nginx.git - nginx

Age	Commit message (Collapse)	Author	Files	Lines
2016-09-08	Stream: increase default value for proxy_protocol_timeout to 30s.	Dmitry Volyntsev	1	-1/+1

2016-09-01	Stream: realip module.	Dmitry Volyntsev	3	-0/+352

2016-09-06	Stream: allow using the session context inside handlers.	Dmitry Volyntsev	1	-21/+16
	Previously, it was not possible to use the stream context inside ngx_stream_init_connection() handlers. Now, limit_conn, access handlers, as well as those added later, can create their own contexts.
2016-09-06	Stream: $proxy_protocol_addr and $proxy_protocol_port.	Dmitry Volyntsev	1	-0/+50

2016-09-06	Stream: the "proxy_protocol" parameter of the "listen" directive.	Dmitry Volyntsev	4	-1/+122

2016-09-06	Stream: postpone session initialization under accept mutex.	Dmitry Volyntsev	2	-3/+42
	Previously, it was possible that some system calls could be invoked while holding the accept mutex. This is clearly wrong as it prevents incoming connections from being accepted as quickly as possible.
2016-09-05	Stream: log module.	Vladimir Homutov	5	-0/+1554

2016-09-02	Stream: upstream response time variables.	Vladimir Homutov	3	-0/+103
	The $upstream_connect_time, $upstream_first_byte_time and $upstream_session_time variables keep corresponding times.
2016-09-02	Stream: $upstream_bytes_sent and $upstream_bytes_received.	Vladimir Homutov	3	-2/+78

2016-09-02	Stream: the $upstream_addr variable.	Vladimir Homutov	4	-2/+116
	Keeps the full address of the upstream server. If several servers were contacted during proxying, their addresses are separated by commas, e.g. "192.168.1.1:80, 192.168.1.2:80".
2016-08-11	Stream: the $status variable.	Roman Arutyunyan	5	-57/+112
	The stream session status is one of the following: 200 - normal completion 403 - access forbidden 500 - internal server error 502 - bad gateway 503 - limit conn
2016-08-26	Stream: the $protocol variable.	Vladimir Homutov	1	-0/+19
	The variable keeps protocol used by the client, "TCP" or "UDP".
2016-08-26	Stream: the $session_time variable.	Vladimir Homutov	3	-0/+41
	The variable keeps time spent on processing the stream session.
2016-08-26	Stream: the $bytes_received variable.	Vladimir Homutov	1	-4/+13
	The variable keeps the number of bytes received from the client.
2016-08-23	Geo: fixed warnings when removing nonexistent ranges.	Ruslan Ermilov	1	-7/+3
	geo $geo { ranges; 10.0.0.0-10.0.0.255 test; delete 10.0.1.0-10.0.1.255; # should warn delete 10.0.0.0-10.0.0.255; delete 10.0.0.0-10.0.0.255; # should warn }
2016-08-23	Geo: fixed insertion of ranges specified in descending order.	Ruslan Ermilov	1	-3/+8

2016-08-23	Geo: fixed removing a range in certain cases.	Ruslan Ermilov	1	-1/+1
	If the range includes two or more /16 networks and does not start at the /16 boundary, the last subrange was not removed (see 91cff7f97a50 for details).
2016-08-23	Geo: fixed overflow when iterating over ranges.	Ruslan Ermilov	1	-2/+10

2016-08-17	Ensure "listen" exists in a mail or stream server (ticket #1049).	Roman Arutyunyan	2	-0/+13

2016-08-18	Fixed wrong type of the "line" field.	Roman Arutyunyan	1	-1/+1
	The new type ngx_uint_t was supposed when formatting the line number.
2016-08-18	Geo: fixed access to already freed memory.	Valentin Bartenev	1	-1/+6
	Previously, in "ranges" mode when all added ranges were deleted, the ctx.high.low[i] was left pointing to a temporary array.
2016-07-26	Stream: fixed build without stream_ssl_module (ticket #1032).	Vladimir Homutov	1	-2/+2

2016-07-06	Fixed regex captures handling without PCRE.	Vladimir Homutov	1	-6/+8
	If PCRE is disabled, captures were treated as normal variables in ngx_http_script_compile(), while code calculating flushes array length in ngx_http_compile_complex_value() did not account captures as variables. This could lead to write outside of the array boundary when setting last element to -1. Found with AddressSanitizer.
2016-06-14	Stream: variables in proxy_pass and proxy_ssl_name.	Vladimir Homutov	4	-53/+476

