nginx.git/src/http, branch release-1.19.6 nginx Fixed double close of non-regular files in flv and mp4. 2020-12-11T10:42:07+00:00 Maxim Dounin mdounin@mdounin.ru 2020-12-11T10:42:07+00:00 b138e263959778bb4ba73243106d2c5f98a2c927 With introduction of open_file_cache in 1454:f497ed7682a7, opening a file with ngx_open_cached_file() automatically adds a cleanup handler to close the file. As such, calling ngx_close_file() directly for non-regular files is no longer needed and will result in duplicate close() call. In 1454:f497ed7682a7 ngx_close_file() call for non-regular files was removed in the static module, but wasn't in the flv module. And the resulting incorrect code was later copied to the mp4 module. Fix is to remove the ngx_close_file() call from both modules. Reported by Chris Newton. 
With introduction of open_file_cache in 1454:f497ed7682a7, opening a file
with ngx_open_cached_file() automatically adds a cleanup handler to close
the file.  As such, calling ngx_close_file() directly for non-regular files
is no longer needed and will result in duplicate close() call.

In 1454:f497ed7682a7 ngx_close_file() call for non-regular files was removed
in the static module, but wasn't in the flv module.  And the resulting
incorrect code was later copied to the mp4 module.  Fix is to remove the
ngx_close_file() call from both modules.

Reported by Chris Newton.
Removed extra allocation for r->uri. 2020-12-10T17:09:39+00:00 Maxim Dounin mdounin@mdounin.ru 2020-12-10T17:09:39+00:00 2e94c81b0bf1d8e695d9afd074c79520aa03081a The ngx_http_parse_complex_uri() function cannot make URI longer and does not null-terminate URI, so there is no need to allocate an extra byte. This allocation appears to be a leftover from changes in 461:a88a3e4e158f (0.1.5), where null-termination of r->uri and many other strings was removed. 
The ngx_http_parse_complex_uri() function cannot make URI longer and does
not null-terminate URI, so there is no need to allocate an extra byte.  This
allocation appears to be a leftover from changes in 461:a88a3e4e158f (0.1.5),
where null-termination of r->uri and many other strings was removed.
Fixed parsing of absolute URIs with empty path (ticket #2079). 2020-12-10T17:09:30+00:00 Maxim Dounin mdounin@mdounin.ru 2020-12-10T17:09:30+00:00 ce9971b2b5c14982afede89635508334938ac520 When the request line contains request-target in the absolute-URI form, it can contain path-empty instead of a single slash (see RFC 7230, RFC 3986). Previously, the ngx_http_parse_request_line() function only accepted empty path when there was no query string. With this change, non-empty query is also correctly handled. That is, request line "GET http://example.com?foo HTTP/1.1" is accepted and results in $uri "/" and $args "foo". Note that $request_uri remains "?foo", similarly to how spaces in URIs are handled. Providing "/?foo", similarly to how "/" is provided for "GET http://example.com HTTP/1.1", requires allocation. 
When the request line contains request-target in the absolute-URI form,
it can contain path-empty instead of a single slash (see RFC 7230, RFC 3986).
Previously, the ngx_http_parse_request_line() function only accepted empty
path when there was no query string.

With this change, non-empty query is also correctly handled.  That is,
request line "GET http://example.com?foo HTTP/1.1" is accepted and results
in $uri "/" and $args "foo".

Note that $request_uri remains "?foo", similarly to how spaces in URIs
are handled.  Providing "/?foo", similarly to how "/" is provided for
"GET http://example.com HTTP/1.1", requires allocation.
SSL: fixed SSL shutdown on lingering close. 2020-12-07T22:43:36+00:00 Ruslan Ermilov ru@nginx.com 2020-12-07T22:43:36+00:00 e62a5132ca6ab74f324bf46fe91ee89e1951578c Ensure c->recv is properly reset to ngx_recv if SSL_shutdown() blocks on writing. The bug had appeared in 554c6ae25ffc. 
Ensure c->recv is properly reset to ngx_recv if SSL_shutdown()
blocks on writing.

