nginxtra 1.6.2.9 → 1.6.3.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/bin/nginxtra +1 -1
- data/bin/nginxtra_rails +1 -1
- data/lib/nginxtra/version.rb +1 -1
- data/vendor/nginx/CHANGES +19 -0
- data/vendor/nginx/CHANGES.ru +20 -0
- data/vendor/nginx/auto/unix +1 -0
- data/vendor/nginx/src/core/nginx.h +2 -2
- data/vendor/nginx/src/core/ngx_config.h +3 -0
- data/vendor/nginx/src/core/ngx_hash.c +2 -0
- data/vendor/nginx/src/core/ngx_inet.c +6 -2
- data/vendor/nginx/src/core/ngx_parse.c +52 -28
- data/vendor/nginx/src/core/ngx_resolver.c +4 -4
- data/vendor/nginx/src/core/ngx_shmtx.c +2 -1
- data/vendor/nginx/src/core/ngx_string.c +57 -42
- data/vendor/nginx/src/event/ngx_event_openssl.c +3 -0
- data/vendor/nginx/src/http/modules/ngx_http_range_filter_module.c +12 -1
- data/vendor/nginx/src/http/ngx_http_core_module.c +4 -0
- data/vendor/nginx/src/http/ngx_http_parse.c +8 -4
- data/vendor/nginx/src/http/ngx_http_request.c +2 -3
- data/vendor/nginx/src/http/ngx_http_spdy.c +51 -1
- metadata +7 -7
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: e338693c750971840d0bcf3da11efcdd38c8a9e1
|
4
|
+
data.tar.gz: cf0e2d1e77948f5b66166bef332dc1d5e49ea2ad
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: c56f914b6b2cfbd2afc3852b0f7a2ffe97cfc936dc1558b32e4fd405c33724e96aa0016114acf058a84bce449fb7a67be57c20c486385436ac33699acac77d78
|
7
|
+
data.tar.gz: 7a0c4bf60a30eb597f3e71978d2436325387ea81076aa2c706d441b7bb870d800796b2739eb25c7ccc7480ed67ce711a94513495fdc2711a9a09adcf5a200cf3
|
data/bin/nginxtra
CHANGED
data/bin/nginxtra_rails
CHANGED
data/lib/nginxtra/version.rb
CHANGED
data/vendor/nginx/CHANGES
CHANGED
@@ -1,4 +1,23 @@
|
|
1
1
|
|
2
|
+
Changes with nginx 1.6.3 07 Apr 2015
|
3
|
+
|
4
|
+
*) Feature: now the "tcp_nodelay" directive works with SPDY connections.
|
5
|
+
|
6
|
+
*) Bugfix: in error handling.
|
7
|
+
Thanks to Yichun Zhang and Daniil Bondarev.
|
8
|
+
|
9
|
+
*) Bugfix: alerts "header already sent" appeared in logs if the
|
10
|
+
"post_action" directive was used; the bug had appeared in 1.5.4.
|
11
|
+
|
12
|
+
*) Bugfix: alerts "sem_post() failed" might appear in logs.
|
13
|
+
|
14
|
+
*) Bugfix: in hash table handling.
|
15
|
+
Thanks to Chris West.
|
16
|
+
|
17
|
+
*) Bugfix: in integer overflow handling.
|
18
|
+
Thanks to Régis Leroy.
|
19
|
+
|
20
|
+
|
2
21
|
Changes with nginx 1.6.2 16 Sep 2014
|
3
22
|
|
4
23
|
*) Security: it was possible to reuse SSL sessions in unrelated contexts
|
data/vendor/nginx/CHANGES.ru
CHANGED
@@ -1,4 +1,24 @@
|
|
1
1
|
|
2
|
+
Изменения в nginx 1.6.3 07.04.2015
|
3
|
+
|
4
|
+
*) Добавление: теперь директива tcp_nodelay работает для
|
5
|
+
SPDY-соединений.
|
6
|
+
|
7
|
+
*) Исправление: в обработке ошибок.
|
8
|
+
Спасибо Yichun Zhang и Даниилу Бондареву.
|
9
|
+
|
10
|
+
*) Исправление: при использовании директивы post_action в лог писались
|
11
|
+
сообщения "header already sent"; ошибка появилась в nginx 1.5.4.
|
12
|
+
|
13
|
+
*) Исправление: в лог могли писаться сообщения "sem_post() failed".
|
14
|
+
|
15
|
+
*) Исправление: в обработке хэш-таблиц.
|
16
|
+
Спасибо Chris West.
|
17
|
+
|
18
|
+
*) Исправление: в обработке целочисленных переполнений.
|
19
|
+
Спасибо Régis Leroy.
