nginx.git/src/http/modules, branch release-1.5.10 nginx SSL: support ALPN (IETF's successor to NPN). 2014-01-28T23:33:49+00:00 Piotr Sikora piotr@cloudflare.com 2014-01-28T23:33:49+00:00 4ae889c9f2c6c79402630aa2197bfbdd8cc42fd5 Signed-off-by: Piotr Sikora <piotr@cloudflare.com> 
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
Mp4: fix seeks to standalone last chunk. 2014-01-29T09:44:15+00:00 Roman Arutyunyan arut@nginx.com 2014-01-29T09:44:15+00:00 d3e0bf306b86ac08b828886e75b8c30218a16377 If seek position is within the last track chunk and that chunk is standalone (stsc entry describes only this chunk) such seek generates stsc seek error. The problem is that chunk numbers start with 1, not with 0. 
If seek position is within the last track chunk
and that chunk is standalone (stsc entry describes only
this chunk) such seek generates stsc seek error. The
problem is that chunk numbers start with 1, not with 0.
Mp4: skip tracks shorter than seek position (ticket #414). 2014-01-29T09:33:45+00:00 Roman Arutyunyan arut@nginx.com 2014-01-29T09:33:45+00:00 88f9b411f03dbb587399bb250cfdcbf0dcdaceb0 Mp4 module does not check movie and track durations when reading file. Instead it generates errors when track metadata is shorter than seek position. Now such tracks are skipped and movie duration check is performed at file read stage. 
Mp4 module does not check movie and track durations when reading
file.  Instead it generates errors when track metadata is shorter
than seek position.  Now such tracks are skipped and movie duration
check is performed at file read stage.
Mp4: fix seeks after the last key frame. 2014-01-29T09:30:36+00:00 Roman Arutyunyan arut@nginx.com 2014-01-29T09:30:36+00:00 870733ebd6275ac917d1a517760cd1c283870c59 Mp4 module does not allow seeks after the last key frame. Since stss atom only contains key frames it's usually shorter than other track atoms. That leads to stss seek error when seek position is close to the end of file. The fix outputs empty stss frame instead of generating error. 
Mp4 module does not allow seeks after the last key frame.  Since
stss atom only contains key frames it's usually shorter than
other track atoms.  That leads to stss seek error when seek
position is close to the end of file.  The fix outputs empty
stss frame instead of generating error.
SSI: fixed $date_local and $date_gmt without SSI (ticket #230). 2014-01-28T11:40:45+00:00 Maxim Dounin mdounin@mdounin.ru 2014-01-28T11:40:45+00:00 1631393f9427892f108d2c6549a568ee1e5ed6bc If there is no SSI context in a given request at a given time, the $date_local and $date_gmt variables used "%s" format, instead of "%A, %d-%b-%Y %H:%M:%S %Z" documented as the default and used if there is SSI module context and timefmt wasn't modified using the "config" SSI command. While use of these variables outside of the SSI evaluation isn't strictly valid, previous behaviour is certainly inconsistent, hence the fix. 
If there is no SSI context in a given request at a given time,
the $date_local and $date_gmt variables used "%s" format, instead
of "%A, %d-%b-%Y %H:%M:%S %Z" documented as the default and used
if there is SSI module context and timefmt wasn't modified using
the "config" SSI command.

While use of these variables outside of the SSI evaluation isn't strictly
valid, previous behaviour is certainly inconsistent, hence the fix.
Typo fixed. 2014-01-23T13:09:59+00:00 Tatsuhiko Kubo cubicdaiya@gmail.com 2014-01-23T13:09:59+00:00 135dc712c0b437886537d1d240b44f7f7e4f7852 






SSL: fixed ssl_verify_depth to take only one argument.
2014-01-14T11:56:40+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-01-14T11:56:40+00:00

70b48a491a0a4dbcbcfc9ca86b22ca966a473ba1












SSL: ssl_session_tickets directive.
2014-01-10T15:12:40+00:00

Dirkjan Bussink
d.bussink@gmail.com

2014-01-10T15:12:40+00:00

58a240d7735652138da46c64b5eb9e661e5533f5

This adds support so it's possible to explicitly disable SSL Session
Tickets. In order to have good Forward Secrecy support either the
session ticket key has to be reloaded by using nginx' binary upgrade
process or using an external key file and reloading the configuration.
This directive adds another possibility to have good support by
disabling session tickets altogether.

If session tickets are enabled and the process lives for a long a time,
an attacker can grab the session ticket from the process and use that to
decrypt any traffic that occured during the entire lifetime of the
process.





This adds support so it's possible to explicitly disable SSL Session
Tickets. In order to have good Forward Secrecy support either the
session ticket key has to be reloaded by using nginx' binary upgrade
process or using an external key file and reloading the configuration.
This directive adds another possibility to have good support by
disabling session tickets altogether.

If session tickets are enabled and the process lives for a long a time,
an attacker can grab the session ticket from the process and use that to
decrypt any traffic that occured during the entire lifetime of the
process.







Fixed setting of content type in some cases.
2013-12-27T15:40:04+00:00

Ruslan Ermilov
ru@nginx.com

2013-12-27T15:40:04+00:00

2539ce036f6f9d9c2f0e9d6e723d1f0785b9dc0a

This fixes content type set in stub_status and autoindex responses
to be usable in content type checks made by filter modules, such
as charset and sub filters.





This fixes content type set in stub_status and autoindex responses
to be usable in content type checks made by filter modules, such
as charset and sub filters.







Style: removed surplus semicolons.
2013-12-27T14:47:42+00:00

Valentin Bartenev
vbart@nginx.com

2013-12-27T14:47:42+00:00

2b1156d1018bbeb0ebdc46c576cd5adb203db373