nginx.git/src/core, branch release-1.21.0 nginx Resolver: explicit check for compression pointers in question. 2021-05-25T12:17:50+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-25T12:17:50+00:00 e860ecce82f1ee9cffb228d29d3ad61375b29aff Since nginx always uses exactly one entry in the question section of a DNS query, and never uses compression pointers in this entry, parsing of a DNS response in ngx_resolver_process_response() does not expect compression pointers to appear in the question section of the DNS response. Indeed, compression pointers in the first name of a DNS response hardly make sense, do not seem to be allowed by RFC 1035 (which says "a pointer to a prior occurance of the same name", note "prior"), and were never observed in practice. Added an explicit check to ngx_resolver_process_response()'s parsing of the question section to properly report an error if compression pointers nevertheless appear in the question section. 
Since nginx always uses exactly one entry in the question section of
a DNS query, and never uses compression pointers in this entry, parsing
of a DNS response in ngx_resolver_process_response() does not expect
compression pointers to appear in the question section of the DNS
response.  Indeed, compression pointers in the first name of a DNS response
hardly make sense, do not seem to be allowed by RFC 1035 (which says
"a pointer to a prior occurance of the same name", note "prior"), and
were never observed in practice.

Added an explicit check to ngx_resolver_process_response()'s parsing
of the question section to properly report an error if compression pointers
nevertheless appear in the question section.
Resolver: simplified ngx_resolver_copy(). 2021-05-25T12:17:45+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-25T12:17:45+00:00 f85d7016949b34119b5f4c53ddbfac4f199b4343 Instead of checking on each label if we need to place a dot or not, now it always adds a dot after a label, and reduces the resulting length afterwards. 
Instead of checking on each label if we need to place a dot or not,
now it always adds a dot after a label, and reduces the resulting
length afterwards.
Resolver: reworked ngx_resolver_copy() copy loop. 2021-05-25T12:17:43+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-25T12:17:43+00:00 f1dd1d50e090b32a765295daea5f167f1077d706 To make the code easier to read, reworked the ngx_resolver_copy() copy loop to match the one used to calculate length. No functional changes. 
To make the code easier to read, reworked the ngx_resolver_copy()
copy loop to match the one used to calculate length.  No functional
changes.
Resolver: fixed label types handling in ngx_resolver_copy(). 2021-05-25T12:17:41+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-25T12:17:41+00:00 bbd403a7ab3810fe82ecd1d6ebca9fc34d68126a Previously, anything with any of the two high bits set were interpreted as compression pointers. This is incorrect, as RFC 1035 clearly states that "The 10 and 01 combinations are reserved for future use". Further, the 01 combination is actually allocated for EDNS extended label type (see RFC 2671 and RFC 6891), not really used though. Fix is to reject unrecognized label types rather than misinterpreting them as compression pointers. 
Previously, anything with any of the two high bits set were interpreted
as compression pointers.  This is incorrect, as RFC 1035 clearly states
that "The 10 and 01 combinations are reserved for future use".  Further,
the 01 combination is actually allocated for EDNS extended label type
(see RFC 2671 and RFC 6891), not really used though.

Fix is to reject unrecognized label types rather than misinterpreting
them as compression pointers.
Resolver: fixed off-by-one read in ngx_resolver_copy(). 2021-05-25T12:17:38+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-25T12:17:38+00:00 077a890a76fff4f071776184aed881b5f314c98a It is believed to be harmless, and in the worst case it uses some uninitialized memory as a part of the compression pointer length, eventually leading to the "name is out of DNS response" error. 
It is believed to be harmless, and in the worst case it uses some
uninitialized memory as a part of the compression pointer length,
eventually leading to the "name is out of DNS response" error.
Resolver: fixed off-by-one write in ngx_resolver_copy(). 2021-05-25T12:17:36+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-25T12:17:36+00:00 9f1dcb0c0473641730b871dee984016ff19d2c53 Reported by Luis Merino, Markus Vervier, Eric Sesterhenn, X41 D-Sec GmbH. 
Reported by Luis Merino, Markus Vervier, Eric Sesterhenn, X41 D-Sec GmbH.
Core: fixed comment about msie_refresh escaping. 2021-05-19T13:24:13+00:00 Ruslan Ermilov ru@nginx.com 2021-05-19T13:24:13+00:00 6029e211c63895c44a942bacc32c6d2f565cc3e3 After 12a656452ad1, the "%" character is no longer escaped by ngx_escape_uri(NGX_ESCAPE_REFRESH). 
After 12a656452ad1, the "%" character is no longer escaped by
ngx_escape_uri(NGX_ESCAPE_REFRESH).
Version bump. 2021-04-21T20:24:48+00:00 Maxim Dounin mdounin@mdounin.ru 2021-04-21T20:24:48+00:00 ead9ab09255042559c5568cb5959a487fbef2fab 






Introduced the "keepalive_time" directive.
2021-04-07T21:15:48+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-04-07T21:15:48+00:00

d9996d6f27150bfb9c9c00d77fac940712aa1d28

Similar to lingering_time, it limits total connection lifetime before
keepalive is switched off.  The default is 1 hour, which is close to
the total maximum connection lifetime possible with default
keepalive_requests and keepalive_timeout.





Similar to lingering_time, it limits total connection lifetime before
keepalive is switched off.  The default is 1 hour, which is close to
the total maximum connection lifetime possible with default
keepalive_requests and keepalive_timeout.







Version bump.
2021-04-05T01:03:10+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-04-05T01:03:10+00:00

d23f77b028d6fa1943c0837e0e6d1684a45fc666