[-]
[+]
|
Deleted |
nginx.changes
|
@@ -1,28 +0,0 @@
--------------------------------------------------------------------
-Wed Dec 28 20:00:08 UTC 2016 - cs@linux-administrator.com
-
-- update to nginx 1.11.8
-
--------------------------------------------------------------------
-Wed Dec 14 11:07:19 UTC 2016 - cs@linux-administrator.com
-
-- update to nginx 1.11.7
-
--------------------------------------------------------------------
-Mon Nov 28 07:21:41 UTC 2016 - cs@linux-administrator.com
-
-- update to nginx 1.11.6
-- update nginx rtmp module to 1.1.10
-
--------------------------------------------------------------------
-Wed Oct 12 21:29:31 UTC 2016 - cs@linux-administrator.com
-
-- update to nginx 1.11.5
-
--------------------------------------------------------------------
-Wed Sep 28 18:04:31 UTC 2016 - cs@linux-administrator.com
-
-- update to nginx 1.11.4
-- update openssl to 1.0.2j
-- update nginx rtmp module to 1.1.9
-
|
[-]
[+]
|
Changed |
nginx.spec
^
|
|
[-]
[+]
|
Deleted |
2bc1dac6fb3ed263529decb211ec784824132bf4.patch
^
|
@@ -1,38 +0,0 @@
-From 2bc1dac6fb3ed263529decb211ec784824132bf4 Mon Sep 17 00:00:00 2001
-From: Chris Lea <chris.lea@gmail.com>
-Date: Tue, 15 Nov 2016 22:26:35 -0800
-Subject: [PATCH] default_port was removed in 1.11.6.
-
----
- ngx_http_upstream_fair_module.c | 9 ++++++++-
- 1 file changed, 8 insertions(+), 1 deletion(-)
-
-diff --git a/ngx_http_upstream_fair_module.c b/ngx_http_upstream_fair_module.c
-index a4419ca..66144e9 100644
---- a/ngx_http_upstream_fair_module.c
-+++ b/ngx_http_upstream_fair_module.c
-@@ -540,7 +540,11 @@ ngx_http_upstream_init_fair_rr(ngx_conf_t *cf, ngx_http_upstream_srv_conf_t *us)
-
- /* an upstream implicitly defined by proxy_pass, etc. */
-
-+#if nginx_version < 1011006
- if (us->port == 0 && us->default_port == 0) {
-+#else
-+ if (us->port == 0) {
-+#endif
- ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
- "no port in upstream \"%V\" in %s:%ui",
- &us->host, us->file_name, us->line);
-@@ -550,8 +554,11 @@ ngx_http_upstream_init_fair_rr(ngx_conf_t *cf, ngx_http_upstream_srv_conf_t *us)
- ngx_memzero(&u, sizeof(ngx_url_t));
-
- u.host = us->host;
-+#if nginx_version < 1011006
- u.port = (in_port_t) (us->port ? us->port : us->default_port);
--
-+#else
-+ u.port = (in_port_t) us->port;
-+#endif
- if (ngx_inet_resolve_host(cf->pool, &u) != NGX_OK) {
- if (u.err) {
- ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
|
[-]
[+]
|
Deleted |
check_1.7.5+.patch
^
|
@@ -1,195 +0,0 @@
-diff --git a/src/http/modules/ngx_http_upstream_ip_hash_module.c b/src/http/modules/ngx_http_upstream_ip_hash_module.c
-index 148d73a..913e395 100644
---- a/src/http/modules/ngx_http_upstream_ip_hash_module.c
-+++ b/src/http/modules/ngx_http_upstream_ip_hash_module.c
-@@ -9,6 +9,9 @@
- #include <ngx_core.h>
- #include <ngx_http.h>
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+#include "ngx_http_upstream_check_module.h"
-+#endif
-
- typedef struct {
- /* the round robin data must be first */
-@@ -212,6 +215,15 @@ ngx_http_upstream_get_ip_hash_peer(ngx_peer_connection_t *pc, void *data)
- goto next_try;
- }
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
-+ "get ip_hash peer, check_index: %ui",
-+ peer->check_index);
-+ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
-+ goto next_try;
-+ }
-+#endif
-+
- if (peer->max_fails
- && peer->fails >= peer->max_fails
- && now - peer->checked <= peer->fail_timeout)
-diff --git a/src/http/modules/ngx_http_upstream_least_conn_module.c b/src/http/modules/ngx_http_upstream_least_conn_module.c
-index 623bc9b..a223839 100644
---- a/src/http/modules/ngx_http_upstream_least_conn_module.c
-+++ b/src/http/modules/ngx_http_upstream_least_conn_module.c
-@@ -9,6 +9,9 @@
- #include <ngx_core.h>
- #include <ngx_http.h>
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+#include "ngx_http_upstream_check_module.h"
-+#endif
-
- typedef struct {
- ngx_uint_t *conns;
-@@ -203,6 +206,16 @@ ngx_http_upstream_get_least_conn_peer(ngx_peer_connection_t *pc, void *data)
- continue;
- }
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
-+ "get least_conn peer, check_index: %ui",
-+ peer->check_index);
-+
-+ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
-+ continue;
-+ }
-+#endif
-+
- if (peer->max_fails
- && peer->fails >= peer->max_fails
- && now - peer->checked <= peer->fail_timeout)
-@@ -256,6 +269,16 @@ ngx_http_upstream_get_least_conn_peer(ngx_peer_connection_t *pc, void *data)
- continue;
- }
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, pc->log, 0,
-+ "get least_conn peer, check_index: %ui",
-+ peer->check_index);
-+
-+ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
-+ continue;
-+ }
-+#endif
-+
- if (lcp->conns[i] * best->weight != lcp->conns[p] * peer->weight) {
- continue;
- }
-diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c
-index 2d0649b..b9789eb 100644
---- a/src/http/ngx_http_upstream_round_robin.c
-+++ b/src/http/ngx_http_upstream_round_robin.c
-@@ -9,6 +9,9 @@
- #include <ngx_core.h>
- #include <ngx_http.h>
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+#include "ngx_http_upstream_check_module.h"
-+#endif
-
- #define ngx_http_upstream_tries(p) ((p)->number \
- + ((p)->next ? (p)->next->number : 0))
-@@ -92,6 +95,14 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
- peer[n].fail_timeout = server[i].fail_timeout;
- peer[n].down = server[i].down;
- peer[n].server = server[i].name;
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ if (!server[i].down) {
-+ peers->peer[n].check_index =
-+ ngx_http_upstream_check_add_peer(cf, us, &server[i].addrs[j]);
-+ } else {
-+ peers->peer[n].check_index = (ngx_uint_t) NGX_ERROR;
-+ }
-+#endif
- n++;
- }
- }
-@@ -148,6 +159,15 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
- peer[n].fail_timeout = server[i].fail_timeout;
- peer[n].down = server[i].down;
- peer[n].server = server[i].name;
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ if (!server[i].down) {
-+ backup->peer[n].check_index =
-+ ngx_http_upstream_check_add_peer(cf, us, &server[i].addrs[j]);
-+ }
-+ else {
-+ backup->peer[n].check_index = (ngx_uint_t) NGX_ERROR;
-+ }
-+#endif
- n++;
- }
- }
-@@ -207,6 +227,9 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf,
- peer[i].current_weight = 0;
- peer[i].max_fails = 1;
- peer[i].fail_timeout = 10;
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ peers->peer[i].check_index = (ngx_uint_t) NGX_ERROR;
-+#endif
- }
-
- us->peer.data = peers;
-@@ -316,7 +339,9 @@ ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r,
- peer[0].current_weight = 0;
- peer[0].max_fails = 1;
- peer[0].fail_timeout = 10;
--
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ peers->peer[0].check_index = (ngx_uint_t) NGX_ERROR;
-+#endif
- } else {
-
- for (i = 0; i < ur->naddrs; i++) {
-@@ -356,6 +381,9 @@ ngx_http_upstream_create_round_robin_peer(ngx_http_request_t *r,
- peer[i].current_weight = 0;
- peer[i].max_fails = 1;
- peer[i].fail_timeout = 10;
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ peers->peer[i].check_index = (ngx_uint_t) NGX_ERROR;
-+#endif
- }
- }
-
-@@ -415,6 +443,12 @@ ngx_http_upstream_get_round_robin_peer(ngx_peer_connection_t *pc, void *data)
- goto failed;
- }
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
-+ goto failed;
-+ }
-+#endif
-+
- } else {
-
- /* there are several peers */
-@@ -507,6 +541,12 @@ ngx_http_upstream_get_peer(ngx_http_upstream_rr_peer_data_t *rrp)
- continue;
- }
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ if (ngx_http_upstream_check_peer_down(peer->check_index)) {
-+ continue;
-+ }
-+#endif
-+
- if (peer->max_fails
- && peer->fails >= peer->max_fails
- && now - peer->checked <= peer->fail_timeout)
-diff --git a/src/http/ngx_http_upstream_round_robin.h b/src/http/ngx_http_upstream_round_robin.h
-index 9db82a6..6e19a65 100644
---- a/src/http/ngx_http_upstream_round_robin.h
-+++ b/src/http/ngx_http_upstream_round_robin.h
-@@ -31,6 +31,10 @@ typedef struct {
- ngx_uint_t max_fails;
- time_t fail_timeout;
-
-+#if (NGX_HTTP_UPSTREAM_CHECK)
-+ ngx_uint_t check_index;
-+#endif
-+
- ngx_uint_t down; /* unsigned down:1; */
-
- #if (NGX_HTTP_SSL)
|
[-]
[+]
|
Deleted |
nginx-0.4.0-no_Werror.patch
^
|
@@ -1,13 +0,0 @@
-Index: auto/cc/gcc
-===================================================================
---- auto/cc/gcc.orig
-+++ auto/cc/gcc
-@@ -171,7 +171,7 @@
-
-
- # stop on warning
--CFLAGS="$CFLAGS -Werror"
-+CFLAGS="$CFLAGS"
-
- # debug
- CFLAGS="$CFLAGS -g"
|
[-]
[+]
|
Deleted |
nginx-0.4.0-perl_vendor_install.patch
^
|
@@ -1,13 +0,0 @@
-Index: auto/install
-===================================================================
---- auto/install.orig
-+++ auto/install
-@@ -7,7 +7,7 @@
- cat << END >> $NGX_MAKEFILE
-
- install_perl_modules:
-- cd $NGX_OBJS/src/http/modules/perl && make install
-+ cd $NGX_OBJS/src/http/modules/perl && make install_vendor
- END
-
- NGX_INSTALL_PERL_MODULES=install_perl_modules
|
[-]
[+]
|
Deleted |
nginx-0.6.31-DESTDIR.patch
^
|
@@ -1,75 +0,0 @@
-Index: auto/install
-===================================================================
---- auto/install.orig 2007-07-30 12:51:55.000000000 +0200
-+++ auto/install 2008-05-29 18:00:45.383221398 +0200
-@@ -19,45 +19,45 @@ cat << END
-
- install: $NGX_OBJS${ngx_dirsep}nginx${ngx_binext} \
- $NGX_INSTALL_PERL_MODULES
-- test -d '$NGX_PREFIX' || mkdir -p '$NGX_PREFIX'
-+ test -d '\$(DESTDIR)$NGX_PREFIX' || mkdir -p '\$(DESTDIR)$NGX_PREFIX'
-
-- test -d '`dirname "$NGX_SBIN_PATH"`' \
-- || mkdir -p '`dirname "$NGX_SBIN_PATH"`'
-- test ! -f '$NGX_SBIN_PATH' || mv '$NGX_SBIN_PATH' '$NGX_SBIN_PATH.old'
-- cp $NGX_OBJS/nginx '$NGX_SBIN_PATH'
-+ test -d '\$(DESTDIR)`dirname "$NGX_SBIN_PATH"`' \
-+ || mkdir -p '\$(DESTDIR)`dirname "$NGX_SBIN_PATH"`'
-+ test ! -f '\$(DESTDIR)$NGX_SBIN_PATH' || mv '\$(DESTDIR)$NGX_SBIN_PATH' '\$(DESTDIR)$NGX_SBIN_PATH.old'
-+ cp $NGX_OBJS/nginx '\$(DESTDIR)$NGX_SBIN_PATH'
-
-- test -d '$NGX_CONF_PREFIX' || mkdir -p '$NGX_CONF_PREFIX'
-+ test -d '\$(DESTDIR)$NGX_CONF_PREFIX' || mkdir -p '\$(DESTDIR)$NGX_CONF_PREFIX'
-
-- cp conf/koi-win '$NGX_CONF_PREFIX'
-- cp conf/koi-utf '$NGX_CONF_PREFIX'
-- cp conf/win-utf '$NGX_CONF_PREFIX'
-+ cp conf/koi-win '\$(DESTDIR)$NGX_CONF_PREFIX'
-+ cp conf/koi-utf '\$(DESTDIR)$NGX_CONF_PREFIX'
-+ cp conf/win-utf '\$(DESTDIR)$NGX_CONF_PREFIX'
-
-- test -f '$NGX_CONF_PREFIX/mime.types' \
-- || cp conf/mime.types '$NGX_CONF_PREFIX'
-- cp conf/mime.types '$NGX_CONF_PREFIX/mime.types.default'
-+ test -f '\$(DESTDIR)$NGX_CONF_PREFIX/mime.types' \
-+ || cp conf/mime.types '\$(DESTDIR)$NGX_CONF_PREFIX'
-+ cp conf/mime.types '\$(DESTDIR)$NGX_CONF_PREFIX/mime.types.default'
-
-- test -f '$NGX_CONF_PREFIX/fastcgi_params' \
-- || cp conf/fastcgi_params '$NGX_CONF_PREFIX'
-- cp conf/fastcgi_params '$NGX_CONF_PREFIX/fastcgi_params.default'
-+ test -f '\$(DESTDIR)$NGX_CONF_PREFIX/fastcgi_params' \
-+ || cp conf/fastcgi_params '\$(DESTDIR)$NGX_CONF_PREFIX'
-+ cp conf/fastcgi_params '\$(DESTDIR)$NGX_CONF_PREFIX/fastcgi_params.default'
-
-- test -f '$NGX_CONF_PATH' || cp conf/nginx.conf '$NGX_CONF_PREFIX'
-- cp conf/nginx.conf '$NGX_CONF_PREFIX/nginx.conf.default'
-+ test -f '\$(DESTDIR)$NGX_CONF_PATH' || cp conf/nginx.conf '\$(DESTDIR)$NGX_CONF_PREFIX'
-+ cp conf/nginx.conf '\$(DESTDIR)$NGX_CONF_PREFIX/nginx.conf.default'
-
-- test -d '`dirname "$NGX_PID_PATH"`' \
-- || mkdir -p '`dirname "$NGX_PID_PATH"`'
-+ test -d '\$(DESTDIR)`dirname "$NGX_PID_PATH"`' \
-+ || mkdir -p '\$(DESTDIR)`dirname "$NGX_PID_PATH"`'
-
-- test -d '`dirname "$NGX_HTTP_LOG_PATH"`' || \
-- mkdir -p '`dirname "$NGX_HTTP_LOG_PATH"`'
-+ test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \
-+ mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
-
-- test -d '$NGX_PREFIX/html' || cp -r html '$NGX_PREFIX'
-+ test -d '\$(DESTDIR)$NGX_PREFIX/html' || cp -r html '\$(DESTDIR)$NGX_PREFIX'
- END
-
-
--if test -n "$NGX_ERROR_LOG_PATH"; then
-+if test -n "\$(DESTDIR)$NGX_ERROR_LOG_PATH"; then
- cat << END >> $NGX_MAKEFILE
-
-- test -d '`dirname "$NGX_ERROR_LOG_PATH"`' || \
-- mkdir -p '`dirname "$NGX_ERROR_LOG_PATH"`'
-+ test -d '\$(DESTDIR)`dirname "$NGX_ERROR_LOG_PATH"`' || \
-+ mkdir -p '\$(DESTDIR)`dirname "$NGX_ERROR_LOG_PATH"`'
- END
-
- fi
|
[-]
[+]
|
Deleted |
nginx-0.6.31_default_config.patch
^
|
@@ -1,71 +0,0 @@
-Index: conf/nginx.conf
-===================================================================
---- conf/nginx.conf.orig 2009-04-06 15:43:46.000000000 +0200
-+++ conf/nginx.conf 2009-05-08 20:19:55.436773498 +0200
-@@ -1,12 +1,12 @@
-
--#user nobody;
-+user nginx;
- worker_processes 1;
-
--#error_log logs/error.log;
--#error_log logs/error.log notice;
--#error_log logs/error.log info;
-+#error_log /var/log/nginx/error.log;
-+#error_log /var/log/nginx/error.log notice;
-+#error_log /var/log/nginx/error.log info;
-
--#pid logs/nginx.pid;
-+#pid /var/run/nginx.pid;
-
-
- events {
-@@ -22,7 +22,7 @@ http {
- # '$status $body_bytes_sent "$http_referer" '
- # '"$http_user_agent" "$http_x_forwarded_for"';
-
-- #access_log logs/access.log main;
-+ #access_log /var/log/nginx/access.log main;
-
- sendfile on;
- #tcp_nopush on;
-@@ -38,10 +38,10 @@ http {
-
- #charset koi8-r;
-
-- #access_log logs/host.access.log main;
-+ #access_log /var/log/nginx/host.access.log main;
-
- location / {
-- root html;
-+ root /srv/www/htdocs/;
- index index.html index.htm;
- }
-
-@@ -51,7 +51,7 @@ http {
- #
- error_page 500 502 503 504 /50x.html;
- location = /50x.html {
-- root html;
-+ root /srv/www/htdocs/;
- }
-
- # proxy the PHP scripts to Apache listening on 127.0.0.1:80
-@@ -87,7 +87,7 @@ http {
- # server_name somename alias another.alias;
-
- # location / {
-- # root html;
-+ # root /srv/www/htdocs/;
- # index index.html index.htm;
- # }
- #}
-@@ -110,7 +110,7 @@ http {
- # ssl_prefer_server_ciphers on;
-
- # location / {
-- # root html;
-+ # root /srv/www/htdocs/;
- # index index.html index.htm;
- # }
- #}
|
[-]
[+]
|
Deleted |
nginx-0.6.38-html.patch
^
|
@@ -1,14 +0,0 @@
-Index: auto/install
-===================================================================
---- auto/install.orig
-+++ auto/install
-@@ -54,8 +54,7 @@
- test -d '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`' || \
- mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
-
-- test -d '\$(DESTDIR)$NGX_PREFIX/html' \
-- || cp -r html '\$(DESTDIR)$NGX_PREFIX'
-+ test -d '\$(DESTDIR)/srv/www/htdocs' || install -d '\$(DESTDIR)/srv/www/' && cp -r html '\$(DESTDIR)/srv/www/htdocs'
- END
-
-
|
[-]
[+]
|
Deleted |
openssl__chacha20_poly1305_draft_and_rfc_ossl102g.patch
^
|
@@ -1,5227 +0,0 @@
-From d21c75c622eb13a80080ed15fa30474f806a0a0f Mon Sep 17 00:00:00 2001
-From: Vlad Krasnov <vlad@cloudflare.com>
-Date: Fri, 12 Feb 2016 18:25:11 -0800
-Subject: [PATCH] Implementation of draft and RFC versions of CHACHA20-POLY1305
- ciphers
-
----
- Configure | 48 +-
- Makefile.org | 4 +-
- apps/speed.c | 30 +-
- crypto/chacha20poly1305/Makefile | 97 +++
- crypto/chacha20poly1305/asm/chacha20_avx.pl | 408 +++++++++++
- crypto/chacha20poly1305/asm/chacha20_avx2.pl | 443 ++++++++++++
- crypto/chacha20poly1305/asm/poly1305_avx.pl | 732 ++++++++++++++++++++
- crypto/chacha20poly1305/asm/poly1305_avx2.pl | 984 +++++++++++++++++++++++++++
- crypto/chacha20poly1305/asm/poly1305_x64.pl | 281 ++++++++
- crypto/chacha20poly1305/chacha20.c | 162 +++++
- crypto/chacha20poly1305/chacha20poly1305.h | 79 +++
- crypto/chacha20poly1305/chapolytest.c | 470 +++++++++++++
- crypto/chacha20poly1305/poly1305.c | 287 ++++++++
- crypto/cryptlib.c | 10 -
- crypto/evp/Makefile | 7 +-
- crypto/evp/e_chacha20poly1305.c | 435 ++++++++++++
- crypto/evp/evp.h | 4 +
- ssl/s3_lib.c | 119 ++++
- ssl/ssl.h | 2 +
- ssl/ssl_ciph.c | 60 +-
- ssl/ssl_locl.h | 2 +
- ssl/tls1.h | 28 +
- test/Makefile | 17 +-
- 23 files changed, 4655 insertions(+), 54 deletions(-)
- create mode 100644 crypto/chacha20poly1305/Makefile
- create mode 100644 crypto/chacha20poly1305/asm/chacha20_avx.pl
- create mode 100644 crypto/chacha20poly1305/asm/chacha20_avx2.pl
- create mode 100644 crypto/chacha20poly1305/asm/poly1305_avx.pl
- create mode 100644 crypto/chacha20poly1305/asm/poly1305_avx2.pl
- create mode 100644 crypto/chacha20poly1305/asm/poly1305_x64.pl
- create mode 100644 crypto/chacha20poly1305/chacha20.c
- create mode 100644 crypto/chacha20poly1305/chacha20poly1305.h
- create mode 100644 crypto/chacha20poly1305/chapolytest.c
- create mode 100644 crypto/chacha20poly1305/poly1305.c
- create mode 100644 crypto/evp/e_chacha20poly1305.c
-
-diff --git a/Configure b/Configure
-index 4a715dc..f3ab6cd 100755
---- a/Configure
-+++ b/Configure
-@@ -146,25 +146,25 @@ my $tlib="-lnsl -lsocket";
- my $bits1="THIRTY_TWO_BIT ";
- my $bits2="SIXTY_FOUR_BIT ";
-
--my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o::des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o:";
-+my $x86_asm="x86cpuid.o:bn-586.o co-586.o x86-mont.o x86-gf2m.o::des-586.o crypt586.o:aes-586.o vpaes-x86.o aesni-x86.o:bf-586.o:md5-586.o:sha1-586.o sha256-586.o sha512-586.o:cast-586.o:rc4-586.o:rmd-586.o:rc5-586.o:wp_block.o wp-mmx.o:cmll-x86.o:ghash-x86.o::";
-
- my $x86_elf_asm="$x86_asm:elf";
-
--my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o:ecp_nistz256.o ecp_nistz256-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o:";
--my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o::void";
--my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o::des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o::void";
--my $sparcv8_asm=":sparcv8.o::des_enc-sparc.o fcrypt_b.o:::::::::::::void";
--my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::sha1-alpha.o:::::::ghash-alpha.o::void";
--my $mips64_asm=":bn-mips.o mips-mont.o:::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o::::::::";
-+my $x86_64_asm="x86_64cpuid.o:x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o:ecp_nistz256.o ecp_nistz256-x86_64.o::aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o::md5-x86_64.o:sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o sha1-mb-x86_64.o sha256-mb-x86_64.o::rc4-x86_64.o rc4-md5-x86_64.o:::wp-x86_64.o:cmll-x86_64.o cmll_misc.o:ghash-x86_64.o aesni-gcm-x86_64.o::chacha20_avx.o chacha20_avx2.o poly1305_x64.o poly1305_avx2.o";
-+my $ia64_asm="ia64cpuid.o:bn-ia64.o ia64-mont.o:::aes_core.o aes_cbc.o aes-ia64.o::md5-ia64.o:sha1-ia64.o sha256-ia64.o sha512-ia64.o::rc4-ia64.o rc4_skey.o:::::ghash-ia64.o:::void";
-+my $sparcv9_asm="sparcv9cap.o sparccpuid.o:bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o::des_enc-sparc.o fcrypt_b.o dest4-sparcv9.o:aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o::md5-sparcv9.o:sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o::::::camellia.o cmll_misc.o cmll_cbc.o cmllt4-sparcv9.o:ghash-sparcv9.o:::void";
-+my $sparcv8_asm=":sparcv8.o::des_enc-sparc.o fcrypt_b.o::::::::::::::void";
-+my $alpha_asm="alphacpuid.o:bn_asm.o alpha-mont.o::::::sha1-alpha.o:::::::ghash-alpha.o:::void";
-+my $mips64_asm=":bn-mips.o mips-mont.o:::aes_cbc.o aes-mips.o:::sha1-mips.o sha256-mips.o sha512-mips.o:::::::::";
- my $mips32_asm=$mips64_asm; $mips32_asm =~ s/\s*sha512\-mips\.o//;
--my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o:::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o:";
--my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o:::aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o ghashv8-armx.o::void";
--my $aarch64_asm="armcap.o arm64cpuid.o mem_clr.o::::aes_core.o aes_cbc.o aesv8-armx.o:::sha1-armv8.o sha256-armv8.o sha512-armv8.o:::::::ghashv8-armx.o:";
--my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::32";
--my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o::64";
--my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o:::aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o:::::::ghashp8-ppc.o:";
-+my $s390x_asm="s390xcap.o s390xcpuid.o:bn-s390x.o s390x-mont.o s390x-gf2m.o:::aes-s390x.o aes-ctr.o aes-xts.o:::sha1-s390x.o sha256-s390x.o sha512-s390x.o::rc4-s390x.o:::::ghash-s390x.o::";
-+my $armv4_asm="armcap.o armv4cpuid.o:bn_asm.o armv4-mont.o armv4-gf2m.o:::aes_cbc.o aes-armv4.o bsaes-armv7.o aesv8-armx.o:::sha1-armv4-large.o sha256-armv4.o sha512-armv4.o:::::::ghash-armv4.o ghashv8-armx.o:::void";
-+my $aarch64_asm="armcap.o arm64cpuid.o mem_clr.o::::aes_core.o aes_cbc.o aesv8-armx.o:::sha1-armv8.o sha256-armv8.o sha512-armv8.o:::::::ghashv8-armx.o::";
-+my $parisc11_asm="pariscid.o:bn_asm.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o:::32";
-+my $parisc20_asm="pariscid.o:pa-risc2W.o parisc-mont.o:::aes_core.o aes_cbc.o aes-parisc.o:::sha1-parisc.o sha256-parisc.o sha512-parisc.o::rc4-parisc.o:::::ghash-parisc.o:::64";
-+my $ppc64_asm="ppccpuid.o ppccap.o:bn-ppc.o ppc-mont.o ppc64-mont.o:::aes_core.o aes_cbc.o aes-ppc.o vpaes-ppc.o aesp8-ppc.o:::sha1-ppc.o sha256-ppc.o sha512-ppc.o sha256p8-ppc.o sha512p8-ppc.o:::::::ghashp8-ppc.o::";
- my $ppc32_asm=$ppc64_asm;
--my $no_asm="::::::::::::::::void";
-+my $no_asm=":::::::::::::::::void";
-
- # As for $BSDthreads. Idea is to maintain "collective" set of flags,
- # which would cover all BSD flavors. -pthread applies to them all,
-@@ -710,6 +710,7 @@ my $idx_wp_obj = $idx++;
- my $idx_cmll_obj = $idx++;
- my $idx_modes_obj = $idx++;
- my $idx_engines_obj = $idx++;
-+my $idx_chapoly_obj = $idx++;
- my $idx_perlasm_scheme = $idx++;
- my $idx_dso_scheme = $idx++;
- my $idx_shared_target = $idx++;
-@@ -752,6 +753,7 @@ my $bf ="crypto/bf/bf_locl.h";
- my $bn_asm ="bn_asm.o";
- my $des_enc="des_enc.o fcrypt_b.o";
- my $aes_enc="aes_core.o aes_cbc.o";
-+my $chapoly_enc="";
- my $bf_enc ="bf_enc.o";
- my $cast_enc="c_enc.o";
- my $rc4_enc="rc4_enc.o rc4_skey.o";
-@@ -1210,7 +1212,7 @@ $openssldir=$prefix . "/" . $openssldir if $openssldir !~ /(^\/|^[a-zA-Z]:[\\\/]
-
- print "IsMK1MF=$IsMK1MF\n";
-
--my @fields = split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-+my @fields = split(/\s*:\s*/,$table{$target} . ":" x 31 , -1);
- my $cc = $fields[$idx_cc];
- # Allow environment CC to override compiler...
