nginx.git/src/event, branch release-1.29.7 nginx Upstream: added sticky sessions support for upstreams. 2026-03-09T17:08:30+00:00 Vladimir Homutov vl@nginx.com 2013-04-02T21:44:36+00:00 104734f21888cfec6994e092073f51a0d4b0fb47 Sticky sessions allow to route the same client to the same upstream server. - upstream structures are extended to keep session-related information - existing balancing modules are updated to provide an id of the selected server (SID) in pc->sid, and to select the server, given it's SID. - other balancing modules are allowed to set the pc->hint value to choose the desired peer. The sticky module will not change the hint if it's already set. - the feature is enabled by default and can be disabled with the "--without-http_upstream_sticky" switch of the configure script. The following configuration can be used to enable sticky sessions for supported balancing modules: upstream u1 { server 127.0.0.1:8080; server 127.0.0.1:8081; sticky cookie server_id expires=1h domain=.example.com path=/; } Co-authored-by: Ruslan Ermilov <ru@nginx.com> Co-authored-by: Roman Arutyunyan <arut@nginx.com> Co-authored-by: Maxim Dounin <mdounin@mdounin.ru> 
Sticky sessions allow to route the same client to the same upstream server.

- upstream structures are extended to keep session-related information

- existing balancing modules are updated to provide an id of the selected
  server (SID) in pc->sid, and to select the server, given it's SID.

- other balancing modules are allowed to set the pc->hint value to choose
  the desired peer.  The sticky module will not change the hint if it's
  already set.

- the feature is enabled by default and can be disabled with the
  "--without-http_upstream_sticky" switch of the configure script.

The following configuration can be used to enable sticky sessions for
supported balancing modules:

    upstream u1 {
        server 127.0.0.1:8080;
        server 127.0.0.1:8081;

        sticky cookie server_id expires=1h domain=.example.com path=/;
    }

Co-authored-by: Ruslan Ermilov <ru@nginx.com>
Co-authored-by: Roman Arutyunyan <arut@nginx.com>
Co-authored-by: Maxim Dounin <mdounin@mdounin.ru>
QUIC: improved error handling in OpenSSL compat layer. 2026-02-27T15:35:04+00:00 user.email 123011167+lukefr09@users.noreply.github.com 2026-02-24T01:33:57+00:00 c67bf9415fca91434f047d6113435e4cc699c859 Previously ngx_quic_compat_create_record() could try to encrypt a TLS record even if encryption context was missing, which resulted in a NULL pointer dereference. The context is created by ngx_quic_compat_set_encryption_secret() called from the OpenSSL keylog callback. If an error occurred in that function, the context could remain missing. This could happen under memory pressure, if an allocation failed inside this function. The fix is to handle errors from ngx_quic_compat_set_encryption_secret() and set qc->error to trigger an error after SSL_do_handshake() return. Also, a check for context is added to ngx_quic_compat_create_record() to avoid other similar issues. 
Previously ngx_quic_compat_create_record() could try to encrypt a TLS
record even if encryption context was missing, which resulted in a NULL
pointer dereference.

The context is created by ngx_quic_compat_set_encryption_secret() called
from the OpenSSL keylog callback.  If an error occurred in that function,
the context could remain missing.  This could happen under memory pressure,
if an allocation failed inside this function.

The fix is to handle errors from ngx_quic_compat_set_encryption_secret()
and set qc->error to trigger an error after SSL_do_handshake() return.
Also, a check for context is added to ngx_quic_compat_create_record()
to avoid other similar issues.
QUIC: worker-bound stateless reset tokens. 2026-02-27T15:30:02+00:00 Roman Arutyunyan arut@nginx.com 2026-02-26T14:36:52+00:00 f72c7453f95143cd413dbc01d1ae9a28c67b39de Previously, it was possible to obtain a stateless reset token for a connection by routing its packet to a wrong worker. This allowed to terminate the connection. The fix is to bind stateless reset token to the worker number. 
Previously, it was possible to obtain a stateless reset token for a
connection by routing its packet to a wrong worker.  This allowed to
terminate the connection.

