[-]
[+]
|
Changed |
nginx.spec
|
|
[-]
[+]
|
Deleted |
nginx-1.7.3.tar.gz/auto/lib/zlib/patch.zlib.h
^
|
@@ -1,10 +0,0 @@
---- zlib.h Thu Jul 9 20:06:56 1998
-+++ zlib-1.1.3/zlib.h Tue Mar 22 13:41:04 2005
-@@ -709,7 +709,6 @@
- (0 in case of error).
- */
-
--ZEXTERN int ZEXPORTVA gzprintf OF((gzFile file, const char *format, ...));
- /*
- Converts, formats, and writes the args to the compressed file under
- control of the format string, as in fprintf. gzprintf returns the number of
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/CHANGES
^
|
@@ -1,4 +1,41 @@
+Changes with nginx 1.7.4 05 Aug 2014
+
+ *) Security: pipelined commands were not discarded after STARTTLS
+ command in SMTP proxy (CVE-2014-3556); the bug had appeared in 1.5.6.
+ Thanks to Chris Boulton.
+
+ *) Change: URI escaping now uses uppercase hexadecimal digits.
+ Thanks to Piotr Sikora.
+
+ *) Feature: now nginx can be build with BoringSSL and LibreSSL.
+ Thanks to Piotr Sikora.
+
+ *) Bugfix: requests might hang if resolver was used and a DNS server
+ returned a malformed response; the bug had appeared in 1.5.8.
+
+ *) Bugfix: in the ngx_http_spdy_module.
+ Thanks to Piotr Sikora.
+
+ *) Bugfix: the $uri variable might contain garbage when returning errors
+ with code 400.
+ Thanks to Sergey Bobrov.
+
+ *) Bugfix: in error handling in the "proxy_store" directive and the
+ ngx_http_dav_module.
+ Thanks to Feng Gu.
+
+ *) Bugfix: a segmentation fault might occur if logging of errors to
+ syslog was used; the bug had appeared in 1.7.1.
+
+ *) Bugfix: the $geoip_latitude, $geoip_longitude, $geoip_dma_code, and
+ $geoip_area_code variables might not work.
+ Thanks to Yichun Zhang.
+
+ *) Bugfix: in memory allocation error handling.
+ Thanks to Tatsuhiko Kubo and Piotr Sikora.
+
+
Changes with nginx 1.7.3 08 Jul 2014
*) Feature: weak entity tags are now preserved on response
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/CHANGES.ru
^
|
@@ -1,4 +1,43 @@
+Изменения в nginx 1.7.4 05.08.2014
+
+ *) Безопасность: pipelined-команды не отбрасывались после команды
+ STARTTLS в SMTP прокси-сервере (CVE-2014-3556); ошибка появилась в
+ 1.5.6.
+ Спасибо Chris Boulton.
+
+ *) Изменение: экранирование символов в URI теперь использует
+ шестнадцатеричные цифры в верхнем регистре.
+ Спасибо Piotr Sikora.
+
+ *) Добавление: теперь nginx можно собрать с BoringSSL и LibreSSL.
+ Спасибо Piotr Sikora.
+
+ *) Исправление: запросы могли зависать, если использовался resolver и
+ DNS-сервер возвращал некорректный ответ; ошибка появилась в 1.5.8.
+
+ *) Исправление: в модуле ngx_http_spdy_module.
+ Спасибо Piotr Sikora.
+
+ *) Исправление: переменная $uri могла содержать мусор при возврате
+ ошибок с кодом 400.
+ Спасибо Сергею Боброву.
+
+ *) Исправление: в обработке ошибок в директиве proxy_store и в модуле
+ ngx_http_dav_module.
+ Спасибо Feng Gu.
+
+ *) Исправление: при логгировании ошибок в syslog мог происходить
+ segmentation fault; ошибка появилась в 1.7.1.
+
+ *) Исправление: переменные $geoip_latitude, $geoip_longitude,
+ $geoip_dma_code и $geoip_area_code могли не работать.
+ Спасибо Yichun Zhang.
+
+ *) Исправление: в обработке ошибок выделения памяти.
+ Спасибо Tatsuhiko Kubo и Piotr Sikora.
+
+
Изменения в nginx 1.7.3 08.07.2014
*) Добавление: weak entity tags теперь не удаляются при изменениях
@@ -1614,7 +1653,7 @@
Изменения в nginx 0.9.2 06.12.2010
*) Добавление: поддержка строки "If-Unmodified-Since" в заголовке
- запросе клиента.