2016-07-12	Stream: split_clients module.	Vladimir Homutov	1	-0/+244

2016-06-30	Stream: geo module.	Vladimir Homutov	1	-0/+1572

2016-07-12	Stream: geoip module.	Vladimir Homutov	1	-0/+814

2016-07-12	Stream: style.	Vladimir Homutov	7	-7/+7

2016-07-07	Stream: resolver.	Vladimir Homutov	2	-0/+63

2016-05-18	Stream: return module.	Roman Arutyunyan	1	-0/+207

2016-06-29	Stream: SSL-related variables.	Vladimir Homutov	1	-1/+114

2016-06-29	Stream: got rid of pseudo variables.	Vladimir Homutov	3	-92/+124
	Stream limit_conn, upstream_hash and proxy modules now use complex values.
2016-06-29	Stream: map module.	Vladimir Homutov	1	-0/+574

2016-06-14	Stream: core module variables.	Vladimir Homutov	1	-0/+350

2016-07-04	Stream: variables and script.	Vladimir Homutov	8	-57/+1845
	This is a port of corresponding http code with unrelated features excluded.
2016-06-15	Stream: added preconfiguration step.	Vladimir Homutov	11	-2/+27

2016-06-27	Style.	Roman Arutyunyan	1	-10/+10

2016-06-22	Style.	Roman Arutyunyan	1	-1/+0

2016-06-22	Stream: use ngx_pcalloc() in ngx_stream_proxy_bind().	Roman Arutyunyan	1	-1/+1

2016-06-20	Stream: support for $remote_port in proxy_bind.	Roman Arutyunyan	1	-9/+20
	The following two types of bind addresses are supported in addition to $remote_addr and address literals: - $remote_addr:$remote_port - [$remote_addr]:$remote_port In both cases client remote address with port is used in upstream socket bind.
2016-06-20	Upstream: support for port in proxy_bind and friends.	Roman Arutyunyan	1	-1/+2

2016-06-20	Introduced ngx_inet_get_port() and ngx_inet_set_port() functions.	Roman Arutyunyan	2	-46/+4

2016-06-15	SSL: ngx_ssl_ciphers() to set list of ciphers.	Tim Taubert	2	-21/+4
	This patch moves various OpenSSL-specific function calls into the OpenSSL module and introduces ngx_ssl_ciphers() to make nginx more crypto-library-agnostic.
2016-05-23	Renamed "u" to "sockaddr" in listen options types.	Maxim Dounin	3	-16/+16

2016-05-23	Introduced the ngx_sockaddr_t type.	Ruslan Ermilov	2	-12/+2
	It's properly aligned and can hold any supported sockaddr.
2016-05-23	Stream: fixed duplicate listen address detection.	Ruslan Ermilov	1	-17/+20
	The 6f8254ae61b8 change inadvertently fixed the duplicate port detection similar to how it was fixed for mail in b2920b517490. It also revealed another issue: the socket type (tcp vs. udp) wasn't taken into account.
2016-05-20	Use ngx_cmp_sockaddr() where appropriate.	Ruslan Ermilov	2	-51/+6

2016-05-19	SSL: support for multiple curves (ticket #885).	Maxim Dounin	1	-1/+1
	OpenSSL 1.0.2+ allows configuring a curve list instead of a single curve previously supported. This allows use of different curves depending on what client supports (as available via the elliptic_curves extension), and also allows use of different curves in an ECDHE key exchange and in the ECDSA certificate. The special value "auto" was introduced (now the default for ssl_ecdh_curve), which means "use an internal list of curves as available in the OpenSSL library used". For versions prior to OpenSSL 1.0.2 it maps to "prime256v1" as previously used. The default in 1.0.2b+ prefers prime256v1 as well (and X25519 in OpenSSL 1.1.0+). As client vs. server preference of curves is controlled by the same option as used for ciphers (SSL_OP_CIPHER_SERVER_PREFERENCE), the ssl_prefer_server_ciphers directive now controls both.
2016-05-19	SSL: support for multiple certificates (ticket #814).	Maxim Dounin	2	-15/+20

2015-12-18	Upstream: the "transparent" parameter of proxy_bind and friends.	Roman Arutyunyan	1	-17/+86
	This parameter lets binding the proxy connection to a non-local address. Upstream will see the connection as coming from that address. When used with $remote_addr, upstream will accept the connection from real client address. Example: proxy_bind $remote_addr transparent;