nginx.git/src/os, branch release-1.17.0 nginx Fixed portability issues with union sigval. 2019-01-28T14:33:31+00:00 Sergey Kandaurov pluknet@nginx.com 2019-01-28T14:33:31+00:00 f153bcebb52d705fef3b9a1f1a1d1627d19a4cf1 AIO support in nginx was originally developed against FreeBSD versions 4-6, where the sival_ptr field was named as sigval_ptr (seemingly by mistake[1]), which made nginx use the only name available then. The standard-complaint name was restored in 2005 (first appeared in FreeBSD 7.0, 2008), retaining compatibility with previous versions[2][3]. In DragonFly, similar changes were committed in 2009[4], with backward compatibility recently removed[5]. The change switches to the standard name, retaining compatibility with old FreeBSD versions. [1] https://svnweb.freebsd.org/changeset/base/48621 [2] https://svnweb.freebsd.org/changeset/base/152029 [3] https://svnweb.freebsd.org/changeset/base/174003 [4] https://gitweb.dragonflybsd.org/dragonfly.git/commit/3693401 [5] https://gitweb.dragonflybsd.org/dragonfly.git/commit/7875042 
AIO support in nginx was originally developed against FreeBSD versions 4-6,
where the sival_ptr field was named as sigval_ptr (seemingly by mistake[1]),
which made nginx use the only name available then.  The standard-complaint
name was restored in 2005 (first appeared in FreeBSD 7.0, 2008), retaining
compatibility with previous versions[2][3].  In DragonFly, similar changes
were committed in 2009[4], with backward compatibility recently removed[5].

The change switches to the standard name, retaining compatibility with old
FreeBSD versions.

[1] https://svnweb.freebsd.org/changeset/base/48621
[2] https://svnweb.freebsd.org/changeset/base/152029
[3] https://svnweb.freebsd.org/changeset/base/174003
[4] https://gitweb.dragonflybsd.org/dragonfly.git/commit/3693401
[5] https://gitweb.dragonflybsd.org/dragonfly.git/commit/7875042
Win32: added WSAPoll() support. 2019-01-24T18:51:21+00:00 Maxim Dounin mdounin@mdounin.ru 2019-01-24T18:51:21+00:00 40b74475d03603692e2a0f8d8391a2d5062eb718 WSAPoll() is only available with Windows Vista and newer (and only available during compilation if _WIN32_WINNT >= 0x0600). To make sure the code works with Windows XP, we do not redefine _WIN32_WINNT, but instead load WSAPoll() dynamically if it is not available during compilation. Also, sockets are not guaranteed to be small integers on Windows. So an index array is used instead of NGX_USE_FD_EVENT to map events to connections. 
WSAPoll() is only available with Windows Vista and newer (and only
available during compilation if _WIN32_WINNT >= 0x0600).  To make
sure the code works with Windows XP, we do not redefine _WIN32_WINNT,
but instead load WSAPoll() dynamically if it is not available during
compilation.

Also, sockets are not guaranteed to be small integers on Windows.
So an index array is used instead of NGX_USE_FD_EVENT to map
events to connections.
Win32: removed NGX_DIR_MASK concept. 2018-12-24T18:07:05+00:00 Maxim Dounin mdounin@mdounin.ru 2018-12-24T18:07:05+00:00 aa741f87273f2137d9a52080593c5fe6f1d1b0ea Previous interface of ngx_open_dir() assumed that passed directory name has a room for NGX_DIR_MASK at the end (NGX_DIR_MASK_LEN bytes). While all direct users of ngx_dir_open() followed this interface, this also implied similar requirements for indirect uses - in particular, via ngx_walk_tree(). Currently none of ngx_walk_tree() uses provides appropriate space, and fixing this does not look like a right way to go. Instead, ngx_dir_open() interface was changed to not require any additional space and use appropriate allocations instead. 
Previous interface of ngx_open_dir() assumed that passed directory name
has a room for NGX_DIR_MASK at the end (NGX_DIR_MASK_LEN bytes).  While all
direct users of ngx_dir_open() followed this interface, this also implied
similar requirements for indirect uses - in particular, via ngx_walk_tree().

