nginx.git/src/http, branch release-1.11.11 nginx Access log: removed dead ev->timedout check in flush timer handler. 2017-03-07T15:51:12+00:00 Maxim Dounin mdounin@mdounin.ru 2017-03-07T15:51:12+00:00 c1d8318d3112a2752971d76fc15d1fca8557691d The ev->timedout flag is set on first timer expiration, and never reset after it. Due to this the code to stop the timer when the timer was canceled never worked (except in a very specific time frame immediately after start), and the timer was always armed again. This essentially resulted in a buffer flush at the end of an event loop iteration. This behaviour actually seems to be better than just stopping the flush timer for the whole shutdown, so it is preserved as is instead of fixing the code to actually remove the timer. It will be further improved by upcoming changes to preserve cancelable timers if there are other timers blocking shutdown. 
The ev->timedout flag is set on first timer expiration, and never reset
after it.  Due to this the code to stop the timer when the timer was
canceled never worked (except in a very specific time frame immediately
after start), and the timer was always armed again.  This essentially
resulted in a buffer flush at the end of an event loop iteration.

This behaviour actually seems to be better than just stopping the flush
timer for the whole shutdown, so it is preserved as is instead of fixing
the code to actually remove the timer.  It will be further improved by
upcoming changes to preserve cancelable timers if there are other timers
blocking shutdown.
Converted hc->busy/hc->free to use chain links. 2017-03-07T15:49:31+00:00 Maxim Dounin mdounin@mdounin.ru 2017-03-07T15:49:31+00:00 fca26c2e53d46549320a3b23ce0398c5921348dd Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev. 
Most notably, this fixes possible buffer overflows if number of large
client header buffers in a virtual server is different from the one in
the default server.

Reported by Daniil Bondarev.
Added missing "static" specifiers found by gcc -Wtraditional. 2017-03-06T08:09:47+00:00 Ruslan Ermilov ru@nginx.com 2017-03-06T08:09:47+00:00 0f89206a1078a216961d974ed5bcf6464b65cbdf 






Added missing static specifiers.
2017-03-02T13:46:00+00:00

Eran Kornblau
erankor@gmail.com

2017-03-02T13:46:00+00:00

0759f088a532ec48170ca03d694cc103757a0f4c












Fixed background update with "if".
2017-02-27T19:36:15+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-02-27T19:36:15+00:00

0f00d3365f88d4a1d11b81539c682c76f7eb5405

Cloned subrequests should inherit r->content_handler.  This way they will
be able to use the same location configuration as the original request
if there are "if" directives in the configuration.

Without r->content_handler inherited, the following configuration tries
to access a static file in the update request:

    location / {
        set $true 1;
        if ($true) {
            # nothing
        }

        proxy_pass http://backend;
        proxy_cache one;
        proxy_cache_use_stale updating;
        proxy_cache_background_update on;
    }

See http://mailman.nginx.org/pipermail/nginx/2017-February/053019.html for
initial report.





Cloned subrequests should inherit r->content_handler.  This way they will
be able to use the same location configuration as the original request
if there are "if" directives in the configuration.

Without r->content_handler inherited, the following configuration tries
to access a static file in the update request:

    location / {
        set $true 1;
        if ($true) {
            # nothing
        }

        proxy_pass http://backend;
        proxy_cache one;
        proxy_cache_use_stale updating;
        proxy_cache_background_update on;
    }

See http://mailman.nginx.org/pipermail/nginx/2017-February/053019.html for
initial report.







