nginxtra 1.4.7.9 → 1.6.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/nginxtra +1 -1
- data/bin/nginxtra_rails +1 -1
- data/lib/nginxtra/version.rb +1 -1
- data/vendor/nginx/CHANGES +286 -19
- data/vendor/nginx/CHANGES.ru +296 -22
- data/vendor/nginx/auto/cc/clang +4 -3
- data/vendor/nginx/auto/cc/conf +23 -0
- data/vendor/nginx/auto/cc/msvc +1 -0
- data/vendor/nginx/auto/cc/name +1 -1
- data/vendor/nginx/auto/cc/owc +4 -4
- data/vendor/nginx/auto/cc/sunc +1 -1
- data/vendor/nginx/auto/endianness +2 -2
- data/vendor/nginx/auto/feature +1 -1
- data/vendor/nginx/auto/include +1 -1
- data/vendor/nginx/auto/lib/libatomic/make +3 -1
- data/vendor/nginx/auto/lib/openssl/conf +4 -0
- data/vendor/nginx/auto/lib/openssl/make +1 -1
- data/vendor/nginx/auto/lib/pcre/conf +5 -0
- data/vendor/nginx/auto/lib/pcre/make +11 -11
- data/vendor/nginx/auto/lib/pcre/makefile.bcc +4 -3
- data/vendor/nginx/auto/lib/pcre/makefile.msvc +2 -1
- data/vendor/nginx/auto/lib/pcre/makefile.owc +2 -1
- data/vendor/nginx/auto/lib/perl/make +1 -0
- data/vendor/nginx/auto/lib/test +1 -1
- data/vendor/nginx/auto/lib/zlib/make +22 -1
- data/vendor/nginx/auto/modules +8 -0
- data/vendor/nginx/auto/options +3 -0
- data/vendor/nginx/auto/os/darwin +1 -1
- data/vendor/nginx/auto/os/linux +32 -0
- data/vendor/nginx/auto/os/win32 +12 -1
- data/vendor/nginx/auto/sources +8 -2
- data/vendor/nginx/auto/types/sizeof +1 -1
- data/vendor/nginx/auto/types/typedef +1 -1
- data/vendor/nginx/auto/types/uintptr_t +1 -1
- data/vendor/nginx/auto/unix +13 -1
- data/vendor/nginx/conf/mime.types +11 -2
- data/vendor/nginx/conf/nginx.conf +3 -4
- data/vendor/nginx/contrib/README +6 -0
- data/vendor/nginx/contrib/vim/ftdetect/nginx.vim +4 -0
- data/vendor/nginx/contrib/vim/indent/nginx.vim +11 -0
- data/vendor/nginx/contrib/vim/syntax/nginx.vim +703 -0
- data/vendor/nginx/src/core/nginx.c +2 -7
- data/vendor/nginx/src/core/nginx.h +2 -2
- data/vendor/nginx/src/core/ngx_conf_file.c +8 -88
- data/vendor/nginx/src/core/ngx_conf_file.h +3 -3
- data/vendor/nginx/src/core/ngx_config.h +2 -2
- data/vendor/nginx/src/core/ngx_connection.c +100 -29
- data/vendor/nginx/src/core/ngx_connection.h +11 -0
- data/vendor/nginx/src/core/ngx_core.h +1 -0
- data/vendor/nginx/src/core/ngx_cycle.c +23 -99
- data/vendor/nginx/src/core/ngx_cycle.h +2 -0
- data/vendor/nginx/src/core/ngx_file.c +100 -8
- data/vendor/nginx/src/core/ngx_file.h +3 -0
- data/vendor/nginx/src/core/ngx_hash.c +6 -9
- data/vendor/nginx/src/core/ngx_inet.c +93 -5
- data/vendor/nginx/src/core/ngx_inet.h +4 -2
- data/vendor/nginx/src/core/ngx_list.c +1 -9
- data/vendor/nginx/src/core/ngx_log.c +132 -30
- data/vendor/nginx/src/core/ngx_log.h +5 -2
- data/vendor/nginx/src/core/ngx_open_file_cache.c +67 -1
- data/vendor/nginx/src/core/ngx_palloc.c +5 -2
- data/vendor/nginx/src/core/ngx_proxy_protocol.c +91 -0
- data/vendor/nginx/src/core/ngx_proxy_protocol.h +23 -0
- data/vendor/nginx/src/core/ngx_resolver.c +1080 -285
- data/vendor/nginx/src/core/ngx_resolver.h +33 -3
- data/vendor/nginx/src/core/ngx_slab.c +7 -2
- data/vendor/nginx/src/core/ngx_slab.h +2 -0
- data/vendor/nginx/src/core/ngx_string.c +78 -13
- data/vendor/nginx/src/core/ngx_string.h +2 -0