+ запроса клиента.
*) Изменение: использование accept(), если accept4() не реализован;
ошибка появилась в 0.9.0.
@@ -3562,7 +3601,7 @@
Изменения в nginx 0.6.31 12.05.2008
*) Исправление: nginx не обрабатывал ответ FastCGI-сервера, если строка
- заголовка ответ была в конце записи FastCGI; ошибка появилась в
+ заголовка ответа была в конце записи FastCGI; ошибка появилась в
0.6.2.
Спасибо Сергею Серову.
@@ -4638,7 +4677,7 @@
*) Добавление: директива ip_hash в блоке upstream.
- *) Добавление: статус WAIT в строке "Auth-Status" в заголовка ответа
+ *) Добавление: статус WAIT в строке "Auth-Status" в заголовке ответа
сервера аутентификации IMAP/POP3 прокси.
*) Исправление: nginx не собирался на 64-битных платформах; ошибка
@@ -6123,7 +6162,7 @@
Изменения в nginx 0.1.36 15.06.2005
- *) Изменение: если в заголовке запросе есть дублирующиеся строки "Host",
+ *) Изменение: если в заголовке запроса есть дублирующиеся строки "Host",
"Connection", "Content-Length" и "Authorization", то nginx теперь
выдаёт ошибку 400.
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/nginx.h
^
|
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1007003
-#define NGINX_VERSION "1.7.3"
+#define nginx_version 1007004
+#define NGINX_VERSION "1.7.4"
#define NGINX_VER "nginx/" NGINX_VERSION
#ifdef NGX_BUILD
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/ngx_conf_file.c
^
|
@@ -781,6 +781,9 @@
file.len = name.len++;
file.data = ngx_pstrdup(cf->pool, &name);
+ if (file.data == NULL) {
+ return NGX_CONF_ERROR;
+ }
ngx_log_debug1(NGX_LOG_DEBUG_CORE, cf->log, 0, "include %s", file.data);
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/ngx_log.c
^
|
@@ -387,20 +387,22 @@
return NGX_ERROR;
}
- log->log_level = NGX_LOG_ERR;
- ngx_log_insert(&cycle->new_log, log);
-
} else {
/* no error logs at all */
log = &cycle->new_log;
- log->log_level = NGX_LOG_ERR;
}
+ log->log_level = NGX_LOG_ERR;
+
log->file = ngx_conf_open_file(cycle, &error_log);
if (log->file == NULL) {
return NGX_ERROR;
}
+ if (log != &cycle->new_log) {
+ ngx_log_insert(&cycle->new_log, log);
+ }
+
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/ngx_log.h
^
|
@@ -248,7 +248,7 @@
static ngx_inline void
ngx_write_stderr(char *text)
{
- (void) ngx_write_fd(ngx_stderr, text, strlen(text));
+ (void) ngx_write_fd(ngx_stderr, text, ngx_strlen(text));
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/ngx_resolver.c
^
|
@@ -1467,7 +1467,6 @@
goto failed;
}
- rn->naddrs6 = 0;
qident = (rn->query6[0] << 8) + rn->query6[1];
break;
@@ -1482,7 +1481,6 @@
goto failed;
}
- rn->naddrs = 0;
qident = (rn->query[0] << 8) + rn->query[1];
}
@@ -1507,6 +1505,8 @@
case NGX_RESOLVE_AAAA:
+ rn->naddrs6 = 0;
+
if (rn->naddrs == (u_short) -1) {
goto next;
}
@@ -1519,6 +1519,8 @@
default: /* NGX_RESOLVE_A */
+ rn->naddrs = 0;
+
if (rn->naddrs6 == (u_short) -1) {
goto next;
}
@@ -1539,6 +1541,8 @@
case NGX_RESOLVE_AAAA:
+ rn->naddrs6 = 0;
+
if (rn->naddrs == (u_short) -1) {
rn->code = (u_char) code;
goto next;
@@ -1548,6 +1552,8 @@
default: /* NGX_RESOLVE_A */
+ rn->naddrs = 0;
+
if (rn->naddrs6 == (u_short) -1) {
rn->code = (u_char) code;
goto next;
@@ -1817,6 +1823,25 @@
}
}
+ switch (qtype) {
+
+#if (NGX_HAVE_INET6)
+ case NGX_RESOLVE_AAAA:
+
+ if (rn->naddrs6 == (u_short) -1) {
+ rn->naddrs6 = 0;
+ }
+
+ break;
+#endif
+
+ default: /* NGX_RESOLVE_A */
+
+ if (rn->naddrs == (u_short) -1) {
+ rn->naddrs = 0;
+ }
+ }
+
if (rn->naddrs != (u_short) -1