- if($ENV{CC}) {
-@@ -1239,6 +1241,7 @@ my $wp_obj = $fields[$idx_wp_obj];
- my $cmll_obj = $fields[$idx_cmll_obj];
- my $modes_obj = $fields[$idx_modes_obj];
- my $engines_obj = $fields[$idx_engines_obj];
-+my $chapoly_obj = $fields[$idx_chapoly_obj];
- my $perlasm_scheme = $fields[$idx_perlasm_scheme];
- my $dso_scheme = $fields[$idx_dso_scheme];
- my $shared_target = $fields[$idx_shared_target];
-@@ -1405,7 +1408,7 @@ if ($no_asm)
- {
- $cpuid_obj=$bn_obj=$ec_obj=
- $des_obj=$aes_obj=$bf_obj=$cast_obj=$rc4_obj=$rc5_obj=$cmll_obj=
-- $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj="";
-+ $modes_obj=$sha1_obj=$md5_obj=$rmd160_obj=$wp_obj=$engines_obj=$chapoly_obj="";
- }
-
- if (!$no_shared)
-@@ -1558,6 +1561,14 @@ $bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
- $cast_obj=$cast_enc unless ($cast_obj =~ /\.o$/);
- $rc4_obj=$rc4_enc unless ($rc4_obj =~ /\.o$/);
- $rc5_obj=$rc5_enc unless ($rc5_obj =~ /\.o$/);
-+if ($chapoly_obj =~ /\.o$/)
-+ {
-+ $cflags.=" -DCHAPOLY_x86_64_ASM";
-+ }
-+else
-+ {
-+ $chapoly_obj=$chapoly_enc;
-+ }
- if ($sha1_obj =~ /\.o$/)
- {
- # $sha1_obj=$sha1_enc;
-@@ -1740,6 +1751,7 @@ while (<IN>)
- s/^WP_ASM_OBJ=.*$/WP_ASM_OBJ= $wp_obj/;
- s/^CMLL_ENC=.*$/CMLL_ENC= $cmll_obj/;
- s/^MODES_ASM_OBJ.=*$/MODES_ASM_OBJ= $modes_obj/;
-+ s/^CHAPOLY_ENC=.*$/CHAPOLY_ENC= $chapoly_obj/;
- s/^ENGINES_ASM_OBJ.=*$/ENGINES_ASM_OBJ= $engines_obj/;
- s/^PERLASM_SCHEME=.*$/PERLASM_SCHEME= $perlasm_scheme/;
- s/^PROCESSOR=.*/PROCESSOR= $processor/;
-@@ -1802,6 +1814,7 @@ print "RMD160_OBJ_ASM=$rmd160_obj\n";
- print "CMLL_ENC =$cmll_obj\n";
- print "MODES_OBJ =$modes_obj\n";
- print "ENGINES_OBJ =$engines_obj\n";
-+print "CHAPOLY_ENC =$chapoly_obj\n";
- print "PROCESSOR =$processor\n";
- print "RANLIB =$ranlib\n";
- print "ARFLAGS =$arflags\n";
-@@ -2200,7 +2213,7 @@ sub print_table_entry
- my ($cc, $cflags, $unistd, $thread_cflag, $sys_id, $lflags,
- $bn_ops, $cpuid_obj, $bn_obj, $ec_obj, $des_obj, $aes_obj, $bf_obj,
- $md5_obj, $sha1_obj, $cast_obj, $rc4_obj, $rmd160_obj,
-- $rc5_obj, $wp_obj, $cmll_obj, $modes_obj, $engines_obj,
-+ $rc5_obj, $wp_obj, $cmll_obj, $modes_obj, $engines_obj, $chapoly_obj,
- $perlasm_scheme, $dso_scheme, $shared_target, $shared_cflag,
- $shared_ldflag, $shared_extension, $ranlib, $arflags, $multilib)=
- split(/\s*:\s*/,$table{$target} . ":" x 30 , -1);
-@@ -2231,6 +2244,7 @@ sub print_table_entry
- \$cmll_obj = $cmll_obj
- \$modes_obj = $modes_obj
- \$engines_obj = $engines_obj
-+\$chapoly_obj = $chapoly_obj
- \$perlasm_scheme = $perlasm_scheme
- \$dso_scheme = $dso_scheme
- \$shared_target= $shared_target
-diff --git a/Makefile.org b/Makefile.org
-index 76fdbdf..6556ef6 100644
---- a/Makefile.org
-+++ b/Makefile.org
-@@ -91,6 +91,7 @@ BN_ASM= bn_asm.o
- EC_ASM=
- DES_ENC= des_enc.o fcrypt_b.o
- AES_ENC= aes_core.o aes_cbc.o
-+CHAPOLY_ENC=
- BF_ENC= bf_enc.o
- CAST_ENC= c_enc.o
- RC4_ENC= rc4_enc.o
-@@ -148,7 +149,7 @@ SDIRS= \
- bn ec rsa dsa ecdsa dh ecdh dso engine \
- buffer bio stack lhash rand err \
- evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 \
-- cms pqueue ts jpake srp store cmac
-+ cms pqueue ts jpake srp store cmac chacha20poly1305
- # keep in mind that the above list is adjusted by ./Configure
- # according to no-xxx arguments...
-
-@@ -234,6 +235,7 @@ BUILDENV= LC_ALL=C PLATFORM='$(PLATFORM)' PROCESSOR='$(PROCESSOR)'\
|
|
Changed |
1.13.35.2-x64.tar.gz
^
|
[-]
[+]
|
Changed |
_service
^
|
@@ -2,6 +2,6 @@
<service name="download_url">
<param name="host">nginx.org</param>
<param name="protocol">http</param>
- <param name="path">/download/nginx-1.13.7.tar.gz</param>
+ <param name="path">/download/nginx-1.14.2.tar.gz</param>
</service>
-<service name="download_url"><param name="host">nginx.org</param><param name="protocol">http</param><param name="path">/download/nginx-1.13.7.tar.gz</param></service><service name="download_url"><param name="host">www.openssl.org</param><param name="protocol">https</param><param name="path">/source/openssl-1.1.0g.tar.gz</param></service></services>
\ No newline at end of file
+<service name="download_url"><param name="host">nginx.org</param><param name="protocol">http</param><param name="path">/download/nginx-1.14.2.tar.gz</param></service><service name="download_url"><param name="host">www.openssl.org</param><param name="protocol">https</param><param name="path">/source/openssl-1.1.1a.tar.gz</param></service></services>
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/CHANGES
^
|
@@ -1,4 +1,149 @@
+Changes with nginx 1.14.2 04 Dec 2018
+
+ *) Bugfix: nginx could not be built by gcc 8.1.
+
+ *) Bugfix: nginx could not be built on Fedora 28 Linux.
+
+ *) Bugfix: in handling of client addresses when using unix domain listen
+ sockets to work with datagrams on Linux.
+
+ *) Change: the logging level of the "http request", "https proxy
+ request", "unsupported protocol", "version too low", "no suitable key
+ share", and "no suitable signature algorithm" SSL errors has been
+ lowered from "crit" to "info".
+
+ *) Bugfix: when using OpenSSL 1.1.0 or newer it was not possible to
+ switch off "ssl_prefer_server_ciphers" in a virtual server if it was
+ switched on in the default server.
+
+ *) Bugfix: nginx could not be built with LibreSSL 2.8.0.
+
+ *) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
+ 1.1.1, the TLS 1.3 protocol was always enabled.
+
+ *) Bugfix: sending a disk-buffered request body to a gRPC backend might
+ fail.
+
+ *) Bugfix: connections with some gRPC backends might not be cached when
+ using the "keepalive" directive.
+
+ *) Bugfix: a segmentation fault might occur in a worker process if the
+ ngx_http_mp4_module was used on 32-bit platforms.
+
+
+Changes with nginx 1.14.1 06 Nov 2018
+
+ *) Security: when using HTTP/2 a client might cause excessive memory
+ consumption (CVE-2018-16843) and CPU usage (CVE-2018-16844).
+
+ *) Security: processing of a specially crafted mp4 file with the
+ ngx_http_mp4_module might result in worker process memory disclosure
+ (CVE-2018-16845).
+
+ *) Bugfix: working with gRPC backends might result in excessive memory
+ consumption.
+
+
+Changes with nginx 1.14.0 17 Apr 2018
+
+ *) 1.14.x stable branch.
+
+
+Changes with nginx 1.13.12 10 Apr 2018
+
+ *) Bugfix: connections with gRPC backends might be closed unexpectedly
+ when returning a large response.
+
+
+Changes with nginx 1.13.11 03 Apr 2018
+
+ *) Feature: the "proxy_protocol" parameter of the "listen" directive now
+ supports the PROXY protocol version 2.
+
+ *) Bugfix: nginx could not be built with OpenSSL 1.1.1 statically on
+ Linux.
+
+ *) Bugfix: in the "http_404", "http_500", etc. parameters of the
+ "proxy_next_upstream" directive.
+
+
+Changes with nginx 1.13.10 20 Mar 2018
+
+ *) Feature: the "set" parameter of the "include" SSI directive now
+ allows writing arbitrary responses to a variable; the
+ "subrequest_output_buffer_size" directive defines maximum response
+ size.
+
+ *) Feature: now nginx uses clock_gettime(CLOCK_MONOTONIC) if available,
+ to avoid timeouts being incorrectly triggered on system time changes.
+
+ *) Feature: the "escape=none" parameter of the "log_format" directive.
+ Thanks to Johannes Baiter and Calin Don.
+
+ *) Feature: the $ssl_preread_alpn_protocols variable in the
+ ngx_stream_ssl_preread_module.
+
+ *) Feature: the ngx_http_grpc_module.
+
+ *) Bugfix: in memory allocation error handling in the "geo" directive.
+
+ *) Bugfix: when using variables in the "auth_basic_user_file" directive
+ a null character might appear in logs.
+ Thanks to Vadim Filimonov.
+
+
+Changes with nginx 1.13.9 20 Feb 2018
+
+ *) Feature: HTTP/2 server push support; the "http2_push" and
+ "http2_push_preload" directives.
+
+ *) Bugfix: "header already sent" alerts might appear in logs when using
+ cache; the bug had appeared in 1.9.13.
+
+ *) Bugfix: a segmentation fault might occur in a worker process if the
+ "ssl_verify_client" directive was used and no SSL certificate was
+ specified in a virtual server.
+
+ *) Bugfix: in the ngx_http_v2_module.
+
+ *) Bugfix: in the ngx_http_dav_module.
+
+
+Changes with nginx 1.13.8 26 Dec 2017
+
+ *) Feature: now nginx automatically preserves the CAP_NET_RAW capability
+ in worker processes when using the "transparent" parameter of the
+ "proxy_bind", "fastcgi_bind", "memcached_bind", "scgi_bind", and
+ "uwsgi_bind" directives.
+
+ *) Feature: improved CPU cache line size detection.
+ Thanks to Debayan Ghosh.
+
+ *) Feature: new directives in vim syntax highlighting scripts.
+ Thanks to Gena Makhomed.
+
+ *) Bugfix: binary upgrade refused to work if nginx was re-parented to a
+ process with PID different from 1 after its parent process has
+ finished.
+
+ *) Bugfix: the ngx_http_autoindex_module incorrectly handled requests
+ with bodies.
+
+ *) Bugfix: in the "proxy_limit_rate" directive when used with the
+ "keepalive" directive.
+
+ *) Bugfix: some parts of a response might be buffered when using
+ "proxy_buffering off" if the client connection used SSL.
+ Thanks to Patryk Lesiewicz.
+
+ *) Bugfix: in the "proxy_cache_background_update" directive.
+
+ *) Bugfix: it was not possible to start a parameter with a variable in
+ the "${name}" form with the name in curly brackets without enclosing
+ the parameter into single or double quotes.
+
+
Changes with nginx 1.13.7 21 Nov 2017
*) Bugfix: in the $upstream_status variable.
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/CHANGES.ru
^
|
@@ -1,4 +1,151 @@
+Изменения в nginx 1.14.2 04.12.2018
+
+ *) Исправление: nginx не собирался gcc 8.1.
+
+ *) Исправление: nginx не собирался на Fedora 28 Linux.
+
+ *) Исправление: в обработке адресов клиентов при использовании unix
+ domain listen-сокетов для работы с датаграммами на Linux.
+
+ *) Изменение: уровень логгирования ошибок SSL "http request", "https
+ proxy request", "unsupported protocol", "version too low", "no
+ suitable key share" и "no suitable signature algorithm" понижен с
+ уровня crit до info.
+
+ *) Исправление: при использовании OpenSSL 1.1.0 и новее директиву
+ ssl_prefer_server_ciphers нельзя было выключить в виртуальном
+ сервере, если она была включена в сервере по умолчанию.
+
+ *) Исправление: nginx не собирался с LibreSSL 2.8.0.
+
+ *) Исправление: если nginx был собран с OpenSSL 1.1.0, а использовался с
+ OpenSSL 1.1.1, протокол TLS 1.3 всегда был разрешён.
+
+ *) Исправление: при отправке сохранённого на диск тела запроса на
+ gRPC-бэкенд могли возникать ошибки.
+
+ *) Исправление: соединения к некоторым gRPC-бэкендам могли не
+ кэшироваться при использовании директивы keepalive.
+
+ *) Исправление: в рабочем процессе мог произойти segmentation fault,
+ если использовался модуль ngx_http_mp4_module на 32-битных
+ платформах.
+
+
+Изменения в nginx 1.14.1 06.11.2018
+
+ *) Безопасность: при использовании HTTP/2 клиент мог вызвать чрезмерное
+ потреблению памяти (CVE-2018-16843) и ресурсов процессора
+ (CVE-2018-16844).
+
+ *) Безопасность: при обработке специально созданного mp4-файла модулем
+ ngx_http_mp4_module содержимое памяти рабочего процесса могло быть
+ отправлено клиенту (CVE-2018-16845).
+
+ *) Исправление: при работе с gRPC-бэкендами могло расходоваться большое
+ количество памяти.
+
+
+Изменения в nginx 1.14.0 17.04.2018
+
+ *) Стабильная ветка 1.14.x.
+
+
+Изменения в nginx 1.13.12 10.04.2018
+
+ *) Исправление: при возврате большого ответа соединения с gRPC-бэкендами
+ могли неожиданно закрываться.
+
+
+Изменения в nginx 1.13.11 03.04.2018
+
+ *) Добавление: параметр proxy_protocol директивы listen теперь
+ поддерживает протокол PROXY версии 2.
+
+ *) Исправление: nginx не собирался с OpenSSL 1.1.1 статически на Linux.
+
+ *) Исправление: в параметрах http_404, http_500 и им подобных директивы
+ proxy_next_upstream.
+
+
+Изменения в nginx 1.13.10 20.03.2018
+
+ *) Добавление: теперь параметр set в SSI-директиве include позволяет
+ сохранять в переменную любые ответы; максимальный размер ответа
+ задаётся директивой subrequest_output_buffer_size.
+
+ *) Добавление: теперь nginx использует вызов
+ clock_gettime(CLOCK_MONOTONIC), если он доступен, что позволяет
+ избежать некорректного срабатывания таймаутов при изменениях
+ системного времени.
+
+ *) Добавление: параметр "escape=none" директивы log_format.
+ Спасибо Johannes Baiter и Calin Don.
+
+ *) Добавление: переменная $ssl_preread_alpn_protocols в модуле
+ ngx_stream_ssl_preread_module.
+
+ *) Добавление: модуль ngx_http_grpc_module.
+
+ *) Исправление: в обработке ошибок выделения памяти в директиве geo.
+
+ *) Исправление: при использовании переменных в директиве
+ auth_basic_user_file в лог мог выводиться символ '\0'.
+ Спасибо Вадиму Филимонову.
+
+
+Изменения в nginx 1.13.9 20.02.2018
+
+ *) Добавление: поддержка HTTP/2 server push; директивы http2_push и
+ http2_push_preload.
+
+ *) Исправление: при использовании кэша в логах могли появляться
+ сообщения "header already sent"; ошибка появилась в 1.9.13.
+
+ *) Исправление: при использовании директивы ssl_verify_client в рабочем
+ процессе мог произойти segmentation fault, если в виртуальном сервере
+ не был указан SSL-сертификат.
+
+ *) Исправление: в модуле ngx_http_v2_module.
+
+ *) Исправление: в модуле ngx_http_dav_module.
+
+
+Изменения в nginx 1.13.8 26.12.2017
+
+ *) Добавление: теперь при использовании параметра transparent директив
+ proxy_bind, fastcgi_bind, memcached_bind, scgi_bind и uwsgi_bind
+ nginx автоматически сохраняет capability CAP_NET_RAW в рабочих
+ процессах.
+
+ *) Добавление: улучшения в определении размера строки кэша процессора.
+ Спасибо Debayan Ghosh.
+
+ *) Добавление: новые директивы в скриптах подсветки синтаксиса для vim.
+ Спасибо Геннадию Махомеду.
+
+ *) Исправление: процедура обновления исполняемого файла не работала,
+ если после завершения родительского процесса новым родительским
+ процессом nginx'а становился процесс с PID, отличным от 1.
+
+ *) Исправление: модуль ngx_http_autoindex_module неправильно обрабатывал
+ запросы с телом.
+
+ *) Исправление: в директиве proxy_limit_rate при использовании с
+ директивой keepalive.
+
+ *) Исправление: при использовании "proxy_buffering off" часть ответа
+ могла буферизироваться, если клиентское соединение использовало SSL.
+ Спасибо Patryk Lesiewicz.
+
+ *) Исправление: в директиве proxy_cache_background_update.
+
+ *) Исправление: переменную вида "${name}" с именем в фигурных скобках
+ нельзя было использовать в начале параметра не заключив весь параметр
+ в кавычки.
+
+
Изменения в nginx 1.13.7 21.11.2017
*) Исправление: в переменной $upstream_status.
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/LICENSE
^
|
@@ -1,6 +1,6 @@
/*
- * Copyright (C) 2002-2017 Igor Sysoev
- * Copyright (C) 2011-2017 Nginx, Inc.
+ * Copyright (C) 2002-2018 Igor Sysoev
+ * Copyright (C) 2011-2018 Nginx, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/cc/clang
^
|
@@ -5,7 +5,7 @@
# clang
-NGX_CLANG_VER=`$CC -v 2>&1 | grep '\(clang\|LLVM\) version' 2>&1 \
+NGX_CLANG_VER=`$CC -v 2>&1 | grep 'version' 2>&1 \
| sed -e 's/^.* version \(.*\)/\1/'`
echo " + clang version: $NGX_CLANG_VER"
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/cc/name
^
|
@@ -44,7 +44,11 @@
NGX_CC_NAME=gcc
echo " + using GNU C compiler"
-elif `$CC -v 2>&1 | grep '\(clang\|LLVM\) version' >/dev/null 2>&1`; then
+elif `$CC -v 2>&1 | grep 'clang version' >/dev/null 2>&1`; then
+ NGX_CC_NAME=clang
+ echo " + using Clang C compiler"
+
+elif `$CC -v 2>&1 | grep 'LLVM version' >/dev/null 2>&1`; then
NGX_CC_NAME=clang
echo " + using Clang C compiler"
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/lib/openssl/conf
^
|
@@ -41,6 +41,7 @@
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libcrypto.a"
CORE_LIBS="$CORE_LIBS $NGX_LIBDL"
+ CORE_LIBS="$CORE_LIBS $NGX_LIBPTHREAD"
if [ "$NGX_PLATFORM" = win32 ]; then
CORE_LIBS="$CORE_LIBS -lgdi32 -lcrypt32 -lws2_32"
@@ -59,7 +60,7 @@
ngx_feature_run=no
ngx_feature_incs="#include <openssl/ssl.h>"
ngx_feature_path=
- ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-lssl -lcrypto $NGX_LIBDL $NGX_LIBPTHREAD"
ngx_feature_test="SSL_CTX_set_options(NULL, 0)"
. auto/feature
@@ -71,11 +72,13 @@
ngx_feature_path="/usr/local/include"
if [ $NGX_RPATH = YES ]; then
- ngx_feature_libs="-R/usr/local/lib -L/usr/local/lib -lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-R/usr/local/lib -L/usr/local/lib -lssl -lcrypto"
else
- ngx_feature_libs="-L/usr/local/lib -lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-L/usr/local/lib -lssl -lcrypto"
fi
+ ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"
+
. auto/feature
fi
@@ -87,11 +90,13 @@
ngx_feature_path="/usr/pkg/include"
if [ $NGX_RPATH = YES ]; then
- ngx_feature_libs="-R/usr/pkg/lib -L/usr/pkg/lib -lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-R/usr/pkg/lib -L/usr/pkg/lib -lssl -lcrypto"
else
- ngx_feature_libs="-L/usr/pkg/lib -lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-L/usr/pkg/lib -lssl -lcrypto"
fi
+ ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"
+
. auto/feature
fi
@@ -103,11 +108,13 @@
ngx_feature_path="/opt/local/include"
if [ $NGX_RPATH = YES ]; then
- ngx_feature_libs="-R/opt/local/lib -L/opt/local/lib -lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-R/opt/local/lib -L/opt/local/lib -lssl -lcrypto"
else
- ngx_feature_libs="-L/opt/local/lib -lssl -lcrypto $NGX_LIBDL"
+ ngx_feature_libs="-L/opt/local/lib -lssl -lcrypto"
fi
+ ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"
+
. auto/feature
fi
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/lib/openssl/make
^
|
@@ -51,7 +51,7 @@
$OPENSSL/.openssl/include/openssl/ssl.h: $NGX_MAKEFILE
cd $OPENSSL \\
&& if [ -f Makefile ]; then \$(MAKE) clean; fi \\
- && ./config --prefix=$ngx_prefix no-shared $OPENSSL_OPT \\
+ && ./config --prefix=$ngx_prefix no-shared no-threads $OPENSSL_OPT \\
&& \$(MAKE) \\
&& \$(MAKE) install_sw LIBDIR=lib
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/modules
^
|
@@ -420,6 +420,7 @@
if [ $HTTP_V2 = YES ]; then
have=NGX_HTTP_V2 . auto/have
+ have=NGX_HTTP_HEADERS . auto/have
ngx_module_name=ngx_http_v2_module
ngx_module_incs=src/http/v2
@@ -427,6 +428,7 @@
src/http/v2/ngx_http_v2_module.h"
ngx_module_srcs="src/http/v2/ngx_http_v2.c \
src/http/v2/ngx_http_v2_table.c \
+ src/http/v2/ngx_http_v2_encode.c \
src/http/v2/ngx_http_v2_huff_decode.c \
src/http/v2/ngx_http_v2_huff_encode.c \
src/http/v2/ngx_http_v2_module.c"
@@ -741,6 +743,17 @@
. auto/module
fi
+
+ if [ $HTTP_GRPC = YES -a $HTTP_V2 = YES ]; then
+ ngx_module_name=ngx_http_grpc_module
+ ngx_module_incs=
+ ngx_module_deps=
+ ngx_module_srcs=src/http/modules/ngx_http_grpc_module.c
+ ngx_module_libs=
+ ngx_module_link=$HTTP_GRPC
+
+ . auto/module
+ fi
if [ $HTTP_PERL != NO ]; then
ngx_module_name=ngx_http_perl_module
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/options
^
|
@@ -86,6 +86,7 @@
HTTP_FASTCGI=YES
HTTP_UWSGI=YES
HTTP_SCGI=YES
+HTTP_GRPC=YES
HTTP_PERL=NO
HTTP_MEMCACHED=YES
HTTP_LIMIT_CONN=YES
@@ -262,6 +263,7 @@
--without-http_fastcgi_module) HTTP_FASTCGI=NO ;;
--without-http_uwsgi_module) HTTP_UWSGI=NO ;;
--without-http_scgi_module) HTTP_SCGI=NO ;;
+ --without-http_grpc_module) HTTP_GRPC=NO ;;
--without-http_memcached_module) HTTP_MEMCACHED=NO ;;
--without-http_limit_conn_module) HTTP_LIMIT_CONN=NO ;;
--without-http_limit_req_module) HTTP_LIMIT_REQ=NO ;;
@@ -471,6 +473,7 @@
--without-http_fastcgi_module disable ngx_http_fastcgi_module
--without-http_uwsgi_module disable ngx_http_uwsgi_module
--without-http_scgi_module disable ngx_http_scgi_module
+ --without-http_grpc_module disable ngx_http_grpc_module
--without-http_memcached_module disable ngx_http_memcached_module
--without-http_limit_conn_module disable ngx_http_limit_conn_module
--without-http_limit_req_module disable ngx_http_limit_req_module
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/os/conf
^
|
@@ -110,6 +110,11 @@
NGX_MACH_CACHE_LINE=64
;;
+ aarch64 )
+ have=NGX_ALIGNMENT value=16 . auto/define
+ NGX_MACH_CACHE_LINE=64
+ ;;
+
*)
have=NGX_ALIGNMENT value=16 . auto/define
NGX_MACH_CACHE_LINE=32
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/os/linux
^
|
@@ -157,6 +157,38 @@
. auto/feature
+# prctl(PR_SET_KEEPCAPS)
+
+ngx_feature="prctl(PR_SET_KEEPCAPS)"
+ngx_feature_name="NGX_HAVE_PR_SET_KEEPCAPS"
+ngx_feature_run=yes
+ngx_feature_incs="#include <sys/prctl.h>"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1) return 1"
+. auto/feature
+
+
+# capabilities
+
+ngx_feature="capabilities"
+ngx_feature_name="NGX_HAVE_CAPABILITIES"
+ngx_feature_run=no
+ngx_feature_incs="#include <linux/capability.h>
+ #include <sys/syscall.h>"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="struct __user_cap_data_struct data;
+ struct __user_cap_header_struct header;
+
+ header.version = _LINUX_CAPABILITY_VERSION_1;
+ data.effective = CAP_TO_MASK(CAP_NET_RAW);
+ data.permitted = 0;
+
+ (void) SYS_capset"
+. auto/feature
+
+
# crypt_r()
ngx_feature="crypt_r()"
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/threads
^
|
@@ -17,4 +17,5 @@
CORE_DEPS="$CORE_DEPS $THREAD_POOL_DEPS"
CORE_SRCS="$CORE_SRCS $THREAD_POOL_SRCS"
CORE_LIBS="$CORE_LIBS -lpthread"
+ NGX_LIBPTHREAD="-lpthread"
fi
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/auto/unix
^
|
@@ -342,7 +342,7 @@
. auto/feature
-# NetBSD bind to any address for transparent proxying
+# OpenBSD bind to any address for transparent proxying
ngx_feature="SO_BINDANY"
ngx_feature_name="NGX_HAVE_TRANSPARENT_PROXY"
@@ -354,42 +354,42 @@
. auto/feature
-# Linux IP_BIND_ADDRESS_NO_PORT
+# Linux transparent proxying
-ngx_feature="IP_BIND_ADDRESS_NO_PORT"
-ngx_feature_name="NGX_HAVE_IP_BIND_ADDRESS_NO_PORT"
+ngx_feature="IP_TRANSPARENT"
+ngx_feature_name="NGX_HAVE_TRANSPARENT_PROXY"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
-ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_BIND_ADDRESS_NO_PORT, NULL, 0)"
+ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_TRANSPARENT, NULL, 0)"
. auto/feature
-# Linux transparent proxying
+# FreeBSD bind to any address for transparent proxying
-ngx_feature="IP_TRANSPARENT"
+ngx_feature="IP_BINDANY"
ngx_feature_name="NGX_HAVE_TRANSPARENT_PROXY"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
-ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_TRANSPARENT, NULL, 0)"
+ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_BINDANY, NULL, 0)"
. auto/feature
-# FreeBSD bind to any address for transparent proxying
+# Linux IP_BIND_ADDRESS_NO_PORT
-ngx_feature="IP_BINDANY"
-ngx_feature_name="NGX_HAVE_TRANSPARENT_PROXY"
+ngx_feature="IP_BIND_ADDRESS_NO_PORT"
+ngx_feature_name="NGX_HAVE_IP_BIND_ADDRESS_NO_PORT"
ngx_feature_run=no
