Merge lp:~cyphermox/ubuntu/lucid/nginx/merge_0.7.64-2_lp513099 into lp:ubuntu/lucid/nginx

Proposed by Mathieu Trudel-Lapierre
Status: Merged
Merge reported by: Mathieu Trudel-Lapierre
Merged at revision: not available
Proposed branch: lp:~cyphermox/ubuntu/lucid/nginx/merge_0.7.64-2_lp513099
Merge into: lp:ubuntu/lucid/nginx
Diff against target: 874 lines (+325/-99)
25 files modified
CHANGES (+25/-0)
CHANGES.ru (+25/-0)
debian/changelog (+62/-0)
debian/control (+23/-3)
debian/copyright (+10/-7)
debian/init.d (+1/-1)
debian/nginx.1 (+36/-36)
debian/patches/dlopen.dpatch (+3/-4)
debian/rules (+11/-11)
debian/watch (+0/-9)
src/core/nginx.h (+2/-2)
src/core/ngx_resolver.c (+23/-16)
src/core/ngx_string.c (+31/-0)
src/core/ngx_string.h (+1/-0)
src/event/ngx_event_openssl.c (+40/-0)
src/event/ngx_event_openssl.h (+1/-0)
src/http/modules/ngx_http_gzip_static_module.c (+7/-1)
src/http/modules/ngx_http_map_module.c (+1/-1)
src/http/modules/ngx_http_referer_module.c (+6/-1)
src/http/modules/perl/nginx.pm (+1/-1)
src/http/ngx_http.c (+1/-1)
src/http/ngx_http_core_module.c (+6/-0)
src/http/ngx_http_request.c (+1/-1)
src/mail/ngx_mail_smtp_handler.c (+1/-1)
src/os/unix/ngx_alloc.c (+7/-3)
To merge this branch: bzr merge lp:~cyphermox/ubuntu/lucid/nginx/merge_0.7.64-2_lp513099
Reviewer Review Type Date Requested Status
Registry Administrators Pending
Review via email: mp+18118@code.launchpad.net
To post a comment you must log in.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'CHANGES'
2--- CHANGES 2009-11-30 13:34:00 +0000
3+++ CHANGES 2010-01-27 05:53:13 +0000
4@@ -1,4 +1,29 @@
5
6+Changes with nginx 0.7.64 16 Nov 2009
7+
8+ *) Security: now SSL/TLS renegotiation is disabled.
9+ Thanks to Maxim Dounin.
10+
11+ *) Bugfix: nginx sent gzipped responses to clients those do not support
12+ gzip, if "gzip_static on" and "gzip_vary off"; the bug had appeared
13+ in 0.7.63.
14+
15+ *) Bugfix: if names .domain.tld, .sub.domain.tld, and .domain-some.tld
16+ were defined, then the name .sub.domain.tld was matched by
17+ .domain.tld.
18+
19+ *) Bugfix: segmentation fault and infinite looping in resolver.
20+
21+ *) Bugfix: in resolver.
22+ Thanks to Artem Bokhan.
23+
24+ *) Bugfix: resolver cache poisoning.
25+ Thanks to Matthew Dempsky.
26+
27+ *) Bugfix: memory leak in resolver.
28+ Thanks to Matthew Dempsky.
29+
30+
31 Changes with nginx 0.7.63 26 Oct 2009
32
33 *) Security: now "/../" are disabled in "Destination" request header
34
35=== modified file 'CHANGES.ru'
36--- CHANGES.ru 2009-11-30 13:34:00 +0000
37+++ CHANGES.ru 2010-01-27 05:53:13 +0000
38@@ -1,4 +1,29 @@
39
40+éÚÍÅÎÅÎÉÑ × nginx 0.7.64 16.11.2009
41+
42+ *) âÅÚÏÐÁÓÎÏÓÔØ: ÔÅÐÅÒØ SSL/TLS renegotiation ÚÁÐÒÅÝ£Î.
43+ óÐÁÓÉÂÏ íÁËÓÉÍÕ äÕÎÉÎÕ.
44+
45+ *) éÓÐÒÁ×ÌÅÎÉÅ: nginx ÐÅÒÅÄÁ×ÁÌ ÓÖÁÔÙÅ ÏÔ×ÅÔÙ ËÌÉÅÎÔÁÍ, ÎÅ
46+ ÐÏÄÄÅÒÖÉ×ÁÀÝÉÍ ÓÖÁÔÉÅ, ÐÒÉ ÎÁÓÔÒÏÊËÁÈ gzip_static on É gzip_vary
47+ off; ÏÛÉÂËÁ ÐÏÑ×ÉÌÁÓØ × 0.7.63.
