nginx.git/src/event, branch release-1.7.8 nginx SSL: logging level of "inappropriate fallback" (ticket #662). 2014-11-17T13:38:48+00:00 Maxim Dounin mdounin@mdounin.ru 2014-11-17T13:38:48+00:00 1fd4cd0b96dfe5e87c652da93737add073fda34b Patch by Erik Dubbelboer. 
Patch by Erik Dubbelboer.
Events: introduced cancelable timers. 2014-08-13T18:45:04+00:00 Valentin Bartenev vbart@nginx.com 2014-08-13T18:45:04+00:00 8b30fb7c9771e24543f7fcc82431a4741f6e9d48 






Events: simplified cycle in ngx_event_expire_timers().
2014-08-25T09:37:06+00:00

Valentin Bartenev
vbart@nginx.com

2014-08-25T09:37:06+00:00

16403bc7b1af41433bfcd1bda4db8216b57e0810












Events: removed broken thread support from event timers.
2014-08-25T09:34:39+00:00

Valentin Bartenev
vbart@nginx.com

2014-08-25T09:34:39+00:00

246152c864a7136cc81abe6d2c5926288748d65c

It's mostly dead code.  And the idea of thread support for this task has
been deprecated.





It's mostly dead code.  And the idea of thread support for this task has
been deprecated.







SSL: simplified ssl_password_file error handling.
2014-10-24T11:28:00+00:00

Sergey Kandaurov
pluknet@nginx.com

2014-10-24T11:28:00+00:00

33f55559408f20e88b11fb45535ce6a6127f676e

Instead of collecting a number of the possible SSL_CTX_use_PrivateKey_file()
error codes that becomes more and more difficult with the rising variety of
OpenSSL versions and its derivatives, just continue with the next password.

Multiple passwords in a single ssl_password_file feature was broken after
recent OpenSSL changes (commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e).

Affected OpenSSL releases: 0.9.8zc, 1.0.0o, 1.0.1j and 1.0.2-beta3.

Reported by Piotr Sikora.





Instead of collecting a number of the possible SSL_CTX_use_PrivateKey_file()
error codes that becomes more and more difficult with the rising variety of
OpenSSL versions and its derivatives, just continue with the next password.

Multiple passwords in a single ssl_password_file feature was broken after
recent OpenSSL changes (commit 4aac102f75b517bdb56b1bcfd0a856052d559f6e).

Affected OpenSSL releases: 0.9.8zc, 1.0.0o, 1.0.1j and 1.0.2-beta3.

Reported by Piotr Sikora.







Upstream: proxy_limit_rate and friends.
2014-10-28T09:29:59+00:00

Roman Arutyunyan
arut@nginx.com

2014-10-28T09:29:59+00:00

18e4d042b04e1ec09d1b74537541b3bb99a75c3f

The directives limit the upstream read rate.  For example,
"proxy_limit_rate 42" limits proxy upstream read rate to
42 bytes per second.





The directives limit the upstream read rate.  For example,
"proxy_limit_rate 42" limits proxy upstream read rate to
42 bytes per second.







Core: added limit to recv_chain().
2014-10-28T09:29:58+00:00

Roman Arutyunyan
arut@nginx.com

2014-10-28T09:29:58+00:00

0989d63f06376ab9434a6449cd316a3c555167d6












Win32: fixed wrong type cast.
2014-10-11T11:56:35+00:00

Kouhei Sutou
kou@cozmixng.org

2014-10-11T11:56:35+00:00

3df66a632a8fae75511b4c96219dd3801f04c737

GetQueuedCompletionStatus() document on MSDN says the
following signature:

    http://msdn.microsoft.com/en-us/library/windows/desktop/aa364986.aspx

    BOOL WINAPI GetQueuedCompletionStatus(
      _In_   HANDLE CompletionPort,
      _Out_  LPDWORD lpNumberOfBytes,
      _Out_  PULONG_PTR lpCompletionKey,
      _Out_  LPOVERLAPPED *lpOverlapped,
      _In_   DWORD dwMilliseconds
    );

In the latest specification, the type of the third argument
(lpCompletionKey) is PULONG_PTR not LPDWORD.





GetQueuedCompletionStatus() document on MSDN says the
following signature:

    http://msdn.microsoft.com/en-us/library/windows/desktop/aa364986.aspx

    BOOL WINAPI GetQueuedCompletionStatus(
      _In_   HANDLE CompletionPort,
      _Out_  LPDWORD lpNumberOfBytes,
      _Out_  PULONG_PTR lpCompletionKey,
      _Out_  LPOVERLAPPED *lpOverlapped,
      _In_   DWORD dwMilliseconds
    );

In the latest specification, the type of the third argument
(lpCompletionKey) is PULONG_PTR not LPDWORD.







SSL: session id context now includes certificate hash.
2014-09-15T13:59:47+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-09-15T13:59:47+00:00

6ec0f4d85b7fa4b74e7c758563b673fc19628411

This prevents inappropriate session reuse in unrelated server{}
blocks, while preserving ability to restore sessions on other servers
when using TLS Session Tickets.

Additionally, session context is now set even if there is no session cache
configured.  This is needed as it's also used for TLS Session Tickets.

Thanks to Antoine Delignat-Lavaud and Piotr Sikora.





This prevents inappropriate session reuse in unrelated server{}
blocks, while preserving ability to restore sessions on other servers
when using TLS Session Tickets.

Additionally, session context is now set even if there is no session cache
configured.  This is needed as it's also used for TLS Session Tickets.

Thanks to Antoine Delignat-Lavaud and Piotr Sikora.







Upstream: limited next_upstream time and tries (ticket #544).
2014-09-12T14:50:47+00:00

Roman Arutyunyan
arut@nginx.com

2014-09-12T14:50:47+00:00

02ce6c415f07ea8d7fa6b59a17ee2f02e77ab66b

The new directives {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_tries
and {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_timeout limit
the number of upstreams tried and the maximum time spent for these tries
when searching for a valid upstream.





The new directives {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_tries
and {proxy,fastcgi,scgi,uwsgi,memcached}_next_upstream_timeout limit
the number of upstreams tried and the maximum time spent for these tries
when searching for a valid upstream.