- data/vendor/nginx/src/event/modules/ngx_devpoll_module.c +2 -2
- data/vendor/nginx/src/event/modules/ngx_epoll_module.c +13 -5
- data/vendor/nginx/src/event/modules/ngx_select_module.c +1 -1
- data/vendor/nginx/src/event/modules/ngx_win32_select_module.c +2 -2
- data/vendor/nginx/src/event/ngx_event.c +0 -1
- data/vendor/nginx/src/event/ngx_event.h +7 -6
- data/vendor/nginx/src/event/ngx_event_accept.c +6 -4
- data/vendor/nginx/src/event/ngx_event_connect.c +2 -2
- data/vendor/nginx/src/event/ngx_event_openssl.c +304 -13
- data/vendor/nginx/src/event/ngx_event_openssl.h +20 -1
- data/vendor/nginx/src/event/ngx_event_openssl_stapling.c +35 -23
- data/vendor/nginx/src/event/ngx_event_pipe.c +15 -30
- data/vendor/nginx/src/http/modules/ngx_http_access_module.c +115 -35
- data/vendor/nginx/src/http/modules/ngx_http_auth_basic_module.c +1 -1
- data/vendor/nginx/src/http/modules/ngx_http_auth_request_module.c +444 -0
- data/vendor/nginx/src/http/modules/ngx_http_autoindex_module.c +2 -1
- data/vendor/nginx/src/http/modules/ngx_http_charset_filter_module.c +1 -1
- data/vendor/nginx/src/http/modules/ngx_http_dav_module.c +1 -3
- data/vendor/nginx/src/http/modules/ngx_http_fastcgi_module.c +251 -36
- data/vendor/nginx/src/http/modules/ngx_http_gunzip_filter_module.c +9 -5
- data/vendor/nginx/src/http/modules/ngx_http_gzip_filter_module.c +5 -3
- data/vendor/nginx/src/http/modules/ngx_http_gzip_static_module.c +1 -1
- data/vendor/nginx/src/http/modules/ngx_http_headers_filter_module.c +4 -0
- data/vendor/nginx/src/http/modules/ngx_http_image_filter_module.c +8 -2
- data/vendor/nginx/src/http/modules/ngx_http_limit_req_module.c +5 -1
- data/vendor/nginx/src/http/modules/ngx_http_map_module.c +3 -3
- data/vendor/nginx/src/http/modules/ngx_http_memcached_module.c +21 -10
- data/vendor/nginx/src/http/modules/ngx_http_mp4_module.c +669 -197
- data/vendor/nginx/src/http/modules/ngx_http_proxy_module.c +93 -60
- data/vendor/nginx/src/http/modules/ngx_http_range_filter_module.c +13 -6
- data/vendor/nginx/src/http/modules/ngx_http_realip_module.c +20 -1
- data/vendor/nginx/src/http/modules/ngx_http_referer_module.c +132 -74
- data/vendor/nginx/src/http/modules/ngx_http_scgi_module.c +18 -12
- data/vendor/nginx/src/http/modules/ngx_http_ssi_filter_module.c +22 -20
- data/vendor/nginx/src/http/modules/ngx_http_ssl_module.c +121 -3
- data/vendor/nginx/src/http/modules/ngx_http_ssl_module.h +5 -0
- data/vendor/nginx/src/http/modules/ngx_http_stub_status_module.c +3 -0
- data/vendor/nginx/src/http/modules/ngx_http_sub_filter_module.c +123 -91
- data/vendor/nginx/src/http/modules/ngx_http_upstream_ip_hash_module.c +29 -19
- data/vendor/nginx/src/http/modules/ngx_http_upstream_keepalive_module.c +2 -5
- data/vendor/nginx/src/http/modules/ngx_http_uwsgi_module.c +215 -19
- data/vendor/nginx/src/http/modules/ngx_http_xslt_filter_module.c +32 -6
- data/vendor/nginx/src/http/modules/perl/nginx.xs +4 -7
- data/vendor/nginx/src/http/modules/perl/ngx_http_perl_module.c +2 -2
- data/vendor/nginx/src/http/ngx_http.c +17 -7
- data/vendor/nginx/src/http/ngx_http_cache.h +4 -2
- data/vendor/nginx/src/http/ngx_http_copy_filter_module.c +4 -2
