html
2012-02-13 15:23:43 +00:00
Maxim Dounin
37c6228d43 Removed r->cache/r->cached dependencies in range filter.
This is a layering violation, use correct offset calculations instead.
2012-02-13 15:20:49 +00:00
Valentin Bartenev
a113cb3543 Proxy: added the "proxy_cookie_path" directive. 2012-02-13 11:08:05 +00:00
Valentin Bartenev
e9df2d6f46 Proxy: added the "proxy_cookie_domain" directive. 2012-02-13 11:04:45 +00:00
Valentin Bartenev
85551e58fe Proxy: generic regex related code from the "proxy_redirect" directive moved
to a separate function.

No functional changes.
2012-02-13 11:00:08 +00:00
Valentin Bartenev
7c611aa186 Proxy: generic rewrite code from the "proxy_redirect" handlers moved to a
separate function with trivial optimization.

No functional changes.
2012-02-13 10:56:09 +00:00
Valentin Bartenev
582dac116d Proxy: renamed some "proxy_redirect" related declarations to a more general and
reusable.

No functional changes.
2012-02-13 10:42:44 +00:00
Valentin Bartenev
9e8708cbd6 Limit conn: returned to the old behavior of using the first actual limit on
the way.

It was unintentionally changed in r4272, so that it could only limit the first
location where the processing of the request has reached PREACCESS phase.
2012-02-10 10:48:58 +00:00
Maxim Dounin
0f3d6715e7 Version bump. 2012-02-09 16:18:02 +00:00
Maxim Dounin
11cc9dac44 Limit req: unbreak compilation with MSVC. 2012-01-30 13:19:25 +00:00
Valentin Bartenev
3feafa765f Fixed proxy_redirect off inheritance.
Example configuration to reproduce:

  server {
      proxy_redirect off;

      location / {
          proxy_pass http://localhost:8000;
          proxy_redirect http://localhost:8000/ /;

          location ~ \.php$ {
              proxy_pass http://localhost:8000;
              # proxy_redirect must be inherited from the level above,
              # but instead it was switched off here
          }
      }
  }
2012-01-30 11:22:56 +00:00
Valentin Bartenev
b06200f3dc Limit req: support for multiple "limit_req" limits. 2012-01-30 10:17:56 +00:00
Valentin Bartenev
73d0b6a721 Limit req: number of cleanup calls reduced.
Doing a cleanup before every lookup seems to be too aggressive. It can lead to
premature removal of the nodes still usable, which increases the amount of work
under a mutex lock and therefore decreases performance.

In order to improve cleanup behavior, cleanup function call has been moved right
before the allocation of a new node.
2012-01-30 10:01:39 +00:00
Valentin Bartenev
8dab3b5a39 Limit req: allocation and initialization of a new node moved to the lookup
function.

No functional changes.
2012-01-30 09:41:49 +00:00
Valentin Bartenev
5f5205ba87 Limit req: improved error handling when parsing "zone" parameter of
"limit_req_zone" directive; minimum size of zone is increased.

Previously an unsigned variable was used to keep the return value of
ngx_parse_size() function, which led to an incorrect zone size if NGX_ERROR
was returned.

The new code has been taken from the "limit_conn_zone" directive.
2012-01-30 09:26:08 +00:00
Valentin Bartenev
d4dbf6ad59 Limit req: error messages fixed. 2012-01-30 09:02:29 +00:00
Maxim Konovalov
f8d59e33f3 Copyright updated. 2012-01-18 15:07:43 +00:00
Maxim Konovalov
8e1ef760da Version bump. 2012-01-18 15:04:17 +00:00
Maxim Dounin
9572920af0 Fixed handling of mp4 above 2G and 32bit offsets (ticket #84). 2012-01-16 11:03:27 +00:00
Maxim Dounin
2c55914a9f Fixed proxy_cache_use_stale in "no live upstreams" case. 2012-01-16 11:01:52 +00:00
Maxim Dounin
4efcbce328 Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive.
Support for TLSv1.1 and TLSv1.2 protocols was introduced in OpenSSL 1.0.1
(-beta1 was recently released).  This change makes it possible to disable
these protocols and/or enable them without other protocols.
2012-01-11 11:15:00 +00:00
Maxim Dounin
f2ef9db230 Fixed limit_req burst/nodelay inheritance (ticket #76).
The problem was introduced in r4381 (1.1.12).
2012-01-11 11:09:05 +00:00
Valentin Bartenev
b8ef9d9255 Fixed: proxy_redirect with regex might broke Refresh header.
The problem was localized in ngx_http_proxy_rewrite_redirect_regex() handler
function which did not take into account prefix when overwriting header value.
2012-01-10 15:09:45 +00:00
Maxim Dounin
11f09dd07d Version bump. 2011-12-27 11:56:48 +00:00
Maxim Dounin
da8a43dee9 Cache lock support for fastcgi, scgi, uwsgi. 2011-12-26 11:16:19 +00:00
Maxim Dounin
822fe46934 Cache locks initial implementation.
New directives: proxy_cache_lock on/off, proxy_cache_lock_timeout.  With
proxy_cache_lock set to on, only one request will be allowed to go to
upstream for a particular cache item.  Others will wait for a response
to appear in cache (or cache lock released) up to proxy_cache_lock_timeout.