ngx_feature_incs="#include <sys/socket.h>
#include <netinet/in.h>"
ngx_feature_path=
ngx_feature_libs=
-ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_BINDANY, NULL, 0)"
+ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_BIND_ADDRESS_NO_PORT, NULL, 0)"
. auto/feature
@@ -791,6 +791,30 @@
. auto/feature
+ngx_feature="clock_gettime(CLOCK_MONOTONIC)"
+ngx_feature_name="NGX_HAVE_CLOCK_MONOTONIC"
+ngx_feature_run=no
+ngx_feature_incs="#include <time.h>"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="struct timespec ts; clock_gettime(CLOCK_MONOTONIC, &ts)"
+. auto/feature
+
+
+if [ $ngx_found = no ]; then
+
+ # Linux before glibc 2.17, notably CentOS 6
+
+ ngx_feature="clock_gettime(CLOCK_MONOTONIC) in librt"
+ ngx_feature_libs="-lrt"
+ . auto/feature
+
+ if [ $ngx_found = yes ]; then
+ CORE_LIBS="$CORE_LIBS -lrt"
+ fi
+fi
+
+
ngx_feature="posix_memalign()"
ngx_feature_name="NGX_HAVE_POSIX_MEMALIGN"
ngx_feature_run=no
@@ -877,6 +901,7 @@
if [ $ngx_found = yes ]; then
CORE_LIBS="$CORE_LIBS -lpthread"
+ NGX_LIBPTHREAD="-lpthread"
fi
fi
@@ -964,6 +989,16 @@
. auto/feature
+ngx_feature="sysconf(_SC_LEVEL1_DCACHE_LINESIZE)"
+ngx_feature_name="NGX_HAVE_LEVEL1_DCACHE_LINESIZE"
+ngx_feature_run=no
+ngx_feature_incs=
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="sysconf(_SC_LEVEL1_DCACHE_LINESIZE)"
+. auto/feature
+
+
ngx_feature="openat(), fstatat()"
ngx_feature_name="NGX_HAVE_OPENAT"
ngx_feature_run=no
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/contrib/vim/syntax/nginx.vim
^
|
@@ -15,7 +15,7 @@
syn match ngxName '\([^;{} \t\\]\|\\.\)\+'
\ contains=@ngxDirectives
\ nextgroup=@ngxParams skipwhite skipempty
-syn match ngxParam '\([^;{ \t\\]\|\\.\)\+'
+syn match ngxParam '\(\${\|[^;{ \t\\]\|\\.\)\+'
\ contained
\ contains=ngxVariable
\ nextgroup=@ngxParams skipwhite skipempty
@@ -29,7 +29,7 @@
\ contains=@ngxTopLevel
syn match ngxComment '#.*$'
-syn match ngxVariable '\$\w\+' contained
+syn match ngxVariable '\$\(\w\+\|{\w\+}\)' contained
syn match ngxVariableString '\$\(\w\+\|{\w\+}\)' contained
syn cluster ngxTopLevel
@@ -37,7 +37,7 @@
syn cluster ngxDirectives
\ contains=ngxDirective,ngxDirectiveBlock,ngxDirectiveImportant
\ add=ngxDirectiveControl,ngxDirectiveError,ngxDirectiveDeprecated
- \ add=ngxDirectiveThirdParty
+ \ add=ngxDirectiveThirdParty,ngxDirectiveThirdPartyDeprecated
syn cluster ngxParams
\ contains=ngxParam,ngxString,ngxParamComment,ngxSemicolon,ngxBlock
@@ -52,7 +52,7 @@
syn cluster ngxTopLevel add=ngxDirectiveListen
syn keyword ngxDirectiveListen listen
\ nextgroup=@ngxListenParams skipwhite skipempty
-syn match ngxListenParam '\([^;{ \t\\]\|\\.\)\+'
+syn match ngxListenParam '\(\${\|[^;{ \t\\]\|\\.\)\+'
\ contained
\ nextgroup=@ngxListenParams skipwhite skipempty
syn region ngxListenString start=+\z(["']\)+ end=+\z1+ skip=+\\\\\|\\\z1+
@@ -62,15 +62,19 @@
\ contained
\ nextgroup=@ngxListenParams skipwhite skipempty
syn keyword ngxListenOptions contained
- \ default_server ssl http2 spdy proxy_protocol
+ \ default_server ssl http2 proxy_protocol
\ setfib fastopen backlog rcvbuf sndbuf accept_filter deferred bind
- \ ipv6only reuseport so_keepalive keepidle
+ \ ipv6only reuseport so_keepalive
+ \ nextgroup=@ngxListenParams skipwhite skipempty
+syn keyword ngxListenOptionsDeprecated contained
+ \ spdy
\ nextgroup=@ngxListenParams skipwhite skipempty
syn cluster ngxListenParams
\ contains=ngxListenParam,ngxListenString,ngxListenComment
- \ add=ngxListenOptions
+ \ add=ngxListenOptions,ngxListenOptionsDeprecated
syn keyword ngxDirectiveBlock contained http
+syn keyword ngxDirectiveBlock contained stream
syn keyword ngxDirectiveBlock contained mail
syn keyword ngxDirectiveBlock contained events
syn keyword ngxDirectiveBlock contained server
@@ -83,12 +87,11 @@
syn keyword ngxDirectiveBlock contained geo
syn keyword ngxDirectiveBlock contained map
syn keyword ngxDirectiveBlock contained split_clients
+syn keyword ngxDirectiveBlock contained match
syn keyword ngxDirectiveImportant contained include
syn keyword ngxDirectiveImportant contained root
-"syn keyword ngxDirectiveImportant contained server
syn keyword ngxDirectiveImportant contained server_name
-"syn keyword ngxDirectiveImportant contained listen
syn keyword ngxDirectiveImportant contained internal
syn keyword ngxDirectiveImportant contained proxy_pass
syn keyword ngxDirectiveImportant contained memcached_pass
@@ -105,14 +108,17 @@
syn keyword ngxDirectiveError contained error_page
syn keyword ngxDirectiveError contained post_action
-syn keyword ngxDirectiveDeprecated contained connections
-syn keyword ngxDirectiveDeprecated contained imap
-syn keyword ngxDirectiveDeprecated contained limit_zone
-syn keyword ngxDirectiveDeprecated contained mysql_test
-syn keyword ngxDirectiveDeprecated contained open_file_cache_retest
-syn keyword ngxDirectiveDeprecated contained optimize_server_names
-syn keyword ngxDirectiveDeprecated contained satisfy_any
-syn keyword ngxDirectiveDeprecated contained so_keepalive
+syn keyword ngxDirectiveDeprecated contained proxy_downstream_buffer
+syn keyword ngxDirectiveDeprecated contained proxy_upstream_buffer
+syn keyword ngxDirectiveDeprecated contained spdy_chunk_size
+syn keyword ngxDirectiveDeprecated contained spdy_headers_comp
+syn keyword ngxDirectiveDeprecated contained spdy_keepalive_timeout
+syn keyword ngxDirectiveDeprecated contained spdy_max_concurrent_streams
+syn keyword ngxDirectiveDeprecated contained spdy_pool_size
+syn keyword ngxDirectiveDeprecated contained spdy_recv_buffer_size
+syn keyword ngxDirectiveDeprecated contained spdy_recv_timeout
+syn keyword ngxDirectiveDeprecated contained spdy_streams_index_size
+syn keyword ngxDirectiveDeprecated contained upstream_conf
syn keyword ngxDirective contained absolute_redirect
syn keyword ngxDirective contained accept_mutex
@@ -122,6 +128,7 @@
syn keyword ngxDirective contained add_after_body
syn keyword ngxDirective contained add_before_body
syn keyword ngxDirective contained add_header
+syn keyword ngxDirective contained add_trailer
syn keyword ngxDirective contained addition_types
syn keyword ngxDirective contained aio
syn keyword ngxDirective contained aio_write
@@ -144,7 +151,6 @@
syn keyword ngxDirective contained autoindex_format
syn keyword ngxDirective contained autoindex_localtime
syn keyword ngxDirective contained charset
-syn keyword ngxDirective contained charset_map
syn keyword ngxDirective contained charset_types
syn keyword ngxDirective contained chunked_transfer_encoding
syn keyword ngxDirective contained client_body_buffer_size
@@ -186,6 +192,7 @@
syn keyword ngxDirective contained fastcgi_buffers
syn keyword ngxDirective contained fastcgi_busy_buffers_size
syn keyword ngxDirective contained fastcgi_cache
+syn keyword ngxDirective contained fastcgi_cache_background_update
syn keyword ngxDirective contained fastcgi_cache_bypass
syn keyword ngxDirective contained fastcgi_cache_key
syn keyword ngxDirective contained fastcgi_cache_lock
@@ -234,6 +241,32 @@
syn keyword ngxDirective contained geoip_proxy
syn keyword ngxDirective contained geoip_proxy_recursive
syn keyword ngxDirective contained google_perftools_profiles
+syn keyword ngxDirective contained grpc_bind
+syn keyword ngxDirective contained grpc_buffer_size
+syn keyword ngxDirective contained grpc_connect_timeout
+syn keyword ngxDirective contained grpc_hide_header
+syn keyword ngxDirective contained grpc_ignore_headers
+syn keyword ngxDirective contained grpc_intercept_errors
+syn keyword ngxDirective contained grpc_next_upstream
+syn keyword ngxDirective contained grpc_next_upstream_timeout
+syn keyword ngxDirective contained grpc_next_upstream_tries
+syn keyword ngxDirective contained grpc_pass
+syn keyword ngxDirective contained grpc_pass_header
+syn keyword ngxDirective contained grpc_read_timeout
+syn keyword ngxDirective contained grpc_send_timeout
+syn keyword ngxDirective contained grpc_set_header
+syn keyword ngxDirective contained grpc_ssl_certificate
+syn keyword ngxDirective contained grpc_ssl_certificate_key
+syn keyword ngxDirective contained grpc_ssl_ciphers
+syn keyword ngxDirective contained grpc_ssl_crl
+syn keyword ngxDirective contained grpc_ssl_name
+syn keyword ngxDirective contained grpc_ssl_password_file
+syn keyword ngxDirective contained grpc_ssl_protocols
+syn keyword ngxDirective contained grpc_ssl_server_name
+syn keyword ngxDirective contained grpc_ssl_session_reuse
+syn keyword ngxDirective contained grpc_ssl_trusted_certificate
+syn keyword ngxDirective contained grpc_ssl_verify
+syn keyword ngxDirective contained grpc_ssl_verify_depth
syn keyword ngxDirective contained gunzip
syn keyword ngxDirective contained gunzip_buffers
syn keyword ngxDirective contained gzip
@@ -258,15 +291,20 @@
syn keyword ngxDirective contained hls_fragment
syn keyword ngxDirective contained hls_mp4_buffer_size
syn keyword ngxDirective contained hls_mp4_max_buffer_size
-syn keyword ngxDirective contained http2_chunk_size
syn keyword ngxDirective contained http2_body_preread_size
+syn keyword ngxDirective contained http2_chunk_size
syn keyword ngxDirective contained http2_idle_timeout
+syn keyword ngxDirective contained http2_max_concurrent_pushes
syn keyword ngxDirective contained http2_max_concurrent_streams
syn keyword ngxDirective contained http2_max_field_size
syn keyword ngxDirective contained http2_max_header_size
syn keyword ngxDirective contained http2_max_requests
+syn keyword ngxDirective contained http2_pool_size
+syn keyword ngxDirective contained http2_push
+syn keyword ngxDirective contained http2_push_preload
syn keyword ngxDirective contained http2_recv_buffer_size
syn keyword ngxDirective contained http2_recv_timeout
+syn keyword ngxDirective contained http2_streams_index_size
syn keyword ngxDirective contained if_modified_since
syn keyword ngxDirective contained ignore_invalid_headers
syn keyword ngxDirective contained image_filter
@@ -317,7 +355,6 @@
syn keyword ngxDirective contained log_subrequest
syn keyword ngxDirective contained map_hash_bucket_size
syn keyword ngxDirective contained map_hash_max_size
-syn keyword ngxDirective contained match
syn keyword ngxDirective contained master_process
syn keyword ngxDirective contained max_ranges
syn keyword ngxDirective contained memcached_bind
@@ -332,6 +369,8 @@
syn keyword ngxDirective contained memcached_send_timeout
syn keyword ngxDirective contained merge_slashes
syn keyword ngxDirective contained min_delete_depth
+syn keyword ngxDirective contained mirror
+syn keyword ngxDirective contained mirror_request_body
syn keyword ngxDirective contained modern_browser
syn keyword ngxDirective contained modern_browser_value
syn keyword ngxDirective contained mp4
@@ -374,6 +413,7 @@
syn keyword ngxDirective contained proxy_buffers
syn keyword ngxDirective contained proxy_busy_buffers_size
syn keyword ngxDirective contained proxy_cache
+syn keyword ngxDirective contained proxy_cache_background_update
syn keyword ngxDirective contained proxy_cache_bypass
syn keyword ngxDirective contained proxy_cache_convert_head
syn keyword ngxDirective contained proxy_cache_key
@@ -421,6 +461,7 @@
syn keyword ngxDirective contained proxy_send_timeout
syn keyword ngxDirective contained proxy_set_body
syn keyword ngxDirective contained proxy_set_header
+syn keyword ngxDirective contained proxy_ssl
syn keyword ngxDirective contained proxy_ssl_certificate
syn keyword ngxDirective contained proxy_ssl_certificate_key
syn keyword ngxDirective contained proxy_ssl_ciphers
@@ -452,10 +493,6 @@
syn keyword ngxDirective contained resolver
syn keyword ngxDirective contained resolver_timeout
syn keyword ngxDirective contained rewrite_log
-syn keyword ngxDirective contained rtsig_overflow_events
-syn keyword ngxDirective contained rtsig_overflow_test
-syn keyword ngxDirective contained rtsig_overflow_threshold
-syn keyword ngxDirective contained rtsig_signo
syn keyword ngxDirective contained satisfy
syn keyword ngxDirective contained scgi_bind
syn keyword ngxDirective contained scgi_buffer_size
@@ -463,6 +500,7 @@
syn keyword ngxDirective contained scgi_buffers
syn keyword ngxDirective contained scgi_busy_buffers_size
syn keyword ngxDirective contained scgi_cache
+syn keyword ngxDirective contained scgi_cache_background_update
syn keyword ngxDirective contained scgi_cache_bypass
syn keyword ngxDirective contained scgi_cache_key
syn keyword ngxDirective contained scgi_cache_lock
@@ -520,14 +558,6 @@
syn keyword ngxDirective contained smtp_client_buffer
syn keyword ngxDirective contained smtp_greeting_delay
syn keyword ngxDirective contained source_charset
-syn keyword ngxDirective contained spdy_chunk_size
-syn keyword ngxDirective contained spdy_headers_comp
-syn keyword ngxDirective contained spdy_keepalive_timeout
-syn keyword ngxDirective contained spdy_max_concurrent_streams
-syn keyword ngxDirective contained spdy_pool_size
-syn keyword ngxDirective contained spdy_recv_buffer_size
-syn keyword ngxDirective contained spdy_recv_timeout
-syn keyword ngxDirective contained spdy_streams_index_size
syn keyword ngxDirective contained ssi
syn keyword ngxDirective contained ssi_ignore_recycled_buffers
syn keyword ngxDirective contained ssi_last_modified
@@ -573,17 +603,16 @@
syn keyword ngxDirective contained sub_filter_last_modified
syn keyword ngxDirective contained sub_filter_once
syn keyword ngxDirective contained sub_filter_types
+syn keyword ngxDirective contained subrequest_output_buffer_size
syn keyword ngxDirective contained tcp_nodelay
syn keyword ngxDirective contained tcp_nopush
syn keyword ngxDirective contained thread_pool
-syn keyword ngxDirective contained thread_stack_size
syn keyword ngxDirective contained timeout
syn keyword ngxDirective contained timer_resolution
syn keyword ngxDirective contained types_hash_bucket_size
syn keyword ngxDirective contained types_hash_max_size
syn keyword ngxDirective contained underscores_in_headers
syn keyword ngxDirective contained uninitialized_variable_warn
-syn keyword ngxDirective contained upstream_conf
syn keyword ngxDirective contained use
syn keyword ngxDirective contained user
syn keyword ngxDirective contained userid
@@ -600,11 +629,13 @@
syn keyword ngxDirective contained uwsgi_buffers
syn keyword ngxDirective contained uwsgi_busy_buffers_size
syn keyword ngxDirective contained uwsgi_cache
+syn keyword ngxDirective contained uwsgi_cache_background_update
syn keyword ngxDirective contained uwsgi_cache_bypass
syn keyword ngxDirective contained uwsgi_cache_key
syn keyword ngxDirective contained uwsgi_cache_lock
syn keyword ngxDirective contained uwsgi_cache_lock_age
syn keyword ngxDirective contained uwsgi_cache_lock_timeout
+syn keyword ngxDirective contained uwsgi_cache_max_range_offset
syn keyword ngxDirective contained uwsgi_cache_methods
syn keyword ngxDirective contained uwsgi_cache_min_uses
syn keyword ngxDirective contained uwsgi_cache_path
@@ -627,7 +658,6 @@
syn keyword ngxDirective contained uwsgi_next_upstream_tries
syn keyword ngxDirective contained uwsgi_no_cache
syn keyword ngxDirective contained uwsgi_param
-syn keyword ngxDirective contained uwsgi_pass
syn keyword ngxDirective contained uwsgi_pass_header
syn keyword ngxDirective contained uwsgi_pass_request_body
syn keyword ngxDirective contained uwsgi_pass_request_headers
@@ -661,8 +691,7 @@
syn keyword ngxDirective contained worker_processes
syn keyword ngxDirective contained worker_rlimit_core
syn keyword ngxDirective contained worker_rlimit_nofile
-syn keyword ngxDirective contained worker_rlimit_sigpending
-syn keyword ngxDirective contained worker_threads
+syn keyword ngxDirective contained worker_shutdown_timeout
syn keyword ngxDirective contained working_directory
syn keyword ngxDirective contained xclient
syn keyword ngxDirective contained xml_entities
@@ -673,529 +702,621 @@
syn keyword ngxDirective contained xslt_types
syn keyword ngxDirective contained zone
-" 3rd party module list:
-" https://www.nginx.com/resources/wiki/modules/
+" 3rd party modules list taken from
+" https://github.com/freebsd/freebsd-ports/blob/master/www/nginx-devel/Makefile
+" -----------------------------------------------------------------------------
-" Accept Language Module <https://www.nginx.com/resources/wiki/modules/accept_language/>
-" Parses the Accept-Language header and gives the most suitable locale from a list of supported locales.
+" Accept Language
+" https://github.com/giom/nginx_accept_language_module
syn keyword ngxDirectiveThirdParty contained set_from_accept_language
-" Access Key Module (DEPRECATED) <http://wiki.nginx.org/NginxHttpAccessKeyModule>
-" Denies access unless the request URL contains an access key.
-syn keyword ngxDirectiveDeprecated contained accesskey
-syn keyword ngxDirectiveDeprecated contained accesskey_arg
-syn keyword ngxDirectiveDeprecated contained accesskey_hashmethod
-syn keyword ngxDirectiveDeprecated contained accesskey_signature
-
-" Asynchronous FastCGI Module <https://github.com/rsms/afcgi>
-" Primarily a modified version of the Nginx FastCGI module which implements multiplexing of connections, allowing a single FastCGI server to handle many concurrent requests.
-" syn keyword ngxDirectiveThirdParty contained fastcgi_bind
-" syn keyword ngxDirectiveThirdParty contained fastcgi_buffer_size
-" syn keyword ngxDirectiveThirdParty contained fastcgi_buffers
-" syn keyword ngxDirectiveThirdParty contained fastcgi_busy_buffers_size
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache_key
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache_methods
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache_min_uses
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache_path
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache_use_stale
-" syn keyword ngxDirectiveThirdParty contained fastcgi_cache_valid
-" syn keyword ngxDirectiveThirdParty contained fastcgi_catch_stderr
-" syn keyword ngxDirectiveThirdParty contained fastcgi_connect_timeout
-" syn keyword ngxDirectiveThirdParty contained fastcgi_hide_header
-" syn keyword ngxDirectiveThirdParty contained fastcgi_ignore_client_abort
-" syn keyword ngxDirectiveThirdParty contained fastcgi_ignore_headers
-" syn keyword ngxDirectiveThirdParty contained fastcgi_index
-" syn keyword ngxDirectiveThirdParty contained fastcgi_intercept_errors
-" syn keyword ngxDirectiveThirdParty contained fastcgi_max_temp_file_size
-" syn keyword ngxDirectiveThirdParty contained fastcgi_next_upstream
-" syn keyword ngxDirectiveThirdParty contained fastcgi_param
-" syn keyword ngxDirectiveThirdParty contained fastcgi_pass
-" syn keyword ngxDirectiveThirdParty contained fastcgi_pass_header
-" syn keyword ngxDirectiveThirdParty contained fastcgi_pass_request_body
-" syn keyword ngxDirectiveThirdParty contained fastcgi_pass_request_headers
-" syn keyword ngxDirectiveThirdParty contained fastcgi_read_timeout
-" syn keyword ngxDirectiveThirdParty contained fastcgi_send_lowat
-" syn keyword ngxDirectiveThirdParty contained fastcgi_send_timeout
-" syn keyword ngxDirectiveThirdParty contained fastcgi_split_path_info
-" syn keyword ngxDirectiveThirdParty contained fastcgi_store
-" syn keyword ngxDirectiveThirdParty contained fastcgi_store_access
-" syn keyword ngxDirectiveThirdParty contained fastcgi_temp_file_write_size
-" syn keyword ngxDirectiveThirdParty contained fastcgi_temp_path
-syn keyword ngxDirectiveDeprecated contained fastcgi_upstream_fail_timeout
-syn keyword ngxDirectiveDeprecated contained fastcgi_upstream_max_fails
+" Digest Authentication
+" https://github.com/atomx/nginx-http-auth-digest
+syn keyword ngxDirectiveThirdParty contained auth_digest
+syn keyword ngxDirectiveThirdParty contained auth_digest_drop_time
+syn keyword ngxDirectiveThirdParty contained auth_digest_evasion_time
+syn keyword ngxDirectiveThirdParty contained auth_digest_expires
+syn keyword ngxDirectiveThirdParty contained auth_digest_maxtries
+syn keyword ngxDirectiveThirdParty contained auth_digest_replays
+syn keyword ngxDirectiveThirdParty contained auth_digest_shm_size
+syn keyword ngxDirectiveThirdParty contained auth_digest_timeout
+syn keyword ngxDirectiveThirdParty contained auth_digest_user_file
-" Akamai G2O Module <https://github.com/kaltura/nginx_mod_akamai_g2o>
-" Nginx Module for Authenticating Akamai G2O requests
-syn keyword ngxDirectiveThirdParty contained g2o
-syn keyword ngxDirectiveThirdParty contained g2o_nonce
-syn keyword ngxDirectiveThirdParty contained g2o_key
+" SPNEGO Authentication
+" https://github.com/stnoonan/spnego-http-auth-nginx-module
+syn keyword ngxDirectiveThirdParty contained auth_gss
+syn keyword ngxDirectiveThirdParty contained auth_gss_allow_basic_fallback
+syn keyword ngxDirectiveThirdParty contained auth_gss_authorized_principal
+syn keyword ngxDirectiveThirdParty contained auth_gss_force_realm
+syn keyword ngxDirectiveThirdParty contained auth_gss_format_full
+syn keyword ngxDirectiveThirdParty contained auth_gss_keytab
+syn keyword ngxDirectiveThirdParty contained auth_gss_realm
+syn keyword ngxDirectiveThirdParty contained auth_gss_service_name
-" Lua Module <https://github.com/alacner/nginx_lua_module>
-" You can be very simple to execute lua code for nginx
-syn keyword ngxDirectiveThirdParty contained lua_file
+" LDAP Authentication
+" https://github.com/kvspb/nginx-auth-ldap
+syn keyword ngxDirectiveThirdParty contained auth_ldap
+syn keyword ngxDirectiveThirdParty contained auth_ldap_cache_enabled
+syn keyword ngxDirectiveThirdParty contained auth_ldap_cache_expiration_time
+syn keyword ngxDirectiveThirdParty contained auth_ldap_cache_size
+syn keyword ngxDirectiveThirdParty contained auth_ldap_servers
+syn keyword ngxDirectiveThirdParty contained auth_ldap_servers_size
+syn keyword ngxDirectiveThirdParty contained ldap_server
-" Array Variable Module <https://github.com/openresty/array-var-nginx-module>
-" Add support for array-typed variables to nginx config files
-syn keyword ngxDirectiveThirdParty contained array_split
-syn keyword ngxDirectiveThirdParty contained array_join
-syn keyword ngxDirectiveThirdParty contained array_map
-syn keyword ngxDirectiveThirdParty contained array_map_op
+" PAM Authentication
+" https://github.com/sto/ngx_http_auth_pam_module
+syn keyword ngxDirectiveThirdParty contained auth_pam
+syn keyword ngxDirectiveThirdParty contained auth_pam_service_name
+syn keyword ngxDirectiveThirdParty contained auth_pam_set_pam_env
-" Nginx Audio Track for HTTP Live Streaming <https://github.com/flavioribeiro/nginx-audio-track-for-hls-module>
-" This nginx module generates audio track for hls streams on the fly.
-syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track
-syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track_rootpath
-syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track_output_format
-syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track_output_header
+" AJP protocol proxy
+" https://github.com/yaoweibin/nginx_ajp_module
+syn keyword ngxDirectiveThirdParty contained ajp_buffer_size
+syn keyword ngxDirectiveThirdParty contained ajp_buffers
+syn keyword ngxDirectiveThirdParty contained ajp_busy_buffers_size
+syn keyword ngxDirectiveThirdParty contained ajp_cache
+syn keyword ngxDirectiveThirdParty contained ajp_cache_key
+syn keyword ngxDirectiveThirdParty contained ajp_cache_lock
+syn keyword ngxDirectiveThirdParty contained ajp_cache_lock_timeout
+syn keyword ngxDirectiveThirdParty contained ajp_cache_methods
+syn keyword ngxDirectiveThirdParty contained ajp_cache_min_uses
+syn keyword ngxDirectiveThirdParty contained ajp_cache_path
+syn keyword ngxDirectiveThirdParty contained ajp_cache_use_stale
+syn keyword ngxDirectiveThirdParty contained ajp_cache_valid
+syn keyword ngxDirectiveThirdParty contained ajp_connect_timeout
+syn keyword ngxDirectiveThirdParty contained ajp_header_packet_buffer_size
+syn keyword ngxDirectiveThirdParty contained ajp_hide_header
+syn keyword ngxDirectiveThirdParty contained ajp_ignore_client_abort
+syn keyword ngxDirectiveThirdParty contained ajp_ignore_headers
+syn keyword ngxDirectiveThirdParty contained ajp_intercept_errors
+syn keyword ngxDirectiveThirdParty contained ajp_keep_conn
+syn keyword ngxDirectiveThirdParty contained ajp_max_data_packet_size
+syn keyword ngxDirectiveThirdParty contained ajp_max_temp_file_size
+syn keyword ngxDirectiveThirdParty contained ajp_next_upstream
+syn keyword ngxDirectiveThirdParty contained ajp_pass
+syn keyword ngxDirectiveThirdParty contained ajp_pass_header
+syn keyword ngxDirectiveThirdParty contained ajp_pass_request_body
+syn keyword ngxDirectiveThirdParty contained ajp_pass_request_headers
+syn keyword ngxDirectiveThirdParty contained ajp_read_timeout
+syn keyword ngxDirectiveThirdParty contained ajp_send_lowat
+syn keyword ngxDirectiveThirdParty contained ajp_send_timeout
+syn keyword ngxDirectiveThirdParty contained ajp_store
+syn keyword ngxDirectiveThirdParty contained ajp_store_access
+syn keyword ngxDirectiveThirdParty contained ajp_temp_file_write_size
+syn keyword ngxDirectiveThirdParty contained ajp_temp_path
+syn keyword ngxDirectiveThirdParty contained ajp_upstream_fail_timeout
+syn keyword ngxDirectiveThirdParty contained ajp_upstream_max_fails
-" AWS Proxy Module <https://github.com/anomalizer/ngx_aws_auth>
-" Nginx module to proxy to authenticated AWS services
+" AWS proxy
+" https://github.com/anomalizer/ngx_aws_auth
syn keyword ngxDirectiveThirdParty contained aws_access_key
-syn keyword ngxDirectiveThirdParty contained aws_key_scope
-syn keyword ngxDirectiveThirdParty contained aws_signing_key
syn keyword ngxDirectiveThirdParty contained aws_endpoint
+syn keyword ngxDirectiveThirdParty contained aws_key_scope
syn keyword ngxDirectiveThirdParty contained aws_s3_bucket
syn keyword ngxDirectiveThirdParty contained aws_sign
+syn keyword ngxDirectiveThirdParty contained aws_signing_key
-" Backtrace module <https://github.com/alibaba/nginx-backtrace>
-" A Nginx module to dump backtrace when a worker process exits abnormally
-syn keyword ngxDirectiveThirdParty contained backtrace_log
-syn keyword ngxDirectiveThirdParty contained backtrace_max_stack_size
-
-" Brotli Module <https://github.com/google/ngx_brotli>
-" Nginx module for Brotli compression
-syn keyword ngxDirectiveThirdParty contained brotli_static
-syn keyword ngxDirectiveThirdParty contained brotli
-syn keyword ngxDirectiveThirdParty contained brotli_types
-syn keyword ngxDirectiveThirdParty contained brotli_buffers
-syn keyword ngxDirectiveThirdParty contained brotli_comp_level
-syn keyword ngxDirectiveThirdParty contained brotli_window
-syn keyword ngxDirectiveThirdParty contained brotli_min_length
-
-" Cache Purge Module <https://github.com/FRiCKLE/ngx_cache_purge>
-" Adds ability to purge content from FastCGI, proxy, SCGI and uWSGI caches.
-syn keyword ngxDirectiveThirdParty contained fastcgi_cache_purge
-syn keyword ngxDirectiveThirdParty contained proxy_cache_purge
-" syn keyword ngxDirectiveThirdParty contained scgi_cache_purge
-" syn keyword ngxDirectiveThirdParty contained uwsgi_cache_purge
-
-" Chunkin Module (DEPRECATED) <http://wiki.nginx.org/NginxHttpChunkinModule>
-" HTTP 1.1 chunked-encoding request body support for Nginx.
-syn keyword ngxDirectiveDeprecated contained chunkin
-syn keyword ngxDirectiveDeprecated contained chunkin_keepalive
-syn keyword ngxDirectiveDeprecated contained chunkin_max_chunks_per_buf
-syn keyword ngxDirectiveDeprecated contained chunkin_resume
-
-" Circle GIF Module <https://github.com/evanmiller/nginx_circle_gif>
-" Generates simple circle images with the colors and size specified in the URL.
-syn keyword ngxDirectiveThirdParty contained circle_gif
-syn keyword ngxDirectiveThirdParty contained circle_gif_max_radius
-syn keyword ngxDirectiveThirdParty contained circle_gif_min_radius
-syn keyword ngxDirectiveThirdParty contained circle_gif_step_radius
-
-" Nginx-Clojure Module <http://nginx-clojure.github.io/index.html>
-" Parses the Accept-Language header and gives the most suitable locale from a list of supported locales.
-syn keyword ngxDirectiveThirdParty contained jvm_path
-syn keyword ngxDirectiveThirdParty contained jvm_var
+" embedding Clojure or Java or Groovy programs
+" https://github.com/nginx-clojure/nginx-clojure
+syn keyword ngxDirectiveThirdParty contained access_handler_code
+syn keyword ngxDirectiveThirdParty contained access_handler_name
+syn keyword ngxDirectiveThirdParty contained access_handler_property
+syn keyword ngxDirectiveThirdParty contained access_handler_type
+syn keyword ngxDirectiveThirdParty contained always_read_body
+syn keyword ngxDirectiveThirdParty contained auto_upgrade_ws
+syn keyword ngxDirectiveThirdParty contained body_filter_code
+syn keyword ngxDirectiveThirdParty contained body_filter_name
+syn keyword ngxDirectiveThirdParty contained body_filter_property
+syn keyword ngxDirectiveThirdParty contained body_filter_type
+syn keyword ngxDirectiveThirdParty contained content_handler_code
+syn keyword ngxDirectiveThirdParty contained content_handler_name
+syn keyword ngxDirectiveThirdParty contained content_handler_property
+syn keyword ngxDirectiveThirdParty contained content_handler_type
+syn keyword ngxDirectiveThirdParty contained handler_code
+syn keyword ngxDirectiveThirdParty contained handler_name
+syn keyword ngxDirectiveThirdParty contained handler_type
+syn keyword ngxDirectiveThirdParty contained handlers_lazy_init
+syn keyword ngxDirectiveThirdParty contained header_filter_code
+syn keyword ngxDirectiveThirdParty contained header_filter_name
+syn keyword ngxDirectiveThirdParty contained header_filter_property
+syn keyword ngxDirectiveThirdParty contained header_filter_type
syn keyword ngxDirectiveThirdParty contained jvm_classpath
syn keyword ngxDirectiveThirdParty contained jvm_classpath_check
-syn keyword ngxDirectiveThirdParty contained jvm_workers
-syn keyword ngxDirectiveThirdParty contained jvm_options
+syn keyword ngxDirectiveThirdParty contained jvm_exit_handler_code
+syn keyword ngxDirectiveThirdParty contained jvm_exit_handler_name
syn keyword ngxDirectiveThirdParty contained jvm_handler_type
-syn keyword ngxDirectiveThirdParty contained jvm_init_handler_name
syn keyword ngxDirectiveThirdParty contained jvm_init_handler_code
-syn keyword ngxDirectiveThirdParty contained jvm_exit_handler_name
-syn keyword ngxDirectiveThirdParty contained jvm_exit_handler_code
-syn keyword ngxDirectiveThirdParty contained handlers_lazy_init
-syn keyword ngxDirectiveThirdParty contained auto_upgrade_ws
-syn keyword ngxDirectiveThirdParty contained content_handler_type
-syn keyword ngxDirectiveThirdParty contained content_handler_name
-syn keyword ngxDirectiveThirdParty contained content_handler_code
-syn keyword ngxDirectiveThirdParty contained rewrite_handler_type
-syn keyword ngxDirectiveThirdParty contained rewrite_handler_name
+syn keyword ngxDirectiveThirdParty contained jvm_init_handler_name
+syn keyword ngxDirectiveThirdParty contained jvm_options
+syn keyword ngxDirectiveThirdParty contained jvm_path
+syn keyword ngxDirectiveThirdParty contained jvm_var
+syn keyword ngxDirectiveThirdParty contained jvm_workers
+syn keyword ngxDirectiveThirdParty contained max_balanced_tcp_connections
syn keyword ngxDirectiveThirdParty contained rewrite_handler_code
-syn keyword ngxDirectiveThirdParty contained access_handler_type
-syn keyword ngxDirectiveThirdParty contained access_handler_name
-syn keyword ngxDirectiveThirdParty contained access_handler_code
-syn keyword ngxDirectiveThirdParty contained header_filter_type
-syn keyword ngxDirectiveThirdParty contained header_filter_name
-syn keyword ngxDirectiveThirdParty contained header_filter_code
-syn keyword ngxDirectiveThirdParty contained content_handler_property
+syn keyword ngxDirectiveThirdParty contained rewrite_handler_name
syn keyword ngxDirectiveThirdParty contained rewrite_handler_property
-syn keyword ngxDirectiveThirdParty contained access_handler_property
-syn keyword ngxDirectiveThirdParty contained header_filter_property
-syn keyword ngxDirectiveThirdParty contained always_read_body
+syn keyword ngxDirectiveThirdParty contained rewrite_handler_type
syn keyword ngxDirectiveThirdParty contained shared_map
syn keyword ngxDirectiveThirdParty contained write_page_size
-" Upstream Consistent Hash <https://www.nginx.com/resources/wiki/modules/consistent_hash/>
-" A load balancer that uses an internal consistent hash ring to select the right backend node.
-syn keyword ngxDirectiveThirdParty contained consistent_hash
-
-" Nginx Development Kit <https://github.com/simpl/ngx_devel_kit>
-" The NDK is an Nginx module that is designed to extend the core functionality of the excellent Nginx webserver in a way that can be used as a basis of other Nginx modules.
-" NDK_UPSTREAM_LIST
-" This submodule provides a directive that creates a list of upstreams, with optional weighting. This list can then be used by other modules to hash over the upstreams however they choose.
-syn keyword ngxDirectiveThirdParty contained upstream_list
-
-" Drizzle Module <https://www.nginx.com/resources/wiki/modules/drizzle/>
-" Upstream module for talking to MySQL and Drizzle directly
-syn keyword ngxDirectiveThirdParty contained drizzle_server
-syn keyword ngxDirectiveThirdParty contained drizzle_keepalive
-syn keyword ngxDirectiveThirdParty contained drizzle_query
-syn keyword ngxDirectiveThirdParty contained drizzle_pass
-syn keyword ngxDirectiveThirdParty contained drizzle_connect_timeout
-syn keyword ngxDirectiveThirdParty contained drizzle_send_query_timeout
-syn keyword ngxDirectiveThirdParty contained drizzle_recv_cols_timeout
-syn keyword ngxDirectiveThirdParty contained drizzle_recv_rows_timeout
-syn keyword ngxDirectiveThirdParty contained drizzle_buffer_size
-syn keyword ngxDirectiveThirdParty contained drizzle_module_header
-syn keyword ngxDirectiveThirdParty contained drizzle_status
-
-" Dynamic ETags Module <https://github.com/kali/nginx-dynamic-etags>
-" Attempt at handling ETag / If-None-Match on proxied content.
-syn keyword ngxDirectiveThirdParty contained dynamic_etags
-
-" Echo Module <https://www.nginx.com/resources/wiki/modules/echo/>
-" Bringing the power of "echo", "sleep", "time" and more to Nginx's config file
-syn keyword ngxDirectiveThirdParty contained echo
-syn keyword ngxDirectiveThirdParty contained echo_duplicate
-syn keyword ngxDirectiveThirdParty contained echo_flush
-syn keyword ngxDirectiveThirdParty contained echo_sleep
+" Certificate Transparency
+" https://github.com/grahamedgecombe/nginx-ct
+syn keyword ngxDirectiveThirdParty contained ssl_ct
+syn keyword ngxDirectiveThirdParty contained ssl_ct_static_scts
+
+" ngx_echo
+" https://github.com/openresty/echo-nginx-module
+syn keyword ngxDirectiveThirdParty contained echo_abort_parent
+syn keyword ngxDirectiveThirdParty contained echo_after_body
+syn keyword ngxDirectiveThirdParty contained echo_before_body
syn keyword ngxDirectiveThirdParty contained echo_blocking_sleep
-syn keyword ngxDirectiveThirdParty contained echo_reset_timer
-syn keyword ngxDirectiveThirdParty contained echo_read_request_body
-syn keyword ngxDirectiveThirdParty contained echo_location_async
-syn keyword ngxDirectiveThirdParty contained echo_location
-syn keyword ngxDirectiveThirdParty contained echo_subrequest_async
-syn keyword ngxDirectiveThirdParty contained echo_subrequest
-syn keyword ngxDirectiveThirdParty contained echo_foreach_split
syn keyword ngxDirectiveThirdParty contained echo_end
-syn keyword ngxDirectiveThirdParty contained echo_request_body
syn keyword ngxDirectiveThirdParty contained echo_exec
+syn keyword ngxDirectiveThirdParty contained echo_flush
+syn keyword ngxDirectiveThirdParty contained echo_foreach_split
+syn keyword ngxDirectiveThirdParty contained echo_location
+syn keyword ngxDirectiveThirdParty contained echo_location_async
+syn keyword ngxDirectiveThirdParty contained echo_read_request_body
+syn keyword ngxDirectiveThirdParty contained echo_request_body
+syn keyword ngxDirectiveThirdParty contained echo_reset_timer
syn keyword ngxDirectiveThirdParty contained echo_status
-syn keyword ngxDirectiveThirdParty contained echo_before_body
-syn keyword ngxDirectiveThirdParty contained echo_after_body
-
-" Encrypted Session Module <https://github.com/openresty/encrypted-session-nginx-module>
-" Encrypt and decrypt nginx variable values
-syn keyword ngxDirectiveThirdParty contained encrypted_session_key
-syn keyword ngxDirectiveThirdParty contained encrypted_session_iv
-syn keyword ngxDirectiveThirdParty contained encrypted_session_expires
-syn keyword ngxDirectiveThirdParty contained set_encrypt_session
-syn keyword ngxDirectiveThirdParty contained set_decrypt_session
+syn keyword ngxDirectiveThirdParty contained echo_subrequest
+syn keyword ngxDirectiveThirdParty contained echo_subrequest_async
-" Enhanced Memcached Module <https://github.com/bpaquet/ngx_http_enhanced_memcached_module>
-" This module is based on the standard Nginx Memcached module, with some additonal features
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_pass
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_hash_keys_with_md5
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_allow_put
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_allow_delete
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_stats
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_flush
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_flush_namespace
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_bind
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_connect_timeout
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_send_timeout
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_buffer_size
-syn keyword ngxDirectiveThirdParty contained enhanced_memcached_read_timeout
+" FastDFS
+" https://github.com/happyfish100/fastdfs-nginx-module
+syn keyword ngxDirectiveThirdParty contained ngx_fastdfs_module
-" Events Module (DEPRECATED) <http://docs.dutov.org/nginx_modules_events_en.html>
-" Provides options for start/stop events.
-syn keyword ngxDirectiveDeprecated contained on_start
-syn keyword ngxDirectiveDeprecated contained on_stop
+" ngx_headers_more
+" https://github.com/openresty/headers-more-nginx-module
+syn keyword ngxDirectiveThirdParty contained more_clear_headers
+syn keyword ngxDirectiveThirdParty contained more_clear_input_headers
+syn keyword ngxDirectiveThirdParty contained more_set_headers
+syn keyword ngxDirectiveThirdParty contained more_set_input_headers
-" EY Balancer Module <https://github.com/ezmobius/nginx-ey-balancer>
-" Adds a request queue to Nginx that allows the limiting of concurrent requests passed to the upstream.
-syn keyword ngxDirectiveThirdParty contained max_connections
-syn keyword ngxDirectiveThirdParty contained max_connections_max_queue_length
-syn keyword ngxDirectiveThirdParty contained max_connections_queue_timeout
+" NGINX WebDAV missing commands support (PROPFIND & OPTIONS)
+" https://github.com/arut/nginx-dav-ext-module
+syn keyword ngxDirectiveThirdParty contained dav_ext_methods
-" Upstream Fair Balancer <https://www.nginx.com/resources/wiki/modules/fair_balancer/>
-" Sends an incoming request to the least-busy backend server, rather than distributing requests round-robin.
-syn keyword ngxDirectiveThirdParty contained fair
-syn keyword ngxDirectiveThirdParty contained upstream_fair_shm_size
+" ngx_eval
+" https://github.com/openresty/nginx-eval-module
+syn keyword ngxDirectiveThirdParty contained eval
+syn keyword ngxDirectiveThirdParty contained eval_buffer_size
+syn keyword ngxDirectiveThirdParty contained eval_escalate
+syn keyword ngxDirectiveThirdParty contained eval_override_content_type
+syn keyword ngxDirectiveThirdParty contained eval_subrequest_in_memory
-" Fancy Indexes Module <https://github.com/aperezdc/ngx-fancyindex>
-" Like the built-in autoindex module, but fancier.
+" Fancy Index
+" https://github.com/aperezdc/ngx-fancyindex
syn keyword ngxDirectiveThirdParty contained fancyindex
+syn keyword ngxDirectiveThirdParty contained fancyindex_css_href
syn keyword ngxDirectiveThirdParty contained fancyindex_default_sort
syn keyword ngxDirectiveThirdParty contained fancyindex_directories_first
-syn keyword ngxDirectiveThirdParty contained fancyindex_css_href
syn keyword ngxDirectiveThirdParty contained fancyindex_exact_size
-syn keyword ngxDirectiveThirdParty contained fancyindex_name_length
syn keyword ngxDirectiveThirdParty contained fancyindex_footer
syn keyword ngxDirectiveThirdParty contained fancyindex_header
-syn keyword ngxDirectiveThirdParty contained fancyindex_show_path
-syn keyword ngxDirectiveThirdParty contained fancyindex_ignore
syn keyword ngxDirectiveThirdParty contained fancyindex_hide_symlinks
+syn keyword ngxDirectiveThirdParty contained fancyindex_ignore
syn keyword ngxDirectiveThirdParty contained fancyindex_localtime
+syn keyword ngxDirectiveThirdParty contained fancyindex_name_length
+syn keyword ngxDirectiveThirdParty contained fancyindex_show_path
syn keyword ngxDirectiveThirdParty contained fancyindex_time_format
-" Form Auth Module <https://github.com/veruu/ngx_form_auth>
-" Provides authentication and authorization with credentials submitted via POST request
-syn keyword ngxDirectiveThirdParty contained form_auth
-syn keyword ngxDirectiveThirdParty contained form_auth_pam_service
-syn keyword ngxDirectiveThirdParty contained form_auth_login
-syn keyword ngxDirectiveThirdParty contained form_auth_password
-syn keyword ngxDirectiveThirdParty contained form_auth_remote_user
-
-" Form Input Module <https://github.com/calio/form-input-nginx-module>
-" Reads HTTP POST and PUT request body encoded in "application/x-www-form-urlencoded" and parses the arguments into nginx variables.
-syn keyword ngxDirectiveThirdParty contained set_form_input
-syn keyword ngxDirectiveThirdParty contained set_form_input_multi
-
-" GeoIP Module (DEPRECATED) <http://wiki.nginx.org/NginxHttp3rdPartyGeoIPModule>
-" Country code lookups via the MaxMind GeoIP API.
-syn keyword ngxDirectiveDeprecated contained geoip_country_file
-
-" GeoIP 2 Module <https://github.com/leev/ngx_http_geoip2_module>
-" Creates variables with values from the maxmind geoip2 databases based on the client IP
-syn keyword ngxDirectiveThirdParty contained geoip2
-
-" GridFS Module <https://github.com/mdirolf/nginx-gridfs>
-" Nginx module for serving files from MongoDB's GridFS
-syn keyword ngxDirectiveThirdParty contained gridfs
-
-" Headers More Module <https://github.com/openresty/headers-more-nginx-module>
-" Set and clear input and output headers...more than "add"!
-syn keyword ngxDirectiveThirdParty contained more_clear_headers
-syn keyword ngxDirectiveThirdParty contained more_clear_input_headers
-syn keyword ngxDirectiveThirdParty contained more_set_headers
-syn keyword ngxDirectiveThirdParty contained more_set_input_headers
-
-" Health Checks Upstreams Module <https://www.nginx.com/resources/wiki/modules/healthcheck/>
-" Polls backends and if they respond with HTTP 200 + an optional request body, they are marked good. Otherwise, they are marked bad.
-syn keyword ngxDirectiveThirdParty contained healthcheck_enabled
-syn keyword ngxDirectiveThirdParty contained healthcheck_delay
-syn keyword ngxDirectiveThirdParty contained healthcheck_timeout
-syn keyword ngxDirectiveThirdParty contained healthcheck_failcount
-syn keyword ngxDirectiveThirdParty contained healthcheck_send
-syn keyword ngxDirectiveThirdParty contained healthcheck_expected
-syn keyword ngxDirectiveThirdParty contained healthcheck_buffer
-syn keyword ngxDirectiveThirdParty contained healthcheck_status
-
-" HTTP Accounting Module <https://github.com/Lax/ngx_http_accounting_module>
-" Add traffic stat function to nginx. Useful for http accounting based on nginx configuration logic
-syn keyword ngxDirectiveThirdParty contained http_accounting
-syn keyword ngxDirectiveThirdParty contained http_accounting_log
-syn keyword ngxDirectiveThirdParty contained http_accounting_id
-syn keyword ngxDirectiveThirdParty contained http_accounting_interval
-syn keyword ngxDirectiveThirdParty contained http_accounting_perturb
-
-" Nginx Digest Authentication module <https://github.com/atomx/nginx-http-auth-digest>
-" Digest Authentication for Nginx
-syn keyword ngxDirectiveThirdParty contained auth_digest
-syn keyword ngxDirectiveThirdParty contained auth_digest_user_file
-syn keyword ngxDirectiveThirdParty contained auth_digest_timeout
-syn keyword ngxDirectiveThirdParty contained auth_digest_expires
-syn keyword ngxDirectiveThirdParty contained auth_digest_replays
-syn keyword ngxDirectiveThirdParty contained auth_digest_shm_size
-
-" Auth PAM Module <https://github.com/sto/ngx_http_auth_pam_module>
-" HTTP Basic Authentication using PAM.
-syn keyword ngxDirectiveThirdParty contained auth_pam
-syn keyword ngxDirectiveThirdParty contained auth_pam_service_name
-
-" HTTP Auth Request Module <http://nginx.org/en/docs/http/ngx_http_auth_request_module.html>
-" Implements client authorization based on the result of a subrequest
-" syn keyword ngxDirectiveThirdParty contained auth_request
-" syn keyword ngxDirectiveThirdParty contained auth_request_set
-
-" HTTP Concatenation module for Nginx <https://github.com/alibaba/nginx-http-concat>
-" A Nginx module for concatenating files in a given context: CSS and JS files usually
-syn keyword ngxDirectiveThirdParty contained concat
-syn keyword ngxDirectiveThirdParty contained concat_types
-syn keyword ngxDirectiveThirdParty contained concat_unique
-syn keyword ngxDirectiveThirdParty contained concat_max_files
-syn keyword ngxDirectiveThirdParty contained concat_delimiter
-syn keyword ngxDirectiveThirdParty contained concat_ignore_file_error
-
-" HTTP Dynamic Upstream Module <https://github.com/yzprofile/ngx_http_dyups_module>
-" Update upstreams' config by restful interface
-syn keyword ngxDirectiveThirdParty contained dyups_interface
-syn keyword ngxDirectiveThirdParty contained dyups_read_msg_timeout
-syn keyword ngxDirectiveThirdParty contained dyups_shm_zone_size
-syn keyword ngxDirectiveThirdParty contained dyups_upstream_conf
-syn keyword ngxDirectiveThirdParty contained dyups_trylock
-
-" HTTP Footer If Filter Module <https://github.com/flygoast/ngx_http_footer_if_filter>
-" The ngx_http_footer_if_filter_module is used to add given content to the end of the response according to the condition specified.
-syn keyword ngxDirectiveThirdParty contained footer_if
-
-" HTTP Footer Filter Module <https://github.com/alibaba/nginx-http-footer-filter>
-" This module implements a body filter that adds a given string to the page footer.
+" Footer filter
+" https://github.com/alibaba/nginx-http-footer-filter
syn keyword ngxDirectiveThirdParty contained footer
syn keyword ngxDirectiveThirdParty contained footer_types
-" HTTP Internal Redirect Module <https://github.com/flygoast/ngx_http_internal_redirect>
-" Make an internal redirect to the uri specified according to the condition specified.
-syn keyword ngxDirectiveThirdParty contained internal_redirect_if
-syn keyword ngxDirectiveThirdParty contained internal_redirect_if_no_postponed
+" ngx_http_geoip2_module
+" https://github.com/leev/ngx_http_geoip2_module
+syn keyword ngxDirectiveThirdParty contained geoip2
+syn keyword ngxDirectiveThirdParty contained geoip2_proxy
+syn keyword ngxDirectiveThirdParty contained geoip2_proxy_recursive
-" HTTP JavaScript Module <https://github.com/peter-leonov/ngx_http_js_module>
-" Embedding SpiderMonkey. Nearly full port on Perl module.
-syn keyword ngxDirectiveThirdParty contained js
-syn keyword ngxDirectiveThirdParty contained js_filter
-syn keyword ngxDirectiveThirdParty contained js_filter_types
-syn keyword ngxDirectiveThirdParty contained js_load
-syn keyword ngxDirectiveThirdParty contained js_maxmem
-syn keyword ngxDirectiveThirdParty contained js_require
-syn keyword ngxDirectiveThirdParty contained js_set
-syn keyword ngxDirectiveThirdParty contained js_utf8
-
-" HTTP Push Module (DEPRECATED) <http://pushmodule.slact.net/>
-" Turn Nginx into an adept long-polling HTTP Push (Comet) server.
-syn keyword ngxDirectiveDeprecated contained push_buffer_size
-syn keyword ngxDirectiveDeprecated contained push_listener
-syn keyword ngxDirectiveDeprecated contained push_message_timeout
-syn keyword ngxDirectiveDeprecated contained push_queue_messages
-syn keyword ngxDirectiveDeprecated contained push_sender
+" A version of the Nginx HTTP stub status module that outputs in JSON format
+" https://github.com/nginx-modules/nginx-json-status-module
+syn keyword ngxDirectiveThirdParty contained json_status
+syn keyword ngxDirectiveThirdParty contained json_status_type
-" HTTP Redis Module <https://www.nginx.com/resources/wiki/modules/redis/>
-" Redis <http://code.google.com/p/redis/> support.
