Commit Graph

3906 Commits

Author SHA1 Message Date
Maxim Dounin
31f5a59fae Added clearing of modules' contexts in ngx_http_named_location().
Patch by Yichun Zhang (agentzh).
2011-10-15 21:42:03 +00:00
Maxim Dounin
ba76a89d4b Fixed utf8 decode (ticket #25).
Patch by Alexey Kuts.
2011-10-13 13:56:41 +00:00
Igor Sysoev
d51bcf6f63 Skipping location rewrite phase for server null location. 2011-10-13 12:43:22 +00:00
Maxim Dounin
b713e480ca Better recheck of dead upstream servers.
Previously nginx used to mark backend again as live as soon as fail_timeout
passes (10s by default) since last failure.  On the other hand, detecting
dead backend takes up to 60s (proxy_connect_timeout) in typical situation
"backend is down and doesn't respond to any packets".  This resulted in
suboptimal behaviour in the above situation (up to 23% of requests were
directed to dead backend with default settings).

More detailed description of the problem may be found here (in Russian):
http://mailman.nginx.org/pipermail/nginx-ru/2011-August/042172.html

Fix is to only allow one request after fail_timeout passes, and
mark backend as "live" only if this request succeeds.

Note that with new code backend will not be marked "live" unless "check"
request is completed, and this may take a while in some specific workloads
(e.g. streaming).  This is believed to be acceptable.
2011-10-12 14:22:48 +00:00
Maxim Dounin
72df0f400a Clear old Location header (if any) while adding a new one.
This prevents incorrect behaviour when another redirect is issued within
error_page 302 handler.
2011-10-12 13:28:03 +00:00
Maxim Dounin
8650c1eb24 Wording fix, "many data" is incorrect.
Noted by Piotr Sikora.
2011-10-12 13:24:59 +00:00
Ruslan Ermilov
fc55962698 Fixed two minor bugs in "types" parsing code. 2011-10-12 09:36:21 +00:00
Ruslan Ermilov
b5c3336e3e Fixed grammar in a comment. 2011-10-12 09:34:53 +00:00
Ruslan Ermilov
dce7a0c00f Replaced magic constants representing default values of some directives
with appropriate #define's.
2011-10-12 09:33:43 +00:00
Ruslan Ermilov
51a2423633 Stylistic change in checking the boolean expression. 2011-10-12 09:27:34 +00:00
Igor Sysoev
bfe7be45b8 Preallocating exact number of default MIME types entries. 2011-10-12 09:19:57 +00:00
Ruslan Ermilov
88ca608da1 Fixed configuration summary and manpage contents for the special
--error-log-path=stderr case.
2011-10-12 09:04:59 +00:00
Ruslan Ermilov
c8fdda4c2f Removed old warning that suggested to use "server_name_in_redirect off"
(now the default) in place of no longer supported "server_name *".
2011-10-12 07:20:20 +00:00
Maxim Dounin
b8203e46a0 Additional headers for proxy/fastcgi/uwsgi/scgi_ignore_headers.
Now the following headers may be ignored as well: X-Accel-Limit-Rate,
X-Accel-Buffering, X-Accel-Charset.
2011-10-11 18:10:49 +00:00
Maxim Dounin
012e6b6378 Handling of Content-Encoding set from perl.
This fixes double gzipping in case of gzip filter being enabled while perl
returns already gzipped response.
2011-10-11 18:01:38 +00:00
Maxim Dounin
0f5f4cb180 Fix for socket leak with "aio sendfile" and "limit_rate".
Second aio post happened when timer set by limit_rate expired while we have
aio request in flight, resulting in "second aio post" alert and socket leak.

The patch adds actual protection from aio calls with r->aio already set to
aio sendfile code in ngx_http_copy_filter().  This should fix other cases
as well, e.g. when sending buffered to disk upstream replies while still
talking to upstream.

The ngx_http_writer() is also fixed to handle the above case (though it's
mostly optimization now).

Reported by Oleksandr V. Typlyns'kyi.
2011-10-11 18:00:23 +00:00
Maxim Dounin
b7af402cc4 Fix for connection drops with AIO.
Connections serving content with AIO to fast clients were dropped with
"client timed out" messages after send_timeout from response start.
2011-10-11 17:58:51 +00:00
Maxim Dounin
5cc1fb1d5b Autoindex: escape html in file names. 2011-10-11 17:57:41 +00:00
Maxim Dounin
6226fe3512 Autoindex: escape '?' in file names.
For files with '?' in their names autoindex generated links with '?' not
escaped.  This resulted in effectively truncated links as '?' indicates
query string start.