Waiting requests will recheck if they have cached response ready (or are
allowed to run) every 500ms.

Note: we intentionally don't intercept NGX_DECLINED possibly returned by
ngx_http_file_cache_read().  This needs more work (possibly safe, but needs
further investigation).  Anyway, it's exceptional situation.

Note: probably there should be a way to disable caching of responses
if there is already one request fetching resource to cache (without waiting
at all).  Two possible ways include another cache lock option ("no_cache")
or using proxy_no_cache with some supplied variable.

Note: probably there should be a way to lock updating requests as well.  For
now "proxy_cache_use_stale updating" is available.
2011-12-26 11:15:23 +00:00
Maxim Dounin
6a56732e98 Fixed mp4 if first entry in stsc was skipped (ticket #72).
If first entry in stsc atom was skipped, and seek was to chunk boundary,
than first_chunk in the generated stsc table wasn't set to 1.
2011-12-26 10:49:03 +00:00
Valentin Bartenev
b65597ecd5 SSI: added regex captures support in the expression of the "if" command. 2011-12-25 20:08:37 +00:00
Valentin Bartenev
39f01e526f Fixed limit_conn_log_level/limit_req_log_level inheritance.
The directives did not work if there were no limit_conn/limit_req specified on
the same level.
2011-12-25 19:32:31 +00:00
Maxim Dounin
aa4492612b Proxy: made proxy_pass with variables more consistent.
If proxy_pass was used with variables and there was no URI component,
nginx always used unparsed URI.  This isn't consistent with "no variables"
case, where e.g. rewrites are applied even if there is no URI component.

Fix is to use the same logic in both cases, i.e. only use unparsed URI if
it's valid and request is the main one.
2011-12-23 16:04:09 +00:00
Valentin Bartenev
c5968a998c SSI bugfix: the "if" command did not work inside the "block" command and
produced parsing errors.
2011-12-19 13:28:22 +00:00
Maxim Dounin
8a85ab8e20 Scgi: removed error if there is no Status header.
The SCGI specification doesn't specify format of the response, and assuming
CGI specs should be used there is no reason to complain.  RFC 3875
explicitly states that "A Status header field is optional, and status
200 'OK' is assumed if it is omitted".
2011-12-19 11:25:40 +00:00
Maxim Dounin
32e2038026 Scgi: removed duplicate function declaration. 2011-12-19 11:24:32 +00:00
Maxim Dounin
4d1e32d9d8 Fixed incorrect use of r->http_version in scgi module.
The r->http_version is a version of client's request, and modules must
not set it unless they are really willing to downgrade protocol version
used for a response (i.e. to HTTP/0.9 if no response headers are available).
In neither case r->http_version may be upgraded.

The former code downgraded response from HTTP/1.1 to HTTP/1.0 for no reason,
causing various problems (see ticket #66).  It was also possible that
HTTP/0.9 requests were upgraded to HTTP/1.0.
2011-12-19 11:23:16 +00:00
Maxim Dounin
afb7f22c03 Version bump. 2011-12-19 11:21:46 +00:00
Valentin Bartenev
0be9554bda Proxy: added variables and regexp support to the first parameter of
the "proxy_redirect" directive.
2011-12-12 09:02:29 +00:00
Valentin Bartenev
df54c36d90 SCGI: added "if_not_empty" flag support to the "scgi_param" directive. 2011-12-09 14:03:06 +00:00
Valentin Bartenev
582b5319b7 uwsgi: added "if_not_empty" flag support to the "uwsgi_param" directive. 2011-12-09 13:47:04 +00:00
Valentin Bartenev
a826eb6720 FastCGI: added "if_not_empty" flag support to the "fastcgi_param" directive. 2011-12-09 13:32:51 +00:00
Ruslan Ermilov
59a2b77039 - Improved error message when parsing of the "buffer" parameter of the
"access_log" directive fails.

