lp:~titusx/nginx/mainline

Created by TitusX and last modified
Get this branch:
bzr branch lp:~titusx/nginx/mainline

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
TitusX
Project:
Nginx
Status:
Mature

Import details

Import Status: Reviewed

This branch is an import of the HEAD branch of the Git repository at https://github.com/nginx/nginx.git.

The next import is scheduled to run .

Last successful import was .

Import started on juju-1e3bde-prod-lp-code-import-14 and finished taking 20 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-14 and finished taking 1 minute — see the log
Import started on juju-1e3bde-prod-lp-code-import-14 and finished taking 15 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-14 and finished taking 15 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-14 and finished taking 20 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-17 and finished taking 25 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-13 and finished taking 15 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-17 and finished taking 30 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-17 and finished taking 30 seconds — see the log
Import started on juju-1e3bde-prod-lp-code-import-14 and finished taking 20 seconds — see the log

Recent revisions

7066. By Maxim Dounin <email address hidden>

release-1.23.1 tag

7065. By Maxim Dounin <email address hidden>

nginx-1.23.1-RELEASE

7064. By Maxim Dounin <email address hidden>

Updated OpenSSL used for win32 builds.

7063. By Maxim Dounin <email address hidden>

Events: fixed EPOLLRDHUP with FIONREAD (ticket #2367).

When reading exactly rev->available bytes, rev->available might become 0
after FIONREAD usage introduction in efd71d49bde0. On the next call of
ngx_readv_chain() on systems with EPOLLRDHUP this resulted in return without
any actions, that is, with rev->ready set, and this in turn resulted in no
timers set in event pipe, leading to socket leaks.

Fix is to reset rev->ready in ngx_readv_chain() when returning due to
rev->available being 0 with EPOLLRDHUP, much like it is already done in
ngx_unix_recv(). This ensures that if rev->available will become 0, on
systems with EPOLLRDHUP support appropriate EPOLLRDHUP-specific handling
will happen on the next ngx_readv_chain() call.

While here, also synced ngx_readv_chain() to match ngx_unix_recv() and
reset rev->ready when returning due to rev->available being 0 with kqueue.
This is mostly cosmetic change, as rev->ready is anyway reset when
rev->available is set to 0.

7062. By Maxim Dounin <email address hidden>

Range filter: clearing of pre-existing Content-Range headers.

Some servers might emit Content-Range header on 200 responses, and this
does not seem to contradict RFC 9110: as per RFC 9110, the Content-Range
header has no meaning for status codes other than 206 and 416. Previously
this resulted in duplicate Content-Range headers in nginx responses handled
by the range filter. Fix is to clear pre-existing headers.

7061. By Sergey Kandaurov <email address hidden>

Resolver: fixed memory leak for the "ipv4=off" case.

This change partially reverts 2a77754cd9fe to properly free rn->query.

Found by Coverity (CID 1507244).

7060. By Ruslan Ermilov <email address hidden>

The "ipv4=" parameter of the "resolver" directive.

When set to "off", only IPv6 addresses will be resolved, and no
A queries are ever sent (ticket #2196).

7059. By Maxim Dounin <email address hidden>

SSL: logging levels of various errors added in OpenSSL 1.1.1.

Starting with OpenSSL 1.1.1, various additional errors can be reported
by OpenSSL in case of client-related issues, most notably during TLSv1.3
handshakes. In particular, SSL_R_BAD_KEY_SHARE ("bad key share"),
SSL_R_BAD_EXTENSION ("bad extension"), SSL_R_BAD_CIPHER ("bad cipher"),
SSL_R_BAD_ECPOINT ("bad ecpoint"). These are now logged at the "info"
level.

7058. By Maxim Dounin <email address hidden>

Upstream: optimized use of SSL contexts (ticket #1234).

To ensure optimal use of memory, SSL contexts for proxying are now
inherited from previous levels as long as relevant proxy_ssl_* directives
are not redefined.

Further, when no proxy_ssl_* directives are redefined in a server block,
we now preserve plcf->upstream.ssl in the "http" section configuration
to inherit it to all servers.

Similar changes made in uwsgi, grpc, and stream proxy.

7057. By Maxim Dounin <email address hidden>

Version bump.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers