nginxtra 1.8.1.12 → 1.10.1.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 99f107b601dfcabd1f825d8f14aad06edd048f55
-  data.tar.gz: 824ea02e092be12cf8f22f39a1cf21a867494034
+  metadata.gz: d784fb7c6e974f8523d9ef4d1c02ccd6995068db
+  data.tar.gz: dd8ea99c04482fe24fb8405e4c400e25e520e99e
 SHA512:
-  metadata.gz: e67268dddd754316d87fab9a51a2ce94884fbe801ffa4e95ffd4784ca86db5548428219682b0f8e79936dddd1ffcef803cc8acfff0d551f6582a5dc235076408
-  data.tar.gz: 124f0029c2f3fbac24f1882e9c894c804ea4a808f98c44b3450aeba39a398f02c1fcb831e6298a74b758424fd32f4409b0373fb5dafd746db777b27b953ceb48
+  metadata.gz: 4a65ae656e8d973b5d336ec765c36ce17812bf5ba9345d71c584db4dca551add2d337523c263800bc74e0c79bcbdecae7119140f83286468c762aa635b47d3e4
+  data.tar.gz: e5d0d9944a72ec36922b7b28d862eaac9db7fb6401e3e9a7646faa7efe5d9e109de44056fac2e8af1d1bfbccb359b5fcea92f3d8415a575de7c75f7b8a8315e8

data/bin/nginxtra

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.8.1.12"
+gem "nginxtra", "= 1.10.1.12"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::CLI.start

data/bin/nginxtra_rails

@@ -1,6 +1,6 @@
 #!/usr/bin/env ruby
 require "rubygems"
-gem "nginxtra", "= 1.8.1.12"
+gem "nginxtra", "= 1.10.1.12"
 gem "thor", "~> 0.16"
 require "nginxtra"
 Nginxtra::Rails::CLI.start