-syn keyword ngxDirectiveThirdParty contained redis_bind
-syn keyword ngxDirectiveThirdParty contained redis_buffer_size
-syn keyword ngxDirectiveThirdParty contained redis_connect_timeout
-syn keyword ngxDirectiveThirdParty contained redis_next_upstream
-syn keyword ngxDirectiveThirdParty contained redis_pass
-syn keyword ngxDirectiveThirdParty contained redis_read_timeout
-syn keyword ngxDirectiveThirdParty contained redis_send_timeout
+" MogileFS client for nginx
+" https://github.com/vkholodkov/nginx-mogilefs-module
+syn keyword ngxDirectiveThirdParty contained mogilefs_class
+syn keyword ngxDirectiveThirdParty contained mogilefs_connect_timeout
+syn keyword ngxDirectiveThirdParty contained mogilefs_domain
+syn keyword ngxDirectiveThirdParty contained mogilefs_methods
+syn keyword ngxDirectiveThirdParty contained mogilefs_noverify
+syn keyword ngxDirectiveThirdParty contained mogilefs_pass
+syn keyword ngxDirectiveThirdParty contained mogilefs_read_timeout
+syn keyword ngxDirectiveThirdParty contained mogilefs_send_timeout
+syn keyword ngxDirectiveThirdParty contained mogilefs_tracker
-" Iconv Module <https://github.com/calio/iconv-nginx-module>
-" A character conversion nginx module using libiconv
-syn keyword ngxDirectiveThirdParty contained set_iconv
-syn keyword ngxDirectiveThirdParty contained iconv_buffer_size
-syn keyword ngxDirectiveThirdParty contained iconv_filter
+" Ancient nginx plugin; probably not useful to anyone
+" https://github.com/kr/nginx-notice
+syn keyword ngxDirectiveThirdParty contained notice
+syn keyword ngxDirectiveThirdParty contained notice_type
-" IP Blocker Module <https://github.com/tmthrgd/nginx-ip-blocker>
-" An efficient shared memory IP blocking system for nginx.
-syn keyword ngxDirectiveThirdParty contained ip_blocker
+" nchan
+" https://github.com/slact/nchan
+syn keyword ngxDirectiveThirdParty contained nchan_access_control_allow_origin
+syn keyword ngxDirectiveThirdParty contained nchan_authorize_request
+syn keyword ngxDirectiveThirdParty contained nchan_channel_event_string
+syn keyword ngxDirectiveThirdParty contained nchan_channel_events_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_channel_group
+syn keyword ngxDirectiveThirdParty contained nchan_channel_group_accounting
+syn keyword ngxDirectiveThirdParty contained nchan_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_channel_id_split_delimiter
+syn keyword ngxDirectiveThirdParty contained nchan_channel_timeout
+syn keyword ngxDirectiveThirdParty contained nchan_deflate_message_for_websocket
+syn keyword ngxDirectiveThirdParty contained nchan_eventsource_event
+syn keyword ngxDirectiveThirdParty contained nchan_group_location
+syn keyword ngxDirectiveThirdParty contained nchan_group_max_channels
+syn keyword ngxDirectiveThirdParty contained nchan_group_max_messages
+syn keyword ngxDirectiveThirdParty contained nchan_group_max_messages_disk
+syn keyword ngxDirectiveThirdParty contained nchan_group_max_messages_memory
+syn keyword ngxDirectiveThirdParty contained nchan_group_max_subscribers
+syn keyword ngxDirectiveThirdParty contained nchan_longpoll_multipart_response
+syn keyword ngxDirectiveThirdParty contained nchan_max_channel_id_length
+syn keyword ngxDirectiveThirdParty contained nchan_max_channel_subscribers
+syn keyword ngxDirectiveThirdParty contained nchan_max_reserved_memory
+syn keyword ngxDirectiveThirdParty contained nchan_message_buffer_length
+syn keyword ngxDirectiveThirdParty contained nchan_message_max_buffer_length
+syn keyword ngxDirectiveThirdParty contained nchan_message_temp_path
+syn keyword ngxDirectiveThirdParty contained nchan_message_timeout
+syn keyword ngxDirectiveThirdParty contained nchan_permessage_deflate_compression_level
+syn keyword ngxDirectiveThirdParty contained nchan_permessage_deflate_compression_memlevel
+syn keyword ngxDirectiveThirdParty contained nchan_permessage_deflate_compression_strategy
+syn keyword ngxDirectiveThirdParty contained nchan_permessage_deflate_compression_window
+syn keyword ngxDirectiveThirdParty contained nchan_pub_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_publisher
+syn keyword ngxDirectiveThirdParty contained nchan_publisher_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_publisher_location
+syn keyword ngxDirectiveThirdParty contained nchan_publisher_upstream_request
+syn keyword ngxDirectiveThirdParty contained nchan_pubsub
+syn keyword ngxDirectiveThirdParty contained nchan_pubsub_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_pubsub_location
+syn keyword ngxDirectiveThirdParty contained nchan_redis_fakesub_timer_interval
+syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_cache_timeout
+syn keyword ngxDirectiveThirdParty contained nchan_redis_namespace
+syn keyword ngxDirectiveThirdParty contained nchan_redis_pass
+syn keyword ngxDirectiveThirdParty contained nchan_redis_pass_inheritable
+syn keyword ngxDirectiveThirdParty contained nchan_redis_ping_interval
+syn keyword ngxDirectiveThirdParty contained nchan_redis_publish_msgpacked_max_size
+syn keyword ngxDirectiveThirdParty contained nchan_redis_server
+syn keyword ngxDirectiveThirdParty contained nchan_redis_storage_mode
+syn keyword ngxDirectiveThirdParty contained nchan_redis_url
+syn keyword ngxDirectiveThirdParty contained nchan_redis_wait_after_connecting
+syn keyword ngxDirectiveThirdParty contained nchan_shared_memory_size
+syn keyword ngxDirectiveThirdParty contained nchan_storage_engine
+syn keyword ngxDirectiveThirdParty contained nchan_store_messages
+syn keyword ngxDirectiveThirdParty contained nchan_stub_status
+syn keyword ngxDirectiveThirdParty contained nchan_sub_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_subscribe_existing_channels_only
+syn keyword ngxDirectiveThirdParty contained nchan_subscribe_request
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_channel_id
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_compound_etag_message_id
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_first_message
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_http_raw_stream_separator
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_last_message_id
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_location
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_message_id_custom_etag_header
+syn keyword ngxDirectiveThirdParty contained nchan_subscriber_timeout
+syn keyword ngxDirectiveThirdParty contained nchan_unsubscribe_request
+syn keyword ngxDirectiveThirdParty contained nchan_use_redis
+syn keyword ngxDirectiveThirdParty contained nchan_websocket_client_heartbeat
+syn keyword ngxDirectiveThirdParty contained nchan_websocket_ping_interval
+syn keyword ngxDirectiveThirdParty contained push_authorized_channels_only
+syn keyword ngxDirectiveThirdParty contained push_channel_group
+syn keyword ngxDirectiveThirdParty contained push_channel_timeout
+syn keyword ngxDirectiveThirdParty contained push_max_channel_id_length
+syn keyword ngxDirectiveThirdParty contained push_max_channel_subscribers
+syn keyword ngxDirectiveThirdParty contained push_max_message_buffer_length
+syn keyword ngxDirectiveThirdParty contained push_max_reserved_memory
+syn keyword ngxDirectiveThirdParty contained push_message_buffer_length
+syn keyword ngxDirectiveThirdParty contained push_message_timeout
+syn keyword ngxDirectiveThirdParty contained push_min_message_buffer_length
+syn keyword ngxDirectiveThirdParty contained push_publisher
+syn keyword ngxDirectiveThirdParty contained push_store_messages
+syn keyword ngxDirectiveThirdParty contained push_subscriber
+syn keyword ngxDirectiveThirdParty contained push_subscriber_concurrency
+syn keyword ngxDirectiveThirdParty contained push_subscriber_timeout
-" IP2Location Module <https://github.com/chrislim2888/ip2location-nginx>
-" Allows user to lookup for geolocation information using IP2Location database
-syn keyword ngxDirectiveThirdParty contained ip2location_database
+" Push Stream
+" https://github.com/wandenberg/nginx-push-stream-module
+syn keyword ngxDirectiveThirdParty contained push_stream_allow_connections_to_events_channel
+syn keyword ngxDirectiveThirdParty contained push_stream_allowed_origins
+syn keyword ngxDirectiveThirdParty contained push_stream_authorized_channels_only
+syn keyword ngxDirectiveThirdParty contained push_stream_channel_deleted_message_text
+syn keyword ngxDirectiveThirdParty contained push_stream_channel_inactivity_time
+syn keyword ngxDirectiveThirdParty contained push_stream_channel_info_on_publish
+syn keyword ngxDirectiveThirdParty contained push_stream_channels_path
+syn keyword ngxDirectiveThirdParty contained push_stream_channels_statistics
+syn keyword ngxDirectiveThirdParty contained push_stream_events_channel_id
+syn keyword ngxDirectiveThirdParty contained push_stream_footer_template
+syn keyword ngxDirectiveThirdParty contained push_stream_header_template
+syn keyword ngxDirectiveThirdParty contained push_stream_header_template_file
+syn keyword ngxDirectiveThirdParty contained push_stream_last_event_id
+syn keyword ngxDirectiveThirdParty contained push_stream_last_received_message_tag
+syn keyword ngxDirectiveThirdParty contained push_stream_last_received_message_time
+syn keyword ngxDirectiveThirdParty contained push_stream_longpolling_connection_ttl
+syn keyword ngxDirectiveThirdParty contained push_stream_max_channel_id_length
+syn keyword ngxDirectiveThirdParty contained push_stream_max_messages_stored_per_channel
+syn keyword ngxDirectiveThirdParty contained push_stream_max_number_of_channels
+syn keyword ngxDirectiveThirdParty contained push_stream_max_number_of_wildcard_channels
+syn keyword ngxDirectiveThirdParty contained push_stream_max_subscribers_per_channel
+syn keyword ngxDirectiveThirdParty contained push_stream_message_template
+syn keyword ngxDirectiveThirdParty contained push_stream_message_ttl
+syn keyword ngxDirectiveThirdParty contained push_stream_padding_by_user_agent
+syn keyword ngxDirectiveThirdParty contained push_stream_ping_message_interval
+syn keyword ngxDirectiveThirdParty contained push_stream_ping_message_text
+syn keyword ngxDirectiveThirdParty contained push_stream_publisher
+syn keyword ngxDirectiveThirdParty contained push_stream_shared_memory_size
+syn keyword ngxDirectiveThirdParty contained push_stream_store_messages
+syn keyword ngxDirectiveThirdParty contained push_stream_subscriber
+syn keyword ngxDirectiveThirdParty contained push_stream_subscriber_connection_ttl
+syn keyword ngxDirectiveThirdParty contained push_stream_timeout_with_body
+syn keyword ngxDirectiveThirdParty contained push_stream_user_agent
+syn keyword ngxDirectiveThirdParty contained push_stream_websocket_allow_publish
+syn keyword ngxDirectiveThirdParty contained push_stream_wildcard_channel_max_qtd
+syn keyword ngxDirectiveThirdParty contained push_stream_wildcard_channel_prefix
-" JS Module <https://github.com/peter-leonov/ngx_http_js_module>
-" Reflect the nginx functionality in JS
-syn keyword ngxDirectiveThirdParty contained js
-syn keyword ngxDirectiveThirdParty contained js_access
-syn keyword ngxDirectiveThirdParty contained js_load
-syn keyword ngxDirectiveThirdParty contained js_set
+" redis module
+" https://www.nginx.com/resources/wiki/modules/redis/
+syn keyword ngxDirectiveThirdParty contained redis_bind
+syn keyword ngxDirectiveThirdParty contained redis_buffer_size
+syn keyword ngxDirectiveThirdParty contained redis_connect_timeout
+syn keyword ngxDirectiveThirdParty contained redis_gzip_flag
+syn keyword ngxDirectiveThirdParty contained redis_next_upstream
+syn keyword ngxDirectiveThirdParty contained redis_pass
+syn keyword ngxDirectiveThirdParty contained redis_read_timeout
+syn keyword ngxDirectiveThirdParty contained redis_send_timeout
-" Limit Upload Rate Module <https://github.com/cfsego/limit_upload_rate>
-" Limit client-upload rate when they are sending request bodies to you
-syn keyword ngxDirectiveThirdParty contained limit_upload_rate
-syn keyword ngxDirectiveThirdParty contained limit_upload_rate_after
+" ngx_http_response
+" http://catap.ru/downloads/nginx/
+syn keyword ngxDirectiveThirdParty contained response
+syn keyword ngxDirectiveThirdParty contained response_type
+
+" nginx_substitutions_filter
+" https://github.com/yaoweibin/ngx_http_substitutions_filter_module
+syn keyword ngxDirectiveThirdParty contained subs_buffers
+syn keyword ngxDirectiveThirdParty contained subs_filter
+syn keyword ngxDirectiveThirdParty contained subs_filter_bypass
+syn keyword ngxDirectiveThirdParty contained subs_filter_types
+syn keyword ngxDirectiveThirdParty contained subs_line_buffer_size
-" Limit Upstream Module <https://github.com/cfsego/nginx-limit-upstream>
-" Limit the number of connections to upstream for NGINX
-syn keyword ngxDirectiveThirdParty contained limit_upstream_zone
-syn keyword ngxDirectiveThirdParty contained limit_upstream_conn
-syn keyword ngxDirectiveThirdParty contained limit_upstream_log_level
+" Tarantool nginx upstream module
+" https://github.com/tarantool/nginx_upstream_module
+syn keyword ngxDirectiveThirdParty contained tnt_allowed_indexes
+syn keyword ngxDirectiveThirdParty contained tnt_allowed_spaces
+syn keyword ngxDirectiveThirdParty contained tnt_buffer_size
+syn keyword ngxDirectiveThirdParty contained tnt_connect_timeout
+syn keyword ngxDirectiveThirdParty contained tnt_delete
+syn keyword ngxDirectiveThirdParty contained tnt_http_methods
+syn keyword ngxDirectiveThirdParty contained tnt_http_rest_methods
+syn keyword ngxDirectiveThirdParty contained tnt_in_multiplier
+syn keyword ngxDirectiveThirdParty contained tnt_insert
+syn keyword ngxDirectiveThirdParty contained tnt_method
+syn keyword ngxDirectiveThirdParty contained tnt_multireturn_skip_count
+syn keyword ngxDirectiveThirdParty contained tnt_next_upstream
+syn keyword ngxDirectiveThirdParty contained tnt_next_upstream_timeout
+syn keyword ngxDirectiveThirdParty contained tnt_next_upstream_tries
+syn keyword ngxDirectiveThirdParty contained tnt_out_multiplier
+syn keyword ngxDirectiveThirdParty contained tnt_pass
+syn keyword ngxDirectiveThirdParty contained tnt_pass_http_request
+syn keyword ngxDirectiveThirdParty contained tnt_pass_http_request_buffer_size
+syn keyword ngxDirectiveThirdParty contained tnt_pure_result
+syn keyword ngxDirectiveThirdParty contained tnt_read_timeout
+syn keyword ngxDirectiveThirdParty contained tnt_replace
+syn keyword ngxDirectiveThirdParty contained tnt_select
+syn keyword ngxDirectiveThirdParty contained tnt_select_limit_max
+syn keyword ngxDirectiveThirdParty contained tnt_send_timeout
+syn keyword ngxDirectiveThirdParty contained tnt_set_header
+syn keyword ngxDirectiveThirdParty contained tnt_update
+syn keyword ngxDirectiveThirdParty contained tnt_upsert
-" Log If Module <https://github.com/cfsego/ngx_log_if>
-" Conditional accesslog for nginx
-syn keyword ngxDirectiveThirdParty contained access_log_bypass_if
+" A module for nginx web server for handling file uploads using multipart/form-data encoding (RFC 1867)
+" https://github.com/Austinb/nginx-upload-module
+syn keyword ngxDirectiveThirdParty contained upload_aggregate_form_field
+syn keyword ngxDirectiveThirdParty contained upload_archive_elm
+syn keyword ngxDirectiveThirdParty contained upload_archive_elm_separator
+syn keyword ngxDirectiveThirdParty contained upload_archive_path
+syn keyword ngxDirectiveThirdParty contained upload_archive_path_separator
+syn keyword ngxDirectiveThirdParty contained upload_buffer_size
+syn keyword ngxDirectiveThirdParty contained upload_cleanup
+syn keyword ngxDirectiveThirdParty contained upload_content_type
+syn keyword ngxDirectiveThirdParty contained upload_discard
+syn keyword ngxDirectiveThirdParty contained upload_field_name
+syn keyword ngxDirectiveThirdParty contained upload_file_crc32
+syn keyword ngxDirectiveThirdParty contained upload_file_md5
+syn keyword ngxDirectiveThirdParty contained upload_file_md5_uc
+syn keyword ngxDirectiveThirdParty contained upload_file_name
+syn keyword ngxDirectiveThirdParty contained upload_file_sha1
+syn keyword ngxDirectiveThirdParty contained upload_file_sha1_uc
+syn keyword ngxDirectiveThirdParty contained upload_file_size
+syn keyword ngxDirectiveThirdParty contained upload_filter
+syn keyword ngxDirectiveThirdParty contained upload_max_file_size
+syn keyword ngxDirectiveThirdParty contained upload_max_output_body_len
+syn keyword ngxDirectiveThirdParty contained upload_max_part_header_len
+syn keyword ngxDirectiveThirdParty contained upload_pass
+syn keyword ngxDirectiveThirdParty contained upload_pass_args
+syn keyword ngxDirectiveThirdParty contained upload_pass_form_field
+syn keyword ngxDirectiveThirdParty contained upload_set_form_field
+syn keyword ngxDirectiveThirdParty contained upload_store
+syn keyword ngxDirectiveThirdParty contained upload_store_access
+syn keyword ngxDirectiveThirdParty contained upload_tmp_path
+syn keyword ngxDirectiveThirdParty contained upload_unzip
+syn keyword ngxDirectiveThirdParty contained upload_unzip_buffers
+syn keyword ngxDirectiveThirdParty contained upload_unzip_hash
+syn keyword ngxDirectiveThirdParty contained upload_unzip_max_file_name_len
+syn keyword ngxDirectiveThirdParty contained upload_unzip_window
+syn keyword ngxDirectiveThirdParty contained upload_void_content_type
-" Log Request Speed (DEPRECATED) <http://wiki.nginx.org/NginxHttpLogRequestSpeed>
-" Log the time it took to process each request.
-syn keyword ngxDirectiveDeprecated contained log_request_speed_filter
-syn keyword ngxDirectiveDeprecated contained log_request_speed_filter_timeout
+" nginx-upload-progress-module
+" https://github.com/masterzen/nginx-upload-progress-module
+syn keyword ngxDirectiveThirdParty contained report_uploads
+syn keyword ngxDirectiveThirdParty contained track_uploads
+syn keyword ngxDirectiveThirdParty contained upload_progress
+syn keyword ngxDirectiveThirdParty contained upload_progress_content_type
+syn keyword ngxDirectiveThirdParty contained upload_progress_header
+syn keyword ngxDirectiveThirdParty contained upload_progress_java_output
+syn keyword ngxDirectiveThirdParty contained upload_progress_json_output
+syn keyword ngxDirectiveThirdParty contained upload_progress_jsonp_output
+syn keyword ngxDirectiveThirdParty contained upload_progress_jsonp_parameter
+syn keyword ngxDirectiveThirdParty contained upload_progress_template
-" Log ZeroMQ Module <https://github.com/alticelabs/nginx-log-zmq>
-" ZeroMQ logger module for nginx
-syn keyword ngxDirectiveThirdParty contained log_zmq_server
-syn keyword ngxDirectiveThirdParty contained log_zmq_endpoint
-syn keyword ngxDirectiveThirdParty contained log_zmq_format
-syn keyword ngxDirectiveThirdParty contained log_zmq_off
+" Health checks upstreams for nginx
+" https://github.com/yaoweibin/nginx_upstream_check_module
+syn keyword ngxDirectiveThirdParty contained check
+syn keyword ngxDirectiveThirdParty contained check_fastcgi_param
+syn keyword ngxDirectiveThirdParty contained check_http_expect_alive
+syn keyword ngxDirectiveThirdParty contained check_http_send
+syn keyword ngxDirectiveThirdParty contained check_keepalive_requests
+syn keyword ngxDirectiveThirdParty contained check_shm_size
+syn keyword ngxDirectiveThirdParty contained check_status
-" Lower/UpperCase Module <https://github.com/replay/ngx_http_lower_upper_case>
-" This module simply uppercases or lowercases a string and saves it into a new variable.
-syn keyword ngxDirectiveThirdParty contained lower
-syn keyword ngxDirectiveThirdParty contained upper
+" The fair load balancer module for nginx
+" https://github.com/cryptofuture/nginx-upstream-fair
+syn keyword ngxDirectiveThirdParty contained fair
+syn keyword ngxDirectiveThirdParty contained upstream_fair_shm_size
-" Lua Upstream Module <https://github.com/openresty/lua-upstream-nginx-module>
-" Nginx C module to expose Lua API to ngx_lua for Nginx upstreams
+" Nginx Video Thumb Extractor Module
+" https://github.com/wandenberg/nginx-video-thumbextractor-module
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_image_height
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_image_width
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_jpeg_baseline
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_jpeg_dpi
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_jpeg_optimize
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_jpeg_progressive_mode
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_jpeg_quality
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_jpeg_smooth
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_next_time
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_only_keyframe
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_processes_per_worker
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_threads
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_color
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_cols
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_margin
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_max_cols
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_max_rows
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_padding
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_rows
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_sample_interval
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_video_filename
+syn keyword ngxDirectiveThirdParty contained video_thumbextractor_video_second
-" Lua Module <https://github.com/openresty/lua-nginx-module>
-" Embed the Power of Lua into NGINX HTTP servers
-syn keyword ngxDirectiveThirdParty contained lua_use_default_type
-syn keyword ngxDirectiveThirdParty contained lua_malloc_trim
-syn keyword ngxDirectiveThirdParty contained lua_code_cache
-syn keyword ngxDirectiveThirdParty contained lua_regex_cache_max_entries
-syn keyword ngxDirectiveThirdParty contained lua_regex_match_limit
-syn keyword ngxDirectiveThirdParty contained lua_package_path
-syn keyword ngxDirectiveThirdParty contained lua_package_cpath
-syn keyword ngxDirectiveThirdParty contained init_by_lua
-syn keyword ngxDirectiveThirdParty contained init_by_lua_block
-syn keyword ngxDirectiveThirdParty contained init_by_lua_file
-syn keyword ngxDirectiveThirdParty contained init_worker_by_lua
-syn keyword ngxDirectiveThirdParty contained init_worker_by_lua_block
-syn keyword ngxDirectiveThirdParty contained init_worker_by_lua_file
-syn keyword ngxDirectiveThirdParty contained set_by_lua
-syn keyword ngxDirectiveThirdParty contained set_by_lua_block
-syn keyword ngxDirectiveThirdParty contained set_by_lua_file
-syn keyword ngxDirectiveThirdParty contained content_by_lua
-syn keyword ngxDirectiveThirdParty contained content_by_lua_block
-syn keyword ngxDirectiveThirdParty contained content_by_lua_file
-syn keyword ngxDirectiveThirdParty contained rewrite_by_lua
-syn keyword ngxDirectiveThirdParty contained rewrite_by_lua_block
-syn keyword ngxDirectiveThirdParty contained rewrite_by_lua_file
+" drizzle-nginx-module - Upstream module for talking to MySQL and Drizzle directly
+" https://github.com/openresty/drizzle-nginx-module
+syn keyword ngxDirectiveThirdParty contained drizzle_buffer_size
+syn keyword ngxDirectiveThirdParty contained drizzle_connect_timeout
+syn keyword ngxDirectiveThirdParty contained drizzle_dbname
+syn keyword ngxDirectiveThirdParty contained drizzle_keepalive
+syn keyword ngxDirectiveThirdParty contained drizzle_module_header
+syn keyword ngxDirectiveThirdParty contained drizzle_pass
+syn keyword ngxDirectiveThirdParty contained drizzle_query
+syn keyword ngxDirectiveThirdParty contained drizzle_recv_cols_timeout
+syn keyword ngxDirectiveThirdParty contained drizzle_recv_rows_timeout
+syn keyword ngxDirectiveThirdParty contained drizzle_send_query_timeout
+syn keyword ngxDirectiveThirdParty contained drizzle_server
+syn keyword ngxDirectiveThirdParty contained drizzle_status
+
+" ngx_dynamic_upstream
+" https://github.com/cubicdaiya/ngx_dynamic_upstream
+syn keyword ngxDirectiveThirdParty contained dynamic_upstream
+
+" encrypt and decrypt nginx variable values
+" https://github.com/openresty/encrypted-session-nginx-module
+syn keyword ngxDirectiveThirdParty contained encrypted_session_expires
+syn keyword ngxDirectiveThirdParty contained encrypted_session_iv
+syn keyword ngxDirectiveThirdParty contained encrypted_session_key
+syn keyword ngxDirectiveThirdParty contained set_decrypt_session
+syn keyword ngxDirectiveThirdParty contained set_encrypt_session
+
+" serve content directly from MongoDB's GridFS
+" https://github.com/mdirolf/nginx-gridfs
+syn keyword ngxDirectiveThirdParty contained gridfs
+syn keyword ngxDirectiveThirdParty contained mongo
+
+" Adds support for arithmetic operations to NGINX config
+" https://github.com/arut/nginx-let-module
+syn keyword ngxDirectiveThirdParty contained let
+
+" ngx_http_lua_module - Embed the power of Lua into Nginx HTTP Servers
+" https://github.com/openresty/lua-nginx-module
syn keyword ngxDirectiveThirdParty contained access_by_lua
syn keyword ngxDirectiveThirdParty contained access_by_lua_block
syn keyword ngxDirectiveThirdParty contained access_by_lua_file
-syn keyword ngxDirectiveThirdParty contained header_filter_by_lua
-syn keyword ngxDirectiveThirdParty contained header_filter_by_lua_block
-syn keyword ngxDirectiveThirdParty contained header_filter_by_lua_file
+syn keyword ngxDirectiveThirdParty contained access_by_lua_no_postpone
+syn keyword ngxDirectiveThirdParty contained balancer_by_lua_block
+syn keyword ngxDirectiveThirdParty contained balancer_by_lua_file
syn keyword ngxDirectiveThirdParty contained body_filter_by_lua
syn keyword ngxDirectiveThirdParty contained body_filter_by_lua_block
syn keyword ngxDirectiveThirdParty contained body_filter_by_lua_file
+syn keyword ngxDirectiveThirdParty contained content_by_lua
+syn keyword ngxDirectiveThirdParty contained content_by_lua_block
+syn keyword ngxDirectiveThirdParty contained content_by_lua_file
+syn keyword ngxDirectiveThirdParty contained header_filter_by_lua
+syn keyword ngxDirectiveThirdParty contained header_filter_by_lua_block
+syn keyword ngxDirectiveThirdParty contained header_filter_by_lua_file
+syn keyword ngxDirectiveThirdParty contained init_by_lua
+syn keyword ngxDirectiveThirdParty contained init_by_lua_block
+syn keyword ngxDirectiveThirdParty contained init_by_lua_file
+syn keyword ngxDirectiveThirdParty contained init_worker_by_lua
+syn keyword ngxDirectiveThirdParty contained init_worker_by_lua_block
+syn keyword ngxDirectiveThirdParty contained init_worker_by_lua_file
syn keyword ngxDirectiveThirdParty contained log_by_lua
syn keyword ngxDirectiveThirdParty contained log_by_lua_block
syn keyword ngxDirectiveThirdParty contained log_by_lua_file
-syn keyword ngxDirectiveThirdParty contained balancer_by_lua_block
-syn keyword ngxDirectiveThirdParty contained balancer_by_lua_file
+syn keyword ngxDirectiveThirdParty contained lua_capture_error_log
+syn keyword ngxDirectiveThirdParty contained lua_check_client_abort
+syn keyword ngxDirectiveThirdParty contained lua_code_cache
+syn keyword ngxDirectiveThirdParty contained lua_fake_shm
+syn keyword ngxDirectiveThirdParty contained lua_http10_buffering
+syn keyword ngxDirectiveThirdParty contained lua_malloc_trim
+syn keyword ngxDirectiveThirdParty contained lua_max_pending_timers
+syn keyword ngxDirectiveThirdParty contained lua_max_running_timers
syn keyword ngxDirectiveThirdParty contained lua_need_request_body
-syn keyword ngxDirectiveThirdParty contained ssl_certificate_by_lua_block
-syn keyword ngxDirectiveThirdParty contained ssl_certificate_by_lua_file
-syn keyword ngxDirectiveThirdParty contained ssl_session_fetch_by_lua_block
-syn keyword ngxDirectiveThirdParty contained ssl_session_fetch_by_lua_file
-syn keyword ngxDirectiveThirdParty contained ssl_session_store_by_lua_block
-syn keyword ngxDirectiveThirdParty contained ssl_session_store_by_lua_file
+syn keyword ngxDirectiveThirdParty contained lua_package_cpath
+syn keyword ngxDirectiveThirdParty contained lua_package_path
+syn keyword ngxDirectiveThirdParty contained lua_regex_cache_max_entries
+syn keyword ngxDirectiveThirdParty contained lua_regex_match_limit
syn keyword ngxDirectiveThirdParty contained lua_shared_dict
-syn keyword ngxDirectiveThirdParty contained lua_socket_connect_timeout
-syn keyword ngxDirectiveThirdParty contained lua_socket_send_timeout
-syn keyword ngxDirectiveThirdParty contained lua_socket_send_lowat
-syn keyword ngxDirectiveThirdParty contained lua_socket_read_timeout
syn keyword ngxDirectiveThirdParty contained lua_socket_buffer_size
-syn keyword ngxDirectiveThirdParty contained lua_socket_pool_size
+syn keyword ngxDirectiveThirdParty contained lua_socket_connect_timeout
syn keyword ngxDirectiveThirdParty contained lua_socket_keepalive_timeout
syn keyword ngxDirectiveThirdParty contained lua_socket_log_errors
+syn keyword ngxDirectiveThirdParty contained lua_socket_pool_size
+syn keyword ngxDirectiveThirdParty contained lua_socket_read_timeout
+syn keyword ngxDirectiveThirdParty contained lua_socket_send_lowat
+syn keyword ngxDirectiveThirdParty contained lua_socket_send_timeout
syn keyword ngxDirectiveThirdParty contained lua_ssl_ciphers
syn keyword ngxDirectiveThirdParty contained lua_ssl_crl
syn keyword ngxDirectiveThirdParty contained lua_ssl_protocols
syn keyword ngxDirectiveThirdParty contained lua_ssl_trusted_certificate
syn keyword ngxDirectiveThirdParty contained lua_ssl_verify_depth
-syn keyword ngxDirectiveThirdParty contained lua_http10_buffering
-syn keyword ngxDirectiveThirdParty contained rewrite_by_lua_no_postpone
-syn keyword ngxDirectiveThirdParty contained access_by_lua_no_postpone
syn keyword ngxDirectiveThirdParty contained lua_transform_underscores_in_response_headers
-syn keyword ngxDirectiveThirdParty contained lua_check_client_abort
-syn keyword ngxDirectiveThirdParty contained lua_max_pending_timers
-syn keyword ngxDirectiveThirdParty contained lua_max_running_timers
-
-" MD5 Filter Module <https://github.com/kainswor/nginx_md5_filter>
-" A content filter for nginx, which returns the md5 hash of the content otherwise returned.
