Ubuntu
nginx package

Merge ~paelzer/ubuntu/+source/nginx:lp-1874831-nchan-bump-lp-1893753-lua-FOCAL into ubuntu/+source/nginx:ubuntu/focal-devel

Git
lp:~paelzer/ubuntu/+source/nginx
lp-1874831-nchan-bump-lp-1893753-lua-FOCAL
Merge into ubuntu/focal-devel

Proposed by Christian Ehrhardt  on 2021-10-07

Status:

Work in progress

Proposed branch:

~paelzer/ubuntu/+source/nginx:lp-1874831-nchan-bump-lp-1893753-lua-FOCAL

Merge into:

ubuntu/+source/nginx:ubuntu/focal-devel

Diff against target:

70937 lines (+38657/-9478)

312 files modified

debian/changelog (+9/-0)
debian/modules/control (+2/-1)
debian/modules/http-lua/README.markdown (+271/-95)
debian/modules/http-lua/config (+45/-0)
debian/modules/http-lua/doc/HttpLuaModule.wiki (+256/-87)
debian/modules/http-lua/src/api/ngx_http_lua_api.h (+8/-1)
debian/modules/http-lua/src/ngx_http_lua_accessby.c (+3/-1)
debian/modules/http-lua/src/ngx_http_lua_api.c (+1/-1)
debian/modules/http-lua/src/ngx_http_lua_args.c (+8/-3)
debian/modules/http-lua/src/ngx_http_lua_balancer.c (+6/-1)
debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.c (+23/-27)
debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.h (+1/-1)
debian/modules/http-lua/src/ngx_http_lua_cache.c (+19/-4)
debian/modules/http-lua/src/ngx_http_lua_clfactory.c (+63/-22)
debian/modules/http-lua/src/ngx_http_lua_common.h (+52/-9)
debian/modules/http-lua/src/ngx_http_lua_consts.c (+3/-0)
debian/modules/http-lua/src/ngx_http_lua_contentby.c (+2/-0)
debian/modules/http-lua/src/ngx_http_lua_control.c (+4/-1)
debian/modules/http-lua/src/ngx_http_lua_coroutine.c (+17/-1)
debian/modules/http-lua/src/ngx_http_lua_directive.c (+45/-17)
debian/modules/http-lua/src/ngx_http_lua_exception.h (+3/-3)
debian/modules/http-lua/src/ngx_http_lua_headerfilterby.c (+2/-1)
debian/modules/http-lua/src/ngx_http_lua_headers.c (+72/-90)
debian/modules/http-lua/src/ngx_http_lua_headers_in.c (+9/-1)
debian/modules/http-lua/src/ngx_http_lua_headers_out.c (+15/-5)
debian/modules/http-lua/src/ngx_http_lua_headers_out.h (+3/-3)
debian/modules/http-lua/src/ngx_http_lua_initworkerby.c (+45/-3)
debian/modules/http-lua/src/ngx_http_lua_input_filters.c (+137/-0)
debian/modules/http-lua/src/ngx_http_lua_input_filters.h (+29/-0)
debian/modules/http-lua/src/ngx_http_lua_log.c (+23/-0)
debian/modules/http-lua/src/ngx_http_lua_logby.c (+2/-1)
debian/modules/http-lua/src/ngx_http_lua_misc.c (+27/-0)
debian/modules/http-lua/src/ngx_http_lua_module.c (+59/-0)
debian/modules/http-lua/src/ngx_http_lua_ndk.c (+41/-0)
debian/modules/http-lua/src/ngx_http_lua_phase.c (+18/-0)
debian/modules/http-lua/src/ngx_http_lua_pipe.c (+2475/-0)
debian/modules/http-lua/src/ngx_http_lua_pipe.h (+95/-0)
debian/modules/http-lua/src/ngx_http_lua_probe.h (+2/-1)
debian/modules/http-lua/src/ngx_http_lua_regex.c (+8/-4)
debian/modules/http-lua/src/ngx_http_lua_req_method.c (+4/-3)
debian/modules/http-lua/src/ngx_http_lua_rewriteby.c (+13/-3)
debian/modules/http-lua/src/ngx_http_lua_script.c (+2/-2)
debian/modules/http-lua/src/ngx_http_lua_setby.c (+15/-19)
debian/modules/http-lua/src/ngx_http_lua_setby.h (+1/-1)
debian/modules/http-lua/src/ngx_http_lua_shdict.c (+37/-26)
debian/modules/http-lua/src/ngx_http_lua_socket_tcp.c (+1311/-578)
debian/modules/http-lua/src/ngx_http_lua_socket_tcp.h (+26/-3)
debian/modules/http-lua/src/ngx_http_lua_socket_udp.c (+50/-6)
debian/modules/http-lua/src/ngx_http_lua_ssl_certby.c (+78/-13)
debian/modules/http-lua/src/ngx_http_lua_ssl_ocsp.c (+4/-0)
debian/modules/http-lua/src/ngx_http_lua_ssl_session_fetchby.c (+19/-4)
debian/modules/http-lua/src/ngx_http_lua_ssl_session_fetchby.h (+5/-1)
debian/modules/http-lua/src/ngx_http_lua_ssl_session_storeby.c (+19/-3)
debian/modules/http-lua/src/ngx_http_lua_string.c (+14/-0)
debian/modules/http-lua/src/ngx_http_lua_subrequest.c (+14/-0)
debian/modules/http-lua/src/ngx_http_lua_time.c (+71/-0)
debian/modules/http-lua/src/ngx_http_lua_timer.c (+39/-5)
debian/modules/http-lua/src/ngx_http_lua_uthread.c (+2/-1)
debian/modules/http-lua/src/ngx_http_lua_util.c (+163/-19)
debian/modules/http-lua/src/ngx_http_lua_util.h (+62/-12)
debian/modules/http-lua/src/ngx_http_lua_variable.c (+22/-13)
debian/modules/http-lua/src/ngx_http_lua_worker.c (+26/-0)
debian/modules/http-lua/t/.gitignore (+2/-0)
debian/modules/http-lua/t/000--init.t (+0/-5)
debian/modules/http-lua/t/001-set.t (+15/-8)
debian/modules/http-lua/t/002-content.t (+19/-19)
debian/modules/http-lua/t/004-require.t (+6/-6)
debian/modules/http-lua/t/005-exit.t (+1/-1)
debian/modules/http-lua/t/009-log.t (+9/-3)
debian/modules/http-lua/t/011-md5_bin.t (+1/-1)
debian/modules/http-lua/t/013-base64.t (+1/-1)
debian/modules/http-lua/t/014-bugs.t (+25/-24)
debian/modules/http-lua/t/016-resp-header.t (+541/-87)
debian/modules/http-lua/t/017-exec.t (+2/-2)
debian/modules/http-lua/t/020-subrequest.t (+72/-68)
debian/modules/http-lua/t/022-redirect.t (+52/-1)
debian/modules/http-lua/t/023-rewrite/client-abort.t (+3/-3)
debian/modules/http-lua/t/023-rewrite/exec.t (+2/-2)
debian/modules/http-lua/t/023-rewrite/mixed.t (+2/-2)
debian/modules/http-lua/t/023-rewrite/multi-capture.t (+1/-1)
debian/modules/http-lua/t/023-rewrite/redirect.t (+40/-0)
debian/modules/http-lua/t/023-rewrite/req-socket.t (+3/-3)
debian/modules/http-lua/t/023-rewrite/sanity.t (+14/-14)
debian/modules/http-lua/t/023-rewrite/socket-keepalive.t (+6/-6)
debian/modules/http-lua/t/023-rewrite/subrequest.t (+21/-21)
debian/modules/http-lua/t/023-rewrite/tcp-socket-timeout.t (+6/-6)
debian/modules/http-lua/t/023-rewrite/tcp-socket.t (+16/-16)
debian/modules/http-lua/t/023-rewrite/uthread-exec.t (+6/-6)
debian/modules/http-lua/t/023-rewrite/uthread-exit.t (+20/-20)
debian/modules/http-lua/t/023-rewrite/uthread-redirect.t (+2/-2)
debian/modules/http-lua/t/023-rewrite/uthread-spawn.t (+33/-29)
debian/modules/http-lua/t/024-access/client-abort.t (+3/-3)
debian/modules/http-lua/t/024-access/exec.t (+1/-1)
debian/modules/http-lua/t/024-access/mixed.t (+5/-5)
debian/modules/http-lua/t/024-access/multi-capture.t (+1/-1)
debian/modules/http-lua/t/024-access/sanity.t (+15/-15)
debian/modules/http-lua/t/024-access/subrequest.t (+21/-21)
debian/modules/http-lua/t/024-access/uthread-exec.t (+6/-6)
debian/modules/http-lua/t/024-access/uthread-exit.t (+19/-19)
debian/modules/http-lua/t/024-access/uthread-redirect.t (+2/-2)
debian/modules/http-lua/t/024-access/uthread-spawn.t (+33/-29)
debian/modules/http-lua/t/025-codecache.t (+153/-23)
debian/modules/http-lua/t/027-multi-capture.t (+2/-2)
debian/modules/http-lua/t/028-req-header.t (+460/-74)
debian/modules/http-lua/t/030-uri-args.t (+185/-37)
debian/modules/http-lua/t/031-post-args.t (+66/-16)
debian/modules/http-lua/t/034-match.t (+33/-32)
debian/modules/http-lua/t/035-gmatch.t (+11/-11)
debian/modules/http-lua/t/036-sub.t (+2/-2)
debian/modules/http-lua/t/037-gsub.t (+1/-1)
debian/modules/http-lua/t/038-match-o.t (+22/-22)
debian/modules/http-lua/t/041-header-filter.t (+15/-6)
debian/modules/http-lua/t/043-shdict.t (+2/-2)
debian/modules/http-lua/t/044-req-body.t (+7/-1)
debian/modules/http-lua/t/047-match-jit.t (+6/-6)
debian/modules/http-lua/t/048-match-dfa.t (+6/-6)
debian/modules/http-lua/t/055-subreq-vars.t (+9/-9)
debian/modules/http-lua/t/056-flush.t (+1/-1)
debian/modules/http-lua/t/057-flush-timeout.t (+1/-1)
debian/modules/http-lua/t/058-tcp-socket.t (+419/-26)
debian/modules/http-lua/t/062-count.t (+102/-7)
debian/modules/http-lua/t/063-abort.t (+31/-31)
debian/modules/http-lua/t/064-pcall.t (+7/-7)
debian/modules/http-lua/t/065-tcp-socket-timeout.t (+12/-12)
debian/modules/http-lua/t/066-socket-receiveuntil.t (+15/-15)
debian/modules/http-lua/t/067-req-socket.t (+3/-3)
debian/modules/http-lua/t/068-socket-keepalive.t (+1436/-31)
debian/modules/http-lua/t/073-backtrace.t (+7/-7)
debian/modules/http-lua/t/075-logby.t (+7/-4)
debian/modules/http-lua/t/081-bytecode.t (+24/-21)
debian/modules/http-lua/t/082-body-filter.t (+2/-1)
debian/modules/http-lua/t/084-inclusive-receiveuntil.t (+10/-10)
debian/modules/http-lua/t/087-udp-socket.t (+77/-7)
debian/modules/http-lua/t/090-log-socket-errors.t (+5/-5)
debian/modules/http-lua/t/091-coroutine.t (+42/-39)
debian/modules/http-lua/t/093-uthread-spawn.t (+35/-31)
debian/modules/http-lua/t/094-uthread-exit.t (+23/-23)
debian/modules/http-lua/t/095-uthread-exec.t (+7/-7)
debian/modules/http-lua/t/096-uthread-redirect.t (+3/-3)
debian/modules/http-lua/t/097-uthread-rewrite.t (+6/-6)
debian/modules/http-lua/t/098-uthread-wait.t (+37/-37)
debian/modules/http-lua/t/099-c-api.t (+5/-5)
debian/modules/http-lua/t/100-client-abort.t (+3/-3)
debian/modules/http-lua/t/104-req-raw-header.t (+112/-0)
debian/modules/http-lua/t/106-timer.t (+9/-9)
debian/modules/http-lua/t/108-timer-safe.t (+8/-8)
debian/modules/http-lua/t/109-timer-hup.t (+9/-9)
debian/modules/http-lua/t/120-re-find.t (+2/-2)
debian/modules/http-lua/t/123-lua-path.t (+5/-5)
debian/modules/http-lua/t/124-init-worker.t (+205/-6)
debian/modules/http-lua/t/126-shdict-frag.t (+2/-2)
debian/modules/http-lua/t/127-uthread-kill.t (+13/-13)
debian/modules/http-lua/t/128-duplex-tcp-socket.t (+3/-3)
debian/modules/http-lua/t/129-ssl-socket.t (+179/-262)
debian/modules/http-lua/t/130-internal-api.t (+4/-13)
debian/modules/http-lua/t/132-lua-blocks.t (+124/-1)
debian/modules/http-lua/t/134-worker-count-5.t (+2/-2)
debian/modules/http-lua/t/135-worker-id.t (+1/-61)
debian/modules/http-lua/t/138-balancer.t (+3/-5)
debian/modules/http-lua/t/139-ssl-cert-by.t (+205/-2)
debian/modules/http-lua/t/140-ssl-c-api.t (+12/-11)
debian/modules/http-lua/t/142-ssl-session-store.t (+11/-13)
debian/modules/http-lua/t/143-ssl-session-fetch.t (+118/-13)
debian/modules/http-lua/t/147-tcp-socket-timeouts.t (+4/-4)
debian/modules/http-lua/t/152-timer-every.t (+2/-2)
debian/modules/http-lua/t/153-semaphore-hup.t (+1/-1)
debian/modules/http-lua/t/155-tls13.t (+106/-0)
debian/modules/http-lua/t/156-slow-network.t (+138/-0)
debian/modules/http-lua/t/157-socket-keepalive-hup.t (+91/-0)
debian/modules/http-lua/t/158-global-var.t (+508/-0)
debian/modules/http-lua/t/159-sa-restart.t (+180/-0)
debian/modules/http-lua/t/160-disable-init-by-lua.t (+194/-0)
debian/modules/http-lua/t/161-load-resty-core.t (+68/-0)
debian/modules/http-lua/t/cert/dst-ca.crt (+63/-0)
debian/modules/http-lua/t/data/fake-shm-module/ngx_http_lua_fake_shm_module.c (+13/-9)
debian/modules/http-lua/util/build.sh (+3/-1)
debian/modules/http-lua/valgrind.suppress (+33/-16)
debian/modules/nchan/README.md (+897/-134)
debian/modules/nchan/changelog.txt (+205/-0)
debian/modules/nchan/cloc-exclude.txt (+10/-11)
debian/modules/nchan/config (+69/-18)
debian/modules/nchan/src/nchan_commands.rb (+351/-32)
debian/modules/nchan/src/nchan_config_commands.c (+275/-9)
debian/modules/nchan/src/nchan_defs.c (+8/-1)
debian/modules/nchan/src/nchan_defs.h (+9/-2)
debian/modules/nchan/src/nchan_module.c (+277/-143)
debian/modules/nchan/src/nchan_module.h (+13/-21)
debian/modules/nchan/src/nchan_setup.c (+672/-33)
debian/modules/nchan/src/nchan_types.h (+157/-40)
debian/modules/nchan/src/nchan_variables.c (+6/-0)
debian/modules/nchan/src/nchan_version.h (+1/-0)
debian/modules/nchan/src/store/memory/groups.c (+570/-0)
debian/modules/nchan/src/store/memory/groups.h (+55/-0)
debian/modules/nchan/src/store/memory/ipc-handlers.c (+526/-171)
debian/modules/nchan/src/store/memory/ipc-handlers.h (+13/-3)
debian/modules/nchan/src/store/memory/ipc.c (+27/-3)
debian/modules/nchan/src/store/memory/ipc.h (+10/-1)
debian/modules/nchan/src/store/memory/memstore.c (+1013/-460)
debian/modules/nchan/src/store/memory/store-private.h (+34/-7)
debian/modules/nchan/src/store/memory/store.h (+3/-3)
debian/modules/nchan/src/store/redis/cmp.c (+927/-410)
debian/modules/nchan/src/store/redis/cmp.h (+59/-7)
debian/modules/nchan/src/store/redis/hiredis/.gitignore (+7/-0)
debian/modules/nchan/src/store/redis/hiredis/.travis.yml (+24/-0)
debian/modules/nchan/src/store/redis/hiredis/CHANGELOG.md (+110/-0)
debian/modules/nchan/src/store/redis/hiredis/COPYING (+29/-0)
debian/modules/nchan/src/store/redis/hiredis/Makefile (+217/-0)
debian/modules/nchan/src/store/redis/hiredis/README.md (+392/-0)
debian/modules/nchan/src/store/redis/hiredis/adapters/ae.h (+127/-0)
debian/modules/nchan/src/store/redis/hiredis/adapters/libev.h (+147/-0)
debian/modules/nchan/src/store/redis/hiredis/adapters/libevent.h (+108/-0)
debian/modules/nchan/src/store/redis/hiredis/adapters/libuv.h (+121/-0)
debian/modules/nchan/src/store/redis/hiredis/async.c (+687/-0)
debian/modules/nchan/src/store/redis/hiredis/async.h (+129/-0)
debian/modules/nchan/src/store/redis/hiredis/dict.c (+338/-0)
debian/modules/nchan/src/store/redis/hiredis/dict.h (+126/-0)
debian/modules/nchan/src/store/redis/hiredis/examples/example-ae.c (+62/-0)
debian/modules/nchan/src/store/redis/hiredis/examples/example-libev.c (+52/-0)
debian/modules/nchan/src/store/redis/hiredis/examples/example-libevent.c (+53/-0)
debian/modules/nchan/src/store/redis/hiredis/examples/example-libuv.c (+53/-0)
debian/modules/nchan/src/store/redis/hiredis/examples/example.c (+78/-0)
debian/modules/nchan/src/store/redis/hiredis/fmacros.h (+21/-0)
debian/modules/nchan/src/store/redis/hiredis/hiredis.c (+1021/-0)
debian/modules/nchan/src/store/redis/hiredis/hiredis.h (+226/-0)
debian/modules/nchan/src/store/redis/hiredis/net.c (+461/-0)
debian/modules/nchan/src/store/redis/hiredis/net.h (+53/-0)
debian/modules/nchan/src/store/redis/hiredis/read.c (+525/-0)
debian/modules/nchan/src/store/redis/hiredis/read.h (+116/-0)
debian/modules/nchan/src/store/redis/hiredis/sds.c (+1095/-0)
debian/modules/nchan/src/store/redis/hiredis/sds.h (+105/-0)
debian/modules/nchan/src/store/redis/hiredis/test.c (+807/-0)
debian/modules/nchan/src/store/redis/hiredis/win32.h (+42/-0)
debian/modules/nchan/src/store/redis/rdsstore.c (+923/-1208)
debian/modules/nchan/src/store/redis/redis-lua-scripts/.gitignore (+1/-0)
debian/modules/nchan/src/store/redis/redis-lua-scripts/add_fakesub.lua (+9/-4)
debian/modules/nchan/src/store/redis/redis-lua-scripts/channel_keepalive.lua (+5/-4)
debian/modules/nchan/src/store/redis/redis-lua-scripts/delete.lua (+33/-23)
debian/modules/nchan/src/store/redis/redis-lua-scripts/find_channel.lua (+33/-19)
debian/modules/nchan/src/store/redis/redis-lua-scripts/get_message.lua (+16/-17)
debian/modules/nchan/src/store/redis/redis-lua-scripts/get_message_from_key.lua (+3/-4)
debian/modules/nchan/src/store/redis/redis-lua-scripts/publish.lua (+64/-55)
debian/modules/nchan/src/store/redis/redis-lua-scripts/publish_status.lua (+4/-4)
debian/modules/nchan/src/store/redis/redis-lua-scripts/rsck.lua (+27/-10)
debian/modules/nchan/src/store/redis/redis-lua-scripts/subscriber_register.lua (+18/-6)
debian/modules/nchan/src/store/redis/redis-lua-scripts/subscriber_unregister.lua (+3/-3)
debian/modules/nchan/src/store/redis/redis-lua-scripts/testscripts.rb (+4/-3)
debian/modules/nchan/src/store/redis/redis_lua_commands.c (+1036/-0)
debian/modules/nchan/src/store/redis/redis_lua_commands.h (+17/-984)
debian/modules/nchan/src/store/redis/redis_nginx_adapter.c (+28/-36)
debian/modules/nchan/src/store/redis/redis_nginx_adapter.h (+6/-1)
debian/modules/nchan/src/store/redis/redis_nodeset.c (+2179/-0)
debian/modules/nchan/src/store/redis/redis_nodeset.h (+276/-0)
debian/modules/nchan/src/store/redis/redis_nodeset_parser.c (+241/-0)
debian/modules/nchan/src/store/redis/redis_nodeset_parser.h (+40/-0)
debian/modules/nchan/src/store/redis/store-private.h (+53/-139)
debian/modules/nchan/src/store/redis/store.h (+8/-3)
debian/modules/nchan/src/store/spool.c (+168/-122)
debian/modules/nchan/src/store/spool.h (+6/-8)
debian/modules/nchan/src/subscribers/benchmark.c (+72/-0)
debian/modules/nchan/src/subscribers/benchmark.h (+3/-0)
debian/modules/nchan/src/subscribers/common.c (+162/-411)
debian/modules/nchan/src/subscribers/common.h (+7/-10)
debian/modules/nchan/src/subscribers/eventsource.c (+87/-7)
debian/modules/nchan/src/subscribers/getmsg_proxy.c (+106/-0)
debian/modules/nchan/src/subscribers/getmsg_proxy.h (+1/-0)
debian/modules/nchan/src/subscribers/http-chunked.c (+6/-4)
debian/modules/nchan/src/subscribers/http-multipart-mixed.c (+15/-12)
debian/modules/nchan/src/subscribers/http-raw-stream.c (+9/-7)
debian/modules/nchan/src/subscribers/internal.c (+13/-6)
debian/modules/nchan/src/subscribers/longpoll-private.h (+3/-1)
debian/modules/nchan/src/subscribers/longpoll.c (+97/-143)
debian/modules/nchan/src/subscribers/memstore_ipc.c (+43/-20)
debian/modules/nchan/src/subscribers/memstore_ipc.h (+3/-0)
debian/modules/nchan/src/subscribers/memstore_multi.c (+23/-30)
debian/modules/nchan/src/subscribers/memstore_redis.c (+67/-63)
debian/modules/nchan/src/subscribers/memstore_redis.h (+0/-1)
debian/modules/nchan/src/subscribers/websocket.c (+912/-486)
debian/modules/nchan/src/subscribers/websocket.h (+2/-1)
debian/modules/nchan/src/uthash.h (+747/-489)
debian/modules/nchan/src/util/hdr_histogram.c (+1015/-0)
debian/modules/nchan/src/util/hdr_histogram.h (+427/-0)
debian/modules/nchan/src/util/nchan_benchmark.c (+804/-0)
debian/modules/nchan/src/util/nchan_benchmark.h (+91/-0)
debian/modules/nchan/src/util/nchan_bufchainpool.c (+96/-0)
debian/modules/nchan/src/util/nchan_bufchainpool.h (+17/-0)
debian/modules/nchan/src/util/nchan_channel_id.c (+74/-8)
debian/modules/nchan/src/util/nchan_channel_id.h (+4/-1)
debian/modules/nchan/src/util/nchan_debug.c (+81/-0)
debian/modules/nchan/src/util/nchan_debug.h (+13/-0)
debian/modules/nchan/src/util/nchan_fake_request.c (+267/-24)
debian/modules/nchan/src/util/nchan_fake_request.h (+55/-3)
debian/modules/nchan/src/util/nchan_list.c (+26/-0)
debian/modules/nchan/src/util/nchan_list.h (+5/-0)
debian/modules/nchan/src/util/nchan_msg.c (+291/-33)
debian/modules/nchan/src/util/nchan_msg.h (+19/-0)
debian/modules/nchan/src/util/nchan_output.c (+73/-22)
debian/modules/nchan/src/util/nchan_output.h (+4/-2)
debian/modules/nchan/src/util/nchan_output_info.c (+271/-0)
debian/modules/nchan/src/util/nchan_output_info.h (+3/-4)
debian/modules/nchan/src/util/nchan_rbtree.h (+3/-3)
debian/modules/nchan/src/util/nchan_slist.c (+164/-0)
debian/modules/nchan/src/util/nchan_slist.h (+41/-0)
debian/modules/nchan/src/util/nchan_subrequest.c (+66/-9)
debian/modules/nchan/src/util/nchan_subrequest.h (+4/-1)
debian/modules/nchan/src/util/nchan_util.c (+866/-47)
debian/modules/nchan/src/util/nchan_util.h (+47/-3)
debian/modules/nchan/src/util/ngx_nchan_hacked_slab.c (+4/-0)
debian/modules/nchan/src/util/shmem.c (+44/-5)
debian/modules/nchan/src/util/shmem.h (+5/-0)
debian/modules/patches/http-lua/disable-load_resty_core.patch (+20/-0)
debian/modules/patches/http-lua/series (+1/-1)
dev/null (+0/-838)

Related bugs:

Bug #1874831: libnginx-mod-nchan distributes old/incompatible module	Medium	Fix Released
Bug #1893753: libnginx-mod-http-lua 0.10.11 not compatible with NGINX 1.18/1.17	High	Fix Released

Link a bug report

Reviewer	Date Requested	Status
Thomas Ward	2021-10-12	Pending
Canonical Server	2021-10-07	Pending
Canonical Server packageset reviewers	2021-10-07	Pending
git-ubuntu developers	2021-10-07	Pending
Review via email: mp+409830@code.launchpad.net

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2021-10-07:

PPA:
https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4678/+packages

SRU Template will follow once reporters tested it.

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2021-10-08:

FYI - things were not as easy and build fails block the PPA for now.
I'll let you know once I found some time to resolve that.

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2021-10-12:

/<<PKGBUILDDIR>>/debian/modules/http-lua/src/ngx_http_lua_subrequest.c
In file included from /<<PKGBUILDDIR>>/debian/modules/http-lua/src/ngx_http_lua_script.h:11,
                 from /<<PKGBUILDDIR>>/debian/modules/http-lua/src/ngx_http_lua_script.c:13:
/<<PKGBUILDDIR>>/debian/modules/http-lua/src/ngx_http_lua_common.h:20:10: fatal error: luajit.h: No such file or directory
   20 | #include <luajit.h>
      | ^~~~~~~~~~

That should be around via:
- libluajit-5.1-dev: /usr/include/luajit-2.1/luajit.h

What I found is that it fails on launchpad (for example https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/4678/+build/22267992) but the very same builds fine in local sbuild:
$ DEB_BUILD_OPTIONS="parallel=4" sbuild -Adfocal-proposed-amd64 nginx_1.18.0-0ubuntu1.3~focalppa3.dsc

I vaguely remember seeing similar issue in nginx in the past, but fail to remember what it was.
I need to ping teward for his subject matter expertise, so I subscribe him here.

Revision history for this message

Christian Ehrhardt  (paelzer) wrote on 2021-10-13:

This does actually only break on arm64 ppc64el riscv64 s390x but works on armhf and amd64.
That at least explains why local sbuild worked.

Current (bad) focal lua nginx module is available on all these architectures and in later releases removed.
libnginx-mod-http-lua | 1.18.0-0ubuntu1.2 | focal-updates/universe | amd64, arm64, armhf, ppc64el, riscv64, s390x

s390x will never work as there the luajit lib doesn't exist:
libluajit-5.1-dev | 2.1.0~beta3+dfsg-6 | impish/universe | amd64, arm64, armhf, i386, ppc64el

That matches the build-dep in nginx d/control (not on s390x).
The current module of 1.18.0-0ubuntu1.2 on s390x has a .so file which is odd, seems it didn't really need libluajit-5.1-dev in the past before
https://github.com/openresty/lua-nginx-module/commit/7286812116940216344ade33722c49ae47037605

In fact it is just a very-non-matching build-dep that is the problem.
libluajit-5.1-dev [i386 amd64 kfreebsd-i386 armel armhf powerpc powerpcspe mips mipsel],
It lists so many architectures that it is misleading, but not those we actually want.

Furthermore also in d/rules lua is enabled unconditionally but that won't work anymore.

I've modified everything accordingly only to find that for some extra pain on arm64 and ppc64 Focals libluajit-5.1-dev still isn't working. Even when properly installed it can't find/work with luajit correctly on those architectures for the given versions that we have.
So I'll have to disable it on those platforms as well.

