| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
disable SSL renegotiation (CVE-2009-3555)
|
|
fix posix_memalign() error handling
|
|
nginx sent gzipped responses to clients those do not support gzip,
if "gzip_static on" and "gzip_vary off"; the bug had been introduced in r3250
|
|
resolver fixes:
*) fix memory leak in resolver
*) fix resolver cache rbtree comparison
*) fix segfault in resolver:
ngx_resolve_name_done() and ngx_resolve_addr_done() did not delete
contexts from a resolver node waiting list.
*) fix "PTR ." case in address resolver
*) add quotes in an error message,
*) fix resolving an empty name (".")
*) use ngx_resolver_alloc() instead of ngx_resolver_calloc()
since all fields are filled
|
|
server name related merges:
*) If .domain.com, .sub.domain.com, and .domain-some.com were defined,
then .sub.domain.com was matched by .domain.com: wildcard names hash
was built incorrectly due to sorting order issue of "." vs "-".
They were sorted as
com.domain com.domain-some com.domain.sub
while they should be sorted as
com.domain com.domain.sub com.domain-some
for correct hash building
*) test space between "~" and regex in server_name and invalid_referers
*) do not run regex for empty host name since regex always fails in this case,
the bug had been introduced in r2196
|
|
|
|
|
|
|
|
fix building by gcc45
|
|
WebDAV fixes:
*) check unsafe Destination
*) omit '\0' from "Location" header on MKCOL request
|
|
discard request body before returning 413 error,
this fixes custom 413 page redirection bug introduced in r1456
|
|
allow underscore in request method
|
|
gzip related fixes:
*) do not disable gzip for MSIE 6.0 SV1 in "gzip_disable msie6"
*) nginx always sent "Vary: Accept-Encoding",
if both gzip_static and gzip_vary were on
|
|
allow cross device temporary files atomic copying
|
|
cache management fixes:
*) separate cache loader process
*) use real file cache length, this fixes cache size counting for responses
without "Content-Length" header and 304 responses.
|
|
various header fixes:
*) allow to proxy_pass_header/fastcgi_pass_header "X-Accel-Redirect",
"X-Accel-Limit-Rate", "X-Accel-Buffering", and "X-Accel-Charset"
*) fix handling "Last-Modified" and "Accept-Ranges" for upstream responses
*) clear "Accept-Ranges" for SSI responses
|
|
fix variuos segfaults:
*) fix segfault if 400 or 414 errors are handled intricately
*) ngx_http_upstream_create() to cleanup the previous upstream after
internal redirect
|
|
various image filter fixes and features:
*) variables support in image_filter
*) fix transparency in GIF
*) fix alpha-channel transparency in PNG
*) image_filter_transparency
|
|
various SSL fixes and features:
*) $ssl_client_verify
*) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
*) ssl_crl
*) delete OpenSSL pre-0.9.7 compatibility: the sources were not actually
compatible with OpenSSL 0.9.6 since ssl_session_cache introduction
*) fix memory corruption in $ssl_client_cert
*) issue SNI warning instead of failure: this is too common case
*) use ngx_log_error(), since OpenSSL does not set an error on the failure
*) add SNI support in -V output
|
|
geo module supports trusted proxies
|
|
ngx_http_geoip_module
|
|
various limit_req and limit_conn fixes:
*) fix client write event handling in ngx_http_limit_req_module
*) make limit_req to conform to the leaky bucket algorithm
*) limit_req_log_level
*) limit_conn_log_level
|
|
various perl fixes:
*) fix ngx_http_send_special() for subrequests handled by perl
*) allow perl "sub{..."
*) restore environ, this fixes segfault on reconfiguration failure when
perl module creates new environment
*) optimize error handling
*) use ngx_conf_set_str_array_slot() for perl_require
*) allow several perl_modules
|
|
style fixes
|
|
fix various failures handling
|
|
limit_rate_after
|
|
refactor ngx_http_charset_header_filter()
|
|
|
|
|
|
|
|
twice termination delay only after SIGALRM, otherwise many separate SIGCHLD
and SIGIO signals quickly increase delay to the level when SIGKILL is sent
|
|
fix Linux "uname -r" version matching
|
|
process upstream ETag header
|
|
the flags should be bit-wide only
|
|
fix invalid header logging:
*) fix segfault when a header starts with "\rX"
and logging is set to info or debug level
*) use %*s instead of %V
|
|
FastCGI fixes:
*) continue to parse available fastcgi record after a split header,
this fixes the erroneous message "upstream prematurely closed connection
while reading response header from upstream"
*) fix a garbage in a split fastcgi header
*) refactor fastcgi stderr handling
|
|
XSLT filter fixes:
*) preserve XML wellFormed field before freeing memory
*) fix libxml2 error message
|
|
name of file specified in --conf-path was not honored during installation
the bug had been appeared in r1353
|
|
win32 fixes:
*) ngx_http_set_exten() is always successful since 0.3.46
*) skip URI trailing dots under Win32
*) use caseless regex locations on caseless filesystems: MacOSX, Win32, Cygwin
|
|
handle Win32 ReadFile() EOF state in Unix way
|
|
*) $upstream_cache_status
*) clean cache updating state if a response has uncacheable code or
cache prohibitive headers
|
|
|
|
do not test "..." case since it's Win9x family feature only
|
|
|
|
|
|
|
|
|
|
fix segfault if there is error_page 401, proxy_intercept_errors is on
and backend does not return "WWW-Authenticate" header
|
|
ignore ngx_atomic_fetch_add() result
this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
|
