Commit Graph

373 Commits

Author SHA1 Message Date
Maxim Dounin
af647a3da2 Upstream: fixed changing method on X-Accel-Redirect.
Previously, only r->method was changed, resulting in handling of a request
as GET within nginx itself, but not in requests to proxied servers.

See http://mailman.nginx.org/pipermail/nginx/2015-December/049518.html.
2016-01-11 19:08:12 +03:00
Maxim Dounin
fda7d021ca Upstream: don't keep connections on early responses (ticket #669). 2015-12-17 16:39:15 +03:00
Ruslan Ermilov
5e7535df72 Fixed fastcgi_pass with UNIX socket and variables (ticket #855).
This was broken in a93345ee8f52 (1.9.8).
2015-12-09 16:26:59 +03:00
Roman Arutyunyan
1b478c50de Upstream: fill r->headers_out.content_range from upstream response. 2015-12-07 16:30:47 +03:00
Maxim Dounin
af4e89b9a1 Style. 2015-12-02 01:06:54 +03:00
Ruslan Ermilov
5ea66922d9 Style: unified request method checks. 2015-11-06 15:22:43 +03:00
Ruslan Ermilov
72b9a317d2 Upstream: fixed "no port" detection in evaluated upstreams.
If an upstream with variables evaluated to address without a port,
then instead of a "no port in upstream" error an attempt was made
to connect() which failed with EADDRNOTAVAIL.
2015-11-21 10:44:07 +03:00
Roman Arutyunyan
89a049be89 Upstream: proxy_cache_convert_head directive.
The directive toggles conversion of HEAD to GET for cacheable proxy requests.
When disabled, $request_method must be added to cache key for consistency.
By default, HEAD is converted to GET as before.
2015-11-11 15:47:30 +03:00
Valentin Bartenev
ee37ff613f The HTTP/2 implementation (RFC 7240, 7241).
The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 20:13:06 +03:00
Roman Arutyunyan
51f714c85d Upstream: fixed cache send error handling.
The value of NGX_ERROR, returned from filter handlers, was treated as a generic
upstream error and changed to NGX_HTTP_INTERNAL_SERVER_ERROR before calling
ngx_http_finalize_request().  This resulted in "header already sent" alert
if header was already sent in filter handlers.

The problem appeared in 54e9b83d00f0 (1.7.5).
2015-09-03 15:09:21 +03:00
Maxim Dounin
9984f3053f Moved ngx_http_parse_time() to core, renamed accordingly.
The function is now called ngx_parse_http_time(), and can be used by
any code to parse HTTP-style date and time.  In particular, it will be
used for OCSP stapling.

For compatibility, a macro to map ngx_http_parse_time() to the new name
provided for a while.
2015-06-11 20:42:31 +03:00
Ruslan Ermilov
4b9b16d27d Upstream: $upstream_connect_time.
The variable keeps time spent on establishing a connection with
the upstream server.
2015-05-16 01:32:27 +03:00
Ruslan Ermilov
b070e2d713 Upstream: times to obtain header/response are stored as ngx_msec_t. 2015-05-16 01:31:04 +03:00
Ruslan Ermilov
c1882d9f3f Removed the obsolete aio module. 2015-04-22 18:57:32 +03:00
Ruslan Ermilov
8c82b75127 Upstream: abbreviated SSL handshake may interact badly with Nagle. 2015-04-07 00:07:04 +03:00
Maxim Dounin
2743bb68ee Request body: unbuffered reading.
The r->request_body_no_buffering flag was introduced.  It instructs
client request body reading code to avoid reading the whole body, and
to call post_handler early instead.  The caller should use the
ngx_http_read_unbuffered_request_body() function to read remaining
parts of the body.

Upstream module is now able to use this mode, if configured with
the proxy_request_buffering directive.
2015-03-23 21:09:19 +03:00
Ruslan Ermilov
f8d10849ad Removed ngx_connection_t.lock. 2015-03-20 06:43:19 +03:00
Ruslan Ermilov
83ba5ed2ec Renamed NGX_THREADS to NGX_OLD_THREADS because of deprecation.
It's mostly dead code and the original idea of worker threads has been rejected.
2015-03-04 18:26:25 +03:00
Maxim Dounin
a0d543595d Style.
Noted by Ruslan Ermilov.
2015-03-03 01:15:21 +03:00
Maxim Dounin
14a93c5a15 Upstream: upstream argument in ngx_http_upstream_process_request().
In case of filter finalization, r->upstream might be changed during
the ngx_event_pipe() call.  Added an argument to preserve it while
calling the ngx_http_upstream_process_request() function.
2015-03-02 21:44:42 +03:00
Maxim Dounin
2b032e8df6 Upstream: avoid duplicate finalization.
A request may be already finalized when ngx_http_upstream_finalize_request()
is called, due to filter finalization: after filter finalization upstream
can be finalized via ngx_http_upstream_cleanup(), either from
ngx_http_terminate_request(), or because a new request was initiated
to an upstream.  Then the upstream code will see an error returned from
the filter chain and will call the ngx_http_upstream_finalize_request()
function again.