Unmerged commits

5697825... by Christian Ehrhardt  on 2021-10-07

changelog add http-lua (LP: #1893753)

Signed-off-by: Christian Ehrhardt <email address hidden>

2226f49... by Anton Tolchanov on 2020-11-14

http-lua: Upgrade to 0.10.15

Updated using `ngxmod uupdate --upstream-version 0.10.15 http-lua`

e1587cc... by Christian Ehrhardt  on 2021-10-07

changelog: nchan: Upgrade module to 1.2.7 (LP: #1874831)

Signed-off-by: Christian Ehrhardt <email address hidden>

c8c1511... by Ondřej Nový on 2020-05-28

nchan: Upgrade to 1.2.7

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Christian Ehrhardt 

git-ubuntu developers

Ubuntu
nginx package

Merge ~paelzer/ubuntu/+source/nginx:lp-1874831-nchan-bump-lp-1893753-lua-FOCAL into ubuntu/+source/nginx:ubuntu/focal-devel

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers

 diff --git a/debian/changelog b/debian/changelog
 index e91b482..039604e 100644
 --- a/debian/changelog
 +++ b/debian/changelog
@@ -1,3 +1,12 @@
++nginx (1.18.0-0ubuntu1.3) focal; urgency=medium
++
++  * Fix incompatible modules by bumping them to the minimal versions
++    needed to work with nginx 1.18
++    - nchan: Upgrade module to 1.2.7 (LP: #1874831)
++    - http-lua: Upgrade to 0.10.15 (LP: #1893753)
++
++ -- Christian Ehrhardt <christian.ehrhardt@canonical.com>  Thu, 07 Oct 2021 13:59:10 +0200
++
  nginx (1.18.0-0ubuntu1.2) focal-security; urgency=medium
    * SECURITY UPDATE: DNS Resolver issues
 diff --git a/debian/modules/control b/debian/modules/control
 index 96f9434..e703726 100644
 --- a/debian/modules/control
 +++ b/debian/modules/control
@@ -18,7 +18,7 @@ Files-Excluded: .gitignore .gitattributes .travis.yml
  Module: http-lua
  Homepage: https://github.com/openresty/lua-nginx-module
--Version: 0.10.11
++Version: 0.10.15
  Patch:
    openssl-1.1.0.patch
    discover-luajit-2.1.patch
@@ -71,3 +71,4 @@ Version: 1.2.1
  Module: http-geoip2
  Homepage: https://github.com/leev/ngx_http_geoip2_module
  Version: 3.2
++
 diff --git a/debian/modules/http-lua/README.markdown b/debian/modules/http-lua/README.markdown
 index c42bd3e..ed0c72d 100644
 --- a/debian/modules/http-lua/README.markdown
 +++ b/debian/modules/http-lua/README.markdown
@@ -8,6 +8,8 @@ Name
  ngx_http_lua_module - Embed the power of Lua into Nginx HTTP Servers.
++This module is a core component of OpenResty. If you are using this module, then you are essentially using OpenResty :)
++
  *This module is not distributed with the Nginx source.* See [the installation instructions](#installation).
  Table of Contents
@@ -23,7 +25,6 @@ Table of Contents
  * [Installation](#installation)
      * [Building as a dynamic module](#building-as-a-dynamic-module)
      * [C Macro Configurations](#c-macro-configurations)
--    * [Installation on Ubuntu 11.10](#installation-on-ubuntu-1110)
  * [Community](#community)
      * [English Mailing List](#english-mailing-list)
      * [Chinese Mailing List](#chinese-mailing-list)
@@ -62,7 +63,7 @@ Production ready.
  Version
  =======
--This document describes ngx_lua [v0.10.11](https://github.com/openresty/lua-nginx-module/tags) released on 3 November 2017.
++This document describes ngx_lua [v0.10.15](https://github.com/openresty/lua-nginx-module/tags) released on March 14th, 2019.
  Synopsis
  ========
@@ -187,7 +188,9 @@ Synopsis
  Description
  ===========
--This module embeds Lua, via the standard Lua 5.1 interpreter or [LuaJIT 2.0/2.1](http://luajit.org/luajit.html), into Nginx and by leveraging Nginx's subrequests, allows the integration of the powerful Lua threads (Lua coroutines) into the Nginx event model.
++This module is a core component of OpenResty. If you are using this module, then you are essentially using OpenResty :)
++
++This module embeds Lua, via [LuaJIT 2.0/2.1](http://luajit.org/luajit.html), into Nginx and by leveraging Nginx's subrequests, allows the integration of the powerful Lua threads (Lua coroutines) into the Nginx event model.
  Unlike [Apache's mod_lua](https://httpd.apache.org/docs/trunk/mod/mod_lua.html) and [Lighttpd's mod_magnet](http://redmine.lighttpd.net/wiki/1/Docs:ModMagnet), Lua code executed using this module can be *100% non-blocking* on network traffic as long as the [Nginx API for Lua](#nginx-api-for-lua) provided by this module is used to handle
  requests to upstream services such as MySQL, PostgreSQL, Memcached, Redis, or upstream HTTP web services.
@@ -250,6 +253,7 @@ Nginx Compatibility
  The latest version of this module is compatible with the following versions of Nginx:
  * 1.13.x  (last tested: 1.13.6)
++* 1.12.x
  * 1.11.x  (last tested: 1.11.2)
  * 1.10.x
  * 1.9.x (last tested: 1.9.15)
@@ -264,12 +268,12 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported.
  Installation
  ============
--It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features become disabled, not work properly, or run slower.
++It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, OpenResty's LuaJIT 2.1 branch version, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features become disabled, not work properly, or run slower. The same applies to LuaJIT as well. OpenResty includes its own version of LuaJIT which gets specifically optimized and enhanced for the OpenResty environment.
  Alternatively, ngx_lua can be manually compiled into Nginx:
--1. Install LuaJIT 2.0 or 2.1 (recommended) or Lua 5.1 (Lua 5.2 is *not* supported yet). LuaJIT can be downloaded from the [LuaJIT project website](http://luajit.org/download.html) and Lua 5.1, from the [Lua project website](http://www.lua.org/).  Some distribution package managers also distribute LuaJIT and/or Lua.
--1. Download the latest version of the ngx_devel_kit (NDK) module [HERE](https://github.com/simpl/ngx_devel_kit/tags).
++1. LuaJIT can be downloaded from the [latest release of OpenResty's LuaJIT branch version](https://github.com/openresty/luajit2/releases). The official LuaJIT 2.0 and 2.1 releases are also supported, although the performance will be significantly lower in many cases.
++1. Download the latest version of the ngx_devel_kit (NDK) module [HERE](https://github.com/simplresty/ngx_devel_kit/tags).
 . Download the latest version of ngx_lua [HERE](https://github.com/openresty/lua-nginx-module/tags).
 . Download the latest version of Nginx [HERE](http://nginx.org/) (See [Nginx Compatibility](#nginx-compatibility))
@@ -346,29 +350,6 @@ To enable one or more of these macros, just pass extra C compiler options to the
  [Back to TOC](#table-of-contents)
--Installation on Ubuntu 11.10
------------------------------
--
--Note that it is recommended to use LuaJIT 2.0 or LuaJIT 2.1 instead of the standard Lua 5.1 interpreter wherever possible.
--
--If the standard Lua 5.1 interpreter is required however, run the following command to install it from the Ubuntu repository:
--
--```bash
--
-- apt-get install -y lua5.1 liblua5.1-0 liblua5.1-0-dev
--```
--
--Everything should be installed correctly, except for one small tweak.
--
--Library name `liblua.so` has been changed in liblua5.1 package, it only comes with `liblua5.1.so`, which needs to be symlinked to `/usr/lib` so it could be found during the configuration process.
--
--```bash
--
-- ln -s /usr/lib/x86_64-linux-gnu/liblua5.1.so /usr/lib/liblua.so
--```
--
--[Back to TOC](#table-of-contents)
--
  Community
  =========
@@ -410,7 +391,7 @@ Lua/LuaJIT bytecode support
  As from the `v0.5.0rc32` release, all `*_by_lua_file` configure directives (such as [content_by_lua_file](#content_by_lua_file)) support loading Lua 5.1 and LuaJIT 2.0/2.1 raw bytecode files directly.
--Please note that the bytecode format used by LuaJIT 2.0/2.1 is not compatible with that used by the standard Lua 5.1 interpreter. So if using LuaJIT 2.0/2.1 with ngx_lua, LuaJIT compatible bytecode files must be generated as shown:
++Please note that the bytecode format used by LuaJIT 2.0/2.1 is not compatible with that used by the standard Lua 5.1 interpreter. So if you are using LuaJIT 2.0/2.1 with ngx_lua, LuaJIT compatible bytecode files must be generated as shown:
  ```bash
@@ -430,20 +411,6 @@ Please refer to the official LuaJIT documentation on the `-b` option for more de
  Also, the bytecode files generated by LuaJIT 2.1 is *not* compatible with LuaJIT 2.0, and vice versa. The support for LuaJIT 2.1 bytecode was first added in ngx_lua v0.9.3.
--Similarly, if using the standard Lua 5.1 interpreter with ngx_lua, Lua compatible bytecode files must be generated using the `luac` commandline utility as shown:
--
--```bash
--
-- luac -o /path/to/output_file.luac /path/to/input_file.lua
--```
--
--Unlike as with LuaJIT, debug information is included in standard Lua 5.1 bytecode files by default. This can be striped out by specifying the `-s` option as shown:
--
--```bash
--
-- luac -s -o /path/to/output_file.luac /path/to/input_file.lua
--```
--
  Attempts to load standard Lua 5.1 bytecode files into ngx_lua instances linked to LuaJIT 2.0/2.1 or vice versa, will result in an error message, such as that below, being logged into the Nginx `error.log` file:
@@ -641,8 +608,7 @@ This issue is due to limitations in the Nginx event model and only appears to af
  Lua Coroutine Yielding/Resuming
  -------------------------------
--* Because Lua's `dofile` and `require` builtins are currently implemented as C functions in both Lua 5.1 and LuaJIT 2.0/2.1, if the Lua file being loaded by `dofile` or `require` invokes [ngx.location.capture*](#ngxlocationcapture), [ngx.exec](#ngxexec), [ngx.exit](#ngxexit), or other API functions requiring yielding in the *top-level* scope of the Lua file, then the Lua error "attempt to yield across C-call boundary" will be raised. To avoid this, put these calls requiring yielding into your own Lua functions in the Lua file instead of the top-level scope of the file.
--* As the standard Lua 5.1 interpreter's VM is not fully resumable, the methods [ngx.location.capture](#ngxlocationcapture), [ngx.location.capture_multi](#ngxlocationcapture_multi), [ngx.redirect](#ngxredirect), [ngx.exec](#ngxexec), and [ngx.exit](#ngxexit) cannot be used within the context of a Lua [pcall()](http://www.lua.org/manual/5.1/manual.html#pdf-pcall) or [xpcall()](http://www.lua.org/manual/5.1/manual.html#pdf-xpcall) or even the first line of the `for ... in ...` statement when the standard Lua 5.1 interpreter is used and the `attempt to yield across metamethod/C-call boundary` error will be produced. Please use LuaJIT 2.x, which supports a fully resumable VM, to avoid this.
++* Because Lua's `dofile` and `require` builtins are currently implemented as C functions in LuaJIT 2.0/2.1, if the Lua file being loaded by `dofile` or `require` invokes [ngx.location.capture*](#ngxlocationcapture), [ngx.exec](#ngxexec), [ngx.exit](#ngxexit), or other API functions requiring yielding in the *top-level* scope of the Lua file, then the Lua error "attempt to yield across C-call boundary" will be raised. To avoid this, put these calls requiring yielding into your own Lua functions in the Lua file instead of the top-level scope of the file.
  [Back to TOC](#table-of-contents)
@@ -839,7 +805,7 @@ As noted earlier, PCRE sequences presented within `*_by_lua_block {}` directives
   # nginx.conf
   location /test {
       content_by_lua_block {
--         local regex = "\d+"
++         local regex = [[\d+]]
           local m = ngx.re.match("hello, 1234", regex)
           if m then ngx.say(m[0]) else ngx.say("not matched!") end
+      }
@@ -940,7 +906,7 @@ The following dependencies are required to run the test suite:
  	* Test::Nginx: <https://github.com/openresty/test-nginx>
  * Nginx modules:
--	* [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit)
++	* [ngx_devel_kit](https://github.com/simplresty/ngx_devel_kit)
  	* [ngx_set_misc](https://github.com/openresty/set-misc-nginx-module)
  	* [ngx_auth_request](http://mdounin.ru/files/ngx_http_auth_request_module-0.2.tar.gz) (this is not needed if you're using Nginx 1.5.4+.
  	* [ngx_echo](https://github.com/openresty/echo-nginx-module)
@@ -994,7 +960,7 @@ This module is licensed under the BSD license.
  Copyright (C) 2009-2017, by Xiaozhe Wang (chaoslawful) <chaoslawful@gmail.com>.
--Copyright (C) 2009-2017, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.
++Copyright (C) 2009-2019, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.
  All rights reserved.
@@ -1025,7 +991,7 @@ See Also
  * [Dynamic Routing Based on Redis and Lua](http://openresty.org/#DynamicRoutingBasedOnRedis)
  * [Using LuaRocks with ngx_lua](http://openresty.org/#UsingLuaRocks)
  * [Introduction to ngx_lua](https://github.com/openresty/lua-nginx-module/wiki/Introduction)
--* [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit)
++* [ngx_devel_kit](https://github.com/simplresty/ngx_devel_kit)
  * [echo-nginx-module](http://github.com/openresty/echo-nginx-module)
  * [drizzle-nginx-module](http://github.com/openresty/drizzle-nginx-module)
  * [postgres-nginx-module](https://github.com/FRiCKLE/ngx_postgres)
@@ -1038,6 +1004,7 @@ See Also
  Directives
  ==========
++* [lua_load_resty_core](#lua_load_resty_core)
  * [lua_capture_error_log](#lua_capture_error_log)
  * [lua_use_default_type](#lua_use_default_type)
  * [lua_malloc_trim](#lua_malloc_trim)
@@ -1103,6 +1070,7 @@ Directives
  * [lua_check_client_abort](#lua_check_client_abort)
  * [lua_max_pending_timers](#lua_max_pending_timers)
  * [lua_max_running_timers](#lua_max_running_timers)
++* [lua_sa_restart](#lua_sa_restart)
  The basic building blocks of scripting Nginx with Lua are directives. Directives are used to specify when the user Lua code is run and
@@ -1112,6 +1080,38 @@ how the result will be used. Below is a diagram showing the order in which direc
  [Back to TOC](#table-of-contents)
++lua_load_resty_core
++-------------------
++
++**syntax:** *lua_load_resty_core on|off*
++
++**default:** *lua_load_resty_core on*
++
++**context:** *http*
++
++Controls whether the `resty.core` module (from
++[lua-resty-core](https://github.com/openresty/lua-resty-core)) should be loaded
++or not. When enabled, this directive is equivalent to executing the following
++when the Lua VM is created:
++
++```lua
++
++ require "resty.core"
++```
++
++Note that usage of the `resty.core` module is recommended, as its
++FFI implementation is both faster, safer, and more complete than the Lua C API
++of the ngx_lua module.
++
++It must also be noted that the Lua C API of the ngx_lua module will eventually
++be removed, and usage of the FFI-based API (i.e. the `resty.core`
++module) will become mandatory. This directive only aims at providing a
++temporary backwards-compatibility mode in case of edge-cases.
++
++This directive was first introduced in the `v0.10.15` release.
++
++[Back to TOC](#directives)
++
  lua_capture_error_log
  ---------------------
  **syntax:** *lua_capture_error_log size*
@@ -1486,6 +1486,8 @@ This hook is often used to create per-worker reoccurring timers (via the [ngx.ti
  This directive was first introduced in the `v0.9.5` release.
++This hook no longer runs in the cache manager and cache loader processes since the `v0.10.12` release.
++
  [Back to TOC](#directives)
  init_worker_by_lua_block
@@ -1513,6 +1515,8 @@ For instance,
  This directive was first introduced in the `v0.9.17` release.
++This hook no longer runs in the cache manager and cache loader processes since the `v0.10.12` release.
++
  [Back to TOC](#directives)
  init_worker_by_lua_file
@@ -1528,6 +1532,8 @@ Similar to [init_worker_by_lua](#init_worker_by_lua), but accepts the file path
  This directive was first introduced in the `v0.9.5` release.
++This hook no longer runs in the cache manager and cache loader processes since the `v0.10.12` release.
++
  [Back to TOC](#directives)
  set_by_lua
@@ -1587,7 +1593,7 @@ This directive can be freely mixed with all directives of the [ngx_http_rewrite_
  As from the `v0.5.0rc29` release, Nginx variable interpolation is disabled in the `<lua-script-str>` argument of this directive and therefore, the dollar sign character (`$`) can be used directly.
--This directive requires the [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit) module.
++This directive requires the [ngx_devel_kit](https://github.com/simplresty/ngx_devel_kit) module.
  [Back to TOC](#directives)
@@ -1640,7 +1646,7 @@ and the Nginx config must be reloaded each time the Lua source file is modified.
  The Lua code cache can be temporarily disabled during development by
  switching [lua_code_cache](#lua_code_cache) `off` in `nginx.conf` to avoid reloading Nginx.
--This directive requires the [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit) module.
++This directive requires the [ngx_devel_kit](https://github.com/simplresty/ngx_devel_kit) module.
  [Back to TOC](#directives)
@@ -2595,14 +2601,14 @@ SSL session resumption can then get immediately initiated and bypass the full SS
  Please note that TLS session tickets are very different and it is the clients' responsibility
  to cache the SSL session state when session tickets are used. SSL session resumptions based on
  TLS session tickets would happen automatically without going through this hook (nor the
--[ssl_session_store_by_lua_block](#ssl_session_store_by_lua) hook). This hook is mainly
++[ssl_session_store_by_lua*](#ssl_session_store_by_lua_block) hook). This hook is mainly
  for older or less capable SSL clients that can only do SSL sessions by session IDs.
  When [ssl_certificate_by_lua*](#ssl_certificate_by_lua_block) is specified at the same time,
  this hook usually runs before [ssl_certificate_by_lua*](#ssl_certificate_by_lua_block).
  When the SSL session is found and successfully loaded for the current SSL connection,
  SSL session resumption will happen and thus bypass the [ssl_certificate_by_lua*](#ssl_certificate_by_lua_block)
--hook completely. In this case, NGINX also bypasses the [ssl_session_store_by_lua_block](#ssl_session_store_by_lua)
++hook completely. In this case, NGINX also bypasses the [ssl_session_store_by_lua*](#ssl_session_store_by_lua_block)
  hook, for obvious reasons.
  To easily test this hook locally with a modern web browser, you can temporarily put the following line
@@ -2914,7 +2920,7 @@ This directive was first introduced in the `v0.9.11` release.
  lua_ssl_protocols
  -----------------
--**syntax:** *lua_ssl_protocols \[SSLv2\] \[SSLv3\] \[TLSv1\] [TLSv1.1] [TLSv1.2]*
++**syntax:** *lua_ssl_protocols \[SSLv2\] \[SSLv3\] \[TLSv1\] [TLSv1.1] [TLSv1.2] [TLSv1.3]*
  **default:** *lua_ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2*
@@ -2922,6 +2928,8 @@ lua_ssl_protocols
  Enables the specified protocols for requests to a SSL/TLS server in the [tcpsock:sslhandshake](#tcpsocksslhandshake) method.
++The support for the `TLSv1.3` parameter requires version `v0.10.12` *and* OpenSSL 1.1.1.
++
  This directive was first introduced in the `v0.9.11` release.
  [Back to TOC](#directives)
@@ -3099,6 +3107,23 @@ This directive was first introduced in the `v0.8.0` release.
  [Back to TOC](#directives)
++lua_sa_restart
++--------------
++
++**syntax:** *lua_sa_restart on|off*
++
++**default:** *lua_sa_restart on*
++
++**context:** *http*
++
++When enabled, this module will set the `SA_RESTART` flag on nginx workers signal dispositions.
++
++This allows Lua I/O primitives to not be interrupted by nginx's handling of various signals.
++
++This directive was first introduced in the `v0.10.14` release.
++
++[Back to TOC](#directives)
++
  Nginx API for Lua
  =================
@@ -3212,6 +3237,7 @@ Nginx API for Lua
  * [tcpsock:sslhandshake](#tcpsocksslhandshake)
  * [tcpsock:send](#tcpsocksend)
  * [tcpsock:receive](#tcpsockreceive)
++* [tcpsock:receiveany](#tcpsockreceiveany)
  * [tcpsock:receiveuntil](#tcpsockreceiveuntil)
  * [tcpsock:close](#tcpsockclose)
  * [tcpsock:settimeout](#tcpsocksettimeout)
@@ -3400,7 +3426,7 @@ Core constants
     ngx.DECLINED (-5)
  ```
--Note that only three of these constants are utilized by the [Nginx API for Lua](#nginx-api-for-lua) (i.e., [ngx.exit](#ngxexit) accepts `NGX_OK`, `NGX_ERROR`, and `NGX_DECLINED` as input).
++Note that only three of these constants are utilized by the [Nginx API for Lua](#nginx-api-for-lua) (i.e., [ngx.exit](#ngxexit) accepts `ngx.OK`, `ngx.ERROR`, and `ngx.DECLINED` as input).
  ```lua
@@ -3458,6 +3484,7 @@ HTTP status constants
     value = ngx.HTTP_SEE_OTHER (303)
     value = ngx.HTTP_NOT_MODIFIED (304)
     value = ngx.HTTP_TEMPORARY_REDIRECT (307) (first added in the v0.9.20 release)
++   value = ngx.HTTP_PERMANENT_REDIRECT (308)
     value = ngx.HTTP_BAD_REQUEST (400)
     value = ngx.HTTP_UNAUTHORIZED (401)
     value = ngx.HTTP_PAYMENT_REQUIRED (402) (first added in the v0.9.20 release)
@@ -4114,7 +4141,7 @@ The same applies to assigning an empty table:
   ngx.header["X-My-Header"] = {};
  ```
--Setting `ngx.header.HEADER` after sending out response headers (either explicitly with [ngx.send_headers](#ngxsend_headers) or implicitly with [ngx.print](#ngxprint) and similar) will throw out a Lua exception.
++Setting `ngx.header.HEADER` after sending out response headers (either explicitly with [ngx.send_headers](#ngxsend_headers) or implicitly with [ngx.print](#ngxprint) and similar) will log an error message.
  Reading `ngx.header.HEADER` will return the value of the response header named `HEADER`.
@@ -4163,7 +4190,7 @@ For reading *request* headers, use the [ngx.req.get_headers](#ngxreqget_headers)
  ngx.resp.get_headers
  --------------------
--**syntax:** *headers = ngx.resp.get_headers(max_headers?, raw?)*
++**syntax:** *headers, err = ngx.resp.get_headers(max_headers?, raw?)*
  **context:** *set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, log_by_lua&#42;, balancer_by_lua&#42;*
@@ -4171,7 +4198,12 @@ Returns a Lua table holding all the current response headers for the current req
  ```lua
-- local h = ngx.resp.get_headers()
++ local h, err = ngx.resp.get_headers()
++
++ if err == "truncated" then
++     -- one can choose to ignore or reject the current response here
++ end
++
   for k, v in pairs(h) do
       ...
   end
@@ -4179,6 +4211,8 @@ Returns a Lua table holding all the current response headers for the current req
  This function has the same signature as [ngx.req.get_headers](#ngxreqget_headers) except getting response headers instead of request headers.
++Note that a maximum of 100 response headers are parsed by default (including those with the same name) and that additional response headers are silently discarded to guard against potential denial of service attacks. Since `v0.10.13`, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
++
  This API was first introduced in the `v0.9.5` release.
  [Back to TOC](#nginx-api-for-lua)
@@ -4285,7 +4319,7 @@ ngx.req.get_method
  ------------------
  **syntax:** *method_name = ngx.req.get_method()*
--**context:** *set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, balancer_by_lua&#42;*
++**context:** *set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, balancer_by_lua&#42;, log_by_lua&#42;*
  Retrieves the current request's request method name. Strings like `"GET"` and `"POST"` are returned instead of numerical [method constants](#http-method-constants).
@@ -4451,7 +4485,7 @@ See also [ngx.req.set_uri](#ngxreqset_uri).
  ngx.req.get_uri_args
  --------------------
--**syntax:** *args = ngx.req.get_uri_args(max_args?)*
++**syntax:** *args, err = ngx.req.get_uri_args(max_args?)*
  **context:** *set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, log_by_lua&#42;, balancer_by_lua&#42;*
@@ -4461,7 +4495,12 @@ Returns a Lua table holding all the current request URL query arguments.
   location = /test {
       content_by_lua_block {
--         local args = ngx.req.get_uri_args()
++         local args, err = ngx.req.get_uri_args()
++
++         if err == "truncated" then
++             -- one can choose to ignore or reject the current request here
++         end
++
           for key, val in pairs(args) do
               if type(val) == "table" then
                   ngx.say(key, ": ", table.concat(val, ", "))
@@ -4513,7 +4552,7 @@ Updating query arguments via the nginx variable `$args` (or `ngx.var.args` in Lu
  ```lua
   ngx.var.args = "a=3&b=42"
-- local args = ngx.req.get_uri_args()
++ local args, err = ngx.req.get_uri_args()
  ```
  Here the `args` table will always look like
@@ -4525,20 +4564,23 @@ Here the `args` table will always look like
  regardless of the actual request query string.
--Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks.
++Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. Since `v0.10.13`, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  However, the optional `max_args` function argument can be used to override this limit:
  ```lua
-- local args = ngx.req.get_uri_args(10)
++ local args, err = ngx.req.get_uri_args(10)
++ if err == "truncated" then
++     -- one can choose to ignore or reject the current request here
++ end
  ```
  This argument can be set to zero to remove the limit and to process all request arguments received:
  ```lua
-- local args = ngx.req.get_uri_args(0)
++ local args, err = ngx.req.get_uri_args(0)
  ```
  Removing the `max_args` cap is strongly discouraged.
@@ -4559,6 +4601,11 @@ Returns a Lua table holding all the current request POST query arguments (of the
       content_by_lua_block {
           ngx.req.read_body()
           local args, err = ngx.req.get_post_args()
++
++         if err == "truncated" then
++             -- one can choose to ignore or reject the current request here
++         end
++
           if not args then
               ngx.say("failed to get post args: ", err)
               return
@@ -4627,20 +4674,23 @@ That is, they will take Lua boolean values `true`. However, they are different f
  Empty key arguments are discarded. `POST /test` with body `=hello&=world` will yield empty outputs for instance.
--Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks.
++Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. Since `v0.10.13`, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  However, the optional `max_args` function argument can be used to override this limit:
  ```lua
-- local args = ngx.req.get_post_args(10)
++ local args, err = ngx.req.get_post_args(10)
++ if err == "truncated" then
++     -- one can choose to ignore or reject the current request here
++ end
  ```
  This argument can be set to zero to remove the limit and to process all request arguments received:
  ```lua
-- local args = ngx.req.get_post_args(0)
++ local args, err = ngx.req.get_post_args(0)
  ```
  Removing the `max_args` cap is strongly discouraged.
@@ -4649,7 +4699,7 @@ Removing the `max_args` cap is strongly discouraged.
  ngx.req.get_headers
  -------------------
--**syntax:** *headers = ngx.req.get_headers(max_headers?, raw?)*
++**syntax:** *headers, err = ngx.req.get_headers(max_headers?, raw?)*
  **context:** *set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, log_by_lua&#42;*
@@ -4657,7 +4707,12 @@ Returns a Lua table holding all the current request headers.
  ```lua
-- local h = ngx.req.get_headers()
++ local h, err = ngx.req.get_headers()
++
++ if err == "truncated" then
++     -- one can choose to ignore or reject the current request here
++ end
++
   for k, v in pairs(h) do
       ...
   end
@@ -4688,20 +4743,24 @@ the value of `ngx.req.get_headers()["Foo"]` will be a Lua (array) table such as:
   {"foo", "bar", "baz"}
  ```
--Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks.
++Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks. Since `v0.10.13`, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  However, the optional `max_headers` function argument can be used to override this limit:
  ```lua
-- local headers = ngx.req.get_headers(10)
++ local headers, err = ngx.req.get_headers(10)
++
++ if err == "truncated" then
++     -- one can choose to ignore or reject the current request here
++ end
  ```
  This argument can be set to zero to remove the limit and to process all request headers received:
  ```lua
-- local headers = ngx.req.get_headers(0)
++ local headers, err = ngx.req.get_headers(0)
  ```
  Removing the `max_headers` cap is strongly discouraged.
@@ -4845,7 +4904,7 @@ This function returns `nil` if
 . the request body has been read into disk temporary files,
 . or the request body has zero size.
--If the request body has not been read yet, call [ngx.req.read_body](#ngxreqread_body) first (or turned on [lua_need_request_body](#lua_need_request_body) to force this module to read the request body. This is not recommended however).
++If the request body has not been read yet, call [ngx.req.read_body](#ngxreqread_body) first (or turn on [lua_need_request_body](#lua_need_request_body) to force this module to read the request body. This is not recommended however).
  If the request body has been read into disk files, try calling the [ngx.req.get_body_file](#ngxreqget_body_file) function instead.
@@ -4869,7 +4928,7 @@ Retrieves the file name for the in-file request body data. Returns `nil` if the
  The returned file is read only and is usually cleaned up by Nginx's memory pool. It should not be manually modified, renamed, or removed in Lua code.
--If the request body has not been read yet, call [ngx.req.read_body](#ngxreqread_body) first (or turned on [lua_need_request_body](#lua_need_request_body) to force this module to read the request body. This is not recommended however).
++If the request body has not been read yet, call [ngx.req.read_body](#ngxreqread_body) first (or turn on [lua_need_request_body](#lua_need_request_body) to force this module to read the request body. This is not recommended however).
  If the request body has been read into memory, try calling the [ngx.req.get_body_data](#ngxreqget_body_data) function instead.
@@ -4889,7 +4948,9 @@ ngx.req.set_body_data
  Set the current request's request body using the in-memory data specified by the `data` argument.
