nginxtra 1.2.0.1 → 1.2.1.2

data/lib/nginxtra/error.rb

@@ -9,5 +9,8 @@ module Nginxtra
 
     # Raised when a run command fails
     class RunFailed < StandardError; end
+
+    # Raised if config conversion fails
+    class ConvertFailed < StandardError; end
   end
 end

data/src/nginx/CHANGES

@@ -1,4 +1,49 @@
 
+Changes with nginx 1.2.1                                         05 Jun 2012
+
+    *) Security: now nginx/Windows ignores trailing dot in URI path
+       component, and does not allow URIs with ":$" in it.
+       Thanks to Vladimir Kochetkov, Positive Research Center.
+
+    *) Feature: the "debug_connection" directive now supports IPv6 addresses
+       and the "unix:" parameter.
+
+    *) Feature: the "set_real_ip_from" directive and the "proxy" parameter
+       of the "geo" directive now support IPv6 addresses.
+
+    *) Feature: the "real_ip_recursive", "geoip_proxy", and
+       "geoip_proxy_recursive" directives.
+
+    *) Feature: the "proxy_recursive" parameter of the "geo" directive.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       "resolver" directive was used.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       "fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
+       backend returned incorrect response.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       "rewrite" directive was used and new request arguments in a
+       replacement used variables.
+
+    *) Bugfix: nginx might hog CPU if the open file resource limit was
+       reached.
+
+    *) Bugfix: nginx might loop infinitely over backends if the
+       "proxy_next_upstream" directive with the "http_404" parameter was
+       used and there were backup servers specified in an upstream block.
+
+    *) Bugfix: adding the "down" parameter of the "server" directive might
+       cause unneeded client redistribution among backend servers if the
+       "ip_hash" directive was used.
+
+    *) Bugfix: socket leak.
+       Thanks to Yichun Zhang.
+
+    *) Bugfix: in the ngx_http_fastcgi_module.
+
+
 Changes with nginx 1.2.0                                         23 Apr 2012
 
     *) Bugfix: a segmentation fault might occur in a worker process if the

data/src/nginx/CHANGES.ru

@@ -1,4 +1,50 @@
 
+Изменения в nginx 1.2.1                                           05.06.2012
+
+    *) Безопасность: теперь nginx/Windows игнорирует точку в конце
+       компонента URI и не разрешает URI, содержащие последовательность
+       ":$".
+       Спасибо Владимиру Кочеткову, Positive Research Center.
+
+    *) Добавление: директива debug_connection теперь поддерживает
+       IPv6-адреса и параметр "unix:".
+
+    *) Добавление: директива set_real_ip_from и параметр proxy директивы geo
+       теперь поддерживают IPv6-адреса.
+
+    *) Добавление: директивы real_ip_recursive, geoip_proxy и
+       geoip_proxy_recursive.
+
+    *) Добавление: параметр proxy_recursive директивы geo.
+
+    *) Исправление: в рабочем процессе мог произойти segmentation fault,
+       если использовалась директива resolver.
+
+    *) Исправление: в рабочем процессе мог произойти segmentation fault,
+       если использовались директивы fastcgi_pass, scgi_pass или uwsgi_pass
+       и бэкенд возвращал некорректный ответ.
+
+    *) Исправление: в рабочем процессе мог произойти segmentation fault,
+       если использовалась директива rewrite и в новых аргументах запроса в
+       строке замены использовались переменные.
+
+    *) Исправление: nginx мог нагружать процессор, если было достигнуто
+       ограничение на количество открытых файлов.
+
+    *) Исправление: при использовании директивы proxy_next_upstream с
+       параметром http_404 nginx мог бесконечно перебирать бэкенды, если в
+       блоке upstream был хотя бы один сервер с флагом backup.
+
+    *) Исправление: при использовании директивы ip_hash установка параметра
+       down директивы server могла приводить к ненужному перераспределению
+       клиентов между бэкендами.
+
+    *) Исправление: утечки сокетов.
+       Спасибо Yichun Zhang.
+
+    *) Исправление: в модуле ngx_http_fastcgi_module.
+
+
 Изменения в nginx 1.2.0                                           23.04.2012
 
     *) Исправление: в рабочем процессе мог произойти segmentation fault,

data/src/nginx/src/core/nginx.h

@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1002000
-#define NGINX_VERSION      "1.2.0"
+#define nginx_version      1002001
+#define NGINX_VERSION      "1.2.1"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

data/src/nginx/src/core/ngx_resolver.c

@@ -513,8 +513,10 @@ ngx_resolve_name_locked(ngx_resolver_t *r, ngx_resolver_ctx_t *ctx)
 
