unit.git/docs, branch str-v3 Universal Web Application Server Requiring GNU C11. 2022-11-15T14:50:38+00:00 Alejandro Colomar alx@nginx.com 2022-10-27T23:49:55+00:00 9b2f2e1c3f4890810461482d23740e116412a7bc Suggested-by: Andrew Clayton <a.clayton@nginx.com> Signed-off-by: Alejandro Colomar <alx@nginx.com> 
Suggested-by: Andrew Clayton <a.clayton@nginx.com>
Signed-off-by: Alejandro Colomar <alx@nginx.com>
PHP: allowed to specify URLs without a trailing '/'. 2022-11-02T14:22:39+00:00 Andrew Clayton a.clayton@nginx.com 2022-09-16T13:38:53+00:00 a03274456b54cbc39e220b9dd73c3fc3fb935e46 Both @lucatacconi & @mwoodpatrick reported what appears to be the same issue on GitHub. Namely that when using the PHP language module and trying to access a URL that is a directory but without specifying the trailing '/', they were getting a '503 Service Unavailable' error. Note: This is when _not_ using the 'script' option. E.g with the following config { "listeners": { "[::1]:8080": { "pass": "applications/php" } }, "applications": { "php": { "type": "php", "root": "/var/tmp/unit-php" } } } and with a directory path of /var/tmp/unit-php/foo containing an index.php, you would see the following $ curl http://localhost/foo <title>Error 503</title> Error 503 However $ curl http://localhost/foo/ would work and serve up the index.php This commit fixes the above so you get the desired behaviour without specifying the trailing '/' by doing the following 1] If the URL doesn't end in .php and doesn't have a trailing '/' then check if the requested path is a directory. 2) If it is a directory then create a 301 re-direct pointing to it. This matches the behaviour of the likes of nginx, Apache and lighttpd. This also matches the behaviour of the "share" action in Unit. This doesn't effect the behaviour of the 'script' option which bypasses the nxt_php_dynamic_request() function. This also adds a couple of tests to test/test_php_application.py to ensure this continues to work. Closes: <https://github.com/nginx/unit/issues/717> Closes: <https://github.com/nginx/unit/issues/753> Signed-off-by: Andrew Clayton <a.clayton@nginx.com> 
Both @lucatacconi & @mwoodpatrick reported what appears to be the same
issue on GitHub. Namely that when using the PHP language module and
trying to access a URL that is a directory but without specifying the
trailing '/', they were getting a '503 Service Unavailable' error.

Note: This is when _not_ using the 'script' option.

E.g with the following config

  {
      "listeners": {
          "[::1]:8080": {
              "pass": "applications/php"
          }
      },

      "applications": {
          "php": {
              "type": "php",
              "root": "/var/tmp/unit-php"
          }
      }
  }

and with a directory path of /var/tmp/unit-php/foo containing an
index.php, you would see the following

  $ curl http://localhost/foo
  <title>Error 503</title>
  Error 503

However

  $ curl http://localhost/foo/

would work and serve up the index.php

This commit fixes the above so you get the desired behaviour without
specifying the trailing '/' by doing the following

  1] If the URL doesn't end in .php and doesn't have a trailing '/'
     then check if the requested path is a directory.

  2) If it is a directory then create a 301 re-direct pointing to it.
     This matches the behaviour of the likes of nginx, Apache and
     lighttpd.

     This also matches the behaviour of the "share" action in Unit.

This doesn't effect the behaviour of the 'script' option which bypasses
the nxt_php_dynamic_request() function.

This also adds a couple of tests to test/test_php_application.py to
ensure this continues to work.

Closes: <https://github.com/nginx/unit/issues/717>
Closes: <https://github.com/nginx/unit/issues/753>
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
TLS: Using ERR_get_error_all() with OpenSSL 3. 2022-10-21T09:48:08+00:00 Remi Collet remi@remirepo.net 2021-11-18T16:47:39+00:00 e096f19d47e45803d12a9c60ee51f79d2613281c Link: <https://www.openssl.org/docs/man3.0/man7/migration_guide.html> Cc: Andy Postnikov <apostnikov@gmail.com> Cc: Andrew Clayton <a.clayton@nginx.com> Signed-off-by: Remi Collet <remi@remirepo.net> Signed-off-by: Alejandro Colomar <alx@nginx.com> 
Link: <https://www.openssl.org/docs/man3.0/man7/migration_guide.html>
Cc: Andy Postnikov <apostnikov@gmail.com>
Cc: Andrew Clayton <a.clayton@nginx.com>
Signed-off-by: Remi Collet <remi@remirepo.net>
Signed-off-by: Alejandro Colomar <alx@nginx.com>
Preferring system crypto policy. 2022-10-20T14:25:15+00:00 Remi Collet remi@remirepo.net 2019-01-16T07:38:53+00:00 93d24bb1144bebedb79bec8745c42aa0dc778aef If we don't call SSL_CTX_set_cipher_list(), then it uses the system's default. Link: <https://fedoraproject.org/wiki/Changes/CryptoPolicy> Link: <https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/> Link: <https://www.redhat.com/en/blog/consistent-security-crypto-policies-red-hat-enterprise-linux-8> Signed-off-by: Remi Collet <remi@remirepo.net> Acked-by: Andrei Belov <defan@nginx.com> [ alx: add changelog and tweak commit message ] Signed-off-by: Alejandro Colomar <alx@nginx.com> 
If we don't call SSL_CTX_set_cipher_list(), then it uses the
system's default.

