nginx.git/src/http, branch release-1.11.2 nginx Sub filter: eliminate unnecessary buffering. 2016-07-02T12:59:53+00:00 Roman Arutyunyan arut@nginx.com 2016-07-02T12:59:53+00:00 c9dae918fdf370367e2dfd92f3b19853783c9fc9 Previously, when a buffer was processed by the sub filter, its final bytes could be buffered by the filter even if they don't match any pattern. This happened because the Boyer-Moore algorithm, employed by the sub filter since b9447fc457b4 (1.9.4), matches the last characters of patterns prior to checking other characters. If the last character is out of scope, initial bytes of a potential match are buffered until the last character is available. Now, after receiving a flush or recycled buffer, the filter performs additional checks to reduce the number of buffered bytes. The potential match is checked against the initial parts of all patterns. Non-matching bytes are not buffered. This improves processing of a chunked response from upstream by sending the entire chunks without buffering unless a partial match is found at the end of a chunk. 
Previously, when a buffer was processed by the sub filter, its final bytes
could be buffered by the filter even if they don't match any pattern.
This happened because the Boyer-Moore algorithm, employed by the sub filter
since b9447fc457b4 (1.9.4), matches the last characters of patterns prior to
checking other characters.  If the last character is out of scope, initial
bytes of a potential match are buffered until the last character is available.

Now, after receiving a flush or recycled buffer, the filter performs
additional checks to reduce the number of buffered bytes.  The potential match
is checked against the initial parts of all patterns.  Non-matching bytes are
not buffered.  This improves processing of a chunked response from upstream
by sending the entire chunks without buffering unless a partial match is found
at the end of a chunk.
Sub filter: introduced the ngx_http_sub_match() function. 2016-07-02T12:59:52+00:00 Roman Arutyunyan arut@nginx.com 2016-07-02T12:59:52+00:00 ec7015575559f4e54cf3fc542437489ab6741264 No functional changes. 
No functional changes.
HTTP/2: style. 2016-06-22T20:47:54+00:00 Piotr Sikora piotrsikora@google.com 2016-06-22T20:47:54+00:00 e0b0fa6bf55df8c9de0f89dceff0e1b32860a348 Signed-off-by: Piotr Sikora <piotrsikora@google.com> 
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
Upstream: support for port in proxy_bind and friends. 2016-06-20T08:50:43+00:00 Roman Arutyunyan arut@nginx.com 2016-06-20T08:50:43+00:00 8cad1c015f359a15a0c9261862faa23b519befba 






Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.
2016-06-20T08:50:39+00:00

Roman Arutyunyan
arut@nginx.com

2016-06-20T08:50:39+00:00

5b201ac31f968d13f1165e7f29967e5826ccb9a1












SSL: ngx_ssl_ciphers() to set list of ciphers.
2016-06-15T20:05:30+00:00

Tim Taubert
tim@timtaubert.de

2016-06-15T20:05:30+00:00

4f578bfcab740fcfbbb8824822803ad9b3f176cc

This patch moves various OpenSSL-specific function calls into the
OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more
crypto-library-agnostic.





This patch moves various OpenSSL-specific function calls into the
OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more
crypto-library-agnostic.







HTTP/2: fixed the "http request count is zero" alert.
2016-06-16T17:55:11+00:00

Valentin Bartenev
vbart@nginx.com

2016-06-16T17:55:11+00:00

6e38998bacb77b1bcaa16a999a722c0c4f961b8e

When the stream is terminated the HEADERS frame can still wait in the output
queue.  This frame can't be removed and must be sent to the client anyway,
since HTTP/2 uses stateful compression for headers.  So in order to postpone
closing and freeing memory of such stream the special close stream handler
is set to the write event.  After the HEADERS frame is sent the write event
is called and the stream will be finally closed.

Some events like receiving a RST_STREAM can trigger the read handler of such
stream in closing state and cause unexpected processing that can result in
another attempt to finalize the request.  To prevent it the read handler is
now set to ngx_http_empty_handler.

Thanks to Amazon.





When the stream is terminated the HEADERS frame can still wait in the output
queue.  This frame can't be removed and must be sent to the client anyway,
since HTTP/2 uses stateful compression for headers.  So in order to postpone
closing and freeing memory of such stream the special close stream handler
is set to the write event.  After the HEADERS frame is sent the write event
is called and the stream will be finally closed.

Some events like receiving a RST_STREAM can trigger the read handler of such
stream in closing state and cause unexpected processing that can result in
another attempt to finalize the request.  To prevent it the read handler is
now set to ngx_http_empty_handler.

Thanks to Amazon.







HTTP/2: avoid adding Content-Length for requests without body.
2016-06-16T17:55:11+00:00

Valentin Bartenev
vbart@nginx.com

2016-06-16T17:55:11+00:00

bf5f915a019018f914c3f7c59d4a8baf27b93d67

There is no reason to add the "Content-Length: 0" header to a proxied request
without body if the header isn't presented in the original request.

Thanks to Amazon.





There is no reason to add the "Content-Length: 0" header to a proxied request
without body if the header isn't presented in the original request.

Thanks to Amazon.







HTTP/2: prevented double termination of a stream.
2016-06-16T17:55:11+00:00

Valentin Bartenev
vbart@nginx.com

2016-06-16T17:55:11+00:00

cd2085be0c497153f9311f0a1986c6be6a18cff4

According to RFC 7540, an endpoint should not send more than one RST_STREAM
frame for any stream.

Also, now all the data frames will be skipped while termination.





According to RFC 7540, an endpoint should not send more than one RST_STREAM
frame for any stream.

Also, now all the data frames will be skipped while termination.







HTTP/2: fixed a segfault while processing unbuffered upload.
2016-06-16T17:55:11+00:00

Valentin Bartenev
vbart@nginx.com

2016-06-16T17:55:11+00:00

24d9b98900a5318778dcab3f765e85a8bed5d136

The ngx_http_v2_finalize_connection() closes current stream, but that is an
invalid operation while processing unbuffered upload.  This results in access
to already freed memory, since the upstream module sets a cleanup handler that
also finalizes the request.





The ngx_http_v2_finalize_connection() closes current stream, but that is an
invalid operation while processing unbuffered upload.  This results in access
to already freed memory, since the upstream module sets a cleanup handler that
also finalizes the request.