nginxtra 1.4.4.9 → 1.4.5.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/nginxtra +1 -1
- data/bin/nginxtra_rails +1 -1
- data/lib/nginxtra/version.rb +1 -1
- data/vendor/nginx/CHANGES +24 -0
- data/vendor/nginx/CHANGES.ru +25 -0
- data/vendor/nginx/LICENSE +2 -2
- data/vendor/nginx/src/core/nginx.h +2 -2
- data/vendor/nginx/src/core/ngx_connection.c +7 -1
- data/vendor/nginx/src/event/ngx_event_openssl.c +12 -13
- data/vendor/nginx/src/http/ngx_http_request.c +0 -23
- data/vendor/nginx/src/http/ngx_http_request_body.c +37 -20
- data/vendor/nginx/src/http/ngx_http_spdy.c +4 -0
- data/vendor/nginx/src/http/ngx_http_upstream.c +1 -5
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 8300fb112197b3b8a5bf7246ef4995d7819215bc
|
4
|
+
data.tar.gz: a0297b62a50d463dc74499af1b739fbdeae968fc
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 73fce91fc72879f739b0ba898a24d055e6de98157787b07e9755a27aff4a60843946cb064952fa5701afab59aab7a59e46c690b96d81453674fd74d5ea5a0893
|
7
|
+
data.tar.gz: ebc9a184acf3e931d13fb1cedf30369f7e323bc0ca1e8680e0839ddb78cbd9c4c480f8f302fb46752a1711237e4e7b5c6f9391504adbb21f7382c92b6dda67c9
|
data/bin/nginxtra
CHANGED
data/bin/nginxtra_rails
CHANGED
data/lib/nginxtra/version.rb
CHANGED
data/vendor/nginx/CHANGES
CHANGED
@@ -1,4 +1,28 @@
|
|
1
1
|
|
2
|
+
Changes with nginx 1.4.5 11 Feb 2014
|
3
|
+
|
4
|
+
*) Bugfix: the $ssl_session_id variable contained full session
|
5
|
+
serialized instead of just a session id.
|
6
|
+
Thanks to Ivan Ristić.
|
7
|
+
|
8
|
+
*) Bugfix: client connections might be immediately closed if deferred
|
9
|
+
accept was used; the bug had appeared in 1.3.15.
|
10
|
+
|
11
|
+
*) Bugfix: alerts "zero size buf in output" might appear in logs while
|
12
|
+
proxying; the bug had appeared in 1.3.9.
|
13
|
+
|
14
|
+
*) Bugfix: a segmentation fault might occur in a worker process if the
|
15
|
+
ngx_http_spdy_module was used.
|
16
|
+
|
17
|
+
*) Bugfix: proxied WebSocket connections might hang right after
|
18
|
+
handshake if the select, poll, or /dev/poll methods were used.
|
19
|
+
|
20
|
+
*) Bugfix: a timeout might occur while reading client request body in an
|
21
|
+
SSL connection using chunked transfer encoding.
|
22
|
+
|
23
|
+
*) Bugfix: memory leak in nginx/Windows.
|
24
|
+
|
25
|
+
|
2
26
|
Changes with nginx 1.4.4 19 Nov 2013
|
3
27
|
|
4
28
|
*) Security: a character following an unescaped space in a request line
|
data/vendor/nginx/CHANGES.ru
CHANGED
@@ -1,4 +1,29 @@
|
|
1
1
|
|
2
|
+
Изменения в nginx 1.4.5 11.02.2014
|
3
|
+
|
4
|
+
*) Исправление: переменная $ssl_session_id содержала всю сессию в
|
5
|
+
сериализованном виде вместо её идентификатора.
|
6
|
+
Спасибо Ivan Ristić.
|
7
|
+
|
8
|
+
*) Исправление: клиентские соединения могли сразу закрываться, если
|
9
|
+
использовался отложенный accept; ошибка появилась в 1.3.15.
|
10
|
+
|
11
|
+
*) Исправление: при проксировании в логах могли появляться сообщения
|
12
|
+
"zero size buf in output"; ошибка появилась в 1.3.9.
|
13
|
+
|
14
|
+
*) Исправление: в рабочем процессе мог произойти segmentation fault,
|
15
|
+
если использовался модуль ngx_http_spdy_module.
|
16
|
+
|
17
|
+
*) Исправление: при использовании методов обработки соединений select,
|
18
|
+
poll и /dev/poll проксируемые WebSocket-соединения могли зависать
|
19
|
+
сразу после открытия.
|
20
|
+
|
21
|
+
*) Исправление: при чтении тела запроса с использованием chunked
|
22
|
+
transfer encoding по SSL-соединению мог произойти таймаут.
|
23
|
+
|
24
|
+
*) Исправление: утечки памяти в nginx/Windows.
