nginx.git/src/http/modules, branch release-1.15.2 nginx Fixed invalid access to location defined as an empty string. 2018-07-17T12:30:43+00:00 Ruslan Ermilov ru@nginx.com 2018-07-17T12:30:43+00:00 372b624627b3f943ffd1227ff8aacbae7b42880f 






SSL: save sessions for upstream peers using a callback function.
2018-07-17T09:53:23+00:00

Sergey Kandaurov
pluknet@nginx.com

2018-07-17T09:53:23+00:00

d5a27006e03174aa518f6c849d377a130a7c705c

In TLSv1.3, NewSessionTicket messages arrive after the handshake and
can come at any time.  Therefore we use a callback to save the session
when we know about it.  This approach works for < TLSv1.3 as well.
The callback function is set once per location on merge phase.

Since SSL_get_session() in BoringSSL returns an unresumable session for
TLSv1.3, peer save_session() methods have been updated as well to use a
session supplied within the callback.  To preserve API, the session is
cached in c->ssl->session.  It is preferably accessed in save_session()
methods by ngx_ssl_get_session() and ngx_ssl_get0_session() wrappers.





In TLSv1.3, NewSessionTicket messages arrive after the handshake and
can come at any time.  Therefore we use a callback to save the session
when we know about it.  This approach works for < TLSv1.3 as well.
The callback function is set once per location on merge phase.

Since SSL_get_session() in BoringSSL returns an unresumable session for
TLSv1.3, peer save_session() methods have been updated as well to use a
session supplied within the callback.  To preserve API, the session is
cached in c->ssl->session.  It is preferably accessed in save_session()
methods by ngx_ssl_get_session() and ngx_ssl_get0_session() wrappers.







gRPC: clearing buffers in ngx_http_grpc_get_buf().
2018-07-02T16:02:08+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-07-02T16:02:08+00:00

d842b4e5e0ebda87559d804de29dd56bd4cbc4dc

We copy input buffers to our buffers, so various flags might be
unexpectedly set in buffers returned by ngx_chain_get_free_buf().

In particular, the b->in_file flag might be set when the body was
written to a file in a different context.  With sendfile enabled this
in turn might result in protocol corruption if such a buffer was reused
for a control frame.

Make sure to clear buffers and set only fields we really need to be set.





We copy input buffers to our buffers, so various flags might be
unexpectedly set in buffers returned by ngx_chain_get_free_buf().

In particular, the b->in_file flag might be set when the body was
written to a file in a different context.  With sendfile enabled this
in turn might result in protocol corruption if such a buffer was reused
for a control frame.

Make sure to clear buffers and set only fields we really need to be set.







Upstream: ngx_http_upstream_random module.
2018-06-15T08:46:14+00:00

Vladimir Homutov
vl@nginx.com

2018-06-15T08:46:14+00:00

0c4ccbea23813a50132df511d4445bc1686dbc2f

The module implements random load-balancing algorithm with optional second
choice.  In the latter case, the best of two servers is chosen, accounting
number of connections and server weight.

Example:

upstream u {
    random [two [least_conn]];

    server 127.0.0.1:8080;
    server 127.0.0.1:8081;
    server 127.0.0.1:8082;
    server 127.0.0.1:8083;
}





The module implements random load-balancing algorithm with optional second
choice.  In the latter case, the best of two servers is chosen, accounting
number of connections and server weight.

Example:

upstream u {
    random [two [least_conn]];

    server 127.0.0.1:8080;
    server 127.0.0.1:8081;
    server 127.0.0.1:8082;
    server 127.0.0.1:8083;
}







Upstream: improved peer selection concurrency for hash and ip_hash.
2018-06-14T04:03:50+00:00

Ruslan Ermilov
ru@nginx.com

2018-06-14T04:03:50+00:00

2eab9efbe4050ab471cfa3ed778d751454fcd87d












Limit req: improved handling of negative times.
2018-05-30T12:40:34+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-05-30T12:40:34+00:00

7b9bc5d4d1c061095a2391dbe32cf4d205c031bc

Negative times can appear since workers only update time on an event
loop iteration start.  If a worker was blocked for a long time during
an event loop iteration, it is possible that another worker already
updated the time stored in the node.  As such, time since last update
of the node (ms) will be negative.

