nginx.git - nginx

Age	Commit message (Collapse)	Author	Files	Lines
2016-07-06	Fixed regex captures handling without PCRE.	Vladimir Homutov	1	-6/+8
	If PCRE is disabled, captures were treated as normal variables in ngx_http_script_compile(), while code calculating flushes array length in ngx_http_compile_complex_value() did not account captures as variables. This could lead to write outside of the array boundary when setting last element to -1. Found with AddressSanitizer.
2016-06-14	Stream: variables in proxy_pass and proxy_ssl_name.	Vladimir Homutov	4	-53/+476

2016-07-12	Stream: split_clients module.	Vladimir Homutov	1	-0/+244

2016-06-30	Stream: geo module.	Vladimir Homutov	1	-0/+1572

2016-07-12	Stream: geoip module.	Vladimir Homutov	1	-0/+814

2016-07-12	Stream: style.	Vladimir Homutov	7	-7/+7

2016-07-07	Stream: resolver.	Vladimir Homutov	2	-0/+63

2016-05-18	Stream: return module.	Roman Arutyunyan	1	-0/+207

2016-06-29	Stream: SSL-related variables.	Vladimir Homutov	1	-1/+114

2016-06-29	Stream: got rid of pseudo variables.	Vladimir Homutov	3	-92/+124
	Stream limit_conn, upstream_hash and proxy modules now use complex values.
2016-06-29	Stream: map module.	Vladimir Homutov	1	-0/+574

2016-06-14	Stream: core module variables.	Vladimir Homutov	1	-0/+350

2016-07-04	Stream: variables and script.	Vladimir Homutov	8	-57/+1845
	This is a port of corresponding http code with unrelated features excluded.
2016-06-15	Stream: added preconfiguration step.	Vladimir Homutov	11	-2/+27

2016-06-27	Style.	Roman Arutyunyan	1	-10/+10

2016-06-22	Style.	Roman Arutyunyan	1	-1/+0

2016-06-22	Stream: use ngx_pcalloc() in ngx_stream_proxy_bind().	Roman Arutyunyan	1	-1/+1

2016-06-20	Stream: support for $remote_port in proxy_bind.	Roman Arutyunyan	1	-9/+20
	The following two types of bind addresses are supported in addition to $remote_addr and address literals: - $remote_addr:$remote_port - [$remote_addr]:$remote_port In both cases client remote address with port is used in upstream socket bind.
2016-06-20	Upstream: support for port in proxy_bind and friends.	Roman Arutyunyan	1	-1/+2

2016-06-20	Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.	Roman Arutyunyan	2	-46/+4

2016-06-15	SSL: ngx_ssl_ciphers() to set list of ciphers.	Tim Taubert	2	-21/+4
	This patch moves various OpenSSL-specific function calls into the OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more crypto-library-agnostic.
2016-05-23	Renamed "u" to "sockaddr" in listen options types.	Maxim Dounin	3	-16/+16

2016-05-23	Introduced the ngx_sockaddr_t type.	Ruslan Ermilov	2	-12/+2
	It's properly aligned and can hold any supported sockaddr.
2016-05-23	Stream: fixed duplicate listen address detection.	Ruslan Ermilov	1	-17/+20
	The 6f8254ae61b8 change inadvertently fixed the duplicate port detection similar to how it was fixed for mail in b2920b517490. It also revealed another issue: the socket type (tcp vs. udp) wasn't taken into account.
2016-05-20	Use ngx_cmp_sockaddr() where appropriate.	Ruslan Ermilov	2	-51/+6

2016-05-19	SSL: support for multiple curves (ticket #885).	Maxim Dounin	1	-1/+1
	OpenSSL 1.0.2+ allows configuring a curve list instead of a single curve previously supported. This allows use of different curves depending on what client supports (as available via the elliptic_curves extension), and also allows use of different curves in an ECDHE key exchange and in the ECDSA certificate. The special value "auto" was introduced (now the default for ssl_ecdh_curve), which means "use an internal list of curves as available in the OpenSSL library used". For versions prior to OpenSSL 1.0.2 it maps to "prime256v1" as previously used. The default in 1.0.2b+ prefers prime256v1 as well (and X25519 in OpenSSL 1.1.0+). As client vs. server preference of curves is controlled by the same option as used for ciphers (SSL_OP_CIPHER_SERVER_PREFERENCE), the ssl_prefer_server_ciphers directive now controls both.
2016-05-19	SSL: support for multiple certificates (ticket #814).	Maxim Dounin	2	-15/+20