--If the current request's request body has not been read, then it will be properly discarded. When the current request's request body has been read into memory or buffered into a disk file, then the old request body's memory will be freed or the disk file will be cleaned up immediately, respectively.
++If the request body has not been read yet, call [ngx.req.read_body](#ngxreqread_body) first (or turn on [lua_need_request_body](#lua_need_request_body) to force this module to read the request body. This is not recommended however). Additionally, the request body must not have been previously discarded by [ngx.req.discard_body](#ngxreqdiscard_body).
++
++Whether the previous request body has been read into memory or buffered into a disk file, it will be freed or the disk file will be cleaned up immediately, respectively.
  This function was first introduced in the `v0.3.1rc18` release.
@@ -4905,11 +4966,13 @@ ngx.req.set_body_file
  Set the current request's request body using the in-file data specified by the `file_name` argument.
++If the request body has not been read yet, call [ngx.req.read_body](#ngxreqread_body) first (or turn on [lua_need_request_body](#lua_need_request_body) to force this module to read the request body. This is not recommended however). Additionally, the request body must not have been previously discarded by [ngx.req.discard_body](#ngxreqdiscard_body).
++
  If the optional `auto_clean` argument is given a `true` value, then this file will be removed at request completion or the next time this function or [ngx.req.set_body_data](#ngxreqset_body_data) are called in the same request. The `auto_clean` is default to `false`.
  Please ensure that the file specified by the `file_name` argument exists and is readable by an Nginx worker process by setting its permission properly to avoid Lua exception errors.
--If the current request's request body has not been read, then it will be properly discarded. When the current request's request body has been read into memory or buffered into a disk file, then the old request body's memory will be freed or the disk file will be cleaned up immediately, respectively.
++Whether the previous request body has been read into memory or buffered into a disk file, it will be freed or the disk file will be cleaned up immediately, respectively.
  This function was first introduced in the `v0.3.1rc18` release.
@@ -5092,6 +5155,7 @@ The optional `status` parameter specifies the HTTP status code to be used. The f
  * `302` (default)
  * `303`
  * `307`
++* `308`
  It is `302` (`ngx.HTTP_MOVED_TEMPORARILY`) by default.
@@ -5325,7 +5389,7 @@ Number literals can be used directly as the argument, for instance,
   ngx.exit(501)
  ```
--Note that while this method accepts all [HTTP status constants](#http-status-constants) as input, it only accepts `NGX_OK` and `NGX_ERROR` of the [core constants](#core-constants).
++Note that while this method accepts all [HTTP status constants](#http-status-constants) as input, it only accepts `ngx.OK` and `ngx.ERROR` of the [core constants](#core-constants).
  Also note that this method call terminates the processing of the current request and that it is recommended that a coding style that combines this method call with the `return` statement, i.e., `return ngx.exit(...)` be used to reinforce the fact that the request processing is being terminated.
@@ -5478,13 +5542,13 @@ This method was first introduced in the `v0.3.1rc27` release.
  ngx.decode_args
  ---------------
--**syntax:** *table = ngx.decode_args(str, max_args?)*
++**syntax:** *table, err = ngx.decode_args(str, max_args?)*
  **context:** *set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, log_by_lua&#42;, ngx.timer.&#42;, balancer_by_lua&#42;, ssl_certificate_by_lua&#42;, ssl_session_fetch_by_lua&#42;, ssl_session_store_by_lua&#42;*
  Decodes a URI encoded query-string into a Lua table. This is the inverse function of [ngx.encode_args](#ngxencode_args).
--The optional `max_args` argument can be used to specify the maximum number of arguments parsed from the `str` argument. By default, a maximum of 100 request arguments are parsed (including those with the same name) and that additional URI arguments are silently discarded to guard against potential denial of service attacks.
++The optional `max_args` argument can be used to specify the maximum number of arguments parsed from the `str` argument. By default, a maximum of 100 request arguments are parsed (including those with the same name) and that additional URI arguments are silently discarded to guard against potential denial of service attacks. Since `v0.10.13`, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  This argument can be set to zero to remove the limit and to process all request arguments received:
@@ -6444,10 +6508,12 @@ See also [ngx.shared.DICT](#ngxshareddict).
  ngx.shared.DICT.incr
  --------------------
--**syntax:** *newval, err, forcible? = ngx.shared.DICT:incr(key, value, init?)*
++**syntax:** *newval, err, forcible? = ngx.shared.DICT:incr(key, value, init?, init_ttl?)*
  **context:** *init_by_lua&#42;, set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, log_by_lua&#42;, ngx.timer.&#42;, balancer_by_lua&#42;, ssl_certificate_by_lua&#42;, ssl_session_fetch_by_lua&#42;, ssl_session_store_by_lua&#42;*
++**optional requirement:** `resty.core.shdict` or `resty.core`
++
  Increments the (numerical) value for `key` in the shm-based dictionary [ngx.shared.DICT](#ngxshareddict) by the step value `value`. Returns the new resulting number if the operation is successfully completed or `nil` and an error message otherwise.
  When the key does not exist or has already expired in the shared dictionary,
@@ -6457,6 +6523,25 @@ When the key does not exist or has already expired in the shared dictionary,
  Like the [add](#ngxshareddictadd) method, it also overrides the (least recently used) unexpired items in the store when running out of storage in the shared memory zone.
++The optional `init_ttl` argument specifies expiration time (in seconds) of the value when it is initialized via the `init` argument. The time resolution is `0.001` seconds. If `init_ttl` takes the value `0` (which is the default), then the item will never expire. This argument cannot be provided without providing the `init` argument as well, and has no effect if the value already exists (e.g., if it was previously inserted via [set](#ngxshareddictset) or the likes).
++
++**Note:** Usage of the `init_ttl` argument requires the `resty.core.shdict` or `resty.core` modules from the [lua-resty-core](https://github.com/openresty/lua-resty-core) library. Example:
++
++```lua
++
++ require "resty.core"
++
++ local cats = ngx.shared.cats
++ local newval, err = cats:incr("black_cats", 1, 0, 0.1)
++
++ print(newval) -- 1
++
++ ngx.sleep(0.2)
++
++ local val, err = cats:get("black_cats")
++ print(val) -- nil
++```
++
  The `forcible` return value will always be `nil` when the `init` argument is not specified.
  If this method succeeds in storing the current item by forcibly removing other not-yet-expired items in the dictionary via LRU, the `forcible` return value will be `true`. If it stores the item without forcibly removing other valid items, then the return value `forcible` will be `false`.
@@ -6469,6 +6554,8 @@ This method was first introduced in the `v0.3.1rc22` release.
  The optional `init` parameter was first added in the `v0.10.6` release.
++The optional `init_ttl` parameter was introduced in the `v0.10.12rc2` release.
++
  See also [ngx.shared.DICT](#ngxshareddict).
  [Back to TOC](#nginx-api-for-lua)
@@ -6651,7 +6738,7 @@ ngx.shared.DICT.flush_expired
  Flushes out the expired items in the dictionary, up to the maximal number specified by the optional `max_count` argument. When the `max_count` argument is given `0` or not given at all, then it means unlimited. Returns the number of items that have actually been flushed.
--Unlike the [flush_all](#ngxshareddictflush_all) method, this method actually free up the memory used by the expired items.
++Unlike the [flush_all](#ngxshareddictflush_all) method, this method actually frees up the memory used by the expired items.
  This feature was first introduced in the `v0.6.3` release.
@@ -6936,6 +7023,7 @@ Creates and returns a TCP or stream-oriented unix domain socket object (also kno
  * [settimeout](#tcpsocksettimeout)
  * [settimeouts](#tcpsocksettimeouts)
  * [setoption](#tcpsocksetoption)
++* [receiveany](#tcpsockreceiveany)
  * [receiveuntil](#tcpsockreceiveuntil)
  * [setkeepalive](#tcpsocksetkeepalive)
  * [getreusedtimes](#tcpsockgetreusedtimes)
@@ -7040,6 +7128,43 @@ An optional Lua table can be specified as the last argument to this method to sp
  * `pool`
  	specify a custom name for the connection pool being used. If omitted, then the connection pool name will be generated from the string template `"<host>:<port>"` or `"<unix-socket-path>"`.
++* `pool_size`
++	specify the size of the connection pool. If omitted and no
++	`backlog` option was provided, no pool will be created. If omitted
++	but `backlog` was provided, the pool will be created with a default
++	size equal to the value of the [lua_socket_pool_size](#lua_socket_pool_size)
++	directive.
++	The connection pool holds up to `pool_size` alive connections
++	ready to be reused by subsequent calls to [connect](#tcpsockconnect), but
++	note that there is no upper limit to the total number of opened connections
++	outside of the pool. If you need to restrict the total number of opened
++	connections, specify the `backlog` option.
++	When the connection pool would exceed its size limit, the least recently used
++	(kept-alive) connection already in the pool will be closed to make room for
++	the current connection.
++	Note that the cosocket connection pool is per Nginx worker process rather
++	than per Nginx server instance, so the size limit specified here also applies
++	to every single Nginx worker process. Also note that the size of the connection
++	pool cannot be changed once it has been created.
++	This option was first introduced in the `v0.10.14` release.
++
++* `backlog`
++	if specified, this module will limit the total number of opened connections
++	for this pool. No more connections than `pool_size` can be opened
++	for this pool at any time. If the connection pool is full, subsequent
++	connect operations will be queued into a queue equal to this option's
++	value (the "backlog" queue).
++	If the number of queued connect operations is equal to `backlog`,
++	subsequent connect operations will fail and return `nil` plus the
++	error string `"too many waiting connect operations"`.
++	The queued connect operations will be resumed once the number of connections
++	in the pool is less than `pool_size`.
++	The queued connect operation will abort once they have been queued for more
++	than `connect_timeout`, controlled by
++	[settimeouts](#tcpsocksettimeouts), and will return `nil` plus
++	the error string `"timeout"`.
++	This option was first introduced in the `v0.10.14` release.
++
  The support for the options table argument was first introduced in the `v0.5.7` release.
  This method was first introduced in the `v0.5.0rc1` release.
@@ -7165,6 +7290,40 @@ This feature was first introduced in the `v0.5.0rc1` release.
  [Back to TOC](#nginx-api-for-lua)
++tcpsock:receiveany
++------------------
++**syntax:** *data, err = tcpsock:receiveany(max)*
++
++**context:** *rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, ngx.timer.&#42;, ssl_certificate_by_lua&#42;, ssl_session_fetch_by_lua&#42;*
++
++Returns any data received by the connected socket, at most `max` bytes.
++
++This method is a synchronous operation just like the [send](#tcpsocksend) method and is 100% nonblocking.
++
++In case of success, it returns the data received; in case of error, it returns `nil` with a string describing the error.
++
++If the received data is more than this size, this method will return with exactly this size of data.
++The remaining data in the underlying receive buffer could be returned in the next reading operation.
++
++Timeout for the reading operation is controlled by the [lua_socket_read_timeout](#lua_socket_read_timeout) config directive and the [settimeouts](#tcpsocksettimeouts) method. And the latter takes priority. For example:
++
++```lua
++
++ sock:settimeouts(1000, 1000, 1000)  -- one second timeout for connect/read/write
++ local data, err = sock:receiveany(10 * 1024 * 1024) -- read any data, at most 10K
++ if not data then
++     ngx.say("failed to read any data: ", err)
++     return
++ end
++ ngx.say("successfully read: ", data)
++```
++
++This method doesn't automatically close the current connection when the read timeout error occurs. For other connection errors, this method always automatically closes the connection.
++
++This feature was first introduced in the `v0.10.14` release.
++
++[Back to TOC](#nginx-api-for-lua)
++
  tcpsock:receiveuntil
  --------------------
  **syntax:** *iterator = tcpsock:receiveuntil(pattern, options?)*
@@ -7337,13 +7496,31 @@ Puts the current socket's connection immediately into the cosocket built-in conn
  The first optional argument, `timeout`, can be used to specify the maximal idle timeout (in milliseconds) for the current connection. If omitted, the default setting in the [lua_socket_keepalive_timeout](#lua_socket_keepalive_timeout) config directive will be used. If the `0` value is given, then the timeout interval is unlimited.
--The second optional argument, `size`, can be used to specify the maximal number of connections allowed in the connection pool for the current server (i.e., the current host-port pair or the unix domain socket file path). Note that the size of the connection pool cannot be changed once the pool is created. When this argument is omitted, the default setting in the [lua_socket_pool_size](#lua_socket_pool_size) config directive will be used.
--
--When the connection pool exceeds the available size limit, the least recently used (idle) connection already in the pool will be closed to make room for the current connection.
--
--Note that the cosocket connection pool is per Nginx worker process rather than per Nginx server instance, so the size limit specified here also applies to every single Nginx worker process.
--
--Idle connections in the pool will be monitored for any exceptional events like connection abortion or unexpected incoming data on the line, in which cases the connection in question will be closed and removed from the pool.
++The second optional argument `size` is considered deprecated since
++the `v0.10.14` release of this module, in favor of the
++`pool_size` option of the [connect](#tcpsockconnect) method.
++Since the `v0.10.14` release, this option will only take effect if
++the call to [connect](#tcpsockconnect) did not already create a connection
++pool.
++When this option takes effect (no connection pool was previously created by
++[connect](#tcpsockconnect)), it will specify the size of the connection pool,
++and create it.
++If omitted (and no pool was previously created), the default size is the value
++of the [lua_socket_pool_size](#lua_socket_pool_size) directive.
++The connection pool holds up to `size` alive connections ready to be
++reused by subsequent calls to [connect](#tcpsockconnect), but note that there
++is no upper limit to the total number of opened connections outside of the
++pool.
++When the connection pool would exceed its size limit, the least recently used
++(kept-alive) connection already in the pool will be closed to make room for
++the current connection.
++Note that the cosocket connection pool is per Nginx worker process rather
++than per Nginx server instance, so the size limit specified here also applies
++to every single Nginx worker process. Also note that the size of the connection
++pool cannot be changed once it has been created.
++If you need to restrict the total number of opened connections, specify both
++the `pool_size` and `backlog` option in the call to
++[connect](#tcpsockconnect).
  In case of success, this method returns `1`; otherwise, it returns `nil` and a string describing the error.
@@ -7832,7 +8009,7 @@ timers" here mean timers that have not yet been expired and "running
  timers" are those whose user callbacks are currently running.
  The maximal number of pending timers allowed in an Nginx
--worker is constrolled by the [lua_max_pending_timers](#lua_max_pending_timers)
++worker is controlled by the [lua_max_pending_timers](#lua_max_pending_timers)
  directive. The maximal number of running timers is controlled by the
  [lua_max_running_timers](#lua_max_running_timers) directive.
@@ -8115,7 +8292,7 @@ This Lua module does not ship with this ngx_lua module itself rather it is shipp
  the
  [lua-resty-core](https://github.com/openresty/lua-resty-core) library.
--Please refer to the [documentation](https://github.com/openresty/lua-resty-core/blob/ocsp-cert-by-lua-2/lib/ngx/ocsp.md)
++Please refer to the [documentation](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/ocsp.md)
  for this `ngx.ocsp` Lua module for more details.
  This feature requires at least ngx_lua `v0.10.0`.
@@ -8128,7 +8305,7 @@ ndk.set_var.DIRECTIVE
  **context:** *init_worker_by_lua&#42;, set_by_lua&#42;, rewrite_by_lua&#42;, access_by_lua&#42;, content_by_lua&#42;, header_filter_by_lua&#42;, body_filter_by_lua&#42;, log_by_lua&#42;, ngx.timer.&#42;, balancer_by_lua&#42;, ssl_certificate_by_lua&#42;, ssl_session_fetch_by_lua&#42;, ssl_session_store_by_lua&#42;*
--This mechanism allows calling other nginx C modules' directives that are implemented by [Nginx Devel Kit](https://github.com/simpl/ngx_devel_kit) (NDK)'s set_var submodule's `ndk_set_var_value`.
++This mechanism allows calling other nginx C modules' directives that are implemented by [Nginx Devel Kit](https://github.com/simplresty/ngx_devel_kit) (NDK)'s set_var submodule's `ndk_set_var_value`.
  For example, the following [set-misc-nginx-module](http://github.com/openresty/set-misc-nginx-module) directives can be invoked this way:
@@ -8159,7 +8336,7 @@ Similarly, the following directives provided by [encrypted-session-nginx-module]
  * [set_encrypt_session](http://github.com/openresty/encrypted-session-nginx-module#set_encrypt_session)
  * [set_decrypt_session](http://github.com/openresty/encrypted-session-nginx-module#set_decrypt_session)
--This feature requires the [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit) module.
++This feature requires the [ngx_devel_kit](https://github.com/simplresty/ngx_devel_kit) module.
  [Back to TOC](#nginx-api-for-lua)
@@ -8264,4 +8441,3 @@ Special PCRE Sequences
  ----------------------
  This section has been renamed to [Special Escaping Sequences](#special-escaping-sequences).
--
 diff --git a/debian/modules/http-lua/config b/debian/modules/http-lua/config
 index 044deb9..e1d5e35 100644
 --- a/debian/modules/http-lua/config
 +++ b/debian/modules/http-lua/config
@@ -361,6 +361,8 @@ HTTP_LUA_SRCS=" \
              $ngx_addon_dir/src/ngx_http_lua_ssl_session_fetchby.c \
              $ngx_addon_dir/src/ngx_http_lua_ssl.c \
              $ngx_addon_dir/src/ngx_http_lua_log_ringbuf.c \
++            $ngx_addon_dir/src/ngx_http_lua_input_filters.c \
++            $ngx_addon_dir/src/ngx_http_lua_pipe.c \
+             "
  HTTP_LUA_DEPS=" \
@@ -422,6 +424,8 @@ HTTP_LUA_DEPS=" \
              $ngx_addon_dir/src/ngx_http_lua_ssl_session_fetchby.h \
              $ngx_addon_dir/src/ngx_http_lua_ssl.h \
              $ngx_addon_dir/src/ngx_http_lua_log_ringbuf.h \
++            $ngx_addon_dir/src/ngx_http_lua_input_filters.h \
++            $ngx_addon_dir/src/ngx_http_lua_pipe.h \
+             "
  CFLAGS="$CFLAGS -DNDK_SET_VAR"
@@ -474,6 +478,17 @@ ngx_feature_test='setsockopt(1, SOL_SOCKET, SO_PASSCRED, NULL, 0);'
  . auto/feature
++ngx_feature="SA_RESTART"
++ngx_feature_libs=
++ngx_feature_name="NGX_HTTP_LUA_HAVE_SA_RESTART"
++ngx_feature_run=no
++ngx_feature_incs="#include <signal.h>"
++ngx_feature_path=
++ngx_feature_test='struct sigaction act;
++                  act.sa_flags |= SA_RESTART;'
++
++. auto/feature
++
  ngx_feature="__attribute__(constructor)"
  ngx_feature_libs=
  ngx_feature_name="NGX_HTTP_LUA_HAVE_CONSTRUCTOR"
@@ -512,6 +527,36 @@ CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
  # ----------------------------------------
++ngx_feature="pipe2"
++ngx_feature_libs=
++ngx_feature_name="NGX_HTTP_LUA_HAVE_PIPE2"
++ngx_feature_run=no
++ngx_feature_incs="#include <fcntl.h>"
++ngx_feature_test="int fd[2]; pipe2(fd, O_CLOEXEC|O_NONBLOCK);"
++SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS"
++CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS"
++
++. auto/feature
++
++CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
++
++# ----------------------------------------
++
++ngx_feature="signalfd"
++ngx_feature_libs=
++ngx_feature_name="NGX_HTTP_LUA_HAVE_SIGNALFD"
++ngx_feature_run=no
++ngx_feature_incs="#include <sys/signalfd.h>"
++ngx_feature_test="sigset_t set; signalfd(-1, &set, SFD_NONBLOCK|SFD_CLOEXEC);"
++SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS"
++CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS"
++
++. auto/feature
++
++CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS"
++
++# ----------------------------------------
++
  if test -n "$ngx_module_link"; then
      ngx_module_type=HTTP_AUX_FILTER
      ngx_module_name=$ngx_addon_name
 diff --git a/debian/modules/http-lua/doc/HttpLuaModule.wiki b/debian/modules/http-lua/doc/HttpLuaModule.wiki
 index 2424d39..ff9b269 100644
 --- a/debian/modules/http-lua/doc/HttpLuaModule.wiki
 +++ b/debian/modules/http-lua/doc/HttpLuaModule.wiki
@@ -2,6 +2,8 @@
  ngx_http_lua_module - Embed the power of Lua into Nginx HTTP Servers.
++This module is a core component of OpenResty. If you are using this module, then you are essentially using OpenResty :)
++
  ''This module is not distributed with the Nginx source.'' See [[#Installation|the installation instructions]].
  = Status =
@@ -10,7 +12,7 @@ Production ready.
  = Version =
--This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.11] released on 3 November 2017.
++This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.15] released on March 14th, 2019.
  = Synopsis =
  <geshi lang="nginx">
@@ -130,7 +132,9 @@ This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/t
  = Description =
--This module embeds Lua, via the standard Lua 5.1 interpreter or [http://luajit.org/luajit.html LuaJIT 2.0/2.1], into Nginx and by leveraging Nginx's subrequests, allows the integration of the powerful Lua threads (Lua coroutines) into the Nginx event model.
++This module is a core component of OpenResty. If you are using this module, then you are essentially using OpenResty :)
++
++This module embeds Lua, via [http://luajit.org/luajit.html LuaJIT 2.0/2.1], into Nginx and by leveraging Nginx's subrequests, allows the integration of the powerful Lua threads (Lua coroutines) into the Nginx event model.
  Unlike [https://httpd.apache.org/docs/trunk/mod/mod_lua.html Apache's mod_lua] and [http://redmine.lighttpd.net/wiki/1/Docs:ModMagnet Lighttpd's mod_magnet], Lua code executed using this module can be ''100% non-blocking'' on network traffic as long as the [[#Nginx API for Lua|Nginx API for Lua]] provided by this module is used to handle
  requests to upstream services such as MySQL, PostgreSQL, Memcached, Redis, or upstream HTTP web services.
@@ -187,6 +191,7 @@ The Lua state (Lua VM instance) is shared across all the requests handled by a s
  The latest version of this module is compatible with the following versions of Nginx:
  * 1.13.x  (last tested: 1.13.6)
++* 1.12.x
  * 1.11.x  (last tested: 1.11.2)
  * 1.10.x
  * 1.9.x (last tested: 1.9.15)
@@ -198,12 +203,12 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported.
  = Installation =
--It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features become disabled, not work properly, or run slower.
++It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, OpenResty's LuaJIT 2.1 branch version, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features become disabled, not work properly, or run slower. The same applies to LuaJIT as well. OpenResty includes its own version of LuaJIT which gets specifically optimized and enhanced for the OpenResty environment.
  Alternatively, ngx_lua can be manually compiled into Nginx:
--# Install LuaJIT 2.0 or 2.1 (recommended) or Lua 5.1 (Lua 5.2 is ''not'' supported yet). LuaJIT can be downloaded from the [http://luajit.org/download.html LuaJIT project website] and Lua 5.1, from the [http://www.lua.org/ Lua project website].  Some distribution package managers also distribute LuaJIT and/or Lua.
--# Download the latest version of the ngx_devel_kit (NDK) module [https://github.com/simpl/ngx_devel_kit/tags HERE].
++# LuaJIT can be downloaded from the [https://github.com/openresty/luajit2/releases latest release of OpenResty's LuaJIT branch version]. The official LuaJIT 2.0 and 2.1 releases are also supported, although the performance will be significantly lower in many cases.
++# Download the latest version of the ngx_devel_kit (NDK) module [https://github.com/simplresty/ngx_devel_kit/tags HERE].
  # Download the latest version of ngx_lua [https://github.com/openresty/lua-nginx-module/tags HERE].
  # Download the latest version of Nginx [http://nginx.org/ HERE] (See [[#Nginx Compatibility|Nginx Compatibility]])
@@ -270,24 +275,6 @@ To enable one or more of these macros, just pass extra C compiler options to the
      ./configure --with-cc-opt="-DNGX_LUA_USE_ASSERT -DNGX_LUA_ABORT_AT_PANIC"
  </geshi>
--== Installation on Ubuntu 11.10 ==
--
--Note that it is recommended to use LuaJIT 2.0 or LuaJIT 2.1 instead of the standard Lua 5.1 interpreter wherever possible.
--
--If the standard Lua 5.1 interpreter is required however, run the following command to install it from the Ubuntu repository:
--
--<geshi lang="bash">
--apt-get install -y lua5.1 liblua5.1-0 liblua5.1-0-dev
--</geshi>
--
--Everything should be installed correctly, except for one small tweak.
--
--Library name <code>liblua.so</code> has been changed in liblua5.1 package, it only comes with <code>liblua5.1.so</code>, which needs to be symlinked to <code>/usr/lib</code> so it could be found during the configuration process.
--
--<geshi lang="bash">
--ln -s /usr/lib/x86_64-linux-gnu/liblua5.1.so /usr/lib/liblua.so
--</geshi>
--
  = Community =
  == English Mailing List ==
@@ -313,7 +300,7 @@ Please submit bug reports, wishlists, or patches by
  As from the <code>v0.5.0rc32</code> release, all <code>*_by_lua_file</code> configure directives (such as [[#content_by_lua_file|content_by_lua_file]]) support loading Lua 5.1 and LuaJIT 2.0/2.1 raw bytecode files directly.
--Please note that the bytecode format used by LuaJIT 2.0/2.1 is not compatible with that used by the standard Lua 5.1 interpreter. So if using LuaJIT 2.0/2.1 with ngx_lua, LuaJIT compatible bytecode files must be generated as shown:
++Please note that the bytecode format used by LuaJIT 2.0/2.1 is not compatible with that used by the standard Lua 5.1 interpreter. So if you are using LuaJIT 2.0/2.1 with ngx_lua, LuaJIT compatible bytecode files must be generated as shown:
  <geshi lang="bash">
      /path/to/luajit/bin/luajit -b /path/to/input_file.lua /path/to/output_file.ljbc
@@ -331,18 +318,6 @@ http://luajit.org/running.html#opt_b
  Also, the bytecode files generated by LuaJIT 2.1 is ''not'' compatible with LuaJIT 2.0, and vice versa. The support for LuaJIT 2.1 bytecode was first added in ngx_lua v0.9.3.
--Similarly, if using the standard Lua 5.1 interpreter with ngx_lua, Lua compatible bytecode files must be generated using the <code>luac</code> commandline utility as shown:
--
--<geshi lang="bash">
--    luac -o /path/to/output_file.luac /path/to/input_file.lua
--</geshi>
--
--Unlike as with LuaJIT, debug information is included in standard Lua 5.1 bytecode files by default. This can be striped out by specifying the <code>-s</code> option as shown:
--
--<geshi lang="bash">
--    luac -s -o /path/to/output_file.luac /path/to/input_file.lua
--</geshi>
--
  Attempts to load standard Lua 5.1 bytecode files into ngx_lua instances linked to LuaJIT 2.0/2.1 or vice versa, will result in an error message, such as that below, being logged into the Nginx <code>error.log</code> file:
  <geshi lang="text">
@@ -509,8 +484,7 @@ However, later attempts to manipulate the cosocket object will fail and return t
  This issue is due to limitations in the Nginx event model and only appears to affect Mac OS X.
  == Lua Coroutine Yielding/Resuming ==
--* Because Lua's <code>dofile</code> and <code>require</code> builtins are currently implemented as C functions in both Lua 5.1 and LuaJIT 2.0/2.1, if the Lua file being loaded by <code>dofile</code> or <code>require</code> invokes [[#ngx.location.capture|ngx.location.capture*]], [[#ngx.exec|ngx.exec]], [[#ngx.exit|ngx.exit]], or other API functions requiring yielding in the *top-level* scope of the Lua file, then the Lua error "attempt to yield across C-call boundary" will be raised. To avoid this, put these calls requiring yielding into your own Lua functions in the Lua file instead of the top-level scope of the file.
--* As the standard Lua 5.1 interpreter's VM is not fully resumable, the methods [[#ngx.location.capture|ngx.location.capture]], [[#ngx.location.capture_multi|ngx.location.capture_multi]], [[#ngx.redirect|ngx.redirect]], [[#ngx.exec|ngx.exec]], and [[#ngx.exit|ngx.exit]] cannot be used within the context of a Lua [http://www.lua.org/manual/5.1/manual.html#pdf-pcall pcall()] or [http://www.lua.org/manual/5.1/manual.html#pdf-xpcall xpcall()] or even the first line of the <code>for ... in ...</code> statement when the standard Lua 5.1 interpreter is used and the <code>attempt to yield across metamethod/C-call boundary</code> error will be produced. Please use LuaJIT 2.x, which supports a fully resumable VM, to avoid this.
