nginx.git, branch release-1.21.0

nginx-1.21.0-RELEASE

2021-05-25T12:28:55+00:00

Resolver: explicit check for compression pointers in question.

2021-05-25T12:17:50+00:00

Since nginx always uses exactly one entry in the question section of
a DNS query, and never uses compression pointers in this entry, parsing
of a DNS response in ngx_resolver_process_response() does not expect
compression pointers to appear in the question section of the DNS
response.  Indeed, compression pointers in the first name of a DNS response
hardly make sense, do not seem to be allowed by RFC 1035 (which says
"a pointer to a prior occurance of the same name", note "prior"), and
were never observed in practice.

Added an explicit check to ngx_resolver_process_response()'s parsing
of the question section to properly report an error if compression pointers
nevertheless appear in the question section.

Resolver: simplified ngx_resolver_copy().

2021-05-25T12:17:45+00:00

Instead of checking on each label if we need to place a dot or not,
now it always adds a dot after a label, and reduces the resulting
length afterwards.

Resolver: reworked ngx_resolver_copy() copy loop.

2021-05-25T12:17:43+00:00

To make the code easier to read, reworked the ngx_resolver_copy()
copy loop to match the one used to calculate length.  No functional
changes.

Resolver: fixed label types handling in ngx_resolver_copy().

2021-05-25T12:17:41+00:00

Previously, anything with any of the two high bits set were interpreted
as compression pointers.  This is incorrect, as RFC 1035 clearly states
that "The 10 and 01 combinations are reserved for future use".  Further,
the 01 combination is actually allocated for EDNS extended label type
(see RFC 2671 and RFC 6891), not really used though.

Fix is to reject unrecognized label types rather than misinterpreting
them as compression pointers.

Resolver: fixed off-by-one read in ngx_resolver_copy().

2021-05-25T12:17:38+00:00

It is believed to be harmless, and in the worst case it uses some
uninitialized memory as a part of the compression pointer length,
eventually leading to the "name is out of DNS response" error.

Resolver: fixed off-by-one write in ngx_resolver_copy().

2021-05-25T12:17:36+00:00

Reported by Luis Merino, Markus Vervier, Eric Sesterhenn, X41 D-Sec GmbH.

Location header escaping in redirects (ticket #882).

2021-05-24T18:55:20+00:00

The header is escaped in redirects based on request URI or
location name (auto redirect).

Fixed log action when using SSL certificates with variables.

2021-05-24T15:23:42+00:00

When variables are used in ssl_certificate or ssl_certificate_key, a request
is created in the certificate callback to evaluate the variables, and then
freed.  Freeing it, however, updates c->log->action to "closing request",
resulting in confusing error messages like "client timed out ... while
closing request" when a client times out during the SSL handshake.

Fix is to restore c->log->action after calling ngx_http_free_request().

Stream: the "fastopen" parameter of the "listen" directive.

2021-05-20T16:59:16+00:00

Based on a patch by Anbang Wen.