#if (NGX_HAVE_INET6)
&& rn->naddrs6 != (u_short) -1
@@ -2722,8 +2747,7 @@
}
if (len == -1) {
- name->len = 0;
- name->data = NULL;
+ ngx_str_null(name);
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/ngx_slab.c
^
|
@@ -160,7 +160,7 @@
ngx_uint_t i, slot, shift, map;
ngx_slab_page_t *page, *prev, *slots;
- if (size >= ngx_slab_max_size) {
+ if (size > ngx_slab_max_size) {
ngx_log_debug1(NGX_LOG_DEBUG_ALLOC, ngx_cycle->log, 0,
"slab alloc: %uz", size);
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/core/ngx_string.c
^
|
@@ -1407,7 +1407,7 @@
{
ngx_uint_t n;
uint32_t *escape;
- static u_char hex[] = "0123456789abcdef";
+ static u_char hex[] = "0123456789ABCDEF";
/* " ", "#", "%", "?", %00-%1F, %7F-%FF */
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/event/ngx_event_openssl.c
^
|
@@ -50,7 +50,7 @@
HMAC_CTX *hctx, int enc);
#endif
-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if (OPENSSL_VERSION_NUMBER < 0x10002002L || defined LIBRESSL_VERSION_NUMBER)
static ngx_int_t ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *str);
#endif
@@ -106,7 +106,9 @@
ngx_int_t
ngx_ssl_init(ngx_log_t *log)
{
+#ifndef OPENSSL_IS_BORINGSSL
OPENSSL_config(NULL);
+#endif
SSL_library_init();
SSL_load_error_strings();
@@ -217,7 +219,10 @@
SSL_CTX_set_options(ssl->ctx, SSL_OP_MSIE_SSLV2_RSA_PADDING);
#endif
+#ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG
SSL_CTX_set_options(ssl->ctx, SSL_OP_SSLEAY_080_CLIENT_DH_BUG);
+#endif
+
SSL_CTX_set_options(ssl->ctx, SSL_OP_TLS_D5_BUG);
SSL_CTX_set_options(ssl->ctx, SSL_OP_TLS_BLOCK_PADDING_BUG);
@@ -382,8 +387,13 @@
if (--tries) {
n = ERR_peek_error();
+#ifdef OPENSSL_IS_BORINGSSL
+ if (ERR_GET_LIB(n) == ERR_LIB_CIPHER
+ && ERR_GET_REASON(n) == CIPHER_R_BAD_DECRYPT)
+#else
if (ERR_GET_LIB(n) == ERR_LIB_EVP
&& ERR_GET_REASON(n) == EVP_R_BAD_DECRYPT)
+#endif
{
ERR_clear_error();
SSL_CTX_set_default_passwd_cb_userdata(ssl->ctx, ++pwd);
@@ -588,7 +598,7 @@
ngx_log_debug5(NGX_LOG_DEBUG_EVENT, c->log, 0,
"verify:%d, error:%d, depth:%d, "
- "subject:\"%s\",issuer: \"%s\"",
+ "subject:\"%s\", issuer:\"%s\"",
ok, err, depth, subject, issuer);
if (sname) {
@@ -652,12 +662,18 @@
{
static RSA *key;
- if (key_length == 512) {
- if (key == NULL) {
- key = RSA_generate_key(512, RSA_F4, NULL, NULL);
- }
+ if (key_length != 512) {
+ return NULL;
+ }
+
+#ifndef OPENSSL_NO_DEPRECATED
+
+ if (key == NULL) {
+ key = RSA_generate_key(512, RSA_F4, NULL, NULL);
}
+#endif
+
return key;
}
@@ -2072,9 +2088,10 @@
ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess)
{
int len;
- u_char *p, *id, *cached_sess;
+ u_char *p, *id, *cached_sess, *session_id;
uint32_t hash;
SSL_CTX *ssl_ctx;
+ unsigned int session_id_length;
ngx_shm_zone_t *shm_zone;
ngx_connection_t *c;
ngx_slab_pool_t *shpool;
@@ -2137,13 +2154,24 @@
}
}
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+
+ session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length);
+
+#else
+
+ session_id = sess->session_id;
+ session_id_length = sess->session_id_length;
+
+#endif
+
#if (NGX_PTR_SIZE == 8)
id = sess_id->sess_id;
#else
- id = ngx_slab_alloc_locked(shpool, sess->session_id_length);
+ id = ngx_slab_alloc_locked(shpool, session_id_length);
if (id == NULL) {
@@ -2151,7 +2179,7 @@
ngx_ssl_expire_sessions(cache, shpool, 0);
- id = ngx_slab_alloc_locked(shpool, sess->session_id_length);
+ id = ngx_slab_alloc_locked(shpool, session_id_length);
if (id == NULL) {
goto failed;
@@ -2162,16 +2190,16 @@