++* Because Lua's <code>dofile</code> and <code>require</code> builtins are currently implemented as C functions in LuaJIT 2.0/2.1, if the Lua file being loaded by <code>dofile</code> or <code>require</code> invokes [[#ngx.location.capture|ngx.location.capture*]], [[#ngx.exec|ngx.exec]], [[#ngx.exit|ngx.exit]], or other API functions requiring yielding in the *top-level* scope of the Lua file, then the Lua error "attempt to yield across C-call boundary" will be raised. To avoid this, put these calls requiring yielding into your own Lua functions in the Lua file instead of the top-level scope of the file.
  == Lua Variable Scope ==
  Care must be taken when importing modules and this form should be used:
@@ -683,7 +657,7 @@ As noted earlier, PCRE sequences presented within <code>*_by_lua_block {}</code>
      # nginx.conf
      location /test {
          content_by_lua_block {
--            local regex = "\d+"
++            local regex = [[\d+]]
              local m = ngx.re.match("hello, 1234", regex)
              if m then ngx.say(m[0]) else ngx.say("not matched!") end
+         }
@@ -765,7 +739,7 @@ The following dependencies are required to run the test suite:
  ** Test::Nginx: https://github.com/openresty/test-nginx
  * Nginx modules:
--** [https://github.com/simpl/ngx_devel_kit ngx_devel_kit]
++** [https://github.com/simplresty/ngx_devel_kit ngx_devel_kit]
  ** [https://github.com/openresty/set-misc-nginx-module ngx_set_misc]
  ** [http://mdounin.ru/files/ngx_http_auth_request_module-0.2.tar.gz ngx_auth_request] (this is not needed if you're using Nginx 1.5.4+.
  ** [https://github.com/openresty/echo-nginx-module ngx_echo]
@@ -816,7 +790,7 @@ This module is licensed under the BSD license.
  Copyright (C) 2009-2017, by Xiaozhe Wang (chaoslawful) <chaoslawful@gmail.com>.
--Copyright (C) 2009-2017, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.
++Copyright (C) 2009-2019, by Yichun "agentzh" Zhang (章亦春) <agentzh@gmail.com>, OpenResty Inc.
  All rights reserved.
@@ -844,7 +818,7 @@ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
  * [http://openresty.org/#DynamicRoutingBasedOnRedis Dynamic Routing Based on Redis and Lua]
  * [http://openresty.org/#UsingLuaRocks Using LuaRocks with ngx_lua]
  * [https://github.com/openresty/lua-nginx-module/wiki/Introduction Introduction to ngx_lua]
--* [https://github.com/simpl/ngx_devel_kit ngx_devel_kit]
++* [https://github.com/simplresty/ngx_devel_kit ngx_devel_kit]
  * [[HttpEchoModule]]
  * [[HttpDrizzleModule]]
  * [https://github.com/FRiCKLE/ngx_postgres postgres-nginx-module]
@@ -861,6 +835,34 @@ how the result will be used. Below is a diagram showing the order in which direc
  ![Lua Nginx Modules Directives](https://cloud.githubusercontent.com/assets/2137369/15272097/77d1c09e-1a37-11e6-97ef-d9767035fc3e.png)
++== lua_load_resty_core ==
++
++'''syntax:''' ''lua_load_resty_core on|off''
++
++'''default:''' ''lua_load_resty_core on''
++
++'''context:''' ''http''
++
++Controls whether the <code>resty.core</code> module (from
++[https://github.com/openresty/lua-resty-core lua-resty-core]) should be loaded
++or not. When enabled, this directive is equivalent to executing the following
++when the Lua VM is created:
++
++<geshi lang="lua">
++    require "resty.core"
++</geshi>
++
++Note that usage of the <code>resty.core</code> module is recommended, as its
++FFI implementation is both faster, safer, and more complete than the Lua C API
++of the ngx_lua module.
++
++It must also be noted that the Lua C API of the ngx_lua module will eventually
++be removed, and usage of the FFI-based API (i.e. the <code>resty.core</code>
++module) will become mandatory. This directive only aims at providing a
++temporary backwards-compatibility mode in case of edge-cases.
++
++This directive was first introduced in the <code>v0.10.15</code> release.
++
  == lua_capture_error_log ==
  '''syntax:''' ''lua_capture_error_log size''
@@ -1195,6 +1197,8 @@ This hook is often used to create per-worker reoccurring timers (via the [[#ngx.
  This directive was first introduced in the <code>v0.9.5</code> release.
++This hook no longer runs in the cache manager and cache loader processes since the <code>v0.10.12</code> release.
++
  == init_worker_by_lua_block ==
  '''syntax:''' ''init_worker_by_lua_block { lua-script }''
@@ -1218,6 +1222,8 @@ For instance,
  This directive was first introduced in the <code>v0.9.17</code> release.
++This hook no longer runs in the cache manager and cache loader processes since the <code>v0.10.12</code> release.
++
  == init_worker_by_lua_file ==
  '''syntax:''' ''init_worker_by_lua_file <lua-file-path>''
@@ -1230,6 +1236,8 @@ Similar to [[#init_worker_by_lua|init_worker_by_lua]], but accepts the file path
  This directive was first introduced in the <code>v0.9.5</code> release.
++This hook no longer runs in the cache manager and cache loader processes since the <code>v0.10.12</code> release.
++
  == set_by_lua ==
  '''syntax:''' ''set_by_lua $res <lua-script-str> [$arg1 $arg2 ...]''
@@ -1284,7 +1292,7 @@ This directive can be freely mixed with all directives of the [[HttpRewriteModul
  As from the <code>v0.5.0rc29</code> release, Nginx variable interpolation is disabled in the <code><lua-script-str></code> argument of this directive and therefore, the dollar sign character (<code>$</code>) can be used directly.
--This directive requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_kit] module.
++This directive requires the [https://github.com/simplresty/ngx_devel_kit ngx_devel_kit] module.
  == set_by_lua_block ==
@@ -1330,7 +1338,7 @@ and the Nginx config must be reloaded each time the Lua source file is modified.
  The Lua code cache can be temporarily disabled during development by
  switching [[#lua_code_cache|lua_code_cache]] <code>off</code> in <code>nginx.conf</code> to avoid reloading Nginx.
--This directive requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_kit] module.
++This directive requires the [https://github.com/simplresty/ngx_devel_kit ngx_devel_kit] module.
  == content_by_lua ==
@@ -2189,14 +2197,14 @@ SSL session resumption can then get immediately initiated and bypass the full SS
  Please note that TLS session tickets are very different and it is the clients' responsibility
  to cache the SSL session state when session tickets are used. SSL session resumptions based on
  TLS session tickets would happen automatically without going through this hook (nor the
--[[#ssl_session_store_by_lua*|ssl_session_store_by_lua_block]] hook). This hook is mainly
++[[#ssl_session_store_by_lua_block|ssl_session_store_by_lua*]] hook). This hook is mainly
  for older or less capable SSL clients that can only do SSL sessions by session IDs.
  When [[#ssl_certificate_by_lua_block|ssl_certificate_by_lua*]] is specified at the same time,
  this hook usually runs before [[#ssl_certificate_by_lua_block|ssl_certificate_by_lua*]].
  When the SSL session is found and successfully loaded for the current SSL connection,
  SSL session resumption will happen and thus bypass the [[#ssl_certificate_by_lua_block|ssl_certificate_by_lua*]]
--hook completely. In this case, NGINX also bypasses the [[#ssl_session_store_by_lua*|ssl_session_store_by_lua_block]]
++hook completely. In this case, NGINX also bypasses the [[#ssl_session_store_by_lua_block|ssl_session_store_by_lua*]]
  hook, for obvious reasons.
  To easily test this hook locally with a modern web browser, you can temporarily put the following line
@@ -2462,7 +2470,7 @@ This directive was first introduced in the <code>v0.9.11</code> release.
  == lua_ssl_protocols ==
--'''syntax:''' ''lua_ssl_protocols [SSLv2] [SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]''
++'''syntax:''' ''lua_ssl_protocols [SSLv2] [SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2] [TLSv1.3]''
  '''default:''' ''lua_ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2''
@@ -2470,6 +2478,8 @@ This directive was first introduced in the <code>v0.9.11</code> release.
  Enables the specified protocols for requests to a SSL/TLS server in the [[#tcpsock:sslhandshake|tcpsock:sslhandshake]] method.
++The support for the <code>TLSv1.3</code> parameter requires version <code>v0.10.12</code> *and* OpenSSL 1.1.1.
++
  This directive was first introduced in the <code>v0.9.11</code> release.
  == lua_ssl_trusted_certificate ==
@@ -2617,6 +2627,20 @@ When exceeding this limit, Nginx will stop running the callbacks of newly expire
  This directive was first introduced in the <code>v0.8.0</code> release.
++== lua_sa_restart ==
++
++'''syntax:''' ''lua_sa_restart on|off''
++
++'''default:''' ''lua_sa_restart on''
++
++'''context:''' ''http''
++
++When enabled, this module will set the `SA_RESTART` flag on nginx workers signal dispositions.
++
++This allows Lua I/O primitives to not be interrupted by nginx's handling of various signals.
++
++This directive was first introduced in the <code>v0.10.14</code> release.
++
  = Nginx API for Lua =
  <!-- inline-toc -->
@@ -2748,7 +2772,7 @@ This API requires a relatively expensive metamethod call and it is recommended t
    ngx.DECLINED (-5)
  </geshi>
--Note that only three of these constants are utilized by the [[#Nginx API for Lua|Nginx API for Lua]] (i.e., [[#ngx.exit|ngx.exit]] accepts <code>NGX_OK</code>, <code>NGX_ERROR</code>, and <code>NGX_DECLINED</code> as input).
++Note that only three of these constants are utilized by the [[#Nginx API for Lua|Nginx API for Lua]] (i.e., [[#ngx.exit|ngx.exit]] accepts <code>ngx.OK</code>, <code>ngx.ERROR</code>, and <code>ngx.DECLINED</code> as input).
  <geshi lang="lua">
    ngx.null
@@ -2798,6 +2822,7 @@ These constants are usually used in [[#ngx.location.capture|ngx.location.capture
    value = ngx.HTTP_SEE_OTHER (303)
    value = ngx.HTTP_NOT_MODIFIED (304)
    value = ngx.HTTP_TEMPORARY_REDIRECT (307) (first added in the v0.9.20 release)
++  value = ngx.HTTP_PERMANENT_REDIRECT (308)
    value = ngx.HTTP_BAD_REQUEST (400)
    value = ngx.HTTP_UNAUTHORIZED (401)
    value = ngx.HTTP_PAYMENT_REQUIRED (402) (first added in the v0.9.20 release)
@@ -3399,7 +3424,7 @@ The same applies to assigning an empty table:
      ngx.header["X-My-Header"] = {};
  </geshi>
--Setting <code>ngx.header.HEADER</code> after sending out response headers (either explicitly with [[#ngx.send_headers|ngx.send_headers]] or implicitly with [[#ngx.print|ngx.print]] and similar) will throw out a Lua exception.
++Setting <code>ngx.header.HEADER</code> after sending out response headers (either explicitly with [[#ngx.send_headers|ngx.send_headers]] or implicitly with [[#ngx.print|ngx.print]] and similar) will log an error message.
  Reading <code>ngx.header.HEADER</code> will return the value of the response header named <code>HEADER</code>.
@@ -3443,14 +3468,19 @@ Note that <code>ngx.header</code> is not a normal Lua table and as such, it is n
  For reading ''request'' headers, use the [[#ngx.req.get_headers|ngx.req.get_headers]] function instead.
  == ngx.resp.get_headers ==
--'''syntax:''' ''headers = ngx.resp.get_headers(max_headers?, raw?)''
++'''syntax:''' ''headers, err = ngx.resp.get_headers(max_headers?, raw?)''
  '''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, balancer_by_lua*''
  Returns a Lua table holding all the current response headers for the current request.
  <geshi lang="lua">
--local h = ngx.resp.get_headers()
++local h, err = ngx.resp.get_headers()
++
++if err == "truncated" then
++    -- one can choose to ignore or reject the current response here
++end
++
  for k, v in pairs(h) do
      ...
  end
@@ -3458,6 +3488,8 @@ end
  This function has the same signature as [[#ngx.req.get_headers|ngx.req.get_headers]] except getting response headers instead of request headers.
++Note that a maximum of 100 response headers are parsed by default (including those with the same name) and that additional response headers are silently discarded to guard against potential denial of service attacks. Since <code>v0.10.13</code>, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
++
  This API was first introduced in the <code>v0.9.5</code> release.
  == ngx.req.is_internal ==
@@ -3546,7 +3578,7 @@ This method does not work in HTTP/2 requests yet.
  == ngx.req.get_method ==
  '''syntax:''' ''method_name = ngx.req.get_method()''
--'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, balancer_by_lua*''
++'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, balancer_by_lua*, log_by_lua*''
  Retrieves the current request's request method name. Strings like <code>"GET"</code> and <code>"POST"</code> are returned instead of numerical [[#HTTP method constants|method constants]].
@@ -3687,7 +3719,7 @@ This interface was first introduced in the <code>v0.3.1rc13</code> release.
  See also [[#ngx.req.set_uri|ngx.req.set_uri]].
  == ngx.req.get_uri_args ==
--'''syntax:''' ''args = ngx.req.get_uri_args(max_args?)''
++'''syntax:''' ''args, err = ngx.req.get_uri_args(max_args?)''
  '''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, balancer_by_lua*''
@@ -3696,7 +3728,12 @@ Returns a Lua table holding all the current request URL query arguments.
  <geshi lang="nginx">
      location = /test {
          content_by_lua_block {
--            local args = ngx.req.get_uri_args()
++            local args, err = ngx.req.get_uri_args()
++
++            if err == "truncated" then
++                -- one can choose to ignore or reject the current request here
++            end
++
              for key, val in pairs(args) do
                  if type(val) == "table" then
                      ngx.say(key, ": ", table.concat(val, ", "))
@@ -3743,7 +3780,7 @@ Updating query arguments via the nginx variable <code>$args</code> (or <code>ngx
  <geshi lang="lua">
      ngx.var.args = "a=3&b=42"
--    local args = ngx.req.get_uri_args()
++    local args, err = ngx.req.get_uri_args()
  </geshi>
  Here the <code>args</code> table will always look like
@@ -3754,18 +3791,21 @@ Here the <code>args</code> table will always look like
  regardless of the actual request query string.
--Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks.
++Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. Since <code>v0.10.13</code>, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  However, the optional <code>max_args</code> function argument can be used to override this limit:
  <geshi lang="lua">
--    local args = ngx.req.get_uri_args(10)
++    local args, err = ngx.req.get_uri_args(10)
++    if err == "truncated" then
++        -- one can choose to ignore or reject the current request here
++    end
  </geshi>
  This argument can be set to zero to remove the limit and to process all request arguments received:
  <geshi lang="lua">
--    local args = ngx.req.get_uri_args(0)
++    local args, err = ngx.req.get_uri_args(0)
  </geshi>
  Removing the <code>max_args</code> cap is strongly discouraged.
@@ -3782,6 +3822,11 @@ Returns a Lua table holding all the current request POST query arguments (of the
          content_by_lua_block {
              ngx.req.read_body()
              local args, err = ngx.req.get_post_args()
++
++            if err == "truncated" then
++                -- one can choose to ignore or reject the current request here
++            end
++
              if not args then
                  ngx.say("failed to get post args: ", err)
                  return
@@ -3844,31 +3889,39 @@ That is, they will take Lua boolean values <code>true</code>. However, they are
  Empty key arguments are discarded. <code>POST /test</code> with body <code>=hello&=world</code> will yield empty outputs for instance.
--Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks.
++Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. Since <code>v0.10.13</code>, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  However, the optional <code>max_args</code> function argument can be used to override this limit:
  <geshi lang="lua">
--    local args = ngx.req.get_post_args(10)
++    local args, err = ngx.req.get_post_args(10)
++    if err == "truncated" then
++        -- one can choose to ignore or reject the current request here
++    end
  </geshi>
  This argument can be set to zero to remove the limit and to process all request arguments received:
  <geshi lang="lua">
--    local args = ngx.req.get_post_args(0)
++    local args, err = ngx.req.get_post_args(0)
  </geshi>
  Removing the <code>max_args</code> cap is strongly discouraged.
  == ngx.req.get_headers ==
--'''syntax:''' ''headers = ngx.req.get_headers(max_headers?, raw?)''
++'''syntax:''' ''headers, err = ngx.req.get_headers(max_headers?, raw?)''
  '''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*''
  Returns a Lua table holding all the current request headers.
  <geshi lang="lua">
--    local h = ngx.req.get_headers()
++    local h, err = ngx.req.get_headers()
++
++    if err == "truncated" then
++        -- one can choose to ignore or reject the current request here
++    end
++
      for k, v in pairs(h) do
          ...
      end
@@ -3896,18 +3949,22 @@ the value of <code>ngx.req.get_headers()["Foo"]</code> will be a Lua (array) tab
      {"foo", "bar", "baz"}
  </geshi>
--Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks.
++Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks. Since <code>v0.10.13</code>, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  However, the optional <code>max_headers</code> function argument can be used to override this limit:
  <geshi lang="lua">
--    local headers = ngx.req.get_headers(10)
++    local headers, err = ngx.req.get_headers(10)
++
++    if err == "truncated" then
++        -- one can choose to ignore or reject the current request here
++    end
  </geshi>
  This argument can be set to zero to remove the limit and to process all request headers received:
  <geshi lang="lua">
--    local headers = ngx.req.get_headers(0)
++    local headers, err = ngx.req.get_headers(0)
  </geshi>
  Removing the <code>max_headers</code> cap is strongly discouraged.
@@ -4029,7 +4086,7 @@ This function returns <code>nil</code> if
  # the request body has been read into disk temporary files,
  # or the request body has zero size.
--If the request body has not been read yet, call [[#ngx.req.read_body|ngx.req.read_body]] first (or turned on [[#lua_need_request_body|lua_need_request_body]] to force this module to read the request body. This is not recommended however).
++If the request body has not been read yet, call [[#ngx.req.read_body|ngx.req.read_body]] first (or turn on [[#lua_need_request_body|lua_need_request_body]] to force this module to read the request body. This is not recommended however).
  If the request body has been read into disk files, try calling the [[#ngx.req.get_body_file|ngx.req.get_body_file]] function instead.
@@ -4050,7 +4107,7 @@ Retrieves the file name for the in-file request body data. Returns <code>nil</co
  The returned file is read only and is usually cleaned up by Nginx's memory pool. It should not be manually modified, renamed, or removed in Lua code.
--If the request body has not been read yet, call [[#ngx.req.read_body|ngx.req.read_body]] first (or turned on [[#lua_need_request_body|lua_need_request_body]] to force this module to read the request body. This is not recommended however).
++If the request body has not been read yet, call [[#ngx.req.read_body|ngx.req.read_body]] first (or turn on [[#lua_need_request_body|lua_need_request_body]] to force this module to read the request body. This is not recommended however).
  If the request body has been read into memory, try calling the [[#ngx.req.get_body_data|ngx.req.get_body_data]] function instead.
@@ -4067,7 +4124,9 @@ See also [[#ngx.req.get_body_data|ngx.req.get_body_data]].
  Set the current request's request body using the in-memory data specified by the <code>data</code> argument.
--If the current request's request body has not been read, then it will be properly discarded. When the current request's request body has been read into memory or buffered into a disk file, then the old request body's memory will be freed or the disk file will be cleaned up immediately, respectively.
++If the request body has not been read yet, call [[#ngx.req.read_body|ngx.req.read_body]] first (or turn on [[#lua_need_request_body|lua_need_request_body]] to force this module to read the request body. This is not recommended however). Additionally, the request body must not have been previously discarded by [[#ngx.req.discard_body|ngx.req.discard_body]].
++
++Whether the previous request body has been read into memory or buffered into a disk file, it will be freed or the disk file will be cleaned up immediately, respectively.
  This function was first introduced in the <code>v0.3.1rc18</code> release.
@@ -4080,11 +4139,13 @@ See also [[#ngx.req.set_body_file|ngx.req.set_body_file]].
  Set the current request's request body using the in-file data specified by the <code>file_name</code> argument.
++If the request body has not been read yet, call [[#ngx.req.read_body|ngx.req.read_body]] first (or turn on [[#lua_need_request_body|lua_need_request_body]] to force this module to read the request body. This is not recommended however). Additionally, the request body must not have been previously discarded by [[#ngx.req.discard_body|ngx.req.discard_body]].
++
  If the optional <code>auto_clean</code> argument is given a <code>true</code> value, then this file will be removed at request completion or the next time this function or [[#ngx.req.set_body_data|ngx.req.set_body_data]] are called in the same request. The <code>auto_clean</code> is default to <code>false</code>.
  Please ensure that the file specified by the <code>file_name</code> argument exists and is readable by an Nginx worker process by setting its permission properly to avoid Lua exception errors.
--If the current request's request body has not been read, then it will be properly discarded. When the current request's request body has been read into memory or buffered into a disk file, then the old request body's memory will be freed or the disk file will be cleaned up immediately, respectively.
++Whether the previous request body has been read into memory or buffered into a disk file, it will be freed or the disk file will be cleaned up immediately, respectively.
  This function was first introduced in the <code>v0.3.1rc18</code> release.
@@ -4244,6 +4305,7 @@ The optional <code>status</code> parameter specifies the HTTP status code to be
  * <code>302</code> (default)
  * <code>303</code>
  * <code>307</code>
++* <code>308</code>
  It is <code>302</code> (<code>ngx.HTTP_MOVED_TEMPORARILY</code>) by default.
@@ -4442,7 +4504,7 @@ Number literals can be used directly as the argument, for instance,
      ngx.exit(501)
  </geshi>
--Note that while this method accepts all [[#HTTP status constants|HTTP status constants]] as input, it only accepts <code>NGX_OK</code> and <code>NGX_ERROR</code> of the [[#core constants|core constants]].
++Note that while this method accepts all [[#HTTP status constants|HTTP status constants]] as input, it only accepts <code>ngx.OK</code> and <code>ngx.ERROR</code> of the [[#core constants|core constants]].
  Also note that this method call terminates the processing of the current request and that it is recommended that a coding style that combines this method call with the <code>return</code> statement, i.e., <code>return ngx.exit(...)</code> be used to reinforce the fact that the request processing is being terminated.
@@ -4571,13 +4633,13 @@ If the argument value is <code>false</code>, then the effect is equivalent to th
  This method was first introduced in the <code>v0.3.1rc27</code> release.
  == ngx.decode_args ==
--'''syntax:''' ''table = ngx.decode_args(str, max_args?)''
++'''syntax:''' ''table, err = ngx.decode_args(str, max_args?)''
  '''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*''
  Decodes a URI encoded query-string into a Lua table. This is the inverse function of [[#ngx.encode_args|ngx.encode_args]].
--The optional <code>max_args</code> argument can be used to specify the maximum number of arguments parsed from the <code>str</code> argument. By default, a maximum of 100 request arguments are parsed (including those with the same name) and that additional URI arguments are silently discarded to guard against potential denial of service attacks.
++The optional <code>max_args</code> argument can be used to specify the maximum number of arguments parsed from the <code>str</code> argument. By default, a maximum of 100 request arguments are parsed (including those with the same name) and that additional URI arguments are silently discarded to guard against potential denial of service attacks. Since <code>v0.10.13</code>, when the limit is exceeded, it will return a second value which is the string `"truncated"`.
  This argument can be set to zero to remove the limit and to process all request arguments received:
@@ -5405,10 +5467,12 @@ This feature was first introduced in the <code>v0.3.1rc22</code> release.
  See also [[#ngx.shared.DICT|ngx.shared.DICT]].
  == ngx.shared.DICT.incr ==
--'''syntax:''' ''newval, err, forcible? = ngx.shared.DICT:incr(key, value, init?)''
++'''syntax:''' ''newval, err, forcible? = ngx.shared.DICT:incr(key, value, init?, init_ttl?)''
  '''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*''
++'''optional requirement:''' <code>resty.core.shdict</code> or <code>resty.core</code>
++
  Increments the (numerical) value for <code>key</code> in the shm-based dictionary [[#ngx.shared.DICT|ngx.shared.DICT]] by the step value <code>value</code>. Returns the new resulting number if the operation is successfully completed or <code>nil</code> and an error message otherwise.
  When the key does not exist or has already expired in the shared dictionary,
@@ -5418,6 +5482,24 @@ When the key does not exist or has already expired in the shared dictionary,
  Like the [[#ngx.shared.DICT.add|add]] method, it also overrides the (least recently used) unexpired items in the store when running out of storage in the shared memory zone.
++The optional <code>init_ttl</code> argument specifies expiration time (in seconds) of the value when it is initialized via the <code>init</code> argument. The time resolution is <code>0.001</code> seconds. If <code>init_ttl</code> takes the value <code>0</code> (which is the default), then the item will never expire. This argument cannot be provided without providing the <code>init</code> argument as well, and has no effect if the value already exists (e.g., if it was previously inserted via [[#ngx.shared.DICT.set|set]] or the likes).
++
++'''Note:''' Usage of the <code>init_ttl</code> argument requires the <code>resty.core.shdict</code> or <code>resty.core</code> modules from the [https://github.com/openresty/lua-resty-core lua-resty-core] library. Example:
++
++<geshi lang="lua">
++    require "resty.core"
++
++    local cats = ngx.shared.cats
++    local newval, err = cats:incr("black_cats", 1, 0, 0.1)
++
++    print(newval) -- 1
++
++    ngx.sleep(0.2)
++
++    local val, err = cats:get("black_cats")
++    print(val) -- nil
++</geshi>
++
  The <code>forcible</code> return value will always be <code>nil</code> when the <code>init</code> argument is not specified.
  If this method succeeds in storing the current item by forcibly removing other not-yet-expired items in the dictionary via LRU, the <code>forcible</code> return value will be <code>true</code>. If it stores the item without forcibly removing other valid items, then the return value <code>forcible</code> will be <code>false</code>.
@@ -5430,6 +5512,8 @@ This method was first introduced in the <code>v0.3.1rc22</code> release.
  The optional <code>init</code> parameter was first added in the <code>v0.10.6</code> release.
++The optional <code>init_ttl</code> parameter was introduced in the <code>v0.10.12rc2</code> release.
++
  See also [[#ngx.shared.DICT|ngx.shared.DICT]].
  == ngx.shared.DICT.lpush ==
@@ -5583,7 +5667,7 @@ See also [[#ngx.shared.DICT.flush_expired|ngx.shared.DICT.flush_expired]] and [[
  Flushes out the expired items in the dictionary, up to the maximal number specified by the optional <code>max_count</code> argument. When the <code>max_count</code> argument is given <code>0</code> or not given at all, then it means unlimited. Returns the number of items that have actually been flushed.
--Unlike the [[#ngx.shared.DICT.flush_all|flush_all]] method, this method actually free up the memory used by the expired items.
++Unlike the [[#ngx.shared.DICT.flush_all|flush_all]] method, this method actually frees up the memory used by the expired items.
  This feature was first introduced in the <code>v0.6.3</code> release.
@@ -5829,6 +5913,7 @@ Creates and returns a TCP or stream-oriented unix domain socket object (also kno
  * [[#tcpsock:settimeout|settimeout]]
  * [[#tcpsock:settimeouts|settimeouts]]
  * [[#tcpsock:setoption|setoption]]
++* [[#tcpsock:receiveany|receiveany]]
  * [[#tcpsock:receiveuntil|receiveuntil]]
  * [[#tcpsock:setkeepalive|setkeepalive]]
  * [[#tcpsock:getreusedtimes|getreusedtimes]]
@@ -5926,6 +6011,43 @@ An optional Lua table can be specified as the last argument to this method to sp
  * <code>pool</code>
  : specify a custom name for the connection pool being used. If omitted, then the connection pool name will be generated from the string template <code>"<host>:<port>"</code> or <code>"<unix-socket-path>"</code>.
++* <code>pool_size</code>
++: specify the size of the connection pool. If omitted and no
++: <code>backlog</code> option was provided, no pool will be created. If omitted
++: but <code>backlog</code> was provided, the pool will be created with a default
++: size equal to the value of the [[#lua_socket_pool_size|lua_socket_pool_size]]
++: directive.
