mirror
/
nginx
mirror of https://github.com/nginx/nginx
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
4,911 Commits 22 Branches 577 Tags 108 MiB
Commit Graph

4911 Commits

Author SHA1 Message Date
Maxim Dounin 53730bfa37 release-1.6.3 tag 2015-04-07 18:57:56 +03:00
Maxim Dounin b55d3bba57 nginx-1.6.3 changes fix 2015-04-07 18:51:37 +03:00
Maxim Dounin fcec8f84d5 release-1.6.3 tag 2015-04-07 17:58:54 +03:00
Maxim Dounin 00ae644456 nginx-1.6.3-RELEASE 2015-04-07 17:58:54 +03:00
Maxim Dounin fc1b41ded9 Updated OpenSSL used for win32 builds. 2015-03-23 02:44:41 +03:00
Ruslan Ermilov 405b7f3429 Overflow detection in ngx_http_parse_chunked(). 2015-03-17 00:26:27 +03:00
Ruslan Ermilov dabbd1f6a6 Overflow detection in ngx_http_range_parse(). 2015-03-17 00:26:24 +03:00
Ruslan Ermilov 166a3a13a4 Overflow detection in ngx_inet_addr(). 2015-03-17 00:26:22 +03:00
Ruslan Ermilov 7523e71888 Core: overflow detection in ngx_parse_time() (ticket #732). 2015-03-17 00:26:20 +03:00
Ruslan Ermilov ea13aadd30 Refactored ngx_parse_time(). 
No functional changes.
 2015-03-17 00:26:18 +03:00
Ruslan Ermilov d5d9d70920 Core: overflow detection in number parsing functions. 2015-03-17 00:26:15 +03:00
Ruslan Ermilov 44a2b97bd2 Core: expose maximum values of time_t and ngx_int_t. 
These are needed to detect overflows.
 2015-03-17 00:24:34 +03:00
Maxim Dounin 0071fbb9e6 Core: fixed potential buffer overrun when initializing hash. 
Initial size as calculated from the number of elements may be bigger
than max_size.  If this happens, make sure to set size to max_size.

Reported by Chris West.
 2015-02-24 18:37:14 +03:00
Roman Arutyunyan 06d72320ff Core: fixed a race resulting in extra sem_post()'s. 
The mtx->wait counter was not decremented if we were able to obtain the lock
right after incrementing it.  This resulted in unneeded sem_post() calls,
eventually leading to EOVERFLOW errors being logged, "sem_post() failed
while wake shmtx (75: Value too large for defined data type)".

To close the race, mtx->wait is now decremented if we obtain the lock right
after incrementing it in ngx_shmtx_lock().  The result can become -1 if a
concurrent ngx_shmtx_unlock() decrements mtx->wait before the added code does.
However, that only leads to one extra iteration in the next call of
ngx_shmtx_lock().
 2015-02-04 16:22:43 +03:00
Maxim Dounin cb451bd6a4 Fixed post_action to not trigger "header already sent" alert. 
The alert was introduced in 03ff14058272 (1.5.4), and was triggered on each
post_action invocation.

There is no real need to call header filters in case of post_action,
so return NGX_OK from ngx_http_send_header() if r->post_action is set.
 2014-11-28 16:57:50 +03:00
Valentin Bartenev 4dafec8d51 SPDY: push pending data while closing a stream as with keepalive. 
This helps to avoid delays in sending the last chunk of data because
of bad interaction between Nagle's algorithm on nginx side and
delayed ACK on the client side.

Delays could also be caused by TCP_CORK/TCP_NOPUSH if SPDY was
working without SSL and sendfile() was used.
 2014-11-21 22:51:49 +03:00
Ruslan Ermilov 1f9564223b Resolver: fixed use-after-free memory access. 
In 954867a2f0a6, we switched to using resolver node as the
timer event data, so make sure we do not free resolver node
memory until the corresponding timer is deleted.
 2014-11-20 15:24:40 +03:00
Maxim Dounin de557628d3 SSL: logging level of "inappropriate fallback" (ticket #662). 
Patch by Erik Dubbelboer.
 2014-11-17 16:38:48 +03:00
Maxim Dounin e875df1842 Fixed possible buffer overrun in "too long header line" logging. 
Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.

Reported by Daniil Bondarev.
 2014-10-08 17:16:04 +04:00
Yichun Zhang 662ae6da6b Core: fixed buffer overrun when hash max_size reached. 2014-10-02 12:00:17 -07:00
Maxim Dounin 55b299d72d Version bump. 2015-04-06 18:54:19 +03:00
Maxim Dounin 926a736954 release-1.6.2 tag 2014-09-16 16:23:19 +04:00
Maxim Dounin f08055a847 nginx-1.6.2-RELEASE 2014-09-16 16:23:18 +04:00
Maxim Dounin 21e21b5b4a Updated OpenSSL used for win32 builds. 2014-09-15 18:03:49 +04:00
Maxim Dounin 1c5943c21f SSL: session id context now includes certificate hash. 
This prevents inappropriate session reuse in unrelated server{}
blocks, while preserving ability to restore sessions on other servers
when using TLS Session Tickets.