data/lib/nginxtra/version.rb

@@ -6,7 +6,7 @@ module Nginxtra
       end
 
       def to_s
-        "1.8.1.12"
+        "1.10.1.12"
       end
     end
   end

data/vendor/nginx/CHANGES

@@ -1,5 +1,142 @@
 
-Changes with nginx 1.8.1                                         26 Jan 2016
+Changes with nginx 1.10.1                                        31 May 2016
+
+    *) Security: a segmentation fault might occur in a worker process while
+       writing a specially crafted request body to a temporary file
+       (CVE-2016-4450); the bug had appeared in 1.3.9.
+
+
+Changes with nginx 1.10.0                                        26 Apr 2016
+
+    *) 1.10.x stable branch.
+
+
+Changes with nginx 1.9.15                                        19 Apr 2016
+
+    *) Bugfix: "recv() failed" errors might occur when using HHVM as a
+       FastCGI server.
+
+    *) Bugfix: when using HTTP/2 and the "limit_req" or "auth_request"
+       directives a timeout or a "client violated flow control" error might
+       occur while reading client request body; the bug had appeared in
+       1.9.14.
+
+    *) Workaround: a response might not be shown by some browsers if HTTP/2
+       was used and client request body was not fully read; the bug had
+       appeared in 1.9.14.
+
+    *) Bugfix: connections might hang when using the "aio threads"
+       directive.
+       Thanks to Mindaugas Rasiukevicius.
+
+
+Changes with nginx 1.9.14                                        05 Apr 2016
+
+    *) Feature: OpenSSL 1.1.0 compatibility.
+
+    *) Feature: the "proxy_request_buffering", "fastcgi_request_buffering",
+       "scgi_request_buffering", and "uwsgi_request_buffering" directives
+       now work with HTTP/2.
+
+    *) Bugfix: "zero size buf in output" alerts might appear in logs when
+       using HTTP/2.
+
+    *) Bugfix: the "client_max_body_size" directive might work incorrectly
+       when using HTTP/2.
+
+    *) Bugfix: of minor bugs in logging.
+
+
+Changes with nginx 1.9.13                                        29 Mar 2016
+
+    *) Change: non-idempotent requests (POST, LOCK, PATCH) are no longer
+       passed to the next server by default if a request has been sent to a
+       backend; the "non_idempotent" parameter of the "proxy_next_upstream"
+       directive explicitly allows retrying such requests.
+
+    *) Feature: the ngx_http_perl_module can be built dynamically.
+
+    *) Feature: UDP support in the stream module.
+
+    *) Feature: the "aio_write" directive.
+
+    *) Feature: now cache manager monitors number of elements in caches and
+       tries to avoid cache keys zone overflows.
+
+    *) Bugfix: "task already active" and "second aio post" alerts might
+       appear in logs when using the "sendfile" and "aio" directives with
+       subrequests.
+
+    *) Bugfix: "zero size buf in output" alerts might appear in logs if
+       caching was used and a client closed a connection prematurely.
+
+    *) Bugfix: connections with clients might be closed needlessly if
+       caching was used.
+       Thanks to Justin Li.
+
+    *) Bugfix: nginx might hog CPU if the "sendfile" directive was used on
+       Linux or Solaris and a file being sent was changed during sending.
+
+    *) Bugfix: connections might hang when using the "sendfile" and "aio
+       threads" directives.
+
+    *) Bugfix: in the "proxy_pass", "fastcgi_pass", "scgi_pass", and
+       "uwsgi_pass" directives when using variables.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: in the ngx_http_sub_filter_module.
+
+    *) Bugfix: if an error occurred in a cached backend connection, the
+       request was passed to the next server regardless of the
+       proxy_next_upstream directive.
+
+    *) Bugfix: "CreateFile() failed" errors when creating temporary files on
+       Windows.
+
+
+Changes with nginx 1.9.12                                        24 Feb 2016
+
+    *) Feature: Huffman encoding of response headers in HTTP/2.
+       Thanks to Vlad Krasnov.
+
+    *) Feature: the "worker_cpu_affinity" directive now supports more than
+       64 CPUs.
+
+    *) Bugfix: compatibility with 3rd party C++ modules; the bug had
+       appeared in 1.9.11.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: nginx could not be built statically with OpenSSL on Linux;
+       the bug had appeared in 1.9.11.
+
+    *) Bugfix: the "add_header ... always" directive with an empty value did
+       not delete "Last-Modified" and "ETag" header lines from error
+       responses.
+
+    *) Workaround: "called a function you should not call" and "shutdown
+       while in init" messages might appear in logs when using OpenSSL
+       1.0.2f.
+
+    *) Bugfix: invalid headers might be logged incorrectly.
+
+    *) Bugfix: socket leak when using HTTP/2.
+
+    *) Bugfix: in the ngx_http_v2_module.
+
+
+Changes with nginx 1.9.11                                        09 Feb 2016
+
+    *) Feature: TCP support in resolver.
+
+    *) Feature: dynamic modules.
+
+    *) Bugfix: the $request_length variable did not include size of request
+       headers when using HTTP/2.
+
+    *) Bugfix: in the ngx_http_v2_module.
+
+
+Changes with nginx 1.9.10                                        26 Jan 2016
 
     *) Security: invalid pointer dereference might occur during DNS server
        response processing if the "resolver" directive was used, allowing an
@@ -17,12 +154,133 @@ Changes with nginx 1.8.1                                         26 Jan 2016
        trigger arbitrary name resolution to cause excessive resource
        consumption in worker processes (CVE-2016-0747).
 
+    *) Feature: the "auto" parameter of the "worker_cpu_affinity" directive.
+
     *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
-       not work if not specified in the first "listen" directive for a
-       listen socket.
+       not work with IPv6 listen sockets.
 