++: The connection pool holds up to <code>pool_size</code> alive connections
++: ready to be reused by subsequent calls to [[#tcpsock:connect|connect]], but
++: note that there is no upper limit to the total number of opened connections
++: outside of the pool. If you need to restrict the total number of opened
++: connections, specify the <code>backlog</code> option.
++: When the connection pool would exceed its size limit, the least recently used
++: (kept-alive) connection already in the pool will be closed to make room for
++: the current connection.
++: Note that the cosocket connection pool is per Nginx worker process rather
++: than per Nginx server instance, so the size limit specified here also applies
++: to every single Nginx worker process. Also note that the size of the connection
++: pool cannot be changed once it has been created.
++: This option was first introduced in the <code>v0.10.14</code> release.
++
++* <code>backlog</code>
++: if specified, this module will limit the total number of opened connections
++: for this pool. No more connections than <code>pool_size</code> can be opened
++: for this pool at any time. If the connection pool is full, subsequent
++: connect operations will be queued into a queue equal to this option's
++: value (the "backlog" queue).
++: If the number of queued connect operations is equal to <code>backlog</code>,
++: subsequent connect operations will fail and return <code>nil</code> plus the
++: error string <code>"too many waiting connect operations"</code>.
++: The queued connect operations will be resumed once the number of connections
++: in the pool is less than <code>pool_size</code>.
++: The queued connect operation will abort once they have been queued for more
++: than <code>connect_timeout</code>, controlled by
++: [[#tcpsock:settimeouts|settimeouts]], and will return <code>nil</code> plus
++: the error string <code>"timeout"</code>.
++: This option was first introduced in the <code>v0.10.14</code> release.
++
  The support for the options table argument was first introduced in the <code>v0.5.7</code> release.
  This method was first introduced in the <code>v0.5.0rc1</code> release.
@@ -6038,6 +6160,36 @@ Since the <code>v0.8.8</code> release, this method no longer automatically close
  This feature was first introduced in the <code>v0.5.0rc1</code> release.
++== tcpsock:receiveany ==
++'''syntax:''' ''data, err = tcpsock:receiveany(max)''
++
++'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, ngx.timer.*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*''
++
++Returns any data received by the connected socket, at most <code>max</code> bytes.
++
++This method is a synchronous operation just like the [[#tcpsock:send|send]] method and is 100% nonblocking.
++
++In case of success, it returns the data received; in case of error, it returns <code>nil</code> with a string describing the error.
++
++If the received data is more than this size, this method will return with exactly this size of data.
++The remaining data in the underlying receive buffer could be returned in the next reading operation.
++
++Timeout for the reading operation is controlled by the [[#lua_socket_read_timeout|lua_socket_read_timeout]] config directive and the [[#tcpsock:settimeouts|settimeouts]] method. And the latter takes priority. For example:
++
++<geshi lang="lua">
++    sock:settimeouts(1000, 1000, 1000)  -- one second timeout for connect/read/write
++    local data, err = sock:receiveany(10 * 1024 * 1024) -- read any data, at most 10K
++    if not data then
++        ngx.say("failed to read any data: ", err)
++        return
++    end
++    ngx.say("successfully read: ", data)
++</geshi>
++
++This method doesn't automatically close the current connection when the read timeout error occurs. For other connection errors, this method always automatically closes the connection.
++
++This feature was first introduced in the <code>v0.10.14</code> release.
++
  == tcpsock:receiveuntil ==
  '''syntax:''' ''iterator = tcpsock:receiveuntil(pattern, options?)''
@@ -6190,13 +6342,31 @@ Puts the current socket's connection immediately into the cosocket built-in conn
  The first optional argument, <code>timeout</code>, can be used to specify the maximal idle timeout (in milliseconds) for the current connection. If omitted, the default setting in the [[#lua_socket_keepalive_timeout|lua_socket_keepalive_timeout]] config directive will be used. If the <code>0</code> value is given, then the timeout interval is unlimited.
--The second optional argument, <code>size</code>, can be used to specify the maximal number of connections allowed in the connection pool for the current server (i.e., the current host-port pair or the unix domain socket file path). Note that the size of the connection pool cannot be changed once the pool is created. When this argument is omitted, the default setting in the [[#lua_socket_pool_size|lua_socket_pool_size]] config directive will be used.
--
--When the connection pool exceeds the available size limit, the least recently used (idle) connection already in the pool will be closed to make room for the current connection.
--
--Note that the cosocket connection pool is per Nginx worker process rather than per Nginx server instance, so the size limit specified here also applies to every single Nginx worker process.
--
--Idle connections in the pool will be monitored for any exceptional events like connection abortion or unexpected incoming data on the line, in which cases the connection in question will be closed and removed from the pool.
++The second optional argument <code>size</code> is considered deprecated since
++the <code>v0.10.14</code> release of this module, in favor of the
++<code>pool_size</code> option of the [[#tcpsock:connect|connect]] method.
++Since the <code>v0.10.14</code> release, this option will only take effect if
++the call to [[#tcpsock:connect|connect]] did not already create a connection
++pool.
++When this option takes effect (no connection pool was previously created by
++[[#tcpsock:connect|connect]]), it will specify the size of the connection pool,
++and create it.
++If omitted (and no pool was previously created), the default size is the value
++of the [[#lua_socket_pool_size|lua_socket_pool_size]] directive.
++The connection pool holds up to <code>size</code> alive connections ready to be
++reused by subsequent calls to [[#tcpsock:connect|connect]], but note that there
++is no upper limit to the total number of opened connections outside of the
++pool.
++When the connection pool would exceed its size limit, the least recently used
++(kept-alive) connection already in the pool will be closed to make room for
++the current connection.
++Note that the cosocket connection pool is per Nginx worker process rather
++than per Nginx server instance, so the size limit specified here also applies
++to every single Nginx worker process. Also note that the size of the connection
++pool cannot be changed once it has been created.
++If you need to restrict the total number of opened connections, specify both
++the <code>pool_size</code> and <code>backlog</code> option in the call to
++[[#tcpsock:connect|connect]].
  In case of success, this method returns <code>1</code>; otherwise, it returns <code>nil</code> and a string describing the error.
@@ -6653,7 +6823,7 @@ timers" here mean timers that have not yet been expired and "running
  timers" are those whose user callbacks are currently running.
  The maximal number of pending timers allowed in an Nginx
--worker is constrolled by the [[#lua_max_pending_timers|lua_max_pending_timers]]
++worker is controlled by the [[#lua_max_pending_timers|lua_max_pending_timers]]
  directive. The maximal number of running timers is controlled by the
  [[#lua_max_running_timers|lua_max_running_timers]] directive.
@@ -6885,7 +7055,7 @@ This Lua module does not ship with this ngx_lua module itself rather it is shipp
  the
  [https://github.com/openresty/lua-resty-core lua-resty-core] library.
--Please refer to the [https://github.com/openresty/lua-resty-core/blob/ocsp-cert-by-lua-2/lib/ngx/ocsp.md documentation]
++Please refer to the [https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/ocsp.md documentation]
  for this <code>ngx.ocsp</code> Lua module for more details.
  This feature requires at least ngx_lua <code>v0.10.0</code>.
@@ -6895,7 +7065,7 @@ This feature requires at least ngx_lua <code>v0.10.0</code>.
  '''context:''' ''init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*''
--This mechanism allows calling other nginx C modules' directives that are implemented by [https://github.com/simpl/ngx_devel_kit Nginx Devel Kit] (NDK)'s set_var submodule's <code>ndk_set_var_value</code>.
++This mechanism allows calling other nginx C modules' directives that are implemented by [https://github.com/simplresty/ngx_devel_kit Nginx Devel Kit] (NDK)'s set_var submodule's <code>ndk_set_var_value</code>.
  For example, the following [[HttpSetMiscModule]] directives can be invoked this way:
@@ -6925,7 +7095,7 @@ Similarly, the following directives provided by [[HttpEncryptedSessionModule]] c
  * [[HttpEncryptedSessionModule#set_encrypt_session|set_encrypt_session]]
  * [[HttpEncryptedSessionModule#set_decrypt_session|set_decrypt_session]]
--This feature requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_kit] module.
++This feature requires the [https://github.com/simplresty/ngx_devel_kit ngx_devel_kit] module.
  == coroutine.create ==
  '''syntax:''' ''co = coroutine.create(f)''
@@ -7006,4 +7176,3 @@ This section is just holding obsolete documentation sections that have been eith
  == Special PCRE Sequences ==
  This section has been renamed to [[#Special Escaping Sequences|Special Escaping Sequences]].
--
 diff --git a/debian/modules/http-lua/src/api/ngx_http_lua_api.h b/debian/modules/http-lua/src/api/ngx_http_lua_api.h
 index 1e07b71..129eb99 100644
 --- a/debian/modules/http-lua/src/api/ngx_http_lua_api.h
 +++ b/debian/modules/http-lua/src/api/ngx_http_lua_api.h
@@ -19,7 +19,7 @@
  /* Public API for other Nginx modules */
--#define ngx_http_lua_version  10011
++#define ngx_http_lua_version  10015
  typedef struct {
@@ -34,6 +34,13 @@ typedef struct {
  } ngx_http_lua_value_t;
++typedef struct {
++    int          len;
++    /* this padding hole on 64-bit systems is expected */
++    u_char      *data;
++} ngx_http_lua_ffi_str_t;
++
++
  lua_State *ngx_http_lua_get_global_state(ngx_conf_t *cf);
  ngx_http_request_t *ngx_http_lua_get_request(lua_State *L);
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_accessby.c b/debian/modules/http-lua/src/ngx_http_lua_accessby.c
 index 56bf0fa..d3fe294 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_accessby.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_accessby.c
@@ -60,7 +60,7 @@ ngx_http_lua_access_handler(ngx_http_request_t *r)
  #endif
          if (cur_ph < last_ph) {
--            dd("swaping the contents of cur_ph and last_ph...");
++            dd("swapping the contents of cur_ph and last_ph...");
              tmp = *cur_ph;
@@ -261,9 +261,11 @@ ngx_http_lua_access_by_chunk(lua_State *L, ngx_http_request_t *r)
      /*  move code closure to new coroutine */
      lua_xmove(L, co, 1);
++#ifndef OPENRESTY_LUAJIT
      /*  set closure's env table to new coroutine's globals table */
      ngx_http_lua_get_globals_table(co);
      lua_setfenv(co, -2);
++#endif
      /*  save nginx request in coroutine globals table */
      ngx_http_lua_set_req(co, r);
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_api.c b/debian/modules/http-lua/src/ngx_http_lua_api.c
 index 7b590e7..ac014f2 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_api.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_api.c
@@ -195,7 +195,7 @@ ngx_http_lua_shared_memory_init(ngx_shm_zone_t *shm_zone, void *data)
      lmcf->shm_zones_inited++;
      if (lmcf->shm_zones_inited == lmcf->shm_zones->nelts
--        && lmcf->init_handler)
++        && lmcf->init_handler && !ngx_test_config)
+     {
          saved_cycle = ngx_cycle;
          ngx_cycle = ctx->cycle;
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_args.c b/debian/modules/http-lua/src/ngx_http_lua_args.c
 index b43697c..2712bcd 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_args.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_args.c
@@ -311,10 +311,11 @@ ngx_http_lua_parse_args(lua_State *L, u_char *buf, u_char *last, int max)
+             }
              if (max > 0 && ++count == max) {
++                lua_pushliteral(L, "truncated");
++
                  ngx_log_debug1(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
                                 "lua hit query args limit %d", max);
--
--                return 1;
++                return 2;
+             }
          } else {
@@ -387,7 +388,8 @@ ngx_http_lua_ffi_req_get_querystring_len(ngx_http_request_t *r)
  int
--ngx_http_lua_ffi_req_get_uri_args_count(ngx_http_request_t *r, int max)
++ngx_http_lua_ffi_req_get_uri_args_count(ngx_http_request_t *r, int max,
++    int *truncated)
+ {
      int                      count;
      u_char                  *p, *last;
@@ -396,6 +398,8 @@ ngx_http_lua_ffi_req_get_uri_args_count(ngx_http_request_t *r, int max)
          return NGX_HTTP_LUA_FFI_BAD_CONTEXT;
+     }
++    *truncated = 0;
++
      if (max < 0) {
          max = NGX_HTTP_LUA_MAX_ARGS;
+     }
@@ -417,6 +421,7 @@ ngx_http_lua_ffi_req_get_uri_args_count(ngx_http_request_t *r, int max)
      if (count) {
          if (max > 0 && count > max) {
              count = max;
++            *truncated = 1;
              ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                             "lua hit query args limit %d", max);
+         }
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_balancer.c b/debian/modules/http-lua/src/ngx_http_lua_balancer.c
 index 2fa634e..3ecd592 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_balancer.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_balancer.c
@@ -173,13 +173,15 @@ ngx_http_lua_balancer_by_lua(ngx_conf_t *cf, ngx_command_t *cmd,
          lscf->balancer.src = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       sizeof("balancer_by_lua") + NGX_HTTP_LUA_INLINE_KEY_LEN);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          lscf->balancer.src_key = p;
++        p = ngx_copy(p, "balancer_by_lua", sizeof("balancer_by_lua") - 1);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -360,6 +362,8 @@ ngx_http_lua_balancer_by_chunk(lua_State *L, ngx_http_request_t *r)
      /* init nginx context in Lua VM */
      ngx_http_lua_set_req(L, r);
++
++#ifndef OPENRESTY_LUAJIT
      ngx_http_lua_create_new_globals_table(L, 0 /* narr */, 1 /* nrec */);
      /*  {{{ make new env inheriting main thread's globals table */
@@ -370,6 +374,7 @@ ngx_http_lua_balancer_by_chunk(lua_State *L, ngx_http_request_t *r)
      /*  }}} */
      lua_setfenv(L, -2);    /*  set new running env for the code closure */
++#endif /* OPENRESTY_LUAJIT */
      lua_pushcfunction(L, ngx_http_lua_traceback);
      lua_insert(L, 1);  /* put it under chunk and args */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.c b/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.c
 index 2b3c38f..f3af14c 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.c
@@ -32,10 +32,6 @@ static void ngx_http_lua_body_filter_by_lua_env(lua_State *L,
  static ngx_http_output_body_filter_pt ngx_http_next_body_filter;
--/* key for the ngx_chain_t *in pointer in the Lua thread */
--#define ngx_http_lua_chain_key  "__ngx_cl"
--
--
  /**
   * Set environment table for the given code closure.
+  *
@@ -51,12 +47,14 @@ static void
  ngx_http_lua_body_filter_by_lua_env(lua_State *L, ngx_http_request_t *r,
      ngx_chain_t *in)
+ {
--    /*  set nginx request pointer to current lua thread's globals table */
++    ngx_http_lua_main_conf_t    *lmcf;
++
      ngx_http_lua_set_req(L, r);
--    lua_pushlightuserdata(L, in);
--    lua_setglobal(L, ngx_http_lua_chain_key);
++    lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module);
++    lmcf->body_filter_chain = in;
++#ifndef OPENRESTY_LUAJIT
      /**
       * we want to create empty environment for current script
+      *
@@ -79,6 +77,7 @@ ngx_http_lua_body_filter_by_lua_env(lua_State *L, ngx_http_request_t *r,
      /*  }}} */
      lua_setfenv(L, -2);    /*  set new running env for the code closure */
++#endif /* OPENRESTY_LUAJIT */
+ }
@@ -236,8 +235,8 @@ ngx_http_lua_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
      ngx_int_t                    rc;
      uint16_t                     old_context;
      ngx_http_cleanup_t          *cln;
--    lua_State                   *L;
      ngx_chain_t                 *out;
++    ngx_http_lua_main_conf_t    *lmcf;
      ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                     "lua body filter for user lua code, uri \"%V\"", &r->uri);
@@ -299,11 +298,8 @@ ngx_http_lua_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
          return NGX_ERROR;
+     }
--    L = ngx_http_lua_get_lua_vm(r, ctx);
--
--    lua_getglobal(L, ngx_http_lua_chain_key);
--    out = lua_touserdata(L, -1);
--    lua_pop(L, 1);
++    lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module);
++    out = lmcf->body_filter_chain;
      if (in == out) {
          return ngx_http_next_body_filter(r, in);
@@ -345,7 +341,7 @@ ngx_http_lua_body_filter_init(void)
  int
--ngx_http_lua_body_filter_param_get(lua_State *L)
++ngx_http_lua_body_filter_param_get(lua_State *L, ngx_http_request_t *r)
+ {
      u_char              *data, *p;
      size_t               size;
@@ -354,6 +350,8 @@ ngx_http_lua_body_filter_param_get(lua_State *L)
      int                  idx;
      ngx_chain_t         *in;
++    ngx_http_lua_main_conf_t    *lmcf;
++
      idx = luaL_checkint(L, 2);
      dd("index: %d", idx);
@@ -363,8 +361,8 @@ ngx_http_lua_body_filter_param_get(lua_State *L)
          return 1;
+     }
--    lua_getglobal(L, ngx_http_lua_chain_key);
--    in = lua_touserdata(L, -1);
++    lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module);
++    in = lmcf->body_filter_chain;
      if (idx == 2) {
          /* asking for the eof argument */
@@ -442,6 +440,8 @@ ngx_http_lua_body_filter_param_set(lua_State *L, ngx_http_request_t *r,
      ngx_chain_t             *cl;
      ngx_chain_t             *in;
++    ngx_http_lua_main_conf_t    *lmcf;
++
      idx = luaL_checkint(L, 2);
      dd("index: %d", idx);
@@ -450,13 +450,13 @@ ngx_http_lua_body_filter_param_set(lua_State *L, ngx_http_request_t *r,
          return luaL_error(L, "bad index: %d", idx);
+     }
++    lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module);
++
      if (idx == 2) {
          /* overwriting the eof flag */
          last = lua_toboolean(L, 3);
--        lua_getglobal(L, ngx_http_lua_chain_key);
--        in = lua_touserdata(L, -1);
--        lua_pop(L, 1);
++        in = lmcf->body_filter_chain;
          if (last) {
              ctx->seen_last_in_filter = 1;
@@ -521,9 +521,7 @@ ngx_http_lua_body_filter_param_set(lua_State *L, ngx_http_request_t *r,
      case LUA_TNIL:
          /* discard the buffers */
--        lua_getglobal(L, ngx_http_lua_chain_key); /* key val */
--        in = lua_touserdata(L, -1);
--        lua_pop(L, 1);
++        in = lmcf->body_filter_chain;
          last = 0;
@@ -557,9 +555,7 @@ ngx_http_lua_body_filter_param_set(lua_State *L, ngx_http_request_t *r,
                            lua_typename(L, type));
+     }
--    lua_getglobal(L, ngx_http_lua_chain_key);
--    in = lua_touserdata(L, -1);
--    lua_pop(L, 1);
++    in = lmcf->body_filter_chain;
      last = 0;
@@ -625,8 +621,8 @@ done:
+         }
+     }
--    lua_pushlightuserdata(L, cl);
--    lua_setglobal(L, ngx_http_lua_chain_key);
++    lmcf->body_filter_chain = cl;
++
      return 0;
+ }
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.h b/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.h
 index 6a4b306..b108202 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.h
 +++ b/debian/modules/http-lua/src/ngx_http_lua_bodyfilterby.h
@@ -21,7 +21,7 @@ ngx_int_t ngx_http_lua_body_filter_inline(ngx_http_request_t *r,
      ngx_chain_t *in);
  ngx_int_t ngx_http_lua_body_filter_file(ngx_http_request_t *r,
      ngx_chain_t *in);
--int ngx_http_lua_body_filter_param_get(lua_State *L);
++int ngx_http_lua_body_filter_param_get(lua_State *L, ngx_http_request_t *r);
  int ngx_http_lua_body_filter_param_set(lua_State *L, ngx_http_request_t *r,
      ngx_http_lua_ctx_t *ctx);
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_cache.c b/debian/modules/http-lua/src/ngx_http_lua_cache.c
 index 5ea3069..5b29527 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_cache.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_cache.c
@@ -35,11 +35,14 @@ static ngx_int_t
  ngx_http_lua_cache_load_code(ngx_log_t *log, lua_State *L,
      const char *key)
+ {
++#ifndef OPENRESTY_LUAJIT
      int          rc;
      u_char      *err;
++#endif
      /*  get code cache table */
--    lua_pushlightuserdata(L, &ngx_http_lua_code_cache_key);
++    lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
++                          code_cache_key));
      lua_rawget(L, LUA_REGISTRYINDEX);    /*  sp++ */
      dd("Code cache table to load: %p", lua_topointer(L, -1));
@@ -52,6 +55,10 @@ ngx_http_lua_cache_load_code(ngx_log_t *log, lua_State *L,
      lua_getfield(L, -1, key);    /*  sp++ */
      if (lua_isfunction(L, -1)) {
++#ifdef OPENRESTY_LUAJIT
++        lua_remove(L, -2);   /*  sp-- */
++        return NGX_OK;
++#else
          /*  call closure factory to gen new closure */
          rc = lua_pcall(L, 0, 1, 0);
          if (rc == 0) {
@@ -73,6 +80,7 @@ ngx_http_lua_cache_load_code(ngx_log_t *log, lua_State *L,
                        key, err);
          lua_pop(L, 2);
          return NGX_ERROR;
++#endif /* OPENRESTY_LUAJIT */
+     }
      dd("Value associated with given key in code cache table is not code "
@@ -102,10 +110,13 @@ ngx_http_lua_cache_load_code(ngx_log_t *log, lua_State *L,
  static ngx_int_t
  ngx_http_lua_cache_store_code(lua_State *L, const char *key)
+ {
++#ifndef OPENRESTY_LUAJIT
      int rc;
++#endif
      /*  get code cache table */
--    lua_pushlightuserdata(L, &ngx_http_lua_code_cache_key);
++    lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
++                          code_cache_key));
      lua_rawget(L, LUA_REGISTRYINDEX);
      dd("Code cache table to store: %p", lua_topointer(L, -1));
@@ -121,12 +132,14 @@ ngx_http_lua_cache_store_code(lua_State *L, const char *key)
      /*  remove cache table, leave closure factory at top of stack */
      lua_pop(L, 1); /* closure */
++#ifndef OPENRESTY_LUAJIT
      /*  call closure factory to generate new closure */
      rc = lua_pcall(L, 0, 1, 0);
      if (rc != 0) {
          dd("Error: failed to call closure factory!!");
          return NGX_ERROR;
+     }
++#endif
      return NGX_OK;
+ }
@@ -143,7 +156,8 @@ ngx_http_lua_cache_loadbuffer(ngx_log_t *log, lua_State *L,
      n = lua_gettop(L);
--    dd("XXX cache key: [%s]", cache_key);
++    ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0,
++                   "looking up Lua code cache with key '%s'", cache_key);
      rc = ngx_http_lua_cache_load_code(log, L, (char *) cache_key);
      if (rc == NGX_OK) {
@@ -227,7 +241,8 @@ ngx_http_lua_cache_loadfile(ngx_log_t *log, lua_State *L,
          dd("CACHE file key already pre-calculated");
+     }
--    dd("XXX cache key for file: [%s]", cache_key);
++    ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0,
++                   "looking up Lua code cache with key '%s'", cache_key);
      rc = ngx_http_lua_cache_load_code(log, L, (char *) cache_key);
      if (rc == NGX_OK) {
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_clfactory.c b/debian/modules/http-lua/src/ngx_http_lua_clfactory.c
 index 89698c7..754ed8d 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_clfactory.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_clfactory.c
@@ -15,11 +15,13 @@
  #include "ngx_http_lua_clfactory.h"
++#ifndef OPENRESTY_LUAJIT
  #define CLFACTORY_BEGIN_CODE "return function() "
  #define CLFACTORY_BEGIN_SIZE (sizeof(CLFACTORY_BEGIN_CODE) - 1)
  #define CLFACTORY_END_CODE "\nend"
  #define CLFACTORY_END_SIZE (sizeof(CLFACTORY_END_CODE) - 1)
++#endif
  /*
@@ -59,15 +61,16 @@
   * length(Instruction) = 4 or 8
   * little endian or big endian
  */
--#define    LUA_LITTLE_ENDIAN_4BYTES_CODE                                \
++#ifndef OPENRESTY_LUAJIT
++#define    LUA_LITTLE_ENDIAN_4BYTES_CODE                                     \
      "\x24\x00\x00\x00\x1e\x00\x00\x01\x1e\x00\x80\x00"
--#define    LUA_LITTLE_ENDIAN_8BYTES_CODE                                \
--    "\x24\x00\x00\x00\x00\x00\x00\x00\x1e\x00\x00\x01"                  \
++#define    LUA_LITTLE_ENDIAN_8BYTES_CODE                                     \
++    "\x24\x00\x00\x00\x00\x00\x00\x00\x1e\x00\x00\x01"                       \
      "\x00\x00\x00\x00\x1e\x00\x80\x00\x00\x00\x00\x00"
--#define    LUA_BIG_ENDIAN_4BYTES_CODE                                   \
++#define    LUA_BIG_ENDIAN_4BYTES_CODE                                        \
      "\x00\x00\x00\x24\x01\x00\x00\x1e\x00\x08\x00\x1e"
--#define    LUA_BIG_ENDIAN_8BYTES_CODE                                   \
--    "\x00\x00\x00\x00\x00\x00\x00\x24\x00\x00\x00\x00"                  \
++#define    LUA_BIG_ENDIAN_8BYTES_CODE                                        \
++    "\x00\x00\x00\x00\x00\x00\x00\x24\x00\x00\x00\x00"                       \
      "\x01\x00\x00\x1e\x00\x00\x00\x00\x00\x08\x00\x1e"
  #define    LUA_LITTLE_ENDIAN_4BYTES_CODE_LEN        (4 + 4 + 4)
  #define    LUA_LITTLE_ENDIAN_8BYTES_CODE_LEN        (8 + 8 + 8)
@@ -75,6 +78,7 @@
  #define    LUA_BIG_ENDIAN_8BYTES_CODE_LEN           (8 + 8 + 8)
  #define    LUAC_HEADERSIZE         12
  #define    LUAC_VERSION            0x51
++#endif /* OPENRESTY_LUAJIT */
  /*
@@ -147,6 +151,7 @@
   * ---------------------
  */
++#ifndef OPENRESTY_LUAJIT
  #define    POS_SOURCE_STR_LEN      LUAC_HEADERSIZE
  #define    POS_START_LINE          (POS_SOURCE_STR_LEN + sizeof(size_t))
  #define    POS_LAST_LINE           (POS_START_LINE + sizeof(int))
@@ -156,10 +161,11 @@
  #define    POS_MAX_STACK_SIZE      (POS_IS_VAR_ARG + sizeof(char))
  #define    POS_NUM_OF_INST         (POS_MAX_STACK_SIZE +sizeof(char))
  #define    POS_BYTECODE            (POS_NUM_OF_INST + sizeof(int))
--#define    MAX_BEGIN_CODE_SIZE                                              \
--    (POS_BYTECODE + LUA_LITTLE_ENDIAN_8BYTES_CODE_LEN                       \
++#define    MAX_BEGIN_CODE_SIZE                                               \
++    (POS_BYTECODE + LUA_LITTLE_ENDIAN_8BYTES_CODE_LEN                        \
      + sizeof(int) + sizeof(int))
  #define    MAX_END_CODE_SIZE       (sizeof(int) + sizeof(int) + sizeof(int))
++#endif /* OPENRESTY_LUAJIT */
  /*
   * taken from chaoslawful:
@@ -225,24 +231,25 @@
  /* bytecode for luajit 2.0 */
--#define    LJ20_LITTLE_ENDIAN_CODE_STRIPPED                             \
--    "\x14\x03\x00\x01\x00\x01\x00\x03"                                  \
--    "\x31\x00\x00\x00\x30\x00\x00\x80\x48\x00\x02\x00"                  \
++#ifndef OPENRESTY_LUAJIT
++#define    LJ20_LITTLE_ENDIAN_CODE_STRIPPED                                  \
++    "\x14\x03\x00\x01\x00\x01\x00\x03"                                       \
++    "\x31\x00\x00\x00\x30\x00\x00\x80\x48\x00\x02\x00"                       \
      "\x00\x00"
--#define    LJ20_BIG_ENDIAN_CODE_STRIPPED                                \
--    "\x14\x03\x00\x01\x00\x01\x00\x03"                                  \
--    "\x00\x00\x00\x31\x80\x00\x00\x30\x00\x02\x00\x48"                  \
++#define    LJ20_BIG_ENDIAN_CODE_STRIPPED                                     \
++    "\x14\x03\x00\x01\x00\x01\x00\x03"                                       \
++    "\x00\x00\x00\x31\x80\x00\x00\x30\x00\x02\x00\x48"                       \
      "\x00\x00"
--#define    LJ20_LITTLE_ENDIAN_CODE                                      \
--    "\x15\x03\x00\x01\x00\x01\x00\x03\x00"                              \
--    "\x31\x00\x00\x00\x30\x00\x00\x80\x48\x00\x02\x00"                  \
++#define    LJ20_LITTLE_ENDIAN_CODE                                           \
++    "\x15\x03\x00\x01\x00\x01\x00\x03\x00"                                   \
++    "\x31\x00\x00\x00\x30\x00\x00\x80\x48\x00\x02\x00"                       \
      "\x00\x00"
--#define    LJ20_BIG_ENDIAN_CODE                                         \
--    "\x15\x03\x00\x01\x00\x01\x00\x03\x00"                              \
--    "\x00\x00\x00\x31\x80\x00\x00\x30\x00\x02\x00\x48"                  \
++#define    LJ20_BIG_ENDIAN_CODE                                              \
++    "\x15\x03\x00\x01\x00\x01\x00\x03\x00"                                   \
++    "\x00\x00\x00\x31\x80\x00\x00\x30\x00\x02\x00\x48"                       \
      "\x00\x00"
  /* bytecode for luajit 2.1 */
@@ -275,6 +282,7 @@
  #define    LJ21_BCDUMP_VERSION        2
  #define    LJ20_BCDUMP_VERSION        1
  #define    LJ_SIGNATURE             "\x1b\x4c\x4a"
++#endif /* OPENRESTY_LUAJIT */
  typedef enum {
@@ -292,10 +300,11 @@ enum {
  typedef struct {
      ngx_http_lua_clfactory_file_type_e file_type;
--    int         sent_begin;
--    int         sent_end;
      int         extraline;
      FILE       *f;
++#ifndef OPENRESTY_LUAJIT
++    int         sent_begin;
++    int         sent_end;
      size_t      begin_code_len;
      size_t      end_code_len;
      size_t      rest_len;
@@ -307,13 +316,16 @@ typedef struct {
          char   *ptr;
          char    str[MAX_END_CODE_SIZE];
      }           end_code;
++#endif /* OPENRESTY_LUAJIT */
      char        buff[NGX_LUA_READER_BUFSIZE];
  } ngx_http_lua_clfactory_file_ctx_t;
  typedef struct {
