nginx.git/src/event, branch release-1.7.6 nginx SSL: session id context now includes certificate hash. 2014-09-15T13:59:47+00:00 Maxim Dounin mdounin@mdounin.ru 2014-09-15T13:59:47+00:00 6ec0f4d85b7fa4b74e7c758563b673fc19628411 This prevents inappropriate session reuse in unrelated server{} blocks, while preserving ability to restore sessions on other servers when using TLS Session Tickets. Additionally, session context is now set even if there is no session cache configured. This is needed as it's also used for TLS Session Tickets. Thanks to Antoine Delignat-Lavaud and Piotr Sikora. 
This prevents inappropriate session reuse in unrelated server{}
blocks, while preserving ability to restore sessions on other servers
when using TLS Session Tickets.

Additionally, session context is now set even if there is no session cache
configured.  This is needed as it's also used for TLS Session Tickets.

Thanks to Antoine Delignat-Lavaud and Piotr Sikora.
Upstream: limited next_upstream time and tries (ticket #544). 2014-09-12T14:50:47+00:00 Roman Arutyunyan arut@nginx.com 2014-09-12T14:50:47+00:00 02ce6c415f07ea8d7fa6b59a17ee2f02e77ab66b The new directives {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_tries and {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_timeout limit the number of upstreams tried and the maximum time spent for these tries when searching for a valid upstream. 
The new directives {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_tries
and {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_timeout limit
the number of upstreams tried and the maximum time spent for these tries
when searching for a valid upstream.
SSL: guard use of all SSL options for bug workarounds. 2014-09-03T21:49:55+00:00 Piotr Sikora piotr@cloudflare.com 2014-09-03T21:49:55+00:00 2af7181b3bb5b4bd84ca448f300c6aaf3dff4681 Some of the OpenSSL forks (read: BoringSSL) started removing unused, no longer necessary and/or not really working bug workarounds along with the SSL options and defines for them. Instead of fixing nginx build after each removal, be proactive and guard use of all SSL options for bug workarounds. Signed-off-by: Piotr Sikora <piotr@cloudflare.com> 
Some of the OpenSSL forks (read: BoringSSL) started removing unused,
no longer necessary and/or not really working bug workarounds along
with the SSL options and defines for them.

Instead of fixing nginx build after each removal, be proactive
and guard use of all SSL options for bug workarounds.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
Events: processing of posted events changed from LIFO to FIFO. 2014-09-01T14:20:18+00:00 Valentin Bartenev vbart@nginx.com 2014-09-01T14:20:18+00:00 37d24e7e3be648a6f73bad18dcf53798a7a1aeb0 In theory, this can provide a bit better distribution of latencies. Also it simplifies the code, since ngx_queue_t is now used instead of custom implementation. 
In theory, this can provide a bit better distribution of latencies.

Also it simplifies the code, since ngx_queue_t is now used instead
of custom implementation.
Events: removed broken thread support from posted events. 2014-09-01T14:20:03+00:00 Valentin Bartenev vbart@nginx.com 2014-09-01T14:20:03+00:00 2a81e0556611188a1b9b3e1240a06928dcebc1a2 It's mostly dead code. And the idea of thread support for this task has been deprecated. 
It's mostly dead code.  And the idea of thread support for this task has
been deprecated.
Events: removed unused variable in ngx_poll_process_events(). 2014-08-10T13:44:46+00:00 Maxim Dounin mdounin@mdounin.ru 2014-08-10T13:44:46+00:00 870b962382c2c207e04bd799c19a98ee68b2d441 






Events: format specifier fixes.
2014-08-07T13:04:43+00:00

Yves Crespin
yves.crespin@e-quartz.fr

2014-08-07T13:04:43+00:00

3c0c66c5d868ca4cd2679adf0990f8692be8111b












Events: changed nevents type to unsigned in poll module.
2014-08-07T12:56:57+00:00

Yves Crespin
yves.crespin@e-quartz.fr

2014-08-07T12:56:57+00:00

6a58555ca87a916c9c9956bdc600142485a40aab












SSL: let it build against LibreSSL.
2014-07-30T11:32:16+00:00

Piotr Sikora
piotr@cloudflare.com

2014-07-30T11:32:16+00:00

9ed633b9303d3af2980cf49d145459d2ea888ec7

LibreSSL developers decided that LibreSSL is OpenSSL-2.0.0, so tests
for OpenSSL-1.0.2+ are now passing, even though the library doesn't
provide functions that are expected from that version of OpenSSL.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>





LibreSSL developers decided that LibreSSL is OpenSSL-2.0.0, so tests
for OpenSSL-1.0.2+ are now passing, even though the library doesn't
provide functions that are expected from that version of OpenSSL.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>







SSL: let it build against BoringSSL.
2014-07-30T11:32:15+00:00

Piotr Sikora
piotr@cloudflare.com

2014-07-30T11:32:15+00:00

0dcfca0301d05b3d5d973c5bdcd24acd14bd2a35

This change adds support for using BoringSSL as a drop-in replacement
for OpenSSL without adding support for any of the BoringSSL-specific
features.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>





This change adds support for using BoringSSL as a drop-in replacement
for OpenSSL without adding support for any of the BoringSSL-specific
features.

Signed-off-by: Piotr Sikora <piotr@cloudflare.com>