This is an updated version of the patch originally posted at [1].  It
introduces generic NGX_ESCAPE_URI_COMPONENT which escapes everything but
unreserved characters as per RFC 3986.  This approach also renders unneeded
special colon processing (as colon is percent-encoded now), it's dropped
accordingly.

[1] http://nginx.org/pipermail/nginx-devel/2010-February/000112.html

Reported by Konstantin Leonov.
2011-10-11 17:56:51 +00:00
Maxim Dounin
e3d6c5a33c Improved access log escaping to better protect other software.
Some character sets (notably ISO-8859-1) have C1 control characters in
upper half, make sure to escape them.

Reported by Jesus Olmos Gonzalez.
2011-10-11 17:54:38 +00:00
Igor Sysoev
0d19f020ba Fixing directive name in error message if types hash size is not enough. 2011-10-11 11:11:44 +00:00
Igor Sysoev
840ef3980c Fixing mp4 module seeking on 32-bit platforms. 2011-10-11 10:12:44 +00:00
Ruslan Ermilov
2fdb547f3a Fixed macro name. 2011-10-10 08:38:28 +00:00
Ruslan Ermilov
c94b7e3d94 The reference documentation is moving elsewhere. 2011-10-09 06:49:54 +00:00
Igor Sysoev
94b5460c70 Releasing memory of idle SSL connection. This saves about 34K per SSL
connection. The SSL_MODE_RELEASE_BUFFERS option is available since
OpenSSL 1.0.0d.
2011-10-07 12:15:20 +00:00
Igor Sysoev
95084f7e1c Disabling SSL compression. This saves about 300K per SSL connection.
The SSL_OP_NO_COMPRESSION option is available since OpenSSL 1.0.0.
2011-10-07 10:59:02 +00:00
Igor Sysoev
3f34960fde Version bump. 2011-10-07 10:41:13 +00:00
Ruslan Ermilov
a610127fe3 Improved ngx_parse_time() code readability. 2011-10-07 08:03:16 +00:00
Ruslan Ermilov
6e86fb02d6 Tweaked error messages. 2011-10-07 07:57:24 +00:00
Igor Sysoev
344f4fb74c Adding repository path missed in r4179. 2011-10-06 13:09:00 +00:00
Igor Sysoev
fc35bf6434 release-1.1.5 tag 2011-10-05 14:46:09 +00:00
Igor Sysoev
6ef5a8d298 nginx-1.1.5-RELEASE 2011-10-05 14:44:11 +00:00
Igor Sysoev
290ad9c012 Adding RELEASE procedure in GNUmakefile. 2011-10-05 13:24:32 +00:00
Igor Sysoev
ab0078a4c8 Version bump. 2011-10-05 13:13:25 +00:00
Maxim Dounin
20139ff13a Fixed cache bypass caching of non-cacheable replies (ticket #21).
If cache was bypassed with proxy_cache_bypass, cache-controlling headers
(Cache-Control, Expires) wasn't considered and response was cached even
if it was actually non-cacheable.

Patch by John Ferlito.
2011-10-05 10:14:21 +00:00
Maxim Dounin
3aba768855 Added uwsgi_buffering and scgi_buffering directives.
Patch by Peter Smit.
2011-09-30 11:53:27 +00:00
Igor Sysoev
f3ae6a6102 Using strtod() instead of atofp() to support a lot of digits after dot in
"start" parameter value.
2011-09-30 09:18:28 +00:00
Igor Sysoev
a40e7eed30 Fix of building on platforms with 32-bit off_t. (closed #23) 2011-09-29 15:19:36 +00:00
Maxim Dounin
5cc90f309d Fixed segmentation fault with empty config on Windows.
See here for report:
http://mailman.nginx.org/pipermail/nginx-ru/2011-September/043288.html
2011-09-27 12:07:09 +00:00
Maxim Dounin
554768dabb Fix for "ssl_session_cache builtin" (broken since 1.1.1, r3993). 2011-09-27 12:06:07 +00:00
Maxim Dounin
886c6295ee Better handling of late upstream creation.
Configuration with duplicate upstream blocks defined after first use, i.e.
like

    server {
        ...
        location / {
            proxy_pass http://backend;
        }
    }

    upstream backend { ... }
    upstream backend { ... }

now correctly results in "duplicate upstream" error.

Additionally, upstream blocks defined after first use now handle various
server directive parameters ("weight", "max_fails", etc.).  Previously
configuration like

    server {
        ...
        location / {
            proxy_pass http://backend;
        }
    }

    upstream backend {
        server 127.0.0.1 max_fails=5;
    }

incorrectly resulted in "invalid parameter "max_fails=5"" error.
2011-09-27 11:18:51 +00:00
Maxim Dounin
b16918ed08 Cache: fix for sending of stale responses.
For normal cached responses ngx_http_cache_send() sends last buffer and then
request finalized via ngx_http_finalize_request() call, i.e. everything is
ok.