ngx_memcpy(cached_sess, buf, len);
- ngx_memcpy(id, sess->session_id, sess->session_id_length);
+ ngx_memcpy(id, session_id, session_id_length);
- hash = ngx_crc32_short(sess->session_id, sess->session_id_length);
+ hash = ngx_crc32_short(session_id, session_id_length);
ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0,
- "ssl new session: %08XD:%d:%d",
- hash, sess->session_id_length, len);
+ "ssl new session: %08XD:%ud:%d",
+ hash, session_id_length, len);
sess_id->node.key = hash;
- sess_id->node.data = (u_char) sess->session_id_length;
+ sess_id->node.data = (u_char) session_id_length;
sess_id->id = id;
sess_id->len = len;
sess_id->session = cached_sess;
@@ -2319,10 +2347,10 @@
static void
ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess)
{
- size_t len;
u_char *id;
uint32_t hash;
ngx_int_t rc;
+ unsigned int len;
ngx_shm_zone_t *shm_zone;
ngx_slab_pool_t *shpool;
ngx_rbtree_node_t *node, *sentinel;
@@ -2337,13 +2365,21 @@
cache = shm_zone->data;
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+
+ id = (u_char *) SSL_SESSION_get_id(sess, &len);
+
+#else
+
id = sess->session_id;
- len = (size_t) sess->session_id_length;
+ len = sess->session_id_length;
+
+#endif
hash = ngx_crc32_short(id, len);
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0,
- "ssl remove session: %08XD:%uz", hash, len);
+ "ssl remove session: %08XD:%ud", hash, len);
shpool = (ngx_slab_pool_t *) shm_zone->shm.addr;
@@ -2638,7 +2674,7 @@
EVP_EncryptInit_ex(ectx, EVP_aes_128_cbc(), NULL, key[0].aes_key, iv);
HMAC_Init_ex(hctx, key[0].hmac_key, 16,
ngx_ssl_session_ticket_md(), NULL);
- memcpy(name, key[0].name, 16);
+ ngx_memcpy(name, key[0].name, 16);
return 0;
@@ -2707,7 +2743,7 @@
return NGX_ERROR;
}
-#if OPENSSL_VERSION_NUMBER >= 0x10002001L
+#if (OPENSSL_VERSION_NUMBER >= 0x10002002L && !defined LIBRESSL_VERSION_NUMBER)
/* X509_check_host() is only available in OpenSSL 1.0.2+ */
@@ -2715,7 +2751,7 @@
goto failed;
}
- if (X509_check_host(cert, name->data, name->len, 0) != 1) {
+ if (X509_check_host(cert, (char *) name->data, name->len, 0, NULL) != 1) {
ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0,
"X509_check_host(): no match");
goto failed;
@@ -2824,7 +2860,7 @@
}
-#if OPENSSL_VERSION_NUMBER < 0x10002001L
+#if (OPENSSL_VERSION_NUMBER < 0x10002002L || defined LIBRESSL_VERSION_NUMBER)
static ngx_int_t
ngx_ssl_check_name(ngx_str_t *name, ASN1_STRING *pattern)
@@ -2885,9 +2921,9 @@
ngx_int_t
ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
- int len;
- u_char *buf;
- SSL_SESSION *sess;
+ u_char *buf;
+ SSL_SESSION *sess;
+ unsigned int len;
sess = SSL_get0_session(c->ssl->connection);
if (sess == NULL) {
@@ -2895,9 +2931,17 @@
return NGX_OK;
}
+#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
+
+ buf = (u_char *) SSL_SESSION_get_id(sess, &len);
+
+#else
+
buf = sess->session_id;
len = sess->session_id_length;
+#endif
+
s->len = 2 * len;
s->data = ngx_pnalloc(pool, 2 * len);
if (s->data == NULL) {
@@ -3245,6 +3289,8 @@
static char *
ngx_openssl_engine(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
+#ifndef OPENSSL_NO_ENGINE
+
ngx_openssl_conf_t *oscf = conf;
ENGINE *engine;
@@ -3279,6 +3325,12 @@
ENGINE_free(engine);
return NGX_CONF_OK;
+
+#else
+
+ return "is not supported";
+
+#endif
}
@@ -3286,5 +3338,7 @@
ngx_openssl_exit(ngx_cycle_t *cycle)
{
EVP_cleanup();
+#ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup();
+#endif