The fix is to bind stateless reset token to the worker number.
QUIC: fixed bpf compilation with newer Linux kernels. 2026-02-26T16:43:03+00:00 Roman Arutyunyan arut@nginx.com 2024-09-24T10:53:45+00:00 c4d3aed8c7e67e57da60940d1a19fe3c45a9433a QUIC bpf program previously used struct bpf_map_def which was deprecated in [1] (kernel version 5.18) and removed in [2] (kernel 6.1). New-style BTF map definitions were added in [3] (linux kernel 5.3). Switching the program to BTF is however not necessary since nginx has its own relocation procedure which allows referencing the real map structure by its file descriptor allocated earlier. In particular, bpf instruction BPF_LD_IMM64 (0x18/0x0) is substituted with instruction BPF_LD_MAP_FD (0x18/0x1) and map_fd is stored in the imm field, see [4] and [5] for details. To fix compilation, struct bpf_map_def is changed to a known type (int) and "extern" is added to indicate external linkage and reduce object file size. [1] https://github.com/torvalds/linux/commit/93b8952d223af03c51fba0c6258173d2ffbd2cb7 [2] https://github.com/torvalds/linux/commit/dc567045f1590f6460d3e9a6ea6ad5e600b58b84 [3] https://github.com/torvalds/linux/commit/abd29c9314595b1ee5ec6c61d7c49a497ffb30a3 [4] https://github.com/torvalds/linux/blob/master/include/linux/filter.h [5] https://datatracker.ietf.org/doc/rfc9669/ 
QUIC bpf program previously used struct bpf_map_def which was
deprecated in [1] (kernel version 5.18) and removed in [2] (kernel 6.1).
New-style BTF map definitions were added in [3] (linux kernel 5.3).

Switching the program to BTF is however not necessary since nginx has
its own relocation procedure which allows referencing the real map
structure by its file descriptor allocated earlier.  In particular,
bpf instruction BPF_LD_IMM64 (0x18/0x0) is substituted with instruction
BPF_LD_MAP_FD (0x18/0x1) and map_fd is stored in the imm field, see [4]
and [5] for details.

To fix compilation, struct bpf_map_def is changed to a known type (int)
and "extern" is added to indicate external linkage and reduce object
file size.

[1] https://github.com/torvalds/linux/commit/93b8952d223af03c51fba0c6258173d2ffbd2cb7
[2] https://github.com/torvalds/linux/commit/dc567045f1590f6460d3e9a6ea6ad5e600b58b84
[3] https://github.com/torvalds/linux/commit/abd29c9314595b1ee5ec6c61d7c49a497ffb30a3
[4] https://github.com/torvalds/linux/blob/master/include/linux/filter.h
[5] https://datatracker.ietf.org/doc/rfc9669/
QUIC: Stateless Reset rate limiting. 2026-02-26T14:05:07+00:00 Sergey Kandaurov pluknet@nginx.com 2026-02-25T17:09:21+00:00 e6ffe8384ebf1972faac9b031b9ff6182e79cfd6 It uses a bloom filter to limit sending Stateless Reset packets no more than once per second in average for the given address. This allows to address resource asymmetry from precomputed packets, as well as to limit potential Stateless Reset exchange. 
It uses a bloom filter to limit sending Stateless Reset packets no more
than once per second in average for the given address.  This allows to
address resource asymmetry from precomputed packets, as well as to limit
potential Stateless Reset exchange.
QUIC: refactored ngx_quic_address_hash(). 2026-02-26T14:05:07+00:00 Sergey Kandaurov pluknet@nginx.com 2026-02-25T17:07:01+00:00 2f039e6f7233c7fd9ab88888642410352572c089 Now it accepts an optional salt, to be used in a subsequent change. 
Now it accepts an optional salt, to be used in a subsequent change.
QUIC: moved ngx_quic_address_hash(). 2026-02-26T14:05:07+00:00 Sergey Kandaurov pluknet@nginx.com 2026-02-20T15:01:20+00:00 578c91818f1d68797323d6029e17a441a7438506 






QUIC: limited size of generated Stateless Reset packets.
2026-02-26T14:05:07+00:00

Sergey Kandaurov
pluknet@nginx.com

2026-02-20T14:52:56+00:00

4037746c8058cc8b02295e1a4f6f1c1db38b772e

Made sure to send packets smaller than the triggering packet,
following RFC 9000, Section 10.3.3.

Reported-by: cyberspace61





Made sure to send packets smaller than the triggering packet,
following RFC 9000, Section 10.3.3.

Reported-by: cyberspace61







QUIC: adjusted minimum packet size to send Stateless Reset.
2026-02-26T14:05:07+00:00

Sergey Kandaurov
pluknet@nginx.com

2026-02-20T14:59:06+00:00

2c7252dcad9f10e9a5ad39f7bfdf1ef86a307528

Now to be valid, it also assumes the Connection ID we require from a client.





Now to be valid, it also assumes the Connection ID we require from a client.







SSL: logging level of the "ech_required" TLS alert.
2025-12-17T09:49:06+00:00

Roman Arutyunyan
arut@nginx.com

2025-12-16T13:53:12+00:00

0609736a92a72d269119c5bab1e518c4d9fb54da

The alert is send by a client after its ECH configuration was rejected by
a server.





The alert is send by a client after its ECH configuration was rejected by
a server.