-    *) Bugfix: nginx might fail to start on some old Linux variants; the bug
-       had appeared in 1.7.11.
+    *) Bugfix: connections to upstream servers might be cached incorrectly
+       when using the "keepalive" directive.
+
+    *) Bugfix: proxying used the HTTP method of the original request after
+       an "X-Accel-Redirect" redirection.
+
+
+Changes with nginx 1.9.9                                         09 Dec 2015
+
+    *) Bugfix: proxying to unix domain sockets did not work when using
+       variables; the bug had appeared in 1.9.8.
+
+
+Changes with nginx 1.9.8                                         08 Dec 2015
+
+    *) Feature: pwritev() support.
+
+    *) Feature: the "include" directive inside the "upstream" block.
+
+    *) Feature: the ngx_http_slice_module.
+
+    *) Bugfix: a segmentation fault might occur in a worker process when
+       using LibreSSL; the bug had appeared in 1.9.6.
+
+    *) Bugfix: nginx could not be built on OS X in some cases.
+
+
+Changes with nginx 1.9.7                                         17 Nov 2015
+
+    *) Feature: the "nohostname" parameter of logging to syslog.
+
+    *) Feature: the "proxy_cache_convert_head" directive.
+
+    *) Feature: the $realip_remote_addr variable in the
+       ngx_http_realip_module.
+
+    *) Bugfix: the "expires" directive might not work when using variables.
+
+    *) Bugfix: a segmentation fault might occur in a worker process when
+       using HTTP/2; the bug had appeared in 1.9.6.
+
+    *) Bugfix: if nginx was built with the ngx_http_v2_module it was
+       possible to use the HTTP/2 protocol even if the "http2" parameter of
+       the "listen" directive was not specified.
+
+    *) Bugfix: in the ngx_http_v2_module.
+
+
+Changes with nginx 1.9.6                                         27 Oct 2015
+
+    *) Bugfix: a segmentation fault might occur in a worker process when
+       using HTTP/2.
+       Thanks to Piotr Sikora and Denis Andzakovic.
+
+    *) Bugfix: the $server_protocol variable was empty when using HTTP/2.
+
+    *) Bugfix: backend SSL connections in the stream module might be timed
+       out unexpectedly.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if
+       different ssl_session_cache settings were used in different virtual
+       servers.
+
+    *) Bugfix: nginx/Windows could not be built with MinGW gcc; the bug had
+       appeared in 1.9.4.
+       Thanks to Kouhei Sutou.
+
+    *) Bugfix: time was not updated when the timer_resolution directive was
+       used on Windows.
+
+    *) Miscellaneous minor fixes and improvements.
+       Thanks to Markus Linnala, Kurtis Nusbaum and Piotr Sikora.
+
+
+Changes with nginx 1.9.5                                         22 Sep 2015
+
+    *) Feature: the ngx_http_v2_module (replaces ngx_http_spdy_module).
+       Thanks to Dropbox and Automattic for sponsoring this work.
+
+    *) Change: now the "output_buffers" directive uses two buffers by
+       default.
+
+    *) Change: now nginx limits subrequests recursion, not simultaneous
+       subrequests.
+
+    *) Change: now nginx checks the whole cache key when returning a
+       response from cache.
+       Thanks to Gena Makhomed and Sergey Brester.
+
+    *) Bugfix: "header already sent" alerts might appear in logs when using
+       cache; the bug had appeared in 1.7.5.
+
+    *) Bugfix: "writev() failed (4: Interrupted system call)" errors might
+       appear in logs when using CephFS and the "timer_resolution" directive
+       on Linux.
+
+    *) Bugfix: in invalid configurations handling.
+       Thanks to Markus Linnala.
+
+    *) Bugfix: a segmentation fault occurred in a worker process if the
+       "sub_filter" directive was used at http level; the bug had appeared
+       in 1.9.4.
+
+
+Changes with nginx 1.9.4                                         18 Aug 2015
+
+    *) Change: the "proxy_downstream_buffer" and "proxy_upstream_buffer"
+       directives of the stream module are replaced with the
+       "proxy_buffer_size" directive.
+
+    *) Feature: the "tcp_nodelay" directive in the stream module.
+
+    *) Feature: multiple "sub_filter" directives can be used simultaneously.
+
+    *) Feature: variables support in the search string of the "sub_filter"
+       directive.
+
+    *) Workaround: configuration testing might fail under Linux OpenVZ.
+       Thanks to Gena Makhomed.
+
+    *) Bugfix: old worker processes might hog CPU after reconfiguration with
+       a large number of worker_connections.
 