|
20
|
+
|
21
|
+
|
2
22
|
Изменения в nginx 1.6.2 16.09.2014
|
3
23
|
|
4
24
|
*) Безопасность: при использовании общего для нескольких блоков server
|
data/vendor/nginx/auto/unix
CHANGED
@@ -489,6 +489,7 @@ ngx_param=NGX_OFF_T_LEN; ngx_value=$ngx_max_len; . auto/types/value
|
|
489
489
|
ngx_type="time_t"; . auto/types/sizeof
|
490
490
|
ngx_param=NGX_TIME_T_SIZE; ngx_value=$ngx_size; . auto/types/value
|
491
491
|
ngx_param=NGX_TIME_T_LEN; ngx_value=$ngx_max_len; . auto/types/value
|
492
|
+
ngx_param=NGX_MAX_TIME_T_VALUE; ngx_value=$ngx_max_value; . auto/types/value
|
492
493
|
|
493
494
|
|
494
495
|
# syscalls, libc calls and some features
|
@@ -85,8 +85,11 @@ typedef intptr_t ngx_flag_t;
|
|
85
85
|
|
86
86
|
#if (NGX_PTR_SIZE == 4)
|
87
87
|
#define NGX_INT_T_LEN NGX_INT32_LEN
|
88
|
+
#define NGX_MAX_INT_T_VALUE 2147483647
|
89
|
+
|
88
90
|
#else
|
89
91
|
#define NGX_INT_T_LEN NGX_INT64_LEN
|
92
|
+
#define NGX_MAX_INT_T_VALUE 9223372036854775807
|
90
93
|
#endif
|
91
94
|
|
92
95
|
|
@@ -312,6 +312,8 @@ ngx_hash_init(ngx_hash_init_t *hinit, ngx_hash_key_t *names, ngx_uint_t nelts)
|
|
312
312
|
continue;
|
313
313
|
}
|
314
314
|
|
315
|
+
size = hinit->max_size;
|
316
|
+
|
315
317
|
ngx_log_error(NGX_LOG_WARN, hinit->pool->log, 0,
|
316
318
|
"could not build optimal %s, you should increase "
|
317
319
|
"either %s_max_size: %i or %s_bucket_size: %i; "
|
@@ -27,6 +27,10 @@ ngx_inet_addr(u_char *text, size_t len)
|
|
27
27
|
|
28
28
|
for (p = text; p < text + len; p++) {
|
29
29
|
|
30
|
+
if (octet > 255) {
|
31
|
+
return INADDR_NONE;
|
32
|
+
}
|
33
|
+
|
30
34
|
c = *p;
|
31
35
|
|
32
36
|
if (c >= '0' && c <= '9') {
|
@@ -34,7 +38,7 @@ ngx_inet_addr(u_char *text, size_t len)
|
|
34
38
|
continue;
|
35
39
|
}
|
36
40
|
|
37
|
-
if (c == '.'
|
41
|
+
if (c == '.') {
|
38
42
|
addr = (addr << 8) + octet;
|
39
43
|
octet = 0;
|
40
44
|
n++;
|
@@ -44,7 +48,7 @@ ngx_inet_addr(u_char *text, size_t len)
|
|
44
48
|
return INADDR_NONE;
|
45
49
|
}
|
46
50
|
|
47
|
-
if (n == 3
|
51
|
+
if (n == 3) {
|
48
52
|
addr = (addr << 8) + octet;
|
49
53
|
return htonl(addr);
|
50
54
|
}
|
@@ -12,10 +12,9 @@
|
|
12
12
|
ssize_t
|
13
13
|
ngx_parse_size(ngx_str_t *line)
|
14
14
|
{
|
15
|
-
u_char
|
16
|
-
size_t
|
17
|
-
ssize_t
|
18
|
-
ngx_int_t scale;
|
15
|
+
u_char unit;
|
16
|
+
size_t len;
|
17
|
+
ssize_t size, scale, max;
|
19
18
|
|
20
19
|
len = line->len;
|
21
20
|
unit = line->data[len - 1];
|
@@ -24,21 +23,24 @@ ngx_parse_size(ngx_str_t *line)
|
|
24
23
|
case 'K':
|
25
24
|
case 'k':
|
26
25
|
len--;
|
26
|
+
max = NGX_MAX_SIZE_T_VALUE / 1024;
|
27
27
|
scale = 1024;
|
28
28
|
break;
|
29
29
|
|
30
30
|
case 'M':
|
31
31
|
case 'm':
|
32
32
|
len--;
|
33
|
+
max = NGX_MAX_SIZE_T_VALUE / (1024 * 1024);
|
33
34
|
scale = 1024 * 1024;
|
34
35
|
break;
|
35
36
|
|
36
37
|
default:
|
38
|
+
max = NGX_MAX_SIZE_T_VALUE;
|
37
39
|
scale = 1;
|
38
40
|
}
|
39
41
|
|
40
42
|
size = ngx_atosz(line->data, len);
|
41
|
-
if (size == NGX_ERROR) {
|
43
|
+
if (size == NGX_ERROR || size > max) {
|
42
44
|
return NGX_ERROR;
|
43
45
|
}
|
44
46
|
|
@@ -51,10 +53,9 @@ ngx_parse_size(ngx_str_t *line)
|
|
51
53
|
off_t
|
52
54
|
ngx_parse_offset(ngx_str_t *line)
|
53
55
|
{
|
54
|
-
u_char
|
55
|
-
off_t
|
56
|
-
size_t
|
57
|
-
ngx_int_t scale;
|
56
|
+
u_char unit;
|
57
|
+
off_t offset, scale, max;
|
58
|
+
size_t len;
|
58
59
|
|
59
60
|
len = line->len;