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/event/ngx_event_openssl.h
^
|
@@ -14,10 +14,21 @@
#include <openssl/ssl.h>
#include <openssl/err.h>
+#include <openssl/bn.h>
#include <openssl/conf.h>
+#include <openssl/crypto.h>
+#include <openssl/dh.h>
+#ifndef OPENSSL_NO_ENGINE
#include <openssl/engine.h>
+#endif
#include <openssl/evp.h>
+#ifndef OPENSSL_NO_OCSP
#include <openssl/ocsp.h>
+#endif
+#include <openssl/rand.h>
+#include <openssl/rsa.h>
+#include <openssl/x509.h>
+#include <openssl/x509v3.h>
#define NGX_SSL_NAME "OpenSSL"
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/event/ngx_event_openssl_stapling.c
^
|
@@ -11,7 +11,7 @@
#include <ngx_event_connect.h>
-#ifdef SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB
+#if (!defined OPENSSL_NO_OCSP && defined SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB)
typedef struct {
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_dav_module.c
^
|
@@ -212,7 +212,10 @@
return;
}
- ngx_http_map_uri_to_path(r, &path, &root, 0);
+ if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
+ ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return;
+ }
path.len--;
@@ -320,7 +323,9 @@
ok:
- ngx_http_map_uri_to_path(r, &path, &root, 0);
+ if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http delete filename: \"%s\"", path.data);
@@ -488,6 +493,9 @@
}
p = ngx_http_map_uri_to_path(r, &path, &root, 0);
+ if (p == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
*(p - 1) = '\0';
r->uri.len--;
@@ -666,7 +674,9 @@
overwrite_done:
- ngx_http_map_uri_to_path(r, &path, &root, 0);
+ if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http copy from: \"%s\"", path.data);
@@ -674,7 +684,9 @@
uri = r->uri;
r->uri = duri;
- ngx_http_map_uri_to_path(r, ©.path, &root, 0);
+ if (ngx_http_map_uri_to_path(r, ©.path, &root, 0) == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
r->uri = uri;
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_geo_module.c
^
|
@@ -1470,7 +1470,7 @@
vv = (ngx_http_variable_value_t *) (base + sizeof(ngx_http_geo_header_t));
- while(vv->data) {
+ while (vv->data) {
len = ngx_align(sizeof(ngx_http_variable_value_t) + vv->len,
sizeof(void *));
ngx_crc32_update(&crc32, (u_char *) vv, len);
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_geoip_module.c
^
|
@@ -553,6 +553,9 @@
val = *(float *) ((char *) gr + data);
v->len = ngx_sprintf(v->data, "%.4f", val) - v->data;
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
GeoIPRecord_delete(gr);
@@ -582,6 +585,9 @@
val = *(int *) ((char *) gr + data);
v->len = ngx_sprintf(v->data, "%d", val) - v->data;
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
GeoIPRecord_delete(gr);
@@ -691,7 +697,7 @@
if (cf->args->nelts == 3) {
if (ngx_strcmp(value[2].data, "utf8") == 0) {
- GeoIP_set_charset (gcf->country, GEOIP_CHARSET_UTF8);
+ GeoIP_set_charset(gcf->country, GEOIP_CHARSET_UTF8);
} else {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
@@ -746,7 +752,7 @@
if (cf->args->nelts == 3) {
if (ngx_strcmp(value[2].data, "utf8") == 0) {
- GeoIP_set_charset (gcf->org, GEOIP_CHARSET_UTF8);
+ GeoIP_set_charset(gcf->org, GEOIP_CHARSET_UTF8);
} else {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
@@ -807,7 +813,7 @@
if (cf->args->nelts == 3) {
if (ngx_strcmp(value[2].data, "utf8") == 0) {
- GeoIP_set_charset (gcf->city, GEOIP_CHARSET_UTF8);
+ GeoIP_set_charset(gcf->city, GEOIP_CHARSET_UTF8);
} else {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_memcached_module.c