Currently none of ngx_walk_tree() uses provides appropriate space, and
fixing this does not look like a right way to go.  Instead, ngx_dir_open()
interface was changed to not require any additional space and use
appropriate allocations instead.
Fixed NGX_TID_T_FMT format specification for uint64_t. 2018-07-22T01:03:40+00:00 Maxim Dounin mdounin@mdounin.ru 2018-07-22T01:03:40+00:00 5a19c034f3f1870de7c4254d2e1e32749a596112 Previously, "%uA" was used, which corresponds to ngx_atomic_uint_t. Size of ngx_atomic_uint_t can be easily different from uint64_t, leading to undefined results. 
Previously, "%uA" was used, which corresponds to ngx_atomic_uint_t.
Size of ngx_atomic_uint_t can be easily different from uint64_t,
leading to undefined results.
Win32: fixed comment in ngx_gettimeofday() calculations. 2018-05-29T08:47:32+00:00 Ruslan Ermilov ru@nginx.com 2018-05-29T08:47:32+00:00 4271e48911bca21c8b81f2d8971218a6f1692468 






Removed glibc crypt_r() bug workaround (ticket #1469).
2018-05-23T13:38:16+00:00

Maxim Dounin
mdounin@mdounin.ru

2018-05-23T13:38:16+00:00

1ef5c9ce6f03907dad1677d25f108d2bf59a5c15

The bug in question was fixed in glibc 2.3.2 and is no longer expected
to manifest itself on real servers.  On the other hand, the workaround
causes compilation problems on various systems.  Previously, we've
already fixed the code to compile with musl libc (fd6fd02f6a4d), and
now it is broken on Fedora 28 where glibc's crypt library was replaced
by libxcrypt.  So the workaround was removed.





The bug in question was fixed in glibc 2.3.2 and is no longer expected
to manifest itself on real servers.  On the other hand, the workaround
causes compilation problems on various systems.  Previously, we've
already fixed the code to compile with musl libc (fd6fd02f6a4d), and
now it is broken on Fedora 28 where glibc's crypt library was replaced
by libxcrypt.  So the workaround was removed.







Fixed checking ngx_tcp_push() and ngx_tcp_nopush() return values.
2018-03-19T13:28:23+00:00

Ruslan Ermilov
ru@nginx.com

2018-03-19T13:28:23+00:00

c09aa142d64c6795a6bed8603a336285e7d3543d

No functional changes.





No functional changes.







Fixed capabilities version.
2017-12-19T16:00:27+00:00

Roman Arutyunyan
arut@nginx.com

2017-12-19T16:00:27+00:00

ce45ded2a8c1b0c0e601779bcc3e54668a14e271

Previously, capset(2) was called with the 64-bit capabilities version
_LINUX_CAPABILITY_VERSION_3.  With this version Linux kernel expected two
copies of struct __user_cap_data_struct, while only one was submitted.  As a
result, random stack memory was accessed and random capabilities were requested
by the worker.  This sometimes caused capset() errors.  Now the 32-bit version
_LINUX_CAPABILITY_VERSION_1 is used instead.  This is OK since CAP_NET_RAW is
a 32-bit capability (CAP_NET_RAW = 13).





Previously, capset(2) was called with the 64-bit capabilities version
_LINUX_CAPABILITY_VERSION_3.  With this version Linux kernel expected two
copies of struct __user_cap_data_struct, while only one was submitted.  As a
result, random stack memory was accessed and random capabilities were requested
by the worker.  This sometimes caused capset() errors.  Now the 32-bit version
_LINUX_CAPABILITY_VERSION_1 is used instead.  This is OK since CAP_NET_RAW is
a 32-bit capability (CAP_NET_RAW = 13).







Improved the capabilities feature detection.
2017-12-18T18:09:39+00:00

Roman Arutyunyan
arut@nginx.com

2017-12-18T18:09:39+00:00

0e92c213f51bae95605c19dfee843902e7c8a0ad

Previously included file sys/capability.h mentioned in capset(2) man page,
belongs to the libcap-dev package, which may not be installed on some Linux
systems when compiling nginx.  This prevented the capabilities feature from
being detected and compiled on that systems.

Now linux/capability.h system header is included instead.  Since capset()
declaration is located in sys/capability.h, now capset() syscall is defined
explicitly in code using the SYS_capset constant, similarly to other
Linux-specific features in nginx.





Previously included file sys/capability.h mentioned in capset(2) man page,
belongs to the libcap-dev package, which may not be installed on some Linux
systems when compiling nginx.  This prevented the capabilities feature from
being detected and compiled on that systems.

Now linux/capability.h system header is included instead.  Since capset()
declaration is located in sys/capability.h, now capset() syscall is defined
explicitly in code using the SYS_capset constant, similarly to other
Linux-specific features in nginx.







Retain CAP_NET_RAW capability for transparent proxying.
2017-12-13T17:40:53+00:00

Roman Arutyunyan
arut@nginx.com

2017-12-13T17:40:53+00:00

752f66bf7d70fae2bf05fbf5941ff4be52b2b9a5

The capability is retained automatically in unprivileged worker processes after
changing UID if transparent proxying is enabled at least once in nginx
configuration.

The feature is only available in Linux.





The capability is retained automatically in unprivileged worker processes after
changing UID if transparent proxying is enabled at least once in nginx
configuration.

The feature is only available in Linux.