|
60
61
|
unit = line->data[len - 1];
|
@@ -63,27 +64,31 @@ ngx_parse_offset(ngx_str_t *line)
|
|
63
64
|
case 'K':
|
64
65
|
case 'k':
|
65
66
|
len--;
|
67
|
+
max = NGX_MAX_OFF_T_VALUE / 1024;
|
66
68
|
scale = 1024;
|
67
69
|
break;
|
68
70
|
|
69
71
|
case 'M':
|
70
72
|
case 'm':
|
71
73
|
len--;
|
74
|
+
max = NGX_MAX_OFF_T_VALUE / (1024 * 1024);
|
72
75
|
scale = 1024 * 1024;
|
73
76
|
break;
|
74
77
|
|
75
78
|
case 'G':
|
76
79
|
case 'g':
|
77
80
|
len--;
|
81
|
+
max = NGX_MAX_OFF_T_VALUE / (1024 * 1024 * 1024);
|
78
82
|
scale = 1024 * 1024 * 1024;
|
79
83
|
break;
|
80
84
|
|
81
85
|
default:
|
86
|
+
max = NGX_MAX_OFF_T_VALUE;
|
82
87
|
scale = 1;
|
83
88
|
}
|
84
89
|
|
85
90
|
offset = ngx_atoof(line->data, len);
|
86
|
-
if (offset == NGX_ERROR) {
|
91
|
+
if (offset == NGX_ERROR || offset > max) {
|
87
92
|
return NGX_ERROR;
|
88
93
|
}
|
89
94
|
|
@@ -98,7 +103,8 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
98
103
|
{
|
99
104
|
u_char *p, *last;
|
100
105
|
ngx_int_t value, total, scale;
|
101
|
-
|
106
|
+
ngx_int_t max, cutoff, cutlim;
|
107
|
+
ngx_uint_t valid;
|
102
108
|
enum {
|
103
109
|
st_start = 0,
|
104
110
|
st_year,
|
@@ -115,8 +121,9 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
115
121
|
valid = 0;
|
116
122
|
value = 0;
|
117
123
|
total = 0;
|
124
|
+
cutoff = NGX_MAX_INT_T_VALUE / 10;
|
125
|
+
cutlim = NGX_MAX_INT_T_VALUE % 10;
|
118
126
|
step = is_sec ? st_start : st_month;
|
119
|
-
scale = is_sec ? 1 : 1000;
|
120
127
|
|
121
128
|
p = line->data;
|
122
129
|
last = p + line->len;
|
@@ -124,6 +131,10 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
124
131
|
while (p < last) {
|
125
132
|
|
126
133
|
if (*p >= '0' && *p <= '9') {
|
134
|
+
if (value >= cutoff && (value > cutoff || *p - '0' > cutlim)) {
|
135
|
+
return NGX_ERROR;
|
136
|
+
}
|
137
|
+
|
127
138
|
value = value * 10 + (*p++ - '0');
|
128
139
|
valid = 1;
|
129
140
|
continue;
|
@@ -136,7 +147,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
136
147
|
return NGX_ERROR;
|
137
148
|
}
|
138
149
|
step = st_year;
|
139
|
-
max =
|
150
|
+
max = NGX_MAX_INT_T_VALUE / (60 * 60 * 24 * 365);
|
140
151
|
scale = 60 * 60 * 24 * 365;
|
141
152
|
break;
|
142
153
|
|
@@ -145,7 +156,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
145
156
|
return NGX_ERROR;
|
146
157
|
}
|
147
158
|
step = st_month;
|
148
|
-
max =
|
159
|
+
max = NGX_MAX_INT_T_VALUE / (60 * 60 * 24 * 30);
|
149
160
|
scale = 60 * 60 * 24 * 30;
|
150
161
|
break;
|
151
162
|
|
@@ -154,7 +165,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
154
165
|
return NGX_ERROR;
|
155
166
|
}
|
156
167
|
step = st_week;
|
157
|
-
max =
|
168
|
+
max = NGX_MAX_INT_T_VALUE / (60 * 60 * 24 * 7);
|
158
169
|
scale = 60 * 60 * 24 * 7;
|
159
170
|
break;
|
160
171
|
|
@@ -163,7 +174,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
163
174
|
return NGX_ERROR;
|
164
175
|
}
|
165
176
|
step = st_day;
|
166
|
-
max =
|
177
|
+
max = NGX_MAX_INT_T_VALUE / (60 * 60 * 24);
|
167
178
|
scale = 60 * 60 * 24;
|
168
179
|
break;
|
169
180
|
|
@@ -172,7 +183,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
172
183
|
return NGX_ERROR;
|
173
184
|
}
|
174
185
|
step = st_hour;
|
175
|
-
max =
|
186
|
+
max = NGX_MAX_INT_T_VALUE / (60 * 60);
|
176
187
|
scale = 60 * 60;
|
177
188
|
break;
|
178
189
|
|
@@ -183,7 +194,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