|
25
|
+
|
26
|
+
|
2
27
|
Изменения в nginx 1.4.4 19.11.2013
|
3
28
|
|
4
29
|
*) Безопасность: символ, следующий за незакодированным пробелом в строке
|
data/vendor/nginx/LICENSE
CHANGED
@@ -647,7 +647,13 @@ ngx_configure_listening_sockets(ngx_cycle_t *cycle)
|
|
647
647
|
if (ls[i].add_deferred || ls[i].delete_deferred) {
|
648
648
|
|
649
649
|
if (ls[i].add_deferred) {
|
650
|
-
|
650
|
+
/*
|
651
|
+
* There is no way to find out how long a connection was
|
652
|
+
* in queue (and a connection may bypass deferred queue at all
|
653
|
+
* if syncookies were used), hence we use 1 second timeout
|
654
|
+
* here.
|
655
|
+
*/
|
656
|
+
timeout = 1;
|
651
657
|
|
652
658
|
} else {
|
653
659
|
timeout = 0;
|
@@ -965,6 +965,7 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size)
|
|
965
965
|
size -= n;
|
966
966
|
|
967
967
|
if (size == 0) {
|
968
|
+
c->read->ready = 1;
|
968
969
|
return bytes;
|
969
970
|
}
|
970
971
|
|
@@ -974,6 +975,10 @@ ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size)
|
|
974
975
|
}
|
975
976
|
|
976
977
|
if (bytes) {
|
978
|
+
if (c->ssl->last != NGX_AGAIN) {
|
979
|
+
c->read->ready = 1;
|
980
|
+
}
|
981
|
+
|
977
982
|
return bytes;
|
978
983
|
}
|
979
984
|
|
@@ -2224,32 +2229,26 @@ ngx_int_t
|
|
2224
2229
|
ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
|
2225
2230
|
{
|
2226
2231
|
int len;
|
2227
|
-
u_char *
|
2232
|
+
u_char *buf;
|
2228
2233
|
SSL_SESSION *sess;
|
2229
2234
|
|
2230
2235
|
sess = SSL_get0_session(c->ssl->connection);
|
2231
|
-
|
2232
|
-
|
2233
|
-
|
2234
|
-
buf = ngx_alloc(len, c->log);
|
2235
|
-
if (buf == NULL) {
|
2236
|
-
return NGX_ERROR;
|
2236
|
+
if (sess == NULL) {
|
2237
|
+
s->len = 0;
|
2238
|
+
return NGX_OK;
|
2237
2239
|
}
|
2238
2240
|
|
2241
|
+
buf = sess->session_id;
|
2242
|
+
len = sess->session_id_length;
|
2243
|
+
|
2239
2244
|
s->len = 2 * len;
|
2240
2245
|
s->data = ngx_pnalloc(pool, 2 * len);
|
2241
2246
|
if (s->data == NULL) {
|
2242
|
-
ngx_free(buf);
|
2243
2247
|
return NGX_ERROR;
|
2244
2248
|
}
|
2245
2249
|
|
2246
|
-
p = buf;
|
2247
|
-
i2d_SSL_SESSION(sess, &p);
|
2248
|
-
|
2249
2250
|
ngx_hex_dump(s->data, buf, len);
|
2250
2251
|
|
2251
|
-
ngx_free(buf);
|
2252
|
-
|
2253
2252
|
return NGX_OK;
|
2254
2253
|
}
|
2255
2254
|
|
@@ -423,20 +423,6 @@ ngx_http_wait_request_handler(ngx_event_t *rev)
|
|
423
423
|
|
424
424
|
if (n == NGX_AGAIN) {
|
425
425
|
|
426
|
-
#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
|
427
|
-
if (c->listening->deferred_accept
|
428
|
-
#if (NGX_HTTP_SSL)
|
429
|
-
&& c->ssl == NULL
|
430
|
-
#endif
|
431
|
-
)
|
432
|
-
{
|
433
|
-
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
|
434
|
-
"client timed out in deferred accept");
|
435
|
-
ngx_http_close_connection(c);
|
436
|
-
return;
|
437
|
-
}
|
438
|
-
#endif
|
439
|
-
|
440
426
|
if (!rev->timer_set) {
|
441
427
|
ngx_add_timer(rev, c->listening->post_accept_timeout);
|
442
428
|
ngx_reusable_connection(c, 1);
|
@@ -635,15 +621,6 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
|
|
635
621
|
if (n == -1) {
|
636
622
|
if (err == NGX_EAGAIN) {
|
637
623
|
|
638
|
-
#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
|
639
|
-
if (c->listening->deferred_accept) {
|
640
|
-
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
|
641
|
-
"client timed out in deferred accept");
|
642
|
-
ngx_http_close_connection(c);
|
643
|
-
return;
|
644
|
-
}
|
645
|
-
#endif
|
646
|
-
|
647
624
|
if (!rev->timer_set) {
|
648
625
|
ngx_add_timer(rev, c->listening->post_accept_timeout);