To prevent corruption of various upstream data in this situation, make sure
to do nothing but merely call ngx_http_finalize_request().

Prodded by Yichun Zhang, for details see the thread at
http://nginx.org/pipermail/nginx-devel/2015-February/006539.html.
2015-03-02 21:44:32 +03:00
Roman Arutyunyan
f0b5f83378 Cache: do not inherit last_modified and etag from stale response.
When replacing a stale cache entry, its last_modified and etag could be
inherited from the old entry if the response code is not 200 or 206.  Moreover,
etag could be inherited with any response code if it's missing in the new
response.  As a result, the cache entry is left with invalid last_modified or
etag which could lead to broken revalidation.

For example, when a file is deleted from backend, its last_modified is copied to
the new 404 cache entry and is used later for revalidation.  Once the old file
appears again with its original timestamp, revalidation succeeds and the cached
404 response is sent to client instead of the file.

The problem appeared with etags in 44b9ab7752e3 (1.7.3) and affected
last_modified in 1573fc7875fa (1.7.9).
2015-03-02 19:47:13 +03:00
Ruslan Ermilov
3352461916 Upstream: detect port absence in fastcgi_pass with IP literal.
If fastcgi_pass (or any look-alike that doesn't imply a default
port) is specified as an IP literal (as opposed to a hostname),
port absence was not detected at configuration time and could
result in EADDRNOTAVAIL at run time.

Fixed this in such a way that configs like

http {
    server {
        location / {
            fastcgi_pass 127.0.0.1;
        }
    }

    upstream 127.0.0.1 {
        server 10.0.0.1:12345;
    }
}

still work.  That is, port absence check is delayed until after
we make sure there's no explicit upstream with such a name.
2015-01-22 16:23:32 +03:00
Roman Arutyunyan
f8fecbc94d Cache: added temp_path to file cache.
If use_temp_path is set to off, a subdirectory "temp" is created in the cache
directory.  It's used instead of proxy_temp_path and friends for caching
upstream response.
2015-02-02 19:38:35 +03:00
Vladimir Homutov
7e1eba5faa Upstream: $upstream_header_time variable.
Keeps time spent on obtaining the header from an upstream server.  The value is
formatted similar to the $upstream_response_time variable.
2015-01-14 09:03:35 +03:00
Valentin Bartenev
843fb552ec Upstream: use_temp_path parameter of proxy_cache_path and friends.
When set to "off", temporary files for cacheable responses will be stored
inside cache directory.
2014-12-26 16:22:59 +03:00
Valentin Bartenev
1858857c25 Cache: update variant while setting header.
Some parts of code related to handling variants of a resource moved into
a separate function that is called earlier.  This allows to use cache file
name as a prefix for temporary file in the following patch.
2014-12-26 16:22:56 +03:00
Valentin Bartenev
7817df480e Upstream: added variables support to proxy_cache and friends. 2014-12-22 12:59:09 +03:00
Valentin Bartenev
b24ad42008 Upstream: preset some cache configuration when bypassing.
No functional changes.
2014-12-22 12:59:06 +03:00
Valentin Bartenev
c40a72761c Upstream: refactored proxy_cache and friends.
The configuration handling code has changed to look similar to the proxy_store
directive and friends.  This simplifies adding variable support in the following
patch.

No functional changes.
2014-12-22 12:59:02 +03:00
Valentin Bartenev
492844dbb1 Upstream: simplified proxy_store and friends configuration code.
This changes internal API related to handling of the "store"
flag in ngx_http_upstream_conf_t.  Previously, a non-null value
of "store_lengths" was enough to enable store functionality with
custom path.  Now, the "store" flag is also required to be set.

No functional changes.
2014-12-22 12:58:56 +03:00
Piotr Sikora
1ea64b3f8f Cache: send conditional requests only for cached 200/206 responses.
RFC7232 says:

   The 304 (Not Modified) status code indicates that a conditional GET
   or HEAD request has been received and would have resulted in a 200
   (OK) response if it were not for the fact that the condition
   evaluated to false.

which means that there is no reason to send requests with "If-None-Match"
and/or "If-Modified-Since" headers for responses cached with other status
codes.