-syn keyword ngxDirectiveThirdParty contained md5_filter
+syn keyword ngxDirectiveThirdParty contained lua_use_default_type
+syn keyword ngxDirectiveThirdParty contained rewrite_by_lua
+syn keyword ngxDirectiveThirdParty contained rewrite_by_lua_block
+syn keyword ngxDirectiveThirdParty contained rewrite_by_lua_file
+syn keyword ngxDirectiveThirdParty contained rewrite_by_lua_no_postpone
+syn keyword ngxDirectiveThirdParty contained set_by_lua
+syn keyword ngxDirectiveThirdParty contained set_by_lua_block
+syn keyword ngxDirectiveThirdParty contained set_by_lua_file
+syn keyword ngxDirectiveThirdParty contained ssl_certificate_by_lua_block
+syn keyword ngxDirectiveThirdParty contained ssl_certificate_by_lua_file
+syn keyword ngxDirectiveThirdParty contained ssl_session_fetch_by_lua_block
+syn keyword ngxDirectiveThirdParty contained ssl_session_fetch_by_lua_file
+syn keyword ngxDirectiveThirdParty contained ssl_session_store_by_lua_block
+syn keyword ngxDirectiveThirdParty contained ssl_session_store_by_lua_file
-" Memc Module <https://github.com/openresty/memc-nginx-module>
-" An extended version of the standard memcached module that supports set, add, delete, and many more memcached commands.
+" ngx_memc - An extended version of the standard memcached module
+" https://github.com/openresty/memc-nginx-module
syn keyword ngxDirectiveThirdParty contained memc_buffer_size
syn keyword ngxDirectiveThirdParty contained memc_cmds_allowed
syn keyword ngxDirectiveThirdParty contained memc_connect_timeout
syn keyword ngxDirectiveThirdParty contained memc_flags_to_last_modified
+syn keyword ngxDirectiveThirdParty contained memc_ignore_client_abort
syn keyword ngxDirectiveThirdParty contained memc_next_upstream
syn keyword ngxDirectiveThirdParty contained memc_pass
syn keyword ngxDirectiveThirdParty contained memc_read_timeout
@@ -1203,528 +1324,751 @@
syn keyword ngxDirectiveThirdParty contained memc_upstream_fail_timeout
syn keyword ngxDirectiveThirdParty contained memc_upstream_max_fails
-" Mod Security Module <https://github.com/SpiderLabs/ModSecurity>
-" ModSecurity is an open source, cross platform web application firewall (WAF) engine
+" ModSecurity web application firewall
+" https://github.com/SpiderLabs/ModSecurity/tree/master
syn keyword ngxDirectiveThirdParty contained ModSecurityConfig
syn keyword ngxDirectiveThirdParty contained ModSecurityEnabled
-syn keyword ngxDirectiveThirdParty contained pool_context
syn keyword ngxDirectiveThirdParty contained pool_context_hash_size
-" Mogilefs Module <http://www.grid.net.ru/nginx/mogilefs.en.html>
-" MogileFS client for nginx web server.
-syn keyword ngxDirectiveThirdParty contained mogilefs_pass
-syn keyword ngxDirectiveThirdParty contained mogilefs_methods
-syn keyword ngxDirectiveThirdParty contained mogilefs_domain
-syn keyword ngxDirectiveThirdParty contained mogilefs_class
-syn keyword ngxDirectiveThirdParty contained mogilefs_tracker
-syn keyword ngxDirectiveThirdParty contained mogilefs_noverify
-syn keyword ngxDirectiveThirdParty contained mogilefs_connect_timeout
-syn keyword ngxDirectiveThirdParty contained mogilefs_send_timeout
-syn keyword ngxDirectiveThirdParty contained mogilefs_read_timeout
-
-" Mongo Module <https://github.com/simpl/ngx_mongo>
-" Upstream module that allows nginx to communicate directly with MongoDB database.
-syn keyword ngxDirectiveThirdParty contained mongo_auth
-syn keyword ngxDirectiveThirdParty contained mongo_pass
-syn keyword ngxDirectiveThirdParty contained mongo_query
-syn keyword ngxDirectiveThirdParty contained mongo_json
-syn keyword ngxDirectiveThirdParty contained mongo_bind
-syn keyword ngxDirectiveThirdParty contained mongo_connect_timeout
-syn keyword ngxDirectiveThirdParty contained mongo_send_timeout
-syn keyword ngxDirectiveThirdParty contained mongo_read_timeout
-syn keyword ngxDirectiveThirdParty contained mongo_buffering
-syn keyword ngxDirectiveThirdParty contained mongo_buffer_size
-syn keyword ngxDirectiveThirdParty contained mongo_buffers
-syn keyword ngxDirectiveThirdParty contained mongo_busy_buffers_size
-syn keyword ngxDirectiveThirdParty contained mongo_next_upstream
-
-" MP4 Streaming Lite Module <https://www.nginx.com/resources/wiki/modules/mp4_streaming/>
-" Will seek to a certain time within H.264/MP4 files when provided with a 'start' parameter in the URL.
-" syn keyword ngxDirectiveThirdParty contained mp4
-
-" NAXSI Module <https://github.com/nbs-system/naxsi>
" NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
-syn keyword ngxDirectiveThirdParty contained DeniedUrl denied_url
-syn keyword ngxDirectiveThirdParty contained LearningMode learning_mode
-syn keyword ngxDirectiveThirdParty contained SecRulesEnabled rules_enabled
-syn keyword ngxDirectiveThirdParty contained SecRulesDisabled rules_disabled
-syn keyword ngxDirectiveThirdParty contained CheckRule check_rule
-syn keyword ngxDirectiveThirdParty contained BasicRule basic_rule
-syn keyword ngxDirectiveThirdParty contained MainRule main_rule
-syn keyword ngxDirectiveThirdParty contained LibInjectionSql libinjection_sql
-syn keyword ngxDirectiveThirdParty contained LibInjectionXss libinjection_xss
-
-" Nchan Module <https://nchan.slact.net/>
-" Fast, horizontally scalable, multiprocess pub/sub queuing server and proxy for HTTP, long-polling, Websockets and EventSource (SSE)
-syn keyword ngxDirectiveThirdParty contained nchan_channel_id
-syn keyword ngxDirectiveThirdParty contained nchan_channel_id_split_delimiter
-syn keyword ngxDirectiveThirdParty contained nchan_eventsource_event
-syn keyword ngxDirectiveThirdParty contained nchan_longpoll_multipart_response
-syn keyword ngxDirectiveThirdParty contained nchan_publisher
-syn keyword ngxDirectiveThirdParty contained nchan_publisher_channel_id
-syn keyword ngxDirectiveThirdParty contained nchan_publisher_upstream_request
-syn keyword ngxDirectiveThirdParty contained nchan_pubsub
-syn keyword ngxDirectiveThirdParty contained nchan_subscribe_request
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_channel_id
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_compound_etag_message_id
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_first_message
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_http_raw_stream_separator
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_last_message_id
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_message_id_custom_etag_header
-syn keyword ngxDirectiveThirdParty contained nchan_subscriber_timeout
-syn keyword ngxDirectiveThirdParty contained nchan_unsubscribe_request
-syn keyword ngxDirectiveThirdParty contained nchan_websocket_ping_interval
-syn keyword ngxDirectiveThirdParty contained nchan_authorize_request
-syn keyword ngxDirectiveThirdParty contained nchan_max_reserved_memory
-syn keyword ngxDirectiveThirdParty contained nchan_message_buffer_length
-syn keyword ngxDirectiveThirdParty contained nchan_message_timeout
-syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_cache_timeout
-syn keyword ngxDirectiveThirdParty contained nchan_redis_namespace
-syn keyword ngxDirectiveThirdParty contained nchan_redis_pass
-syn keyword ngxDirectiveThirdParty contained nchan_redis_ping_interval
-syn keyword ngxDirectiveThirdParty contained nchan_redis_server
-syn keyword ngxDirectiveThirdParty contained nchan_redis_storage_mode
-syn keyword ngxDirectiveThirdParty contained nchan_redis_url
-syn keyword ngxDirectiveThirdParty contained nchan_store_messages
-syn keyword ngxDirectiveThirdParty contained nchan_use_redis
-syn keyword ngxDirectiveThirdParty contained nchan_access_control_allow_origin
-syn keyword ngxDirectiveThirdParty contained nchan_channel_group
-syn keyword ngxDirectiveThirdParty contained nchan_channel_group_accounting
-syn keyword ngxDirectiveThirdParty contained nchan_group_location
-syn keyword ngxDirectiveThirdParty contained nchan_group_max_channels
-syn keyword ngxDirectiveThirdParty contained nchan_group_max_messages
-syn keyword ngxDirectiveThirdParty contained nchan_group_max_messages_disk
-syn keyword ngxDirectiveThirdParty contained nchan_group_max_messages_memory
-syn keyword ngxDirectiveThirdParty contained nchan_group_max_subscribers
-syn keyword ngxDirectiveThirdParty contained nchan_subscribe_existing_channels_only
-syn keyword ngxDirectiveThirdParty contained nchan_channel_event_string
-syn keyword ngxDirectiveThirdParty contained nchan_channel_events_channel_id
-syn keyword ngxDirectiveThirdParty contained nchan_stub_status
-syn keyword ngxDirectiveThirdParty contained nchan_max_channel_id_length
-syn keyword ngxDirectiveThirdParty contained nchan_max_channel_subscribers
-syn keyword ngxDirectiveThirdParty contained nchan_channel_timeout
-syn keyword ngxDirectiveThirdParty contained nchan_storage_engine
-
-" Nginx Notice Module <https://github.com/kr/nginx-notice>
-" Serve static file to POST requests.
-syn keyword ngxDirectiveThirdParty contained notice
-syn keyword ngxDirectiveThirdParty contained notice_type
-
-" OCSP Proxy Module <https://github.com/kyprizel/nginx_ocsp_proxy-module>
-" Nginx OCSP processing module designed for response caching
-syn keyword ngxDirectiveThirdParty contained ocsp_proxy
-syn keyword ngxDirectiveThirdParty contained ocsp_cache_timeout
-
-" Eval Module <https://github.com/openresty/nginx-eval-module>
-" Module for nginx web server evaluates response of proxy or memcached module into variables.
-syn keyword ngxDirectiveThirdParty contained eval
-syn keyword ngxDirectiveThirdParty contained eval_escalate
-syn keyword ngxDirectiveThirdParty contained eval_buffer_size
-syn keyword ngxDirectiveThirdParty contained eval_override_content_type
-syn keyword ngxDirectiveThirdParty contained eval_subrequest_in_memory
-
-" OpenSSL Version Module <https://github.com/apcera/nginx-openssl-version>
-" Nginx OpenSSL version check at startup
-syn keyword ngxDirectiveThirdParty contained openssl_version_minimum
-syn keyword ngxDirectiveThirdParty contained openssl_builddate_minimum
-
-" Owner Match Module <https://www.nginx.com/resources/wiki/modules/owner_match/>
-" Control access for specific owners and groups of files
-syn keyword ngxDirectiveThirdParty contained omallow
-syn keyword ngxDirectiveThirdParty contained omdeny
-
-" Accept Language Module <https://www.nginx.com/resources/wiki/modules/accept_language/>
-" Parses the Accept-Language header and gives the most suitable locale from a list of supported locales.
-syn keyword ngxDirectiveThirdParty contained pagespeed
-
-" PHP Memcache Standard Balancer Module <https://github.com/replay/ngx_http_php_memcache_standard_balancer>
-" Loadbalancer that is compatible to the standard loadbalancer in the php-memcache module
-syn keyword ngxDirectiveThirdParty contained hash_key
-
-" PHP Session Module <https://github.com/replay/ngx_http_php_session>
-" Nginx module to parse php sessions
-syn keyword ngxDirectiveThirdParty contained php_session_parse
-syn keyword ngxDirectiveThirdParty contained php_session_strip_formatting
-
-" Phusion Passenger Module <https://www.phusionpassenger.com/library/config/nginx/>
-" Passenger is an open source web application server.
-syn keyword ngxDirectiveThirdParty contained passenger_root
-syn keyword ngxDirectiveThirdParty contained passenger_enabled
-syn keyword ngxDirectiveThirdParty contained passenger_base_uri
-syn keyword ngxDirectiveThirdParty contained passenger_document_root
-syn keyword ngxDirectiveThirdParty contained passenger_ruby
-syn keyword ngxDirectiveThirdParty contained passenger_python
-syn keyword ngxDirectiveThirdParty contained passenger_nodejs
-syn keyword ngxDirectiveThirdParty contained passenger_meteor_app_settings
+" https://github.com/nbs-system/naxsi
+syn keyword ngxDirectiveThirdParty contained BasicRule
+syn keyword ngxDirectiveThirdParty contained CheckRule
+syn keyword ngxDirectiveThirdParty contained DeniedUrl
+syn keyword ngxDirectiveThirdParty contained LearningMode
+syn keyword ngxDirectiveThirdParty contained LibInjectionSql
+syn keyword ngxDirectiveThirdParty contained LibInjectionXss
+syn keyword ngxDirectiveThirdParty contained MainRule
+syn keyword ngxDirectiveThirdParty contained SecRulesDisabled
+syn keyword ngxDirectiveThirdParty contained SecRulesEnabled
+syn keyword ngxDirectiveThirdParty contained basic_rule
+syn keyword ngxDirectiveThirdParty contained check_rule
+syn keyword ngxDirectiveThirdParty contained denied_url
+syn keyword ngxDirectiveThirdParty contained learning_mode
+syn keyword ngxDirectiveThirdParty contained libinjection_sql
+syn keyword ngxDirectiveThirdParty contained libinjection_xss
+syn keyword ngxDirectiveThirdParty contained main_rule
+syn keyword ngxDirectiveThirdParty contained rules_disabled
+syn keyword ngxDirectiveThirdParty contained rules_enabled
+
+" Phusion Passenger
+" https://www.phusionpassenger.com/library/config/nginx/reference/
+syn keyword ngxDirectiveThirdParty contained passenger_abort_on_startup_error
+syn keyword ngxDirectiveThirdParty contained passenger_abort_websockets_on_process_shutdown
syn keyword ngxDirectiveThirdParty contained passenger_app_env
-syn keyword ngxDirectiveThirdParty contained passenger_app_root
+syn keyword ngxDirectiveThirdParty contained passenger_app_file_descriptor_ulimit
syn keyword ngxDirectiveThirdParty contained passenger_app_group_name
+syn keyword ngxDirectiveThirdParty contained passenger_app_rights
+syn keyword ngxDirectiveThirdParty contained passenger_app_root
syn keyword ngxDirectiveThirdParty contained passenger_app_type
-syn keyword ngxDirectiveThirdParty contained passenger_startup_file
-syn keyword ngxDirectiveThirdParty contained passenger_restart_dir
-syn keyword ngxDirectiveThirdParty contained passenger_spawn_method
-syn keyword ngxDirectiveThirdParty contained passenger_env_var
-syn keyword ngxDirectiveThirdParty contained passenger_load_shell_envvars
-syn keyword ngxDirectiveThirdParty contained passenger_rolling_restarts
-syn keyword ngxDirectiveThirdParty contained passenger_resist_deployment_errors
-syn keyword ngxDirectiveThirdParty contained passenger_user_switching
-syn keyword ngxDirectiveThirdParty contained passenger_user
-syn keyword ngxDirectiveThirdParty contained passenger_group
-syn keyword ngxDirectiveThirdParty contained passenger_default_user
+syn keyword ngxDirectiveThirdParty contained passenger_base_uri
+syn keyword ngxDirectiveThirdParty contained passenger_buffer_response
+syn keyword ngxDirectiveThirdParty contained passenger_buffer_size
+syn keyword ngxDirectiveThirdParty contained passenger_buffers
+syn keyword ngxDirectiveThirdParty contained passenger_busy_buffers_size
+syn keyword ngxDirectiveThirdParty contained passenger_concurrency_model
+syn keyword ngxDirectiveThirdParty contained passenger_core_file_descriptor_ulimit
+syn keyword ngxDirectiveThirdParty contained passenger_ctl
+syn keyword ngxDirectiveThirdParty contained passenger_data_buffer_dir
+syn keyword ngxDirectiveThirdParty contained passenger_debugger
syn keyword ngxDirectiveThirdParty contained passenger_default_group
-syn keyword ngxDirectiveThirdParty contained passenger_show_version_in_header
-syn keyword ngxDirectiveThirdParty contained passenger_friendly_error_pages
+syn keyword ngxDirectiveThirdParty contained passenger_default_user
syn keyword ngxDirectiveThirdParty contained passenger_disable_security_update_check
-syn keyword ngxDirectiveThirdParty contained passenger_security_update_check_proxy
-syn keyword ngxDirectiveThirdParty contained passenger_max_pool_size
-syn keyword ngxDirectiveThirdParty contained passenger_min_instances
+syn keyword ngxDirectiveThirdParty contained passenger_document_root
+syn keyword ngxDirectiveThirdParty contained passenger_enabled
+syn keyword ngxDirectiveThirdParty contained passenger_env_var
+syn keyword ngxDirectiveThirdParty contained passenger_file_descriptor_log_file
+syn keyword ngxDirectiveThirdParty contained passenger_fly_with
+syn keyword ngxDirectiveThirdParty contained passenger_force_max_concurrent_requests_per_process
+syn keyword ngxDirectiveThirdParty contained passenger_friendly_error_pages
+syn keyword ngxDirectiveThirdParty contained passenger_group
+syn keyword ngxDirectiveThirdParty contained passenger_headers_hash_bucket_size
+syn keyword ngxDirectiveThirdParty contained passenger_headers_hash_max_size
+syn keyword ngxDirectiveThirdParty contained passenger_ignore_client_abort
+syn keyword ngxDirectiveThirdParty contained passenger_ignore_headers
+syn keyword ngxDirectiveThirdParty contained passenger_instance_registry_dir
+syn keyword ngxDirectiveThirdParty contained passenger_intercept_errors
+syn keyword ngxDirectiveThirdParty contained passenger_load_shell_envvars
+syn keyword ngxDirectiveThirdParty contained passenger_log_file
+syn keyword ngxDirectiveThirdParty contained passenger_log_level
syn keyword ngxDirectiveThirdParty contained passenger_max_instances
syn keyword ngxDirectiveThirdParty contained passenger_max_instances_per_app
-syn keyword ngxDirectiveThirdParty contained passenger_pool_idle_time
+syn keyword ngxDirectiveThirdParty contained passenger_max_pool_size
syn keyword ngxDirectiveThirdParty contained passenger_max_preloader_idle_time
-syn keyword ngxDirectiveThirdParty contained passenger_force_max_concurrent_requests_per_process
-syn keyword ngxDirectiveThirdParty contained passenger_start_timeout
-syn keyword ngxDirectiveThirdParty contained passenger_concurrency_model
-syn keyword ngxDirectiveThirdParty contained passenger_thread_count
-syn keyword ngxDirectiveThirdParty contained passenger_max_requests
+syn keyword ngxDirectiveThirdParty contained passenger_max_request_queue_size
+syn keyword ngxDirectiveThirdParty contained passenger_max_request_queue_time
syn keyword ngxDirectiveThirdParty contained passenger_max_request_time
+syn keyword ngxDirectiveThirdParty contained passenger_max_requests
syn keyword ngxDirectiveThirdParty contained passenger_memory_limit
-syn keyword ngxDirectiveThirdParty contained passenger_stat_throttle_rate
-syn keyword ngxDirectiveThirdParty contained passenger_core_file_descriptor_ulimit
-syn keyword ngxDirectiveThirdParty contained passenger_app_file_descriptor_ulimit
+syn keyword ngxDirectiveThirdParty contained passenger_meteor_app_settings
+syn keyword ngxDirectiveThirdParty contained passenger_min_instances
+syn keyword ngxDirectiveThirdParty contained passenger_nodejs
+syn keyword ngxDirectiveThirdParty contained passenger_pass_header
+syn keyword ngxDirectiveThirdParty contained passenger_pool_idle_time
syn keyword ngxDirectiveThirdParty contained passenger_pre_start
-syn keyword ngxDirectiveThirdParty contained passenger_set_header
-syn keyword ngxDirectiveThirdParty contained passenger_max_request_queue_size
+syn keyword ngxDirectiveThirdParty contained passenger_python
+syn keyword ngxDirectiveThirdParty contained passenger_read_timeout
syn keyword ngxDirectiveThirdParty contained passenger_request_queue_overflow_status_code
-syn keyword ngxDirectiveThirdParty contained passenger_sticky_sessions
-syn keyword ngxDirectiveThirdParty contained passenger_sticky_sessions_cookie_name
-syn keyword ngxDirectiveThirdParty contained passenger_abort_websockets_on_process_shutdown
-syn keyword ngxDirectiveThirdParty contained passenger_ignore_client_abort
-syn keyword ngxDirectiveThirdParty contained passenger_intercept_errors
-syn keyword ngxDirectiveThirdParty contained passenger_pass_header
-syn keyword ngxDirectiveThirdParty contained passenger_ignore_headers
-syn keyword ngxDirectiveThirdParty contained passenger_headers_hash_bucket_size
-syn keyword ngxDirectiveThirdParty contained passenger_headers_hash_max_size
-syn keyword ngxDirectiveThirdParty contained passenger_buffer_response
+syn keyword ngxDirectiveThirdParty contained passenger_resist_deployment_errors
syn keyword ngxDirectiveThirdParty contained passenger_response_buffer_high_watermark
-syn keyword ngxDirectiveThirdParty contained passenger_buffer_size, passenger_buffers, passenger_busy_buffers_size
+syn keyword ngxDirectiveThirdParty contained passenger_restart_dir
+syn keyword ngxDirectiveThirdParty contained passenger_rolling_restarts
+syn keyword ngxDirectiveThirdParty contained passenger_root
+syn keyword ngxDirectiveThirdParty contained passenger_ruby
+syn keyword ngxDirectiveThirdParty contained passenger_security_update_check_proxy
+syn keyword ngxDirectiveThirdParty contained passenger_set_header
+syn keyword ngxDirectiveThirdParty contained passenger_show_version_in_header
syn keyword ngxDirectiveThirdParty contained passenger_socket_backlog
-syn keyword ngxDirectiveThirdParty contained passenger_log_level
-syn keyword ngxDirectiveThirdParty contained passenger_log_file
-syn keyword ngxDirectiveThirdParty contained passenger_file_descriptor_log_file
-syn keyword ngxDirectiveThirdParty contained passenger_debugger
-syn keyword ngxDirectiveThirdParty contained passenger_instance_registry_dir
-syn keyword ngxDirectiveThirdParty contained passenger_data_buffer_dir
-syn keyword ngxDirectiveThirdParty contained passenger_fly_with
-syn keyword ngxDirectiveThirdParty contained union_station_support
-syn keyword ngxDirectiveThirdParty contained union_station_key
-syn keyword ngxDirectiveThirdParty contained union_station_proxy_address
-syn keyword ngxDirectiveThirdParty contained union_station_filter
-syn keyword ngxDirectiveThirdParty contained union_station_gateway_address
-syn keyword ngxDirectiveThirdParty contained union_station_gateway_port
-syn keyword ngxDirectiveThirdParty contained union_station_gateway_cert
-syn keyword ngxDirectiveDeprecated contained rails_spawn_method
-syn keyword ngxDirectiveDeprecated contained passenger_debug_log_file
+syn keyword ngxDirectiveThirdParty contained passenger_spawn_method
+syn keyword ngxDirectiveThirdParty contained passenger_start_timeout
+syn keyword ngxDirectiveThirdParty contained passenger_startup_file
+syn keyword ngxDirectiveThirdParty contained passenger_stat_throttle_rate
+syn keyword ngxDirectiveThirdParty contained passenger_sticky_sessions
+syn keyword ngxDirectiveThirdParty contained passenger_sticky_sessions_cookie_name
+syn keyword ngxDirectiveThirdParty contained passenger_thread_count
+syn keyword ngxDirectiveThirdParty contained passenger_turbocaching
+syn keyword ngxDirectiveThirdParty contained passenger_user
+syn keyword ngxDirectiveThirdParty contained passenger_user_switching
+syn keyword ngxDirectiveThirdParty contained passenger_vary_turbocache_by_cookie
+syn keyword ngxDirectiveThirdPartyDeprecated contained passenger_analytics_log_group
+syn keyword ngxDirectiveThirdPartyDeprecated contained passenger_analytics_log_user
+syn keyword ngxDirectiveThirdPartyDeprecated contained passenger_debug_log_file
+syn keyword ngxDirectiveThirdPartyDeprecated contained passenger_use_global_queue
+syn keyword ngxDirectiveThirdPartyDeprecated contained rack_env
+syn keyword ngxDirectiveThirdPartyDeprecated contained rails_app_spawner_idle_time
+syn keyword ngxDirectiveThirdPartyDeprecated contained rails_env
+syn keyword ngxDirectiveThirdPartyDeprecated contained rails_framework_spawner_idle_time
+syn keyword ngxDirectiveThirdPartyDeprecated contained rails_spawn_method
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_filter
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_gateway_address
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_gateway_cert
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_gateway_port
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_key
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_proxy_address
+syn keyword ngxDirectiveThirdPartyDeprecated contained union_station_support
+
+" ngx_postgres is an upstream module that allows nginx to communicate directly with PostgreSQL database
+" https://github.com/FRiCKLE/ngx_postgres
+syn keyword ngxDirectiveThirdParty contained postgres_connect_timeout
+syn keyword ngxDirectiveThirdParty contained postgres_escape
+syn keyword ngxDirectiveThirdParty contained postgres_keepalive
+syn keyword ngxDirectiveThirdParty contained postgres_output
+syn keyword ngxDirectiveThirdParty contained postgres_pass
+syn keyword ngxDirectiveThirdParty contained postgres_query
+syn keyword ngxDirectiveThirdParty contained postgres_result_timeout
+syn keyword ngxDirectiveThirdParty contained postgres_rewrite
+syn keyword ngxDirectiveThirdParty contained postgres_server
+syn keyword ngxDirectiveThirdParty contained postgres_set
+
+" ngx_rds_csv - Nginx output filter module to convert Resty-DBD-Streams (RDS) to Comma-Separated Values (CSV)
+" https://github.com/openresty/rds-csv-nginx-module
+syn keyword ngxDirectiveThirdParty contained rds_csv
+syn keyword ngxDirectiveThirdParty contained rds_csv_buffer_size
+syn keyword ngxDirectiveThirdParty contained rds_csv_content_type
+syn keyword ngxDirectiveThirdParty contained rds_csv_field_name_header
+syn keyword ngxDirectiveThirdParty contained rds_csv_field_separator
+syn keyword ngxDirectiveThirdParty contained rds_csv_row_terminator
+
+" ngx_rds_json - an output filter that formats Resty DBD Streams generated by ngx_drizzle and others to JSON
+" https://github.com/openresty/rds-json-nginx-module
+syn keyword ngxDirectiveThirdParty contained rds_json
+syn keyword ngxDirectiveThirdParty contained rds_json_buffer_size
+syn keyword ngxDirectiveThirdParty contained rds_json_content_type
