[-]
[+]
|
Changed |
nginx.spec
|
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/CHANGES
^
|
@@ -1,4 +1,39 @@
+Changes with nginx 1.4.6 04 Mar 2014
+
+ *) Bugfix: the "client_max_body_size" directive might not work when
+ reading a request body using chunked transfer encoding; the bug had
+ appeared in 1.3.9.
+ Thanks to Lucas Molas.
+
+ *) Bugfix: a segmentation fault might occur in a worker process when
+ proxying WebSocket connections.
+
+
+Changes with nginx 1.4.5 11 Feb 2014
+
+ *) Bugfix: the $ssl_session_id variable contained full session
+ serialized instead of just a session id.
+ Thanks to Ivan Ristić.
+
+ *) Bugfix: client connections might be immediately closed if deferred
+ accept was used; the bug had appeared in 1.3.15.
+
+ *) Bugfix: alerts "zero size buf in output" might appear in logs while
+ proxying; the bug had appeared in 1.3.9.
+
+ *) Bugfix: a segmentation fault might occur in a worker process if the
+ ngx_http_spdy_module was used.
+
+ *) Bugfix: proxied WebSocket connections might hang right after
+ handshake if the select, poll, or /dev/poll methods were used.
+
+ *) Bugfix: a timeout might occur while reading client request body in an
+ SSL connection using chunked transfer encoding.
+
+ *) Bugfix: memory leak in nginx/Windows.
+
+
Changes with nginx 1.4.4 19 Nov 2013
*) Security: a character following an unescaped space in a request line
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/CHANGES.ru
^
|
@@ -1,4 +1,40 @@
+Изменения в nginx 1.4.6 04.03.2014
+
+ *) Исправление: директива client_max_body_size могла не работать при
+ чтении тела запроса с использованием chunked transfer encoding;
+ ошибка появилась в 1.3.9.
+ Спасибо Lucas Molas.
+
+ *) Исправление: при проксировании WebSocket-соединений в рабочем
+ процессе мог произойти segmentation fault.
+
+
+Изменения в nginx 1.4.5 11.02.2014
+
+ *) Исправление: переменная $ssl_session_id содержала всю сессию в
+ сериализованном виде вместо её идентификатора.
+ Спасибо Ivan Ristić.
+
+ *) Исправление: клиентские соединения могли сразу закрываться, если
+ использовался отложенный accept; ошибка появилась в 1.3.15.
+
+ *) Исправление: при проксировании в логах могли появляться сообщения
+ "zero size buf in output"; ошибка появилась в 1.3.9.
+
+ *) Исправление: в рабочем процессе мог произойти segmentation fault,
+ если использовался модуль ngx_http_spdy_module.
+
+ *) Исправление: при использовании методов обработки соединений select,
+ poll и /dev/poll проксируемые WebSocket-соединения могли зависать
+ сразу после открытия.
+
+ *) Исправление: при чтении тела запроса с использованием chunked
+ transfer encoding по SSL-соединению мог произойти таймаут.
+
+ *) Исправление: утечки памяти в nginx/Windows.
+
+
Изменения в nginx 1.4.4 19.11.2013
*) Безопасность: символ, следующий за незакодированным пробелом в строке
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/LICENSE
^
|
@@ -1,6 +1,6 @@
/*
- * Copyright (C) 2002-2013 Igor Sysoev
- * Copyright (C) 2011-2013 Nginx, Inc.
+ * Copyright (C) 2002-2014 Igor Sysoev
+ * Copyright (C) 2011-2014 Nginx, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/core/nginx.h
^
|
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1004004
-#define NGINX_VERSION "1.4.4"
+#define nginx_version 1004006
+#define NGINX_VERSION "1.4.6"
#define NGINX_VER "nginx/" NGINX_VERSION
#define NGINX_VAR "NGINX"
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/core/ngx_connection.c
^
|
@@ -647,7 +647,13 @@
if (ls[i].add_deferred || ls[i].delete_deferred) {
if (ls[i].add_deferred) {
- timeout = (int) (ls[i].post_accept_timeout / 1000);
+ /*
+ * There is no way to find out how long a connection was
+ * in queue (and a connection may bypass deferred queue at all
+ * if syncookies were used), hence we use 1 second timeout
+ * here.
