nginx.git/src/http, branch release-1.0.15 nginx Merge of r4578, r4579, r4580, r4586: mp4 fixes. 2012-04-12T12:55:43+00:00 Maxim Dounin mdounin@mdounin.ru 2012-04-12T12:55:43+00:00 dcdb3ca43b7ac59642fb8cf495c9416f49d9fc79 






Version bump.
2012-04-12T12:47:36+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-04-12T12:47:36+00:00

faf6380c3c66a3f75d50071ee668fc151ef77a9d












Merge of r4530, r4531: null character fixes.
2012-03-15T11:41:43+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-15T11:41:43+00:00

44eade9c1df4ef009d9fcd7721d8e4c34370ca1d

*) Fixed incorrect ngx_cpystrn() usage in ngx_http_*_process_header().

   This resulted in a disclosure of previously freed memory if upstream
   server returned specially crafted response, potentially exposing
   sensitive information.

   Reported by Matthew Daley.

*) Headers with null character are now rejected.

   Headers with NUL character aren't allowed by HTTP standard and may cause
   various security problems.  They are now unconditionally rejected.





*) Fixed incorrect ngx_cpystrn() usage in ngx_http_*_process_header().

   This resulted in a disclosure of previously freed memory if upstream
   server returned specially crafted response, potentially exposing
   sensitive information.

   Reported by Matthew Daley.

*) Headers with null character are now rejected.

   Headers with NUL character aren't allowed by HTTP standard and may cause
   various security problems.  They are now unconditionally rejected.







Version bump.
2012-03-15T11:37:11+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-15T11:37:11+00:00

6dbc33f8317e2a7a9596351f48f7914b5450779b












Merge of r4500: fixed spelling in single-line comments.
2012-03-05T13:26:40+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-05T13:26:40+00:00

fc03bdde05ef82c3e215a0a0d41a1e88419996df












Merge of r4498:
2012-03-05T13:17:56+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-05T13:17:56+00:00

0ffc4c3218a2a1ca45405754c86221d295d00dd1

Fix of rbtree lookup on hash collisions.

Previous code incorrectly assumed that nodes with identical keys are linked
together.  This might not be true after tree rebalance.

Patch by Lanshun Zhou.





Fix of rbtree lookup on hash collisions.

Previous code incorrectly assumed that nodes with identical keys are linked
together.  This might not be true after tree rebalance.

Patch by Lanshun Zhou.







Merge of r4491, r4492:
2012-03-05T13:03:39+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-05T13:03:39+00:00

031458770a48be9b0bf5534c70abfc8284f135d7

*) Renamed constants and fixed off-by-one error in "msie_padding on"
   handling.

*) Added support for the 307 Temporary Redirect.





*) Renamed constants and fixed off-by-one error in "msie_padding on"
   handling.

*) Added support for the 307 Temporary Redirect.







Merge of r4474, r4493: configure/build fixes.
2012-03-05T12:58:10+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-05T12:58:10+00:00

01f59615400f7449a8b88e9e74a27c2a8b93fb87

*) Fixed build with embedded perl and --with-openssl.

*) Configure: moved icc detection before gcc.  New versions of icc
   confuse auto/cc/name due to introduced handling of a "icc -v".





*) Fixed build with embedded perl and --with-openssl.

*) Configure: moved icc detection before gcc.  New versions of icc
   confuse auto/cc/name due to introduced handling of a "icc -v".







Merge of r4473:
2012-03-05T12:49:32+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-05T12:49:32+00:00

be909c35b0b2ad737b701fde9c63105251800b14

Core: protection from cycles with named locations and post_action.

Now redirects to named locations are counted against normal uri changes
limit, and post_action respects this limit as well.  As a result at least
the following (bad) configurations no longer trigger infinite cycles:

1. Post action which recursively triggers post action:

    location / {
        post_action /index.html;
    }

2. Post action pointing to nonexistent named location:

    location / {
        post_action @nonexistent;
    }

3. Recursive error page for 500 (Internal Server Error) pointing to
   a nonexistent named location:

    location / {
        recursive_error_pages on;
        error_page 500 @nonexistent;
        return 500;
    }





Core: protection from cycles with named locations and post_action.

Now redirects to named locations are counted against normal uri changes
limit, and post_action respects this limit as well.  As a result at least
the following (bad) configurations no longer trigger infinite cycles:

1. Post action which recursively triggers post action:

    location / {
        post_action /index.html;
    }

2. Post action pointing to nonexistent named location:

    location / {
        post_action @nonexistent;
    }

3. Recursive error page for 500 (Internal Server Error) pointing to
   a nonexistent named location:

    location / {
        recursive_error_pages on;
        error_page 500 @nonexistent;
        return 500;
    }







Merge of r4471:
2012-03-05T12:36:51+00:00

Maxim Dounin
mdounin@mdounin.ru

2012-03-05T12:36:51+00:00

31b3edd003a6fd4aba0c7fd1428c062a3c57bec6

Variables: honor no_cacheable for not_found variables.

Variables with the "not_found" flag set follow the same rules as ones with
the "valid" flag set.  Make sure ngx_http_get_flushed_variable() will flush
non-cacheable variables with the "not_found" flag set.

This fixes at least one known problem with $args not available in a subrequest
(with args) when there were no args in the main request and $args variable was
queried in the main request (reported by Laurence Rowe aka elro on irc).

Also this eliminates unneeded call to ngx_http_get_indexed_variable() in
cacheable case (as it will return cached value anyway).





Variables: honor no_cacheable for not_found variables.

Variables with the "not_found" flag set follow the same rules as ones with
the "valid" flag set.  Make sure ngx_http_get_flushed_variable() will flush
non-cacheable variables with the "not_found" flag set.

This fixes at least one known problem with $args not available in a subrequest
(with args) when there were no args in the main request and $args variable was
queried in the main request (reported by Laurence Rowe aka elro on irc).

Also this eliminates unneeded call to ngx_http_get_indexed_variable() in
cacheable case (as it will return cached value anyway).