++#ifndef OPENRESTY_LUAJIT
      int         sent_begin;
      int         sent_end;
++#endif
      const char *s;
      size_t      size;
  } ngx_http_lua_clfactory_buffer_ctx_t;
@@ -325,9 +337,12 @@ static int ngx_http_lua_clfactory_errfile(lua_State *L, const char *what,
      int fname_index);
  static const char *ngx_http_lua_clfactory_getS(lua_State *L, void *ud,
      size_t *size);
++#ifndef OPENRESTY_LUAJIT
  static long ngx_http_lua_clfactory_file_size(FILE *f);
++#endif
++#ifndef OPENRESTY_LUAJIT
  int
  ngx_http_lua_clfactory_bytecode_prepare(lua_State *L,
      ngx_http_lua_clfactory_file_ctx_t *lf, int fname_index)
@@ -593,6 +608,7 @@ error:
      return LUA_ERRFILE;
+ }
++#endif /* OPENRESTY_LUAJIT */
  ngx_int_t
@@ -612,10 +628,12 @@ ngx_http_lua_clfactory_loadfile(lua_State *L, const char *filename)
      lf.extraline = 0;
      lf.file_type = NGX_LUA_TEXT_FILE;
++#ifndef OPENRESTY_LUAJIT
      lf.begin_code.ptr = CLFACTORY_BEGIN_CODE;
      lf.begin_code_len = CLFACTORY_BEGIN_SIZE;
      lf.end_code.ptr = CLFACTORY_END_CODE;
      lf.end_code_len = CLFACTORY_END_SIZE;
++#endif
      lua_pushfstring(L, "@%s", filename);
@@ -683,20 +701,27 @@ ngx_http_lua_clfactory_loadfile(lua_State *L, const char *filename)
              /* skip eventual `#!...' */
+         }
++#ifndef OPENRESTY_LUAJIT
          status = ngx_http_lua_clfactory_bytecode_prepare(L, &lf, fname_index);
          if (status != 0) {
              return status;
+         }
++#endif
          lf.extraline = 0;
+     }
++#ifndef OPENRESTY_LUAJIT
      if (lf.file_type == NGX_LUA_TEXT_FILE) {
          ungetc(c, lf.f);
+     }
      lf.sent_begin = lf.sent_end = 0;
++
++#else
++    ungetc(c, lf.f);
++#endif
      status = lua_load(L, ngx_http_lua_clfactory_getF, &lf,
                        lua_tostring(L, -1));
@@ -725,8 +750,10 @@ ngx_http_lua_clfactory_loadbuffer(lua_State *L, const char *buff,
      ls.s = buff;
      ls.size = size;
++#ifndef OPENRESTY_LUAJIT
      ls.sent_begin = 0;
      ls.sent_end = 0;
++#endif
      return lua_load(L, ngx_http_lua_clfactory_getS, &ls, name);
+ }
@@ -735,7 +762,9 @@ ngx_http_lua_clfactory_loadbuffer(lua_State *L, const char *buff,
  static const char *
  ngx_http_lua_clfactory_getF(lua_State *L, void *ud, size_t *size)
+ {
++#ifndef OPENRESTY_LUAJIT
      char                        *buf;
++#endif
      size_t                       num;
      ngx_http_lua_clfactory_file_ctx_t        *lf;
@@ -748,6 +777,7 @@ ngx_http_lua_clfactory_getF(lua_State *L, void *ud, size_t *size)
          return "\n";
+     }
++#ifndef OPENRESTY_LUAJIT
      if (lf->sent_begin == 0) {
          lf->sent_begin = 1;
          *size = lf->begin_code_len;
@@ -761,12 +791,14 @@ ngx_http_lua_clfactory_getF(lua_State *L, void *ud, size_t *size)
          return buf;
+     }
++#endif /* OPENRESTY_LUAJIT */
      num = fread(lf->buff, 1, sizeof(lf->buff), lf->f);
      dd("fread returned %d", (int) num);
      if (num == 0) {
++#ifndef OPENRESTY_LUAJIT
          if (lf->sent_end == 0) {
              lf->sent_end = 1;
              *size = lf->end_code_len;
@@ -780,11 +812,13 @@ ngx_http_lua_clfactory_getF(lua_State *L, void *ud, size_t *size)
              return buf;
+         }
++#endif /* OPENRESTY_LUAJIT */
          *size = 0;
          return NULL;
+     }
++#ifndef OPENRESTY_LUAJIT
      if (lf->file_type == NGX_LUA_BT_LJ) {
          /* skip the footer(\x00) in luajit */
@@ -800,6 +834,7 @@ ngx_http_lua_clfactory_getF(lua_State *L, void *ud, size_t *size)
+             }
+         }
+     }
++#endif /* OPENRESTY_LUAJIT */
      *size = num;
      return lf->buff;
@@ -833,19 +868,23 @@ ngx_http_lua_clfactory_getS(lua_State *L, void *ud, size_t *size)
+ {
      ngx_http_lua_clfactory_buffer_ctx_t      *ls = ud;
++#ifndef OPENRESTY_LUAJIT
      if (ls->sent_begin == 0) {
          ls->sent_begin = 1;
          *size = CLFACTORY_BEGIN_SIZE;
          return CLFACTORY_BEGIN_CODE;
+     }
++#endif
      if (ls->size == 0) {
++#ifndef OPENRESTY_LUAJIT
          if (ls->sent_end == 0) {
              ls->sent_end = 1;
              *size = CLFACTORY_END_SIZE;
              return CLFACTORY_END_CODE;
+         }
++#endif
          return NULL;
+     }
@@ -857,6 +896,7 @@ ngx_http_lua_clfactory_getS(lua_State *L, void *ud, size_t *size)
+ }
++#ifndef OPENRESTY_LUAJIT
  static long
  ngx_http_lua_clfactory_file_size(FILE *f)
+ {
@@ -882,6 +922,7 @@ ngx_http_lua_clfactory_file_size(FILE *f)
      return len;
+ }
++#endif /* OPENRESTY_LUAJIT */
  /* vi:set ft=c ts=4 sw=4 et fdm=marker: */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_common.h b/debian/modules/http-lua/src/ngx_http_lua_common.h
 index e389783..dae5245 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_common.h
 +++ b/debian/modules/http-lua/src/ngx_http_lua_common.h
@@ -17,7 +17,7 @@
  #include <setjmp.h>
  #include <stdint.h>
--#include <lua.h>
++#include <luajit.h>
  #include <lualib.h>
  #include <lauxlib.h>
@@ -54,6 +54,9 @@
  #   define NGX_HTTP_LUA_USE_OCSP 1
  #endif
++#ifndef NGX_HTTP_PERMANENT_REDIRECT
++#   define NGX_HTTP_PERMANENT_REDIRECT  308
++#endif
  #ifndef NGX_HAVE_SHA1
  #   if (nginx_version >= 1011002)
@@ -79,20 +82,20 @@
  #define NGX_HTTP_LUA_INLINE_TAG "nhli_"
--#define NGX_HTTP_LUA_INLINE_TAG_LEN \
++#define NGX_HTTP_LUA_INLINE_TAG_LEN                                          \
      (sizeof(NGX_HTTP_LUA_INLINE_TAG) - 1)
--#define NGX_HTTP_LUA_INLINE_KEY_LEN \
++#define NGX_HTTP_LUA_INLINE_KEY_LEN                                          \
      (NGX_HTTP_LUA_INLINE_TAG_LEN + 2 * MD5_DIGEST_LENGTH)
  /* Nginx HTTP Lua File tag prefix */
  #define NGX_HTTP_LUA_FILE_TAG "nhlf_"
--#define NGX_HTTP_LUA_FILE_TAG_LEN \
++#define NGX_HTTP_LUA_FILE_TAG_LEN                                            \
      (sizeof(NGX_HTTP_LUA_FILE_TAG) - 1)
--#define NGX_HTTP_LUA_FILE_KEY_LEN \
++#define NGX_HTTP_LUA_FILE_KEY_LEN                                            \
      (NGX_HTTP_LUA_FILE_TAG_LEN + 2 * MD5_DIGEST_LENGTH)
@@ -137,6 +140,15 @@ typedef struct {
  #endif
++#if (NGX_PTR_SIZE >= 8 && !defined(_WIN64))
++#define ngx_http_lua_lightudata_mask(ludata)                                 \
++    ((void *) ((uintptr_t) (&ngx_http_lua_##ludata) & ((1UL << 47) - 1)))
++
++#else
++#define ngx_http_lua_lightudata_mask(ludata)    (&ngx_http_lua_##ludata)
++#endif
++
++
  typedef struct ngx_http_lua_main_conf_s  ngx_http_lua_main_conf_t;
  typedef union ngx_http_lua_srv_conf_u  ngx_http_lua_srv_conf_t;
@@ -162,6 +174,7 @@ typedef struct {
  struct ngx_http_lua_main_conf_s {
      lua_State           *lua;
++    ngx_pool_cleanup_t  *vm_cleanup;
      ngx_str_t            lua_path;
      ngx_str_t            lua_cpath;
@@ -169,6 +182,8 @@ struct ngx_http_lua_main_conf_s {
      ngx_cycle_t         *cycle;
      ngx_pool_t          *pool;
++    ngx_flag_t           load_resty_core;
++
      ngx_int_t            max_pending_timers;
      ngx_int_t            pending_timers;
@@ -204,9 +219,31 @@ struct ngx_http_lua_main_conf_s {
      ngx_str_t                            init_worker_src;
      ngx_http_lua_balancer_peer_data_t      *balancer_peer_data;
--                    /* balancer_by_lua does not support yielding and
--                     * there cannot be any conflicts among concurrent requests,
--                     * thus it is safe to store the peer data in the main conf.
++                    /* neither yielding nor recursion is possible in
++                     * balancer_by_lua*, so there cannot be any races among
++                     * concurrent requests and it is safe to store the peer
++                     * data pointer in the main conf.
++                     */
++
++    ngx_chain_t                            *body_filter_chain;
++                    /* neither yielding nor recursion is possible in
++                     * body_filter_by_lua*, so there cannot be any races among
++                     * concurrent requests when storing the chain
++                     * data pointer in the main conf.
++                     */
++
++    ngx_http_variable_value_t              *setby_args;
++                    /* neither yielding nor recursion is possible in
++                     * set_by_lua*, so there cannot be any races among
++                     * concurrent requests when storing the args pointer
++                     * in the main conf.
++                     */
++
++    size_t                                  setby_nargs;
++                    /* neither yielding nor recursion is possible in
++                     * set_by_lua*, so there cannot be any races among
++                     * concurrent requests when storing the nargs in the
++                     * main conf.
                       */
      ngx_uint_t                      shm_zones_inited;
@@ -223,6 +260,10 @@ struct ngx_http_lua_main_conf_s {
      ngx_int_t            busy_buf_ptr_count;
  #endif
++    ngx_int_t            host_var_index;
++
++    ngx_flag_t           set_sa_restart;
++
      unsigned             requires_header_filter:1;
      unsigned             requires_body_filter:1;
      unsigned             requires_capture_filter:1;
@@ -440,7 +481,7 @@ typedef struct {
  typedef struct ngx_http_lua_ctx_s {
--    /* for lua_coce_cache off: */
++    /* for lua_code_cache off: */
      ngx_http_lua_vm_state_t  *vm_state;
      ngx_http_request_t      *request;
@@ -527,6 +568,8 @@ typedef struct ngx_http_lua_ctx_s {
      unsigned         headers_set:1; /* whether the user has set custom
                                         response headers */
++    unsigned         mime_set:1;    /* whether the user has set Content-Type
++                                       response header */
      unsigned         entered_rewrite_phase:1;
      unsigned         entered_access_phase:1;
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_consts.c b/debian/modules/http-lua/src/ngx_http_lua_consts.c
 index 30a86f1..809e712 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_consts.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_consts.c
@@ -124,6 +124,9 @@ ngx_http_lua_inject_http_consts(lua_State *L)
      lua_setfield(L, -2, "HTTP_SEE_OTHER");
  #endif
++    lua_pushinteger(L, NGX_HTTP_PERMANENT_REDIRECT);
++    lua_setfield(L, -2, "HTTP_PERMANENT_REDIRECT");
++
      lua_pushinteger(L, NGX_HTTP_NOT_MODIFIED);
      lua_setfield(L, -2, "HTTP_NOT_MODIFIED");
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_contentby.c b/debian/modules/http-lua/src/ngx_http_lua_contentby.c
 index ecd6c0e..274c9ad 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_contentby.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_contentby.c
@@ -63,9 +63,11 @@ ngx_http_lua_content_by_chunk(lua_State *L, ngx_http_request_t *r)
      /*  move code closure to new coroutine */
      lua_xmove(L, co, 1);
++#ifndef OPENRESTY_LUAJIT
      /*  set closure's env table to new coroutine's globals table */
      ngx_http_lua_get_globals_table(co);
      lua_setfenv(co, -2);
++#endif
      /*  save nginx request in coroutine globals table */
      ngx_http_lua_set_req(co, r);
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_control.c b/debian/modules/http-lua/src/ngx_http_lua_control.c
 index ae36505..5cd1d64 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_control.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_control.c
@@ -213,10 +213,12 @@ ngx_http_lua_ngx_redirect(lua_State *L)
          if (rc != NGX_HTTP_MOVED_TEMPORARILY
              && rc != NGX_HTTP_MOVED_PERMANENTLY
              && rc != NGX_HTTP_SEE_OTHER
++            && rc != NGX_HTTP_PERMANENT_REDIRECT
              && rc != NGX_HTTP_TEMPORARY_REDIRECT)
+         {
              return luaL_error(L, "only ngx.HTTP_MOVED_TEMPORARILY, "
                                "ngx.HTTP_MOVED_PERMANENTLY, "
++                              "ngx.HTTP_PERMANENT_REDIRECT, "
                                "ngx.HTTP_SEE_OTHER, and "
                                "ngx.HTTP_TEMPORARY_REDIRECT are allowed");
+         }
@@ -430,7 +432,8 @@ ngx_http_lua_on_abort(lua_State *L)
      ngx_http_lua_coroutine_create_helper(L, r, ctx, &coctx);
--    lua_pushlightuserdata(L, &ngx_http_lua_coroutines_key);
++    lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
++                          coroutines_key));
      lua_rawget(L, LUA_REGISTRYINDEX);
      lua_pushvalue(L, -2);
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_coroutine.c b/debian/modules/http-lua/src/ngx_http_lua_coroutine.c
 index b790814..99a2423 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_coroutine.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_coroutine.c
@@ -104,11 +104,15 @@ ngx_http_lua_coroutine_create_helper(lua_State *L, ngx_http_request_t *r,
      coctx->co = co;
      coctx->co_status = NGX_HTTP_LUA_CO_SUSPENDED;
++#ifdef OPENRESTY_LUAJIT
++    ngx_http_lua_set_req(co, r);
++#else
      /* make new coroutine share globals of the parent coroutine.
       * NOTE: globals don't have to be separated! */
      ngx_http_lua_get_globals_table(L);
      lua_xmove(L, co, 1);
      ngx_http_lua_set_globals_table(co);
++#endif
      lua_xmove(vm, L, 1);    /* move coroutine from main thread to L */
@@ -288,15 +292,27 @@ ngx_http_lua_inject_coroutine_api(ngx_log_t *log, lua_State *L)
+     {
          const char buf[] =
              "local keys = {'create', 'yield', 'resume', 'status'}\n"
++#ifdef OPENRESTY_LUAJIT
++            "local get_req = require 'thread.exdata'\n"
++#else
              "local getfenv = getfenv\n"
++#endif
              "for _, key in ipairs(keys) do\n"
                 "local std = coroutine['_' .. key]\n"
                 "local ours = coroutine['__' .. key]\n"
                 "local raw_ctx = ngx._phase_ctx\n"
                 "coroutine[key] = function (...)\n"
++#ifdef OPENRESTY_LUAJIT
++                    "local r = get_req()\n"
++#else
                      "local r = getfenv(0).__ngx_req\n"
--                    "if r then\n"
++#endif
++                    "if r ~= nil then\n"
++#ifdef OPENRESTY_LUAJIT
++                        "local ctx = raw_ctx()\n"
++#else
                          "local ctx = raw_ctx(r)\n"
++#endif
                          /* ignore header and body filters */
                          "if ctx ~= 0x020 and ctx ~= 0x040 then\n"
                              "return ours(...)\n"
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_directive.c b/debian/modules/http-lua/src/ngx_http_lua_directive.c
 index 014a472..a989c26 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_directive.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_directive.c
@@ -43,7 +43,7 @@ static ngx_int_t ngx_http_lua_set_by_lua_init(ngx_http_request_t *r);
  #endif
  static u_char *ngx_http_lua_gen_chunk_name(ngx_conf_t *cf, const char *tag,
--    size_t tag_len);
++    size_t tag_len, size_t *chunkname_len);
  static ngx_int_t ngx_http_lua_conf_read_lua_token(ngx_conf_t *cf,
      ngx_http_lua_block_parser_ctx_t *ctx);
  static u_char *ngx_http_lua_strlstrn(u_char *s1, u_char *last, u_char *s2,
@@ -271,13 +271,15 @@ ngx_http_lua_set_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
      filter_data->size = filter.size;
--    p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++    p = ngx_palloc(cf->pool,
++                   sizeof("set_by_lua") + NGX_HTTP_LUA_INLINE_KEY_LEN);
      if (p == NULL) {
          return NGX_CONF_ERROR;
+     }
      filter_data->key = p;
++    p = ngx_copy(p, "set_by_lua", sizeof("set_by_lua") - 1);
      p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
      p = ngx_http_lua_digest_hex(p, value[2].data, value[2].len);
      *p = '\0';
@@ -448,6 +450,7 @@ ngx_http_lua_rewrite_by_lua_block(ngx_conf_t *cf, ngx_command_t *cmd,
  char *
  ngx_http_lua_rewrite_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ {
++    size_t                       chunkname_len;
      u_char                      *p, *chunkname;
      ngx_str_t                   *value;
      ngx_http_lua_main_conf_t    *lmcf;
@@ -482,7 +485,8 @@ ngx_http_lua_rewrite_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
      if (cmd->post == ngx_http_lua_rewrite_handler_inline) {
          chunkname = ngx_http_lua_gen_chunk_name(cf, "rewrite_by_lua",
--                                                sizeof("rewrite_by_lua") - 1);
++                                                sizeof("rewrite_by_lua") - 1,
++                                                &chunkname_len);
          if (chunkname == NULL) {
              return NGX_CONF_ERROR;
+         }
@@ -493,13 +497,15 @@ ngx_http_lua_rewrite_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
          llcf->rewrite_src.value = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       chunkname_len + NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          llcf->rewrite_src_key = p;
++        p = ngx_copy(p, chunkname, chunkname_len);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -562,6 +568,7 @@ ngx_http_lua_access_by_lua_block(ngx_conf_t *cf, ngx_command_t *cmd,
  char *
  ngx_http_lua_access_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ {
++    size_t                       chunkname_len;
      u_char                      *p, *chunkname;
      ngx_str_t                   *value;
      ngx_http_lua_main_conf_t    *lmcf;
@@ -592,7 +599,8 @@ ngx_http_lua_access_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
      if (cmd->post == ngx_http_lua_access_handler_inline) {
          chunkname = ngx_http_lua_gen_chunk_name(cf, "access_by_lua",
--                                                sizeof("access_by_lua") - 1);
++                                                sizeof("access_by_lua") - 1,
++                                                &chunkname_len);
          if (chunkname == NULL) {
              return NGX_CONF_ERROR;
+         }
@@ -603,13 +611,15 @@ ngx_http_lua_access_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
          llcf->access_src.value = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       chunkname_len + NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          llcf->access_src_key = p;
++        p = ngx_copy(p, chunkname, chunkname_len);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -672,6 +682,7 @@ ngx_http_lua_content_by_lua_block(ngx_conf_t *cf, ngx_command_t *cmd,
  char *
  ngx_http_lua_content_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ {
++    size_t                       chunkname_len;
      u_char                      *p;
      u_char                      *chunkname;
      ngx_str_t                   *value;
@@ -706,7 +717,8 @@ ngx_http_lua_content_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
      if (cmd->post == ngx_http_lua_content_handler_inline) {
          chunkname = ngx_http_lua_gen_chunk_name(cf, "content_by_lua",
--                                                sizeof("content_by_lua") - 1);
++                                                sizeof("content_by_lua") - 1,
++                                                &chunkname_len);
          if (chunkname == NULL) {
              return NGX_CONF_ERROR;
+         }
@@ -719,13 +731,15 @@ ngx_http_lua_content_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
          llcf->content_src.value = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       chunkname_len + NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          llcf->content_src_key = p;
++        p = ngx_copy(p, chunkname, chunkname_len);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -795,6 +809,7 @@ ngx_http_lua_log_by_lua_block(ngx_conf_t *cf, ngx_command_t *cmd,
  char *
  ngx_http_lua_log_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+ {
++    size_t                       chunkname_len;
      u_char                      *p, *chunkname;
      ngx_str_t                   *value;
      ngx_http_lua_main_conf_t    *lmcf;
@@ -825,7 +840,8 @@ ngx_http_lua_log_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
      if (cmd->post == ngx_http_lua_log_handler_inline) {
          chunkname = ngx_http_lua_gen_chunk_name(cf, "log_by_lua",
--                                                sizeof("log_by_lua") - 1);
++                                                sizeof("log_by_lua") - 1,
++                                                &chunkname_len);
          if (chunkname == NULL) {
              return NGX_CONF_ERROR;
+         }
@@ -836,13 +852,15 @@ ngx_http_lua_log_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
          llcf->log_src.value = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       chunkname_len + NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          llcf->log_src_key = p;
++        p = ngx_copy(p, chunkname, chunkname_len);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -936,13 +954,17 @@ ngx_http_lua_header_filter_by_lua(ngx_conf_t *cf, ngx_command_t *cmd,
          /* Don't eval nginx variables for inline lua code */
          llcf->header_filter_src.value = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       sizeof("header_filter_by_lua") +
++                       NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          llcf->header_filter_src_key = p;
++        p = ngx_copy(p, "header_filter_by_lua",
++                     sizeof("header_filter_by_lua") - 1);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -1036,13 +1058,16 @@ ngx_http_lua_body_filter_by_lua(ngx_conf_t *cf, ngx_command_t *cmd,
          /* Don't eval nginx variables for inline lua code */
          llcf->body_filter_src.value = value[1];
--        p = ngx_palloc(cf->pool, NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
++        p = ngx_palloc(cf->pool,
++                       sizeof("body_filter_by_lua") +
++                       NGX_HTTP_LUA_INLINE_KEY_LEN + 1);
          if (p == NULL) {
              return NGX_CONF_ERROR;
+         }
          llcf->body_filter_src_key = p;
++        p = ngx_copy(p, "body_filter_by_lua", sizeof("body_filter_by_lua") - 1);
          p = ngx_copy(p, NGX_HTTP_LUA_INLINE_TAG, NGX_HTTP_LUA_INLINE_TAG_LEN);
          p = ngx_http_lua_digest_hex(p, value[1].data, value[1].len);
          *p = '\0';
@@ -1248,7 +1273,8 @@ ngx_http_lua_set_by_lua_init(ngx_http_request_t *r)
  static u_char *
--ngx_http_lua_gen_chunk_name(ngx_conf_t *cf, const char *tag, size_t tag_len)
++ngx_http_lua_gen_chunk_name(ngx_conf_t *cf, const char *tag, size_t tag_len,
++    size_t *chunkname_len)
+ {
      u_char      *p, *out;
      size_t       len;
@@ -1278,10 +1304,12 @@ ngx_http_lua_gen_chunk_name(ngx_conf_t *cf, const char *tag, size_t tag_len)
  found:
--    ngx_snprintf(out, len, "=%*s(%*s:%d)%Z",
--                 tag_len, tag, cf->conf_file->file.name.data
--                               + cf->conf_file->file.name.len - p,
--                 p, cf->conf_file->line);
++    p = ngx_snprintf(out, len, "=%*s(%*s:%d)%Z",
++                     tag_len, tag, cf->conf_file->file.name.data
++                     + cf->conf_file->file.name.len - p,
++                     p, cf->conf_file->line);
++
++    *chunkname_len = p - out - 1;  /* exclude the trailing '\0' byte */
      return out;
+ }
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_exception.h b/debian/modules/http-lua/src/ngx_http_lua_exception.h
 index a70708a..93dfb8f 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_exception.h
 +++ b/debian/modules/http-lua/src/ngx_http_lua_exception.h
@@ -12,13 +12,13 @@
  #include "ngx_http_lua_common.h"
--#define NGX_LUA_EXCEPTION_TRY                                               \
++#define NGX_LUA_EXCEPTION_TRY                                                \
      if (setjmp(ngx_http_lua_exception) == 0)
--#define NGX_LUA_EXCEPTION_CATCH                                             \
++#define NGX_LUA_EXCEPTION_CATCH                                              \
      else
--#define NGX_LUA_EXCEPTION_THROW(x)                                          \
++#define NGX_LUA_EXCEPTION_THROW(x)                                           \
      longjmp(ngx_http_lua_exception, (x))
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_headerfilterby.c b/debian/modules/http-lua/src/ngx_http_lua_headerfilterby.c
 index b504530..a0acd4a 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_headerfilterby.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_headerfilterby.c
@@ -42,9 +42,9 @@ static ngx_http_output_header_filter_pt ngx_http_next_header_filter;
  static void
  ngx_http_lua_header_filter_by_lua_env(lua_State *L, ngx_http_request_t *r)
+ {
--    /*  set nginx request pointer to current lua thread's globals table */
      ngx_http_lua_set_req(L, r);
++#ifndef OPENRESTY_LUAJIT
      /**
       * we want to create empty environment for current script
+      *
@@ -68,6 +68,7 @@ ngx_http_lua_header_filter_by_lua_env(lua_State *L, ngx_http_request_t *r)
      /*  }}} */
      lua_setfenv(L, -2);    /*  set new running env for the code closure */
++#endif /* OPENRESTY_LUAJIT */
+ }
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_headers.c b/debian/modules/http-lua/src/ngx_http_lua_headers.c
 index 6700ce8..e3f48bc 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_headers.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_headers.c
@@ -113,7 +113,7 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
  #if (NGX_HTTP_V2)
      if (mr->stream) {
--        return luaL_error(L, "http v2 not supported yet");
++        return luaL_error(L, "http2 requests not supported yet");
+     }
  #endif
@@ -245,7 +245,7 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
          if (b != mr->header_in) {
              /* skip truncated header entries (if any) */
--            while (last > data && last[-1] != LF) {
++            while (last > data && last[-1] != LF && last[-1] != '\0') {
                  last--;
+             }
+         }
@@ -315,7 +315,7 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
  #if 1
              /* skip truncated header entries (if any) */
--            while (last > p && last[-1] != LF) {
++            while (last > p && last[-1] != LF && last[-1] != '\0') {
                  last--;
+             }
  #endif
@@ -325,8 +325,7 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L)
                  if (*p == '\0') {
                      j++;
                      if (p + 1 == last) {
--                        /* XXX this should not happen */
--                        dd("found string end!!");
++                        *p = LF;
                      } else if (*(p + 1) == LF) {
                          *p = CR;
@@ -398,6 +397,7 @@ ngx_http_lua_ngx_req_get_headers(lua_State *L)
      int                           max;
      int                           raw = 0;
      int                           count = 0;
++    int                           truncated = 0;
      n = lua_gettop(L);
@@ -426,21 +426,24 @@ ngx_http_lua_ngx_req_get_headers(lua_State *L)
      part = &r->headers_in.headers.part;
      count = part->nelts;
--    while (part->next) {
++    while (part->next != NULL) {
          part = part->next;
          count += part->nelts;
+     }
      if (max > 0 && count > max) {
++        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                       "lua exceeding request header limit %d > %d", count,
++                       max);
          count = max;
--        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
--                       "lua exceeding request header limit %d", max);
++        truncated = 1;
+     }
      lua_createtable(L, 0, count);
      if (!raw) {
--        lua_pushlightuserdata(L, &ngx_http_lua_headers_metatable_key);
++        lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
++                              headers_metatable_key));
          lua_rawget(L, LUA_REGISTRYINDEX);
          lua_setmetatable(L, -2);
+     }
@@ -481,9 +484,14 @@ ngx_http_lua_ngx_req_get_headers(lua_State *L)
                         "lua request header: \"%V: %V\"",
                         &header[i].key, &header[i].value);
--        if (--count == 0) {
--            return 1;
++        if (--count <= 0) {
++            break;
+         }
++    }  /* for */
++
++    if (truncated) {
++        lua_pushliteral(L, "truncated");
++        return 2;
+     }
      return 1;
@@ -497,7 +505,6 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L)
      ngx_table_elt_t    *header;
      ngx_http_request_t *r;
      ngx_http_lua_ctx_t *ctx;
--    ngx_int_t           rc;
      u_char             *lowcase_key = NULL;
      size_t              lowcase_key_sz = 0;
      ngx_uint_t          i;
@@ -505,6 +512,8 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L)
      int                 max;
      int                 raw = 0;
      int                 count = 0;
++    int                 truncated = 0;
++    int                 extra = 0;
      n = lua_gettop(L);
@@ -534,42 +543,27 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L)
          return luaL_error(L, "no ctx found");
+     }
--    if (!ctx->headers_set) {
--        rc = ngx_http_lua_set_content_type(r);
--        if (rc != NGX_OK) {
--            return luaL_error(L,
--                              "failed to set default content type: %d",
--                              (int) rc);
--        }
--
--        ctx->headers_set = 1;
--    }
--
      ngx_http_lua_check_fake_request(L, r);
      part = &r->headers_out.headers.part;
      count = part->nelts;
--    while (part->next) {
++    while (part->next != NULL) {
          part = part->next;
          count += part->nelts;
+     }
--    if (max > 0 && count > max) {
--        count = max;
--        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
--                       "lua exceeding request header limit %d", max);
--    }
--
--    lua_createtable(L, 0, count);
++    lua_createtable(L, 0, count + 2);
      if (!raw) {