- data/vendor/nginx/src/http/ngx_http_core_module.c +63 -50
- data/vendor/nginx/src/http/ngx_http_core_module.h +5 -0
- data/vendor/nginx/src/http/ngx_http_file_cache.c +115 -3
- data/vendor/nginx/src/http/ngx_http_header_filter_module.c +9 -6
- data/vendor/nginx/src/http/ngx_http_parse.c +88 -10
- data/vendor/nginx/src/http/ngx_http_postpone_filter_module.c +2 -4
- data/vendor/nginx/src/http/ngx_http_request.c +116 -8
- data/vendor/nginx/src/http/ngx_http_request.h +5 -1
- data/vendor/nginx/src/http/ngx_http_request_body.c +7 -7
- data/vendor/nginx/src/http/ngx_http_script.c +6 -5
- data/vendor/nginx/src/http/ngx_http_spdy.c +889 -271
- data/vendor/nginx/src/http/ngx_http_spdy.h +51 -28
- data/vendor/nginx/src/http/ngx_http_spdy_filter_module.c +382 -167
- data/vendor/nginx/src/http/ngx_http_spdy_module.c +65 -8
- data/vendor/nginx/src/http/ngx_http_spdy_module.h +5 -0
- data/vendor/nginx/src/http/ngx_http_special_response.c +1 -1
- data/vendor/nginx/src/http/ngx_http_upstream.c +290 -114
- data/vendor/nginx/src/http/ngx_http_upstream.h +9 -5
- data/vendor/nginx/src/http/ngx_http_upstream_round_robin.c +32 -24
- data/vendor/nginx/src/http/ngx_http_variables.c +40 -6
- data/vendor/nginx/src/http/ngx_http_write_filter_module.c +12 -5
- data/vendor/nginx/src/mail/ngx_mail.c +4 -2
- data/vendor/nginx/src/mail/ngx_mail.h +2 -0
- data/vendor/nginx/src/mail/ngx_mail_auth_http_module.c +0 -1
- data/vendor/nginx/src/mail/ngx_mail_core_module.c +2 -1
- data/vendor/nginx/src/mail/ngx_mail_handler.c +17 -4
- data/vendor/nginx/src/mail/ngx_mail_parse.c +32 -2
- data/vendor/nginx/src/mail/ngx_mail_proxy_module.c +54 -7
- data/vendor/nginx/src/mail/ngx_mail_smtp_handler.c +50 -78
- data/vendor/nginx/src/mail/ngx_mail_ssl_module.c +48 -11
- data/vendor/nginx/src/mail/ngx_mail_ssl_module.h +3 -0
- data/vendor/nginx/src/os/unix/ngx_channel.c +3 -1
- data/vendor/nginx/src/os/unix/ngx_darwin_config.h +1 -0
- data/vendor/nginx/src/os/unix/ngx_darwin_init.c +1 -1
- data/vendor/nginx/src/os/unix/ngx_darwin_sendfile_chain.c +14 -16
- data/vendor/nginx/src/os/unix/ngx_errno.h +3 -0
- data/vendor/nginx/src/os/unix/ngx_files.h +10 -16
- data/vendor/nginx/src/os/unix/ngx_freebsd_config.h +6 -0
- data/vendor/nginx/src/os/unix/ngx_freebsd_init.c +1 -1
- data/vendor/nginx/src/os/unix/ngx_freebsd_rfork_thread.c +1 -1
- data/vendor/nginx/src/os/unix/ngx_freebsd_rfork_thread.h +2 -2
- data/vendor/nginx/src/os/unix/ngx_freebsd_sendfile_chain.c +17 -19
- data/vendor/nginx/src/os/unix/ngx_linux_config.h +8 -2
- data/vendor/nginx/src/os/unix/ngx_linux_sendfile_chain.c +20 -22
- data/vendor/nginx/src/os/unix/ngx_posix_config.h +1 -0
- data/vendor/nginx/src/os/unix/ngx_process.c +5 -0
- data/vendor/nginx/src/os/unix/ngx_process_cycle.c +15 -3
- data/vendor/nginx/src/os/unix/ngx_readv_chain.c +2 -1
- data/vendor/nginx/src/os/unix/ngx_recv.c +4 -1
- data/vendor/nginx/src/os/unix/ngx_solaris_config.h +1 -0
- data/vendor/nginx/src/os/unix/ngx_solaris_sendfilev_chain.c +14 -16
- metadata +8 -2
@@ -92,10 +92,7 @@ static ngx_str_t ngx_http_status_lines[] = {
|
|
92
92
|
ngx_string("411 Length Required"),
|
93
93
|
ngx_string("412 Precondition Failed"),
|
94
94
|
ngx_string("413 Request Entity Too Large"),
|
