| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
This fixes inconsistency in what is stored in the "host" field.
Normally it would contain the "host" part of the parsed URL
(e.g., proxy_pass with variables), but for the case of an
implicit upstream specified with literal address it contained
the text representation of the socket address (that is, host
including port for IP).
Now the "host" field always contains the "host" part of the URL,
while the text representation of the socket address is stored
in the newly added "name" field.
The ngx_http_upstream_create_round_robin_peer() function was
modified accordingly in a way to be compatible with the code
that does not know about the new "name" field.
The "stream" code was similarly modified except for not adding
compatibility in ngx_stream_upstream_create_round_robin_peer().
This change is also a prerequisite for the next change.
|
|
The first condition added in d3454e719bbb should have just replaced
the second one.
|
|
BoringSSL changed SSL_set_tlsext_host_name() to be a real function
with a (const char *) argument, so it now triggers a warning due to
conversion from (u_char *). Added an explicit cast to silence the
warning.
Prodded by Piotr Sikora, Alessandro Ghedini.
|
|
External structures are now identical regardless of stream SSL module
compiled in or not.
|
|
Made sure to set the variable length only after successful SNI parsing.
|
|
Removed NGX_HAVE_REUSEPORT from the signature accordingly.
|
|
The IPV6_V6ONLY macro is now checked only while parsing appropriate flag
and when using the macro.
The ipv6only field in listen structures is always initialized to 1,
even if not supported on a given platform. This is expected to prevent
a module compiled without IPV6_V6ONLY from accidentally creating dual
sockets if loaded into main binary with proper IPV6_V6ONLY support.
|
|
When enabled, some structures are padded to be size compatible
with their NGINX Plus versions.
|
|
It is to be used as a bitmask with various bits set/reset when appropriate.
Any bit set means that the peer should not be used, that is, exactly what
current checks do, no additional changes required.
|
|
It is to be used to track version of an upstream configuration used for
request processing.
|
|
|
|
|
|
|
|
Explicitly initialized peer's max_conns for upstreams created with
variables similar to how it's done in http.
|
|
|
|
Its usefulness it questionable, and it interacts badly with max_conns.
|
|
It holds upstream{} block configuration, including ones selected via
run-time lookup using variables.
|
|
|
|
|
|
All the errors that prevent loading configuration must be printed on the "emerg"
log level. Previously, nginx might silently fail to load configuration in some
cases as the default log level is "error".
|
|
|
|
The ngx_log_debug() macro is internal and should not be used.
|
|
The ssl_preread module extracts information from the SSL Client Hello message
without terminating SSL. Currently, only $ssl_preread_server_name variable
is supported, which contains server name from the SNI extension.
|
|
In this phase, head of a stream is read and analysed before proceeding to the
content phase. Amount of data read is controlled by the module implementing
the phase, but not more than defined by the "preread_buffer_size" directive.
The time spent on processing preread is controlled by the "preread_timeout"
directive.
The typical preread phase module will parse the beginning of a stream and set
variable that may be used by the content phase, for example to make routing
decision.
|
|
|
|
|
|
|
|
|
|
Previously, it was not possible to use the stream context
inside ngx_stream_init_connection() handlers. Now, limit_conn,
access handlers, as well as those added later, can create
their own contexts.
|
|
|
|
|
|
Previously, it was possible that some system calls could be
invoked while holding the accept mutex. This is clearly
wrong as it prevents incoming connections from being accepted
as quickly as possible.
|
|
|
|
The $upstream_connect_time, $upstream_first_byte_time and
$upstream_session_time variables keep corresponding times.
|
|
|
|
Keeps the full address of the upstream server. If several servers were
contacted during proxying, their addresses are separated by commas,
e.g. "192.168.1.1:80, 192.168.1.2:80".
|
|
The stream session status is one of the following:
200 - normal completion
403 - access forbidden
500 - internal server error
502 - bad gateway
503 - limit conn
|
|
The variable keeps protocol used by the client, "TCP" or "UDP".
|
|
The variable keeps time spent on processing the stream session.
|
|
The variable keeps the number of bytes received from the client.
|
|
geo $geo {
ranges;
10.0.0.0-10.0.0.255 test;
delete 10.0.1.0-10.0.1.255; # should warn
delete 10.0.0.0-10.0.0.255;
delete 10.0.0.0-10.0.0.255; # should warn
}
|
|
|
|
If the range includes two or more /16 networks and does
not start at the /16 boundary, the last subrange was not
removed (see 91cff7f97a50 for details).
|
|
|
|
|
|
The new type ngx_uint_t was supposed when formatting the line number.
|
|
Previously, in "ranges" mode when all added ranges were deleted,
the ctx.high.low[i] was left pointing to a temporary array.
|
|
|
|
If PCRE is disabled, captures were treated as normal variables in
ngx_http_script_compile(), while code calculating flushes array length in
ngx_http_compile_complex_value() did not account captures as variables.
This could lead to write outside of the array boundary when setting
last element to -1.
Found with AddressSanitizer.
|
|
|