183
194
|
}
|
184
195
|
p++;
|
185
196
|
step = st_msec;
|
186
|
-
max =
|
197
|
+
max = NGX_MAX_INT_T_VALUE;
|
187
198
|
scale = 1;
|
188
199
|
break;
|
189
200
|
}
|
@@ -192,7 +203,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
192
203
|
return NGX_ERROR;
|
193
204
|
}
|
194
205
|
step = st_min;
|
195
|
-
max =
|
206
|
+
max = NGX_MAX_INT_T_VALUE / 60;
|
196
207
|
scale = 60;
|
197
208
|
break;
|
198
209
|
|
@@ -201,7 +212,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
201
212
|
return NGX_ERROR;
|
202
213
|
}
|
203
214
|
step = st_sec;
|
204
|
-
max =
|
215
|
+
max = NGX_MAX_INT_T_VALUE;
|
205
216
|
scale = 1;
|
206
217
|
break;
|
207
218
|
|
@@ -210,7 +221,7 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
210
221
|
return NGX_ERROR;
|
211
222
|
}
|
212
223
|
step = st_last;
|
213
|
-
max =
|
224
|
+
max = NGX_MAX_INT_T_VALUE;
|
214
225
|
scale = 1;
|
215
226
|
break;
|
216
227
|
|
@@ -223,27 +234,40 @@ ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec)
|
|
223
234
|
max /= 1000;
|
224
235
|
}
|
225
236
|
|
226
|
-
if (
|
237
|
+
if (value > max) {
|
227
238
|
return NGX_ERROR;
|
228
239
|
}
|
229
240
|
|
230
|
-
|
241
|
+
value *= scale;
|
231
242
|
|
232
|
-
if (
|
243
|
+
if (total > NGX_MAX_INT_T_VALUE - value) {
|
233
244
|
return NGX_ERROR;
|
234
245
|
}
|
235
246
|
|
247
|
+
total += value;
|
248
|
+
|
236
249
|
value = 0;
|
237
|
-
scale = is_sec ? 1 : 1000;
|
238
250
|
|
239
251
|
while (p < last && *p == ' ') {
|
240
252
|
p++;
|
241
253
|
}
|
242
254
|
}
|
243
255
|
|
244
|
-
if (valid) {
|
245
|
-
return
|
256
|
+
if (!valid) {
|
257
|
+
return NGX_ERROR;
|
258
|
+
}
|
259
|
+
|
260
|
+
if (!is_sec) {
|
261
|
+
if (value > NGX_MAX_INT_T_VALUE / 1000) {
|
262
|
+
return NGX_ERROR;
|
263
|
+
}
|
264
|
+
|
265
|
+
value *= 1000;
|
266
|
+
}
|
267
|
+
|
268
|
+
if (total > NGX_MAX_INT_T_VALUE - value) {
|
269
|
+
return NGX_ERROR;
|
246
270
|
}
|
247
271
|
|
248
|
-
return
|
272
|
+
return total + value;
|
249
273
|
}
|
@@ -1568,8 +1568,6 @@ ngx_resolver_process_a(ngx_resolver_t *r, u_char *buf, size_t last,
|
|
1568
1568
|
|
1569
1569
|
ngx_rbtree_delete(&r->name_rbtree, &rn->node);
|
1570
1570
|
|
1571
|
-
ngx_resolver_free_node(r, rn);
|
1572
|
-
|
1573
1571
|
/* unlock name mutex */
|
1574
1572
|
|
1575
1573
|
while (next) {
|
@@ -1580,6 +1578,8 @@ ngx_resolver_process_a(ngx_resolver_t *r, u_char *buf, size_t last,
|
|
1580
1578
|
ctx->handler(ctx);
|
1581
1579
|
}
|
1582
1580
|
|
1581
|
+
ngx_resolver_free_node(r, rn);
|
1582
|
+
|
1583
1583
|
return;
|
1584
1584
|
}
|
1585
1585
|
|
@@ -2143,8 +2143,6 @@ valid:
|
|
2143
2143
|
|
2144
2144
|
ngx_rbtree_delete(tree, &rn->node);
|
2145
2145
|
|
2146
|
-
ngx_resolver_free_node(r, rn);
|
2147
|
-
|
2148
2146
|
/* unlock addr mutex */
|
2149
2147
|
|
2150
2148
|
while (next) {
|
@@ -2155,6 +2153,8 @@ valid:
|
|
2155
2153
|
ctx->handler(ctx);
|
2156
2154
|
}
|
2157
2155
|
|
2156
|
+
ngx_resolver_free_node(r, rn);
|
2157
|
+
|
2158
2158
|
return;
|
2159
2159
|
}
|
2160
2160
|
|
@@ -101,6 +101,7 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
|
|
101
101
|
(void) ngx_atomic_fetch_add(mtx->wait, 1);
|
102
102
|
|
103
103
|
if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
|
104
|
+
(void) ngx_atomic_fetch_add(mtx->wait, -1);
|
104
105
|
return;
|
105
106
|
}
|
106
107
|
|
@@ -174,7 +175,7 @@ ngx_shmtx_wakeup(ngx_shmtx_t *mtx)
|
|
174
175
|
|