95
|
-
|
96
|
-
* because we treat such requests as the HTTP/0.9
|
97
|
-
* requests and send only a body without a header
|
98
|
-
*/
|
95
|
+
ngx_string("414 Request-URI Too Large"),
|
99
96
|
ngx_string("415 Unsupported Media Type"),
|
100
97
|
ngx_string("416 Requested Range Not Satisfiable"),
|
101
98
|
|
@@ -267,7 +264,13 @@ ngx_http_header_filter(ngx_http_request_t *r)
|
|
267
264
|
len += ngx_http_status_lines[status].len;
|
268
265
|
|
269
266
|
} else {
|
270
|
-
len += NGX_INT_T_LEN
|
267
|
+
len += NGX_INT_T_LEN + 1 /* SP */;
|
268
|
+
status_line = NULL;
|
269
|
+
}
|
270
|
+
|
271
|
+
if (status_line && status_line->len == 0) {
|
272
|
+
status = r->headers_out.status;
|
273
|
+
len += NGX_INT_T_LEN + 1 /* SP */;
|
271
274
|
status_line = NULL;
|
272
275
|
}
|
273
276
|
}
|
@@ -448,7 +451,7 @@ ngx_http_header_filter(ngx_http_request_t *r)
|
|
448
451
|
b->last = ngx_copy(b->last, status_line->data, status_line->len);
|
449
452
|
|
450
453
|
} else {
|
451
|
-
b->last = ngx_sprintf(b->last, "%03ui", status);
|
454
|
+
b->last = ngx_sprintf(b->last, "%03ui ", status);
|
452
455
|
}
|
453
456
|
*b->last++ = CR; *b->last++ = LF;
|
454
457
|
|
@@ -212,14 +212,17 @@ ngx_http_parse_request_line(ngx_http_request_t *r, ngx_buf_t *b)
|
|
212
212
|
case 5:
|
213
213
|
if (ngx_str5cmp(m, 'M', 'K', 'C', 'O', 'L')) {
|
214
214
|
r->method = NGX_HTTP_MKCOL;
|
215
|
+
break;
|
215
216
|
}
|
216
217
|
|
217
218
|
if (ngx_str5cmp(m, 'P', 'A', 'T', 'C', 'H')) {
|
218
219
|
r->method = NGX_HTTP_PATCH;
|
220
|
+
break;
|
219
221
|
}
|
220
222
|
|
221
223
|
if (ngx_str5cmp(m, 'T', 'R', 'A', 'C', 'E')) {
|
222
224
|
r->method = NGX_HTTP_TRACE;
|
225
|
+
break;
|
223
226
|
}
|
224
227
|
|
225
228
|
break;
|
@@ -883,6 +886,19 @@ ngx_http_parse_header_line(ngx_http_request_t *r, ngx_buf_t *b,
|
|
883
886
|
break;
|
884
887
|
}
|
885
888
|
|
889
|
+
if (ch == '_') {
|
890
|
+
if (allow_underscores) {
|
891
|
+
hash = ngx_hash(0, ch);
|
892
|
+
r->lowcase_header[0] = ch;
|
893
|
+
i = 1;
|
894
|
+
|
895
|
+
} else {
|
896
|
+
r->invalid_header = 1;
|
897
|
+
}
|
898
|
+
|
899
|
+
break;
|
900
|
+
}
|
901
|
+
|
886
902
|
if (ch == '\0') {
|
887
903
|
return NGX_HTTP_PARSE_INVALID_HEADER;
|
888
904
|
}
|
@@ -1258,8 +1274,8 @@ ngx_http_parse_complex_uri(ngx_http_request_t *r, ngx_uint_t merge_slashes)
|
|
1258
1274
|
* the line feed
|
1259
1275
|
*/
|
1260
1276
|
|
1261
|
-
|
1262
|
-
"s:%d in:'%Xd:%c'
|
1277
|
+
ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
1278
|
+
"s:%d in:'%Xd:%c'", state, ch, ch);
|
1263
1279
|
|
1264
1280
|
switch (state) {
|
1265
1281
|
|
@@ -1777,17 +1793,21 @@ ngx_int_t
|
|
1777
1793
|
ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
|
1778
1794
|
ngx_str_t *args, ngx_uint_t *flags)
|
1779
1795
|
{
|
1780
|
-
u_char
|
1781
|
-
size_t
|
1796
|
+
u_char ch, *p, *src, *dst;
|
1797
|
+
size_t len;
|
1798
|
+
ngx_uint_t quoted;
|
1782
1799
|
|
1783
1800
|
len = uri->len;
|
1784
1801
|
p = uri->data;
|
1802
|
+
quoted = 0;
|
1785
1803
|
|
1786
1804
|
if (len == 0 || p[0] == '?') {
|
1787
1805
|
goto unsafe;
|
1788
1806
|
}
|
1789
1807
|
|
1790
|
-
if (p[0] == '.' && len
|
1808
|
+
if (p[0] == '.' && len > 1 && p[1] == '.'