^
|
@@ -380,11 +380,8 @@
}
h->hash = 1;
- h->key.len = sizeof("Content-Encoding") - 1;
- h->key.data = (u_char *) "Content-Encoding";
- h->value.len = sizeof("gzip") - 1;
- h->value.data = (u_char *) "gzip";
-
+ ngx_str_set(&h->key, "Content-Encoding");
+ ngx_str_set(&h->value, "gzip");
r->headers_out.content_encoding = h;
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_scgi_module.c
^
|
@@ -1645,7 +1645,7 @@
return "is duplicate";
}
- clcf = ngx_http_conf_get_module_loc_conf (cf, ngx_http_core_module);
+ clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
clcf->handler = ngx_http_scgi_handler;
value = cf->args->elts;
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_stub_status_module.c
^
|
@@ -10,18 +10,19 @@
#include <ngx_http.h>
+static ngx_int_t ngx_http_stub_status_handler(ngx_http_request_t *r);
static ngx_int_t ngx_http_stub_status_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_stub_status_add_variables(ngx_conf_t *cf);
+static char *ngx_http_set_stub_status(ngx_conf_t *cf, ngx_command_t *cmd,
+ void *conf);
-static char *ngx_http_set_status(ngx_conf_t *cf, ngx_command_t *cmd,
- void *conf);
static ngx_command_t ngx_http_status_commands[] = {
{ ngx_string("stub_status"),
NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
- ngx_http_set_status,
+ ngx_http_set_stub_status,
0,
0,
NULL },
@@ -30,7 +31,6 @@
};
-
static ngx_http_module_t ngx_http_stub_status_module_ctx = {
ngx_http_stub_status_add_variables, /* preconfiguration */
NULL, /* postconfiguration */
@@ -80,7 +80,8 @@
};
-static ngx_int_t ngx_http_status_handler(ngx_http_request_t *r)
+static ngx_int_t
+ngx_http_stub_status_handler(ngx_http_request_t *r)
{
size_t size;
ngx_int_t rc;
@@ -223,12 +224,13 @@
}
-static char *ngx_http_set_status(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+static char *
+ngx_http_set_stub_status(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
ngx_http_core_loc_conf_t *clcf;
clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
- clcf->handler = ngx_http_status_handler;
+ clcf->handler = ngx_http_stub_status_handler;
return NGX_CONF_OK;
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/modules/ngx_http_uwsgi_module.c
^
|
@@ -1868,7 +1868,7 @@
return "is duplicate";
}
- clcf = ngx_http_conf_get_module_loc_conf (cf, ngx_http_core_module);
+ clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
clcf->handler = ngx_http_uwsgi_handler;
value = cf->args->elts;
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/ngx_http_core_module.c
^
|
@@ -2355,7 +2355,7 @@
p += 4;
while (p < last) {
- switch(*p++) {
+ switch (*p++) {
case ',':
return NGX_OK;
case ';':
@@ -2372,7 +2372,7 @@
quantity:
while (p < last) {
- switch(*p++) {
+ switch (*p++) {
case 'q':
case 'Q':
goto equal;
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/ngx_http_parse.c
^
|
@@ -1287,7 +1287,7 @@
break;
}
- switch(ch) {
+ switch (ch) {
#if (NGX_WIN32)
case '\\':
if (u - 2 >= r->uri.data
@@ -1357,7 +1357,7 @@
break;
}
- switch(ch) {
+ switch (ch) {
#if (NGX_WIN32)
case '\\':
break;
@@ -1400,7 +1400,7 @@
break;
}
- switch(ch) {
+ switch (ch) {
#if (NGX_WIN32)
case '\\':
#endif
@@ -1441,7 +1441,7 @@
break;
}
- switch(ch) {
+ switch (ch) {
#if (NGX_WIN32)
case '\\':
#endif
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/ngx_http_request.c
^
|
@@ -1071,6 +1071,8 @@
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