Gzip: free chain links on the hot path (ticket #1046).
2017-02-13T18:45:01+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-02-13T18:45:01+00:00

fb5c0baa456526206d945e618cc2d50b441b0164












Upstream: read handler cleared on upstream finalization.
2017-02-10T17:24:26+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-02-10T17:24:26+00:00

68f4e482bd39314e98fb0328eaeca666ae0a557f

With "proxy_ignore_client_abort off" (the default), upstream module changes
r->read_event_handler to ngx_http_upstream_rd_check_broken_connection().
If the handler is not cleared during upstream finalization, it can be
triggered later, causing unexpected effects, if, for example, a request
was redirected to a different location using error_page or X-Accel-Redirect.
In particular, it makes "proxy_ignore_client_abort on" non-working after
a redirection in a configuration like this:

    location = / {
        error_page 502 = /error;
        proxy_pass http://127.0.0.1:8082;
    }

    location /error {
        proxy_pass http://127.0.0.1:8083;
        proxy_ignore_client_abort on;
    }

It is also known to cause segmentation faults with aio used, see
http://mailman.nginx.org/pipermail/nginx-ru/2015-August/056570.html.

Fix is to explicitly set r->read_event_handler to ngx_http_block_reading()
during upstream finalization, similar to how it is done in the request body
reading code and in the limit_req module.





With "proxy_ignore_client_abort off" (the default), upstream module changes
r->read_event_handler to ngx_http_upstream_rd_check_broken_connection().
If the handler is not cleared during upstream finalization, it can be
triggered later, causing unexpected effects, if, for example, a request
was redirected to a different location using error_page or X-Accel-Redirect.
In particular, it makes "proxy_ignore_client_abort on" non-working after
a redirection in a configuration like this:

    location = / {
        error_page 502 = /error;
        proxy_pass http://127.0.0.1:8082;
    }

    location /error {
        proxy_pass http://127.0.0.1:8083;
        proxy_ignore_client_abort on;
    }

It is also known to cause segmentation faults with aio used, see
http://mailman.nginx.org/pipermail/nginx-ru/2015-August/056570.html.

Fix is to explicitly set r->read_event_handler to ngx_http_block_reading()
during upstream finalization, similar to how it is done in the request body
reading code and in the limit_req module.







Cache: increased cache header Vary and ETag lengths to 128.
2017-02-10T14:49:19+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-02-10T14:49:19+00:00

5544756296e5abaecb5f640753d6de939b701035

This allows to store larger ETag values for proxy_cache_revalidate,
including ones generated as SHA256, and cache responses with longer
Vary (ticket #826).

In particular, this fixes caching of Amazon S3 responses with CORS
enabled, which now use "Vary: Origin, Access-Control-Request-Headers,
Access-Control-Request-Method".

Cache version bumped accordingly.





This allows to store larger ETag values for proxy_cache_revalidate,
including ones generated as SHA256, and cache responses with longer
Vary (ticket #826).

In particular, this fixes caching of Amazon S3 responses with CORS
enabled, which now use "Vary: Origin, Access-Control-Request-Headers,
Access-Control-Request-Method".

Cache version bumped accordingly.







Slice filter: fetch slices in cloned subrequests.
2017-02-10T13:33:12+00:00

Roman Arutyunyan
arut@nginx.com

2017-02-10T13:33:12+00:00

b9a031622b7bf586a9c724dade16abfac188f2f2

Previously, slice subrequest location was selected based on request URI.
If request is then redirected to a new location, its context array is cleared,
making the slice module loose current slice range information.  This lead to
broken output.  Now subrequests with the NGX_HTTP_SUBREQUEST_CLONE flag are
created for slices.  Such subrequests stay in the same location as the parent
request and keep the right slice context.





Previously, slice subrequest location was selected based on request URI.
If request is then redirected to a new location, its context array is cleared,
making the slice module loose current slice range information.  This lead to
broken output.  Now subrequests with the NGX_HTTP_SUBREQUEST_CLONE flag are
created for slices.  Such subrequests stay in the same location as the parent
request and keep the right slice context.







Upstream: proxy_cache_background_update and friends.
2017-02-10T12:13:41+00:00

Roman Arutyunyan
arut@nginx.com

2017-02-10T12:13:41+00:00

3e4339eacd35084afae67826295b29ae7ad73dc5

The directives enable cache updates in subrequests.





The directives enable cache updates in subrequests.