48+
49+ *) éÓÐÒÁ×ÌÅÎÉÅ: ÅÓÌÉ ÂÙÌÉ ÏÐÉÓÁÎÙ ÉÍÅÎÁ .domain.tld, .sub.domain.tld É
50+ .domain-some.tld, ÔÏ ÉÍÑ .sub.domain.tld ÐÏÐÁÄÁÌÏ ÐÏÄ ÍÁÓËÕ
51+ .domain.tld.
52+
53+ *) éÓÐÒÁ×ÌÅÎÉÅ: segmentation fault É ÚÁÃÉËÌÉ×ÁÎÉÑ × resolver'Å.
54+
55+ *) éÓÐÒÁ×ÌÅÎÉÅ: × resolver'Å.
56+ óÐÁÓÉÂÏ áÒÔ£ÍÕ âÏÈÁÎÕ.
57+
58+ *) éÓÐÒÁ×ÌÅÎÉÅ: ÐÏÒÞÉ ËÜÛÁ resolver'Á.
59+ óÐÁÓÉÂÏ Matthew Dempsky.
60+
61+ *) éÓÐÒÁ×ÌÅÎÉÅ: ÕÔÅÞËÉ ÐÁÍÑÔÉ × resolver'Å.
62+ óÐÁÓÉÂÏ Matthew Dempsky.
63+
64+
65 éÚÍÅÎÅÎÉÑ × nginx 0.7.63 26.10.2009
66
67 *) âÅÚÏÐÁÓÎÏÓÔØ: ÔÅÐÅÒØ ÓÉÍ×ÏÌÙ "/../" ÚÁÐÒÅÝÅÎÙ × ÓÔÒÏËÅ "Destination"
68
69=== modified file 'debian/changelog'
70--- debian/changelog 2009-11-30 13:34:00 +0000
71+++ debian/changelog 2010-01-27 05:53:13 +0000
72@@ -1,3 +1,65 @@
73+nginx (0.7.64-2ubuntu1) lucid; urgency=low
74+
75+ * Merge from debian testing (LP: #513099), remaining changes:
76+ - Install html files.
77+ - debian/dirs: Add 'var/www/nginx-default'.
78+ - debian/nginx.install: Add 'html/* var/www/nginx-default'.
79+ - Add a UFW profile set:
80+ + debian/nginx.ufw.profile: Added.
81+ + debian/control: nginx: Suggests ufw.
82+ + debian/dirs: Add 'etc/ufw/applications.d'
83+ + debian/rules: Add install rule for the nginx UFW profile.
84+ * Fixes CVE-2009-3555, as per changelog entry in 0.7.64-1. (LP: #511681)
85+
86+ -- Mathieu Trudel <mathieu-tl@ubuntu.com> Wed, 27 Jan 2010 00:29:44 -0500
87+
88+nginx (0.7.64-2) unstable; urgency=low
89+
90+ [Kartik Mistry]
91+ * debian/rules:
92+ + Used dh_prep instead of dh_clean -k
93+ * debian/control:
94+ + Added ${misc:Depends} in Depends
95+ * Added patch for adding debug package, Thanks to Matthew Palmer
96+ <mpalmer@debian.org> (Closes: #563339)
97+ * debian/copyright:
98+ + Added missing copyright owners for Debian package and fixed year and
99+ licence doesn't point to versionless symlink
100+
101+ [Fabio Tranchitella]
102+ * debian/init.d:
103+ + Added patch from Wouter de Bie to add $DAEMON_OPTS in
104+ test_nginx_config()
105+
106+ -- Kartik Mistry <kartik@debian.org> Sat, 09 Jan 2010 11:15:59 +0530
107+
108+nginx (0.7.64-1) unstable; urgency=medium
109+
110+ [Kartik Mistry]
111+ * Urgency set to medium due to security issue
112+ * New upstream release (Closes: #557602)
113+ + fixes SSL renegotiation vuln CVE-2009-3555 (Closes: #557873)
114+ * debian/nginx.1:
115+ + Corrected homepage entry (Closes: #556617)
116+ + Minor whitespace and empty line cleanups, added SEE ALSO section. Used
117+ .TP instead of .br, Added missing options, and this should
118+ (Closes: #556616)
119+ * debian/copyright:
120+ + Used © instead of deprecated (C) symbol
121+ + Formatted some texts
122+ * debian/control:
123+ + Added myself as uploader
124+ + Wrapped and rearranged Build-Depends for better readability
125+ * debian/patches/dlopen.dpatch:
126+ + Fixed patch name in comment
127+ + Added missing DP comment from changelog
128+ * debian/rules:
129+ + Minor fixes related to formatting of file and whitespaces
130+ * debian/watch:
131+ + Removed comments out of it
132+
133+ -- Kartik Mistry <kartik@debian.org> Fri, 27 Nov 2009 11:10:18 +0530
134+
135 nginx (0.7.63-1ubuntu1) lucid; urgency=low
136
137 * Merge from debian testing (LP: #490450), remaining changes:
138
139=== modified file 'debian/control'
140--- debian/control 2009-10-19 23:22:06 +0000
141+++ debian/control 2010-01-27 05:53:13 +0000
142@@ -3,8 +3,14 @@
143 Priority: optional
144 Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com>
145 XSBC-Original-Maintainer: Jose Parrella <bureado@debian.org>
146-Uploaders: Fabio Tranchitella <kobold@debian.org>
147-Build-Depends: debhelper (>= 5), autotools-dev, libpcre3-dev, zlib1g-dev, libssl-dev, dpatch
148+Uploaders: Fabio Tranchitella <kobold@debian.org>,
149+ Kartik Mistry <kartik@debian.org>
150+Build-Depends: debhelper (>= 7),
151+ dpatch,