     *) Bugfix: a segmentation fault might occur in a worker process if the
        "try_files" and "alias" directives were used inside a location given
@@ -32,23 +290,103 @@ Changes with nginx 1.8.1                                         26 Jan 2016
        regular expression worked incorrectly if the "alias" directive was
        used in the outer location.
 
-    *) Bugfix: "header already sent" alerts might appear in logs when using
-       cache; the bug had appeared in 1.7.5.
+    *) Bugfix: in hash table initialization error handling.
 
-    *) Bugfix: a segmentation fault might occur in a worker process if
-       different ssl_session_cache settings were used in different virtual
-       servers.
+    *) Bugfix: nginx could not be built with Visual Studio 2015.
 
-    *) Bugfix: the "expires" directive might not work when using variables.
 
-    *) Bugfix: if nginx was built with the ngx_http_spdy_module it was
-       possible to use the SPDY protocol even if the "spdy" parameter of the
-       "listen" directive was not specified.
+Changes with nginx 1.9.3                                         14 Jul 2015
+
+    *) Change: duplicate "http", "mail", and "stream" blocks are now
+       disallowed.
+
+    *) Feature: connection limiting in the stream module.
+
+    *) Feature: data rate limiting in the stream module.
+
+    *) Bugfix: the "zone" directive inside the "upstream" block did not work
+       on Windows.
+
+    *) Bugfix: compatibility with LibreSSL in the stream module.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: in the "--builddir" configure parameter.
+       Thanks to Piotr Sikora.
+
+    *) Bugfix: the "ssl_stapling_file" directive did not work; the bug had
+       appeared in 1.9.2.
+       Thanks to Faidon Liambotis and Brandon Black.
+
+    *) Bugfix: a segmentation fault might occur in a worker process if the
+       "ssl_stapling" directive was used; the bug had appeared in 1.9.2.
+       Thanks to Matthew Baldwin.
+
+
+Changes with nginx 1.9.2                                         16 Jun 2015
+
+    *) Feature: the "backlog" parameter of the "listen" directives of the
+       mail proxy and stream modules.
+
+    *) Feature: the "allow" and "deny" directives in the stream module.
+
+    *) Feature: the "proxy_bind" directive in the stream module.
+
+    *) Feature: the "proxy_protocol" directive in the stream module.
+
+    *) Feature: the -T switch.
+
+    *) Feature: the REQUEST_SCHEME parameter added to the fastcgi.conf,
+       fastcgi_params, scgi_params, and uwsgi_params standard configuration
+       files.
+
+    *) Bugfix: the "reuseport" parameter of the "listen" directive of the
+       stream module did not work.
 
+    *) Bugfix: OCSP stapling might return an expired OCSP response in some
+       cases.
 
-Changes with nginx 1.8.0                                         21 Apr 2015
 
-    *) 1.8.x stable branch.
+Changes with nginx 1.9.1                                         26 May 2015
+
+    *) Change: now SSLv3 protocol is disabled by default.
+
+    *) Change: some long deprecated directives are not supported anymore.
+
+    *) Feature: the "reuseport" parameter of the "listen" directive.
+       Thanks to Yingqi Lu at Intel and Sepherosa Ziehau.
+
+    *) Feature: the $upstream_connect_time variable.
+
+    *) Bugfix: in the "hash" directive on big-endian platforms.
+
+    *) Bugfix: nginx might fail to start on some old Linux variants; the bug
+       had appeared in 1.7.11.
+
+    *) Bugfix: in IP address parsing.
+       Thanks to Sergey Polovko.
+
+
+Changes with nginx 1.9.0                                         28 Apr 2015
+
+    *) Change: obsolete aio and rtsig event methods have been removed.
+
+    *) Feature: the "zone" directive inside the "upstream" block.
+
+    *) Feature: the stream module.
+
+    *) Feature: byte ranges support in the ngx_http_memcached_module.
+       Thanks to Martin Mlynář.
+
+    *) Feature: shared memory can now be used on Windows versions with
+       address space layout randomization.
+       Thanks to Sergey Brester.
+
+    *) Feature: the "error_log" directive can now be used on mail and server
+       levels in mail proxy.
+
+    *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
+       not work if not specified in the first "listen" directive for a
+       listen socket.
 