+syn keyword ngxDirectiveThirdParty contained rds_json_errcode_key
+syn keyword ngxDirectiveThirdParty contained rds_json_errstr_key
+syn keyword ngxDirectiveThirdParty contained rds_json_format
+syn keyword ngxDirectiveThirdParty contained rds_json_ret
+syn keyword ngxDirectiveThirdParty contained rds_json_root
+syn keyword ngxDirectiveThirdParty contained rds_json_success_property
+syn keyword ngxDirectiveThirdParty contained rds_json_user_property
+
+" ngx_redis2 - Nginx upstream module for the Redis 2.0 protocol
+" https://github.com/openresty/redis2-nginx-module
+syn keyword ngxDirectiveThirdParty contained redis2_bind
+syn keyword ngxDirectiveThirdParty contained redis2_buffer_size
+syn keyword ngxDirectiveThirdParty contained redis2_connect_timeout
+syn keyword ngxDirectiveThirdParty contained redis2_literal_raw_query
+syn keyword ngxDirectiveThirdParty contained redis2_next_upstream
+syn keyword ngxDirectiveThirdParty contained redis2_pass
+syn keyword ngxDirectiveThirdParty contained redis2_query
+syn keyword ngxDirectiveThirdParty contained redis2_raw_queries
+syn keyword ngxDirectiveThirdParty contained redis2_raw_query
+syn keyword ngxDirectiveThirdParty contained redis2_read_timeout
+syn keyword ngxDirectiveThirdParty contained redis2_send_timeout
+
+" NGINX-based Media Streaming Server
+" https://github.com/arut/nginx-rtmp-module
+syn keyword ngxDirectiveThirdParty contained ack_window
+syn keyword ngxDirectiveThirdParty contained application
+syn keyword ngxDirectiveThirdParty contained buffer
+syn keyword ngxDirectiveThirdParty contained buflen
+syn keyword ngxDirectiveThirdParty contained busy
+syn keyword ngxDirectiveThirdParty contained chunk_size
+syn keyword ngxDirectiveThirdParty contained dash
+syn keyword ngxDirectiveThirdParty contained dash_cleanup
+syn keyword ngxDirectiveThirdParty contained dash_fragment
+syn keyword ngxDirectiveThirdParty contained dash_nested
+syn keyword ngxDirectiveThirdParty contained dash_path
+syn keyword ngxDirectiveThirdParty contained dash_playlist_length
+syn keyword ngxDirectiveThirdParty contained drop_idle_publisher
+syn keyword ngxDirectiveThirdParty contained exec
+syn keyword ngxDirectiveThirdParty contained exec_block
+syn keyword ngxDirectiveThirdParty contained exec_kill_signal
+syn keyword ngxDirectiveThirdParty contained exec_options
+syn keyword ngxDirectiveThirdParty contained exec_play
+syn keyword ngxDirectiveThirdParty contained exec_play_done
+syn keyword ngxDirectiveThirdParty contained exec_publish
+syn keyword ngxDirectiveThirdParty contained exec_publish_done
+syn keyword ngxDirectiveThirdParty contained exec_pull
+syn keyword ngxDirectiveThirdParty contained exec_push
+syn keyword ngxDirectiveThirdParty contained exec_record_done
+syn keyword ngxDirectiveThirdParty contained exec_static
+syn keyword ngxDirectiveThirdParty contained hls_audio_buffer_size
+syn keyword ngxDirectiveThirdParty contained hls_base_url
+syn keyword ngxDirectiveThirdParty contained hls_cleanup
+syn keyword ngxDirectiveThirdParty contained hls_continuous
+syn keyword ngxDirectiveThirdParty contained hls_fragment_naming
+syn keyword ngxDirectiveThirdParty contained hls_fragment_naming_granularity
+syn keyword ngxDirectiveThirdParty contained hls_fragment_slicing
+syn keyword ngxDirectiveThirdParty contained hls_fragments_per_key
+syn keyword ngxDirectiveThirdParty contained hls_key_path
+syn keyword ngxDirectiveThirdParty contained hls_key_url
+syn keyword ngxDirectiveThirdParty contained hls_keys
+syn keyword ngxDirectiveThirdParty contained hls_max_audio_delay
+syn keyword ngxDirectiveThirdParty contained hls_max_fragment
+syn keyword ngxDirectiveThirdParty contained hls_muxdelay
+syn keyword ngxDirectiveThirdParty contained hls_nested
+syn keyword ngxDirectiveThirdParty contained hls_path
+syn keyword ngxDirectiveThirdParty contained hls_playlist_length
+syn keyword ngxDirectiveThirdParty contained hls_sync
+syn keyword ngxDirectiveThirdParty contained hls_type
+syn keyword ngxDirectiveThirdParty contained hls_variant
+syn keyword ngxDirectiveThirdParty contained idle_streams
+syn keyword ngxDirectiveThirdParty contained interleave
+syn keyword ngxDirectiveThirdParty contained live
+syn keyword ngxDirectiveThirdParty contained max_connections
+syn keyword ngxDirectiveThirdParty contained max_message
+syn keyword ngxDirectiveThirdParty contained max_streams
+syn keyword ngxDirectiveThirdParty contained meta
+syn keyword ngxDirectiveThirdParty contained netcall_buffer
+syn keyword ngxDirectiveThirdParty contained netcall_timeout
+syn keyword ngxDirectiveThirdParty contained notify_method
+syn keyword ngxDirectiveThirdParty contained notify_relay_redirect
+syn keyword ngxDirectiveThirdParty contained notify_update_strict
+syn keyword ngxDirectiveThirdParty contained notify_update_timeout
+syn keyword ngxDirectiveThirdParty contained on_connect
+syn keyword ngxDirectiveThirdParty contained on_disconnect
+syn keyword ngxDirectiveThirdParty contained on_done
+syn keyword ngxDirectiveThirdParty contained on_play
+syn keyword ngxDirectiveThirdParty contained on_play_done
+syn keyword ngxDirectiveThirdParty contained on_publish
+syn keyword ngxDirectiveThirdParty contained on_publish_done
+syn keyword ngxDirectiveThirdParty contained on_record_done
+syn keyword ngxDirectiveThirdParty contained on_update
+syn keyword ngxDirectiveThirdParty contained out_cork
+syn keyword ngxDirectiveThirdParty contained out_queue
+syn keyword ngxDirectiveThirdParty contained ping
+syn keyword ngxDirectiveThirdParty contained ping_timeout
+syn keyword ngxDirectiveThirdParty contained play
+syn keyword ngxDirectiveThirdParty contained play_local_path
+syn keyword ngxDirectiveThirdParty contained play_restart
+syn keyword ngxDirectiveThirdParty contained play_temp_path
+syn keyword ngxDirectiveThirdParty contained play_time_fix
+syn keyword ngxDirectiveThirdParty contained publish_notify
+syn keyword ngxDirectiveThirdParty contained publish_time_fix
+syn keyword ngxDirectiveThirdParty contained pull
+syn keyword ngxDirectiveThirdParty contained pull_reconnect
+syn keyword ngxDirectiveThirdParty contained push
+syn keyword ngxDirectiveThirdParty contained push_reconnect
+syn keyword ngxDirectiveThirdParty contained record
+syn keyword ngxDirectiveThirdParty contained record_append
+syn keyword ngxDirectiveThirdParty contained record_interval
+syn keyword ngxDirectiveThirdParty contained record_lock
+syn keyword ngxDirectiveThirdParty contained record_max_frames
+syn keyword ngxDirectiveThirdParty contained record_max_size
+syn keyword ngxDirectiveThirdParty contained record_notify
+syn keyword ngxDirectiveThirdParty contained record_path
+syn keyword ngxDirectiveThirdParty contained record_suffix
+syn keyword ngxDirectiveThirdParty contained record_unique
+syn keyword ngxDirectiveThirdParty contained recorder
+syn keyword ngxDirectiveThirdParty contained relay_buffer
+syn keyword ngxDirectiveThirdParty contained respawn
+syn keyword ngxDirectiveThirdParty contained respawn_timeout
+syn keyword ngxDirectiveThirdParty contained rtmp
+syn keyword ngxDirectiveThirdParty contained rtmp_auto_push
+syn keyword ngxDirectiveThirdParty contained rtmp_auto_push_reconnect
+syn keyword ngxDirectiveThirdParty contained rtmp_control
+syn keyword ngxDirectiveThirdParty contained rtmp_socket_dir
+syn keyword ngxDirectiveThirdParty contained rtmp_stat
+syn keyword ngxDirectiveThirdParty contained rtmp_stat_stylesheet
+syn keyword ngxDirectiveThirdParty contained session_relay
+syn keyword ngxDirectiveThirdParty contained so_keepalive
+syn keyword ngxDirectiveThirdParty contained stream_buckets
+syn keyword ngxDirectiveThirdParty contained sync
+syn keyword ngxDirectiveThirdParty contained wait_key
+syn keyword ngxDirectiveThirdParty contained wait_video
+
+" ngx_set_misc - Various set_xxx directives added to nginx's rewrite module (md5/sha1, sql/json quoting, and many more)
+" https://github.com/openresty/set-misc-nginx-module
+syn keyword ngxDirectiveThirdParty contained set_base32_alphabet
+syn keyword ngxDirectiveThirdParty contained set_base32_padding
+syn keyword ngxDirectiveThirdParty contained set_decode_base32
+syn keyword ngxDirectiveThirdParty contained set_decode_base64
+syn keyword ngxDirectiveThirdParty contained set_decode_hex
+syn keyword ngxDirectiveThirdParty contained set_encode_base32
+syn keyword ngxDirectiveThirdParty contained set_encode_base64
+syn keyword ngxDirectiveThirdParty contained set_encode_hex
+syn keyword ngxDirectiveThirdParty contained set_escape_uri
+syn keyword ngxDirectiveThirdParty contained set_formatted_gmt_time
+syn keyword ngxDirectiveThirdParty contained set_formatted_local_time
+syn keyword ngxDirectiveThirdParty contained set_hashed_upstream
+syn keyword ngxDirectiveThirdParty contained set_hmac_sha1
+syn keyword ngxDirectiveThirdParty contained set_if_empty
+syn keyword ngxDirectiveThirdParty contained set_local_today
+syn keyword ngxDirectiveThirdParty contained set_misc_base32_padding
+syn keyword ngxDirectiveThirdParty contained set_quote_json_str
+syn keyword ngxDirectiveThirdParty contained set_quote_pgsql_str
+syn keyword ngxDirectiveThirdParty contained set_quote_sql_str
+syn keyword ngxDirectiveThirdParty contained set_random
+syn keyword ngxDirectiveThirdParty contained set_rotate
+syn keyword ngxDirectiveThirdParty contained set_secure_random_alphanum
+syn keyword ngxDirectiveThirdParty contained set_secure_random_lcalpha
+syn keyword ngxDirectiveThirdParty contained set_unescape_uri
+
+" nginx-sflow-module
+" https://github.com/sflow/nginx-sflow-module
+syn keyword ngxDirectiveThirdParty contained sflow
+
+" Shibboleth auth request module for Nginx
+" https://github.com/nginx-shib/nginx-http-shibboleth
+syn keyword ngxDirectiveThirdParty contained shib_request
+syn keyword ngxDirectiveThirdParty contained shib_request_set
+syn keyword ngxDirectiveThirdParty contained shib_request_use_headers
+
+" nginx module which adds ability to cache static files
+" https://github.com/FRiCKLE/ngx_slowfs_cache
+syn keyword ngxDirectiveThirdParty contained slowfs_big_file_size
+syn keyword ngxDirectiveThirdParty contained slowfs_cache
+syn keyword ngxDirectiveThirdParty contained slowfs_cache_key
+syn keyword ngxDirectiveThirdParty contained slowfs_cache_min_uses
+syn keyword ngxDirectiveThirdParty contained slowfs_cache_path
+syn keyword ngxDirectiveThirdParty contained slowfs_cache_purge
+syn keyword ngxDirectiveThirdParty contained slowfs_cache_valid
+syn keyword ngxDirectiveThirdParty contained slowfs_temp_path
+
+" Dynamic Image Transformation Module For nginx
+" https://github.com/cubicdaiya/ngx_small_light
+syn keyword ngxDirectiveThirdParty contained small_light
+syn keyword ngxDirectiveThirdParty contained small_light_buffer
+syn keyword ngxDirectiveThirdParty contained small_light_getparam_mode
+syn keyword ngxDirectiveThirdParty contained small_light_imlib2_temp_dir
+syn keyword ngxDirectiveThirdParty contained small_light_material_dir
+syn keyword ngxDirectiveThirdParty contained small_light_pattern_define
+syn keyword ngxDirectiveThirdParty contained small_light_radius_max
+syn keyword ngxDirectiveThirdParty contained small_light_sigma_max
+
+" ngx_srcache - Transparent subrequest-based caching layout for arbitrary nginx locations
+" https://github.com/openresty/srcache-nginx-module
+syn keyword ngxDirectiveThirdParty contained srcache_buffer
+syn keyword ngxDirectiveThirdParty contained srcache_default_expire
+syn keyword ngxDirectiveThirdParty contained srcache_fetch
+syn keyword ngxDirectiveThirdParty contained srcache_fetch_skip
+syn keyword ngxDirectiveThirdParty contained srcache_header_buffer_size
+syn keyword ngxDirectiveThirdParty contained srcache_ignore_content_encoding
+syn keyword ngxDirectiveThirdParty contained srcache_max_expire
+syn keyword ngxDirectiveThirdParty contained srcache_methods
+syn keyword ngxDirectiveThirdParty contained srcache_request_cache_control
+syn keyword ngxDirectiveThirdParty contained srcache_response_cache_control
+syn keyword ngxDirectiveThirdParty contained srcache_store
+syn keyword ngxDirectiveThirdParty contained srcache_store_hide_header
+syn keyword ngxDirectiveThirdParty contained srcache_store_max_size
+syn keyword ngxDirectiveThirdParty contained srcache_store_no_cache
+syn keyword ngxDirectiveThirdParty contained srcache_store_no_store
+syn keyword ngxDirectiveThirdParty contained srcache_store_pass_header
+syn keyword ngxDirectiveThirdParty contained srcache_store_private
+syn keyword ngxDirectiveThirdParty contained srcache_store_ranges
+syn keyword ngxDirectiveThirdParty contained srcache_store_skip
+syn keyword ngxDirectiveThirdParty contained srcache_store_statuses
+
+" NGINX-based VOD Packager
+" https://github.com/kaltura/nginx-vod-module
+syn keyword ngxDirectiveThirdParty contained vod
+syn keyword ngxDirectiveThirdParty contained vod_align_segments_to_key_frames
+syn keyword ngxDirectiveThirdParty contained vod_apply_dynamic_mapping
+syn keyword ngxDirectiveThirdParty contained vod_base_url
+syn keyword ngxDirectiveThirdParty contained vod_bootstrap_segment_durations
+syn keyword ngxDirectiveThirdParty contained vod_cache_buffer_size
+syn keyword ngxDirectiveThirdParty contained vod_clip_from_param_name
+syn keyword ngxDirectiveThirdParty contained vod_clip_to_param_name
+syn keyword ngxDirectiveThirdParty contained vod_drm_clear_lead_segment_count
+syn keyword ngxDirectiveThirdParty contained vod_drm_enabled
+syn keyword ngxDirectiveThirdParty contained vod_drm_info_cache
+syn keyword ngxDirectiveThirdParty contained vod_drm_max_info_length
+syn keyword ngxDirectiveThirdParty contained vod_drm_request_uri
+syn keyword ngxDirectiveThirdParty contained vod_drm_single_key
+syn keyword ngxDirectiveThirdParty contained vod_drm_upstream_location
+syn keyword ngxDirectiveThirdParty contained vod_dynamic_clip_map_uri
+syn keyword ngxDirectiveThirdParty contained vod_dynamic_mapping_cache
+syn keyword ngxDirectiveThirdParty contained vod_encryption_iv_seed
+syn keyword ngxDirectiveThirdParty contained vod_expires
+syn keyword ngxDirectiveThirdParty contained vod_expires_live
+syn keyword ngxDirectiveThirdParty contained vod_expires_live_time_dependent
+syn keyword ngxDirectiveThirdParty contained vod_fallback_upstream_location
+syn keyword ngxDirectiveThirdParty contained vod_force_continuous_timestamps
+syn keyword ngxDirectiveThirdParty contained vod_force_playlist_type_vod
+syn keyword ngxDirectiveThirdParty contained vod_gop_look_ahead
+syn keyword ngxDirectiveThirdParty contained vod_gop_look_behind
+syn keyword ngxDirectiveThirdParty contained vod_ignore_edit_list
+syn keyword ngxDirectiveThirdParty contained vod_initial_read_size
+syn keyword ngxDirectiveThirdParty contained vod_lang_param_name
+syn keyword ngxDirectiveThirdParty contained vod_last_modified
+syn keyword ngxDirectiveThirdParty contained vod_last_modified_types
+syn keyword ngxDirectiveThirdParty contained vod_live_mapping_cache
+syn keyword ngxDirectiveThirdParty contained vod_live_response_cache
+syn keyword ngxDirectiveThirdParty contained vod_live_window_duration
+syn keyword ngxDirectiveThirdParty contained vod_manifest_duration_policy
+syn keyword ngxDirectiveThirdParty contained vod_manifest_segment_durations_mode
+syn keyword ngxDirectiveThirdParty contained vod_mapping_cache
+syn keyword ngxDirectiveThirdParty contained vod_max_frames_size
+syn keyword ngxDirectiveThirdParty contained vod_max_mapping_response_size
+syn keyword ngxDirectiveThirdParty contained vod_max_metadata_size
+syn keyword ngxDirectiveThirdParty contained vod_max_upstream_headers_size
+syn keyword ngxDirectiveThirdParty contained vod_media_set_map_uri
+syn keyword ngxDirectiveThirdParty contained vod_media_set_override_json
+syn keyword ngxDirectiveThirdParty contained vod_metadata_cache
+syn keyword ngxDirectiveThirdParty contained vod_min_single_nalu_per_frame_segment
+syn keyword ngxDirectiveThirdParty contained vod_mode
+syn keyword ngxDirectiveThirdParty contained vod_multi_uri_suffix
+syn keyword ngxDirectiveThirdParty contained vod_notification_uri
+syn keyword ngxDirectiveThirdParty contained vod_open_file_thread_pool
+syn keyword ngxDirectiveThirdParty contained vod_output_buffer_pool
+syn keyword ngxDirectiveThirdParty contained vod_parse_hdlr_name
+syn keyword ngxDirectiveThirdParty contained vod_path_response_postfix
+syn keyword ngxDirectiveThirdParty contained vod_path_response_prefix
+syn keyword ngxDirectiveThirdParty contained vod_performance_counters
+syn keyword ngxDirectiveThirdParty contained vod_proxy_header_name
+syn keyword ngxDirectiveThirdParty contained vod_proxy_header_value
+syn keyword ngxDirectiveThirdParty contained vod_redirect_segments_url
+syn keyword ngxDirectiveThirdParty contained vod_remote_upstream_location
+syn keyword ngxDirectiveThirdParty contained vod_response_cache
+syn keyword ngxDirectiveThirdParty contained vod_secret_key
+syn keyword ngxDirectiveThirdParty contained vod_segment_count_policy
+syn keyword ngxDirectiveThirdParty contained vod_segment_duration
+syn keyword ngxDirectiveThirdParty contained vod_segments_base_url
+syn keyword ngxDirectiveThirdParty contained vod_source_clip_map_uri
+syn keyword ngxDirectiveThirdParty contained vod_speed_param_name
+syn keyword ngxDirectiveThirdParty contained vod_status
+syn keyword ngxDirectiveThirdParty contained vod_time_shift_param_name
+syn keyword ngxDirectiveThirdParty contained vod_tracks_param_name
+syn keyword ngxDirectiveThirdParty contained vod_upstream_extra_args
+syn keyword ngxDirectiveThirdParty contained vod_upstream_location
+
+" Nginx virtual host traffic status module
+" https://github.com/vozlt/nginx-module-vts
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_average_method
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_bypass_limit
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_bypass_stats
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display_format
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display_jsonp
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display_sum_key
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_dump
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter_by_host
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter_by_set_key
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter_check_duplicate
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit_check_duplicate
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit_traffic
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit_traffic_by_set_key
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_set_by_filter
+syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_zone
+
+" xss-nginx-module - Native cross-site scripting support in nginx
+" https://github.com/openresty/xss-nginx-module
+syn keyword ngxDirectiveThirdParty contained xss_callback_arg
+syn keyword ngxDirectiveThirdParty contained xss_check_status
+syn keyword ngxDirectiveThirdParty contained xss_get
+syn keyword ngxDirectiveThirdParty contained xss_input_types
+syn keyword ngxDirectiveThirdParty contained xss_output_type
+syn keyword ngxDirectiveThirdParty contained xss_override_status
+
+" Add support for array-typed variables to nginx config files
+" https://github.com/openresty/array-var-nginx-module
+syn keyword ngxDirectiveThirdParty contained array_join
+syn keyword ngxDirectiveThirdParty contained array_map
+syn keyword ngxDirectiveThirdParty contained array_map_op
+syn keyword ngxDirectiveThirdParty contained array_split
+
+" NGINX module for Brotli compression
+" https://github.com/eustas/ngx_brotli
+syn keyword ngxDirectiveThirdParty contained brotli
+syn keyword ngxDirectiveThirdParty contained brotli_buffers
+syn keyword ngxDirectiveThirdParty contained brotli_comp_level
+syn keyword ngxDirectiveThirdParty contained brotli_min_length
+syn keyword ngxDirectiveThirdParty contained brotli_static
+syn keyword ngxDirectiveThirdParty contained brotli_types
+syn keyword ngxDirectiveThirdParty contained brotli_window
+
+" form-input-nginx-module
+" https://github.com/calio/form-input-nginx-module
+syn keyword ngxDirectiveThirdParty contained set_form_input
+syn keyword ngxDirectiveThirdParty contained set_form_input_multi
+
+" character conversion nginx module using libiconv
+" https://github.com/calio/iconv-nginx-module
+syn keyword ngxDirectiveThirdParty contained iconv_buffer_size
+syn keyword ngxDirectiveThirdParty contained iconv_filter
+syn keyword ngxDirectiveThirdParty contained set_iconv
+
+" 3rd party modules list taken from
+" https://www.nginx.com/resources/wiki/modules/
+" ---------------------------------------------
+
+" Nginx Module for Authenticating Akamai G2O requests
+" https://github.com/kaltura/nginx_mod_akamai_g2o
+syn keyword ngxDirectiveThirdParty contained g2o
+syn keyword ngxDirectiveThirdParty contained g2o_data_header
+syn keyword ngxDirectiveThirdParty contained g2o_hash_function
+syn keyword ngxDirectiveThirdParty contained g2o_key
+syn keyword ngxDirectiveThirdParty contained g2o_log_level
+syn keyword ngxDirectiveThirdParty contained g2o_nonce
+syn keyword ngxDirectiveThirdParty contained g2o_sign_header
+syn keyword ngxDirectiveThirdParty contained g2o_time_window
+syn keyword ngxDirectiveThirdParty contained g2o_version
+
+" nginx_lua_module
+" https://github.com/alacner/nginx_lua_module
+syn keyword ngxDirectiveThirdParty contained lua_file
+
+" Nginx Audio Track for HTTP Live Streaming
+" https://github.com/flavioribeiro/nginx-audio-track-for-hls-module
+syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track
+syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track_output_format
+syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track_output_header
+syn keyword ngxDirectiveThirdParty contained ngx_hls_audio_track_rootpath
+
+" A Nginx module to dump backtrace when a worker process exits abnormally
+" https://github.com/alibaba/nginx-backtrace
+syn keyword ngxDirectiveThirdParty contained backtrace_log
+syn keyword ngxDirectiveThirdParty contained backtrace_max_stack_size
+
+" circle_gif module
+" https://github.com/evanmiller/nginx_circle_gif
+syn keyword ngxDirectiveThirdParty contained circle_gif
+syn keyword ngxDirectiveThirdParty contained circle_gif_max_radius
+syn keyword ngxDirectiveThirdParty contained circle_gif_min_radius
+syn keyword ngxDirectiveThirdParty contained circle_gif_step_radius
+
+" Upstream Consistent Hash
+" https://github.com/replay/ngx_http_consistent_hash
+syn keyword ngxDirectiveThirdParty contained consistent_hash
+
+" Nginx module for etags on dynamic content
+" https://github.com/kali/nginx-dynamic-etags
+syn keyword ngxDirectiveThirdParty contained dynamic_etags
+
+" Enhanced Nginx Memcached Module
+" https://github.com/bpaquet/ngx_http_enhanced_memcached_module
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_allow_delete
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_allow_put
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_bind
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_buffer_size
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_connect_timeout
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_flush
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_flush_namespace
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_hash_keys_with_md5
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_pass
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_read_timeout
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_send_timeout
+syn keyword ngxDirectiveThirdParty contained enhanced_memcached_stats
+
+" nginx max connections queue
+" https://github.com/ezmobius/nginx-ey-balancer
+syn keyword ngxDirectiveThirdParty contained max_connections_max_queue_length
+syn keyword ngxDirectiveThirdParty contained max_connections_queue_timeout
+
+" Nginx module for POST authentication and authorization
+" https://github.com/veruu/ngx_form_auth
+syn keyword ngxDirectiveThirdParty contained form_auth
+syn keyword ngxDirectiveThirdParty contained form_auth_login
+syn keyword ngxDirectiveThirdParty contained form_auth_pam_service
+syn keyword ngxDirectiveThirdParty contained form_auth_password
+syn keyword ngxDirectiveThirdParty contained form_auth_remote_user
+
+" ngx_http_accounting_module
+" https://github.com/Lax/ngx_http_accounting_module
+syn keyword ngxDirectiveThirdParty contained http_accounting
+syn keyword ngxDirectiveThirdParty contained http_accounting_id
+syn keyword ngxDirectiveThirdParty contained http_accounting_interval
+syn keyword ngxDirectiveThirdParty contained http_accounting_log
+syn keyword ngxDirectiveThirdParty contained http_accounting_perturb
+
+" concatenating files in a given context: CSS and JS files usually
+" https://github.com/alibaba/nginx-http-concat
+syn keyword ngxDirectiveThirdParty contained concat
+syn keyword ngxDirectiveThirdParty contained concat_delimiter
+syn keyword ngxDirectiveThirdParty contained concat_ignore_file_error
+syn keyword ngxDirectiveThirdParty contained concat_max_files
+syn keyword ngxDirectiveThirdParty contained concat_types
+syn keyword ngxDirectiveThirdParty contained concat_unique
-" Postgres Module <http://labs.frickle.com/nginx_ngx_postgres/>
-" Upstream module that allows nginx to communicate directly with PostgreSQL database.
