nginx.git/src/core, branch release-1.23.1 nginx Resolver: fixed memory leak for the "ipv4=off" case. 2022-07-14T17:26:54+00:00 Sergey Kandaurov pluknet@nginx.com 2022-07-14T17:26:54+00:00 14341ce2377d38a268261e0fec65b6915ae6e95e This change partially reverts 2a77754cd9fe to properly free rn->query. Found by Coverity (CID 1507244). 
This change partially reverts 2a77754cd9fe to properly free rn->query.

Found by Coverity (CID 1507244).
The "ipv4=" parameter of the "resolver" directive. 2022-07-12T17:44:02+00:00 Ruslan Ermilov ru@nginx.com 2022-07-12T17:44:02+00:00 5178da4f94fbae1daec2800bc7fd74cd2923c5bd When set to "off", only IPv6 addresses will be resolved, and no A queries are ever sent (ticket #2196). 
When set to "off", only IPv6 addresses will be resolved, and no
A queries are ever sent (ticket #2196).
Version bump. 2022-06-28T23:47:38+00:00 Maxim Dounin mdounin@mdounin.ru 2022-06-28T23:47:38+00:00 225a2c1b4a83d5813140a474716de8c33a9bbc2d 






Resolver: make TCP write timer event cancelable.
2022-06-02T03:17:23+00:00

Aleksei Bavshin
a.bavshin@f5.com

2022-06-02T03:17:23+00:00

f2fcc03d3aa6f0e0a457a994dbc743b5b63ad035

Similar to 70e65bf8dfd7, the change is made to ensure that the ability to
cancel resolver tasks is fully controlled by the caller.  As mentioned in the
referenced commit, it is safe to make this timer cancelable because resolve
tasks can have their own timeouts that are not cancelable.

The scenario where this may become a problem is a periodic background resolve
task (not tied to a specific request or a client connection), which receives a
response with short TTL, large enough to warrant fallback to a TCP query.
With each event loop wakeup, we either have a previously set write timer
instance or schedule a new one.  The non-cancelable write timer can delay or
block graceful shutdown of a worker even if the ngx_resolver_ctx_t->cancelable
flag is set by the API user, and there are no other tasks or connections.

We use the resolver API in this way to maintain the list of upstream server
addresses specified with the 'resolve' parameter, and there could be third-party
modules implementing similar logic.





Similar to 70e65bf8dfd7, the change is made to ensure that the ability to
cancel resolver tasks is fully controlled by the caller.  As mentioned in the
referenced commit, it is safe to make this timer cancelable because resolve
tasks can have their own timeouts that are not cancelable.

The scenario where this may become a problem is a periodic background resolve
task (not tied to a specific request or a client connection), which receives a
response with short TTL, large enough to warrant fallback to a TCP query.
With each event loop wakeup, we either have a previously set write timer
instance or schedule a new one.  The non-cancelable write timer can delay or
block graceful shutdown of a worker even if the ngx_resolver_ctx_t->cancelable
flag is set by the API user, and there are no other tasks or connections.

We use the resolver API in this way to maintain the list of upstream server
addresses specified with the 'resolve' parameter, and there could be third-party
modules implementing similar logic.







FastCGI: combining headers with identical names (ticket #1724).
2022-05-30T18:25:27+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-05-30T18:25:27+00:00

d8a7c653e4b8e842c947c0a550a7bc5a7812058a

FastCGI responder is expected to receive CGI/1.1 environment variables
in the parameters (see section "6.2 Responder" of the FastCGI specification).
Obviously enough, there cannot be multiple environment variables with
the same name.

Further, CGI specification (RFC 3875, section "4.1.18. Protocol-Specific
Meta-Variables") explicitly requires to combine headers: "If multiple
header fields with the same field-name are received then the server MUST
rewrite them as a single value having the same semantics".





FastCGI responder is expected to receive CGI/1.1 environment variables
in the parameters (see section "6.2 Responder" of the FastCGI specification).
Obviously enough, there cannot be multiple environment variables with
the same name.

Further, CGI specification (RFC 3875, section "4.1.18. Protocol-Specific
Meta-Variables") explicitly requires to combine headers: "If multiple
header fields with the same field-name are received then the server MUST
rewrite them as a single value having the same semantics".







Version bump.
2022-05-29T23:37:59+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-05-29T23:37:59+00:00

0c1d3268a6e4f138d2ebf1f859a4a9b1f2777513












HTTP/2: made it possible to flush response headers (ticket #1743).
2022-02-02T22:44:38+00:00

Maxim Dounin
mdounin@mdounin.ru

2022-02-02T22:44:38+00:00

a52433a04c58821fd95591e474d35995292f1090

Response headers can be buffered in the SSL buffer.  But stream's fake
connection buffered flag did not reflect this, so any attempts to flush
the buffer without sending additional data were stopped by the write filter.

It does not seem to be possible to reflect this in fc->buffered though, as
we never known if main connection's c->buffered corresponds to the particular
stream or not.  As such, fc->buffered might prevent request finalization
due to sending data on some other stream.

Fix is to implement handling of flush buffers when the c->need_flush_buf
flag is set, similarly to the existing last buffer handling.  The same
flag is now used for UDP sockets in the stream module instead of explicit
checking of c->type.





Response headers can be buffered in the SSL buffer.  But stream's fake
connection buffered flag did not reflect this, so any attempts to flush
the buffer without sending additional data were stopped by the write filter.

It does not seem to be possible to reflect this in fc->buffered though, as
we never known if main connection's c->buffered corresponds to the particular
stream or not.  As such, fc->buffered might prevent request finalization
due to sending data on some other stream.

Fix is to implement handling of flush buffers when the c->need_flush_buf
flag is set, similarly to the existing last buffer handling.  The same
flag is now used for UDP sockets in the stream module instead of explicit
checking of c->type.







Version bump.
2022-01-27T10:44:09+00:00

Vladimir Homutov
vl@nginx.com

2022-01-27T10:44:09+00:00

9d7491e1069f9802e35c365d1f8b993d9ea00d44












Core: simplify reader lock release.
2022-01-20T01:37:34+00:00

Pavel Pautov
p.pautov@f5.com

2022-01-20T01:37:34+00:00

950390108cbb8431845635176c36466653b05487












Version bump.
2021-12-29T19:59:53+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-12-29T19:59:53+00:00

614726621797f1267c41f8a8e488eeefff8bdf7f