|
1809
|
+
&& (len == 2 || ngx_path_separator(p[2])))
|
1810
|
+
{
|
1791
1811
|
goto unsafe;
|
1792
1812
|
}
|
1793
1813
|
|
@@ -1795,6 +1815,11 @@ ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
|
|
1795
1815
|
|
1796
1816
|
ch = *p++;
|
1797
1817
|
|
1818
|
+
if (ch == '%') {
|
1819
|
+
quoted = 1;
|
1820
|
+
continue;
|
1821
|
+
}
|
1822
|
+
|
1798
1823
|
if (usual[ch >> 5] & (1 << (ch & 0x1f))) {
|
1799
1824
|
continue;
|
1800
1825
|
}
|
@@ -1804,7 +1829,7 @@ ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
|
|
1804
1829
|
args->data = p;
|
1805
1830
|
uri->len -= len;
|
1806
1831
|
|
1807
|
-
|
1832
|
+
break;
|
1808
1833
|
}
|
1809
1834
|
|
1810
1835
|
if (ch == '\0') {
|
@@ -1813,14 +1838,66 @@ ngx_http_parse_unsafe_uri(ngx_http_request_t *r, ngx_str_t *uri,
|
|
1813
1838
|
|
1814
1839
|
if (ngx_path_separator(ch) && len > 2) {
|
1815
1840
|
|
1816
|
-
/* detect "/../" */
|
1841
|
+
/* detect "/../" and "/.." */
|
1817
1842
|
|
1818
|
-
if (p[0] == '.' && p[1] == '.'
|
1843
|
+
if (p[0] == '.' && p[1] == '.'
|
1844
|
+
&& (len == 3 || ngx_path_separator(p[2])))
|
1845
|
+
{
|
1819
1846
|
goto unsafe;
|
1820
1847
|
}
|
1821
1848
|
}
|
1822
1849
|
}
|
1823
1850
|
|
1851
|
+
if (quoted) {
|
1852
|
+
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
1853
|
+
"escaped URI: \"%V\"", uri);
|
1854
|
+
|
1855
|
+
src = uri->data;
|
1856
|
+
|
1857
|
+
dst = ngx_pnalloc(r->pool, uri->len);
|
1858
|
+
if (dst == NULL) {
|
1859
|
+
return NGX_ERROR;
|
1860
|
+
}
|
1861
|
+
|
1862
|
+
uri->data = dst;
|
1863
|
+
|
1864
|
+
ngx_unescape_uri(&dst, &src, uri->len, 0);
|
1865
|
+
|
1866
|
+
uri->len = dst - uri->data;
|
1867
|
+
|
1868
|
+
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
|
1869
|
+
"unescaped URI: \"%V\"", uri);
|
1870
|
+
|
1871
|
+
len = uri->len;
|
1872
|
+
p = uri->data;
|
1873
|
+
|
1874
|
+
if (p[0] == '.' && len > 1 && p[1] == '.'
|
1875
|
+
&& (len == 2 || ngx_path_separator(p[2])))
|
1876
|
+
{
|
1877
|
+
goto unsafe;
|
1878
|
+
}
|
1879
|
+
|
1880
|
+
for ( /* void */ ; len; len--) {
|
1881
|
+
|
1882
|
+
ch = *p++;
|
1883
|
+
|
1884
|
+
if (ch == '\0') {
|
1885
|
+
goto unsafe;
|
1886
|
+
}
|
1887
|
+
|
1888
|
+
if (ngx_path_separator(ch) && len > 2) {
|
1889
|
+
|
1890
|
+
/* detect "/../" and "/.." */
|
1891
|
+
|
1892
|
+
if (p[0] == '.' && p[1] == '.'
