nginxtra 1.4.4.9 → 1.4.5.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e1593ffeccbe522ab4d9a3f44489adaa158cbe9d
-  data.tar.gz: eb15917c3201fb99073d79e2073ad522b2b74679
+  metadata.gz: 8300fb112197b3b8a5bf7246ef4995d7819215bc
+  data.tar.gz: a0297b62a50d463dc74499af1b739fbdeae968fc
 SHA512:
-  metadata.gz: 67043314e52762e016640ae83c238017d51ba48cfc6cf53e517ea6c413cce9de17edfa0bcbe4ff366913dafc9f751c47bb02c1effbb35ab04c1b3907ec351d77
-  data.tar.gz: 5100c75a0437abdfa52628b49c944c3d450bf3d7db572817843fccea9b3ea85ac696655c92a0a1b4c52b279b4033ea78f9726c8bdc24a17ee2f0b309d9d27a2c
+  metadata.gz: 73fce91fc72879f739b0ba898a24d055e6de98157787b07e9755a27aff4a60843946cb064952fa5701afab59aab7a59e46c690b96d81453674fd74d5ea5a0893
+  data.tar.gz: ebc9a184acf3e931d13fb1cedf30369f7e323bc0ca1e8680e0839ddb78cbd9c4c480f8f302fb46752a1711237e4e7b5c6f9391504adbb21f7382c92b6dda67c9

data/bin/nginxtra

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.4.4.9"
+gem "nginxtra", "= 1.4.5.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::CLI.start

data/bin/nginxtra_rails

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.4.4.9"
+gem "nginxtra", "= 1.4.5.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::Rails::CLI.start

data/lib/nginxtra/version.rb

@@ -6,7 +6,7 @@ module Nginxtra
       end
 
       def to_s
-        "1.4.4.9"
+        "1.4.5.9"
       end
     end
   end

data/vendor/nginx/CHANGES

@@ -1,4 +1,28 @@
 
+Changes with nginx 1.4.5                                         11 Feb 2014
+
+    *) Bugfix: the $ssl_session_id variable contained full session
+       serialized instead of just a session id.
+       Thanks to Ivan Ristić.
+
+    *) Bugfix: client connections might be immediately closed if deferred
+       accept was used; the bug had appeared in 1.3.15.
+
+    *) Bugfix: alerts "zero size buf in output" might appear in logs while
+       proxying; the bug had appeared in 1.3.9.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       ngx_http_spdy_module was used.
+
+    *) Bugfix: proxied WebSocket connections might hang right after
+       handshake if the select, poll, or /dev/poll methods were used.
+
+    *) Bugfix: a timeout might occur while reading client request body in an
+       SSL connection using chunked transfer encoding.
+
+    *) Bugfix: memory leak in nginx/Windows.
+
+
 Changes with nginx 1.4.4                                         19 Nov 2013
 
     *) Security: a character following an unescaped space in a request line

data/vendor/nginx/CHANGES.ru

@@ -1,4 +1,29 @@
 
+Изменения в nginx 1.4.5                                           11.02.2014
+
+    *) Исправление: переменная $ssl_session_id содержала всю сессию в
+       сериализованном виде вместо её идентификатора.
+       Спасибо Ivan Ristić.
+
+    *) Исправление: клиентские соединения могли сразу закрываться, если
+       использовался отложенный accept; ошибка появилась в 1.3.15.
+
+    *) Исправление: при проксировании в логах могли появляться сообщения
+       "zero size buf in output"; ошибка появилась в 1.3.9.
+
+    *) Исправление: в рабочем процессе мог произойти segmentation fault,
+       если использовался модуль ngx_http_spdy_module.
+
+    *) Исправление: при использовании методов обработки соединений select,
+       poll и /dev/poll проксируемые WebSocket-соединения могли зависать
+       сразу после открытия.
+
+    *) Исправление: при чтении тела запроса с использованием chunked
+       transfer encoding по SSL-соединению мог произойти таймаут.
+
+    *) Исправление: утечки памяти в nginx/Windows.
+
+
 Изменения в nginx 1.4.4                                           19.11.2013
 
