nginx.git/src/http, branch release-1.17.5 nginx Fixed header parsing with ignore_invalid_headers switched off. 2019-10-15T11:46:10+00:00 Ruslan Ermilov ru@nginx.com 2019-10-15T11:46:10+00:00 3c84e4b70584b78e6a34a3233465cfa99d26b107 The parsing was broken when the first character of the header name was invalid. Based on a patch by Alan Kemp. 
The parsing was broken when the first character of the header name was invalid.

Based on a patch by Alan Kemp.
Fixed URI normalization with merge_slashes switched off. 2019-10-08T18:56:14+00:00 Maxim Dounin mdounin@mdounin.ru 2019-10-08T18:56:14+00:00 85137dd2a639bea7424f742cdebd9773ce7a2081 Previously, "/foo///../bar" was normalized into "/foo/bar" instead of "/foo//bar". 
Previously, "/foo///../bar" was normalized into "/foo/bar"
instead of "/foo//bar".
The "/." and "/.." at the end of URI should be normalized. 2019-10-08T18:56:14+00:00 Ruslan Ermilov ru@nginx.com 2019-10-08T18:56:14+00:00 ed42131da63a106f91e5f8416a9add3720850827 






Improved detection of broken percent encoding in URI.
2019-10-08T18:56:14+00:00

Ruslan Ermilov
ru@nginx.com

2019-10-08T18:56:14+00:00

2ac24f1c88b7cd85ee7e9b189fc524fae74e78af












HTTP/2: fixed worker_shutdown_timeout.
2019-09-23T12:45:36+00:00

Ruslan Ermilov
ru@nginx.com

2019-09-23T12:45:36+00:00

6052881a987fc5cd39c8666a9b39ddfeadc895ee












HTTP/2: fixed possible alert about left open socket on shutdown.
2019-09-23T12:45:32+00:00

Ruslan Ermilov
ru@nginx.com

2019-09-23T12:45:32+00:00

f878492af35224a4ade84f6f6c15aca2892d3821

This could happen when graceful shutdown configured by worker_shutdown_timeout
times out and is then followed by another timeout such as proxy_read_timeout.
In this case, the HEADERS frame is added to the output queue, but attempt to
send it fails (due to c->error forcibly set during graceful shutdown timeout).
This triggers request finalization which attempts to close the stream.  But the
stream cannot be closed because there is a frame in the output queue, and the
connection cannot be finalized.  This leaves the connection open without any
timer events leading to alert.

The fix is to post write event when sending output queue fails on c->error.
That will finalize the connection.





This could happen when graceful shutdown configured by worker_shutdown_timeout
times out and is then followed by another timeout such as proxy_read_timeout.
In this case, the HEADERS frame is added to the output queue, but attempt to
send it fails (due to c->error forcibly set during graceful shutdown timeout).
This triggers request finalization which attempts to close the stream.  But the
stream cannot be closed because there is a frame in the output queue, and the
connection cannot be finalized.  This leaves the connection open without any
timer events leading to alert.

The fix is to post write event when sending output queue fails on c->error.
That will finalize the connection.







HTTP/2: traffic-based flood detection.
2019-09-18T17:28:12+00:00

Maxim Dounin
mdounin@mdounin.ru

2019-09-18T17:28:12+00:00

af0e284b967d0ecff1abcdce6558ed4635e3e757

With this patch, all traffic over an HTTP/2 connection is counted in
the h2c->total_bytes field, and payload traffic is counted in
the h2c->payload_bytes field.  As long as total traffic is many times
larger than payload traffic, we consider this to be a flood.





With this patch, all traffic over an HTTP/2 connection is counted in
the h2c->total_bytes field, and payload traffic is counted in
the h2c->payload_bytes field.  As long as total traffic is many times
larger than payload traffic, we consider this to be a flood.







HTTP/2: switched back to RST_STREAM with NO_ERROR.
2019-09-18T17:28:09+00:00

Maxim Dounin
mdounin@mdounin.ru

2019-09-18T17:28:09+00:00

4d4201fafd46bb97c29a9c86733331d8e7479f54

In 8df664ebe037, we've switched to maximizing stream window instead
of sending RST_STREAM.  Since then handling of RST_STREAM with NO_ERROR
was fixed at least in Chrome, hence we switch back to using RST_STREAM.

This allows more effective rejecting of large bodies, and also minimizes
non-payload traffic to be accounted in the next patch.





In 8df664ebe037, we've switched to maximizing stream window instead
of sending RST_STREAM.  Since then handling of RST_STREAM with NO_ERROR
was fixed at least in Chrome, hence we switch back to using RST_STREAM.

This allows more effective rejecting of large bodies, and also minimizes
non-payload traffic to be accounted in the next patch.







SSL: fixed ssl_verify_client error message.
2019-09-16T16:26:42+00:00

Sergey Kandaurov
pluknet@nginx.com

2019-09-16T16:26:42+00:00

555dc61b543bb1fbc50f45b58a422f519d7065ce












HTTP/2: close connection on zero WINDOW_UPDATE.
2019-09-10T12:33:38+00:00

Ruslan Ermilov
ru@nginx.com

2019-09-10T12:33:38+00:00

c3f8098712d16e17a6577e203a8c0dc76331a1ee

Don't waste server resources by sending RST_STREAM frames.  Instead,
reject WINDOW_UPDATE frames with invalid zero increment by closing
connection with PROTOCOL_ERROR.





Don't waste server resources by sending RST_STREAM frames.  Instead,
reject WINDOW_UPDATE frames with invalid zero increment by closing
connection with PROTOCOL_ERROR.