|
649
626
|
ngx_reusable_connection(c, 1);
|
@@ -150,20 +150,27 @@ ngx_http_read_client_request_body(ngx_http_request_t *r,
|
|
150
150
|
goto done;
|
151
151
|
}
|
152
152
|
|
153
|
-
|
154
|
-
if (cl == NULL) {
|
155
|
-
return NGX_HTTP_INTERNAL_SERVER_ERROR;
|
156
|
-
}
|
153
|
+
if (rb->temp_file->file.offset != 0) {
|
157
154
|
|
158
|
-
|
155
|
+
cl = ngx_chain_get_free_buf(r->pool, &rb->free);
|
156
|
+
if (cl == NULL) {
|
157
|
+
rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
|
158
|
+
goto done;
|
159
|
+
}
|
159
160
|
|
160
|
-
|
161
|
+
b = cl->buf;
|
161
162
|
|
162
|
-
|
163
|
-
b->file_last = rb->temp_file->file.offset;
|
164
|
-
b->file = &rb->temp_file->file;
|
163
|
+
ngx_memzero(b, sizeof(ngx_buf_t));
|
165
164
|
|
166
|
-
|
165
|
+
b->in_file = 1;
|
166
|
+
b->file_last = rb->temp_file->file.offset;
|
167
|
+
b->file = &rb->temp_file->file;
|
168
|
+
|
169
|
+
rb->bufs = cl;
|
170
|
+
|
171
|
+
} else {
|
172
|
+
rb->bufs = NULL;
|
173
|
+
}
|
167
174
|
}
|
168
175
|
|
169
176
|
post_handler(r);
|
@@ -374,20 +381,26 @@ ngx_http_do_read_client_request_body(ngx_http_request_t *r)
|
|
374
381
|
return NGX_HTTP_INTERNAL_SERVER_ERROR;
|
375
382
|
}
|
376
383
|
|
377
|
-
|
378
|
-
|
379
|
-
|
380
|
-
|
384
|
+
if (rb->temp_file->file.offset != 0) {
|
385
|
+
|
386
|
+
cl = ngx_chain_get_free_buf(r->pool, &rb->free);
|
387
|
+
if (cl == NULL) {
|
388
|
+
return NGX_HTTP_INTERNAL_SERVER_ERROR;
|
389
|
+
}
|
381
390
|
|
382
|
-
|
391
|
+
b = cl->buf;
|
383
392
|
|
384
|
-
|
393
|
+
ngx_memzero(b, sizeof(ngx_buf_t));
|
394
|
+
|
395
|
+
b->in_file = 1;
|
396
|
+
b->file_last = rb->temp_file->file.offset;
|
397
|
+
b->file = &rb->temp_file->file;
|
385
398
|
|
386
|
-
|
387
|
-
b->file_last = rb->temp_file->file.offset;
|
388
|
-
b->file = &rb->temp_file->file;
|
399
|
+
rb->bufs = cl;
|
389
400
|
|
390
|
-
|
401
|
+
} else {
|
402
|
+
rb->bufs = NULL;
|
403
|
+
}
|
391
404
|
}
|
392
405
|
|
393
406
|
r->read_event_handler = ngx_http_block_reading;
|
@@ -842,6 +855,10 @@ ngx_http_request_body_length_filter(ngx_http_request_t *r, ngx_chain_t *in)
|
|
842
855
|
|
843
856
|
for (cl = in; cl; cl = cl->next) {
|
844
857
|
|
858
|
+
if (rb->rest == 0) {
|
859
|
+
break;
|
860
|
+
}
|
861
|
+
|
845
862
|
tl = ngx_chain_get_free_buf(r->pool, &rb->free);
|
846
863
|
if (tl == NULL) {
|
847
864
|
return NGX_HTTP_INTERNAL_SERVER_ERROR;
|
@@ -2626,6 +2626,10 @@ ngx_http_spdy_close_stream(ngx_http_spdy_stream_t *stream, ngx_int_t rc)
|
|
2626
2626
|
}
|
2627
2627
|
}
|
2628
2628
|
|
2629
|
+
if (sc->stream == stream) {
|
2630
|
+
sc->stream = NULL;
|
2631
|
+
}
|
2632
|
+
|
2629
2633
|
sscf = ngx_http_get_module_srv_conf(sc->http_connection->conf_ctx,
|
2630
2634
|
ngx_http_spdy_module);
|
2631
2635
|
|
@@ -2459,11 +2459,7 @@ ngx_http_upstream_upgrade(ngx_http_request_t *r, ngx_http_upstream_t *u)
|
|
2459
2459
|
ngx_http_upstream_process_upgraded(r, 1, 1);
|
2460
2460
|
}
|
2461
2461
|
|
2462
|
-
|
2463
|
-
|| r->header_in->pos != r->header_in->last)
|
2464
|
-
{
|
2465
|
-
ngx_http_upstream_process_upgraded(r, 0, 1);
|
2466
|
-
}
|
2462
|
+
ngx_http_upstream_process_upgraded(r, 0, 1);
|
2467
2463
|
}
|
2468
2464
|
|
2469
2465
|
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nginxtra
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.4.
|
4
|
+
version: 1.4.5.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mike Virata-Stone
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2014-02-11 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|