Link: <https://fedoraproject.org/wiki/Changes/CryptoPolicy>
Link: <https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies/>
Link: <https://www.redhat.com/en/blog/consistent-security-crypto-policies-red-hat-enterprise-linux-8>
Signed-off-by: Remi Collet <remi@remirepo.net>
Acked-by: Andrei Belov <defan@nginx.com>
[ alx: add changelog and tweak commit message ]
Signed-off-by: Alejandro Colomar <alx@nginx.com>
Configuration: added the regex status in configure summary. 2022-10-20T04:02:27+00:00 Zhidao HONG z.hong@f5.com 2022-10-20T04:02:27+00:00 bbf1f4da0fe19c51253400a2cef58b8bac28fb25 






Configuration: stopped automatic migration to the "share" behavior.
2022-10-14T06:00:02+00:00

Zhidao HONG
z.hong@f5.com

2022-10-14T06:00:02+00:00

c03ebf7ffec285c040450a1882687d762c7b1b4f

This commit removed the $uri auto-append for the "share" option
introduced in rev be6409cdb028.

The main reason is that it causes problems when preparing Unit configurations
to be loaded at startup from the state directory. E.g. Docker. A valid conf.json
file with $uri references will end up with $uri$uri due to the auto-append.





This commit removed the $uri auto-append for the "share" option
introduced in rev be6409cdb028.

The main reason is that it causes problems when preparing Unit configurations
to be loaded at startup from the state directory. E.g. Docker. A valid conf.json
file with $uri references will end up with $uri$uri due to the auto-append.







PHP: Fixed php_module_startup() call for PHP 8.2.
2022-10-19T10:59:49+00:00

Remi Collet
remi@remirepo.net

2022-06-02T14:16:35+00:00

48b6a7b311272896be9212e170fcee8d1da25e79

PHP 8.2 changed the prototype of the function, removing the last
parameter.

Signed-off-by: Remi Collet <remi@remirepo.net>
Cc: Timo Stark <t.stark@nginx.com>
Cc: George Peter Banyard <girgias@php.net>
Tested-by: Andy Postnikov <apostnikov@gmail.com>
Acked-by: Andy Postnikov <apostnikov@gmail.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
Signed-off-by: Alejandro Colomar <alx@nginx.com>





PHP 8.2 changed the prototype of the function, removing the last
parameter.

Signed-off-by: Remi Collet <remi@remirepo.net>
Cc: Timo Stark <t.stark@nginx.com>
Cc: George Peter Banyard <girgias@php.net>
Tested-by: Andy Postnikov <apostnikov@gmail.com>
Acked-by: Andy Postnikov <apostnikov@gmail.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
Signed-off-by: Alejandro Colomar <alx@nginx.com>







Added missing error checking in the C API.
2022-10-14T12:43:04+00:00

Alex Colomar
a.colomar@f5.com

2022-09-10T16:00:27+00:00

f2213dbd1b51838ec6b59073d9d071a75def7858

pthread_mutex_init(3) may fail for several reasons, and failing to
check will cause Undefined Behavior when those errors happen.  Add
missing checks, and correctly deinitialize previously created
stuff before exiting from the API.

Signed-off-by: Alejandro Colomar <alx@nginx.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
Reviewed-by: Zhidao HONG <z.hong@f5.com>





pthread_mutex_init(3) may fail for several reasons, and failing to
check will cause Undefined Behavior when those errors happen.  Add
missing checks, and correctly deinitialize previously created
stuff before exiting from the API.

Signed-off-by: Alejandro Colomar <alx@nginx.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
Reviewed-by: Zhidao HONG <z.hong@f5.com>







HTTP: added a $request_time variable.
2022-10-12T00:21:02+00:00

Zhidao HONG
z.hong@f5.com

2022-10-12T00:21:02+00:00

7aa6b0629897235684961dfb9aa16e226efa27e6












Ruby: added support for rack V3.
2022-10-04T18:33:11+00:00

Zhidao HONG
z.hong@f5.com

2022-09-28T14:51:55+00:00

dc9f592d6e7123d57924146dcbf1be80366bc98b

Ruby applications would fail to start if they were using rack v3

  2022/09/28 15:48:46 [alert] 0#80912 [unit] Ruby: Failed to parse rack script
  2022/09/28 15:48:46 [notice] 80911#80911 app process 80912 exited with code 1

This was due to a change in the rack API

Rack V2

  def self.load_file(path, opts = Server::Options.new)
    ...
    cfgfile.sub!(/^__END__\n.*\Z/m, '')
    app = new_from_string cfgfile, path

    return app, options
  end

Rack V3

  def self.load_file(path)
    ...

    return new_from_string(config, path)
  end

This patch handles _both_ the above APIs by correctly handling the cases
where we do and don't get an array returned from
nxt_ruby_rack_parse_script().

Closes: <https://github.com/nginx/unit/issues/755>
Tested-by: Andrew Clayton <a.clayton@nginx.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
[ Andrew: Patch by Zhidao, commit message by me with input from Zhidao ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>





Ruby applications would fail to start if they were using rack v3

  2022/09/28 15:48:46 [alert] 0#80912 [unit] Ruby: Failed to parse rack script
  2022/09/28 15:48:46 [notice] 80911#80911 app process 80912 exited with code 1

This was due to a change in the rack API

Rack V2

  def self.load_file(path, opts = Server::Options.new)
    ...
    cfgfile.sub!(/^__END__\n.*\Z/m, '')
    app = new_from_string cfgfile, path

    return app, options
  end

Rack V3

  def self.load_file(path)
    ...

    return new_from_string(config, path)
  end

This patch handles _both_ the above APIs by correctly handling the cases
where we do and don't get an array returned from
nxt_ruby_rack_parse_script().

Closes: <https://github.com/nginx/unit/issues/755>
Tested-by: Andrew Clayton <a.clayton@nginx.com>
Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
[ Andrew: Patch by Zhidao, commit message by me with input from Zhidao ]
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>