         /* lock alloc mutex */
 
-        ngx_resolver_free_locked(r, rn->query);
-        rn->query = NULL;
+        if (rn->query) {
+            ngx_resolver_free_locked(r, rn->query);
+            rn->query = NULL;
+        }
 
         if (rn->cnlen) {
             ngx_resolver_free_locked(r, rn->u.cname);
@@ -1409,6 +1411,9 @@ ngx_resolver_process_a(ngx_resolver_t *r, u_char *buf, size_t last,
             ngx_resolver_free(r, addrs);
         }
 
+        ngx_resolver_free(r, rn->query);
+        rn->query = NULL;
+
         return;
 
     } else if (cname) {
@@ -1441,6 +1446,9 @@ ngx_resolver_process_a(ngx_resolver_t *r, u_char *buf, size_t last,
             (void) ngx_resolve_name_locked(r, ctx);
         }
 
+        ngx_resolver_free(r, rn->query);
+        rn->query = NULL;
+
         return;
     }
 
@@ -1834,6 +1842,10 @@ ngx_resolver_create_name_query(ngx_resolver_node_t *rn, ngx_resolver_ctx_t *ctx)
     p--;
     *p-- = '\0';
 
+    if (ctx->name.len == 0)  {
+        return NGX_DECLINED;
+    }
+
     for (s = ctx->name.data + ctx->name.len - 1; s >= ctx->name.data; s--) {
         if (*s != '.') {
             *p = *s;

data/src/nginx/src/event/ngx_event.c

@@ -1064,38 +1064,34 @@ ngx_event_debug_connection(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 
     ngx_int_t           rc;
     ngx_str_t          *value;
-    ngx_event_debug_t  *dc;
     struct hostent     *h;
-    ngx_cidr_t          cidr;
+    ngx_cidr_t         *cidr;
 
     value = cf->args->elts;
 
-    dc = ngx_array_push(&ecf->debug_connection);
-    if (dc == NULL) {
+    cidr = ngx_array_push(&ecf->debug_connection);
+    if (cidr == NULL) {
         return NGX_CONF_ERROR;
     }
 
-    rc = ngx_ptocidr(&value[1], &cidr);
+#if (NGX_HAVE_UNIX_DOMAIN)
+
+    if (ngx_strcmp(value[1].data, "unix:") == 0) {
+         cidr->family = AF_UNIX;
+         return NGX_CONF_OK;
+    }
+
+#endif
+
+    rc = ngx_ptocidr(&value[1], cidr);
 
     if (rc == NGX_DONE) {
         ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
                            "low address bits of %V are meaningless", &value[1]);
-        rc = NGX_OK;
+        return NGX_CONF_OK;
     }
 
     if (rc == NGX_OK) {
-
-        /* AF_INET only */
-
-        if (cidr.family != AF_INET) {
-            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                               "\"debug_connection\" supports IPv4 only");
-            return NGX_CONF_ERROR;
-        }
-
-        dc->mask = cidr.u.in.mask;
-        dc->addr = cidr.u.in.addr;
-
         return NGX_CONF_OK;
     }
 
@@ -1107,8 +1103,9 @@ ngx_event_debug_connection(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
         return NGX_CONF_ERROR;
     }
 
-    dc->mask = 0xffffffff;
-    dc->addr = *(in_addr_t *)(h->h_addr_list[0]);
+    cidr->family = AF_INET;
+    cidr->u.in.mask = 0xffffffff;
+    cidr->u.in.addr = *(in_addr_t *)(h->h_addr_list[0]);
 
 #else
 
@@ -1142,7 +1139,7 @@ ngx_event_core_create_conf(ngx_cycle_t *cycle)
 #if (NGX_DEBUG)
 
     if (ngx_array_init(&ecf->debug_connection, cycle->pool, 4,
-                       sizeof(ngx_event_debug_t)) == NGX_ERROR)
+                       sizeof(ngx_cidr_t)) == NGX_ERROR)
     {
         return NULL;
     }