2015-12-18	Upstream: the "transparent" parameter of proxy_bind and friends.	Roman Arutyunyan	1	-17/+86
	This parameter lets binding the proxy connection to a non-local address. Upstream will see the connection as coming from that address. When used with $remote_addr, upstream will accept the connection from real client address. Example: proxy_bind $remote_addr transparent;
2016-04-13	Stream: prepared proxy_bind to accept parameters.	Roman Arutyunyan	1	-9/+48

2016-03-31	SSL: RSA_generate_key() is deprecated in OpenSSL 1.1.0.	Maxim Dounin	1	-1/+1
	OpenSSL removed support for all 40 and 56 bit ciphers.
2016-03-31	Fixed logging.	Sergey Kandaurov	1	-2/+2

2016-03-30	Style.	Ruslan Ermilov	2	-2/+2

2016-03-18	Stream: additional logging for UDP.	Vladimir Homutov	2	-5/+10

2016-03-23	Stream: detect port absence in proxy_pass with IP literal.	Roman Arutyunyan	1	-1/+1
	This is a clone of http commit 26c127bab5ef.
2016-01-20	Stream: UDP proxy.	Roman Arutyunyan	6	-30/+159

2016-03-15	Stream: post first read events from client and upstream.	Roman Arutyunyan	1	-12/+10
	The main proxy function ngx_stream_proxy_process() can terminate the stream session. The code, following it, should check its return code to make sure the session still exists. This happens in client and upstream initialization functions. Swapping ngx_stream_proxy_process() call with the code, that follows it, leaves the same problem vice versa. In future ngx_stream_proxy_process() will call ngx_stream_proxy_next_upstream() making it too complicated to know if stream session still exists after this call. Now ngx_stream_proxy_process() is called from posted event handlers in both places with no code following it. The posted event is automatically removed once session is terminated.
2016-02-11	Stream: initialize variable right before using it.	Roman Arutyunyan	1	-2/+2

2016-02-11	Stream: removed useless typedef.	Roman Arutyunyan	1	-3/+0

2016-02-04	Dynamic modules: changed ngx_modules to cycle->modules.	Maxim Dounin	3	-19/+19

2016-02-04	Dynamic modules: moved module-related stuff to separate files.	Maxim Dounin	1	-8/+1

2015-10-06	Stream: delete proxy connection timer after SSL handshake.	Ruslan Ermilov	1	-0/+4
	The timer remained active and could drop active SSL connection.
2015-08-17	Win32: MSVC 2015 compatibility.	Maxim Dounin	2	-7/+6
	Resolved warnings about declarations that hide previous local declarations. Warnings about WSASocketA() being deprecated resolved by explicit use of WSASocketW() instead of WSASocket(). When compiling without IPv6 support, WinSock deprecated warnings are disabled to allow use of gethostbyname().
2015-08-13	Stream: fixed potential error log buffer overrun.	Vladimir Homutov	1	-1/+3
	Found by Duan Jiong <djduanjiong@gmail.com>.
2015-08-12	Style.	Vladimir Homutov	1	-1/+1

2015-08-10	Stream: the "tcp_nodelay" directive.	Vladimir Homutov	4	-2/+52

2015-07-30	Stream: deprecated proxy_downstream_buffer, proxy_upstream_buffer.	Roman Arutyunyan	1	-0/+23
	The directive proxy_buffer_size should be used instead.
2015-07-29	Style.	Roman Arutyunyan	1	-2/+1

2015-07-29	Stream: added proxy_buffer_size to set the size of data buffers.	Roman Arutyunyan	1	-23/+11
	Both download and upload buffers now have the same size. The old directives proxy_downstream_buffer and proxy_upstream_buffer are removed.
2015-07-16	Fixed strict aliasing warnings with old GCC versions.	Ruslan Ermilov	1	-1/+1

2015-07-14	Stream: renamed rate limiting directives.	Roman Arutyunyan	1	-14/+14
	The directive proxy_downstream_limit_rate is now called proxy_upload_rate. The directive proxy_upstream_limit_rate is now called proxy_download_rate.