152+ autotools-dev,
153+ libssl-dev,
154+ libpcre3-dev,
155+ zlib1g-dev
156 Standards-Version: 3.8.3
157 Homepage: http://nginx.net
158 Vcs-Svn: svn://svn.debian.org/svn/collab-maint/deb-maint/nginx/trunk
159@@ -12,7 +18,7 @@
160
161 Package: nginx
162 Architecture: any
163-Depends: ${shlibs:Depends}, lsb-base (>= 3.2-14)
164+Depends: ${misc:Depends}, ${shlibs:Depends}, lsb-base (>= 3.2-14)
165 Suggests: ufw
166 Provides: httpd
167 Description: small, but very powerful and efficient web server and mail proxy
168@@ -22,3 +28,17 @@
169 reduce load to backend servers by many concurrent HTTP-sessions.
170 .
171 It can also act as a POP3/IMAP mail proxy with SSL and TLS SNI support.
172+
173+Package: nginx-dbg
174+Architecture: any
175+Section: debug
176+Priority: extra
177+Depends: ${misc:Depends}, nginx (= ${binary:Version})
178+Description: Debugging symbols for nginx
179+ Nginx (engine x) is a web server created by Igor Sysoev and kindly provided to
180+ the open-source community. This server can be used as standalone HTTP server
181+ and as a reverse proxy server before some Apache or another big server to
182+ reduce load to backend servers by many concurrent HTTP-sessions.
183+ .
184+ This package provides debugging symbols for nginx, to assist in debugging
185+ issues that you may find. It should not be required for normal operation.
186
187=== modified file 'debian/copyright'
188--- debian/copyright 2006-11-12 18:31:24 +0000
189+++ debian/copyright 2010-01-27 05:53:13 +0000
190@@ -5,9 +5,10 @@
191
192 Upstream Author: Igor Sysoev <igor@sysoev.ru>
193
194-Copyright (C) 2002-2006 Igor Sysoev <igor@sysoev.ru>
195-
196-License:
197+Copyright © 2002-2009 Igor Sysoev <igor@sysoev.ru>
198+
199+License: BSD
200+
201 Redistribution and use in source and binary forms, with or without
202 modification, are permitted under the terms of the BSD License.
203
204@@ -23,8 +24,10 @@
205 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
206 SUCH DAMAGE.
207
208-On Debian systems, the complete text of the BSD License can be
209-found in `/usr/share/common-licenses/BSD'.
210+On Debian systems, the complete text of the BSD License can be found in
211+`/usr/share/common-licenses/BSD'.
212
213-The Debian packaging is (C) 2006, Jose Parrella <joseparrella@cantv.net> and
214-is licensed under the GPL, see `/usr/share/common-licenses/GPL'.
215+The Debian packaging is © 2006-2010, Jose Parrella <joseparrella@cantv.net>,
216+Fabio Tranchitella <kobold@debian.org> and © 2009-2010, Kartik Mistry
217+<kartik@debian.org> and is licensed under the GPL-2 or later, see
218+`/usr/share/common-licenses/GPL-2' and `/usr/share/common-licenses/GPL-3'.
219
220=== modified file 'debian/init.d'
221--- debian/init.d 2009-10-19 23:22:06 +0000
222+++ debian/init.d 2010-01-27 05:53:13 +0000
223@@ -27,7 +27,7 @@
224 . /lib/lsb/init-functions
225
226 test_nginx_config() {
227- if nginx -t
228+ if nginx -t $DAEMON_OPTS
229 then
230 return 0
231 else
232
233=== modified file 'debian/nginx.1'
234--- debian/nginx.1 2006-11-12 18:31:24 +0000
235+++ debian/nginx.1 2010-01-27 05:53:13 +0000
236@@ -1,47 +1,47 @@
237 .TH "nginx" "1" "" "" ""
238 .SH "NAME"
239 nginx \- small, but very powerful and efficient web server
240-.br
241-
242-.br
243 .SH "SYNOPSIS"
244-\fBnginx\fR [options] <configuration file>
245-.br
246-
247-.br
248+\fBnginx\fR [\fIoptions\fR] <\fIconfiguration file\fR>
249 .SH "DESCRIPTION"
250-\fBnginx\fR is a server that can be used as standalone HTTP server and as
251-a reverse proxy server before some Apache or another big server to reduce
252+.PP
253+\fBnginx\fR is a server that can be used as standalone HTTP server and as
254+a reverse proxy server before some Apache or another big server to reduce
255 load to backend servers by many concurrent HTTP\-sessions.