data/src/nginx/src/event/ngx_event.h

@@ -221,12 +221,6 @@ struct ngx_event_aio_s {
 #endif
 
 
-typedef struct {
-    in_addr_t  mask;
-    in_addr_t  addr;
-} ngx_event_debug_t;
-
-
 typedef struct {
     ngx_int_t  (*add)(ngx_event_t *ev, ngx_int_t event, ngx_uint_t flags);
     ngx_int_t  (*del)(ngx_event_t *ev, ngx_int_t event, ngx_uint_t flags);

data/src/nginx/src/event/ngx_event_accept.c

@@ -21,6 +21,7 @@ ngx_event_accept(ngx_event_t *ev)
     socklen_t          socklen;
     ngx_err_t          err;
     ngx_log_t         *log;
+    ngx_uint_t         level;
     ngx_socket_t       s;
     ngx_event_t       *rev, *wev;
     ngx_listening_t   *ls;
@@ -31,6 +32,14 @@ ngx_event_accept(ngx_event_t *ev)
     static ngx_uint_t  use_accept4 = 1;
 #endif
 
+    if (ev->timedout) {
+        if (ngx_enable_accept_events((ngx_cycle_t *) ngx_cycle) != NGX_OK) {
+            return;
+        }
+
+        ev->timedout = 0;
+    }
+
     ecf = ngx_event_get_conf(ngx_cycle->conf_ctx, ngx_event_core_module);
 
     if (ngx_event_flags & NGX_USE_RTSIG_EVENT) {
@@ -70,10 +79,17 @@ ngx_event_accept(ngx_event_t *ev)
                 return;
             }
 
+            level = NGX_LOG_ALERT;
+
+            if (err == NGX_ECONNABORTED) {
+                level = NGX_LOG_ERR;
+
+            } else if (err == NGX_EMFILE || err == NGX_ENFILE) {
+                level = NGX_LOG_CRIT;
+            }
+
 #if (NGX_HAVE_ACCEPT4)
-            ngx_log_error((ngx_uint_t) ((err == NGX_ECONNABORTED) ?
-                                             NGX_LOG_ERR : NGX_LOG_ALERT),
-                          ev->log, err,
+            ngx_log_error(level, ev->log, err,
                           use_accept4 ? "accept4() failed" : "accept() failed");
 
             if (use_accept4 && err == NGX_ENOSYS) {
@@ -82,9 +98,7 @@ ngx_event_accept(ngx_event_t *ev)
                 continue;
             }
 #else
-            ngx_log_error((ngx_uint_t) ((err == NGX_ECONNABORTED) ?
-                                             NGX_LOG_ERR : NGX_LOG_ALERT),
-                          ev->log, err, "accept() failed");
+            ngx_log_error(level, ev->log, err, "accept() failed");
 #endif
 
             if (err == NGX_ECONNABORTED) {
@@ -97,6 +111,26 @@ ngx_event_accept(ngx_event_t *ev)
                 }
             }
 
+            if (err == NGX_EMFILE || err == NGX_ENFILE) {
+                if (ngx_disable_accept_events((ngx_cycle_t *) ngx_cycle)
+                    != NGX_OK)
+                {
+                    return;
+                }
+
+                if (ngx_use_accept_mutex) {
+                    if (ngx_accept_mutex_held) {
+                        ngx_shmtx_unlock(&ngx_accept_mutex);
+                        ngx_accept_mutex_held = 0;
+                    }
+
+                    ngx_accept_disabled = 1;
+
+                } else {
+                    ngx_add_timer(ev, ecf->accept_mutex_delay);
+                }
+            }
+
             return;
         }
 
@@ -252,17 +286,56 @@ ngx_event_accept(ngx_event_t *ev)
 #if (NGX_DEBUG)
         {
 
-        in_addr_t            i;
-        ngx_event_debug_t   *dc;
-        struct sockaddr_in  *sin;
+        struct sockaddr_in   *sin;
+        ngx_cidr_t           *cidr;
+        ngx_uint_t            i;
+#if (NGX_HAVE_INET6)
+        struct sockaddr_in6  *sin6;
+        ngx_uint_t            n;
+#endif
 