- Added a warning if "log_format" is used in contexts other than "http".
2011-12-06 21:07:10 +00:00
Maxim Dounin
08f2256b29 Version bump. 2011-12-06 13:22:32 +00:00
Maxim Dounin
b99492595c Version bump. 2011-11-29 17:25:31 +00:00
Maxim Dounin
1d13c0dd34 Allowed add_header for proxied 206 replies.
It was working for nginx's own 206 replies as they are seen as 200 in the
headers filter module (range filter goes later in the headers filter chain),
but not for proxied replies.
2011-11-28 10:00:47 +00:00
Ruslan Ermilov
1e5f239170 Fixed "rotate" to always work when combined with "resize/crop". 2011-11-23 10:22:44 +00:00
Ruslan Ermilov
ca2cce23cc Cosmetics. 2011-11-23 10:16:30 +00:00
Igor Sysoev
79df789b47 Fix of mp4 module seeking. 2011-11-23 07:22:15 +00:00
Maxim Dounin
5eef168a22 Fixed flv header to match specification.
Used "\x5" in 5th byte to claim presence of both audio and video.  Used
previous tag size 0 in the beginning of the flv body (bytes 10 .. 13) as
required by specification (see http://www.adobe.com/devnet/f4v.html).

Patch by Piotr Sikora.
2011-11-18 14:41:01 +00:00
Valentin Bartenev
963315aca0 Fixed incorrect counting the length of headers in a SCGI request. 2011-11-16 12:51:27 +00:00
Maxim Dounin
2fd9b49334 Version bump. 2011-11-15 20:33:37 +00:00
Igor Sysoev
dd4490c4e4 Fix of "Content-Length" header of MP4 response if start argument was used.
Patch by Piotr Sikora.
2011-11-14 14:42:48 +00:00
Valentin Bartenev
255e20ad21 Renamed ngx_http_limit_zone_module to ngx_http_limit_conn_module. 2011-11-14 14:04:42 +00:00
Maxim Dounin
030523dff0 Fixed fastcgi/scgi/uwsgi_param inheritance.
The following problems were fixed:

1. Directive fastcgi_cache affected headers sent to backends in unrelated
   servers / locations (see ticket #45).

2. If-Unmodified-Since, If-Match and If-Range headers were sent to backends
   if fastcgi_cache was used.

3. Cache-related headers were sent to backends if there were no fastcgi_param
   directives and fastcgi_cache was used at server level.
2011-11-14 13:26:18 +00:00
Maxim Dounin
ca01f46103 Separate functions to merge fastcgi/scgi/uwsgi params.
No functional changes.
2011-11-14 13:24:43 +00:00
Maxim Dounin
86a851907b Fixed Upgrade header clearing with proxy_cache.
This was missed in proxy HTTP/1.1 support commit (r4127).
2011-11-14 13:21:10 +00:00
Maxim Dounin
962727b259 Fixed proxy_set_header inheritance with proxy_set_body. 2011-11-14 13:19:56 +00:00
Maxim Dounin
b5984de06b Fixed proxy_set_header inheritance with proxy_cache (ticket #45).
Headers cleared with cache enabled (If-Modified-Since etc.) might be cleared
in unrelated servers/locations without proxy_cache enabled if proxy_cache was
used in some server/location.

Example config which triggered the problem:

    proxy_set_header X-Test "test";
    server { location /1 { proxy_cache name; proxy_pass ... } }
    server { location /2 { proxy_pass ... } }

Another one:

    server {
        proxy_cache name;
        location /1 { proxy_pass ... }
        location /2 { proxy_cache off; proxy_pass ... }
    }

In both cases If-Modified-Since header wasn't sent to backend in location /2.

Fix is to not modify conf->headers_source, but instead merge user-supplied
headers from conf->headers_source and default headers (either cache or not)
into separate headers_merged array.
2011-11-14 13:18:15 +00:00
Sergey Budnevitch
66a60a62cc Fixed NGX_CONF_TAKE1/NGX_CONF_FLAG misuse. 2011-11-14 09:12:15 +00:00
Valentin Bartenev
1dbd331849 Limit zone: added the "limit_conn_zone" directive.
It supersedes old "limit_zone" directive (deprecated accordingly) and uses
syntax consistent with the "limit_req_zone" directive.
2011-11-10 16:25:08 +00:00
Valentin Bartenev
aaf5a5772f Limit zone: support for multiple "limit_conn" limits. 2011-11-10 16:08:13 +00:00
Valentin Bartenev
54660dcf74 Limit zone: rbtree lookup moved to a separate function.
No functional changes.
2011-11-10 15:51:55 +00:00
Igor Sysoev
a8963fbbcf The "image_filter_sharpen" directive. 2011-11-08 13:17:14 +00:00
Igor Sysoev
ff2bee1fa9 Ancient incomplete ngx_http_status_module removal. 2011-11-01 15:16:28 +00:00
Igor Sysoev
0d03a44aab Version bump. 2011-11-01 15:10:46 +00:00
Maxim Dounin
ca495238bd Fixed segfault on configuration testing with ssl (ticket #37).
The following config caused segmentation fault due to conf->file not
being properly set if "ssl on" was inherited from the http level:

http {
    ssl on;
    server {
    }
}
2011-10-31 09:57:14 +00:00
Maxim Dounin
b167c46ca2 Fixed "expires @time" with unknown last modified time (ticket #32). 2011-10-17 17:32:08 +00:00
Maxim Dounin
81b43370d5 Fixed "expires @00h". 2011-10-17 17:30:18 +00:00
Igor Sysoev
6242f77617 Version bump. 2011-10-17 15:39:59 +00:00
Igor Sysoev
d51bcf6f63 Skipping location rewrite phase for server null location. 2011-10-13 12:43:22 +00:00
Maxim Dounin
b713e480ca Better recheck of dead upstream servers.
Previously nginx used to mark backend again as live as soon as fail_timeout
passes (10s by default) since last failure.  On the other hand, detecting
dead backend takes up to 60s (proxy_connect_timeout) in typical situation
"backend is down and doesn't respond to any packets".  This resulted in
suboptimal behaviour in the above situation (up to 23% of requests were
directed to dead backend with default settings).

More detailed description of the problem may be found here (in Russian):
http://mailman.nginx.org/pipermail/nginx-ru/2011-August/042172.html

Fix is to only allow one request after fail_timeout passes, and
mark backend as "live" only if this request succeeds.

Note that with new code backend will not be marked "live" unless "check"
request is completed, and this may take a while in some specific workloads
(e.g. streaming).  This is believed to be acceptable.
2011-10-12 14:22:48 +00:00
Maxim Dounin
72df0f400a Clear old Location header (if any) while adding a new one.
This prevents incorrect behaviour when another redirect is issued within
error_page 302 handler.
2011-10-12 13:28:03 +00:00
Maxim Dounin
8650c1eb24 Wording fix, "many data" is incorrect.
Noted by Piotr Sikora.
2011-10-12 13:24:59 +00:00
Maxim Dounin
012e6b6378 Handling of Content-Encoding set from perl.
This fixes double gzipping in case of gzip filter being enabled while perl
returns already gzipped response.
2011-10-11 18:01:38 +00:00
Maxim Dounin
5cc1fb1d5b Autoindex: escape html in file names. 2011-10-11 17:57:41 +00:00
Maxim Dounin
6226fe3512 Autoindex: escape '?' in file names.
For files with '?' in their names autoindex generated links with '?' not
escaped.  This resulted in effectively truncated links as '?' indicates
query string start.

This is an updated version of the patch originally posted at [1].  It
introduces generic NGX_ESCAPE_URI_COMPONENT which escapes everything but
unreserved characters as per RFC 3986.  This approach also renders unneeded
special colon processing (as colon is percent-encoded now), it's dropped
accordingly.

[1] http://nginx.org/pipermail/nginx-devel/2010-February/000112.html

Reported by Konstantin Leonov.
2011-10-11 17:56:51 +00:00
Maxim Dounin
e3d6c5a33c Improved access log escaping to better protect other software.
Some character sets (notably ISO-8859-1) have C1 control characters in
upper half, make sure to escape them.

Reported by Jesus Olmos Gonzalez.
2011-10-11 17:54:38 +00:00
Igor Sysoev
840ef3980c Fixing mp4 module seeking on 32-bit platforms. 2011-10-11 10:12:44 +00:00
Ruslan Ermilov
2fdb547f3a Fixed macro name. 2011-10-10 08:38:28 +00:00
Igor Sysoev
3f34960fde Version bump. 2011-10-07 10:41:13 +00:00
Igor Sysoev
ab0078a4c8 Version bump. 2011-10-05 13:13:25 +00:00
Maxim Dounin
3aba768855 Added uwsgi_buffering and scgi_buffering directives.
Patch by Peter Smit.
2011-09-30 11:53:27 +00:00
Igor Sysoev
f3ae6a6102 Using strtod() instead of atofp() to support a lot of digits after dot in
"start" parameter value.
2011-09-30 09:18:28 +00:00
Igor Sysoev
a40e7eed30 Fix of building on platforms with 32-bit off_t. (closed #23) 2011-09-29 15:19:36 +00:00
Maxim Dounin
554768dabb Fix for "ssl_session_cache builtin" (broken since 1.1.1, r3993). 2011-09-27 12:06:07 +00:00
Maxim Dounin
77ca973d11 Fix for "return 202" not discarding body.
Big POST (not fully preread) to a

    location / {
        return 202;
    }

resulted in incorrect behaviour due to "return" code path not calling
ngx_http_discard_request_body().  The same applies to all "return" used
with 2xx/3xx codes except 201 and 204, and to all "return ... text" uses.

Fix is to add ngx_http_discard_request_body() call to ngx_http_send_response()
function where it looks appropriate.  Discard body call from emtpy gif module
removed as it's now redundant.

