nginxtra 1.6.3.9 → 1.8.0.9

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e338693c750971840d0bcf3da11efcdd38c8a9e1
-  data.tar.gz: cf0e2d1e77948f5b66166bef332dc1d5e49ea2ad
+  metadata.gz: 381012eb910c9ce3201a3da1bd81ed60adabf36c
+  data.tar.gz: c2ae31f850831d4764a7d46d36065c04cdd77ae0
 SHA512:
-  metadata.gz: c56f914b6b2cfbd2afc3852b0f7a2ffe97cfc936dc1558b32e4fd405c33724e96aa0016114acf058a84bce449fb7a67be57c20c486385436ac33699acac77d78
-  data.tar.gz: 7a0c4bf60a30eb597f3e71978d2436325387ea81076aa2c706d441b7bb870d800796b2739eb25c7ccc7480ed67ce711a94513495fdc2711a9a09adcf5a200cf3
+  metadata.gz: 7605514c3ac94f3ea3ff9acec914fbfd333e561aa52374fbe43b00561fbb879c55b45a0b949dd53c9f5c2cb62e2f2f031730037ac94bd005f23e3fa00c99ffab
+  data.tar.gz: 23131c3242a5a6c9f1e98636edba209d1e19e48f30fd06936252ba91b7d1400603153bc5c29ba5ef7cfc23dbf7dc6f901a123bf94d3cc9823981a8781d1d664b

data/bin/nginxtra

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.6.3.9"
+gem "nginxtra", "= 1.8.0.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::CLI.start

data/bin/nginxtra_rails

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.6.3.9"
+gem "nginxtra", "= 1.8.0.9"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::Rails::CLI.start

data/lib/nginxtra/version.rb

@@ -6,7 +6,7 @@ module Nginxtra
       end
 
       def to_s
-        "1.6.3.9"
+        "1.8.0.9"
       end
     end
   end

data/vendor/nginx/CHANGES

@@ -1,55 +1,399 @@
 
-Changes with nginx 1.6.3                                         07 Apr 2015
+Changes with nginx 1.8.0                                         21 Apr 2015
 
-    *) Feature: now the "tcp_nodelay" directive works with SPDY connections.
+    *) 1.8.x stable branch.
 
-    *) Bugfix: in error handling.
-       Thanks to Yichun Zhang and Daniil Bondarev.
 
-    *) Bugfix: alerts "header already sent" appeared in logs if the
-       "post_action" directive was used; the bug had appeared in 1.5.4.
+Changes with nginx 1.7.12                                        07 Apr 2015
 
-    *) Bugfix: alerts "sem_post() failed" might appear in logs.
+    *) Feature: now the "tcp_nodelay" directive works with backend SSL
+       connections.
+
+    *) Feature: now thread pools can be used to read cache file headers.
+
+    *) Bugfix: in the "proxy_request_buffering" directive.
+
+    *) Bugfix: a segmentation fault might occur in a worker process when
+       using thread pools on Linux.
+
+    *) Bugfix: in error handling when using the "ssl_stapling" directive.
+       Thanks to Filipe da Silva.
+
+    *) Bugfix: in the ngx_http_spdy_module.
+
+
+Changes with nginx 1.7.11                                        24 Mar 2015
+
+    *) Change: the "sendfile" parameter of the "aio" directive is
+       deprecated; now nginx automatically uses AIO to pre-load data for
+       sendfile if both "aio" and "sendfile" directives are used.
+
+    *) Feature: experimental thread pools support.
+
+    *) Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
+       "scgi_request_buffering", and "uwsgi_request_buffering" directives.
+
+    *) Feature: request body filters experimental API.
+
+    *) Feature: client SSL certificates support in mail proxy.
+       Thanks to Sven Peter, Franck Levionnois, and Filipe Da Silva.
+
+    *) Feature: startup speedup when using the "hash ... consistent"
+       directive in the upstream block.
+       Thanks to Wai Keen Woon.
+
+    *) Feature: debug logging into a cyclic memory buffer.
 
     *) Bugfix: in hash table handling.
        Thanks to Chris West.
 
+    *) Bugfix: in the "proxy_cache_revalidate" directive.
+
+    *) Bugfix: SSL connections might hang if deferred accept or the
+       "proxy_protocol" parameter of the "listen" directive were used.
+       Thanks to James Hamlin.
+
+    *) Bugfix: the $upstream_response_time variable might contain a wrong
+       value if the "image_filter" directive was used.
+
     *) Bugfix: in integer overflow handling.
        Thanks to Régis Leroy.
 