175
176
|
wait = *mtx->wait;
|
176
177
|
|
177
|
-
if (wait
|
178
|
+
if ((ngx_atomic_int_t) wait <= 0) {
|
178
179
|
return;
|
179
180
|
}
|
180
181
|
|
@@ -897,26 +897,28 @@ ngx_filename_cmp(u_char *s1, u_char *s2, size_t n)
|
|
897
897
|
ngx_int_t
|
898
898
|
ngx_atoi(u_char *line, size_t n)
|
899
899
|
{
|
900
|
-
ngx_int_t value;
|
900
|
+
ngx_int_t value, cutoff, cutlim;
|
901
901
|
|
902
902
|
if (n == 0) {
|
903
903
|
return NGX_ERROR;
|
904
904
|
}
|
905
905
|
|
906
|
+
cutoff = NGX_MAX_INT_T_VALUE / 10;
|
907
|
+
cutlim = NGX_MAX_INT_T_VALUE % 10;
|
908
|
+
|
906
909
|
for (value = 0; n--; line++) {
|
907
910
|
if (*line < '0' || *line > '9') {
|
908
911
|
return NGX_ERROR;
|
909
912
|
}
|
910
913
|
|
914
|
+
if (value >= cutoff && (value > cutoff || *line - '0' > cutlim)) {
|
915
|
+
return NGX_ERROR;
|
916
|
+
}
|
917
|
+
|
911
918
|
value = value * 10 + (*line - '0');
|
912
919
|
}
|
913
920
|
|
914
|
-
|
915
|
-
return NGX_ERROR;
|
916
|
-
|
917
|
-
} else {
|
918
|
-
return value;
|
919
|
-
}
|
921
|
+
return value;
|
920
922
|
}
|
921
923
|
|
922
924
|
|
@@ -925,13 +927,16 @@ ngx_atoi(u_char *line, size_t n)
|
|
925
927
|
ngx_int_t
|
926
928
|
ngx_atofp(u_char *line, size_t n, size_t point)
|
927
929
|
{
|
928
|
-
ngx_int_t value;
|
930
|
+
ngx_int_t value, cutoff, cutlim;
|
929
931
|
ngx_uint_t dot;
|
930
932
|
|
931
933
|
if (n == 0) {
|
932
934
|
return NGX_ERROR;
|
933
935
|
}
|
934
936
|
|
937
|
+
cutoff = NGX_MAX_INT_T_VALUE / 10;
|
938
|
+
cutlim = NGX_MAX_INT_T_VALUE % 10;
|
939
|
+
|
935
940
|
dot = 0;
|
936
941
|
|
937
942
|
for (value = 0; n--; line++) {
|
@@ -953,98 +958,107 @@ ngx_atofp(u_char *line, size_t n, size_t point)
|
|
953
958
|
return NGX_ERROR;
|
954
959
|
}
|
955
960
|
|
961
|
+
if (value >= cutoff && (value > cutoff || *line - '0' > cutlim)) {
|
962
|
+
return NGX_ERROR;
|
963
|
+
}
|
964
|
+
|
956
965
|
value = value * 10 + (*line - '0');
|
957
966
|
point -= dot;
|
958
967
|
}
|
959
968
|
|
960
969
|
while (point--) {
|
970
|
+
if (value > cutoff) {
|
971
|
+
return NGX_ERROR;
|
972
|
+
}
|
973
|
+
|
961
974
|
value = value * 10;
|
962
975
|
}
|
963
976
|
|
964
|
-
|
965
|
-
return NGX_ERROR;
|
966
|
-
|
967
|
-
} else {
|
968
|
-
return value;
|
969
|
-
}
|
977
|
+
return value;
|
970
978
|
}
|
971
979
|
|
972
980
|
|
973
981
|
ssize_t
|
974
982
|
ngx_atosz(u_char *line, size_t n)
|
975
983
|
{
|
976
|
-
ssize_t value;
|
984
|
+
ssize_t value, cutoff, cutlim;
|
977
985
|
|
978
986
|
if (n == 0) {
|
979
987
|
return NGX_ERROR;
|
980
988
|
}
|
981
989
|
|
990
|
+
cutoff = NGX_MAX_SIZE_T_VALUE / 10;
|
991
|
+
cutlim = NGX_MAX_SIZE_T_VALUE % 10;
|
992
|
+
|
982
993
|
for (value = 0; n--; line++) {
|
983
994
|
if (*line < '0' || *line > '9') {
|
984
995
|
return NGX_ERROR;
|
985
996
|
}
|
986
997
|
|
998
|
+
if (value >= cutoff && (value > cutoff || *line - '0' > cutlim)) {
|
999
|
+
return NGX_ERROR;
|
1000
|
+
}
|
1001
|
+
|
987
1002
|
value = value * 10 + (*line - '0');
|
988
1003
|
}
|
989
1004
|
|
990
|
-
|
991
|
-
return NGX_ERROR;
|
992
|
-
|
993
|
-
} else {
|
994
|
-
return value;
|
995
|
-
}
|
1005
|
+
return value;
|
996
1006
|
}
|
997
1007
|
|
998
1008
|
|
999
1009
|
off_t
|
1000
1010
|
ngx_atoof(u_char *line, size_t n)
|
1001
1011
|
{
|
1002
|
-
off_t value;
|
1012
|
+
off_t value, cutoff, cutlim;
|
1003
1013
|
|
1004
1014
|
if (n == 0) {
|
1005
1015
|
return NGX_ERROR;
|
1006
1016
|
}
|
1007