Also, sending conditional requests for responses cached with other status
codes could result in a strange behavior, e.g. upstream server returning
304 Not Modified for cached 404 Not Found responses, etc.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-11-26 18:35:37 -08:00
Maxim Dounin
10345663c8 Upstream: improved subrequest logging.
To ensure proper logging make sure to set current_request in all event
handlers, including resolve, ssl handshake, cache lock wait timer and
aio read handlers.  A macro ngx_http_set_log_request() introduced to
simplify this.
2014-12-02 05:54:54 +03:00
Piotr Sikora
3ecac9eaba Cache: add support for Cache-Control's s-maxage response directive.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-11-18 17:07:14 -08:00
Roman Arutyunyan
2628cc11d4 Cache: proxy_cache_lock_age and friends.
Once this age is reached, the cache lock is discarded and another
request can acquire the lock.  Requests which failed to acquire
the lock are not allowed to cache the response.
2014-11-18 20:41:12 +03:00
Toshikuni Fukaya
d9f5baa0b8 Upstream: support named location for X-Accel-Redirect. 2014-11-04 19:56:23 +09:00
Gu Feng
726c5726fb Upstream: limited next_upstream time and tries when resolving DNS.
When got multiple upstream IP addresses using DNS resolving, the number of
upstreams tries and the maxinum time spent for these tries were not affected.
This patch fixed it.
2014-10-27 19:52:03 +08:00
Roman Arutyunyan
18e4d042b0 Upstream: proxy_limit_rate and friends.
The directives limit the upstream read rate.  For example,
"proxy_limit_rate 42" limits proxy upstream read rate to
42 bytes per second.
2014-10-28 12:29:59 +03:00
Maxim Dounin
1332e76b20 Cache: hash of Vary headers now stored in cache.
To cache responses with Vary, we now calculate hash of headers listed
in Vary, and return the response from cache only if new request headers
match.

As of now, only one variant of the same resource can be stored in cache.
2014-10-27 21:13:58 +03:00
Maxim Dounin
fc785b12a0 Cache: disable caching of responses with Vary (ticket #118).
The "proxy_ignore_header" directive now undersands the "Vary" parameter
to ignore the header as needed.
2014-10-27 21:13:39 +03:00
Roman Arutyunyan
2244a5e9cf Upstream: proxy_force_ranges and friends.
The directives enable byte ranges for both cached and uncached
responses regardless of backend headers.
2014-10-14 18:32:01 +04:00
Piotr Sikora
4a2fba2d46 Upstream: fix $upstream_cache_last_modified variable.
Due to the u->headers_in.last_modified_time not being correctly initialized,
this variable was evaluated to "Thu, 01 Jan 1970 00:00:00 GMT" for responses
cached without the "Last-Modified" header which resulted in subsequent proxy
requests being sent with "If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT"
header.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-10-01 15:48:53 -07:00
Roman Arutyunyan
ba1676f267 Upstream: fixed file buffers reinit in ngx_http_upstream_reinit().
Previously, a file buffer start position was reset to the file start.
Now it's reset to the previous file buffer end.  This fixes
reinitialization of requests having multiple successive parts of a
single file.  Such requests are generated by fastcgi module.
2014-09-18 16:37:16 +04:00
Roman Arutyunyan
02ce6c415f Upstream: limited next_upstream time and tries (ticket #544).
The new directives {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_tries
and {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_timeout limit
the number of upstreams tried and the maximum time spent for these tries
when searching for a valid upstream.
2014-09-12 18:50:47 +04:00
FengGu
b4cb8475b1 Upstream: avoided directly terminating the connection.
When memory allocation failed in ngx_http_upstream_cache(), the connection
would be terminated directly in ngx_http_upstream_init_request().
Return a INTERNAL_SERVER_ERROR response instead.
2014-08-13 14:53:55 +08:00
Ruslan Ermilov
be6175d49d Upstream: improved configuration parser diagnostics.
Made it clear when the selected balancing method does not
support certain parameters of the "server" directive.
2014-09-01 12:27:38 +04:00
Maxim Dounin
4b2f12a604 Upstream: SSL handshake timeouts.
Timeout may not be set on an upstream connection when we call
ngx_ssl_handshake() in ngx_http_upstream_ssl_init_connection(),
so make sure to arm it if it's not set.

Based on a patch by Yichun Zhang.
2014-07-28 18:30:14 +04:00
Maxim Dounin
248baf4262 Upstream: ngx_http_upstream_store() error handling fixes.
Previously, ngx_http_map_uri_to_path() errors were not checked in
ngx_http_upstream_store().  Moreover, in case of errors temporary
files were not deleted, as u->store was set to 0, preventing cleanup
code in ngx_http_upstream_finalize_request() from removing them.  With
this patch, u->store is set to 0 only if there were no errors.

Reported by Feng Gu.
2014-07-18 20:11:40 +04:00
Piotr Sikora
7e7589e746 Style: add whitespace between control statement and parentheses.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-07-08 03:03:13 -07:00
Maxim Dounin
4a75e1a63c Upstream: p->downstream_error instead of closing connection.
Previously, nginx closed client connection in cases when a response body
from upstream was needed to be cached or stored but shouldn't be sent to
the client.  While this is normal for HTTP, it is unacceptable for SPDY.

Fix is to use instead the p->downstream_error flag to prevent nginx from
sending anything downstream.  To make this work, the event pipe code was
modified to properly cache empty responses with the flag set.
2014-07-04 20:47:16 +04:00