nginx.git/src/stream, branch release-1.21.4 nginx Style: added missing "static" specifiers. 2021-10-21T15:43:13+00:00 Maxim Dounin mdounin@mdounin.ru 2021-10-21T15:43:13+00:00 3ab1b64463cfc1cea5209f159d8fe3797328be51 Mostly found by gcc -Wtraditional, per "non-static declaration of ... follows static declaration [-Wtraditional]" warnings. 
Mostly found by gcc -Wtraditional, per "non-static declaration of ...
follows static declaration [-Wtraditional]" warnings.
Stream: the "ssl_alpn" directive. 2021-10-19T09:19:59+00:00 Vladimir Homutov vl@nginx.com 2021-10-19T09:19:59+00:00 df472eecc043700275ecae2655206163c786f758 The directive sets the server list of supported application protocols and requires one of this protocols to be negotiated if client is using ALPN. 
The directive sets the server list of supported application protocols
and requires one of this protocols to be negotiated if client is using
ALPN.
SSL: added $ssl_alpn_protocol variable. 2021-10-14T08:46:23+00:00 Vladimir Homutov vl@nginx.com 2021-10-14T08:46:23+00:00 a9f4f25b72c39653795dfb4b1f13b55625fb9fbc The variable contains protocol selected by ALPN during handshake and is empty otherwise. 
The variable contains protocol selected by ALPN during handshake and
is empty otherwise.
Stream: added half-close support. 2021-09-22T07:20:00+00:00 Vladimir Homutov vl@nginx.com 2021-09-22T07:20:00+00:00 e56ba23158b8466d108fd4d571bd7d9a88f2a473 The "proxy_half_close" directive enables handling of TCP half close. If enabled, connection to proxied server is kept open until both read ends get EOF. Write end shutdown is properly transmitted via proxy. 
The "proxy_half_close" directive enables handling of TCP half close.  If
enabled, connection to proxied server is kept open until both read ends get
EOF.  Write end shutdown is properly transmitted via proxy.
SSL: ciphers now set before loading certificates (ticket #2035). 2021-08-16T19:40:31+00:00 Maxim Dounin mdounin@mdounin.ru 2021-08-16T19:40:31+00:00 ce5996cdd1b2e150f645efbc337e5a681dbe241c To load old/weak server or client certificates it might be needed to adjust the security level, as introduced in OpenSSL 1.1.0. This change ensures that ciphers are set before loading the certificates, so security level changes via the cipher string apply to certificate loading. 
To load old/weak server or client certificates it might be needed to adjust
the security level, as introduced in OpenSSL 1.1.0.  This change ensures that
ciphers are set before loading the certificates, so security level changes
via the cipher string apply to certificate loading.
Stream: the "fastopen" parameter of the "listen" directive. 2021-05-20T16:59:16+00:00 Ruslan Ermilov ru@nginx.com 2021-05-20T16:59:16+00:00 ecbe06b9fee57207d84be9ac39d1aa10b2d0fbd8 Based on a patch by Anbang Wen. 
Based on a patch by Anbang Wen.
Upstream: variables support in certificates. 2021-05-05T23:22:09+00:00 Maxim Dounin mdounin@mdounin.ru 2021-05-05T23:22:09+00:00 c7de65228f798c3c5391370fcd2d10032aa6eaf8 






Changed complex value slots to use NGX_CONF_UNSET_PTR.
2021-05-05T23:22:03+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-05-05T23:22:03+00:00

4faa84085379346fa1cf322907a1f9b6a7fbd583

With this change, it is now possible to use ngx_conf_merge_ptr_value()
to merge complex values.  This change follows much earlier changes in
ngx_conf_merge_ptr_value() and ngx_conf_set_str_array_slot()
in 1452:cd586e963db0 (0.6.10) and 1701:40d004d95d88 (0.6.22), and the
change in ngx_conf_set_keyval_slot() (7728:485dba3e2a01, 1.19.4).

To preserve compatibility with existing 3rd party modules, both NULL
and NGX_CONF_UNSET_PTR are accepted for now.





With this change, it is now possible to use ngx_conf_merge_ptr_value()
to merge complex values.  This change follows much earlier changes in
ngx_conf_merge_ptr_value() and ngx_conf_set_str_array_slot()
in 1452:cd586e963db0 (0.6.10) and 1701:40d004d95d88 (0.6.22), and the
change in ngx_conf_set_keyval_slot() (7728:485dba3e2a01, 1.19.4).

To preserve compatibility with existing 3rd party modules, both NULL
and NGX_CONF_UNSET_PTR are accepted for now.







SSL: fixed build by Sun C with old OpenSSL versions.
2021-03-05T14:16:13+00:00

Maxim Dounin
mdounin@mdounin.ru

2021-03-05T14:16:13+00:00

797ac536fe2cc0a311a72ddb861784f320991beb

Sun C complains about "statement not reached" if a "return" is followed
by additional statements.





Sun C complains about "statement not reached" if a "return" is followed
by additional statements.







Upstream: excluded down servers from the next_upstream tries.
2020-11-26T21:01:20+00:00

Ruslan Ermilov
ru@nginx.com

2020-11-26T21:01:20+00:00

cfa669151e605410cfb57cc70b0e4023f4777602

Previously, the number of next_upstream tries included servers marked
as "down", resulting in "no live upstreams" with the code 502 instead
of the code derived from an attempt to connect to the last tried "up"
server (ticket #2096).





Previously, the number of next_upstream tries included servers marked
as "down", resulting in "no live upstreams" with the code 502 instead
of the code derived from an attempt to connect to the last tried "up"
server (ticket #2096).