256-.br
257-
258-.br
259 .SH "OPTIONS"
260+.TP
261 A summary of options is included below:
262-.br
263-
264-.br
265-\fB\-c\fR <configuration file>
266+.TP
267+\fB\-?\fR,\fB\-h\fR
268+Show this help.
269+.TP
270+\fB\-v\fR
271+Show version and exit.
272+.TP
273+\fB\-V\fR
274+Show version and configure options then exit.
275+.TP
276+\fB\-s\fR \fIsignal\fR
277+Send signal to a master process: stop, quit, reopen, reload.
278+.TP
279+\fB\-p\fR \fIprefix\fR
280+Set prefix path.
281+.TP
282+\fB\-g\fR \fIdirectives\fR
283+Set global directives out of configuration file.
284+.TP
285+\fB\-c\fR <\fIconfiguration file\fR>
286 Specifies a particular configuration file for nginx to load.
287-.br
288-\fB\-v\fR
289-Show version of program.
290-.br
291+.TP
292 \fB\-t\fR
293-Tests nginx configuration
294-.br
295-.br
296-
297-.br
298-You can find further information about this webserver in http://nginx.net/docs_en.txt.
299-.br
300-
301-.br
302+Tests nginx configuration and exit.
303+.TP
304+.SH "SEE ALSO"
305+Website: <http://nginx.net/>
306+.TP
307 .SH "AUTHORS"
308-\fBnginx\fR was written by Igor Sysoev.
309-.br
310-
311-.br
312-This manual page was written by Jose Parrella <joseparrella@cantv.net>,
313-for the Debian project (but may be used by others).
314-
315+\fBnginx\fR was written by Igor Sysoev <igor@sysoev.ru>.
316+.TP
317+This manual page was written by Jose Parrella <joseparrella@cantv.net> and
318+Kartik Mistry <kartik@debian.org>, for the Debian project (but may be used
319+by others).
320
321=== modified file 'debian/patches/dlopen.dpatch'
322--- debian/patches/dlopen.dpatch 2009-10-15 18:32:00 +0000
323+++ debian/patches/dlopen.dpatch 2010-01-27 05:53:13 +0000
324@@ -1,8 +1,7 @@
325-#! /bin/sh /usr/share/dpatch/dpatch-run
326-## 99-unnamed.dpatch by Fabio Tranchitella <kobold@debian.org>
327+#!/bin/sh /usr/share/dpatch/dpatch-run
328+## dlopen.dpatch by Fabio Tranchitella <kobold@debian.org>
329 ##
330-## All lines beginning with `## DP:' are a description of the patch.
331-## DP: No description.
332+## DP: Patch to remove the unnecesssary link to libdl. (#540599)
333
334 @DPATCH@
335 diff -urN nginx-0.7.62/auto/os/features nginx-0.7.62.debian/auto/os/features
336
337=== modified file 'debian/rules'
338--- debian/rules 2009-10-19 23:22:06 +0000
339+++ debian/rules 2010-01-27 05:53:13 +0000
340@@ -1,5 +1,7 @@
341 #!/usr/bin/make -f
342
343+include /usr/share/dpatch/dpatch.make
344+
345 CFLAGS = -Wall -g
346
347 DEB_BUILD_ARCH ?=$(shell dpkg-architecture -qDEB_BUILD_ARCH)
348@@ -13,8 +15,6 @@
349 CFLAGS += -O2
350 endif
351
352-include /usr/share/dpatch/dpatch.make
353-
354 config.status: patch-stamp
355 dh_testdir
356 ifneq "$(wildcard /usr/share/misc/config.sub)" ""
357@@ -37,11 +37,11 @@
358 --with-http_ssl_module \
359 --with-http_dav_module \
360 --with-http_gzip_static_module \
361- --with-mail \
362- --with-mail_ssl_module \
363+ --with-mail \
364+ --with-mail_ssl_module \
365 --with-ipv6 \
366- --add-module=$(CURDIR)/modules/nginx-upstream-fair \
367- $(CONFIGURE_OPTS)
368+ --add-module=$(CURDIR)/modules/nginx-upstream-fair \
369+ $(CONFIGURE_OPTS)
370
371 build: config.status
372 $(MAKE) build
373@@ -53,7 +53,7 @@
374 clean: unpatch
375 dh_testdir
376 dh_testroot
377- rm -f build-stamp
378+ rm -f build-stamp
379 [ ! -f Makefile ] || $(MAKE) clean
380
381 ifneq "$(wildcard /usr/share/misc/config.sub)" ""
382@@ -62,12 +62,12 @@
383 ifneq "$(wildcard /usr/share/misc/config.guess)" ""
384 rm -f config.guess
385 endif
386- dh_clean
387+ dh_clean
388
389 install:
390 dh_testdir
391 dh_testroot
392- dh_clean -k
393+ dh_prep
394 dh_installdirs
395 dh_install
396
397@@ -84,7 +84,7 @@
398 dh_installman debian/nginx.1
399 dh_installlogrotate
400 dh_link
401- dh_strip
402+ dh_strip --dbg-package=nginx-dbg
403 dh_compress
404 dh_fixperms
405 dh_installdeb
406@@ -95,4 +95,4 @@
407
408 binary: binary-indep binary-arch
409
410-.PHONY: build clean binary-indep binary-arch binary install
411+.PHONY: build clean binary-indep binary-arch binary install
412
413=== modified file 'debian/watch'
414--- debian/watch 2009-05-31 18:38:56 +0000
415+++ debian/watch 2010-01-27 05:53:13 +0000
416@@ -1,11 +1,2 @@
417-# Example watch control file for uscan
418-# Rename this file to "watch" and then you can run the "uscan" command
419-# to check for upstream updates and more.