Reported by Pyry Hakulinen, see
http://mailman.nginx.org/pipermail/nginx/2011-August/028503.html
2011-09-27 11:13:00 +00:00
Maxim Dounin
ad5ef15e08 Fix for double content when return is used in error_page handler.
Test case:

   location / {
       error_page 405 /nope;
       return 405;
   }

   location /nope {
       return 200;
   }

This is expected to return 405 with empty body, but in 0.8.42+ will return
builtin 405 error page as well (though not counted in Content-Length, thus
breaking protocol).

Fix is to use status provided by rewrite script execution in case
it's less than NGX_HTTP_BAD_REQUEST even if r->error_status set.  This
check is in line with one in ngx_http_script_return_code().

Note that this patch also changes behaviour for "return 302 ..." and
"rewrite ... redirect" used as error handler.  E.g.

    location / {
        error_page 405 /redirect;
        return 405;
    }

    location /redirect {
        rewrite ^ http://example.com/;
    }

will actually return redirect to "http://example.com/" instead of builtin 405
error page with meaningless Location header.  This looks like correct change
and it's in line with what happens on e.g. directory redirects in error
handlers.
2011-09-27 11:11:30 +00:00
Maxim Dounin
5c56f20ae7 Proxy: logging levels tuned, double logging fixed. 2011-09-25 20:04:20 +00:00
Maxim Dounin
aa12f3c7f3 Proxy: whitespaces after chunk size allowed.
Whitespaces after chunk size seems to be be allowed by the "implied *LWS" rule
and emitted by some servers.
2011-09-25 20:03:27 +00:00
Maxim Dounin
d1b9a0388d Fixed loss of chain links in fastcgi module. 2011-09-20 09:56:05 +00:00
Ruslan Ermilov
a823c550e4 Replaced "can not" with "cannot" and "could not" in a bunch of places.
Fixed nearby grammar errors.
2011-09-19 14:48:29 +00:00
Maxim Dounin
c6353a5654 Trailing space fix. 2011-09-16 12:08:52 +00:00
Maxim Dounin
44002e541f Upstream keepalive module. 2011-09-15 19:28:18 +00:00
Maxim Dounin
2fe0a7a0f6 Proxy: basic HTTP/1.1 support (including keepalive).
By default we still send requests using HTTP/1.0.  This may be changed with
new proxy_http_version directive.
2011-09-15 19:23:20 +00:00
Maxim Dounin
f2fcf11b25 Protocol version parsing in ngx_http_parse_status_line().
Once we know protocol version, set u->headers_in.connection_close to indicate
implicitly assumed connection close with HTTP before 1.1.
2011-09-15 19:22:35 +00:00
Maxim Dounin
2da36b30c3 Keepalive support in fastcgi.
By default follow the old behaviour, i.e. FASTCGI_KEEP_CONN flag isn't set
in request and application is responsible for closing connection once request
is done.  To keep connections alive fastcgi_keep_conn must be activated.
2011-09-15 19:05:23 +00:00
Maxim Dounin
05552a23a2 Keepalive support in memcached. 2011-09-15 19:04:25 +00:00
Maxim Dounin
ffe4f11417 Upstream: r->upstream->length type change to off_t.
Previous use of size_t may cause wierd effects on 32bit platforms with certain
big responses transferred in unbuffered mode.

Nuke "if (size > u->length)" check as it's not usefull anyway (preread
body data isn't subject to this check) and now requires additional check
for u->length being positive.
2011-09-15 18:43:19 +00:00
Maxim Dounin
e19f005daf Upstream: content_length_n API change.
We no longer use r->headers_out.content_length_n as a primary source of
backend's response length.  Instead we parse response length to
u->headers_in.content_length_n and copy to r->headers_out.content_length_n
when needed.
2011-09-15 18:33:43 +00:00
Maxim Dounin
d7c2673d3f API change: ngx_chain_update_chains() now requires pool.
The ngx_chain_update_chains() needs pool to free chain links used for buffers
with non-matching tags.  Providing one helps to reduce memory consumption
for long-lived requests.
2011-09-15 16:03:17 +00:00
Maxim Dounin
a890b313f3 Buffers reuse in chunked filter.
There were 2 buffers allocated on each buffer chain sent through chunked
filter (one buffer for chunk size, another one for trailing CRLF, about
120 bytes in total on 32-bit platforms).  This resulted in large memory
consumption with long-lived requests sending many buffer chains.  Usual
example of problematic scenario is streaming though proxy with
proxy_buffering set to off.

Introduced buffers reuse reduces memory consumption in the above problematic
scenario.