 
 Changes with nginx 1.7.12                                        07 Apr 2015
@@ -1476,7 +1814,7 @@ Changes with nginx 1.1.11                                        12 Dec 2011
 
 Changes with nginx 1.1.10                                        30 Nov 2011
 
-    *) Bugfix: a segmentation fault occured in a worker process if AIO was
+    *) Bugfix: a segmentation fault occurred in a worker process if AIO was
        used on Linux; the bug had appeared in 1.1.9.
 
 
@@ -1585,7 +1923,7 @@ Changes with nginx 1.1.6                                         17 Oct 2011
        sent to it after fail_timeout; the server will be considered alive if
        it will successfully respond to the request.
 
-    *) Change: now the 0x7F-0x1F characters are escaped as \xXX in an
+    *) Change: now the 0x7F-0xFF characters are escaped as \xXX in an
        access_log.
 
     *) Feature: "proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support
@@ -1753,7 +2091,7 @@ Changes with nginx 1.1.0                                         01 Aug 2011
        and proxies to an HTTPS backend.
        Thanks to Maxim Dounin.
 
-    *) Bugfix: in parameter validaiton of a "proxy_pass" directive with
+    *) Bugfix: in parameter validation of a "proxy_pass" directive with
        variables.
        Thanks to Lanshun Zhou.
 
@@ -4518,7 +4856,7 @@ Changes with nginx 0.5.22                                        29 May 2007
 Changes with nginx 0.5.21                                        28 May 2007
 
     *) Bugfix: if server has more than about ten locations, then regex
-       locations might be choosen not in that order as they were specified.
+       locations might be chosen not in that order as they were specified.
 
     *) Bugfix: a worker process may got caught in an endless loop on 64-bit
        platform, if the 33-rd or next in succession backend has failed.
@@ -4604,7 +4942,7 @@ Changes with nginx 0.5.17                                        02 Apr 2007
 
     *) Bugfix: in the HTTPS protocol in the "proxy_pass" directive.
 
-    *) Bugfix: in some cases non-cachable variables (such as $uri variable)
+    *) Bugfix: in some cases non-cacheable variables (such as $uri variable)
        returned old cached value.
 
 
@@ -4629,7 +4967,7 @@ Changes with nginx 0.5.16                                        26 Mar 2007
 Changes with nginx 0.5.15                                        19 Mar 2007
 
     *) Feature: the mail proxy supports authenticated SMTP proxying and the
-       "smtp_auth", "smtp_capablities", and "xclient" directives.
+       "smtp_auth", "smtp_capabilities", and "xclient" directives.
        Thanks to Anton Yuzhaninov and Maxim Dounin.
 
     *) Feature: now the keep-alive connections are closed just after
@@ -5730,7 +6068,7 @@ Changes with nginx 0.3.21                                        16 Jan 2006
 
     *) Feature: the ngx_http_perl_module.
 
-    *) Change: the "valid_referers" directive allows the referreres without
+    *) Change: the "valid_referers" directive allows the referrers without
        URI part.
 
 
@@ -5830,7 +6168,7 @@ Changes with nginx 0.3.15                                        07 Dec 2005
     *) Feature: the "so_keepalive" directive in IMAP/POP3 proxy.
 
     *) Bugfix: if there are unclosed connection nginx now calls abort() only
-       on gracefull quit and active "debug_points" directive.
+       on graceful quit and active "debug_points" directive.
 
 
 Changes with nginx 0.3.14                                        05 Dec 2005
@@ -6371,7 +6709,7 @@ Changes with nginx 0.1.37                                        23 Jun 2005
     *) Bugfix: the responses may be transferred not completely, if many
        parts or the big parts were included by SSI.
 
-    *) Bugfix: if all backends had returned the 404 reponse and the
+    *) Bugfix: if all backends had returned the 404 response and the
        "http_404" parameter of the "proxy_next_upstream" or
        "fastcgi_next_upstream" directives was used, then nginx started to
        request all backends again.