+    *) Bugfix: it was not possible to enable SSLv3 with LibreSSL.
+
+    *) Bugfix: the "ignoring stale global SSL error ... called a function
+       you should not call" alerts appeared in logs when using LibreSSL.
+
+    *) Bugfix: certificates specified by the "ssl_client_certificate" and
+       "ssl_trusted_certificate" directives were inadvertently used to
+       automatically construct certificate chains.
+
+
+Changes with nginx 1.7.10                                        10 Feb 2015
+
+    *) Feature: the "use_temp_path" parameter of the "proxy_cache_path",
+       "fastcgi_cache_path", "scgi_cache_path", and "uwsgi_cache_path"
+       directives.
+
+    *) Feature: the $upstream_header_time variable.
+
+    *) Workaround: now on disk overflow nginx tries to write error logs once
+       a second only.
+
+    *) Bugfix: the "try_files" directive did not ignore normal files while
+       testing directories.
+       Thanks to Damien Tournoud.
+
+    *) Bugfix: alerts "sendfile() failed" if the "sendfile" directive was
+       used on OS X; the bug had appeared in 1.7.8.
+
+    *) Bugfix: alerts "sem_post() failed" might appear in logs.
+
+    *) Bugfix: nginx could not be built with musl libc.
+       Thanks to James Taylor.
+
+    *) Bugfix: nginx could not be built on Tru64 UNIX.
+       Thanks to Goetz T. Fischer.
+
+
+Changes with nginx 1.7.9                                         23 Dec 2014
+
+    *) Feature: variables support in the "proxy_cache", "fastcgi_cache",
+       "scgi_cache", and "uwsgi_cache" directives.
+
+    *) Feature: variables support in the "expires" directive.
+
+    *) Feature: loading of secret keys from hardware tokens with OpenSSL
+       engines.
+       Thanks to Dmitrii Pichulin.
+
+    *) Feature: the "autoindex_format" directive.
+
+    *) Bugfix: cache revalidation is now only used for responses with 200
+       and 206 status codes.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: the "TE" client request header line was passed to backends
+       while proxying.
+
+    *) Bugfix: the "proxy_pass", "fastcgi_pass", "scgi_pass", and
+       "uwsgi_pass" directives might not work correctly inside the "if" and
+       "limit_except" blocks.
+
+    *) Bugfix: the "proxy_store" directive with the "on" parameter was
+       ignored if the "proxy_store" directive with an explicitly specified
+       file path was used on a previous level.
+
+    *) Bugfix: nginx could not be built with BoringSSL.
+       Thanks to Lukas Tribus.
+
+
+Changes with nginx 1.7.8                                         02 Dec 2014
+
+    *) Change: now the "If-Modified-Since", "If-Range", etc. client request
+       header lines are passed to a backend while caching if nginx knows in
+       advance that the response will not be cached (e.g., when using
+       proxy_cache_min_uses).
+
+    *) Change: now after proxy_cache_lock_timeout nginx sends a request to a
+       backend with caching disabled; the new directives
+       "proxy_cache_lock_age", "fastcgi_cache_lock_age",
+       "scgi_cache_lock_age", and "uwsgi_cache_lock_age" specify a time
+       after which the lock will be released and another attempt to cache a
+       response will be made.
+
+    *) Change: the "log_format" directive can now be used only at http
+       level.
+
+    *) Feature: the "proxy_ssl_certificate", "proxy_ssl_certificate_key",
+       "proxy_ssl_password_file", "uwsgi_ssl_certificate",
+       "uwsgi_ssl_certificate_key", and "uwsgi_ssl_password_file"
+       directives.
+       Thanks to Piotr Sikora.
+
+    *) Feature: it is now possible to switch to a named location using
+       "X-Accel-Redirect".
+       Thanks to Toshikuni Fukaya.
+
+    *) Feature: now the "tcp_nodelay" directive works with SPDY connections.
+
+    *) Feature: new directives in vim syntax highliting scripts.
+       Thanks to Peter Wu.
+
+    *) Bugfix: nginx ignored the "s-maxage" value in the "Cache-Control"
+       backend response header line.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: in the ngx_http_spdy_module.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: in the "ssl_password_file" directive when using OpenSSL
+       0.9.8zc, 1.0.0o, 1.0.1j.
+
+    *) Bugfix: alerts "header already sent" appeared in logs if the
+       "post_action" directive was used; the bug had appeared in 1.5.4.
+
+    *) Bugfix: alerts "the http output chain is empty" might appear in logs
+       if the "postpone_output 0" directive was used with SSI includes.
+
+    *) Bugfix: in the "proxy_cache_lock" directive with SSI subrequests.
+       Thanks to Yichun Zhang.
+
+
+Changes with nginx 1.7.7                                         28 Oct 2014
+
+    *) Change: now nginx takes into account the "Vary" header line in a
+       backend response while caching.
+
+    *) Feature: the "proxy_force_ranges", "fastcgi_force_ranges",
+       "scgi_force_ranges", and "uwsgi_force_ranges" directives.
+
+    *) Feature: the "proxy_limit_rate", "fastcgi_limit_rate",
+       "scgi_limit_rate", and "uwsgi_limit_rate" directives.
+
+    *) Feature: the "Vary" parameter of the "proxy_ignore_headers",
+       "fastcgi_ignore_headers", "scgi_ignore_headers", and
+       "uwsgi_ignore_headers" directives.
+
+    *) Bugfix: the last part of a response received from a backend with
+       unbufferred proxy might not be sent to a client if "gzip" or "gunzip"
+       directives were used.
+
+    *) Bugfix: in the "proxy_cache_revalidate" directive.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: in error handling.
+       Thanks to Yichun Zhang and Daniil Bondarev.
+
+    *) Bugfix: in the "proxy_next_upstream_tries" and
+       "proxy_next_upstream_timeout" directives.
+       Thanks to Feng Gu.
+
+    *) Bugfix: nginx/Windows could not be built with MinGW-w64 gcc.
+       Thanks to Kouhei Sutou.
+
+
+Changes with nginx 1.7.6                                         30 Sep 2014
+
+    *) Change: the deprecated "limit_zone" directive is not supported
+       anymore.
+
+    *) Feature: the "limit_conn_zone" and "limit_req_zone" directives now
+       can be used with combinations of multiple variables.
+
+    *) Bugfix: request body might be transmitted incorrectly when retrying a
+       FastCGI request to the next upstream server.
+
+    *) Bugfix: in logging to syslog.
 