|
1893
|
+
&& (len == 3 || ngx_path_separator(p[2])))
|
1894
|
+
{
|
1895
|
+
goto unsafe;
|
1896
|
+
}
|
1897
|
+
}
|
1898
|
+
}
|
1899
|
+
}
|
1900
|
+
|
1824
1901
|
return NGX_OK;
|
1825
1902
|
|
1826
1903
|
unsafe:
|
@@ -2182,8 +2259,9 @@ data:
|
|
2182
2259
|
ctx->length = 3 /* "0" LF LF */;
|
2183
2260
|
break;
|
2184
2261
|
case sw_chunk_size:
|
2185
|
-
ctx->length =
|
2186
|
-
+ (ctx->size ? ctx->size + 4 /* LF "0" LF LF */
|
2262
|
+
ctx->length = 1 /* LF */
|
2263
|
+
+ (ctx->size ? ctx->size + 4 /* LF "0" LF LF */
|
2264
|
+
: 1 /* LF */);
|
2187
2265
|
break;
|
2188
2266
|
case sw_chunk_extension:
|
2189
2267
|
case sw_chunk_extension_almost_done:
|
@@ -70,8 +70,7 @@ ngx_http_postpone_filter(ngx_http_request_t *r, ngx_chain_t *in)
|
|
70
70
|
#if 0
|
71
71
|
/* TODO: SSI may pass NULL */
|
72
72
|
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
|
73
|
-
"http postpone filter NULL inactive request"
|
74
|
-
&r->uri, &r->args);
|
73
|
+
"http postpone filter NULL inactive request");
|
75
74
|
#endif
|
76
75
|
|
77
76
|
return NGX_OK;
|
@@ -108,8 +107,7 @@ ngx_http_postpone_filter(ngx_http_request_t *r, ngx_chain_t *in)
|
|
108
107
|
|
109
108
|
if (pr->out == NULL) {
|
110
109
|
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
|
111
|
-
"http postpone filter NULL output"
|
112
|
-
&r->uri, &r->args);
|
110
|
+
"http postpone filter NULL output");
|
113
111
|
|
114
112
|
} else {
|
115
113
|
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
|
@@ -343,6 +343,11 @@ ngx_http_init_connection(ngx_connection_t *c)
|
|
343
343
|
}
|
344
344
|
#endif
|
345
345
|
|
346
|
+
if (hc->addr_conf->proxy_protocol) {
|
347
|
+
hc->proxy_protocol = 1;
|
348
|
+
c->log->action = "reading PROXY protocol";
|
349
|
+
}
|
350
|
+
|
346
351
|
if (rev->ready) {
|
347
352
|
/* the deferred accept(), rtsig, aio, iocp */
|
348
353
|
|
@@ -368,6 +373,7 @@ ngx_http_init_connection(ngx_connection_t *c)
|
|
368
373
|
static void
|
369
374
|
ngx_http_wait_request_handler(ngx_event_t *rev)
|
370
375
|
{
|
376
|
+
u_char *p;
|
371
377
|
size_t size;
|
372
378
|
ssize_t n;
|
373
379
|
ngx_buf_t *b;
|
@@ -458,6 +464,27 @@ ngx_http_wait_request_handler(ngx_event_t *rev)
|
|
458
464
|
|
459
465
|
b->last += n;
|
460
466
|
|
467
|
+
if (hc->proxy_protocol) {
|
468
|
+
hc->proxy_protocol = 0;
|
469
|
+
|
470
|
+
p = ngx_proxy_protocol_parse(c, b->pos, b->last);
|
471
|
+
|
472
|
+
if (p == NULL) {
|
473
|
+
ngx_http_close_connection(c);
|
474
|
+
return;
|
475
|
+
}
|
476
|
+
|
477
|
+
b->pos = p;
|
478
|
+
|
479
|
+
if (b->pos == b->last) {
|
480
|
+
c->log->action = "waiting for request";
|
481
|
+
b->pos = b->start;
|
482
|
+
b->last = b->start;
|
483
|
+
ngx_post_event(rev, &ngx_posted_events);
|
484
|
+
return;
|
485
|
+
}
|
486
|
+
}
|
487
|
+
|
461
488
|
c->log->action = "reading client request line";
|
462
489
|
|
463
490
|
ngx_reusable_connection(c, 0);
|
@@ -557,6 +584,7 @@ ngx_http_create_request(ngx_connection_t *c)
|