if (ngx_http_parse_complex_uri(r, cscf->merge_slashes) != NGX_OK) {
+ r->uri.len = 0;
+
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid request");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/ngx_http_spdy.c
^
|
@@ -2584,6 +2584,8 @@
r->header_end = p;
r->header_in->pos = p + 1;
+ r->state = sw_value;
+
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/ngx_http_upstream.c
^
|
@@ -1393,6 +1393,11 @@
rc = ngx_ssl_handshake(c);
if (rc == NGX_AGAIN) {
+
+ if (!c->write->timer_set) {
+ ngx_add_timer(c->write, u->conf->connect_timeout);
+ }
+
c->ssl->handler = ngx_http_upstream_ssl_handshake;
return;
}
@@ -3253,7 +3258,6 @@
|| u->headers_in.content_length_n == tf->offset))
{
ngx_http_upstream_store(r, u);
- u->store = 0;
}
}
}
@@ -3375,7 +3379,9 @@
if (u->conf->store_lengths == NULL) {
- ngx_http_map_uri_to_path(r, &path, &root, 0);
+ if (ngx_http_map_uri_to_path(r, &path, &root, 0) == NULL) {
+ return;
+ }
} else {
if (ngx_http_script_run(r, &path, u->conf->store_lengths->elts, 0,
@@ -3393,6 +3399,8 @@
tf->file.name.data, path.data);
(void) ngx_ext_rename_file(&tf->file.name, &path, &ext);
+
+ u->store = 0;
}
@@ -3441,7 +3449,7 @@
u->peer.tries++;
} else {
- switch(ft_type) {
+ switch (ft_type) {
case NGX_HTTP_UPSTREAM_FT_TIMEOUT:
status = NGX_HTTP_GATEWAY_TIME_OUT;
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/http/ngx_http_upstream_round_robin.c
^
|
@@ -632,9 +632,8 @@
rc = ngx_ssl_set_session(pc->connection, ssl_session);
- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0,
- "set session: %p:%d",
- ssl_session, ssl_session ? ssl_session->references : 0);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
+ "set session: %p", ssl_session);
/* ngx_unlock_mutex(rrp->peers->mutex); */
@@ -657,8 +656,8 @@
return;
}
- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0,
- "save session: %p:%d", ssl_session, ssl_session->references);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
+ "save session: %p", ssl_session);
peer = &rrp->peers->peer[rrp->current];
@@ -672,9 +671,8 @@
if (old_ssl_session) {
- ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0,
- "old session: %p:%d",
- old_ssl_session, old_ssl_session->references);
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
+ "old session: %p", old_ssl_session);
/* TODO: may block */
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/mail/ngx_mail_smtp_handler.c
^
|
@@ -777,6 +777,9 @@
ngx_str_null(&s->smtp_from);
ngx_str_null(&s->smtp_to);
+ s->buffer->pos = s->buffer->start;
+ s->buffer->last = s->buffer->start;
+
c->read->handler = ngx_mail_starttls_handler;
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/misc/ngx_cpp_test_module.cpp
^
|
@@ -1,5 +1,5 @@
-// stub module to test header files' C++ compatibilty
+// stub module to test header files' C++ compatibility
extern "C" {
#include <ngx_config.h>
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/os/unix/ngx_process_cycle.c
^
|
@@ -121,6 +121,10 @@
}
title = ngx_pnalloc(cycle->pool, size);
+ if (title == NULL) {
+ /* fatal */
+ exit(2);
+ }
p = ngx_cpymem(title, master_process, sizeof(master_process) - 1);
for (i = 0; i < ngx_argc; i++) {
|
[-]
[+]
|
Changed |
nginx-1.7.4.tar.gz/src/os/unix/ngx_readv_chain.c
^
|
@@ -10,7 +10,11 @@
#include <ngx_event.h>
-#define NGX_IOVS 16
+#if (IOV_MAX > 64)
+#define NGX_IOVS 64
+#else
+#define NGX_IOVS IOV_MAX
+#endif
#if (NGX_HAVE_KQUEUE)
|
|
Deleted |
openssl-1.0.1h.tar.gz
^
|
|
Added |
openssl-1.0.1i.tar.gz
^
|