-Changes with nginx 1.6.2                                         16 Sep 2014
+
+Changes with nginx 1.7.5                                         16 Sep 2014
 
     *) Security: it was possible to reuse SSL sessions in unrelated contexts
        if a shared SSL session cache or the same TLS session ticket key was
        used for multiple "server" blocks (CVE-2014-3616).
        Thanks to Antoine Delignat-Lavaud.
 
-    *) Bugfix: requests might hang if resolver was used and a DNS server
-       returned a malformed response; the bug had appeared in 1.5.8.
+    *) Change: now the "stub_status" directive does not require a parameter.
+
+    *) Feature: the "always" parameter of the "add_header" directive.
+
+    *) Feature: the "proxy_next_upstream_tries",
+       "proxy_next_upstream_timeout", "fastcgi_next_upstream_tries",
+       "fastcgi_next_upstream_timeout", "memcached_next_upstream_tries",
+       "memcached_next_upstream_timeout", "scgi_next_upstream_tries",
+       "scgi_next_upstream_timeout", "uwsgi_next_upstream_tries", and
+       "uwsgi_next_upstream_timeout" directives.
+
+    *) Bugfix: in the "if" parameter of the "access_log" directive.
+
+    *) Bugfix: in the ngx_http_perl_module.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: the "listen" directive of the mail proxy module did not allow
+       to specify more than two parameters.
+
+    *) Bugfix: the "sub_filter" directive did not work with a string to
+       replace consisting of a single character.
 
     *) Bugfix: requests might hang if resolver was used and a timeout
        occurred during a DNS request.
 
+    *) Bugfix: in the ngx_http_spdy_module when using with AIO.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       "set" directive was used to change the "$http_...", "$sent_http_...",
+       or "$upstream_http_..." variables.
+
+    *) Bugfix: in memory allocation error handling.
+       Thanks to Markus Linnala and Feng Gu.
 
-Changes with nginx 1.6.1                                         05 Aug 2014
+
+Changes with nginx 1.7.4                                         05 Aug 2014
 
     *) Security: pipelined commands were not discarded after STARTTLS
        command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
        Thanks to Chris Boulton.
 