Previous code used ngx_abs(ms) in the calculations.  That is, negative
times were effectively treated as positive ones.  As a result, it was
not possible to maintain high request rates, where the same node can be
updated multiple times from during an event loop iteration.
In particular, this affected setups with many SSL handshakes, see
http://mailman.nginx.org/pipermail/nginx/2018-May/056291.html.

Fix is to only update the last update time stored in the node if the
new time is larger than previously stored one.  If a future time is
stored in the node, we preserve this time as is.

To prevent breaking things on platforms without monotonic time available
if system time is updated backwards, a safety limit of 60 seconds is
used.  If the time stored in the node is more than 60 seconds in the future,
we assume that the time was changed backwards and update lr->last
to the current time.





Negative times can appear since workers only update time on an event
loop iteration start.  If a worker was blocked for a long time during
an event loop iteration, it is possible that another worker already
updated the time stored in the node.  As such, time since last update
of the node (ms) will be negative.

Previous code used ngx_abs(ms) in the calculations.  That is, negative
times were effectively treated as positive ones.  As a result, it was
not possible to maintain high request rates, where the same node can be
updated multiple times from during an event loop iteration.
In particular, this affected setups with many SSL handshakes, see
http://mailman.nginx.org/pipermail/nginx/2018-May/056291.html.

Fix is to only update the last update time stored in the node if the
new time is larger than previously stored one.  If a future time is
stored in the node, we preserve this time as is.

To prevent breaking things on platforms without monotonic time available
if system time is updated backwards, a safety limit of 60 seconds is
used.  If the time stored in the node is more than 60 seconds in the future,
we assume that the time was changed backwards and update lr->last
to the current time.







Silenced -Wcast-function-type warnings (closes #1546).
2018-05-07T09:54:37+00:00

Sergey Kandaurov
pluknet@nginx.com

2018-05-07T09:54:37+00:00

68b50f71e193e58ee117ef36f25387cbaa75edf3

Cast to intermediate "void *" to lose compiler knowledge about the original
type and pass the warning.  This is not a real fix but rather a workaround.

Found by gcc8.





Cast to intermediate "void *" to lose compiler knowledge about the original
type and pass the warning.  This is not a real fix but rather a workaround.

Found by gcc8.







SSL: deprecated the "ssl" directive.
2018-04-25T11:57:24+00:00

Ruslan Ermilov
ru@nginx.com

2018-04-25T11:57:24+00:00

658a84f4252b65ef060b1d33b2ff0e749902978b












SSL: detect "listen ... ssl" without certificates (ticket #178).
2018-04-24T12:29:01+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-04-24T12:29:01+00:00

76be1ea9de13c5e8bb0d9523c6a2ad4009a5d7cf

In mail and stream modules, no certificate provided is a fatal condition,
much like with the "ssl" and "starttls" directives.

In http, "listen ... ssl" can be used in a non-default server without
certificates as long as there is a certificate in the default one, so
missing certificate is only fatal for default servers.





In mail and stream modules, no certificate provided is a fatal condition,
much like with the "ssl" and "starttls" directives.

In http, "listen ... ssl" can be used in a non-default server without
certificates as long as there is a certificate in the default one, so
missing certificate is only fatal for default servers.







gRPC: fixed possible sign extension of error and setting_value.
2018-03-22T16:26:25+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-03-22T16:26:25+00:00

0ac57648ebc93358e977939bfcb9d1e67485b98e

All cases are harmless and should not happen on valid values, though can
result in bad values being shown incorrectly in logs.

Found by Coverity (CID 1430311, 1430312, 1430313).





All cases are harmless and should not happen on valid values, though can
result in bad values being shown incorrectly in logs.

Found by Coverity (CID 1430311, 1430312, 1430313).