420-# See uscan(1) for format
421-
422-# Compulsory line, this is a version 3 file
423 version=3
424-
425-# Uncomment to examine a Webpage
426-# <Webpage URL> <string match>
427 http://sysoev.ru/nginx/ nginx-([\.0-9]+)\.tar\.gz
428
429=== modified file 'src/core/nginx.h'
430--- src/core/nginx.h 2009-11-30 13:34:00 +0000
431+++ src/core/nginx.h 2010-01-27 05:53:13 +0000
432@@ -8,8 +8,8 @@
433 #define _NGINX_H_INCLUDED_
434
435
436-#define nginx_version 7063
437-#define NGINX_VERSION "0.7.63"
438+#define nginx_version 7064
439+#define NGINX_VERSION "0.7.64"
440 #define NGINX_VER "nginx/" NGINX_VERSION
441
442 #define NGINX_VAR "NGINX"
443
444=== modified file 'src/core/ngx_resolver.c'
445--- src/core/ngx_resolver.c 2009-10-19 23:22:06 +0000
446+++ src/core/ngx_resolver.c 2010-01-27 05:53:13 +0000
447@@ -464,6 +464,7 @@
448
449 ctx->next = rn->waiting;
450 rn->waiting = ctx;
451+ ctx->state = NGX_AGAIN;
452
453 return NGX_AGAIN;
454 }
455@@ -625,6 +626,7 @@
456
457 ctx->next = rn->waiting;
458 rn->waiting = ctx;
459+ ctx->state = NGX_AGAIN;
460
461 /* unlock addr mutex */
462
463@@ -1149,6 +1151,8 @@
464 goto failed;
465 }
466
467+ ngx_resolver_free(r, name.data);
468+
469 if (code == 0 && nan == 0) {
470 code = 3; /* NXDOMAIN */
471 }
472@@ -1400,6 +1404,8 @@
473
474 /* unlock name mutex */
475
476+ ngx_resolver_free(r, name.data);
477+
478 return;
479 }
480
481@@ -1595,7 +1601,6 @@
482 ngx_resolver_lookup_name(ngx_resolver_t *r, ngx_str_t *name, uint32_t hash)
483 {
484 ngx_int_t rc;
485- size_t len;
486 ngx_rbtree_node_t *node, *sentinel;
487 ngx_resolver_node_t *rn;
488
489@@ -1619,9 +1624,7 @@
490 do {
491 rn = (ngx_resolver_node_t *) node;
492
493- len = (name->len > (size_t) rn->nlen) ? rn->nlen : name->len;
494-
495- rc = ngx_strncmp(name->data, rn->name, len);
496+ rc = ngx_memn2cmp(name->data, rn->name, name->len, rn->nlen);
497
498 if (rc == 0) {
499 return rn;
500@@ -1675,7 +1678,6 @@
501 ngx_resolver_rbtree_insert_value(ngx_rbtree_node_t *temp,
502 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel)
503 {
504- size_t len;
505 ngx_rbtree_node_t **p;
506 ngx_resolver_node_t *rn, *rn_temp;
507
508@@ -1694,10 +1696,8 @@
509 rn = (ngx_resolver_node_t *) node;
510 rn_temp = (ngx_resolver_node_t *) temp;
511
512- len = (rn->nlen > rn_temp->nlen) ? rn_temp->nlen : rn->nlen;
513-
514- p = (ngx_strncmp(rn->name, rn_temp->name, len) < 0)
515- ? &temp->left : &temp->right;
516+ p = (ngx_memn2cmp(rn->name, rn_temp->name, rn->nlen, rn_temp->nlen)
517+ < 0) ? &temp->left : &temp->right;
518 }
519
520 if (*p == sentinel) {
521@@ -1719,15 +1719,16 @@
522 ngx_resolver_create_name_query(ngx_resolver_node_t *rn, ngx_resolver_ctx_t *ctx)
523 {
524 u_char *p, *s;
525- size_t len;
526+ size_t len, nlen;
527 ngx_uint_t ident;
528 ngx_resolver_qs_t *qs;
529 ngx_resolver_query_t *query;
530
531- len = sizeof(ngx_resolver_query_t)
532- + 1 + ctx->name.len + 1 + sizeof(ngx_resolver_qs_t);
533-
534- p = ngx_resolver_calloc(ctx->resolver, len);
535+ nlen = ctx->name.len ? (1 + ctx->name.len + 1) : 1;
536+
537+ len = sizeof(ngx_resolver_query_t) + nlen + sizeof(ngx_resolver_qs_t);
538+
539+ p = ngx_resolver_alloc(ctx->resolver, len);
540 if (p == NULL) {