+    *) Change: URI escaping now uses uppercase hexadecimal digits.
+       Thanks to Piotr Sikora.
+
+    *) Feature: now nginx can be build with BoringSSL and LibreSSL.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: requests might hang if resolver was used and a DNS server
+       returned a malformed response; the bug had appeared in 1.5.8.
+
+    *) Bugfix: in the ngx_http_spdy_module.
+       Thanks to Piotr Sikora.
+
     *) Bugfix: the $uri variable might contain garbage when returning errors
        with code 400.
        Thanks to Sergey Bobrov.
 
+    *) Bugfix: in error handling in the "proxy_store" directive and the
+       ngx_http_dav_module.
+       Thanks to Feng Gu.
+
+    *) Bugfix: a segmentation fault might occur if logging of errors to
+       syslog was used; the bug had appeared in 1.7.1.
+
+    *) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
+       $geoip_area_code variables might not work.
+       Thanks to Yichun Zhang.
+
+    *) Bugfix: in memory allocation error handling.
+       Thanks to Tatsuhiko Kubo and Piotr Sikora.
+
+
+Changes with nginx 1.7.3                                         08 Jul 2014
+
+    *) Feature: weak entity tags are now preserved on response
+       modifications, and strong ones are changed to weak.
+
+    *) Feature: cache revalidation now uses If-None-Match header if
+       possible.
+
+    *) Feature: the "ssl_password_file" directive.
+
+    *) Bugfix: the If-None-Match request header line was ignored if there
+       was no Last-Modified header in a response returned from cache.
+
+    *) Bugfix: "peer closed connection in SSL handshake" messages were
+       logged at "info" level instead of "error" while connecting to
+       backends.
+
+    *) Bugfix: in the ngx_http_dav_module module in nginx/Windows.
+
+    *) Bugfix: SPDY connections might be closed prematurely if caching was
+       used.
+
+
+Changes with nginx 1.7.2                                         17 Jun 2014
+
+    *) Feature: the "hash" directive inside the "upstream" block.
+
+    *) Feature: defragmentation of free shared memory blocks.
+       Thanks to Wandenberg Peixoto and Yichun Zhang.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       default value of the "access_log" directive was used; the bug had
+       appeared in 1.7.0.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: trailing slash was mistakenly removed from the last parameter
+       of the "try_files" directive.
+
+    *) Bugfix: nginx could not be built on OS X in some cases.
+
+    *) Bugfix: in the ngx_http_spdy_module.
+
+
+Changes with nginx 1.7.1                                         27 May 2014
+
+    *) Feature: the "$upstream_cookie_..." variables.
+
+    *) Feature: the $ssl_client_fingerprint variable.
+
+    *) Feature: the "error_log" and "access_log" directives now support
+       logging to syslog.
+
+    *) Feature: the mail proxy now logs client port on connect.
+
+    *) Bugfix: memory leak if the "ssl_stapling" directive was used.
+       Thanks to Filipe da Silva.
+
+    *) Bugfix: the "alias" directive used inside a location given by a
+       regular expression worked incorrectly if the "if" or "limit_except"
+       directives were used.
+
+    *) Bugfix: the "charset" directive did not set a charset to encoded
+       backend responses.
+
+    *) Bugfix: a "proxy_pass" directive without URI part might use original
+       request after the $args variable was set.
+       Thanks to Yichun Zhang.
+
     *) Bugfix: in the "none" parameter in the "smtp_auth" directive; the bug
        had appeared in 1.5.6.
        Thanks to Svyatoslav Nikolsky.
 
+    *) Bugfix: if sub_filter and SSI were used together, then responses
+       might be transferred incorrectly.
+
+    *) Bugfix: nginx could not be built with the --with-file-aio option on
+       Linux/aarch64.
+
+
+Changes with nginx 1.7.0                                         24 Apr 2014
+
+    *) Feature: backend SSL certificate verification.
+
+    *) Feature: support for SNI while working with SSL backends.
 
-Changes with nginx 1.6.0                                         24 Apr 2014
+    *) Feature: the $ssl_server_name variable.
 
-    *) 1.6.x stable branch.
+    *) Feature: the "if" parameter of the "access_log" directive.
 
 
 Changes with nginx 1.5.13                                        08 Apr 2014
@@ -3249,7 +3593,7 @@ Changes with nginx 0.7.11                                        18 Aug 2008
     *) Feature: the "proxy_ssl_session_reuse" directive.
 
     *) Bugfix: a "proxy_pass" directive without URI part might use original
-       request after the "X-Accel-Redirect" redirection was used;
+       request after the "X-Accel-Redirect" redirection was used.
 
     *) Bugfix: if a directory has search only rights and the first index
        file was absent, then nginx returned the 500 status code.