--        lua_pushlightuserdata(L, &ngx_http_lua_headers_metatable_key);
++        lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
++                              headers_metatable_key));
          lua_rawget(L, LUA_REGISTRYINDEX);
          lua_setmetatable(L, -2);
+     }
  #if 1
      if (r->headers_out.content_type.len) {
++        extra++;
          lua_pushliteral(L, "content-type");
          lua_pushlstring(L, (char *) r->headers_out.content_type.data,
                          r->headers_out.content_type.len);
@@ -579,11 +573,13 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L)
      if (r->headers_out.content_length == NULL
          && r->headers_out.content_length_n >= 0)
+     {
++        extra++;
          lua_pushliteral(L, "content-length");
          lua_pushfstring(L, "%d", (int) r->headers_out.content_length_n);
          lua_rawset(L, -3);
+     }
++    extra++;
      lua_pushliteral(L, "connection");
      if (r->headers_out.status == NGX_HTTP_SWITCHING_PROTOCOLS) {
          lua_pushliteral(L, "upgrade");
@@ -597,12 +593,21 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L)
      lua_rawset(L, -3);
      if (r->chunked) {
++        extra++;
          lua_pushliteral(L, "transfer-encoding");
          lua_pushliteral(L, "chunked");
          lua_rawset(L, -3);
+     }
  #endif
++    if (max > 0 && count + extra > max) {
++        truncated = 1;
++        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                       "lua exceeding response header limit %d > %d",
++                       count + extra, max);
++        count = max - extra;
++    }
++
      part = &r->headers_out.headers.part;
      header = part->elts;
@@ -655,9 +660,14 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L)
                         "lua response header: \"%V: %V\"",
                         &header[i].key, &header[i].value);
--        if (--count == 0) {
--            return 1;
++        if (--count <= 0) {
++            break;
+         }
++    }  /* for */
++
++    if (truncated) {
++        lua_pushliteral(L, "truncated");
++        return 2;
+     }
      return 1;
@@ -674,7 +684,6 @@ ngx_http_lua_ngx_header_get(lua_State *L)
      size_t                       len;
      ngx_http_lua_loc_conf_t     *llcf;
      ngx_http_lua_ctx_t          *ctx;
--    ngx_int_t                    rc;
      r = ngx_http_lua_get_req(L);
      if (r == NULL) {
@@ -717,18 +726,7 @@ ngx_http_lua_ngx_header_get(lua_State *L)
      key.len = len;
--    if (!ctx->headers_set) {
--        rc = ngx_http_lua_set_content_type(r);
--        if (rc != NGX_OK) {
--            return luaL_error(L,
--                              "failed to set default content type: %d",
--                              (int) rc);
--        }
--
--        ctx->headers_set = 1;
--    }
--
--    return ngx_http_lua_get_output_header(L, r, &key);
++    return ngx_http_lua_get_output_header(L, r, ctx, &key);
+ }
@@ -791,16 +789,7 @@ ngx_http_lua_ngx_header_set(lua_State *L)
+         }
+     }
--    if (!ctx->headers_set) {
--        rc = ngx_http_lua_set_content_type(r);
--        if (rc != NGX_OK) {
--            return luaL_error(L,
--                              "failed to set default content type: %d",
--                              (int) rc);
--        }
--
--        ctx->headers_set = 1;
--    }
++    ctx->headers_set = 1;
      if (lua_type(L, 3) == LUA_TNIL) {
          ngx_str_null(&value);
@@ -825,7 +814,7 @@ ngx_http_lua_ngx_header_set(lua_State *L)
                  ngx_memcpy(value.data, p, len);
                  value.len = len;
--                rc = ngx_http_lua_set_output_header(r, key, value,
++                rc = ngx_http_lua_set_output_header(r, ctx, key, value,
                                                      i == 1 /* override */);
                  if (rc == NGX_ERROR) {
@@ -852,7 +841,7 @@ ngx_http_lua_ngx_header_set(lua_State *L)
      dd("key: %.*s, value: %.*s",
         (int) key.len, key.data, (int) value.len, value.data);
--    rc = ngx_http_lua_set_output_header(r, key, value, 1 /* override */);
++    rc = ngx_http_lua_set_output_header(r, ctx, key, value, 1 /* override */);
      if (rc == NGX_ERROR) {
          return luaL_error(L, "failed to set header %s (error: %d)",
@@ -1061,7 +1050,8 @@ ngx_http_lua_create_headers_metatable(ngx_log_t *log, lua_State *L)
          "local new_key = string.gsub(string.lower(key), '_', '-')\n"
          "if new_key ~= key then return tb[new_key] else return nil end";
--    lua_pushlightuserdata(L, &ngx_http_lua_headers_metatable_key);
++    lua_pushlightuserdata(L, ngx_http_lua_lightudata_mask(
++                          headers_metatable_key));
      /* metatable for ngx.req.get_headers(_, true) and
       * ngx.resp.get_headers(_, true) */
@@ -1084,7 +1074,8 @@ ngx_http_lua_create_headers_metatable(ngx_log_t *log, lua_State *L)
  #ifndef NGX_LUA_NO_FFI_API
  int
--ngx_http_lua_ffi_req_get_headers_count(ngx_http_request_t *r, int max)
++ngx_http_lua_ffi_req_get_headers_count(ngx_http_request_t *r, int max,
++    int *truncated)
+ {
      int                           count;
      ngx_list_part_t              *part;
@@ -1093,21 +1084,26 @@ ngx_http_lua_ffi_req_get_headers_count(ngx_http_request_t *r, int max)
          return NGX_HTTP_LUA_FFI_BAD_CONTEXT;
+     }
++    *truncated = 0;
++
      if (max < 0) {
          max = NGX_HTTP_LUA_MAX_HEADERS;
+     }
      part = &r->headers_in.headers.part;
      count = part->nelts;
--    while (part->next) {
++    while (part->next != NULL) {
          part = part->next;
          count += part->nelts;
+     }
      if (max > 0 && count > max) {
++        *truncated = 1;
++
++        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
++                       "lua exceeding request header limit %d > %d", count,
++                       max);
          count = max;
--        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
--                       "lua exceeding request header limit %d", max);
+     }
      return count;
@@ -1167,7 +1163,8 @@ ngx_http_lua_ffi_req_get_headers(ngx_http_request_t *r,
  int
  ngx_http_lua_ffi_set_resp_header(ngx_http_request_t *r, const u_char *key_data,
      size_t key_len, int is_nil, const u_char *sval, size_t sval_len,
--    ngx_http_lua_ffi_str_t *mvals, size_t mvals_len, char **errmsg)
++    ngx_http_lua_ffi_str_t *mvals, size_t mvals_len, int override,
++    char **errmsg)
+ {
      u_char                      *p;
      ngx_str_t                    value, key;
@@ -1214,15 +1211,7 @@ ngx_http_lua_ffi_set_resp_header(ngx_http_request_t *r, const u_char *key_data,
+         }
+     }
--    if (!ctx->headers_set) {
--        rc = ngx_http_lua_set_content_type(r);
--        if (rc != NGX_OK) {
--            *errmsg = "failed to set default content type";
--            return NGX_ERROR;
--        }
--
--        ctx->headers_set = 1;
--    }
++    ctx->headers_set = 1;
      if (is_nil) {
          value.data = NULL;
@@ -1249,8 +1238,8 @@ ngx_http_lua_ffi_set_resp_header(ngx_http_request_t *r, const u_char *key_data,
                  ngx_memcpy(value.data, p, len);
                  value.len = len;
--                rc = ngx_http_lua_set_output_header(r, key, value,
--                                                    i == 0 /* override */);
++                rc = ngx_http_lua_set_output_header(r, ctx, key, value,
++                                                    override && i == 0);
                  if (rc == NGX_ERROR) {
                      *errmsg = "failed to set header";
@@ -1275,7 +1264,7 @@ ngx_http_lua_ffi_set_resp_header(ngx_http_request_t *r, const u_char *key_data,
      dd("key: %.*s, value: %.*s",
         (int) key.len, key.data, (int) value.len, value.data);
--    rc = ngx_http_lua_set_output_header(r, key, value, 1 /* override */);
++    rc = ngx_http_lua_set_output_header(r, ctx, key, value, override);
      if (rc == NGX_ERROR) {
          *errmsg = "failed to set header";
@@ -1343,7 +1332,8 @@ ngx_http_lua_ffi_req_header_set_single_value(ngx_http_request_t *r,
  int
  ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r,
      const u_char *key, size_t key_len,
--    u_char *key_buf, ngx_http_lua_ffi_str_t *values, int max_nvalues)
++    u_char *key_buf, ngx_http_lua_ffi_str_t *values, int max_nvalues,
++    char **errmsg)
+ {
      int                  found;
      u_char               c, *p;
@@ -1360,19 +1350,10 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r,
      ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module);
      if (ctx == NULL) {
--        /* *errmsg = "no ctx found"; */
++        *errmsg = "no ctx found";
          return NGX_ERROR;
+     }
--    if (!ctx->headers_set) {
--        if (ngx_http_lua_set_content_type(r) != NGX_OK) {
--            /* *errmsg = "failed to set default content type"; */
--            return NGX_ERROR;
--        }
--
--        ctx->headers_set = 1;
--    }
--
      llcf = ngx_http_get_module_loc_conf(r, ngx_http_lua_module);
      if (llcf->transform_underscores_in_resp_headers
          && memchr(key, '_', key_len) != NULL)
@@ -1398,6 +1379,7 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r,
+         {
              p = ngx_palloc(r->pool, NGX_OFF_T_LEN);
              if (p == NULL) {
++                *errmsg = "no memory";
                  return NGX_ERROR;
+             }
@@ -1411,8 +1393,8 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r,
          break;
      case 12:
--        if (r->headers_out.content_type.len
--            && ngx_strncasecmp(key_buf, (u_char *) "Content-Type", 12) == 0)
++        if (ngx_strncasecmp(key_buf, (u_char *) "Content-Type", 12) == 0
++            && r->headers_out.content_type.len)
+         {
              values[0].data = r->headers_out.content_type.data;
              values[0].len = r->headers_out.content_type.len;
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_headers_in.c b/debian/modules/http-lua/src/ngx_http_lua_headers_in.c
 index 4852b2f..c52cd13 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_headers_in.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_headers_in.c
@@ -432,10 +432,14 @@ static ngx_int_t
  ngx_http_set_host_header(ngx_http_request_t *r, ngx_http_lua_header_val_t *hv,
      ngx_str_t *value)
+ {
--    ngx_str_t host;
++    ngx_str_t                    host;
++    ngx_http_lua_main_conf_t    *lmcf;
++    ngx_http_variable_value_t   *var;
      dd("server new value len: %d", (int) value->len);
++    lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module);
++
      if (value->len) {
          host= *value;
@@ -449,6 +453,10 @@ ngx_http_set_host_header(ngx_http_request_t *r, ngx_http_lua_header_val_t *hv,
          r->headers_in.server = *value;
+     }
++    var = &r->variables[lmcf->host_var_index];
++    var->valid = 0;
++    var->not_found = 0;
++
      return ngx_http_set_builtin_header(r, hv, value);
+ }
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_headers_out.c b/debian/modules/http-lua/src/ngx_http_lua_headers_out.c
 index b908eae..cf94bd0 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_headers_out.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_headers_out.c
@@ -106,6 +106,12 @@ static ngx_http_lua_set_header_t  ngx_http_lua_set_handlers[] = {
                   offsetof(ngx_http_headers_out_t, cache_control),
                   ngx_http_set_builtin_multi_header },
++#if defined(nginx_version) && nginx_version >= 1013009
++    { ngx_string("Link"),
++                 offsetof(ngx_http_headers_out_t, link),
++                 ngx_http_set_builtin_multi_header },
++#endif
++
      { ngx_null_string, 0, ngx_http_set_header }
  };
@@ -476,8 +482,8 @@ ngx_http_clear_builtin_header(ngx_http_request_t *r,
  ngx_int_t
--ngx_http_lua_set_output_header(ngx_http_request_t *r, ngx_str_t key,
--    ngx_str_t value, unsigned override)
++ngx_http_lua_set_output_header(ngx_http_request_t *r, ngx_http_lua_ctx_t *ctx,
++    ngx_str_t key, ngx_str_t value, unsigned override)
+ {
      ngx_http_lua_header_val_t         hv;
      ngx_http_lua_set_header_t        *handlers = ngx_http_lua_set_handlers;
@@ -508,6 +514,10 @@ ngx_http_lua_set_output_header(ngx_http_request_t *r, ngx_str_t key,
          hv.offset = handlers[i].offset;
          hv.handler = handlers[i].handler;
++        if (hv.handler == ngx_http_set_content_type_header) {
++            ctx->mime_set = 1;
++        }
++
          break;
+     }
@@ -528,7 +538,7 @@ ngx_http_lua_set_output_header(ngx_http_request_t *r, ngx_str_t key,
  int
  ngx_http_lua_get_output_header(lua_State *L, ngx_http_request_t *r,
--    ngx_str_t *key)
++    ngx_http_lua_ctx_t *ctx, ngx_str_t *key)
+ {
      ngx_table_elt_t            *h;
      ngx_list_part_t            *part;
@@ -550,8 +560,8 @@ ngx_http_lua_get_output_header(lua_State *L, ngx_http_request_t *r,
          break;
      case 12:
--        if (r->headers_out.content_type.len
--            && ngx_strncasecmp(key->data, (u_char *) "Content-Type", 12) == 0)
++        if (ngx_strncasecmp(key->data, (u_char *) "Content-Type", 12) == 0
++            && r->headers_out.content_type.len)
+         {
              lua_pushlstring(L, (char *) r->headers_out.content_type.data,
                              r->headers_out.content_type.len);
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_headers_out.h b/debian/modules/http-lua/src/ngx_http_lua_headers_out.h
 index ef5e6d4..6ec1fe3 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_headers_out.h
 +++ b/debian/modules/http-lua/src/ngx_http_lua_headers_out.h
@@ -12,10 +12,10 @@
  #include "ngx_http_lua_common.h"
--ngx_int_t ngx_http_lua_set_output_header(ngx_http_request_t *r, ngx_str_t key,
--    ngx_str_t value, unsigned override);
++ngx_int_t ngx_http_lua_set_output_header(ngx_http_request_t *r,
++    ngx_http_lua_ctx_t *ctx, ngx_str_t key, ngx_str_t value, unsigned override);
  int ngx_http_lua_get_output_header(lua_State *L, ngx_http_request_t *r,
--    ngx_str_t *key);
++    ngx_http_lua_ctx_t *ctx, ngx_str_t *key);
  #endif /* _NGX_HTTP_LUA_HEADERS_OUT_H_INCLUDED_ */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_initworkerby.c b/debian/modules/http-lua/src/ngx_http_lua_initworkerby.c
 index 6754b4b..76acdc3 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_initworkerby.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_initworkerby.c
@@ -12,6 +12,7 @@
  #include "ngx_http_lua_initworkerby.h"
  #include "ngx_http_lua_util.h"
++#include "ngx_http_lua_pipe.h"
  static u_char *ngx_http_lua_log_init_worker_error(ngx_log_t *log,
@@ -25,6 +26,7 @@ ngx_http_lua_init_worker(ngx_cycle_t *cycle)
      void                        *cur, *prev;
      ngx_uint_t                   i;
      ngx_conf_t                   conf;
++    ngx_conf_file_t              cf_file;
      ngx_cycle_t                 *fake_cycle;
      ngx_module_t               **modules;
      ngx_open_file_t             *file, *ofile;
@@ -40,10 +42,46 @@ ngx_http_lua_init_worker(ngx_cycle_t *cycle)
      lmcf = ngx_http_cycle_get_module_main_conf(cycle, ngx_http_lua_module);
--    if (lmcf == NULL
--        || lmcf->init_worker_handler == NULL
--        || lmcf->lua == NULL)
++    if (lmcf == NULL || lmcf->lua == NULL) {
++        return NGX_OK;
++    }
++
++    /* lmcf != NULL && lmcf->lua != NULL */
++
++#if !(NGX_WIN32)
++    if (ngx_process == NGX_PROCESS_HELPER
++#   ifdef HAVE_PRIVILEGED_PROCESS_PATCH
++        && !ngx_is_privileged_agent
++#   endif
++       )
+     {
++        /* disable init_worker_by_lua* and destroy lua VM in cache processes */
++
++        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
++                       "lua close the global Lua VM %p in the "
++                       "cache helper process %P", lmcf->lua, ngx_pid);
++
++        lmcf->vm_cleanup->handler(lmcf->vm_cleanup->data);
++        lmcf->vm_cleanup->handler = NULL;
++
++        return NGX_OK;
++    }
++
++#ifdef HAVE_NGX_LUA_PIPE
++    if (ngx_http_lua_pipe_add_signal_handler(cycle) != NGX_OK) {
++        return NGX_ERROR;
++    }
++#endif
++
++#endif  /* NGX_WIN32 */
++
++#if (NGX_HTTP_LUA_HAVE_SA_RESTART)
++    if (lmcf->set_sa_restart) {
++        ngx_http_lua_set_sa_restart(ngx_cycle->log);
++    }
++#endif
++
++    if (lmcf->init_worker_handler == NULL) {
          return NGX_OK;
+     }
@@ -143,6 +181,10 @@ ngx_http_lua_init_worker(ngx_cycle_t *cycle)
      conf.pool = fake_cycle->pool;
      conf.log = cycle->log;
++    ngx_memzero(&cf_file, sizeof(cf_file));
++    cf_file.file.name = cycle->conf_file;
++    conf.conf_file = &cf_file;
++
      http_ctx.loc_conf = ngx_pcalloc(conf.pool,
                                      sizeof(void *) * ngx_http_max_module);
      if (http_ctx.loc_conf == NULL) {
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_input_filters.c b/debian/modules/http-lua/src/ngx_http_lua_input_filters.c
 new file mode 100644
 index 0000000..87a9d8c
 --- /dev/null
 +++ b/debian/modules/http-lua/src/ngx_http_lua_input_filters.c
@@ -0,0 +1,137 @@
++
++/*
++ * Copyright (C) by OpenResty Inc.
++ */
++
++
++#ifndef DDEBUG
++#define DDEBUG 0
++#endif
++#include "ddebug.h"
++
++
++#include "ngx_http_lua_common.h"
++
++
++ngx_int_t
++ngx_http_lua_read_bytes(ngx_buf_t *src, ngx_chain_t *buf_in, size_t *rest,
++    ssize_t bytes, ngx_log_t *log)
++{
++    if (bytes == 0) {
++        return NGX_ERROR;
++    }
++
++    if ((size_t) bytes >= *rest) {
++
++        buf_in->buf->last += *rest;
++        src->pos += *rest;
++        *rest = 0;
++
++        return NGX_OK;
++    }
++
++    /* bytes < *rest */
++
++    buf_in->buf->last += bytes;
++    src->pos += bytes;
++    *rest -= bytes;
++
++    return NGX_AGAIN;
++}
++
++
++ngx_int_t
++ngx_http_lua_read_all(ngx_buf_t *src, ngx_chain_t *buf_in, ssize_t bytes,
++    ngx_log_t *log)
++{
++    if (bytes == 0) {
++        return NGX_OK;
++    }
++
++    buf_in->buf->last += bytes;
++    src->pos += bytes;
++
++    return NGX_AGAIN;
++}
++
++
++ngx_int_t
++ngx_http_lua_read_any(ngx_buf_t *src, ngx_chain_t *buf_in, size_t *max,
++    ssize_t bytes, ngx_log_t *log)
++{
++    if (bytes == 0) {
++        return NGX_ERROR;
++    }
++
++    if (bytes >= (ssize_t) *max) {
++        bytes = (ssize_t) *max;
++    }
++
++    buf_in->buf->last += bytes;
++    src->pos += bytes;
++
++    return NGX_OK;
++}
++
++
++ngx_int_t
++ngx_http_lua_read_line(ngx_buf_t *src, ngx_chain_t *buf_in, ssize_t bytes,
++    ngx_log_t *log)
++{
++    u_char                      *dst;
++    u_char                       c;
++#if (NGX_DEBUG)
++    u_char                      *begin;
++#endif
++
++#if (NGX_DEBUG)
++    begin = src->pos;
++#endif
++
++    if (bytes == 0) {
++        return NGX_ERROR;
++    }
++
++    dd("already read: %p: %.*s", buf_in,
++       (int) (buf_in->buf->last - buf_in->buf->pos), buf_in->buf->pos);
++
++    dd("data read: %.*s", (int) bytes, src->pos);
++
++    dst = buf_in->buf->last;
++
++    while (bytes--) {
++
++        c = *src->pos++;
++
++        switch (c) {
++        case '\n':
++            ngx_log_debug2(NGX_LOG_DEBUG_HTTP, log, 0,
++                           "lua read the final line part: \"%*s\"",
++                           src->pos - 1 - begin, begin);
++
++            buf_in->buf->last = dst;
++
++            dd("read a line: %p: %.*s", buf_in,
++               (int) (buf_in->buf->last - buf_in->buf->pos), buf_in->buf->pos);
++
++            return NGX_OK;
++
++        case '\r':
++            /* ignore it */
++            break;
++
++        default:
++            *dst++ = c;
++            break;
++        }
++    }
++
++#if (NGX_DEBUG)
++    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, log, 0,
++                   "lua read partial line data: %*s", dst - begin, begin);
++#endif
++
++    buf_in->buf->last = dst;
++
++    return NGX_AGAIN;
++}
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_input_filters.h b/debian/modules/http-lua/src/ngx_http_lua_input_filters.h
 new file mode 100644
 index 0000000..046d40f
 --- /dev/null
 +++ b/debian/modules/http-lua/src/ngx_http_lua_input_filters.h
@@ -0,0 +1,29 @@
++
++/*
++ * Copyright (C) by OpenResty Inc.
++ */
++
++
++#ifndef _NGX_HTTP_LUA_INPUT_FILTERS_H_INCLUDED_
++#define _NGX_HTTP_LUA_INPUT_FILTERS_H_INCLUDED_
++
++
++#include "ngx_http_lua_common.h"
++
++
++ngx_int_t ngx_http_lua_read_bytes(ngx_buf_t *src, ngx_chain_t *buf_in,
++    size_t *rest, ssize_t bytes, ngx_log_t *log);
++
++ngx_int_t ngx_http_lua_read_all(ngx_buf_t *src, ngx_chain_t *buf_in,
++    ssize_t bytes, ngx_log_t *log);
++
++ngx_int_t ngx_http_lua_read_any(ngx_buf_t *src, ngx_chain_t *buf_in,
++    size_t *max, ssize_t bytes, ngx_log_t *log);
++
++ngx_int_t ngx_http_lua_read_line(ngx_buf_t *src, ngx_chain_t *buf_in,
++    ssize_t bytes, ngx_log_t *log);
++
++
++#endif /* _NGX_HTTP_LUA_INPUT_FILTERS_H_INCLUDED_ */
++
++/* vi:set ft=c ts=4 sw=4 et fdm=marker: */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_log.c b/debian/modules/http-lua/src/ngx_http_lua_log.c
 index c18e6b0..0042a5e 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_log.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_log.c
@@ -428,6 +428,29 @@ ngx_http_lua_ffi_errlog_get_sys_filter_level(ngx_http_request_t *r)
      return log_level;
+ }
++
++int
++ngx_http_lua_ffi_raw_log(ngx_http_request_t *r, int level, u_char *s,
++    size_t s_len)
++{
++    ngx_log_t           *log;
++
++    if (level > NGX_LOG_DEBUG || level < NGX_LOG_STDERR) {
++        return NGX_ERROR;
++    }
++
++    if (r && r->connection && r->connection->log) {
++        log = r->connection->log;
++
++    } else {
++        log = ngx_cycle->log;
++    }
++
++    ngx_log_error((unsigned) level, log, 0, "%*s", s_len, s);
++
++    return NGX_OK;
++}
++
  #endif
  /* vi:set ft=c ts=4 sw=4 et fdm=marker: */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_logby.c b/debian/modules/http-lua/src/ngx_http_lua_logby.c
 index 0f1d2f3..32d1cba 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_logby.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_logby.c
@@ -38,9 +38,9 @@ static ngx_int_t ngx_http_lua_log_by_chunk(lua_State *L, ngx_http_request_t *r);
  static void
  ngx_http_lua_log_by_lua_env(lua_State *L, ngx_http_request_t *r)
+ {
--    /*  set nginx request pointer to current lua thread's globals table */
      ngx_http_lua_set_req(L, r);
++#ifndef OPENRESTY_LUAJIT
      /**
       * we want to create empty environment for current script
+      *
@@ -64,6 +64,7 @@ ngx_http_lua_log_by_lua_env(lua_State *L, ngx_http_request_t *r)
      /*  }}} */
      lua_setfenv(L, -2);    /*  set new running env for the code closure */
++#endif /* OPENRESTY_LUAJIT */
+ }
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_misc.c b/debian/modules/http-lua/src/ngx_http_lua_misc.c
 index f96e2f2..145ca9b 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_misc.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_misc.c
@@ -286,6 +286,33 @@ ngx_http_lua_ffi_headers_sent(ngx_http_request_t *r)
      return r->header_sent ? 1 : 0;
+ }
++
++
++int
++ngx_http_lua_ffi_get_conf_env(u_char *name, u_char **env_buf, size_t *name_len)
++{
++    ngx_uint_t            i;
++    ngx_str_t            *var;
++    ngx_core_conf_t      *ccf;
++
++    ccf = (ngx_core_conf_t *) ngx_get_conf(ngx_cycle->conf_ctx,
++                                           ngx_core_module);
++
++    var = ccf->env.elts;
++
++    for (i = 0; i < ccf->env.nelts; i++) {
++        if (var[i].data[var[i].len] == '='
++            && ngx_strncmp(name, var[i].data, var[i].len) == 0)
++        {
++            *env_buf = var[i].data;
++            *name_len = var[i].len;
++
++            return NGX_OK;
++        }
++    }
++
++    return NGX_DECLINED;
++}
  #endif /* NGX_LUA_NO_FFI_API */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_module.c b/debian/modules/http-lua/src/ngx_http_lua_module.c
 index 9d914e8..2a3f5d5 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_module.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_module.c
@@ -29,6 +29,7 @@
  #include "ngx_http_lua_ssl_session_storeby.h"
  #include "ngx_http_lua_ssl_session_fetchby.h"
  #include "ngx_http_lua_headers.h"
++#include "ngx_http_lua_pipe.h"
  static void *ngx_http_lua_create_main_conf(ngx_conf_t *cf);
@@ -65,6 +66,9 @@ static ngx_conf_bitmask_t  ngx_http_lua_ssl_protocols[] = {
      { ngx_string("TLSv1"), NGX_SSL_TLSv1 },
      { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 },
      { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 },
++#ifdef NGX_SSL_TLSv1_3
++    { ngx_string("TLSv1.3"), NGX_SSL_TLSv1_3 },
++#endif
      { ngx_null_string, 0 }
  };
@@ -73,6 +77,13 @@ static ngx_conf_bitmask_t  ngx_http_lua_ssl_protocols[] = {
  static ngx_command_t ngx_http_lua_cmds[] = {
++    { ngx_string("lua_load_resty_core"),
++      NGX_HTTP_MAIN_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_MAIN_CONF_OFFSET,
++      offsetof(ngx_http_lua_main_conf_t, load_resty_core),
++      NULL },
++
      { ngx_string("lua_max_running_timers"),
        NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
        ngx_conf_set_num_slot,
@@ -101,6 +112,13 @@ static ngx_command_t ngx_http_lua_cmds[] = {
 ,
        NULL },
++    { ngx_string("lua_sa_restart"),
++      NGX_HTTP_MAIN_CONF|NGX_CONF_FLAG,
++      ngx_conf_set_flag_slot,
++      NGX_HTTP_MAIN_CONF_OFFSET,
++      offsetof(ngx_http_lua_main_conf_t, set_sa_restart),
++      NULL },
++
  #if (NGX_PCRE)
      { ngx_string("lua_regex_cache_max_entries"),
        NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
@@ -635,9 +653,19 @@ ngx_http_lua_init(ngx_conf_t *cf)
  #if !defined(NGX_LUA_NO_FFI_API) || nginx_version >= 1011011
      ngx_pool_cleanup_t         *cln;
  #endif
++    ngx_str_t                   name = ngx_string("host");
++
++    if (ngx_process == NGX_PROCESS_SIGNALLER || ngx_test_config) {
++        return NGX_OK;
++    }
      lmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_lua_module);
++    lmcf->host_var_index = ngx_http_get_variable_index(cf, &name);
++    if (lmcf->host_var_index == NGX_ERROR) {
++        return NGX_ERROR;
++    }
++
      if (ngx_http_lua_prev_cycle != ngx_cycle) {
          ngx_http_lua_prev_cycle = ngx_cycle;
          multi_http_blocks = 0;
@@ -722,6 +750,11 @@ ngx_http_lua_init(ngx_conf_t *cf)
      cln->data = lmcf;
      cln->handler = ngx_http_lua_sema_mm_cleanup;
++
++#ifdef HAVE_NGX_LUA_PIPE
++    ngx_http_lua_pipe_init();
++#endif
++
  #endif
  #if nginx_version >= 1011011
@@ -737,6 +770,19 @@ ngx_http_lua_init(ngx_conf_t *cf)
      if (lmcf->lua == NULL) {
          dd("initializing lua vm");
++#ifndef OPENRESTY_LUAJIT
++        if (ngx_process != NGX_PROCESS_SIGNALLER && !ngx_test_config) {
++            ngx_log_error(NGX_LOG_ALERT, cf->log, 0,
++                          "detected a LuaJIT version which is not OpenResty's"
++                          "; many optimizations will be disabled and "
++                          "performance will be compromised (see "
++                          "https://github.com/openresty/luajit2 for "
++                          "OpenResty's LuaJIT or, even better, consider using "
++                          "the OpenResty releases from https://openresty.org/"
++                          "en/download.html)");
++        }
++#endif
++
          ngx_http_lua_content_length_hash =
                                    ngx_http_lua_hash_literal("content-length");
          ngx_http_lua_location_hash = ngx_http_lua_hash_literal("location");
@@ -838,6 +884,7 @@ ngx_http_lua_create_main_conf(ngx_conf_t *cf)
       */
      lmcf->pool = cf->pool;
++    lmcf->load_resty_core = NGX_CONF_UNSET;
      lmcf->max_pending_timers = NGX_CONF_UNSET;
      lmcf->max_running_timers = NGX_CONF_UNSET;
  #if (NGX_PCRE)
@@ -847,6 +894,8 @@ ngx_http_lua_create_main_conf(ngx_conf_t *cf)
      lmcf->postponed_to_rewrite_phase_end = NGX_CONF_UNSET;
      lmcf->postponed_to_access_phase_end = NGX_CONF_UNSET;
++    lmcf->set_sa_restart = NGX_CONF_UNSET;
++
  #if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM)
      lmcf->malloc_trim_cycle = NGX_CONF_UNSET_UINT;
  #endif
@@ -869,6 +918,10 @@ ngx_http_lua_init_main_conf(ngx_conf_t *cf, void *conf)
+ {
      ngx_http_lua_main_conf_t *lmcf = conf;
++    if (lmcf->load_resty_core == NGX_CONF_UNSET) {
++        lmcf->load_resty_core = 1;
++    }
++
  #if (NGX_PCRE)
      if (lmcf->regex_cache_max_entries == NGX_CONF_UNSET) {
          lmcf->regex_cache_max_entries = 1024;
@@ -887,6 +940,12 @@ ngx_http_lua_init_main_conf(ngx_conf_t *cf, void *conf)
          lmcf->max_running_timers = 256;
+     }
++#if (NGX_HTTP_LUA_HAVE_SA_RESTART)
++    if (lmcf->set_sa_restart == NGX_CONF_UNSET) {
++        lmcf->set_sa_restart = 1;
++    }
++#endif
++
  #if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM)
      if (lmcf->malloc_trim_cycle == NGX_CONF_UNSET_UINT) {
          lmcf->malloc_trim_cycle = 1000;  /* number of reqs */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_ndk.c b/debian/modules/http-lua/src/ngx_http_lua_ndk.c
 index 24b80b4..6344183 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_ndk.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_ndk.c
@@ -186,6 +186,47 @@ ngx_http_lua_inject_ndk_api(lua_State *L)
+ }
++int
++ngx_http_lua_ffi_ndk_lookup_directive(const u_char *var_data,
++    size_t var_len, ndk_set_var_value_pt *func)
++{
++    *func = ngx_http_lookup_ndk_set_var_directive((u_char *) var_data, var_len);
++
++    if (*func == NULL) {
++        return NGX_ERROR;
++    }
++
++    return NGX_OK;
++}
++
++
++int
++ngx_http_lua_ffi_ndk_set_var_get(ngx_http_request_t *r,
++    ndk_set_var_value_pt func, const u_char *arg_data, size_t arg_len,
++    ngx_http_lua_ffi_str_t *value)
++{
++    ngx_int_t                            rc;
++    ngx_str_t                            res;
++    ngx_http_variable_value_t            arg;
++
++    ngx_memzero(&arg, sizeof(ngx_http_variable_value_t));
++    arg.valid = 1;