1017
|
|
1018
|
+
cutoff = NGX_MAX_OFF_T_VALUE / 10;
|
1019
|
+
cutlim = NGX_MAX_OFF_T_VALUE % 10;
|
1020
|
+
|
1008
1021
|
for (value = 0; n--; line++) {
|
1009
1022
|
if (*line < '0' || *line > '9') {
|
1010
1023
|
return NGX_ERROR;
|
1011
1024
|
}
|
1012
1025
|
|
1026
|
+
if (value >= cutoff && (value > cutoff || *line - '0' > cutlim)) {
|
1027
|
+
return NGX_ERROR;
|
1028
|
+
}
|
1029
|
+
|
1013
1030
|
value = value * 10 + (*line - '0');
|
1014
1031
|
}
|
1015
1032
|
|
1016
|
-
|
1017
|
-
return NGX_ERROR;
|
1018
|
-
|
1019
|
-
} else {
|
1020
|
-
return value;
|
1021
|
-
}
|
1033
|
+
return value;
|
1022
1034
|
}
|
1023
1035
|
|
1024
1036
|
|
1025
1037
|
time_t
|
1026
1038
|
ngx_atotm(u_char *line, size_t n)
|
1027
1039
|
{
|
1028
|
-
time_t value;
|
1040
|
+
time_t value, cutoff, cutlim;
|
1029
1041
|
|
1030
1042
|
if (n == 0) {
|
1031
1043
|
return NGX_ERROR;
|
1032
1044
|
}
|
1033
1045
|
|
1046
|
+
cutoff = NGX_MAX_TIME_T_VALUE / 10;
|
1047
|
+
cutlim = NGX_MAX_TIME_T_VALUE % 10;
|
1048
|
+
|
1034
1049
|
for (value = 0; n--; line++) {
|
1035
1050
|
if (*line < '0' || *line > '9') {
|
1036
1051
|
return NGX_ERROR;
|
1037
1052
|
}
|
1038
1053
|
|
1054
|
+
if (value >= cutoff && (value > cutoff || *line - '0' > cutlim)) {
|
1055
|
+
return NGX_ERROR;
|
1056
|
+
}
|
1057
|
+
|
1039
1058
|
value = value * 10 + (*line - '0');
|
1040
1059
|
}
|
1041
1060
|
|
1042
|
-
|
1043
|
-
return NGX_ERROR;
|
1044
|
-
|
1045
|
-
} else {
|
1046
|
-
return value;
|
1047
|
-
}
|
1061
|
+
return value;
|
1048
1062
|
}
|
1049
1063
|
|
1050
1064
|
|
@@ -1052,13 +1066,19 @@ ngx_int_t
|
|
1052
1066
|
ngx_hextoi(u_char *line, size_t n)
|
1053
1067
|
{
|
1054
1068
|
u_char c, ch;
|
1055
|
-
ngx_int_t value;
|
1069
|
+
ngx_int_t value, cutoff;
|
1056
1070
|
|
1057
1071
|
if (n == 0) {
|
1058
1072
|
return NGX_ERROR;
|
1059
1073
|
}
|
1060
1074
|
|
1075
|
+
cutoff = NGX_MAX_INT_T_VALUE / 16;
|
1076
|
+
|
1061
1077
|
for (value = 0; n--; line++) {
|
1078
|
+
if (value > cutoff) {
|
1079
|
+
return NGX_ERROR;
|
1080
|
+
}
|
1081
|
+
|
1062
1082
|
ch = *line;
|
1063
1083
|
|
1064
1084
|
if (ch >= '0' && ch <= '9') {
|
@@ -1076,12 +1096,7 @@ ngx_hextoi(u_char *line, size_t n)
|
|
1076
1096
|
return NGX_ERROR;
|
1077
1097
|
}
|
1078
1098
|
|
1079
|
-
|
1080
|
-
return NGX_ERROR;
|
1081
|
-
|
1082
|
-
} else {
|
1083
|
-
return value;
|
1084
|
-
}
|
1099
|
+
return value;
|
1085
1100
|
}
|
1086
1101
|
|
1087
1102
|
|
@@ -1613,6 +1613,9 @@ ngx_ssl_connection_error(ngx_connection_t *c, int sslerr, ngx_err_t err,
|
|
1613
1613
|
#endif
|
1614
1614
|
#ifdef SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING
|
1615
1615
|
|| n == SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING /* 345 */
|
1616
|
+
#endif
|
1617
|
+
#ifdef SSL_R_INAPPROPRIATE_FALLBACK
|
1618
|
+
|| n == SSL_R_INAPPROPRIATE_FALLBACK /* 373 */
|
1616
1619
|
#endif
|
1617
1620
|
|| n == 1000 /* SSL_R_SSLV3_ALERT_CLOSE_NOTIFY */
|
1618
1621
|
|| n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE /* 1010 */
|
@@ -274,7 +274,7 @@ ngx_http_range_parse(ngx_http_request_t *r, ngx_http_range_filter_ctx_t *ctx,
|
|
274
274
|
ngx_uint_t ranges)
|
275
275
|
{
|
276
276
|
u_char *p;
|
277
|
-
off_t start, end, size, content_length;
|
277
|
+
off_t start, end, size, content_length, cutoff, cutlim;
|
278
278
|
ngx_uint_t suffix;
|
279
279
|
ngx_http_range_t *range;
|
280
280
|
|