-        sin = (struct sockaddr_in *) sa;
-        dc = ecf->debug_connection.elts;
+        cidr = ecf->debug_connection.elts;
         for (i = 0; i < ecf->debug_connection.nelts; i++) {
-            if ((sin->sin_addr.s_addr & dc[i].mask) == dc[i].addr) {
-                log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
+            if (cidr[i].family != c->sockaddr->sa_family) {
+                goto next;
+            }
+
+            switch (cidr[i].family) {
+
+#if (NGX_HAVE_INET6)
+            case AF_INET6:
+                sin6 = (struct sockaddr_in6 *) c->sockaddr;
+                for (n = 0; n < 16; n++) {
+                    if ((sin6->sin6_addr.s6_addr[n]
+                        & cidr[i].u.in6.mask.s6_addr[n])
+                        != cidr[i].u.in6.addr.s6_addr[n])
+                    {
+                        goto next;
+                    }
+                }
+                break;
+#endif
+
+#if (NGX_HAVE_UNIX_DOMAIN)
+            case AF_UNIX:
+                break;
+#endif
+
+            default: /* AF_INET */
+                sin = (struct sockaddr_in *) c->sockaddr;
+                if ((sin->sin_addr.s_addr & cidr[i].u.in.mask)
+                    != cidr[i].u.in.addr)
+                {
+                    goto next;
+                }
                 break;
             }
+
+            log->log_level = NGX_LOG_DEBUG_CONNECTION|NGX_LOG_DEBUG_ALL;
+            break;
+
+        next:
+            continue;
         }
 
         }
@@ -344,6 +417,10 @@ ngx_enable_accept_events(ngx_cycle_t *cycle)
 
         c = ls[i].connection;
 
+        if (c->read->active) {
+            continue;
+        }
+
         if (ngx_event_flags & NGX_USE_RTSIG_EVENT) {
 
             if (ngx_add_conn(c) == NGX_ERROR) {

data/src/nginx/src/event/ngx_event_openssl.c

@@ -995,6 +995,7 @@ ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in, off_t limit)
             }
 
             in->buf->pos += n;
+            c->sent += n;
 
             if (in->buf->pos == in->buf->last) {
                 in = in->next;

data/src/nginx/src/http/modules/ngx_http_fastcgi_module.c

@@ -619,6 +619,7 @@ ngx_http_fastcgi_handler(ngx_http_request_t *r)
     u->process_header = ngx_http_fastcgi_process_header;
     u->abort_request = ngx_http_fastcgi_abort_request;
     u->finalize_request = ngx_http_fastcgi_finalize_request;
+    r->state = 0;
 
     u->buffering = 1;
 
@@ -1194,6 +1195,8 @@ ngx_http_fastcgi_reinit_request(ngx_http_request_t *r)
     f->fastcgi_stdout = 0;
     f->large_stderr = 0;
 
+    r->state = 0;
+
     return NGX_OK;
 }
 
@@ -1353,7 +1356,11 @@ ngx_http_fastcgi_process_header(ngx_http_request_t *r)
                 }
 
             } else {
-                f->state = ngx_http_fastcgi_st_version;
+                if (f->padding) {
+                    f->state = ngx_http_fastcgi_st_padding;
+                } else {
+                    f->state = ngx_http_fastcgi_st_version;
+                }
             }
 
             continue;
@@ -1686,7 +1693,12 @@ ngx_http_fastcgi_input_filter(ngx_event_pipe_t *p, ngx_buf_t *buf)
             }
 
             if (f->type == NGX_HTTP_FASTCGI_STDOUT && f->length == 0) {
-                f->state = ngx_http_fastcgi_st_version;
+
+                if (f->padding) {
+                    f->state = ngx_http_fastcgi_st_padding;
+                } else {
+                    f->state = ngx_http_fastcgi_st_version;
+                }
 
                 if (!flcf->keep_conn) {
                     p->upstream_done = 1;
@@ -1699,7 +1711,13 @@ ngx_http_fastcgi_input_filter(ngx_event_pipe_t *p, ngx_buf_t *buf)
             }
 
             if (f->type == NGX_HTTP_FASTCGI_END_REQUEST) {
-                f->state = ngx_http_fastcgi_st_version;
+
+                if (f->padding) {
+                    f->state = ngx_http_fastcgi_st_padding;
+                } else {
+                    f->state = ngx_http_fastcgi_st_version;
+                }
+
                 p->upstream_done = 1;
 
                 if (flcf->keep_conn) {
@@ -1772,7 +1790,11 @@ ngx_http_fastcgi_input_filter(ngx_event_pipe_t *p, ngx_buf_t *buf)
                 }
 
             } else {
-                f->state = ngx_http_fastcgi_st_version;
+                if (f->padding) {
+                    f->state = ngx_http_fastcgi_st_padding;
+                } else {
+                    f->state = ngx_http_fastcgi_st_version;
+                }
             }
 
             continue;