nginx.git/src/stream, branch release-1.13.3 nginx Style: changed checks of ngx_ssl_create_connection() to != NGX_OK. 2017-05-29T13:34:35+00:00 Maxim Dounin mdounin@mdounin.ru 2017-05-29T13:34:35+00:00 0514e14a8bbd8e5977712c892b53aa471a91fcb5 In http these checks were changed in a6d6d762c554, though mail module was missed at that time. Since then, the stream module was introduced based on mail, using "== NGX_ERROR" check. 
In http these checks were changed in a6d6d762c554, though mail module
was missed at that time.  Since then, the stream module was introduced
based on mail, using "== NGX_ERROR" check.
SSL: set TCP_NODELAY on SSL connections before handshake. 2017-05-29T13:34:29+00:00 Maxim Dounin mdounin@mdounin.ru 2017-05-29T13:34:29+00:00 2db69fed2c200a4f4017e82bc9239f22dfac846f With OpenSSL 1.1.0+, the workaround for handshake buffer size as introduced in a720f0b0e083 (ticket #413) no longer works, as OpenSSL no longer exposes handshake buffers, see https://github.com/openssl/openssl/commit/2e7dc7cd688. Moreover, it is no longer possible to adjust handshake buffers at all now. To avoid additional RTT if handshake uses more than 4k we now set TCP_NODELAY on SSL connections before handshake. While this still results in sub-optimal network utilization due to incomplete packets being sent, it seems to be better than nothing. 
With OpenSSL 1.1.0+, the workaround for handshake buffer size as introduced
in a720f0b0e083 (ticket #413) no longer works, as OpenSSL no longer exposes
handshake buffers, see https://github.com/openssl/openssl/commit/2e7dc7cd688.
Moreover, it is no longer possible to adjust handshake buffers at all now.

To avoid additional RTT if handshake uses more than 4k we now set TCP_NODELAY
on SSL connections before handshake.  While this still results in sub-optimal
network utilization due to incomplete packets being sent, it seems to be
better than nothing.
Introduced ngx_tcp_nodelay(). 2017-05-26T19:52:48+00:00 Ruslan Ermilov ru@nginx.com 2017-05-26T19:52:48+00:00 b66c18d2d50c53b063cd14a2c3e4c8ff8b1b22a5 






Realip: allow hostnames in set_real_ip_from (ticket #1180).
2017-05-15T14:17:01+00:00

Ruslan Ermilov
ru@nginx.com

2017-05-15T14:17:01+00:00

a464d07f0a3fd8afd37ce7135e7c678e3604a30c












Access: simplified rule parser code.
2017-05-15T14:16:32+00:00

Ruslan Ermilov
ru@nginx.com

2017-05-15T14:16:32+00:00

b313bc4bd3a61fe8bf9fccbf14ef75ddbd25160b












SSL: added support for TLSv1.3 in ssl_protocols directive.
2017-04-18T12:12:38+00:00

Sergey Kandaurov
pluknet@nginx.com

2017-04-18T12:12:38+00:00

9a37eb3a62130473596e0e4c2e388d80bdb14956

Support for the TLSv1.3 protocol will be introduced in OpenSSL 1.1.1.





Support for the TLSv1.3 protocol will be introduced in OpenSSL 1.1.1.







Stream: configurable socket buffer sizes.
2017-04-03T14:29:19+00:00

Vladimir Homutov
vl@nginx.com

2017-04-03T14:29:19+00:00

9f7b5576735d1a711acfc62af45088a54c786d27

The "rcvbuf" and "sndbuf" parameters are now supported by
the "listen" directive.





The "rcvbuf" and "sndbuf" parameters are now supported by
the "listen" directive.







Fixed ngx_open_cached_file() error handling.
2017-03-28T11:21:38+00:00

Sergey Kandaurov
pluknet@nginx.com

2017-03-28T11:21:38+00:00

9ad18e43ac2c9956399018cbb998337943988333

If of.err is 0, it means that there was a memory allocation error
and no further logging and/or processing is needed.  The of.failed
string can be only accessed if of.err is not 0.





If of.err is 0, it means that there was a memory allocation error
and no further logging and/or processing is needed.  The of.failed
string can be only accessed if of.err is not 0.







Unified error messages about duplicate directives.
2017-03-22T19:49:52+00:00

Ruslan Ermilov
ru@nginx.com

2017-03-22T19:49:52+00:00

abc9d62b03d92129c86f36f068d368e81f89db4e












Access log: removed dead ev->timedout check in flush timer handler.
2017-03-07T15:51:12+00:00

Maxim Dounin
mdounin@mdounin.ru

2017-03-07T15:51:12+00:00

c1d8318d3112a2752971d76fc15d1fca8557691d

The ev->timedout flag is set on first timer expiration, and never reset
after it.  Due to this the code to stop the timer when the timer was
canceled never worked (except in a very specific time frame immediately
after start), and the timer was always armed again.  This essentially
resulted in a buffer flush at the end of an event loop iteration.

This behaviour actually seems to be better than just stopping the flush
timer for the whole shutdown, so it is preserved as is instead of fixing
the code to actually remove the timer.  It will be further improved by
upcoming changes to preserve cancelable timers if there are other timers
blocking shutdown.





The ev->timedout flag is set on first timer expiration, and never reset
after it.  Due to this the code to stop the timer when the timer was
canceled never worked (except in a very specific time frame immediately
after start), and the timer was always armed again.  This essentially
resulted in a buffer flush at the end of an event loop iteration.

This behaviour actually seems to be better than just stopping the flush
timer for the whole shutdown, so it is preserved as is instead of fixing
the code to actually remove the timer.  It will be further improved by
upcoming changes to preserve cancelable timers if there are other timers
blocking shutdown.