541 return NGX_ERROR;
542 }
543@@ -1754,7 +1755,7 @@
544 query->nns_hi = 0; query->nns_lo = 0;
545 query->nar_hi = 0; query->nar_lo = 0;
546
547- p += sizeof(ngx_resolver_query_t) + 1 + ctx->name.len + 1;
548+ p += sizeof(ngx_resolver_query_t) + nlen;
549
550 qs = (ngx_resolver_qs_t *) p;
551
552@@ -1808,7 +1809,7 @@
553 + sizeof(".255.255.255.255.in-addr.arpa.") - 1
554 + sizeof(ngx_resolver_qs_t);
555
556- p = ngx_resolver_calloc(ctx->resolver, len);
557+ p = ngx_resolver_alloc(ctx->resolver, len);
558 if (p == NULL) {
559 return NGX_ERROR;
560 }
561@@ -1902,6 +1903,12 @@
562 return NGX_OK;
563 }
564
565+ if (len == -1) {
566+ name->len = 0;
567+ name->data = NULL;
568+ return NGX_OK;
569+ }
570+
571 dst = ngx_resolver_alloc(r, len);
572 if (dst == NULL) {
573 return NGX_ERROR;
574
575=== modified file 'src/core/ngx_string.c'
576--- src/core/ngx_string.c 2009-11-30 13:34:00 +0000
577+++ src/core/ngx_string.c 2010-01-27 05:53:13 +0000
578@@ -820,6 +820,37 @@
579
580
581 ngx_int_t
582+ngx_dns_strcmp(u_char *s1, u_char *s2)
583+{
584+ ngx_uint_t c1, c2;
585+
586+ for ( ;; ) {
587+ c1 = (ngx_uint_t) *s1++;
588+ c2 = (ngx_uint_t) *s2++;
589+
590+ c1 = (c1 >= 'A' && c1 <= 'Z') ? (c1 | 0x20) : c1;
591+ c2 = (c2 >= 'A' && c2 <= 'Z') ? (c2 | 0x20) : c2;
592+
593+ if (c1 == c2) {
594+
595+ if (c1) {
596+ continue;
597+ }
598+
599+ return 0;
600+ }
601+
602+ /* in ASCII '.' > '-', but we need '.' to be the lowest character */
603+
604+ c1 = (c1 == '.') ? ' ' : c1;
605+ c2 = (c2 == '.') ? ' ' : c2;
606+
607+ return c1 - c2;
608+ }
609+}
610+
611+
612+ngx_int_t
613 ngx_atoi(u_char *line, size_t n)
614 {
615 ngx_int_t value;
616
617=== modified file 'src/core/ngx_string.h'
618--- src/core/ngx_string.h 2009-10-19 23:22:06 +0000
619+++ src/core/ngx_string.h 2010-01-27 05:53:13 +0000
620@@ -158,6 +158,7 @@
621 ngx_int_t ngx_rstrncmp(u_char *s1, u_char *s2, size_t n);
622 ngx_int_t ngx_rstrncasecmp(u_char *s1, u_char *s2, size_t n);
623 ngx_int_t ngx_memn2cmp(u_char *s1, u_char *s2, size_t n1, size_t n2);
624+ngx_int_t ngx_dns_strcmp(u_char *s1, u_char *s2);
625
626 ngx_int_t ngx_atoi(u_char *line, size_t n);
627 ssize_t ngx_atosz(u_char *line, size_t n);
628
629=== modified file 'src/event/ngx_event_openssl.c'
630--- src/event/ngx_event_openssl.c 2009-11-30 13:34:00 +0000
631+++ src/event/ngx_event_openssl.c 2010-01-27 05:53:13 +0000
632@@ -15,6 +15,8 @@
633
634
635 static int ngx_http_ssl_verify_callback(int ok, X509_STORE_CTX *x509_store);
636+static void ngx_ssl_info_callback(const ngx_ssl_conn_t *ssl_conn, int where,
637+ int ret);
638 static void ngx_ssl_handshake_handler(ngx_event_t *ev);
639 static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n);
640 static void ngx_ssl_write_handler(ngx_event_t *wev);
641@@ -175,6 +177,8 @@
642
643 SSL_CTX_set_read_ahead(ssl->ctx, 1);
644
645+ SSL_CTX_set_info_callback(ssl->ctx, ngx_ssl_info_callback);
646+
647 return NGX_OK;
648 }
649
650@@ -350,6 +354,22 @@
651 }
652
653
654+static void
655+ngx_ssl_info_callback(const ngx_ssl_conn_t *ssl_conn, int where, int ret)
656+{
657+ ngx_connection_t *c;
658+
659+ if (where & SSL_CB_HANDSHAKE_START) {
660+ c = ngx_ssl_get_connection((ngx_ssl_conn_t *) ssl_conn);
661+