+ */
+ timeout = 1;
} else {
timeout = 0;
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/event/ngx_event_openssl.c
^
|
@@ -965,6 +965,7 @@
size -= n;
if (size == 0) {
+ c->read->ready = 1;
return bytes;
}
@@ -974,6 +975,10 @@
}
if (bytes) {
+ if (c->ssl->last != NGX_AGAIN) {
+ c->read->ready = 1;
+ }
+
return bytes;
}
@@ -2224,32 +2229,26 @@
ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
{
int len;
- u_char *p, *buf;
+ u_char *buf;
SSL_SESSION *sess;
sess = SSL_get0_session(c->ssl->connection);
-
- len = i2d_SSL_SESSION(sess, NULL);
-
- buf = ngx_alloc(len, c->log);
- if (buf == NULL) {
- return NGX_ERROR;
+ if (sess == NULL) {
+ s->len = 0;
+ return NGX_OK;
}
+ buf = sess->session_id;
+ len = sess->session_id_length;
+
s->len = 2 * len;
s->data = ngx_pnalloc(pool, 2 * len);
if (s->data == NULL) {
- ngx_free(buf);
return NGX_ERROR;
}
- p = buf;
- i2d_SSL_SESSION(sess, &p);
-
ngx_hex_dump(s->data, buf, len);
- ngx_free(buf);
-
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/http/ngx_http_request.c
^
|
@@ -423,20 +423,6 @@
if (n == NGX_AGAIN) {
-#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
- if (c->listening->deferred_accept
-#if (NGX_HTTP_SSL)
- && c->ssl == NULL
-#endif
- )
- {
- ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
- "client timed out in deferred accept");
- ngx_http_close_connection(c);
- return;
- }
-#endif
-
if (!rev->timer_set) {
ngx_add_timer(rev, c->listening->post_accept_timeout);
ngx_reusable_connection(c, 1);
@@ -635,15 +621,6 @@
if (n == -1) {
if (err == NGX_EAGAIN) {
-#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
- if (c->listening->deferred_accept) {
- ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
- "client timed out in deferred accept");
- ngx_http_close_connection(c);
- return;
- }
-#endif
-
if (!rev->timer_set) {
ngx_add_timer(rev, c->listening->post_accept_timeout);
ngx_reusable_connection(c, 1);
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/http/ngx_http_request_body.c
^
|
@@ -150,20 +150,27 @@
goto done;
}
- cl = ngx_chain_get_free_buf(r->pool, &rb->free);
- if (cl == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
+ if (rb->temp_file->file.offset != 0) {
- b = cl->buf;
+ cl = ngx_chain_get_free_buf(r->pool, &rb->free);
+ if (cl == NULL) {
+ rc = NGX_HTTP_INTERNAL_SERVER_ERROR;
+ goto done;
+ }
- ngx_memzero(b, sizeof(ngx_buf_t));
+ b = cl->buf;
- b->in_file = 1;
- b->file_last = rb->temp_file->file.offset;
- b->file = &rb->temp_file->file;
+ ngx_memzero(b, sizeof(ngx_buf_t));
- rb->bufs = cl;
+ b->in_file = 1;
+ b->file_last = rb->temp_file->file.offset;
+ b->file = &rb->temp_file->file;
+
+ rb->bufs = cl;
+
+ } else {
+ rb->bufs = NULL;
+ }
}
post_handler(r);
@@ -374,20 +381,26 @@
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
- cl = ngx_chain_get_free_buf(r->pool, &rb->free);
- if (cl == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
+ if (rb->temp_file->file.offset != 0) {
- b = cl->buf;
+ cl = ngx_chain_get_free_buf(r->pool, &rb->free);
+ if (cl == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
- ngx_memzero(b, sizeof(ngx_buf_t));
+ b = cl->buf;
- b->in_file = 1;
- b->file_last = rb->temp_file->file.offset;
- b->file = &rb->temp_file->file;
+ ngx_memzero(b, sizeof(ngx_buf_t));
+
+ b->in_file = 1;
+ b->file_last = rb->temp_file->file.offset;
+ b->file = &rb->temp_file->file;
- rb->bufs = cl;
+ rb->bufs = cl;
+
+ } else {
+ rb->bufs = NULL;
+ }
}
r->read_event_handler = ngx_http_block_reading;
@@ -842,6 +855,10 @@
for (cl = in; cl; cl = cl->next) {
+ if (rb->rest == 0) {
+ break;
+ }
+
tl = ngx_chain_get_free_buf(r->pool, &rb->free);
if (tl == NULL) {
return NGX_HTTP_INTERNAL_SERVER_ERROR;
@@ -936,13 +953,13 @@
if (clcf->client_max_body_size
&& clcf->client_max_body_size
- < r->headers_in.content_length_n + rb->chunked->size)
+ - r->headers_in.content_length_n < rb->chunked->size)
{
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
"client intended to send too large chunked "
- "body: %O bytes",
- r->headers_in.content_length_n
- + rb->chunked->size);
+ "body: %O+%O bytes",
+ r->headers_in.content_length_n,
+ rb->chunked->size);
r->lingering_close = 1;
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/http/ngx_http_spdy.c
^
|
@@ -2626,6 +2626,10 @@
}
}
+ if (sc->stream == stream) {
+ sc->stream = NULL;
+ }
+
sscf = ngx_http_get_module_srv_conf(sc->http_connection->conf_ctx,
ngx_http_spdy_module);
|
[-]
[+]
|
Changed |
nginx-1.4.6.tar.bz2/src/http/ngx_http_upstream.c
^
|
@@ -2456,14 +2456,12 @@
if (u->peer.connection->read->ready
|| u->buffer.pos != u->buffer.last)
{
+ ngx_post_event(c->read, &ngx_posted_events);
ngx_http_upstream_process_upgraded(r, 1, 1);
+ return;
}
- if (c->read->ready
- || r->header_in->pos != r->header_in->last)
- {
- ngx_http_upstream_process_upgraded(r, 0, 1);
- }
+ ngx_http_upstream_process_upgraded(r, 0, 1);
}
|