Additionally, session context is now set even if there is no session cache
configured.  This is needed as it's also used for TLS Session Tickets.

Thanks to Antoine Delignat-Lavaud and Piotr Sikora.
 2014-09-15 17:59:47 +04:00
Ruslan Ermilov 20f0527892 Resolver: notify all waiting requests on timeout. 
If a "resolver_timeout" occurs, only the first waiting request
was notified.  Other requests may hang forever.
 2014-08-19 15:43:26 +04:00
Ruslan Ermilov 5247433fa5 Resolver: fixed resend on malformed responses. 
DNS request resend on malformed responses was broken in 98876ce2a7fd (1.5.8).

Reported by Pramod Korathota.
 2014-07-16 10:21:28 +04:00
Maxim Dounin b1f68bb4ca Version bump. 2014-09-15 23:39:21 +04:00
Maxim Dounin 29e59e07dd release-1.6.1 tag 2014-08-05 15:18:34 +04:00
Maxim Dounin ed77182312 nginx-1.6.1-RELEASE 2014-08-05 15:18:34 +04:00
Maxim Dounin fbd2c82731 Mail: discard pipelined commands after SMTP STARTTLS. 
The bug had appeared in nginx 1.5.6 (04e43d03e153).

Reported by Chris Boulton.
 2014-08-05 12:22:07 +04:00
Maxim Dounin 069b7d9fb2 Reset of r->uri.len on URI parsing errors. 
This ensures that debug logging and the $uri variable (if used in
400 Bad Request processing) will not try to access uninitialized
memory.

Found by Sergey Bobrov.
 2014-07-18 20:02:11 +04:00
Maxim Dounin 274ff8196f Updated PCRE used for win32 builds. 2014-07-04 22:34:03 +04:00
Maxim Dounin f0c7d3b1ed Updated OpenSSL used for win32 builds. 2014-06-17 11:38:55 +04:00
Maxim Dounin f96771ab05 Mail: added a check for the number of arguments in MAIL/RCPT. 
Missed during introduction of the SMTP pipelining support (04e43d03e153,
1.5.6).  Previously, the check wasn't needed as s->buffer was used directly
and the number of arguments didn't matter.

Reported by Svyatoslav Nikolsky.
 2014-05-21 21:56:20 +04:00
Maxim Dounin 262e495316 Version bump. 2014-08-05 12:20:22 +04:00
Maxim Dounin af7ddb8fa8 release-1.6.0 tag 2014-04-24 16:52:24 +04:00
Maxim Dounin 20b12c129b nginx-1.6.0-RELEASE 2014-04-24 16:52:24 +04:00
Maxim Konovalov 3d7f4052e9 Missed comma fixed. A couple of Latin symbols plugged into 
Russian text changed to Russian counterparts.
 2014-04-23 16:00:59 +00:00
Maxim Dounin 958841e7d9 Version bump. 2014-04-18 20:10:42 +04:00
Maxim Dounin 515da31d88 stable-1.6 branch 2014-04-18 20:08:47 +04:00
Valentin Bartenev c69cabed1d SPDY: fixed typo in log message. 2014-04-16 11:40:42 +04:00
Valentin Bartenev 013449be01 Fixed missing "static" in declaration of ngx_http_gzip_quantity(). 2014-04-16 11:40:38 +04:00
Valentin Bartenev 7da40e6a99 SPDY: moved a variable initialization near to its check. 
This should prevent attempts of using pointer before it was checked, since
all modern compilers are able to spot access to uninitialized variable.

No functional changes.
 2014-04-09 18:15:32 +04:00
Valentin Bartenev 5d3f84e4e1 SPDY: fixed arguments supplied for an error message. 2014-04-08 20:12:30 +04:00
Valentin Bartenev 644a43ebd2 Version bump. 2014-04-08 20:11:31 +04:00
Maxim Dounin 622da8a825 release-1.5.13 tag 2014-04-08 18:15:22 +04:00
Maxim Dounin 3db1d1a39a nginx-1.5.13-RELEASE 2014-04-08 18:15:21 +04:00
Maxim Dounin 102e442f04 Updated OpenSSL used for win32 builds. 2014-04-08 17:48:03 +04:00
Valentin Bartenev 5cf11ab2e0 SPDY: avoid creating flush frames. 
Previously, an empty frame object was created for an output chain that contains
only sync or flush empty buffers.  But since 39d7eef2e332 every DATA frame has
the flush flag set on its last buffer, so there's no need any more in additional
flush buffers in the output queue and they can be skipped.

Note that such flush frames caused an incorrect $body_bytes_sent value.
 2014-04-07 23:35:33 +04:00