662+ if (c->ssl->handshaked) {
663+ c->ssl->renegotiation = 1;
664+ ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL renegotiation");
665+ }
666+ }
667+}
668+
669+
670 ngx_int_t
671 ngx_ssl_generate_rsa512_key(ngx_ssl_t *ssl)
672 {
673@@ -587,6 +607,11 @@
674 c->recv_chain = ngx_ssl_recv_chain;
675 c->send_chain = ngx_ssl_send_chain;
676
677+ /* initial handshake done, disable renegotiation (CVE-2009-3555) */
678+ if (c->ssl->connection->s3) {
679+ c->ssl->connection->s3->flags |= SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS;
680+ }
681+
682 return NGX_OK;
683 }
684
685@@ -789,6 +814,21 @@
686 int sslerr;
687 ngx_err_t err;
688
689+ if (c->ssl->renegotiation) {
690+ /*
691+ * disable renegotiation (CVE-2009-3555):
692+ * OpenSSL (at least up to 0.9.8l) does not handle disabled
693+ * renegotiation gracefully, so drop connection here
694+ */
695+
696+ ngx_log_error(NGX_LOG_NOTICE, c->log, 0, "SSL renegotiation disabled");
697+
698+ c->ssl->no_wait_shutdown = 1;
699+ c->ssl->no_send_shutdown = 1;
700+
701+ return NGX_ERROR;
702+ }
703+
704 if (n > 0) {
705
706 if (c->ssl->saved_write_handler) {
707
708=== modified file 'src/event/ngx_event_openssl.h'
709--- src/event/ngx_event_openssl.h 2009-11-30 13:34:00 +0000
710+++ src/event/ngx_event_openssl.h 2010-01-27 05:53:13 +0000
711@@ -41,6 +41,7 @@
712 ngx_event_handler_pt saved_write_handler;
713
714 unsigned handshaked:1;
715+ unsigned renegotiation:1;
716 unsigned buffer:1;
717 unsigned no_wait_shutdown:1;
718 unsigned no_send_shutdown:1;
719
720=== modified file 'src/http/modules/ngx_http_gzip_static_module.c'
721--- src/http/modules/ngx_http_gzip_static_module.c 2009-11-30 13:34:00 +0000
722+++ src/http/modules/ngx_http_gzip_static_module.c 2010-01-27 05:53:13 +0000
723@@ -99,9 +99,11 @@
724 return NGX_DECLINED;
725 }
726
727+ rc = ngx_http_gzip_ok(r);
728+
729 clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
730
731- if (clcf->gzip_vary && ngx_http_gzip_ok(r) != NGX_OK) {
732+ if (!clcf->gzip_vary && rc != NGX_OK) {
733 return NGX_DECLINED;
734 }
735
736@@ -162,6 +164,10 @@
737 return NGX_DECLINED;
738 }
739
740+ if (rc != NGX_OK) {
741+ return NGX_DECLINED;
742+ }
743+
744 ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0, "http static fd: %d", of.fd);
745
746 if (of.is_dir) {
747
748=== modified file 'src/http/modules/ngx_http_map_module.c'
749--- src/http/modules/ngx_http_map_module.c 2009-11-30 13:34:00 +0000
750+++ src/http/modules/ngx_http_map_module.c 2010-01-27 05:53:13 +0000
751@@ -337,7 +337,7 @@
752 first = (ngx_hash_key_t *) one;
753 second = (ngx_hash_key_t *) two;
754
755- return ngx_strcmp(first->key.data, second->key.data);
756+ return ngx_dns_strcmp(first->key.data, second->key.data);
757 }
758
759
760
761=== modified file 'src/http/modules/ngx_http_referer_module.c'
762--- src/http/modules/ngx_http_referer_module.c 2009-11-08 09:53:46 +0000
763+++ src/http/modules/ngx_http_referer_module.c 2010-01-27 05:53:13 +0000
764@@ -506,6 +506,11 @@
765 ngx_regex_elt_t *re;
766 u_char errstr[NGX_MAX_CONF_ERRSTR];
767
768+ if (name->len == 1) {
769+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "empty regex in \"%V\"", name);
770+ return NGX_CONF_ERROR;
771+ }