@@ -282,6 +282,9 @@ ngx_http_range_parse(ngx_http_request_t *r, ngx_http_range_filter_ctx_t *ctx,
|
|
282
282
|
size = 0;
|
283
283
|
content_length = r->headers_out.content_length_n;
|
284
284
|
|
285
|
+
cutoff = NGX_MAX_OFF_T_VALUE / 10;
|
286
|
+
cutlim = NGX_MAX_OFF_T_VALUE % 10;
|
287
|
+
|
285
288
|
for ( ;; ) {
|
286
289
|
start = 0;
|
287
290
|
end = 0;
|
@@ -295,6 +298,10 @@ ngx_http_range_parse(ngx_http_request_t *r, ngx_http_range_filter_ctx_t *ctx,
|
|
295
298
|
}
|
296
299
|
|
297
300
|
while (*p >= '0' && *p <= '9') {
|
301
|
+
if (start >= cutoff && (start > cutoff || *p - '0' > cutlim)) {
|
302
|
+
return NGX_HTTP_RANGE_NOT_SATISFIABLE;
|
303
|
+
}
|
304
|
+
|
298
305
|
start = start * 10 + *p++ - '0';
|
299
306
|
}
|
300
307
|
|
@@ -321,6 +328,10 @@ ngx_http_range_parse(ngx_http_request_t *r, ngx_http_range_filter_ctx_t *ctx,
|
|
321
328
|
}
|
322
329
|
|
323
330
|
while (*p >= '0' && *p <= '9') {
|
331
|
+
if (end >= cutoff && (end > cutoff || *p - '0' > cutlim)) {
|
332
|
+
return NGX_HTTP_RANGE_NOT_SATISFIABLE;
|
333
|
+
}
|
334
|
+
|
324
335
|
end = end * 10 + *p++ - '0';
|
325
336
|
}
|
326
337
|
|
@@ -1935,6 +1935,10 @@ ngx_http_send_response(ngx_http_request_t *r, ngx_uint_t status,
|
|
1935
1935
|
ngx_int_t
|
1936
1936
|
ngx_http_send_header(ngx_http_request_t *r)
|
1937
1937
|
{
|
1938
|
+
if (r->post_action) {
|
1939
|
+
return NGX_OK;
|
1940
|
+
}
|
1941
|
+
|
1938
1942
|
if (r->header_sent) {
|
1939
1943
|
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
|
1940
1944
|
"header already sent");
|
@@ -2104,6 +2104,10 @@ ngx_http_parse_chunked(ngx_http_request_t *r, ngx_buf_t *b,
|
|
2104
2104
|
goto invalid;
|
2105
2105
|
|
2106
2106
|
case sw_chunk_size:
|
2107
|
+
if (ctx->size > NGX_MAX_OFF_T_VALUE / 16) {
|
2108
|
+
goto invalid;
|
2109
|
+
}
|
2110
|
+
|
2107
2111
|
if (ch >= '0' && ch <= '9') {
|
2108
2112
|
ctx->size = ctx->size * 16 + (ch - '0');
|
2109
2113
|
break;
|
@@ -2253,6 +2257,10 @@ data:
|
|
2253
2257
|
ctx->state = state;
|
2254
2258
|
b->pos = pos;
|
2255
2259
|
|
2260
|
+
if (ctx->size > NGX_MAX_OFF_T_VALUE - 5) {
|
2261
|
+
goto invalid;
|
2262
|
+
}
|
2263
|
+
|
2256
2264
|
switch (state) {
|
2257
2265
|
|
2258
2266
|
case sw_chunk_start:
|
@@ -2289,10 +2297,6 @@ data:
|
|
2289
2297
|
|
2290
2298
|
}
|
2291
2299
|
|
2292
|
-
if (ctx->size < 0 || ctx->length < 0) {
|
2293
|
-
goto invalid;
|
2294
|
-
}
|
2295
|
-
|
2296
2300
|
return rc;
|
2297
2301
|
|
2298
2302
|
done:
|
@@ -1227,12 +1227,11 @@ ngx_http_process_request_headers(ngx_event_t *rev)
|
|
1227
1227
|
|
1228
1228
|
if (len > NGX_MAX_ERROR_STR - 300) {
|
1229
1229
|
len = NGX_MAX_ERROR_STR - 300;
|
1230
|
-
p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
|
1231
1230
|
}
|
1232
1231
|
|
1233
1232
|
ngx_log_error(NGX_LOG_INFO, c->log, 0,
|
1234
|
-
|
1235
|
-
|
1233
|
+
"client sent too long header line: \"%*s...\"",
|
1234
|
+
len, r->header_name_start);
|
1236
1235
|
|
1237
1236
|
ngx_http_finalize_request(r,
|
1238
1237
|
NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
|
@@ -3156,8 +3156,10 @@ ngx_http_spdy_close_stream_handler(ngx_event_t *ev)
|
|
3156
3156
|
void
|
3157
3157
|
ngx_http_spdy_close_stream(ngx_http_spdy_stream_t *stream, ngx_int_t rc)
|
3158
3158
|
{
|
3159
|
+
int tcp_nodelay;
|
3159
3160
|
ngx_event_t *ev;
|
3160
|
-
ngx_connection_t *fc;
|
3161
|
+
ngx_connection_t *c, *fc;
|
3162
|
+
ngx_http_core_loc_conf_t *clcf;
|
3161
3163
|