See here for initial report:
http://mailman.nginx.org/pipermail/nginx/2010-April/019814.html
2011-09-15 15:25:42 +00:00
Igor Sysoev
57b4fdb6c8 MP4 co64 atom support added. 2011-09-15 13:23:03 +00:00
Igor Sysoev
c940f5fc99 Fix of struct field name. 2011-09-15 05:15:16 +00:00
Igor Sysoev
1fc9a8dec6 Style fix. 2011-09-14 15:26:11 +00:00
Igor Sysoev
acdac73688 Fixing building by gcc-4.7. 2011-09-14 15:25:46 +00:00
Igor Sysoev
4a383594fb Version bump. 2011-09-14 15:20:01 +00:00
Igor Sysoev
2cc42b74c7 Skipping traks with unsupported media formats. 2011-09-14 14:04:41 +00:00
Igor Sysoev
dcea2ce7d1 Fix of case when start sample does not reside on chunk boundary. 2011-09-14 05:16:20 +00:00
Igor Sysoev
f824fb47fe Fix of debug message format. 2011-09-12 15:15:00 +00:00
Igor Sysoev
d44855067d Fix of codec debug message. 2011-09-12 14:54:28 +00:00
Igor Sysoev
3d9ae84bf9 Fix of error message. 2011-09-12 14:46:06 +00:00
Igor Sysoev
7e8ee656a8 Fix of error message. 2011-09-12 13:06:22 +00:00
Igor Sysoev
e07a3577a9 mp4_max_moov_size directive has been renamed to mp4_max_buffer_size. 2011-09-12 09:38:04 +00:00
Igor Sysoev
b1c79a449e bugfix of r4086: nginx could not be built without debug log. 2011-09-09 11:56:49 +00:00
Igor Sysoev
5d01ac5af3 Bugfix of r4086: directio was always enabled if mp4 file was sent as is. 2011-09-09 11:13:55 +00:00
Igor Sysoev
dde4d7e300 ngx_http_mp4_module 2011-09-09 10:22:34 +00:00
Igor Sysoev
3a73e50498 Version bump. 2011-09-05 16:26:51 +00:00
Igor Sysoev
09be2f18c5 Now if client requests more ranges than "max_ranges" permits,
nginx disables ranges and returns just the source response.
2011-09-01 13:03:55 +00:00
Igor Sysoev
f560419c54 The "max_ranges" directive.
"max_ranges 0" disables ranges support at all,
"max_ranges 1" allows the single range, etc.
By default number of ranges is unlimited, to be precise, 2^31-1.
2011-08-31 09:40:55 +00:00
Igor Sysoev
e81c293289 Style fix: removal of tabs introduced in the previous commit. 2011-08-31 09:26:07 +00:00
Igor Sysoev
65b1592d02 *) fix of r4060: start value should be tested after the "found" label;
*) optimization: start value may be tested against end value only,
   since end value here may not be greater than content_length.
2011-08-30 20:34:58 +00:00
Igor Sysoev
1f3280bae2 Unsatisfiable range with start value greater than content length
was not properly skipped. The bug has been introduced in r4057.
2011-08-30 14:25:35 +00:00
Igor Sysoev
e766153451 ngx_http_range_parse() should be static. 2011-08-30 13:07:33 +00:00
Igor Sysoev
9162057731 Ranges processing small optimization. 2011-08-30 13:06:12 +00:00
Igor Sysoev
451df22b3f Now unsatisfiable ranges are processed according to RFC 2616. 2011-08-30 13:01:55 +00:00
Igor Sysoev
584703b84a Ranges processing small optimization. 2011-08-30 12:45:24 +00:00
Igor Sysoev
f2575bd878 Style fix. 2011-08-30 12:28:01 +00:00
Igor Sysoev
c2c3e3105f Now if total size of all ranges is greater than source response size,
then nginx disables ranges and returns just the source response.
This fix should not affect well-behaving applications but will defeat
DoS attempts exploiting malicious byte ranges.
2011-08-26 09:42:50 +00:00
Igor Sysoev
631fa929d3 Version bump. 2011-08-23 14:22:34 +00:00
Maxim Dounin
5a52d67a08 Fix ignored headers handling in fastcgi/scgi/uwsgi.
The bug had appeared in r3561 (fastcgi), r3638 (scgi), r3567 (uwsgi).
2011-08-19 20:11:39 +00:00
Maxim Dounin
9bc8fc4602 Fixing proxy_set_body and proxy_pass_request_body with SSL.
Flush flag wasn't set in constructed buffer and this prevented any data
from being actually sent to upstream due to SSL buffering.  Make sure
we always set flush in the last buffer we are going to sent.

See here for report:
http://nginx.org/pipermail/nginx-ru/2011-June/041552.html
2011-08-18 16:34:24 +00:00
Igor Sysoev
c4ff39ae2b Fix names of the referer hash size directives introduced in r3940. 2011-08-18 16:27:30 +00:00
Igor Sysoev
dfd81a23b2 A new fix for the case when ssl_session_cache defined, but ssl is not
enabled in any server. The previous r1033 does not help when unused zone
becomes used after reconfiguration, so it is backed out.

