nginx.git, branch release-1.15.3

nginx-1.15.3-RELEASE

2018-08-28T15:36:00+00:00

Updated OpenSSL used for win32 builds.

2018-08-28T12:05:41+00:00

Upstream: fixed request chain traversal (ticket #1618).

2018-08-24T09:19:37+00:00

The problem does not manifest itself currently, because in case of
non-buffered reading, chain link created by u->create_request method
consists of a single element.

Found by PVS-Studio.

Upstream keepalive: keepalive_requests directive.

2018-08-10T18:54:46+00:00

The directive configures maximum number of requests allowed on
a connection kept in the cache.  Once a connection reaches the number
of requests configured, it is no longer saved to the cache.
The default is 100.

Much like keepalive_requests for client connections, this is mostly
a safeguard to make sure connections are closed periodically and the
memory allocated from the connection pool is freed.

Upstream keepalive: keepalive_timeout directive.

2018-08-10T18:54:23+00:00

The directive configures maximum time a connection can be kept in the
cache.  By configuring a time which is smaller than the corresponding
timeout on the backend side one can avoid the race between closing
a connection by the backend and nginx trying to use the same connection
to send a request at the same time.

Upstream keepalive: comment added.

2018-08-10T18:54:17+00:00

SSL: fixed build with LibreSSL 2.8.0 (ticket #1605).

2018-08-10T17:49:06+00:00

LibreSSL 2.8.0 "added const annotations to many existing APIs from OpenSSL,
making interoperability easier for downstream applications".  This includes
the const change in the SSL_CTX_sess_set_get_cb() callback function (see
9dd43f4ef67e), which breaks compilation.

To fix this, added a condition on how we redefine OPENSSL_VERSION_NUMBER
when working with LibreSSL (see 382fc7069e3a).  With LibreSSL 2.8.0,
we now set OPENSSL_VERSION_NUMBER to 0x1010000fL (OpenSSL 1.1.0), so the
appropriate conditions in the code will use "const" as it happens with
OpenSSL 1.1.0 and later versions.

A link to the error_log directive on nginx.org removed.

2018-08-10T11:15:05+00:00

It makes more harm than good for users and nginx.org
infrastructure.

HTTP/2: workaround for clients which fail on table size updates.

2018-08-09T17:12:17+00:00

There are clients which cannot handle HPACK's dynamic table size updates
as added in 12cadc4669a7 (1.13.6).  Notably, old versions of OkHttp library
are known to fail on it (ticket #1397).

This change makes it possible to work with such clients by only sending
dynamic table size updates in response to SETTINGS_HEADER_TABLE_SIZE.  As
a downside, clients which do not use SETTINGS_HEADER_TABLE_SIZE will
continue to maintain default 4k table.

Skipping spaces in configuration files (ticket #1557).

2018-08-09T09:15:42+00:00

Previously, a chunk of spaces larger than NGX_CONF_BUFFER (4096 bytes)
resulted in the "too long parameter" error during parsing such a
configuration.  This was because the code only set start and start_line
on non-whitespace characters, and hence adjacent whitespace characters
were preserved when reading additional data from the configuration file.
Fix is to always move start and start_line if the last character was
a space.