     *) Безопасность: символ, следующий за незакодированным пробелом в строке

data/vendor/nginx/LICENSE

@@ -1,6 +1,6 @@
 /* 
- * Copyright (C) 2002-2013 Igor Sysoev
- * Copyright (C) 2011-2013 Nginx, Inc.
+ * Copyright (C) 2002-2014 Igor Sysoev
+ * Copyright (C) 2011-2014 Nginx, Inc.
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without

data/vendor/nginx/src/core/nginx.h

@@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1004004
-#define NGINX_VERSION      "1.4.4"
+#define nginx_version      1004005
+#define NGINX_VERSION      "1.4.5"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

data/vendor/nginx/src/core/ngx_connection.c

@@ -647,7 +647,13 @@ ngx_configure_listening_sockets(ngx_cycle_t *cycle)
         if (ls[i].add_deferred || ls[i].delete_deferred) {
 
             if (ls[i].add_deferred) {
-                timeout = (int) (ls[i].post_accept_timeout / 1000);
+                /*
+                 * There is no way to find out how long a connection was
+                 * in queue (and a connection may bypass deferred queue at all
+                 * if syncookies were used), hence we use 1 second timeout
+                 * here.
+                 */
+                timeout = 1;
 
             } else {
                 timeout = 0;

data/vendor/nginx/src/event/ngx_event_openssl.c

@@ -965,6 +965,7 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size)
             size -= n;
 
             if (size == 0) {
+                c->read->ready = 1;
                 return bytes;
             }
 
@@ -974,6 +975,10 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size)
         }
 
         if (bytes) {
+            if (c->ssl->last != NGX_AGAIN) {
+                c->read->ready = 1;
+            }
+
             return bytes;
         }
 
@@ -2224,32 +2229,26 @@ ngx_int_t
 ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
 {
     int           len;
-    u_char       *p, *buf;
+    u_char       *buf;
     SSL_SESSION  *sess;
 
     sess = SSL_get0_session(c->ssl->connection);
-
-    len = i2d_SSL_SESSION(sess, NULL);
-
-    buf = ngx_alloc(len, c->log);
-    if (buf == NULL) {
-        return NGX_ERROR;
+    if (sess == NULL) {
+        s->len = 0;
+        return NGX_OK;
     }
 
+    buf = sess->session_id;
+    len = sess->session_id_length;
+
     s->len = 2 * len;
     s->data = ngx_pnalloc(pool, 2 * len);
     if (s->data == NULL) {
-        ngx_free(buf);
         return NGX_ERROR;
     }
 
-    p = buf;
-    i2d_SSL_SESSION(sess, &p);
-
     ngx_hex_dump(s->data, buf, len);
 
-    ngx_free(buf);
-
     return NGX_OK;
 }
 

data/vendor/nginx/src/http/ngx_http_request.c

@@ -423,20 +423,6 @@ ngx_http_wait_request_handler(ngx_event_t *rev)
 
     if (n == NGX_AGAIN) {
 
-#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
-        if (c->listening->deferred_accept
-#if (NGX_HTTP_SSL)
-            && c->ssl == NULL
-#endif
-            )
-        {
-            ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
-                          "client timed out in deferred accept");
-            ngx_http_close_connection(c);
-            return;
-        }
-#endif
-
         if (!rev->timer_set) {
             ngx_add_timer(rev, c->listening->post_accept_timeout);
             ngx_reusable_connection(c, 1);
@@ -635,15 +621,6 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
     if (n == -1) {
         if (err == NGX_EAGAIN) {
 
-#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
-            if (c->listening->deferred_accept) {
-                ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
-                              "client timed out in deferred accept");
-                ngx_http_close_connection(c);
-                return;
-            }
-#endif
-
             if (!rev->timer_set) {
                 ngx_add_timer(rev, c->listening->post_accept_timeout);
                 ngx_reusable_connection(c, 1);

data/vendor/nginx/src/http/ngx_http_request_body.c

@@ -150,20 +150,27 @@ ngx_http_read_client_request_body(ngx_http_request_t *r,
                 goto done;
             }
 