The initial thought was to make SSL modules independed from SSL implementation
and to keep OpenSSL code dependance as much as in separate files.
2011-08-04 11:12:30 +00:00
Igor Sysoev
c42be75569 removal of error message about %name log_format parameters,
they have been deleted long ago in 0.5.0-RELEASE
2011-08-03 16:01:36 +00:00
Igor Sysoev
475a5dfcf1 bump version 2011-08-02 12:39:38 +00:00
Igor Sysoev
c9468026e7 test length of proxy_pass with variables
patch by Lanshun Zhou
2011-07-30 06:11:46 +00:00
Igor Sysoev
c2f852c260 update r3945 with more descriptive error message 2011-07-29 15:33:03 +00:00
Igor Sysoev
f39642a907 ECDHE support
patch by Adrian Kotelba
2011-07-20 15:42:40 +00:00
Igor Sysoev
e61ba26744 MSIE export versions are rare now, so RSA 512 key is generated on demand
and is shared among all hosts instead of pregenerating for every HTTPS host
on configuraiton phase. This decreases start time for configuration with
large number of HTTPS hosts.
2011-07-20 12:59:24 +00:00
Igor Sysoev
2551f4a55d bump version: 1.1.0 development version 2011-07-20 09:29:25 +00:00
Igor Sysoev
82afb9cc86 $uid_reset 2011-07-19 11:21:50 +00:00
Igor Sysoev
f58154db2f referer_hash_max_size and referer_hash_bucket_size directives
patch by Witold Filipczyk
2011-06-28 10:40:44 +00:00
Igor Sysoev
8d7b1d222e use !aNULL to disable all anonymous cipher suites
patch by Rob Stradling
2011-06-27 15:47:51 +00:00
Igor Sysoev
0a860a1c1d bump version 2011-06-27 15:34:44 +00:00
Igor Sysoev
5343bf3221 revert r3875 since now map uses case sensetive regexes by default 2011-05-30 14:24:17 +00:00
Igor Sysoev
53d05b969b change ngx_http_map_find(): use case sensitive regexes 2011-05-30 12:36:17 +00:00
Igor Sysoev
ce2229e2f7 bump version 2011-05-26 07:31:40 +00:00
Igor Sysoev
5dc5945ccf "$apr1", "{PLAIN}", and "{SSHA}" password methods in auth basic module
patch by Maxim Dounin
2011-05-16 14:54:50 +00:00
Igor Sysoev
ffc7271250 fix testing IPv4 address mapped to IPv6, when only IPv6 access rules are defined 2011-05-16 14:01:23 +00:00
Igor Sysoev
529b5f1938 support IPv4 mapped to IPv6 in geo module 2011-05-16 13:54:42 +00:00
Igor Sysoev
dd39f60014 support IPv4 mapped to IPv6 in geoip module 2011-05-16 13:50:58 +00:00
Igor Sysoev
868db976d7 fix debug logging 2011-05-13 10:06:56 +00:00
Igor Sysoev
50733a53ec geoip_org
patch by Alexander Uskov
2011-05-11 09:34:21 +00:00
Igor Sysoev
20b52bec63 fix typo 2011-05-11 09:25:37 +00:00
Igor Sysoev
dc336358ab bump version 2011-05-11 09:19:48 +00:00
Igor Sysoev
49ae93034d gdImageCopyRotated() may images of even height or width
patch by Adam Bocim
2011-05-10 12:04:57 +00:00
Igor Sysoev
e691d94a39 bump version 2011-05-04 12:20:32 +00:00
Igor Sysoev
432760ee4d use MurmurHash2 for split_clients, because
its distribution is much better than CRC32's one
2011-04-15 10:59:57 +00:00
Igor Sysoev
0bd0b2894c bump version 2011-04-15 10:58:44 +00:00
Igor Sysoev
d63104eea4 use memmove() in appropriate places 2011-04-12 08:02:46 +00:00
Igor Sysoev
ea38fe54bd fix "image_filter rotate 180" and crop case
the bug has been introduced in r3879
2011-04-07 09:12:30 +00:00
Igor Sysoev
f352259dd6 bump version 2011-04-07 09:08:52 +00:00
Igor Sysoev
fde7d51392 fix case when a host in fastcgi_pass, scgi_pass, and uwsgi_pass
is given by expression and refers to a defined upstream
2011-04-04 10:43:21 +00:00
Igor Sysoev
450c981ab9 image filter rotate
patch by Adam Bocim
2011-04-04 09:57:32 +00:00
Igor Sysoev
b8fb0a15a2 bump version 2011-04-04 09:46:00 +00:00
Igor Sysoev
921ac21acf map tests values in low case only, so caseless regex has no sense 2011-03-21 15:18:59 +00:00
Igor Sysoev
c9d671cd81 $time_iso8601 log variable
patch by Michael Lustfield
2011-03-16 15:46:57 +00:00
Igor Sysoev
0519b43a77 allow regex as "map" parameter 2011-03-16 15:32:31 +00:00
Igor Sysoev
22434e4c72 fix warnings 2011-02-21 11:44:26 +00:00
Igor Sysoev
2a526d4969 bump version 2011-02-21 10:03:28 +00:00
Igor Sysoev
b2492255f8 always test proxy_redirect with slash, this fixes a case when nginx uses
proxy_pass "http://www", upstream redirects to "http://www.host/uri",
and nginx rewrites it as ".host/uri"
patch by Maxim Dounin
2011-02-17 11:54:35 +00:00
Igor Sysoev
eb1a344dd3 utf8 parameter of geoip_country and geoip_city
patch by Denis F. Latypoff
2011-01-27 12:51:59 +00:00
Igor Sysoev
ab54e21633 bump version 2011-01-27 12:43:11 +00:00
Igor Sysoev
d19c93d127 style fix: remove trailing spaces 2011-01-20 15:29:53 +00:00
Igor Sysoev
8e8251a317 fix large stderr handling without http cache
patch by Maxim Dounin
the bug has been introduced in r3461
2011-01-20 12:23:00 +00:00
Igor Sysoev
dc61c0a153 bump version 2010-12-14 22:54:04 +00:00
Igor Sysoev
5491139caf bump version 2010-12-06 14:40:40 +00:00
Igor Sysoev
ec4df838c8 "If-Unmodified-Since" support 2010-12-06 11:11:05 +00:00
Igor Sysoev
86ffd9b10f bump version 2010-11-30 13:26:21 +00:00
Igor Sysoev
c219a6f7d0 bump version 2010-11-29 19:39:26 +00:00
Igor Sysoev
02677300d1 fix building by icc8 2010-11-26 13:36:36 +00:00
Igor Sysoev
97d32cb169 allow variable as "map" value 2010-11-26 12:25:51 +00:00
Igor Sysoev
07335d89df use "\" to escape "default", "include", and "hostnames" values instead of "!" 2010-11-25 15:36:24 +00:00
Igor Sysoev
04e145d2da allow empty value as "map" parameter 2010-11-25 15:24:29 +00:00
Igor Sysoev
67e6bafc90 allow expressions in the first "map" parameter 2010-11-25 15:22:43 +00:00
Igor Sysoev
601ca7cd6e bump version 2010-11-24 13:41:37 +00:00
Igor Sysoev
c5d1790e1d change order of limit_req lookup result processing 2010-10-14 09:20:01 +00:00
Igor Sysoev
622721a598 an excess was logged as 0.000 if requests were limited without delay:
*) use a real excess value instead of non-updated limit_req rbtree node field,
*) move inactivity queue handling inside ngx_http_limit_req_lookup()
   since the node is not required outside the lookup function;