ngx_http_spdy_stream_t **index, *s;
|
3162
3164
|
ngx_http_spdy_srv_conf_t *sscf;
|
3163
3165
|
ngx_http_spdy_connection_t *sc;
|
@@ -3183,6 +3185,54 @@ ngx_http_spdy_close_stream(ngx_http_spdy_stream_t *stream, ngx_int_t rc)
|
|
3183
3185
|
{
|
3184
3186
|
sc->connection->error = 1;
|
3185
3187
|
}
|
3188
|
+
|
3189
|
+
} else {
|
3190
|
+
c = sc->connection;
|
3191
|
+
|
3192
|
+
if (c->tcp_nopush == NGX_TCP_NOPUSH_SET) {
|
3193
|
+
if (ngx_tcp_push(c->fd) == -1) {
|
3194
|
+
ngx_connection_error(c, ngx_socket_errno,
|
3195
|
+
ngx_tcp_push_n " failed");
|
3196
|
+
c->error = 1;
|
3197
|
+
tcp_nodelay = 0;
|
3198
|
+
|
3199
|
+
} else {
|
3200
|
+
c->tcp_nopush = NGX_TCP_NOPUSH_UNSET;
|
3201
|
+
tcp_nodelay = ngx_tcp_nodelay_and_tcp_nopush ? 1 : 0;
|
3202
|
+
}
|
3203
|
+
|
3204
|
+
} else {
|
3205
|
+
tcp_nodelay = 1;
|
3206
|
+
}
|
3207
|
+
|
3208
|
+
clcf = ngx_http_get_module_loc_conf(stream->request,
|
3209
|
+
ngx_http_core_module);
|
3210
|
+
|
3211
|
+
if (tcp_nodelay
|
3212
|
+
&& clcf->tcp_nodelay
|
3213
|
+
&& c->tcp_nodelay == NGX_TCP_NODELAY_UNSET)
|
3214
|
+
{
|
3215
|
+
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "tcp_nodelay");
|
3216
|
+
|
3217
|
+
if (setsockopt(c->fd, IPPROTO_TCP, TCP_NODELAY,
|
3218
|
+
(const void *) &tcp_nodelay, sizeof(int))
|
3219
|
+
== -1)
|
3220
|
+
{
|
3221
|
+
#if (NGX_SOLARIS)
|
3222
|
+
/* Solaris returns EINVAL if a socket has been shut down */
|
3223
|
+
c->log_error = NGX_ERROR_IGNORE_EINVAL;
|
3224
|
+
#endif
|
3225
|
+
|
3226
|
+
ngx_connection_error(c, ngx_socket_errno,
|
3227
|
+
"setsockopt(TCP_NODELAY) failed");
|
3228
|
+
|
3229
|
+
c->log_error = NGX_ERROR_INFO;
|
3230
|
+
c->error = 1;
|
3231
|
+
|
3232
|
+
} else {
|
3233
|
+
c->tcp_nodelay = NGX_TCP_NODELAY_SET;
|
3234
|
+
}
|
3235
|
+
}
|
3186
3236
|
}
|
3187
3237
|
|
3188
3238
|
if (sc->stream == stream) {
|
metadata
CHANGED
@@ -1,27 +1,27 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: nginxtra
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.6.
|
4
|
+
version: 1.6.3.9
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Mike Virata-Stone
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2015-04-09 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: thor
|
15
15
|
requirement: !ruby/object:Gem::Requirement
|
16
16
|
requirements:
|
17
|
-
- -
|
17
|
+
- - ~>
|
18
18
|
- !ruby/object:Gem::Version
|
19
19
|
version: '0.16'
|
20
20
|
type: :runtime
|
21
21
|
prerelease: false
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
23
23
|
requirements:
|
24
|
-
- -
|
24
|
+
- - ~>
|
25
25
|
- !ruby/object:Gem::Version
|
26
26
|
version: '0.16'
|
27
27
|
description: This gem is intended to provide an easy to use configuration file that
|
@@ -433,17 +433,17 @@ require_paths:
|
|
433
433
|
- lib
|
434
434
|
required_ruby_version: !ruby/object:Gem::Requirement
|
435
435
|
requirements:
|
436
|
-
- -
|
436
|
+
- - '>='
|
437
437
|
- !ruby/object:Gem::Version
|
438
438
|
version: '0'
|
439
439
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
440
440
|
requirements:
|
441
|
-
- -
|
441
|
+
- - '>='
|
442
442
|
- !ruby/object:Gem::Version
|
443
443
|
version: '0'
|
444
444
|
requirements: []
|
445
445
|
rubyforge_project:
|
446
|
-
rubygems_version: 2.
|
446
|
+
rubygems_version: 2.0.3
|
447
447
|
signing_key:
|
448
448
|
specification_version: 4
|
449
449
|
summary: Wrapper of nginx for easy install and use.
|