-            cl = ngx_chain_get_free_buf(r->pool, &rb->free);
-            if (cl == NULL) {
-                return NGX_HTTP_INTERNAL_SERVER_ERROR;
-            }
+            if (rb->temp_file->file.offset != 0) {
 
-            b = cl->buf;
+                cl = ngx_chain_get_free_buf(r->pool, &rb->free);
+                if (cl == NULL) {
+                    rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
+                    goto done;
+                }
 
-            ngx_memzero(b, sizeof(ngx_buf_t));
+                b = cl->buf;
 
-            b->in_file = 1;
-            b->file_last = rb->temp_file->file.offset;
-            b->file = &rb->temp_file->file;
+                ngx_memzero(b, sizeof(ngx_buf_t));
 
-            rb->bufs = cl;
+                b->in_file = 1;
+                b->file_last = rb->temp_file->file.offset;
+                b->file = &rb->temp_file->file;
+
+                rb->bufs = cl;
+
+            } else {
+                rb->bufs = NULL;
+            }
         }
 
         post_handler(r);
@@ -374,20 +381,26 @@ ngx_http_do_read_client_request_body(ngx_http_request_t *r)
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
 
-        cl = ngx_chain_get_free_buf(r->pool, &rb->free);
-        if (cl == NULL) {
-            return NGX_HTTP_INTERNAL_SERVER_ERROR;
-        }
+        if (rb->temp_file->file.offset != 0) {
+
+            cl = ngx_chain_get_free_buf(r->pool, &rb->free);
+            if (cl == NULL) {
+                return NGX_HTTP_INTERNAL_SERVER_ERROR;
+            }
 
-        b = cl->buf;
+            b = cl->buf;
 
-        ngx_memzero(b, sizeof(ngx_buf_t));
+            ngx_memzero(b, sizeof(ngx_buf_t));
+
+            b->in_file = 1;
+            b->file_last = rb->temp_file->file.offset;
+            b->file = &rb->temp_file->file;
 
-        b->in_file = 1;
-        b->file_last = rb->temp_file->file.offset;
-        b->file = &rb->temp_file->file;
+            rb->bufs = cl;
 
-        rb->bufs = cl;
+        } else {
+            rb->bufs = NULL;
+        }
     }
 
     r->read_event_handler = ngx_http_block_reading;
@@ -842,6 +855,10 @@ ngx_http_request_body_length_filter(ngx_http_request_t *r, ngx_chain_t *in)
 
     for (cl = in; cl; cl = cl->next) {
 
+        if (rb->rest == 0) {
+            break;
+        }
+
         tl = ngx_chain_get_free_buf(r->pool, &rb->free);
         if (tl == NULL) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;

data/vendor/nginx/src/http/ngx_http_spdy.c

@@ -2626,6 +2626,10 @@ ngx_http_spdy_close_stream(ngx_http_spdy_stream_t *stream, ngx_int_t rc)
         }
     }
 
+    if (sc->stream == stream) {
+        sc->stream = NULL;
+    }
+
     sscf = ngx_http_get_module_srv_conf(sc->http_connection->conf_ctx,
                                         ngx_http_spdy_module);
 

data/vendor/nginx/src/http/ngx_http_upstream.c

@@ -2459,11 +2459,7 @@ ngx_http_upstream_upgrade(ngx_http_request_t *r, ngx_http_upstream_t *u)
         ngx_http_upstream_process_upgraded(r, 1, 1);
     }
 
-    if (c->read->ready
-        || r->header_in->pos != r->header_in->last)
-    {
-        ngx_http_upstream_process_upgraded(r, 0, 1);
-    }
+    ngx_http_upstream_process_upgraded(r, 0, 1);
 }
 
 

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: nginxtra
 version: !ruby/object:Gem::Version
-  version: 1.4.4.9
+  version: 1.4.5.9
 platform: ruby
 authors:
 - Mike Virata-Stone
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-11-19 00:00:00.000000000 Z
+date: 2014-02-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: thor