nginx.git/src/core, branch release-1.13.8 nginx Allowed configuration token to start with a variable. 2017-12-21T10:29:40+00:00 Roman Arutyunyan arut@nginx.com 2017-12-21T10:29:40+00:00 0ad556fe59ad132dc4d34dea9e80f2ff2c3c1314 Specifically, it is now allowed to start with a variable expression with braces: ${name}. The opening curly bracket in such a token was previously considered the start of a new block. Variables located anywhere else in a token worked fine: foo${name}. 
Specifically, it is now allowed to start with a variable expression with braces:
${name}.  The opening curly bracket in such a token was previously considered
the start of a new block.  Variables located anywhere else in a token worked
fine: foo${name}.
Retain CAP_NET_RAW capability for transparent proxying. 2017-12-13T17:40:53+00:00 Roman Arutyunyan arut@nginx.com 2017-12-13T17:40:53+00:00 752f66bf7d70fae2bf05fbf5941ff4be52b2b9a5 The capability is retained automatically in unprivileged worker processes after changing UID if transparent proxying is enabled at least once in nginx configuration. The feature is only available in Linux. 
The capability is retained automatically in unprivileged worker processes after
changing UID if transparent proxying is enabled at least once in nginx
configuration.

The feature is only available in Linux.
Fixed "changing binary" when reaper is not init. 2017-11-28T09:00:24+00:00 Ruslan Ermilov ru@nginx.com 2017-11-28T09:00:24+00:00 afad21917584e9b452ba33ce3485edde5615b859 On some systems, it's possible that reaper of orphaned processes is set to something other than "init" process. On such systems, the changing binary procedure did not work. The fix is to check if PPID has changed, instead of assuming it's always 1 for orphaned processes. 
On some systems, it's possible that reaper of orphaned processes is
set to something other than "init" process.  On such systems, the
changing binary procedure did not work.

The fix is to check if PPID has changed, instead of assuming it's
always 1 for orphaned processes.
Version bump. 2017-11-23T13:32:58+00:00 Maxim Dounin mdounin@mdounin.ru 2017-11-23T13:32:58+00:00 3656f2eb6322ebc4214c14bf3e3c47dfc7c13421 






Core: free shared memory zones only after reconfiguration.
2017-10-17T16:52:16+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-10-17T16:52:16+00:00

9cb9ce78b1d81ccdbcd123ccc3dab295b836a174

This is what usually happens for zones no longer used in the new
configuration, but zones where size or tag were changed were freed
when creating new memory zones.  If reconfiguration failed (for
example, due to a conflicting listening socket), this resulted in a
segmentation fault in the master process.

Reported by Zhihua Cao,
http://mailman.nginx.org/pipermail/nginx-devel/2017-October/010536.html.





This is what usually happens for zones no longer used in the new
configuration, but zones where size or tag were changed were freed
when creating new memory zones.  If reconfiguration failed (for
example, due to a conflicting listening socket), this resulted in a
segmentation fault in the master process.

Reported by Zhihua Cao,
http://mailman.nginx.org/pipermail/nginx-devel/2017-October/010536.html.







Fixed type of ngx_conf_t.handler_conf.
2017-10-12T21:32:26+00:00

Ruslan Ermilov
ru@nginx.com

2017-10-12T21:32:26+00:00

77c7875a7b18ccca1ebae1757b9246c9b3b55bf9

The type should have been changed in c9b243802a17 along with
changing ngx_conf_handler_pt.





The type should have been changed in c9b243802a17 along with
changing ngx_conf_handler_pt.







Version bump.
2017-10-11T19:04:11+00:00

Ruslan Ermilov
ru@nginx.com

2017-10-11T19:04:11+00:00

211d20a23021a3d45608c6075a92c73319715620












Fixed build without IPv6, broken by 874171c3c71a.
2017-10-05T13:50:35+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-10-05T13:50:35+00:00

3a2ca34548ab5d260d9d3de710ff652cf00cc0f5












Fixed handling of non-null-terminated unix sockets.
2017-10-04T18:19:38+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-10-04T18:19:38+00:00

cba23f88ec6740b7f8d6a1383254708a91d37625

At least FreeBSD, macOS, NetBSD, and OpenBSD can return unix sockets
with non-null-terminated sun_path.  Additionally, the address may become
non-null-terminated if it does not fit into the buffer provided and was
truncated (may happen on macOS, NetBSD, and Solaris, which allow unix socket
addresess larger than struct sockaddr_un).  As such, ngx_sock_ntop() might
overread the sockaddr provided, as it used "%s" format and thus assumed
null-terminated string.

To fix this, the ngx_strnlen() function was introduced, and it is now used
to calculate correct length of sun_path.





At least FreeBSD, macOS, NetBSD, and OpenBSD can return unix sockets
with non-null-terminated sun_path.  Additionally, the address may become
non-null-terminated if it does not fit into the buffer provided and was
truncated (may happen on macOS, NetBSD, and Solaris, which allow unix socket
addresess larger than struct sockaddr_un).  As such, ngx_sock_ntop() might
overread the sockaddr provided, as it used "%s" format and thus assumed
null-terminated string.

To fix this, the ngx_strnlen() function was introduced, and it is now used
to calculate correct length of sun_path.







Fixed buffer overread with unix sockets after accept().
2017-10-04T18:19:33+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-10-04T18:19:33+00:00

2e1e65a5c0a9f8ba5b7b3ce848176482ba4da654

Some OSes (notably macOS, NetBSD, and Solaris) allow unix socket addresses
larger than struct sockaddr_un.  Moreover, some of them (macOS, Solaris)
return socklen of the socket address before it was truncated to fit the
buffer provided.  As such, on these systems socklen must not be used without
additional check that it is within the buffer provided.

Appropriate checks added to ngx_event_accept() (after accept()),
ngx_event_recvmsg() (after recvmsg()), and ngx_set_inherited_sockets()
(after getsockname()).

We also obtain socket addresses via getsockname() in
ngx_connection_local_sockaddr(), but it does not need any checks as
it is only used for INET and INET6 sockets (as there can be no
wildcard unix sockets).





Some OSes (notably macOS, NetBSD, and Solaris) allow unix socket addresses
larger than struct sockaddr_un.  Moreover, some of them (macOS, Solaris)
return socklen of the socket address before it was truncated to fit the
buffer provided.  As such, on these systems socklen must not be used without
additional check that it is within the buffer provided.

Appropriate checks added to ngx_event_accept() (after accept()),
ngx_event_recvmsg() (after recvmsg()), and ngx_set_inherited_sockets()
(after getsockname()).

We also obtain socket addresses via getsockname() in
ngx_connection_local_sockaddr(), but it does not need any checks as
it is only used for INET and INET6 sockets (as there can be no
wildcard unix sockets).