the bug has been introduced in r3184
2010-10-13 20:58:41 +00:00
Igor Sysoev
5fffff997f gzip_disable degradation 2010-10-04 15:03:00 +00:00
Igor Sysoev
81aa52829a ngx_http_degraded() 2010-10-04 14:59:41 +00:00
Igor Sysoev
61d5e5e67f bump version 2010-10-04 13:50:09 +00:00
Igor Sysoev
a397c7faaa bump version 2010-09-28 06:46:58 +00:00
Igor Sysoev
9a62648f7b fix typo 2010-09-13 12:44:43 +00:00
Igor Sysoev
12f4da4695 discard "secure_link_expires on|off" 2010-09-06 14:19:18 +00:00
Igor Sysoev
c13a4098b7 bump version 2010-09-06 11:07:07 +00:00
Igor Sysoev
94e9aaa8ad new ngx_http_secure_link_module with secure_link, secure_link_md5, and
secure_link_expires
2010-09-02 14:37:16 +00:00
Igor Sysoev
f380df5e20 bump version 2010-08-25 12:30:08 +00:00
Igor Sysoev
d39b9ec19d image_filter_jpeg_quality supports variables 2010-08-06 15:55:05 +00:00
Igor Sysoev
541d8c698a we can free GeoIPRecord just after GeoIP_region_name_by_code(),
because it returns a statically allocated string
2010-08-03 18:38:08 +00:00
Igor Sysoev
a999586594 fix segfault, the bug has been introduced in r3738 2010-08-03 18:27:56 +00:00
Igor Sysoev
6dd6aefaa7 bump version 2010-08-03 18:24:18 +00:00
Igor Sysoev
395f35e5fa $geoip_region_name 2010-08-03 15:01:34 +00:00