lp:~titusx/nginx/mainline

Created by TitusX on 2014-05-03 and last modified on 2019-08-19
Get this branch:
bzr branch lp:~titusx/nginx/mainline

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
TitusX
Project:
Nginx
Status:
Mature

Import details

Import Status: Reviewed

This branch is an import of the HEAD branch of the Git repository at https://github.com/nginx/nginx.git.

The next import is scheduled to run in 34 minutes.

Last successful import was 5 hours ago.

Import started 5 hours ago on alnitak and finished 5 hours ago taking 25 seconds — see the log
Import started 11 hours ago on alnitak and finished 11 hours ago taking 25 seconds — see the log
Import started 18 hours ago on alnitak and finished 18 hours ago taking 25 seconds — see the log
Import started on 2019-08-23 on alnitak and finished on 2019-08-23 taking 30 seconds — see the log
Import started on 2019-08-23 on alnitak and finished on 2019-08-23 taking 25 seconds — see the log
Import started on 2019-08-23 on alnitak and finished on 2019-08-23 taking 25 seconds — see the log
Import started on 2019-08-23 on alnitak and finished on 2019-08-23 taking 25 seconds — see the log
Import started on 2019-08-22 on alnitak and finished on 2019-08-22 taking 25 seconds — see the log
Import started on 2019-08-22 on alnitak and finished on 2019-08-22 taking 25 seconds — see the log
Import started on 2019-08-22 on alnitak and finished on 2019-08-22 taking 25 seconds — see the log

Recent revisions

6604. By Sergey Kandaurov <email address hidden> on 2019-08-19

HTTP/2: discard remaining request body after redirect.

Previously, if unbuffered request body reading wasn't finished before
the request was redirected to a different location using error_page
or X-Accel-Redirect, and the request body is read again, this could
lead to disastrous effects, such as a duplicate post_handler call or
"http request count is zero" alert followed by a segmentation fault.

This happened in the following configuration (ticket #1819):

    location / {
        proxy_request_buffering off;
        proxy_pass http://bad;
        proxy_intercept_errors on;
        error_page 502 = /error;
    }

    location /error {
        proxy_pass http://backend;
    }

6603. By Maxim Dounin <email address hidden> on 2019-08-16

SSL: lowered log level for WSAECONNABORTED errors on Windows.

Winsock uses ECONNABORTED instead of ECONNRESET in some cases.
For non-SSL connections this is already handled since baad3036086e.

Reported at
http://mailman.nginx.org/pipermail/nginx-ru/2019-August/062363.html.

6602. By Maxim Dounin <email address hidden> on 2019-08-16

Version bump.

6601. By Maxim Dounin <email address hidden> on 2019-08-13

release-1.17.3 tag

6600. By Maxim Dounin <email address hidden> on 2019-08-13

nginx-1.17.3-RELEASE

6599. By Ruslan Ermilov <email address hidden> on 2019-08-13

HTTP/2: limited number of PRIORITY frames.

Fixed excessive CPU usage caused by a peer that continuously shuffles
priority of streams. Fix is to limit the number of PRIORITY frames.

6598. By Ruslan Ermilov <email address hidden> on 2019-08-13

HTTP/2: limited number of DATA frames.

Fixed excessive memory growth and CPU usage if stream windows are
manipulated in a way that results in generating many small DATA frames.
Fix is to limit the number of simultaneously allocated DATA frames.

6597. By Sergey Kandaurov <email address hidden> on 2019-08-13

HTTP/2: reject zero length headers with PROTOCOL_ERROR.

Fixed uncontrolled memory growth if peer sends a stream of
headers with a 0-length header name and 0-length header value.
Fix is to reject headers with zero name length.

6596. By Maxim Dounin <email address hidden> on 2019-08-01

Mail: fixed duplicate resolving.

When using SMTP with SSL and resolver, read events might be enabled
during address resolving, leading to duplicate ngx_mail_ssl_handshake_handler()
calls if something arrives from the client, and duplicate session
initialization - including starting another resolving. This can lead
to a segmentation fault if the session is closed after first resolving
finished. Fix is to block read events while resolving.

Reported by Robert Norris,
http://mailman.nginx.org/pipermail/nginx/2019-July/058204.html.

6595. By Maxim Dounin <email address hidden> on 2019-07-31

Gzip: fixed "zero size buf" alerts after ac5a741d39cf.

After ac5a741d39cf it is now possible that after zstream.avail_out
reaches 0 and we allocate additional buffer, there will be no more data
to put into this buffer, triggering "zero size buf" alert. Fix is to
reset b->temporary flag in this case.

Additionally, an optimization added to avoid allocating additional buffer
in this case, by checking if last deflate() call returned Z_STREAM_END.
Note that checking for Z_STREAM_END by itself is not enough to fix alerts,
as deflate() can return Z_STREAM_END without producing any output if the
buffer is smaller than gzip trailer.

Reported by Witold Filipczyk,
http://mailman.nginx.org/pipermail/nginx-devel/2019-July/012469.html.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
This branch contains Public information 
Everyone can see this information.

Subscribers