nginx.git/src/http, branch release-1.0.12 nginx Merge of r4416: 2012-02-05T20:05:11+00:00 Maxim Dounin mdounin@mdounin.ru 2012-02-05T20:05:11+00:00 f4d00a96acd56fb0d41233f5f1346f051528129a Fixed AIO error handling on FreeBSD. The aio_return() must be called regardless of the error returned by aio_error(). Not calling it resulted in various problems up to segmentation faults (as AIO events are level-triggered and were reported again and again). Additionally, in "aio sendfile" case r->blocked was incremented in case of error returned from ngx_file_aio_read(), thus causing request hangs. 
Fixed AIO error handling on FreeBSD.

The aio_return() must be called regardless of the error returned by
aio_error().  Not calling it resulted in various problems up to segmentation
faults (as AIO events are level-triggered and were reported again and again).

Additionally, in "aio sendfile" case r->blocked was incremented in case of
error returned from ngx_file_aio_read(), thus causing request hangs.
Merge of r4406, r4413: copyrights updated. 2012-02-05T20:02:59+00:00 Maxim Dounin mdounin@mdounin.ru 2012-02-05T20:02:59+00:00 a22bc749c7b170ec8883ef614dd8dd88fca53aaa 






Merge of r4402:
2012-02-05T19:23:44+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T19:23:44+00:00

c8d012d425137f36ee0b509ce1e95f339cfe5cbc

Fixed proxy_cache_use_stale in "no live upstreams" case.





Fixed proxy_cache_use_stale in "no live upstreams" case.







Merge of r4401, r4415:
2012-02-05T19:15:09+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T19:15:09+00:00

8bfb37e9f0e808483cd9754c020292a9cb35e342

SSL changes:

*) Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive.

   Support for TLSv1.1 and TLSv1.2 protocols was introduced in
   OpenSSL 1.0.1 (-beta1 was recently released).  This change makes it
   possible to disable these protocols and/or enable them without other
   protocols.

*) Removed ENGINE_load_builtin_engines() call.

   It's already called by OPENSSL_config().  Calling it again causes
   some openssl engines (notably GOST) to corrupt memory, as they don't
   expect to be created more than once.





SSL changes:

*) Added support for TLSv1.1, TLSv1.2 in ssl_protocols directive.

   Support for TLSv1.1 and TLSv1.2 protocols was introduced in
   OpenSSL 1.0.1 (-beta1 was recently released).  This change makes it
   possible to disable these protocols and/or enable them without other
   protocols.

*) Removed ENGINE_load_builtin_engines() call.

   It's already called by OPENSSL_config().  Calling it again causes
   some openssl engines (notably GOST) to corrupt memory, as they don't
   expect to be created more than once.







Merge of r4384, r4385:
2012-02-05T16:12:55+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T16:12:55+00:00

21f546d0d6b2938d6a8305079ed26c8e49d4f5e2

Fixes for limit_rate:

*) Fixed throughput problems with large limit_rate.

   Previous attempt to fix this was in r1658 (0.6.18), though that one
   wasn't enough (it was a noop).

*) Fixed interaction of limit_rate and sendfile_max_chunk.

   It's possible that configured limit_rate will permit more bytes per
   single operation than sendfile_max_chunk.  To protect disk from
   takeover by a single client it is necessary to apply sendfile_max_chunk
   as a limit regardless of configured limit_rate.

   See here for report (in Russian):
   http://mailman.nginx.org/pipermail/nginx-ru/2010-March/032806.html





Fixes for limit_rate:

*) Fixed throughput problems with large limit_rate.

   Previous attempt to fix this was in r1658 (0.6.18), though that one
   wasn't enough (it was a noop).

*) Fixed interaction of limit_rate and sendfile_max_chunk.

   It's possible that configured limit_rate will permit more bytes per
   single operation than sendfile_max_chunk.  To protect disk from
   takeover by a single client it is necessary to apply sendfile_max_chunk
   as a limit regardless of configured limit_rate.

   See here for report (in Russian):
   http://mailman.nginx.org/pipermail/nginx-ru/2010-March/032806.html







Merge of r4383, r4403:
2012-02-05T15:51:20+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T15:51:20+00:00

ff8c2aedfee6514ba50391dcf5fef5bd02016684

MP4 fixes:

*) Fixed mp4 if first entry in stsc was skipped (ticket #72).

   If first entry in stsc atom was skipped, and seek was to chunk
   boundary, than first_chunk in the generated stsc table wasn't
   set to 1.

*) Fixed handling of mp4 above 2G and 32bit offsets (ticket #84).





MP4 fixes:

*) Fixed mp4 if first entry in stsc was skipped (ticket #72).

   If first entry in stsc atom was skipped, and seek was to chunk
   boundary, than first_chunk in the generated stsc table wasn't
   set to 1.

*) Fixed handling of mp4 above 2G and 32bit offsets (ticket #84).







Merge of r4381, r4400:
2012-02-05T15:47:58+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T15:47:58+00:00

d7ccc61da1513f51c4067928d736630415e75afe

Fixed limit_conn_log_level/limit_req_log_level inheritance.  The
directives did not work if there were no limit_conn/limit_req
specified on the same level.

The code for limit_conn is different in 1.0.x, conflict resolved
manually.





Fixed limit_conn_log_level/limit_req_log_level inheritance.  The
directives did not work if there were no limit_conn/limit_req
specified on the same level.

The code for limit_conn is different in 1.0.x, conflict resolved
manually.







Merge of r4375, r4382:
2012-02-05T14:09:46+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T14:09:46+00:00

ea7bed29fdaa35fb9734bfdb01f64dd1401f9ef6

SSI changes:

*) The "if" command did not work inside the "block" command and
   produced parsing errors.

*) Added regex captures support in the expression of the "if" command.





SSI changes:

*) The "if" command did not work inside the "block" command and
   produced parsing errors.

*) Added regex captures support in the expression of the "if" command.







Merge of r4372, r4373, r4374:
2012-02-05T13:53:50+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T13:53:50+00:00

ef76b584da7329ffee1e30286c0bf76b255ad3cc

SCGI fixes:

*) Fixed incorrect use of r->http_version in scgi module.

   The r->http_version is a version of client's request, and modules
   must not set it unless they are really willing to downgrade protocol
   version used for a response (i.e. to HTTP/0.9 if no response headers
   are available).  In neither case r->http_version may be upgraded.

   The former code downgraded response from HTTP/1.1 to HTTP/1.0 for no
   reason, causing various problems (see ticket #66).  It was also
   possible that HTTP/0.9 requests were upgraded to HTTP/1.0.

*) Removed duplicate function declaration.

*) Removed error if there is no Status header.

   The SCGI specification doesn't specify format of the response, and
   assuming CGI specs should be used there is no reason to complain.
   RFC 3875 explicitly states that "A Status header field is optional,
   and status 200 'OK' is assumed if it is omitted".





SCGI fixes:

*) Fixed incorrect use of r->http_version in scgi module.

   The r->http_version is a version of client's request, and modules
   must not set it unless they are really willing to downgrade protocol
   version used for a response (i.e. to HTTP/0.9 if no response headers
   are available).  In neither case r->http_version may be upgraded.

   The former code downgraded response from HTTP/1.1 to HTTP/1.0 for no
   reason, causing various problems (see ticket #66).  It was also
   possible that HTTP/0.9 requests were upgraded to HTTP/1.0.

*) Removed duplicate function declaration.

*) Removed error if there is no Status header.

   The SCGI specification doesn't specify format of the response, and
   assuming CGI specs should be used there is no reason to complain.
   RFC 3875 explicitly states that "A Status header field is optional,
   and status 200 'OK' is assumed if it is omitted".







Merge of r4339, r4340, r4341:
2012-02-05T13:34:08+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-02-05T13:34:08+00:00

6f7a1824b5e38194146dd8516c48a4a7663a0d14

Cache fixes:

*) Obsolete code removed.

   The ngx_http_cache() and ngx_http_no_cache_set_slot() functions
   were replaced in 0.8.46 and no longer used since then.

*) Handling of cache files with long headers.

   There are two possible situations which can lead to this: response
   was cached with bigger proxy_buffer_size value (and nginx was
   restared since then, i.e. shared memory zone content was lost), or
   due to the race in the cache update code (see [1]) we've end up
   with fcn->body_start from a different response stored in shared
   memory zone.

*) Only complain on long locked entries.

   There have been multiple reports of cases where a real locked entry
   was removed, resulting in a segmentation fault later in a worker
   which locked the entry.  It looks like default inactive timeout isn't
   enough in real life.

   For now just ignore such locked entries, and move them to the top of
   the inactive queue to allow processing of other entries.

[1] http://mailman.nginx.org/pipermail/nginx-devel/2011-September/001287.html





Cache fixes:

*) Obsolete code removed.

   The ngx_http_cache() and ngx_http_no_cache_set_slot() functions
   were replaced in 0.8.46 and no longer used since then.

*) Handling of cache files with long headers.

   There are two possible situations which can lead to this: response
   was cached with bigger proxy_buffer_size value (and nginx was
   restared since then, i.e. shared memory zone content was lost), or
   due to the race in the cache update code (see [1]) we've end up
   with fcn->body_start from a different response stored in shared
   memory zone.

*) Only complain on long locked entries.

   There have been multiple reports of cases where a real locked entry
   was removed, resulting in a segmentation fault later in a worker
   which locked the entry.  It looks like default inactive timeout isn't
   enough in real life.

   For now just ignore such locked entries, and move them to the top of
   the inactive queue to allow processing of other entries.

[1] http://mailman.nginx.org/pipermail/nginx-devel/2011-September/001287.html