++
++    arg.data = (u_char *) arg_data;
++    arg.len = arg_len;
++
++    rc = func(r, &res, &arg);
++
++    if (rc != NGX_OK) {
++        return rc;
++    }
++
++    value->data = res.data;
++    value->len = res.len;
++    return NGX_OK;
++}
++
++
  #endif /* defined(NDK) && NDK */
  /* vi:set ft=c ts=4 sw=4 et fdm=marker: */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_phase.c b/debian/modules/http-lua/src/ngx_http_lua_phase.c
 index 50c5311..304c88a 100644
 --- a/debian/modules/http-lua/src/ngx_http_lua_phase.c
 +++ b/debian/modules/http-lua/src/ngx_http_lua_phase.c
@@ -107,4 +107,22 @@ ngx_http_lua_inject_phase_api(lua_State *L)
      lua_setfield(L, -2, "get_phase");
+ }
++
++#ifndef NGX_LUA_NO_FFI_API
++int
++ngx_http_lua_ffi_get_phase(ngx_http_request_t *r, char **err)
++{
++    ngx_http_lua_ctx_t  *ctx;
++
++    ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module);
++    if (ctx == NULL) {
++        *err = "no request context";
++        return NGX_ERROR;
++    }
++
++    return ctx->context;
++}
++#endif
++
++
  /* vi:set ft=c ts=4 sw=4 et fdm=marker: */
 diff --git a/debian/modules/http-lua/src/ngx_http_lua_pipe.c b/debian/modules/http-lua/src/ngx_http_lua_pipe.c
 new file mode 100644
 index 0000000..8c8221f
 --- /dev/null
 +++ b/debian/modules/http-lua/src/ngx_http_lua_pipe.c
@@ -0,0 +1,2475 @@
++
++/*
++ * Copyright (C) by OpenResty Inc.
++ */
++
++
++#ifndef DDEBUG
++#define DDEBUG 0
++#endif
++#include "ddebug.h"
++
++
++#include "ngx_http_lua_common.h"
++#include "ngx_http_lua_input_filters.h"
++#include "ngx_http_lua_util.h"
++#include "ngx_http_lua_pipe.h"
++#if (NGX_HTTP_LUA_HAVE_SIGNALFD)
++#include <sys/signalfd.h>
++#endif
++
++
++#ifdef HAVE_NGX_LUA_PIPE
++static ngx_rbtree_node_t *ngx_http_lua_pipe_lookup_pid(ngx_rbtree_key_t key);
++#if !(NGX_HTTP_LUA_HAVE_SIGNALFD)
++static void ngx_http_lua_pipe_sigchld_handler(int signo, siginfo_t *siginfo,
++    void *ucontext);
++#endif
++static void ngx_http_lua_pipe_sigchld_event_handler(ngx_event_t *ev);
++static ssize_t ngx_http_lua_pipe_fd_read(ngx_connection_t *c, u_char *buf,
++    size_t size);
++static ssize_t ngx_http_lua_pipe_fd_write(ngx_connection_t *c, u_char *buf,
++    size_t size);
++static ngx_int_t ngx_http_lua_pipe_close_helper(
++    ngx_http_lua_pipe_ctx_t *pipe_ctx, ngx_event_t *ev, int forced);
++static ngx_int_t ngx_http_lua_pipe_close_stdin(ngx_http_lua_pipe_t *pipe,
++    int forced);
++static ngx_int_t ngx_http_lua_pipe_close_stdout(ngx_http_lua_pipe_t *pipe,
++    int forced);
++static ngx_int_t ngx_http_lua_pipe_close_stderr(ngx_http_lua_pipe_t *pipe,
++    int forced);
++static void ngx_http_lua_pipe_proc_finalize(ngx_http_lua_ffi_pipe_proc_t *proc,
++    int forced);
++static ngx_int_t ngx_http_lua_pipe_get_lua_ctx(ngx_http_request_t *r,
++    ngx_http_lua_ctx_t **ctx, u_char *errbuf, size_t *errbuf_size);
++static void ngx_http_lua_pipe_put_error(ngx_http_lua_pipe_ctx_t *pipe_ctx,
++    u_char *errbuf, size_t *errbuf_size);
++static void ngx_http_lua_pipe_put_data(ngx_http_lua_pipe_t *pipe,
++    ngx_http_lua_pipe_ctx_t *pipe_ctx, u_char **buf, size_t *buf_size);
++static ngx_int_t ngx_http_lua_pipe_add_input_buffer(ngx_http_lua_pipe_t *pipe,
++    ngx_http_lua_pipe_ctx_t *pipe_ctx);
++static ngx_int_t ngx_http_lua_pipe_read_all(void *data, ssize_t bytes);
++static ngx_int_t ngx_http_lua_pipe_read_bytes(void *data, ssize_t bytes);
++static ngx_int_t ngx_http_lua_pipe_read_line(void *data, ssize_t bytes);
++static ngx_int_t ngx_http_lua_pipe_read_any(void *data, ssize_t bytes);
++static ngx_int_t ngx_http_lua_pipe_read(ngx_http_lua_pipe_t *pipe,
++    ngx_http_lua_pipe_ctx_t *pipe_ctx);
++static ngx_int_t ngx_http_lua_pipe_init_ctx(
++    ngx_http_lua_pipe_ctx_t **pipe_ctx_pt, int fd, ngx_pool_t *pool,
++    u_char *errbuf, size_t *errbuf_size);
++static ngx_int_t ngx_http_lua_pipe_write(ngx_http_lua_pipe_t *pipe,
++    ngx_http_lua_pipe_ctx_t *pipe_ctx);
++static int ngx_http_lua_pipe_read_stdout_retval(
++    ngx_http_lua_ffi_pipe_proc_t *proc, lua_State *L);
++static int ngx_http_lua_pipe_read_stderr_retval(
++    ngx_http_lua_ffi_pipe_proc_t *proc, lua_State *L);
++static int ngx_http_lua_pipe_read_retval_helper(
++    ngx_http_lua_ffi_pipe_proc_t *proc, lua_State *L, int from_stderr);
++static int ngx_http_lua_pipe_write_retval(ngx_http_lua_ffi_pipe_proc_t *proc,
++    lua_State *L);
++static int ngx_http_lua_pipe_wait_retval(ngx_http_lua_ffi_pipe_proc_t *proc,
++    lua_State *L);
++static void ngx_http_lua_pipe_resume_helper(ngx_event_t *ev,
++    ngx_http_lua_co_ctx_t *wait_co_ctx);
++static void ngx_http_lua_pipe_resume_read_stdout_handler(ngx_event_t *ev);
++static void ngx_http_lua_pipe_resume_read_stderr_handler(ngx_event_t *ev);
++static void ngx_http_lua_pipe_resume_write_handler(ngx_event_t *ev);
++static void ngx_http_lua_pipe_resume_wait_handler(ngx_event_t *ev);
++static ngx_int_t ngx_http_lua_pipe_resume(ngx_http_request_t *r);
++static void ngx_http_lua_pipe_dummy_event_handler(ngx_event_t *ev);
++static void ngx_http_lua_pipe_clear_event(ngx_event_t *ev);
++static void ngx_http_lua_pipe_proc_read_stdout_cleanup(void *data);
++static void ngx_http_lua_pipe_proc_read_stderr_cleanup(void *data);
++static void ngx_http_lua_pipe_proc_write_cleanup(void *data);
++static void ngx_http_lua_pipe_proc_wait_cleanup(void *data);
++
++
++static ngx_rbtree_t       ngx_http_lua_pipe_rbtree;
++static ngx_rbtree_node_t  ngx_http_lua_pipe_proc_sentinel;
++
++
++#if (NGX_HTTP_LUA_HAVE_SIGNALFD)
++static int                                ngx_http_lua_signalfd;
++static struct signalfd_siginfo            ngx_http_lua_pipe_notification;
++
++#define ngx_http_lua_read_sigfd           ngx_http_lua_signalfd
++
++#else
++static int                                ngx_http_lua_sigchldfd[2];
++static u_char                             ngx_http_lua_pipe_notification[1];
++
++#define ngx_http_lua_read_sigfd           ngx_http_lua_sigchldfd[0]
++#define ngx_http_lua_write_sigfd          ngx_http_lua_sigchldfd[1]
++#endif
++
++
++static ngx_connection_t                  *ngx_http_lua_sigfd_conn = NULL;
++
++
++/* The below signals are ignored by Nginx.
++ * We need to reset them for the spawned child processes. */
++ngx_http_lua_pipe_signal_t ngx_signals[] = {
++    { SIGSYS, "SIGSYS" },
++    { SIGPIPE, "SIGPIPE" },
++    { 0, NULL }
++};
++
++
++enum {
++    PIPE_ERR_CLOSED = 1,
++    PIPE_ERR_SYSCALL,
++    PIPE_ERR_NOMEM,
++    PIPE_ERR_TIMEOUT,
++    PIPE_ERR_ADD_READ_EV,
++    PIPE_ERR_ADD_WRITE_EV
++};
++
++
++enum {
++    PIPE_READ_ALL = 0,
++    PIPE_READ_BYTES,
++    PIPE_READ_LINE,
++    PIPE_READ_ANY
++};
++
++
++#define REASON_EXIT         "exit"
++#define REASON_SIGNAL       "signal"
++#define REASON_UNKNOWN      "unknown"
++
++#define REASON_RUNNING_CODE  0
++#define REASON_EXIT_CODE     1
++#define REASON_SIGNAL_CODE   2
++#define REASON_UNKNOWN_CODE  3
++
++
++void
++ngx_http_lua_pipe_init(void)
++{
++    ngx_rbtree_init(&ngx_http_lua_pipe_rbtree,
++                    &ngx_http_lua_pipe_proc_sentinel, ngx_rbtree_insert_value);
++}
++
++
++ngx_int_t
++ngx_http_lua_pipe_add_signal_handler(ngx_cycle_t *cycle)
++{
++    ngx_event_t         *rev;
++#if (NGX_HTTP_LUA_HAVE_SIGNALFD)
++    sigset_t             set;
++
++#else
++    int                  rc;
++    struct sigaction     sa;
++#endif
++
++#if (NGX_HTTP_LUA_HAVE_SIGNALFD)
++    if (sigemptyset(&set) != 0) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe init signal set failed");
++        return NGX_ERROR;
++    }
++
++    if (sigaddset(&set, SIGCHLD) != 0) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe add SIGCHLD to signal set failed");
++        return NGX_ERROR;
++    }
++
++    if (sigprocmask(SIG_BLOCK, &set, NULL) != 0) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe block SIGCHLD failed");
++        return NGX_ERROR;
++    }
++
++    ngx_http_lua_signalfd = signalfd(-1, &set, SFD_NONBLOCK|SFD_CLOEXEC);
++    if (ngx_http_lua_signalfd < 0) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe create signalfd instance failed");
++        return NGX_ERROR;
++    }
++
++#else /* !(NGX_HTTP_LUA_HAVE_SIGNALFD) */
++#   if (NGX_HTTP_LUA_HAVE_PIPE2)
++    rc = pipe2(ngx_http_lua_sigchldfd, O_NONBLOCK|O_CLOEXEC);
++#   else
++    rc = pipe(ngx_http_lua_sigchldfd);
++#   endif
++
++    if (rc == -1) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe init SIGCHLD fd failed");
++        return NGX_ERROR;
++    }
++
++#   if !(NGX_HTTP_LUA_HAVE_PIPE2)
++    if (ngx_nonblocking(ngx_http_lua_read_sigfd) == -1) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno, "lua pipe "
++                      ngx_nonblocking_n " SIGCHLD read fd failed");
++        goto failed;
++    }
++
++    if (ngx_nonblocking(ngx_http_lua_write_sigfd) == -1) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno, "lua pipe "
++                      ngx_nonblocking_n " SIGCHLD write fd failed");
++        goto failed;
++    }
++
++    /* it's ok not to set the pipe fd with O_CLOEXEC. This requires
++     * extra syscall */
++#   endif /* !(NGX_HTTP_LUA_HAVE_PIPE2) */
++#endif /* NGX_HTTP_LUA_HAVE_SIGNALFD */
++
++    ngx_http_lua_sigfd_conn = ngx_get_connection(ngx_http_lua_read_sigfd,
++                                                 cycle->log);
++    if (ngx_http_lua_sigfd_conn == NULL) {
++        goto failed;
++    }
++
++    ngx_http_lua_sigfd_conn->log = cycle->log;
++    ngx_http_lua_sigfd_conn->recv = ngx_http_lua_pipe_fd_read;
++    rev = ngx_http_lua_sigfd_conn->read;
++    rev->log = ngx_http_lua_sigfd_conn->log;
++    rev->handler = ngx_http_lua_pipe_sigchld_event_handler;
++
++#ifdef HAVE_SOCKET_CLOEXEC_PATCH
++    rev->skip_socket_leak_check = 1;
++#endif
++
++    if (ngx_handle_read_event(rev, 0) == NGX_ERROR) {
++        goto failed;
++    }
++
++#if !(NGX_HTTP_LUA_HAVE_SIGNALFD)
++    ngx_memzero(&sa, sizeof(struct sigaction));
++    sa.sa_sigaction = ngx_http_lua_pipe_sigchld_handler;
++    sa.sa_flags = SA_SIGINFO;
++
++    if (sigemptyset(&sa.sa_mask) != 0) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe init signal mask failed");
++        goto failed;
++    }
++
++    if (sigaction(SIGCHLD, &sa, NULL) == -1) {
++        ngx_log_error(NGX_LOG_ERR, cycle->log, ngx_errno,
++                      "lua pipe sigaction(SIGCHLD) failed");
++        goto failed;
++    }
++#endif
++
++    return NGX_OK;
++
++failed:
++
++    if (ngx_http_lua_sigfd_conn != NULL) {
++        ngx_close_connection(ngx_http_lua_sigfd_conn);
++        ngx_http_lua_sigfd_conn = NULL;
++    }
++
++    if (close(ngx_http_lua_read_sigfd) == -1) {
++        ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
++                      "lua pipe close the read sigfd failed");
++    }
++
++#if !(NGX_HTTP_LUA_HAVE_SIGNALFD)
++    if (close(ngx_http_lua_write_sigfd) == -1) {
++        ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
++                      "lua pipe close the write sigfd failed");
++    }
++#endif
++
++    return NGX_ERROR;
++}
++
++
++static ngx_rbtree_node_t *
++ngx_http_lua_pipe_lookup_pid(ngx_rbtree_key_t key)
++{
++    ngx_rbtree_node_t    *node, *sentinel;
++
++    node = ngx_http_lua_pipe_rbtree.root;
++    sentinel = ngx_http_lua_pipe_rbtree.sentinel;
++
++    while (node != sentinel) {
++        if (key < node->key) {
++            node = node->left;
++            continue;
++        }
++
++        if (key > node->key) {
++            node = node->right;
++            continue;
++        }
++
++        return node;
++    }
++
++    return NULL;
++}
++
++
++#if !(NGX_HTTP_LUA_HAVE_SIGNALFD)
++static void
++ngx_http_lua_pipe_sigchld_handler(int signo, siginfo_t *siginfo,
++    void *ucontext)
++{
++    ngx_err_t                        err, saved_err;
++    ngx_int_t                        n;
++
++    saved_err = ngx_errno;
++
++    for ( ;; ) {
++        n = write(ngx_http_lua_write_sigfd, ngx_http_lua_pipe_notification,
++                  sizeof(ngx_http_lua_pipe_notification));
++
++        ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0,
++                       "lua pipe SIGCHLD fd write siginfo:%p", siginfo);
++
++        if (n >= 0) {
++            break;
++        }
++
++        err = ngx_errno;
++
++        if (err != NGX_EINTR) {
++            if (err != NGX_EAGAIN) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, err,
++                              "lua pipe SIGCHLD fd write failed");
++            }
++
++            break;
++        }
++
++        ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, err,
++                       "lua pipe SIGCHLD fd write was interrupted");
++    }
++
++    ngx_set_errno(saved_err);
++}
++#endif
++
++
++static void
++ngx_http_lua_pipe_sigchld_event_handler(ngx_event_t *ev)
++{
++    int                              n;
++    int                              status;
++    ngx_pid_t                        pid;
++    ngx_connection_t                *c = ev->data;
++    ngx_rbtree_node_t               *node;
++    ngx_http_lua_pipe_node_t        *pipe_node;
++
++    ngx_log_debug0(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0,
++                   "lua pipe reaping children");
++
++    for ( ;; ) {
++#if (NGX_HTTP_LUA_HAVE_SIGNALFD)
++        n = c->recv(c, (u_char *) &ngx_http_lua_pipe_notification,
++#else
++        n = c->recv(c, ngx_http_lua_pipe_notification,
++#endif
++                    sizeof(ngx_http_lua_pipe_notification));
++
++        if (n <= 0) {
++            if (n == NGX_ERROR) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe SIGCHLD fd read failed");
++            }
++
++            break;
++        }
++
++        for ( ;; ) {
++            pid = waitpid(-1, &status, WNOHANG);
++
++            if (pid == 0) {
++                break;
++            }
++
++            if (pid < 0) {
++                if (ngx_errno != NGX_ECHILD) {
++                    ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                                  "lua pipe waitpid failed");
++                }
++
++                break;
++            }
++
++            /* This log is ported from Nginx's signal handler since we override
++             * or block it in this implementation. */
++            ngx_log_error(NGX_LOG_NOTICE, ngx_cycle->log, 0,
++                          "signal %d (SIGCHLD) received from %P",
++                          SIGCHLD, pid);
++
++            ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
++                           "lua pipe SIGCHLD fd read pid:%P status:%d", pid,
++                           status);
++
++            node = ngx_http_lua_pipe_lookup_pid(pid);
++            if (node != NULL) {
++                pipe_node = (ngx_http_lua_pipe_node_t *) &node->color;
++                if (pipe_node->wait_co_ctx != NULL) {
++                    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
++                                   "lua pipe resume process:%p waiting for %P",
++                                   pipe_node->proc, pid);
++
++                    /*
++                     * We need the extra parentheses around the first argument
++                     * of ngx_post_event() just to work around macro issues in
++                     * nginx cores older than 1.7.12 (exclusive).
++                     */
++                    ngx_post_event((&pipe_node->wait_co_ctx->sleep),
++                                   &ngx_posted_events);
++                }
++
++                pipe_node->proc->pipe->dead = 1;
++
++                if (WIFSIGNALED(status)) {
++                    pipe_node->status = WTERMSIG(status);
++                    pipe_node->reason_code = REASON_SIGNAL_CODE;
++
++                } else if (WIFEXITED(status)) {
++                    pipe_node->status = WEXITSTATUS(status);
++                    pipe_node->reason_code = REASON_EXIT_CODE;
++
++                } else {
++                    ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, 0,
++                                  "lua pipe unknown exit status %d from "
++                                  "process %P", status, pid);
++                    pipe_node->status = status;
++                    pipe_node->reason_code = REASON_UNKNOWN_CODE;
++                }
++            }
++        }
++    }
++}
++
++
++static ssize_t
++ngx_http_lua_pipe_fd_read(ngx_connection_t *c, u_char *buf, size_t size)
++{
++    ssize_t       n;
++    ngx_err_t     err;
++    ngx_event_t  *rev;
++
++    rev = c->read;
++
++    do {
++        n = read(c->fd, buf, size);
++
++        err = ngx_errno;
++
++        ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
++                       "read: fd:%d %z of %uz", c->fd, n, size);
++
++        if (n == 0) {
++            rev->ready = 0;
++            rev->eof = 1;
++            return 0;
++        }
++
++        if (n > 0) {
++            if ((size_t) n < size
++                && !(ngx_event_flags & NGX_USE_GREEDY_EVENT))
++            {
++                rev->ready = 0;
++            }
++
++            return n;
++        }
++
++        if (err == NGX_EAGAIN || err == NGX_EINTR) {
++            ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, err,
++                           "read() not ready");
++            n = NGX_AGAIN;
++
++        } else {
++            n = ngx_connection_error(c, err, "read() failed");
++            break;
++        }
++
++    } while (err == NGX_EINTR);
++
++    rev->ready = 0;
++
++    if (n == NGX_ERROR) {
++        rev->error = 1;
++    }
++
++    return n;
++}
++
++
++static ssize_t
++ngx_http_lua_pipe_fd_write(ngx_connection_t *c, u_char *buf, size_t size)
++{
++    ssize_t       n;
++    ngx_err_t     err;
++    ngx_event_t  *wev;
++
++    wev = c->write;
++
++    do {
++        n = write(c->fd, buf, size);
++
++        ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
++                       "write: fd:%d %z of %uz", c->fd, n, size);
++
++        if (n >= 0) {
++            if ((size_t) n != size) {
++                wev->ready = 0;
++            }
++
++            return n;
++        }
++
++        err = ngx_errno;
++
++        if (err == NGX_EAGAIN || err == NGX_EINTR) {
++            ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, err,
++                           "write() not ready");
++            n = NGX_AGAIN;
++
++        } else if (err != NGX_EPIPE) {
++            n = ngx_connection_error(c, err, "write() failed");
++            break;
++        }
++
++    } while (err == NGX_EINTR);
++
++    wev->ready = 0;
++
++    if (n == NGX_ERROR) {
++        wev->error = 1;
++    }
++
++    return n;
++}
++
++
++int
++ngx_http_lua_ffi_pipe_spawn(ngx_http_lua_ffi_pipe_proc_t *proc,
++    const char *file, const char **argv, int merge_stderr, size_t buffer_size,
++    u_char *errbuf, size_t *errbuf_size)
++{
++    int                             rc;
++    int                             in[2];
++    int                             out[2];
++    int                             err[2];
++    int                             stdin_fd, stdout_fd, stderr_fd;
++    int                             errlog_fd, temp_errlog_fd;
++    ngx_pid_t                       pid;
++    ssize_t                         pool_size;
++    ngx_pool_t                     *pool;
++    ngx_uint_t                      i;
++    ngx_listening_t                *ls;
++    ngx_http_lua_pipe_t            *pp;
++    ngx_rbtree_node_t              *node;
++    ngx_http_lua_pipe_node_t       *pipe_node;
++    struct sigaction                sa;
++    ngx_http_lua_pipe_signal_t     *sig;
++    sigset_t                        set;
++
++    pool_size = ngx_align(NGX_MIN_POOL_SIZE + buffer_size * 2,
++                          NGX_POOL_ALIGNMENT);
++
++    pool = ngx_create_pool(pool_size, ngx_cycle->log);
++    if (pool == NULL) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size, "no memory")
++                       - errbuf;
++        return NGX_ERROR;
++    }
++
++    pp = ngx_pcalloc(pool, sizeof(ngx_http_lua_pipe_t)
++                     + offsetof(ngx_rbtree_node_t, color)
++                     + sizeof(ngx_http_lua_pipe_node_t));
++    if (pp == NULL) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size, "no memory")
++                       - errbuf;
++        goto free_pool;
++    }
++
++    rc = pipe(in);
++    if (rc == -1) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size, "pipe failed: %s",
++                                    strerror(errno))
++                       - errbuf;
++        goto free_pool;
++    }
++
++    rc = pipe(out);
++    if (rc == -1) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size, "pipe failed: %s",
++                                    strerror(errno))
++                       - errbuf;
++        goto close_in_fd;
++    }
++
++    if (!merge_stderr) {
++        rc = pipe(err);
++        if (rc == -1) {
++            *errbuf_size = ngx_snprintf(errbuf, *errbuf_size,
++                                        "pipe failed: %s", strerror(errno))
++                           - errbuf;
++            goto close_in_out_fd;
++        }
++    }
++
++    pid = fork();
++    if (pid == -1) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size, "fork failed: %s",
++                                    strerror(errno))
++                       - errbuf;
++        goto close_in_out_err_fd;
++    }
++
++    if (pid == 0) {
++
++#if (NGX_HAVE_CPU_AFFINITY)
++        /* reset the CPU affinity mask */
++        ngx_uint_t     log_level;
++        ngx_cpuset_t   child_cpu_affinity;
++
++        if (ngx_process == NGX_PROCESS_WORKER
++            && ngx_get_cpu_affinity(ngx_worker) != NULL)
++        {
++            CPU_ZERO(&child_cpu_affinity);
++
++            for (i = 0; i < (ngx_uint_t) ngx_min(ngx_ncpu, CPU_SETSIZE); i++) {
++                CPU_SET(i, &child_cpu_affinity);
++            }
++
++            log_level = ngx_cycle->log->log_level;
++            ngx_cycle->log->log_level = NGX_LOG_WARN;
++            ngx_setaffinity(&child_cpu_affinity, ngx_cycle->log);
++            ngx_cycle->log->log_level = log_level;
++        }
++#endif
++
++        /* reset the handler of ignored signals to the default */
++        for (sig = ngx_signals; sig->signo != 0; sig++) {
++            ngx_memzero(&sa, sizeof(struct sigaction));
++            sa.sa_handler = SIG_DFL;
++
++            if (sigemptyset(&sa.sa_mask) != 0) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe child init signal mask failed");
++                exit(EXIT_FAILURE);
++            }
++
++            if (sigaction(sig->signo, &sa, NULL) == -1) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe child reset signal handler for %s "
++                              "failed", sig->signame);
++                exit(EXIT_FAILURE);
++            }
++        }
++
++        /* reset signal mask */
++        if (sigemptyset(&set) != 0) {
++            ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                          "lua pipe child init signal set failed");
++            exit(EXIT_FAILURE);
++        }
++
++        if (sigprocmask(SIG_SETMASK, &set, NULL) != 0) {
++            ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                          "lua pipe child reset signal mask failed");
++            exit(EXIT_FAILURE);
++        }
++
++        /* close listening socket fd */
++        ls = ngx_cycle->listening.elts;
++        for (i = 0; i < ngx_cycle->listening.nelts; i++) {
++            if (ngx_close_socket(ls[i].fd) == -1) {
++                ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_socket_errno,
++                              "lua pipe child " ngx_close_socket_n
++                              " %V failed", &ls[i].addr_text);
++            }
++        }
++
++        /* close and dup pipefd */
++        if (close(in[1]) == -1) {
++            ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                          "lua pipe child failed to close the in[1] "
++                          "pipe fd");
++        }
++
++        if (close(out[0]) == -1) {
++            ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                          "lua pipe child failed to close the out[0] "
++                          "pipe fd");
++        }
++
++        if (ngx_cycle->log->file && ngx_cycle->log->file->fd == STDERR_FILENO) {
++            errlog_fd = ngx_cycle->log->file->fd;
++            temp_errlog_fd = dup(errlog_fd);
++
++            if (temp_errlog_fd == -1) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe child dup errlog fd failed");
++                exit(EXIT_FAILURE);
++            }
++
++            if (ngx_cloexec(temp_errlog_fd) == -1) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe child new errlog fd " ngx_cloexec_n
++                              " failed");
++            }
++
++            ngx_log_debug2(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
++                           "lua pipe child dup old errlog fd %d to new fd %d",
++                           ngx_cycle->log->file->fd, temp_errlog_fd);
++
++            ngx_cycle->log->file->fd = temp_errlog_fd;
++        }
++
++        if (dup2(in[0], STDIN_FILENO) == -1) {
++            ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                          "lua pipe child dup2 stdin failed");
++            exit(EXIT_FAILURE);
++        }
++
++        if (dup2(out[1], STDOUT_FILENO) == -1) {
++            ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                          "lua pipe child dup2 stdout failed");
++            exit(EXIT_FAILURE);
++        }
++
++        if (merge_stderr) {
++            if (dup2(STDOUT_FILENO, STDERR_FILENO) == -1) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe child dup2 stderr failed");
++                exit(EXIT_FAILURE);
++            }
++
++        } else {
++            if (close(err[0]) == -1) {
++                ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                              "lua pipe child failed to close the err[0] "
++                              "pipe fd");
++            }
++
++            if (dup2(err[1], STDERR_FILENO) == -1) {
++                ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                              "lua pipe child dup2 stderr failed");
++                exit(EXIT_FAILURE);
++            }
++        }
++
++        if (execvp(file, (char * const *) argv) == -1) {
++            ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, ngx_errno,
++                          "lua pipe child execvp() failed while executing %s",
++                          file);
++        }
++
++        exit(EXIT_FAILURE);
++    }
++
++    /* parent process */
++    if (close(in[0]) == -1) {
++        ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                      "lua pipe: failed to close the in[0] pipe fd");
++    }
++
++    stdin_fd = in[1];
++
++    if (ngx_nonblocking(stdin_fd) == -1) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size,
++                                    ngx_nonblocking_n " failed: %s",
++                                    strerror(errno))
++                       - errbuf;
++        goto close_in_out_err_fd;
++    }
++
++    pp->stdin_fd = stdin_fd;
++
++    if (close(out[1]) == -1) {
++        ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                      "lua pipe: failed to close the out[1] pipe fd");
++    }
++
++    stdout_fd = out[0];
++
++    if (ngx_nonblocking(stdout_fd) == -1) {
++        *errbuf_size = ngx_snprintf(errbuf, *errbuf_size,
++                                    ngx_nonblocking_n " failed: %s",
++                                    strerror(errno))
++                       - errbuf;
++        goto close_in_out_err_fd;
++    }
++
++    pp->stdout_fd = stdout_fd;
++
++    if (!merge_stderr) {
++        if (close(err[1]) == -1) {
++            ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                          "lua pipe: failed to close the err[1] pipe fd");
++        }
++
++        stderr_fd = err[0];
++
++        if (ngx_nonblocking(stderr_fd) == -1) {
++            *errbuf_size = ngx_snprintf(errbuf, *errbuf_size,
++                                        ngx_nonblocking_n " failed: %s",
++                                        strerror(errno))
++                           - errbuf;
++            goto close_in_out_err_fd;
++        }
++
++        pp->stderr_fd = stderr_fd;
++    }
++
++    node = (ngx_rbtree_node_t *) (pp + 1);
++    node->key = pid;
++    pipe_node = (ngx_http_lua_pipe_node_t *) &node->color;
++    pipe_node->proc = proc;
++    ngx_rbtree_insert(&ngx_http_lua_pipe_rbtree, node);
++
++    pp->node = node;
++    pp->pool = pool;
++    pp->merge_stderr = merge_stderr;
++    pp->buffer_size = buffer_size;
++
++    proc->_pid = pid;
++    proc->write_timeout = 10000;
++    proc->stdout_read_timeout = 10000;
++    proc->stderr_read_timeout = 10000;
++    proc->wait_timeout = 10000;
++    proc->pipe = pp;
++
++    ngx_log_debug4(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0,
++                   "lua pipe spawn process:%p pid:%P merge_stderr:%d "
++                   "buffer_size:%uz", proc, pid, merge_stderr, buffer_size);
++    return NGX_OK;
++
++close_in_out_err_fd:
++
++    if (!merge_stderr) {
++        if (close(err[0]) == -1) {
++            ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                          "failed to close the err[0] pipe fd");
++        }
++
++        if (close(err[1]) == -1) {
++            ngx_log_error(NGX_LOG_EMERG, ngx_cycle->log, ngx_errno,
++                          "failed to close the err[1] pipe fd");
++        }
++    }
++
++close_in_out_fd:
++
++    if (close(out[0]) == -1) {

Ubuntunginx package

Merge ~paelzer/ubuntu/+source/nginx:lp-1874831-nchan-bump-lp-1893753-lua-FOCAL into ubuntu/+source/nginx:ubuntu/focal-devel

Commit message

Description of the change

Unmerged commits

Preview Diff

Subscribers

Ubuntu
nginx package