nginx.git/src/http, branch release-1.13.12 nginx Upstream: fixed u->conf->preserve_output (ticket #1519). 2018-04-05T13:56:12+00:00 Maxim Dounin mdounin@mdounin.ru 2018-04-05T13:56:12+00:00 f9e43a31544bb67f24703e1dad91ea51f49c7a16 Previously, ngx_http_upstream_process_header() might be called after we've finished reading response headers and switched to a different read event handler, leading to errors with gRPC proxying. Additionally, the u->conf->read_timeout timer might be re-armed during reading response headers (while this is expected to be a single timeout on reading the whole response header). 
Previously, ngx_http_upstream_process_header() might be called after
we've finished reading response headers and switched to a different read
event handler, leading to errors with gRPC proxying.  Additionally,
the u->conf->read_timeout timer might be re-armed during reading response
headers (while this is expected to be a single timeout on reading
the whole response header).
Upstream: fixed ngx_http_upstream_test_next() conditions. 2018-04-02T23:43:18+00:00 Maxim Dounin mdounin@mdounin.ru 2018-04-02T23:43:18+00:00 d90a75b7cdc70ddb2aa1880dc09301c5f1a279ae Previously, ngx_http_upstream_test_next() used an outdated condition on whether it will be possible to switch to a different server or not. It did not take into account restrictions on non-idempotent requests, requests with non-buffered request body, and the next upstream timeout. For such requests, switching to the next upstream server was rejected later in ngx_http_upstream_next(), resulting in nginx own error page being returned instead of the original upstream response. 
Previously, ngx_http_upstream_test_next() used an outdated condition on
whether it will be possible to switch to a different server or not.  It
did not take into account restrictions on non-idempotent requests, requests
with non-buffered request body, and the next upstream timeout.

For such requests, switching to the next upstream server was rejected
later in ngx_http_upstream_next(), resulting in nginx own error page
being returned instead of the original upstream response.
gRPC: fixed possible sign extension of error and setting_value. 2018-03-22T16:26:25+00:00 Maxim Dounin mdounin@mdounin.ru 2018-03-22T16:26:25+00:00 0ac57648ebc93358e977939bfcb9d1e67485b98e All cases are harmless and should not happen on valid values, though can result in bad values being shown incorrectly in logs. Found by Coverity (CID 1430311, 1430312, 1430313). 
All cases are harmless and should not happen on valid values, though can
result in bad values being shown incorrectly in logs.

Found by Coverity (CID 1430311, 1430312, 1430313).
gRPC: fixed missing state save in frame header parsing. 2018-03-20T12:58:11+00:00 Sergey Kandaurov pluknet@nginx.com 2018-03-20T12:58:11+00:00 e232421266416ed841272847ea307e935852230d Previously, frame state wasn't saved if HEADERS frame payload that begins with header fragment was not received at once. 
Previously, frame state wasn't saved if HEADERS frame payload
that begins with header fragment was not received at once.
HTTP/2: improved frame info debugging. 2018-03-19T18:32:15+00:00 Ruslan Ermilov ru@nginx.com 2018-03-19T18:32:15+00:00 74ea120f7d7445f0874add2c4f40f13de3bd5723 






gRPC: fixed parsing response headers split on CONTINUATION frames.
2018-03-19T13:42:56+00:00

Sergey Kandaurov
pluknet@nginx.com

2018-03-19T13:42:56+00:00

f3ad346952e90c4d5dc34b5da924f1a57deb5165












Fixed checking ngx_tcp_push() and ngx_tcp_nopush() return values.
2018-03-19T13:28:23+00:00

Ruslan Ermilov
ru@nginx.com

2018-03-19T13:28:23+00:00

c09aa142d64c6795a6bed8603a336285e7d3543d

No functional changes.





No functional changes.







Upstream: fixed comments after 13f8dec720b5.
2018-03-19T13:22:09+00:00

Ruslan Ermilov
ru@nginx.com

2018-03-19T13:22:09+00:00

510986b80683e6d44e0e431ae92423eb7be64351

The fields "uri", "location", and "url" from ngx_http_upstream_conf_t
moved to ngx_http_proxy_loc_conf_t and ngx_http_proxy_vars_t, reflect
this change in create_loc_conf comments.





The fields "uri", "location", and "url" from ngx_http_upstream_conf_t
moved to ngx_http_proxy_loc_conf_t and ngx_http_proxy_vars_t, reflect
this change in create_loc_conf comments.







gRPC: special handling of "trailer only" responses.
2018-03-17T20:04:26+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-03-17T20:04:26+00:00

6559a420134b0f52ce2d4f147bdd92269ad5f677

The gRPC protocol makes a distinction between HEADERS frame with
the END_STREAM flag set, and a HEADERS frame followed by an empty
DATA frame with the END_STREAM flag.  The latter is not permitted,
and results in errors not being propagated through nginx.  Instead,
gRPC clients complain that "server closed the stream without sending
trailers" (seen in grpc-go) or "13: Received RST_STREAM with error
code 2" (seen in grpc-c).

To fix this, nginx now returns HEADERS with the END_STREAM flag if
the response length is known to be 0, and we are not expecting
any trailer headers to be added.  And the response length is
explicitly set to 0 in the gRPC proxy if we see initial HEADERS frame
with the END_STREAM flag set.





The gRPC protocol makes a distinction between HEADERS frame with
the END_STREAM flag set, and a HEADERS frame followed by an empty
DATA frame with the END_STREAM flag.  The latter is not permitted,
and results in errors not being propagated through nginx.  Instead,
gRPC clients complain that "server closed the stream without sending
trailers" (seen in grpc-go) or "13: Received RST_STREAM with error
code 2" (seen in grpc-c).

To fix this, nginx now returns HEADERS with the END_STREAM flag if
the response length is known to be 0, and we are not expecting
any trailer headers to be added.  And the response length is
explicitly set to 0 in the gRPC proxy if we see initial HEADERS frame
with the END_STREAM flag set.







gRPC: special handling of the TE request header.
2018-03-17T20:04:25+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-03-17T20:04:25+00:00

6a0d9e5b2d9274e5ac5059a674763f19c2731b11

According to the gRPC protocol specification, the "TE" header is used
to detect incompatible proxies, and at least grpc-c server rejects
requests without "TE: trailers".

To preserve the logic, we have to pass "TE: trailers" to the backend if
and only if the original request contains "trailers" in the "TE" header.
Note that no other TE values are allowed in HTTP/2, so we have to remove
anything else.





According to the gRPC protocol specification, the "TE" header is used
to detect incompatible proxies, and at least grpc-c server rejects
requests without "TE: trailers".

To preserve the logic, we have to pass "TE: trailers" to the backend if
and only if the original request contains "trailers" in the "TE" header.
Note that no other TE values are allowed in HTTP/2, so we have to remove
anything else.