nginx.git/src/http/modules, branch release-1.13.5 nginx Secure link: fixed stack buffer overflow. 2017-08-22T18:22:59+00:00 Roman Arutyunyan arut@nginx.com 2017-08-22T18:22:59+00:00 418124e21983aa53db4d99b7fd2eb0eee7ab4be0 When secure link checksum has length of 23 or 24 bytes, decoded base64 value could occupy 17 or 18 bytes which is more than 16 bytes previously allocated for it on stack. The buffer overflow does not have any security implications since only one local variable was corrupted and this variable was not used in this case. The fix is to increase buffer size up to 18 bytes. Useless buffer size initialization is removed as well. 
When secure link checksum has length of 23 or 24 bytes, decoded base64 value
could occupy 17 or 18 bytes which is more than 16 bytes previously allocated
for it on stack.  The buffer overflow does not have any security implications
since only one local variable was corrupted and this variable was not used in
this case.

The fix is to increase buffer size up to 18 bytes.  Useless buffer size
initialization is removed as well.
SSL: the $ssl_client_escaped_cert variable (ticket #857). 2017-08-22T12:18:10+00:00 Maxim Dounin mdounin@mdounin.ru 2017-08-22T12:18:10+00:00 50a0f25c60bcc0fb46efcab00985c200c08c2b2f This variable contains URL-encoded client SSL certificate. In contrast to $ssl_client_cert, it doesn't depend on deprecated header continuation. The NGX_ESCAPE_URI_COMPONENT variant of encoding is used, so the resulting variable can be safely used not only in headers, but also as a request argument. The $ssl_client_cert variable should be considered deprecated now. The $ssl_client_raw_cert variable will be eventually renambed back to $ssl_client_cert. 
This variable contains URL-encoded client SSL certificate.  In contrast
to $ssl_client_cert, it doesn't depend on deprecated header continuation.
The NGX_ESCAPE_URI_COMPONENT variant of encoding is used, so the resulting
variable can be safely used not only in headers, but also as a request
argument.

The $ssl_client_cert variable should be considered deprecated now.
The $ssl_client_raw_cert variable will be eventually renambed back
to $ssl_client_cert.
Range filter: changed type for total length to off_t. 2017-08-10T19:21:23+00:00 Maxim Dounin mdounin@mdounin.ru 2017-08-10T19:21:23+00:00 008e9caa2a5b784d337422f1dc4290edfb9cc640 Total length of a response with multiple ranges can be larger than a size_t variable can hold, so type changed to off_t. Previously, an incorrect Content-Length was returned when requesting more than 4G of ranges from a large enough file on a 32-bit system. An additional size_t variable introduced to calculate size of the boundary header buffer, as off_t is not needed here and will require type casts on win32. Reported by Shuxin Yang, http://mailman.nginx.org/pipermail/nginx/2017-July/054384.html. 
Total length of a response with multiple ranges can be larger than a size_t
variable can hold, so type changed to off_t.  Previously, an incorrect
Content-Length was returned when requesting more than 4G of ranges from
a large enough file on a 32-bit system.

An additional size_t variable introduced to calculate size of the boundary
header buffer, as off_t is not needed here and will require type casts on
win32.

Reported by Shuxin Yang,
http://mailman.nginx.org/pipermail/nginx/2017-July/054384.html.
Style. 2017-08-10T19:21:20+00:00 Maxim Dounin mdounin@mdounin.ru 2017-08-10T19:21:20+00:00 0f841fcdee784ac3ddbc9a4372114e8847b0a5e0 






Fixed calls to ngx_open_file() in certain places.
2017-08-09T12:03:27+00:00

Sergey Kandaurov
pluknet@nginx.com

2017-08-09T12:03:27+00:00

b986b4314bb4f8fdcbcfe93c89a659d3d18691bc

Pass NGX_FILE_OPEN to ngx_open_file() to fix "The parameter is incorrect"
error on win32 when using the ssl_session_ticket_key directive or loading
a binary geo base.  On UNIX, this change is a no-op.





Pass NGX_FILE_OPEN to ngx_open_file() to fix "The parameter is incorrect"
error on win32 when using the ssl_session_ticket_key directive or loading
a binary geo base.  On UNIX, this change is a no-op.







Style.
2017-08-09T11:59:46+00:00

Sergey Kandaurov
pluknet@nginx.com

2017-08-09T11:59:46+00:00

32c7bd5102571ec20e45f620d2916e612e3b2016












Upstream: copy peer data in shared memory.
2017-08-04T14:03:10+00:00

Ruslan Ermilov
ru@nginx.com

2017-08-04T14:03:10+00:00

c9a81b29b5a7699f3c25c83b6ee9e0c2a07f5f79

This, in addition to 1eb753aa8e5e, fixes "upstream zone" on Windows.





This, in addition to 1eb753aa8e5e, fixes "upstream zone" on Windows.







Referer: fixed $invalid_referer.
2017-08-04T05:01:55+00:00

Ruslan Ermilov
ru@nginx.com

2017-08-04T05:01:55+00:00

c09bba400d233331f1b405e18c6912a30502dee9

The variable was considered non-existent in the absence of any
valid_referers directives.

Given the following config snippet,

    location / {
        return 200 $invalid_referer;
    }

    location /referer {
        valid_referers server_names;
    }

"location /" should work identically and independently on other
"location /referer".

The fix is to always add the $invalid_referer variable as long
as the module is compiled in, as is done by other modules.





The variable was considered non-existent in the absence of any
valid_referers directives.

Given the following config snippet,

    location / {
        return 200 $invalid_referer;
    }

    location /referer {
        valid_referers server_names;
    }

"location /" should work identically and independently on other
"location /referer".

The fix is to always add the $invalid_referer variable as long
as the module is compiled in, as is done by other modules.







Upstream zone: store peers->name and its data in shared memory.
2017-08-01T16:12:10+00:00

Ruslan Ermilov
ru@nginx.com

2017-08-01T16:12:10+00:00

d846f27638525f478ea07f5574b5569ce2ab1ac2

The shared objects should generally be allocated from shared memory.
While peers->name and the data it points to allocated from cf->pool
happened to work on UNIX, it broke on Windows.  On UNIX this worked
only because the shared memory zone for upstreams is re-created for
every new configuration.

But on Windows, a worker process does not inherit the address space
of the master process, so the peers->name pointed to data allocated
from cf->pool by the master process, and was invalid.





The shared objects should generally be allocated from shared memory.
While peers->name and the data it points to allocated from cf->pool
happened to work on UNIX, it broke on Windows.  On UNIX this worked
only because the shared memory zone for upstreams is re-created for
every new configuration.

But on Windows, a worker process does not inherit the address space
of the master process, so the peers->name pointed to data allocated
from cf->pool by the master process, and was invalid.







Variables: macros for null variables.
2017-08-01T11:28:33+00:00

Ruslan Ermilov
ru@nginx.com

2017-08-01T11:28:33+00:00

b992f7259ba4763178f9d394b320bcc5de88818b

No functional changes.





No functional changes.