|
557
584
|
r->start_msec = tp->msec;
|
558
585
|
|
559
586
|
r->method = NGX_HTTP_UNKNOWN;
|
587
|
+
r->http_version = NGX_HTTP_VERSION_10;
|
560
588
|
|
561
589
|
r->headers_in.content_length_n = -1;
|
562
590
|
r->headers_in.keep_alive_n = -1;
|
@@ -588,7 +616,8 @@ ngx_http_create_request(ngx_connection_t *c)
|
|
588
616
|
static void
|
589
617
|
ngx_http_ssl_handshake(ngx_event_t *rev)
|
590
618
|
{
|
591
|
-
u_char
|
619
|
+
u_char *p, buf[NGX_PROXY_PROTOCOL_MAX_HEADER + 1];
|
620
|
+
size_t size;
|
592
621
|
ssize_t n;
|
593
622
|
ngx_err_t err;
|
594
623
|
ngx_int_t rc;
|
@@ -597,6 +626,7 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
|
|
597
626
|
ngx_http_ssl_srv_conf_t *sscf;
|
598
627
|
|
599
628
|
c = rev->data;
|
629
|
+
hc = c->data;
|
600
630
|
|
601
631
|
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0,
|
602
632
|
"http check ssl handshake");
|
@@ -612,7 +642,9 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
|
|
612
642
|
return;
|
613
643
|
}
|
614
644
|
|
615
|
-
|
645
|
+
size = hc->proxy_protocol ? sizeof(buf) : 1;
|
646
|
+
|
647
|
+
n = recv(c->fd, (char *) buf, size, MSG_PEEK);
|
616
648
|
|
617
649
|
err = ngx_socket_errno;
|
618
650
|
|
@@ -639,12 +671,39 @@ ngx_http_ssl_handshake(ngx_event_t *rev)
|
|
639
671
|
return;
|
640
672
|
}
|
641
673
|
|
674
|
+
if (hc->proxy_protocol) {
|
675
|
+
hc->proxy_protocol = 0;
|
676
|
+
|
677
|
+
p = ngx_proxy_protocol_parse(c, buf, buf + n);
|
678
|
+
|
679
|
+
if (p == NULL) {
|
680
|
+
ngx_http_close_connection(c);
|
681
|
+
return;
|
682
|
+
}
|
683
|
+
|
684
|
+
size = p - buf;
|
685
|
+
|
686
|
+
if (c->recv(c, buf, size) != (ssize_t) size) {
|
687
|
+
ngx_http_close_connection(c);
|
688
|
+
return;
|
689
|
+
}
|
690
|
+
|
691
|
+
c->log->action = "SSL handshaking";
|
692
|
+
|
693
|
+
if (n == (ssize_t) size) {
|
694
|
+
ngx_post_event(rev, &ngx_posted_events);
|
695
|
+
return;
|
696
|
+
}
|
697
|
+
|
698
|
+
n = 1;
|
699
|
+
buf[0] = *p;
|
700
|
+
}
|
701
|
+
|
642
702
|
if (n == 1) {
|
643
703
|
if (buf[0] & 0x80 /* SSLv2 */ || buf[0] == 0x16 /* SSLv3/TLSv1 */) {
|
644
704
|
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, rev->log, 0,
|
645
705
|
"https ssl handshake: 0x%02Xd", buf[0]);
|
646
706
|
|
647
|
-
hc = c->data;
|
648
707
|
sscf = ngx_http_get_module_srv_conf(hc->conf_ctx,
|
649
708
|
ngx_http_ssl_module);
|
650
709
|
|
@@ -704,13 +763,26 @@ ngx_http_ssl_handshake_handler(ngx_connection_t *c)
|
|
704
763
|
|
705
764
|
c->ssl->no_wait_shutdown = 1;
|
706
765
|
|
707
|
-
#if (NGX_HTTP_SPDY
|
766
|
+
#if (NGX_HTTP_SPDY \
|
767
|
+
&& (defined TLSEXT_TYPE_application_layer_protocol_negotiation \
|
768
|
+
|| defined TLSEXT_TYPE_next_proto_neg))
|
708
769
|
{
|
709
770
|
unsigned int len;
|
710
771
|
const unsigned char *data;
|
711
772
|
static const ngx_str_t spdy = ngx_string(NGX_SPDY_NPN_NEGOTIATED);
|
712
773
|
|
774
|
+
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
|
775
|
+