But for stale responses (i.e. when upstream died, but we have something in
cache) the same ngx_http_cache_send() sends last buffer, but then in
ngx_http_upstream_finalize_request() another last buffer is send.  This
causes duplicate final chunk to appear if chunked encoding is used (and
resulting problems with keepalive connections and so on).

Fix this by not sending in ngx_http_upstream_finalize_request()
another last buffer if we know response was from cache.
2011-09-27 11:17:11 +00:00
Maxim Dounin
84c58a30e6 Cache: fix for sending of empty responses.
Revert wrong fix for empty responses introduced in 0.8.31 and apply new one,
rewritten to match things done by static module as close as possible.
2011-09-27 11:15:35 +00:00
Maxim Dounin
4a3884ae56 Incorrect special case for "return 204" removed.
The special case in question leads to replies without body in
configuration like

    location / { error_page 404 /zero; return 404; }
    location /zero { return 204; }

while replies with empty body are expected per protocol specs.

Correct one will look like

    if (status == NGX_HTTP_NO_CONTENT) {

        rc = ngx_http_send_header(r);

        if (rc == NGX_ERROR || r->header_only) {
            return rc;
        }

        return ngx_http_send_special(r, NGX_HTTP_LAST);
    }

though it looks like it's better to drop this special case at all.
2011-09-27 11:14:02 +00:00
Maxim Dounin
77ca973d11 Fix for "return 202" not discarding body.
Big POST (not fully preread) to a

    location / {
        return 202;
    }

resulted in incorrect behaviour due to "return" code path not calling
ngx_http_discard_request_body().  The same applies to all "return" used
with 2xx/3xx codes except 201 and 204, and to all "return ... text" uses.

Fix is to add ngx_http_discard_request_body() call to ngx_http_send_response()
function where it looks appropriate.  Discard body call from emtpy gif module
removed as it's now redundant.

Reported by Pyry Hakulinen, see
http://mailman.nginx.org/pipermail/nginx/2011-August/028503.html
2011-09-27 11:13:00 +00:00
Maxim Dounin
ad5ef15e08 Fix for double content when return is used in error_page handler.
Test case:

   location / {
       error_page 405 /nope;
       return 405;
   }

   location /nope {
       return 200;
   }

This is expected to return 405 with empty body, but in 0.8.42+ will return
builtin 405 error page as well (though not counted in Content-Length, thus
breaking protocol).

Fix is to use status provided by rewrite script execution in case
it's less than NGX_HTTP_BAD_REQUEST even if r->error_status set.  This
check is in line with one in ngx_http_script_return_code().

Note that this patch also changes behaviour for "return 302 ..." and
"rewrite ... redirect" used as error handler.  E.g.

    location / {
        error_page 405 /redirect;
        return 405;
    }

    location /redirect {
        rewrite ^ http://example.com/;
    }

will actually return redirect to "http://example.com/" instead of builtin 405
error page with meaningless Location header.  This looks like correct change
and it's in line with what happens on e.g. directory redirects in error
handlers.
2011-09-27 11:11:30 +00:00
Maxim Dounin
bfb42ad97c Fix for incorrect 201 replies from dav module.
Replies with 201 code contain body, and we should clearly indicate it's
empty if it's empty.  Before 0.8.32 chunked was explicitly disabled for
201 replies and as a result empty body was indicated by connection close
(not perfect, but worked).  Since 0.8.32 chunked is enabled, and this
causes incorrect responses from dav module when HTTP/1.1 is used: with
"Transfer-Encoding: chunked" but no chunks at all.

Fix is to actually return empty body in special response handler instead
of abusing r->header_only flag.

See here for initial report:
http://mailman.nginx.org/pipermail/nginx-ru/2010-October/037535.html
2011-09-27 11:09:55 +00:00
Maxim Dounin
5c56f20ae7 Proxy: logging levels tuned, double logging fixed. 2011-09-25 20:04:20 +00:00
Maxim Dounin
aa12f3c7f3 Proxy: whitespaces after chunk size allowed.
Whitespaces after chunk size seems to be be allowed by the "implied *LWS" rule
and emitted by some servers.
2011-09-25 20:03:27 +00:00
Maxim Dounin
28b001f897 Upstream: clearing of u->peer.connection on close.
This fixes crashes observed with some 3rd party balancer modules.  Standard
balancer modules (round-robin and ip hash) explicitly set pc->connection
(aka u->peer.connection) to NULL and aren't affected.
2011-09-25 20:00:36 +00:00