The bug had appeared in 554c6ae25ffc.
Upstream: excluded down servers from the next_upstream tries. 2020-11-26T21:01:20+00:00 Ruslan Ermilov ru@nginx.com 2020-11-26T21:01:20+00:00 cfa669151e605410cfb57cc70b0e4023f4777602 Previously, the number of next_upstream tries included servers marked as "down", resulting in "no live upstreams" with the code 502 instead of the code derived from an attempt to connect to the last tried "up" server (ticket #2096). 
Previously, the number of next_upstream tries included servers marked
as "down", resulting in "no live upstreams" with the code 502 instead
of the code derived from an attempt to connect to the last tried "up"
server (ticket #2096).
gRPC: RST_STREAM(NO_ERROR) handling after "trailer only" responses. 2020-11-19T02:41:16+00:00 Pavel Pautov p.pautov@f5.com 2020-11-19T02:41:16+00:00 671cbc18409ec726a540b5cfc0f88bbdc5dba2f1 Similarly to the problem fixed in 2096b21fcd10 (ticket #1792), when a "trailer only" gRPC response (that is, a response with the END_STREAM flag in the HEADERS frame) was immediately followed by RST_STREAM(NO_ERROR) in the data preread along with the response header, RST_STREAM wasn't properly skipped and caused "upstream rejected request with error 0" errors. Observed with "unknown service" gRPC errors returned by grpc-go. Fix is to set ctx->done if we are going to parse additional data, so the RST_STREAM(NO_ERROR) is properly skipped. Additionally, now ngx_http_grpc_filter() will complain about frames sent for closed stream if there are any. 
Similarly to the problem fixed in 2096b21fcd10 (ticket #1792),
when a "trailer only" gRPC response (that is, a response with the
END_STREAM flag in the HEADERS frame) was immediately followed by
RST_STREAM(NO_ERROR) in the data preread along with the response
header, RST_STREAM wasn't properly skipped and caused "upstream
rejected request with error 0" errors.
Observed with "unknown service" gRPC errors returned by grpc-go.

Fix is to set ctx->done if we are going to parse additional data,
so the RST_STREAM(NO_ERROR) is properly skipped.  Additionally, now
ngx_http_grpc_filter() will complain about frames sent for closed
stream if there are any.
Request body: removed error assumption (ticket #2058). 2020-11-09T19:41:54+00:00 Maxim Dounin mdounin@mdounin.ru 2020-11-09T19:41:54+00:00 a3b5ccd0566e618635303309dd8592aa4cfd7eaf Before introduction of request body filter in 42d9beeb22db, the only possible return code from the ngx_http_request_body_filter() call without actual buffers was NGX_HTTP_INTERNAL_SERVER_ERROR, and the code in ngx_http_read_client_request_body() hardcoded the only possible error to simplify the code of initial call to set rb->rest. This is no longer true after introduction of request body filters though, as a request body filter might need to return other errors, such as 403. Fix is to preserve the error code actually returned by the call instead of assuming 500. 
Before introduction of request body filter in 42d9beeb22db, the only
possible return code from the ngx_http_request_body_filter() call
without actual buffers was NGX_HTTP_INTERNAL_SERVER_ERROR, and
the code in ngx_http_read_client_request_body() hardcoded the only
possible error to simplify the code of initial call to set rb->rest.

This is no longer true after introduction of request body filters though,
as a request body filter might need to return other errors, such as 403.
Fix is to preserve the error code actually returned by the call
instead of assuming 500.
Request body: improved logging. 2020-11-09T19:40:53+00:00 Maxim Dounin mdounin@mdounin.ru 2020-11-09T19:40:53+00:00 8ed303c055ee003285231b6d781bfe2dd9c0d3d1 Added logging before returning NGX_HTTP_INTERNAL_SERVER_ERROR if there are busy buffers after a request body flush. This should never happen with current code, though bugs can be introduced by 3rd party modules. Make sure debugging will be easy enough. 
Added logging before returning NGX_HTTP_INTERNAL_SERVER_ERROR if there
are busy buffers after a request body flush.  This should never happen
with current code, though bugs can be introduced by 3rd party modules.
Make sure debugging will be easy enough.
SSL: fixed non-working SSL shutdown on lingering close. 2020-11-06T20:44:54+00:00 Ruslan Ermilov ru@nginx.com 2020-11-06T20:44:54+00:00 ad2b9944b012699c225d75e63aeadf61d9ce3367 When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket. 
When doing lingering close, the socket was first shut down for writing,
so SSL shutdown initiated after lingering close was not able to send
the close_notify alerts (ticket #2056).

The fix is to call ngx_ssl_shutdown() before shutting down the socket.
Removed dead code from ngx_http_set_keepalive(). 2020-11-06T20:44:47+00:00 Ruslan Ermilov ru@nginx.com 2020-11-06T20:44:47+00:00 aad0d1bf1cab58a1b1e1499485e63b7a15ab183c The code removed became dead after 98f03cd8d6cc (0.8.14), circa when the request reference counting was introduced. 
The code removed became dead after 98f03cd8d6cc (0.8.14),
circa when the request reference counting was introduced.