SSL_get0_alpn_selected(c->ssl->connection, &data, &len);
|
776
|
+
|
777
|
+
#ifdef TLSEXT_TYPE_next_proto_neg
|
778
|
+
if (len == 0) {
|
779
|
+
SSL_get0_next_proto_negotiated(c->ssl->connection, &data, &len);
|
780
|
+
}
|
781
|
+
#endif
|
782
|
+
|
783
|
+
#else /* TLSEXT_TYPE_next_proto_neg */
|
713
784
|
SSL_get0_next_proto_negotiated(c->ssl->connection, &data, &len);
|
785
|
+
#endif
|
714
786
|
|
715
787
|
if (len == spdy.len && ngx_strncmp(data, spdy.data, spdy.len) == 0) {
|
716
788
|
ngx_http_spdy_init(c->read);
|
@@ -1930,6 +2002,10 @@ ngx_http_set_virtual_server(ngx_http_request_t *r, ngx_str_t *host)
|
|
1930
2002
|
ngx_http_core_loc_conf_t *clcf;
|
1931
2003
|
ngx_http_core_srv_conf_t *cscf;
|
1932
2004
|
|
2005
|
+
#if (NGX_SUPPRESS_WARN)
|
2006
|
+
cscf = NULL;
|
2007
|
+
#endif
|
2008
|
+
|
1933
2009
|
hc = r->http_connection;
|
1934
2010
|
|
1935
2011
|
#if (NGX_HTTP_SSL && defined SSL_CTRL_SET_TLSEXT_HOSTNAME)
|
@@ -2668,6 +2744,33 @@ ngx_http_test_reading(ngx_http_request_t *r)
|
|
2668
2744
|
goto closed;
|
2669
2745
|
}
|
2670
2746
|
|
2747
|
+
#endif
|
2748
|
+
|
2749
|
+
#if (NGX_HAVE_EPOLLRDHUP)
|
2750
|
+
|
2751
|
+
if ((ngx_event_flags & NGX_USE_EPOLL_EVENT) && rev->pending_eof) {
|
2752
|
+
socklen_t len;
|
2753
|
+
|
2754
|
+
rev->eof = 1;
|
2755
|
+
c->error = 1;
|
2756
|
+
|
2757
|
+
err = 0;
|
2758
|
+
len = sizeof(ngx_err_t);
|
2759
|
+
|
2760
|
+
/*
|
2761
|
+
* BSDs and Linux return 0 and set a pending error in err
|
2762
|
+
* Solaris returns -1 and sets errno
|
2763
|
+
*/
|
2764
|
+
|
2765
|
+
if (getsockopt(c->fd, SOL_SOCKET, SO_ERROR, (void *) &err, &len)
|
2766
|
+
== -1)
|
2767
|
+
{
|
2768
|
+
err = ngx_socket_errno;
|
2769
|
+
}
|
2770
|
+
|
2771
|
+
goto closed;
|
2772
|
+
}
|
2773
|
+
|
2671
2774
|
#endif
|
2672
2775
|
|
2673
2776
|
n = recv(c->fd, buf, 1, MSG_PEEK);
|
@@ -2710,7 +2813,7 @@ closed:
|
|
2710
2813
|
ngx_log_error(NGX_LOG_INFO, c->log, err,
|
2711
2814
|
"client prematurely closed connection");
|
2712
2815
|
|
2713
|
-
ngx_http_finalize_request(r,
|
2816
|
+
ngx_http_finalize_request(r, NGX_HTTP_CLIENT_CLOSED_REQUEST);
|
2714
2817
|
}
|
2715
2818
|
|
2716
2819
|
|
@@ -3143,8 +3246,8 @@ ngx_http_lingering_close_handler(ngx_event_t *rev)
|
|
3143
3246
|
return;
|
3144
3247
|
}
|
3145
3248
|
|
3146
|
-
timer = (ngx_msec_t)
|
3147
|
-
if (timer <= 0) {
|
3249
|
+
timer = (ngx_msec_t) r->lingering_time - (ngx_msec_t) ngx_time();
|
3250
|
+
if ((ngx_msec_int_t) timer <= 0) {
|
3148
3251
|
ngx_http_close_request(r, 0);
|
3149
3252
|
return;
|
3150
3253
|
}
|
@@ -3319,10 +3422,15 @@ ngx_http_free_request(ngx_http_request_t *r, ngx_int_t rc)
|
|
3319
3422
|
return;
|
3320
3423
|
}
|
3321
3424
|
|
3322
|
-
|
3425
|
+
cln = r->cleanup;
|
3426
|
+
r->cleanup = NULL;
|
3427
|
+
|
3428
|
+
while (cln) {
|
3323
3429
|
if (cln->handler) {
|
3324
3430
|
cln->handler(cln->data);
|
3325
3431
|
}
|
3432
|
+
|
3433
|
+
cln = cln->next;
|
3326
3434
|
}
|
3327
3435
|
|
3328
3436
|
#if (NGX_STAT_STUB)
|