nginx.git/src/http, branch release-1.19.9 nginx Fixed handling of already closed connections. 2021-03-28T14:45:39+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-28T14:45:39+00:00 179c79ce8afd459acffa50e6dabc60b0b7d9a014 In limit_req, auth_delay, and upstream code to check for broken connections, tests for possible connection close by the client did not work if the connection was already closed when relevant event handler was set. This happened because there were no additional events in case of edge-triggered event methods, and read events were disabled in case of level-triggered ones. Fix is to explicitly post a read event if the c->read->ready flag is set. 
In limit_req, auth_delay, and upstream code to check for broken
connections, tests for possible connection close by the client
did not work if the connection was already closed when relevant
event handler was set.  This happened because there were no additional
events in case of edge-triggered event methods, and read events
were disabled in case of level-triggered ones.

Fix is to explicitly post a read event if the c->read->ready flag
is set.
Upstream: fixed broken connection check with eventport. 2021-03-28T14:45:37+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-28T14:45:37+00:00 8885c45e1ead18c1fc9325e372069ec9c55e5938 For connection close to be reported with eventport on Solaris, ngx_handle_read_event() needs to be called. 
For connection close to be reported with eventport on Solaris,
ngx_handle_read_event() needs to be called.
Upstream: fixed non-buffered proxying with eventport. 2021-03-28T14:45:35+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-28T14:45:35+00:00 9104757a7d9adfced7c77396167e3e68bd11867c For new data to be reported with eventport on Solaris, ngx_handle_read_event() needs to be called after reading response headers. To do so, ngx_http_upstream_process_non_buffered_upstream() now called unconditionally if there are no prepread data. This won't cause any read() syscalls as long as upstream connection is not ready for reading (c->read->ready is not set), but will result in proper handling of all events. 
For new data to be reported with eventport on Solaris,
ngx_handle_read_event() needs to be called after reading response
headers.  To do so, ngx_http_upstream_process_non_buffered_upstream()
now called unconditionally if there are no prepread data.  This
won't cause any read() syscalls as long as upstream connection
is not ready for reading (c->read->ready is not set), but will result
in proper handling of all events.
HTTP/2: improved handling of "keepalive_timeout 0". 2021-03-25T22:44:57+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-25T22:44:57+00:00 1f5271cd61a102514070c0d22ce5001cf0a70d61 Without explicit handling, a zero timer was actually added, leading to multiple unneeded syscalls. Further, sending GOAWAY frame early might be beneficial for clients. Reported by Sergey Kandaurov. 
Without explicit handling, a zero timer was actually added, leading to
multiple unneeded syscalls.  Further, sending GOAWAY frame early might
be beneficial for clients.

Reported by Sergey Kandaurov.
Cancel keepalive and lingering close on EOF better (ticket #2145). 2021-03-24T11:03:33+00:00 Sergey Kandaurov pluknet@nginx.com 2021-03-24T11:03:33+00:00 cc73d7688c315dc624282abdbbba7aec82aabad5 Unlike in 75e908236701, which added the logic to ngx_http_finalize_request(), this change moves it to a more generic routine ngx_http_finalize_connection() to cover cases when a request is finalized with NGX_DONE. In particular, this fixes unwanted connection transition into the keepalive state after receiving EOF while discarding request body. With edge-triggered event methods that means the connection will last for extra seconds as set in the keepalive_timeout directive. 
Unlike in 75e908236701, which added the logic to ngx_http_finalize_request(),
this change moves it to a more generic routine ngx_http_finalize_connection()
to cover cases when a request is finalized with NGX_DONE.

In particular, this fixes unwanted connection transition into the keepalive
state after receiving EOF while discarding request body.  With edge-triggered
event methods that means the connection will last for extra seconds as set in
the keepalive_timeout directive.
gRPC: fixed handling of padding on DATA frames. 2021-03-23T13:52:23+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-23T13:52:23+00:00 11477fb633ddaf299f9be01f43aac322056d98dc The response size check introduced in 39501ce97e29 did not take into account possible padding on DATA frames, resulting in incorrect "upstream sent response body larger than indicated content length" errors if upstream server used padding in responses with known length. Fix is to check the actual size of response buffers produced by the code, similarly to how it is done in other protocols, instead of checking the size of DATA frames. Reported at: http://mailman.nginx.org/pipermail/nginx-devel/2021-March/013907.html 
The response size check introduced in 39501ce97e29 did not take into
account possible padding on DATA frames, resulting in incorrect
"upstream sent response body larger than indicated content length" errors
if upstream server used padding in responses with known length.

Fix is to check the actual size of response buffers produced by the code,
similarly to how it is done in other protocols, instead of checking
the size of DATA frames.

Reported at:
http://mailman.nginx.org/pipermail/nginx-devel/2021-March/013907.html
SSL: fixed build by Sun C with old OpenSSL versions. 2021-03-05T14:16:13+00:00 Maxim Dounin mdounin@mdounin.ru 2021-03-05T14:16:13+00:00 797ac536fe2cc0a311a72ddb861784f320991beb Sun C complains about "statement not reached" if a "return" is followed by additional statements. 
Sun C complains about "statement not reached" if a "return" is followed
by additional statements.
Proxy: variables support in "proxy_cookie_flags" flags. 2021-03-01T21:58:24+00:00 Ruslan Ermilov ru@nginx.com 2021-03-01T21:58:24+00:00 a38a8438b8116d4f3674ea8a0cb194a8fb3f5622 






HTTP/2: client_header_timeout before first request (ticket #2142).
2021-03-01T14:31:28+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-03-01T14:31:28+00:00

0f5d0c5798eacb60407bcf0a76fc0b2c39e356bb

With this change, behaviour of HTTP/2 becomes even closer to HTTP/1.x,
and client_header_timeout instead of keepalive_timeout is used before
the first request is received.

This fixes HTTP/2 connections being closed even before the first request
if "keepalive_timeout 0;" was used in the configuration; the problem
appeared in f790816a0e87 (1.19.7).





With this change, behaviour of HTTP/2 becomes even closer to HTTP/1.x,
and client_header_timeout instead of keepalive_timeout is used before
the first request is received.

This fixes HTTP/2 connections being closed even before the first request
if "keepalive_timeout 0;" was used in the configuration; the problem
appeared in f790816a0e87 (1.19.7).







HTTP/2: removed http2_max_field_size and http2_max_header_size.
2021-02-11T18:52:26+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-02-11T18:52:26+00:00

51fea093e4374dbd857dc437ff9588060ef56471

Instead, size of one large_client_header_buffers buffer and all large
client header buffers are used.





Instead, size of one large_client_header_buffers buffer and all large
client header buffers are used.