nginx.git/src/http, branch release-1.7.0 nginx Upstream: for ssl name, non-aligned memory allocation is enough. 2014-04-22T14:56:49+00:00 Ruslan Ermilov ru@nginx.com 2014-04-22T14:56:49+00:00 e0e811d60191b5ea79b6fdf0aec3c220ec879f92 






SPDY: avoid sending RST_STREAM on WINDOW_UPDATE with unknown SID.
2014-04-21T15:21:17+00:00

Valentin Bartenev
vbart@nginx.com

2014-04-21T15:21:17+00:00

f79908af6e6e579ec8d1dd10bf54da65cb7bd769

There's a race condition between closing a stream by one endpoint
and sending a WINDOW_UPDATE frame by another.  So it would be better
to just skip such frames for unknown streams, like is already done
for the DATA frames.





There's a race condition between closing a stream by one endpoint
and sending a WINDOW_UPDATE frame by another.  So it would be better
to just skip such frames for unknown streams, like is already done
for the DATA frames.







SPDY: Stream-ID restrictions according to specification.
2014-04-21T14:59:53+00:00

Valentin Bartenev
vbart@nginx.com

2014-04-21T14:59:53+00:00

a57959b6cdc3729bc8e5bc380c6f47399720da6f












Upstream: uwsgi_ssl_name, uwsgi_ssl_verify, and so on.
2014-04-18T16:13:32+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-04-18T16:13:32+00:00

cae1bd3831bab6b14bc7639024fe2cf67624c815

Just a merge of proxy_ssl_name, proxy_ssl_verify commits into uwsgi module,
code is identical.





Just a merge of proxy_ssl_name, proxy_ssl_verify commits into uwsgi module,
code is identical.







Upstream: proxy_ssl_verify and friends.
2014-04-18T16:13:30+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-04-18T16:13:30+00:00

27475dd7ee7eb4ad8474054d44cf468347c3d8b5












Upstream: proxy_ssl_name and proxy_ssl_server_name directives.
2014-04-18T16:13:28+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-04-18T16:13:28+00:00

59ef4a34177d6175f38824a43768937d6f3486fc

These directives allow to switch on Server Name Indication (SNI) while
connecting to upstream servers.

By default, proxy_ssl_server_name is currently off (that is, no SNI) and
proxy_ssl_name is set to a host used in the proxy_pass directive.





These directives allow to switch on Server Name Indication (SNI) while
connecting to upstream servers.

By default, proxy_ssl_server_name is currently off (that is, no SNI) and
proxy_ssl_name is set to a host used in the proxy_pass directive.







Upstream: plugged potential memory leak on reload.
2014-04-18T16:13:24+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-04-18T16:13:24+00:00

93eb94d622093829da4bd4c3e0af16b360e912e4

The SSL_CTX_set_cipher_list() may fail if there are no valid ciphers
specified in proxy_ssl_ciphers / uwsgi_ssl_ciphers, resulting in
SSL context leak.

In theory, ngx_pool_cleanup_add() may fail too, but this case is
intentionally left out for now as it's almost impossible and proper fix
will require changes to http ssl and mail ssl code as well.





The SSL_CTX_set_cipher_list() may fail if there are no valid ciphers
specified in proxy_ssl_ciphers / uwsgi_ssl_ciphers, resulting in
SSL context leak.

In theory, ngx_pool_cleanup_add() may fail too, but this case is
intentionally left out for now as it's almost impossible and proper fix
will require changes to http ssl and mail ssl code as well.







SSL: $ssl_server_name variable.
2014-04-18T16:13:21+00:00

Maxim Dounin
mdounin@mdounin.ru

2014-04-18T16:13:21+00:00

6c9c973aa77b68a9adb1d0814ef5920aaf0ef157












Access log: the "if" parameter of the "access_log" directive.
2014-04-15T17:32:56+00:00

Sergey Kandaurov
pluknet@nginx.com

2014-04-15T17:32:56+00:00

7cf53e11f5189f7d50d68a1ac9d00604d1e16553

The parameter value specifies a condition under which the request is logged.





The parameter value specifies a condition under which the request is logged.







SPDY: fixed typo in log message.
2014-04-16T07:40:42+00:00

Valentin Bartenev
vbart@nginx.com

2014-04-16T07:40:42+00:00

c69cabed1dfb6e375c7e2c47554577812a811694