772+
773 if (rlcf->regex == NGX_CONF_UNSET_PTR) {
774 rlcf->regex = ngx_array_create(cf->pool, 2, sizeof(ngx_regex_elt_t));
775 if (rlcf->regex == NULL) {
776@@ -562,5 +567,5 @@
777 first = (ngx_hash_key_t *) one;
778 second = (ngx_hash_key_t *) two;
779
780- return ngx_strcmp(first->key.data, second->key.data);
781+ return ngx_dns_strcmp(first->key.data, second->key.data);
782 }
783
784=== modified file 'src/http/modules/perl/nginx.pm'
785--- src/http/modules/perl/nginx.pm 2009-11-30 13:34:00 +0000
786+++ src/http/modules/perl/nginx.pm 2010-01-27 05:53:13 +0000
787@@ -47,7 +47,7 @@
788 HTTP_INSUFFICIENT_STORAGE
789 );
790
791-our $VERSION = '0.7.63';
792+our $VERSION = '0.7.64';
793
794 require XSLoader;
795 XSLoader::load('nginx', $VERSION);
796
797=== modified file 'src/http/ngx_http.c'
798--- src/http/ngx_http.c 2009-10-19 23:22:06 +0000
799+++ src/http/ngx_http.c 2010-01-27 05:53:13 +0000
800@@ -1601,7 +1601,7 @@
801 first = (ngx_hash_key_t *) one;
802 second = (ngx_hash_key_t *) two;
803
804- return ngx_strcmp(first->key.data, second->key.data);
805+ return ngx_dns_strcmp(first->key.data, second->key.data);
806 }
807
808
809
810=== modified file 'src/http/ngx_http_core_module.c'
811--- src/http/ngx_http_core_module.c 2009-11-30 13:34:00 +0000
812+++ src/http/ngx_http_core_module.c 2010-01-27 05:53:13 +0000
813@@ -3512,6 +3512,12 @@
814 ngx_str_t err;
815 u_char errstr[NGX_MAX_CONF_ERRSTR];
816
817+ if (value[i].len == 1) {
818+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
819+ "empty regex in server name \"%V\"", &value[i]);
820+ return NGX_CONF_ERROR;
821+ }
822+
823 err.len = NGX_MAX_CONF_ERRSTR;
824 err.data = errstr;
825
826
827=== modified file 'src/http/ngx_http_request.c'
828--- src/http/ngx_http_request.c 2009-11-30 13:34:00 +0000
829+++ src/http/ngx_http_request.c 2010-01-27 05:53:13 +0000
830@@ -1658,7 +1658,7 @@
831
832 #if (NGX_PCRE)
833
834- if (r->virtual_names->nregex) {
835+ if (len && r->virtual_names->nregex) {
836 size_t ncaptures;
837 ngx_int_t n;
838 ngx_uint_t i;
839
840=== modified file 'src/mail/ngx_mail_smtp_handler.c'
841--- src/mail/ngx_mail_smtp_handler.c 2009-10-19 23:22:06 +0000
842+++ src/mail/ngx_mail_smtp_handler.c 2010-01-27 05:53:13 +0000
843@@ -191,7 +191,7 @@
844
845 if (ctx->state) {
846 ngx_log_error(NGX_LOG_ERR, c->log, 0,
847- "%V could not be resolved (%i: %s)",
848+ "\"%V\" could not be resolved (%i: %s)",
849 &ctx->name, ctx->state,
850 ngx_resolver_strerror(ctx->state));
851
852
853=== modified file 'src/os/unix/ngx_alloc.c'
854--- src/os/unix/ngx_alloc.c 2007-02-19 10:30:07 +0000
855+++ src/os/unix/ngx_alloc.c 2010-01-27 05:53:13 +0000
856@@ -51,11 +51,15 @@
857 ngx_memalign(size_t alignment, size_t size, ngx_log_t *log)
858 {
859 void *p;
860-
861- if (posix_memalign(&p, alignment, size) == -1) {
862- ngx_log_error(NGX_LOG_EMERG, log, ngx_errno,
863+ int err;
864+
865+ err = posix_memalign(&p, alignment, size);
866+
867+ if (err) {
868+ ngx_log_error(NGX_LOG_EMERG, log, err,
869 "posix_memalign() %uz bytes aligned to %uz failed",
870 size, alignment);
871+ p = NULL;
872 }
873
874 ngx_log_debug2(NGX_LOG_DEBUG_ALLOC, log, 0,

Subscribers

People subscribed via source and target branches