nginx.git/src/event, branch release-1.6.3 nginx SSL: logging level of "inappropriate fallback" (ticket #662). 2014-11-17T13:38:48+00:00 Maxim Dounin mdounin@mdounin.ru 2014-11-17T13:38:48+00:00 de557628d3518ec016787fae7036e430ba2f4874 Patch by Erik Dubbelboer. 
Patch by Erik Dubbelboer.
SSL: session id context now includes certificate hash. 2014-09-15T13:59:47+00:00 Maxim Dounin mdounin@mdounin.ru 2014-09-15T13:59:47+00:00 1c5943c21f4e54a0ffbd6ff4c9fdfe3a0bea8ca9 This prevents inappropriate session reuse in unrelated server{} blocks, while preserving ability to restore sessions on other servers when using TLS Session Tickets. Additionally, session context is now set even if there is no session cache configured. This is needed as it's also used for TLS Session Tickets. Thanks to Antoine Delignat-Lavaud and Piotr Sikora. 
This prevents inappropriate session reuse in unrelated server{}
blocks, while preserving ability to restore sessions on other servers
when using TLS Session Tickets.

Additionally, session context is now set even if there is no session cache
configured.  This is needed as it's also used for TLS Session Tickets.

Thanks to Antoine Delignat-Lavaud and Piotr Sikora.
Win32: fixed shared ssl_session_cache (ticket #528). 2014-04-07T14:55:57+00:00 Maxim Dounin mdounin@mdounin.ru 2014-04-07T14:55:57+00:00 55bef3047488310e0c8474afa5158190d8040576 In a worker process shm_zone->data was set to NULL instead of a proper value extracted from shared memory. 
In a worker process shm_zone->data was set to NULL instead of a proper value
extracted from shared memory.
Core: slab log_nomem flag. 2014-03-31T17:38:30+00:00 Maxim Dounin mdounin@mdounin.ru 2014-03-31T17:38:30+00:00 23f66898463308fdc70ab2659273fb9804f29370 The flag allows to suppress "ngx_slab_alloc() failed: no memory" messages from a slab allocator, e.g., if an LRU expiration is used by a consumer and allocation failures aren't fatal. The flag is now used in the SSL session cache code, and in the limit_req module. 
The flag allows to suppress "ngx_slab_alloc() failed: no memory" messages
from a slab allocator, e.g., if an LRU expiration is used by a consumer
and allocation failures aren't fatal.

The flag is now used in the SSL session cache code, and in the limit_req
module.
Fixed format specifier in logging of "c->number". 2014-03-06T14:25:59+00:00 Sergey Kandaurov pluknet@nginx.com 2014-03-06T14:25:59+00:00 bd3516e8d98815a540ff65451889f6a2a0991c71 






SSL: the $ssl_session_reused variable.
2014-02-11T15:20:25+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-02-11T15:20:25+00:00

381d5074677ff2b5eb27ed627d4772f51795f3e2












SSL: fixed $ssl_session_id possible segfault after 97e3769637a7.
2014-01-23T14:32:26+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-01-23T14:32:26+00:00

1ebb44e3e3dcc7e321819a54915e9eff2aa1aa81

Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation.  As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9).  The check added returns an empty
string if there is no session available.





Even during execution of a request it is possible that there will be
no session available, notably in case of renegotiation.  As a result
logging of $ssl_session_id in some cases caused NULL pointer dereference
after revision 97e3769637a7 (1.5.9).  The check added returns an empty
string if there is no session available.







SSL: fixed $ssl_session_id variable.
2014-01-22T12:05:06+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-01-22T12:05:06+00:00

096bcd03c30280778178fd3698afd56a8e3938e5

Previously, it used to contain full session serialized instead of just
a session id, making it almost impossible to use the variable in a safe
way.

Thanks to Ivan Ristić.





Previously, it used to contain full session serialized instead of just
a session id, making it almost impossible to use the variable in a safe
way.

Thanks to Ivan Ristić.







SSL: ssl_buffer_size directive.
2013-12-20T12:18:25+00:00

Maxim Dounin
mdounin@mdounin.ru

2013-12-20T12:18:25+00:00

37b7de6df74b29153b4bfd0da5bef28fb4dbda77












Resolver: implemented IPv6 name to address resolving.
2013-12-09T06:53:28+00:00

Ruslan Ermilov
ru@nginx.com

2013-12-09T06:53:28+00:00

769eded73267274e018f460dd76b417538aa5934