-syn keyword ngxDirectiveThirdParty contained postgres_server
-syn keyword ngxDirectiveThirdParty contained postgres_keepalive
-syn keyword ngxDirectiveThirdParty contained postgres_pass
-syn keyword ngxDirectiveThirdParty contained postgres_query
-syn keyword ngxDirectiveThirdParty contained postgres_rewrite
-syn keyword ngxDirectiveThirdParty contained postgres_output
-syn keyword ngxDirectiveThirdParty contained postgres_set
-syn keyword ngxDirectiveThirdParty contained postgres_escape
-syn keyword ngxDirectiveThirdParty contained postgres_connect_timeout
-syn keyword ngxDirectiveThirdParty contained postgres_result_timeout
+" update upstreams' config by restful interface
+" https://github.com/yzprofile/ngx_http_dyups_module
+syn keyword ngxDirectiveThirdParty contained dyups_interface
+syn keyword ngxDirectiveThirdParty contained dyups_read_msg_log
+syn keyword ngxDirectiveThirdParty contained dyups_read_msg_timeout
+syn keyword ngxDirectiveThirdParty contained dyups_shm_zone_size
+syn keyword ngxDirectiveThirdParty contained dyups_trylock
+syn keyword ngxDirectiveThirdParty contained dyups_upstream_conf
-" Pubcookie Module <https://www.vanko.me/book/page/pubcookie-module-nginx>
-" Authorizes users using encrypted cookies
-syn keyword ngxDirectiveThirdParty contained pubcookie_inactive_expire
-syn keyword ngxDirectiveThirdParty contained pubcookie_hard_expire
-syn keyword ngxDirectiveThirdParty contained pubcookie_app_id
-syn keyword ngxDirectiveThirdParty contained pubcookie_dir_depth
-syn keyword ngxDirectiveThirdParty contained pubcookie_catenate_app_ids
-syn keyword ngxDirectiveThirdParty contained pubcookie_app_srv_id
-syn keyword ngxDirectiveThirdParty contained pubcookie_login
-syn keyword ngxDirectiveThirdParty contained pubcookie_login_method
-syn keyword ngxDirectiveThirdParty contained pubcookie_post
-syn keyword ngxDirectiveThirdParty contained pubcookie_domain
-syn keyword ngxDirectiveThirdParty contained pubcookie_granting_cert_file
-syn keyword ngxDirectiveThirdParty contained pubcookie_session_key_file
-syn keyword ngxDirectiveThirdParty contained pubcookie_session_cert_file
-syn keyword ngxDirectiveThirdParty contained pubcookie_crypt_key_file
-syn keyword ngxDirectiveThirdParty contained pubcookie_end_session
-syn keyword ngxDirectiveThirdParty contained pubcookie_encryption
-syn keyword ngxDirectiveThirdParty contained pubcookie_session_reauth
-syn keyword ngxDirectiveThirdParty contained pubcookie_auth_type_names
-syn keyword ngxDirectiveThirdParty contained pubcookie_no_prompt
-syn keyword ngxDirectiveThirdParty contained pubcookie_on_demand
-syn keyword ngxDirectiveThirdParty contained pubcookie_addl_request
-syn keyword ngxDirectiveThirdParty contained pubcookie_no_obscure_cookies
-syn keyword ngxDirectiveThirdParty contained pubcookie_no_clean_creds
-syn keyword ngxDirectiveThirdParty contained pubcookie_egd_device
-syn keyword ngxDirectiveThirdParty contained pubcookie_no_blank
-syn keyword ngxDirectiveThirdParty contained pubcookie_super_debug
-syn keyword ngxDirectiveThirdParty contained pubcookie_set_remote_user
+" add given content to the end of the response according to the condition specified
+" https://github.com/flygoast/ngx_http_footer_if_filter
+syn keyword ngxDirectiveThirdParty contained footer_if
-" Push Stream Module <https://github.com/wandenberg/nginx-push-stream-module>
-" A pure stream http push technology for your Nginx setup
-syn keyword ngxDirectiveThirdParty contained push_stream_channels_statistics
-syn keyword ngxDirectiveThirdParty contained push_stream_publisher
-syn keyword ngxDirectiveThirdParty contained push_stream_subscriber
-syn keyword ngxDirectiveThirdParty contained push_stream_shared_memory_size
-syn keyword ngxDirectiveThirdParty contained push_stream_channel_deleted_message_text
-syn keyword ngxDirectiveThirdParty contained push_stream_channel_inactivity_time
-syn keyword ngxDirectiveThirdParty contained push_stream_ping_message_text
-syn keyword ngxDirectiveThirdParty contained push_stream_timeout_with_body
-syn keyword ngxDirectiveThirdParty contained push_stream_message_ttl
-syn keyword ngxDirectiveThirdParty contained push_stream_max_subscribers_per_channel
-syn keyword ngxDirectiveThirdParty contained push_stream_max_messages_stored_per_channel
-syn keyword ngxDirectiveThirdParty contained push_stream_max_channel_id_length
-syn keyword ngxDirectiveThirdParty contained push_stream_max_number_of_channels
-syn keyword ngxDirectiveThirdParty contained push_stream_max_number_of_wildcard_channels
-syn keyword ngxDirectiveThirdParty contained push_stream_wildcard_channel_prefix
-syn keyword ngxDirectiveThirdParty contained push_stream_events_channel_id
-syn keyword ngxDirectiveThirdParty contained push_stream_channels_path
-syn keyword ngxDirectiveThirdParty contained push_stream_store_messages
-syn keyword ngxDirectiveThirdParty contained push_stream_channel_info_on_publish
-syn keyword ngxDirectiveThirdParty contained push_stream_authorized_channels_only
-syn keyword ngxDirectiveThirdParty contained push_stream_header_template_file
-syn keyword ngxDirectiveThirdParty contained push_stream_header_template
-syn keyword ngxDirectiveThirdParty contained push_stream_message_template
-syn keyword ngxDirectiveThirdParty contained push_stream_footer_template
-syn keyword ngxDirectiveThirdParty contained push_stream_wildcard_channel_max_qtd
-syn keyword ngxDirectiveThirdParty contained push_stream_ping_message_interval
-syn keyword ngxDirectiveThirdParty contained push_stream_subscriber_connection_ttl
-syn keyword ngxDirectiveThirdParty contained push_stream_longpolling_connection_ttl
-syn keyword ngxDirectiveThirdParty contained push_stream_websocket_allow_publish
-syn keyword ngxDirectiveThirdParty contained push_stream_last_received_message_time
-syn keyword ngxDirectiveThirdParty contained push_stream_last_received_message_tag
-syn keyword ngxDirectiveThirdParty contained push_stream_last_event_id
-syn keyword ngxDirectiveThirdParty contained push_stream_user_agent
-syn keyword ngxDirectiveThirdParty contained push_stream_padding_by_user_agent
-syn keyword ngxDirectiveThirdParty contained push_stream_allowed_origins
-syn keyword ngxDirectiveThirdParty contained push_stream_allow_connections_to_events_channel
+" NGINX HTTP Internal Redirect Module
+" https://github.com/flygoast/ngx_http_internal_redirect
+syn keyword ngxDirectiveThirdParty contained internal_redirect_if
+syn keyword ngxDirectiveThirdParty contained internal_redirect_if_no_postpone
-" rDNS Module <https://github.com/flant/nginx-http-rdns>
-" Make a reverse DNS (rDNS) lookup for incoming connection and provides simple access control of incoming hostname by allow/deny rules
-syn keyword ngxDirectiveThirdParty contained rdns
-syn keyword ngxDirectiveThirdParty contained rdns_allow
-syn keyword ngxDirectiveThirdParty contained rdns_deny
+" nginx-ip-blocker
+" https://github.com/tmthrgd/nginx-ip-blocker
+syn keyword ngxDirectiveThirdParty contained ip_blocker
-" RDS CSV Module <https://github.com/openresty/rds-csv-nginx-module>
-" Nginx output filter module to convert Resty-DBD-Streams (RDS) to Comma-Separated Values (CSV)
-syn keyword ngxDirectiveThirdParty contained rds_csv
-syn keyword ngxDirectiveThirdParty contained rds_csv_row_terminator
-syn keyword ngxDirectiveThirdParty contained rds_csv_field_separator
-syn keyword ngxDirectiveThirdParty contained rds_csv_field_name_header
-syn keyword ngxDirectiveThirdParty contained rds_csv_content_type
-syn keyword ngxDirectiveThirdParty contained rds_csv_buffer_size
+" IP2Location Nginx
+" https://github.com/chrislim2888/ip2location-nginx
+syn keyword ngxDirectiveThirdParty contained ip2location_database
-" RDS JSON Module <https://github.com/openresty/rds-json-nginx-module>
-" An output filter that formats Resty DBD Streams generated by ngx_drizzle and others to JSON
-syn keyword ngxDirectiveThirdParty contained rds_json
-syn keyword ngxDirectiveThirdParty contained rds_json_buffer_size
-syn keyword ngxDirectiveThirdParty contained rds_json_format
-syn keyword ngxDirectiveThirdParty contained rds_json_root
-syn keyword ngxDirectiveThirdParty contained rds_json_success_property
-syn keyword ngxDirectiveThirdParty contained rds_json_user_property
-syn keyword ngxDirectiveThirdParty contained rds_json_errcode_key
-syn keyword ngxDirectiveThirdParty contained rds_json_errstr_key
-syn keyword ngxDirectiveThirdParty contained rds_json_ret
-syn keyword ngxDirectiveThirdParty contained rds_json_content_type
+" Limit upload rate
+" https://github.com/cfsego/limit_upload_rate
+syn keyword ngxDirectiveThirdParty contained limit_upload_rate
+syn keyword ngxDirectiveThirdParty contained limit_upload_rate_after
+syn keyword ngxDirectiveThirdParty contained limit_upload_rate_log_level
-" Redis Module <https://www.nginx.com/resources/wiki/modules/redis/>
-" Use this module to perform simple caching
-syn keyword ngxDirectiveThirdParty contained redis_pass
-syn keyword ngxDirectiveThirdParty contained redis_bind
-syn keyword ngxDirectiveThirdParty contained redis_connect_timeout
-syn keyword ngxDirectiveThirdParty contained redis_read_timeout
-syn keyword ngxDirectiveThirdParty contained redis_send_timeout
-syn keyword ngxDirectiveThirdParty contained redis_buffer_size
-syn keyword ngxDirectiveThirdParty contained redis_next_upstream
-syn keyword ngxDirectiveThirdParty contained redis_gzip_flag
+" limit the number of connections to upstream
+" https://github.com/cfsego/nginx-limit-upstream
+syn keyword ngxDirectiveThirdParty contained limit_upstream_conn
+syn keyword ngxDirectiveThirdParty contained limit_upstream_log_level
+syn keyword ngxDirectiveThirdParty contained limit_upstream_zone
-" Redis 2 Module <https://github.com/openresty/redis2-nginx-module>
-" Nginx upstream module for the Redis 2.0 protocol
-syn keyword ngxDirectiveThirdParty contained redis2_query
-syn keyword ngxDirectiveThirdParty contained redis2_raw_query
-syn keyword ngxDirectiveThirdParty contained redis2_raw_queries
-syn keyword ngxDirectiveThirdParty contained redis2_literal_raw_query
-syn keyword ngxDirectiveThirdParty contained redis2_pass
-syn keyword ngxDirectiveThirdParty contained redis2_connect_timeout
-syn keyword ngxDirectiveThirdParty contained redis2_send_timeout
-syn keyword ngxDirectiveThirdParty contained redis2_read_timeout
-syn keyword ngxDirectiveThirdParty contained redis2_buffer_size
-syn keyword ngxDirectiveThirdParty contained redis2_next_upstream
+" conditional accesslog for nginx
+" https://github.com/cfsego/ngx_log_if
+syn keyword ngxDirectiveThirdParty contained access_log_bypass_if
+
+" log messages over ZeroMQ
+" https://github.com/alticelabs/nginx-log-zmq
+syn keyword ngxDirectiveThirdParty contained log_zmq_endpoint
+syn keyword ngxDirectiveThirdParty contained log_zmq_format
+syn keyword ngxDirectiveThirdParty contained log_zmq_off
+syn keyword ngxDirectiveThirdParty contained log_zmq_server
+
+" simple module to uppercase/lowercase strings in the nginx config
+" https://github.com/replay/ngx_http_lower_upper_case
+syn keyword ngxDirectiveThirdParty contained lower
+syn keyword ngxDirectiveThirdParty contained upper
+
+" content filter for nginx, which returns the md5 hash of the content otherwise returned
+" https://github.com/kainswor/nginx_md5_filter
+syn keyword ngxDirectiveThirdParty contained md5_filter
+
+" Non-blocking upstream module for Nginx to connect to MongoDB
+" https://github.com/simpl/ngx_mongo
+syn keyword ngxDirectiveThirdParty contained mongo_auth
+syn keyword ngxDirectiveThirdParty contained mongo_bind
+syn keyword ngxDirectiveThirdParty contained mongo_buffer_size
+syn keyword ngxDirectiveThirdParty contained mongo_buffering
+syn keyword ngxDirectiveThirdParty contained mongo_buffers
+syn keyword ngxDirectiveThirdParty contained mongo_busy_buffers_size
+syn keyword ngxDirectiveThirdParty contained mongo_connect_timeout
+syn keyword ngxDirectiveThirdParty contained mongo_json
+syn keyword ngxDirectiveThirdParty contained mongo_next_upstream
+syn keyword ngxDirectiveThirdParty contained mongo_pass
+syn keyword ngxDirectiveThirdParty contained mongo_query
+syn keyword ngxDirectiveThirdParty contained mongo_read_timeout
+syn keyword ngxDirectiveThirdParty contained mongo_send_timeout
+
+" Nginx OCSP processing module designed for response caching
+" https://github.com/kyprizel/nginx_ocsp_proxy-module
+syn keyword ngxDirectiveThirdParty contained ocsp_cache_timeout
+syn keyword ngxDirectiveThirdParty contained ocsp_proxy
+
+" Nginx OpenSSL version check at startup
+" https://github.com/apcera/nginx-openssl-version
+syn keyword ngxDirectiveThirdParty contained openssl_builddate_minimum
+syn keyword ngxDirectiveThirdParty contained openssl_version_minimum
+
+" Automatic PageSpeed optimization module for Nginx
+" https://github.com/pagespeed/ngx_pagespeed
+syn keyword ngxDirectiveThirdParty contained pagespeed
+
+" PECL Memcache standard hashing compatible loadbalancer for Nginx
+" https://github.com/replay/ngx_http_php_memcache_standard_balancer
+syn keyword ngxDirectiveThirdParty contained hash_key
+
+" nginx module to parse php sessions
+" https://github.com/replay/ngx_http_php_session
+syn keyword ngxDirectiveThirdParty contained php_session_parse
+syn keyword ngxDirectiveThirdParty contained php_session_strip_formatting
+
+" Nginx HTTP rDNS module
+" https://github.com/flant/nginx-http-rdns
+syn keyword ngxDirectiveThirdParty contained rdns
+syn keyword ngxDirectiveThirdParty contained rdns_allow
+syn keyword ngxDirectiveThirdParty contained rdns_deny
-" Replace Filter Module <https://github.com/openresty/replace-filter-nginx-module>
" Streaming regular expression replacement in response bodies
+" https://github.com/openresty/replace-filter-nginx-module
syn keyword ngxDirectiveThirdParty contained replace_filter
-syn keyword ngxDirectiveThirdParty contained replace_filter_types
-syn keyword ngxDirectiveThirdParty contained replace_filter_max_buffered_size
syn keyword ngxDirectiveThirdParty contained replace_filter_last_modified
+syn keyword ngxDirectiveThirdParty contained replace_filter_max_buffered_size
syn keyword ngxDirectiveThirdParty contained replace_filter_skip
+syn keyword ngxDirectiveThirdParty contained replace_filter_types
-" Roboo Module <https://github.com/yuri-gushin/Roboo>
-" HTTP Robot Mitigator
-
-" RRD Graph Module <https://www.nginx.com/resources/wiki/modules/rrd_graph/>
-" This module provides an HTTP interface to RRDtool's graphing facilities.
+" Link RRDtool's graphing facilities directly into nginx
+" https://github.com/evanmiller/mod_rrd_graph
syn keyword ngxDirectiveThirdParty contained rrd_graph
syn keyword ngxDirectiveThirdParty contained rrd_graph_root
-" RTMP Module <https://github.com/arut/nginx-rtmp-module>
-" NGINX-based Media Streaming Server
-syn keyword ngxDirectiveThirdParty contained rtmp
-" syn keyword ngxDirectiveThirdParty contained server
-" syn keyword ngxDirectiveThirdParty contained listen
-syn keyword ngxDirectiveThirdParty contained application
-" syn keyword ngxDirectiveThirdParty contained timeout
-syn keyword ngxDirectiveThirdParty contained ping
-syn keyword ngxDirectiveThirdParty contained ping_timeout
-syn keyword ngxDirectiveThirdParty contained max_streams
-syn keyword ngxDirectiveThirdParty contained ack_window
-syn keyword ngxDirectiveThirdParty contained chunk_size
-syn keyword ngxDirectiveThirdParty contained max_queue
-syn keyword ngxDirectiveThirdParty contained max_message
-syn keyword ngxDirectiveThirdParty contained out_queue
-syn keyword ngxDirectiveThirdParty contained out_cork
-" syn keyword ngxDirectiveThirdParty contained allow
-" syn keyword ngxDirectiveThirdParty contained deny
-syn keyword ngxDirectiveThirdParty contained exec_push
-syn keyword ngxDirectiveThirdParty contained exec_pull
-syn keyword ngxDirectiveThirdParty contained exec
-syn keyword ngxDirectiveThirdParty contained exec_options
-syn keyword ngxDirectiveThirdParty contained exec_static
-syn keyword ngxDirectiveThirdParty contained exec_kill_signal
-syn keyword ngxDirectiveThirdParty contained respawn
-syn keyword ngxDirectiveThirdParty contained respawn_timeout
-syn keyword ngxDirectiveThirdParty contained exec_publish
-syn keyword ngxDirectiveThirdParty contained exec_play
-syn keyword ngxDirectiveThirdParty contained exec_play_done
-syn keyword ngxDirectiveThirdParty contained exec_publish_done
-syn keyword ngxDirectiveThirdParty contained exec_record_done
-syn keyword ngxDirectiveThirdParty contained live
-syn keyword ngxDirectiveThirdParty contained meta
-syn keyword ngxDirectiveThirdParty contained interleave
-syn keyword ngxDirectiveThirdParty contained wait_key
-syn keyword ngxDirectiveThirdParty contained wait_video
-syn keyword ngxDirectiveThirdParty contained publish_notify
-syn keyword ngxDirectiveThirdParty contained drop_idle_publisher
-syn keyword ngxDirectiveThirdParty contained sync
-syn keyword ngxDirectiveThirdParty contained play_restart
-syn keyword ngxDirectiveThirdParty contained idle_streams
-syn keyword ngxDirectiveThirdParty contained record
-syn keyword ngxDirectiveThirdParty contained record_path
-syn keyword ngxDirectiveThirdParty contained record_suffix
-syn keyword ngxDirectiveThirdParty contained record_unique
-syn keyword ngxDirectiveThirdParty contained record_append
-syn keyword ngxDirectiveThirdParty contained record_lock
-syn keyword ngxDirectiveThirdParty contained record_max_size
-syn keyword ngxDirectiveThirdParty contained record_max_frames
-syn keyword ngxDirectiveThirdParty contained record_interval
-syn keyword ngxDirectiveThirdParty contained recorder
-syn keyword ngxDirectiveThirdParty contained record_notify
-syn keyword ngxDirectiveThirdParty contained play
-syn keyword ngxDirectiveThirdParty contained play_temp_path
-syn keyword ngxDirectiveThirdParty contained play_local_path
-syn keyword ngxDirectiveThirdParty contained pull
-syn keyword ngxDirectiveThirdParty contained push
-syn keyword ngxDirectiveThirdParty contained push_reconnect
-syn keyword ngxDirectiveThirdParty contained session_relay
-syn keyword ngxDirectiveThirdParty contained on_connect
-syn keyword ngxDirectiveThirdParty contained on_play
-syn keyword ngxDirectiveThirdParty contained on_publish
-syn keyword ngxDirectiveThirdParty contained on_done
-syn keyword ngxDirectiveThirdParty contained on_play_done
-syn keyword ngxDirectiveThirdParty contained on_publish_done
-syn keyword ngxDirectiveThirdParty contained on_record_done
-syn keyword ngxDirectiveThirdParty contained on_update
-syn keyword ngxDirectiveThirdParty contained notify_update_timeout
-syn keyword ngxDirectiveThirdParty contained notify_update_strict
-syn keyword ngxDirectiveThirdParty contained notify_relay_redirect
-syn keyword ngxDirectiveThirdParty contained notify_method
-syn keyword ngxDirectiveThirdParty contained hls
-syn keyword ngxDirectiveThirdParty contained hls_path
-syn keyword ngxDirectiveThirdParty contained hls_fragment
-syn keyword ngxDirectiveThirdParty contained hls_playlist_length
-syn keyword ngxDirectiveThirdParty contained hls_sync
-syn keyword ngxDirectiveThirdParty contained hls_continuous
-syn keyword ngxDirectiveThirdParty contained hls_nested
-syn keyword ngxDirectiveThirdParty contained hls_base_url
-syn keyword ngxDirectiveThirdParty contained hls_cleanup
-syn keyword ngxDirectiveThirdParty contained hls_fragment_naming
-syn keyword ngxDirectiveThirdParty contained hls_fragment_slicing
-syn keyword ngxDirectiveThirdParty contained hls_variant
-syn keyword ngxDirectiveThirdParty contained hls_type
-syn keyword ngxDirectiveThirdParty contained hls_keys
-syn keyword ngxDirectiveThirdParty contained hls_key_path
-syn keyword ngxDirectiveThirdParty contained hls_key_url
-syn keyword ngxDirectiveThirdParty contained hls_fragments_per_key
-syn keyword ngxDirectiveThirdParty contained dash
-syn keyword ngxDirectiveThirdParty contained dash_path
-syn keyword ngxDirectiveThirdParty contained dash_fragment
-syn keyword ngxDirectiveThirdParty contained dash_playlist_length
-syn keyword ngxDirectiveThirdParty contained dash_nested
-syn keyword ngxDirectiveThirdParty contained dash_cleanup
-" syn keyword ngxDirectiveThirdParty contained access_log
-" syn keyword ngxDirectiveThirdParty contained log_format
-syn keyword ngxDirectiveThirdParty contained max_connections
-syn keyword ngxDirectiveThirdParty contained rtmp_stat
-syn keyword ngxDirectiveThirdParty contained rtmp_stat_stylesheet
-syn keyword ngxDirectiveThirdParty contained rtmp_auto_push
-syn keyword ngxDirectiveThirdParty contained rtmp_auto_push_reconnect
-syn keyword ngxDirectiveThirdParty contained rtmp_socket_dir
-syn keyword ngxDirectiveThirdParty contained rtmp_control
-
-" RTMPT Module <https://github.com/kwojtek/nginx-rtmpt-proxy-module>
" Module for nginx to proxy rtmp using http protocol
-syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_target
-syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_rtmp_timeout
-syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_http_timeout
+" https://github.com/kwojtek/nginx-rtmpt-proxy-module
syn keyword ngxDirectiveThirdParty contained rtmpt_proxy
+syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_http_timeout
+syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_rtmp_timeout
syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_stat
syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_stylesheet
+syn keyword ngxDirectiveThirdParty contained rtmpt_proxy_target
-" Syntactically Awesome Module <https://github.com/mneudert/sass-nginx-module>
-" Providing on-the-fly compiling of Sass files as an NGINX module.
+" Syntactically Awesome NGINX Module
+" https://github.com/mneudert/sass-nginx-module
syn keyword ngxDirectiveThirdParty contained sass_compile
syn keyword ngxDirectiveThirdParty contained sass_error_log
syn keyword ngxDirectiveThirdParty contained sass_include_path
syn keyword ngxDirectiveThirdParty contained sass_indent
syn keyword ngxDirectiveThirdParty contained sass_is_indented_syntax
syn keyword ngxDirectiveThirdParty contained sass_linefeed
-syn keyword ngxDirectiveThirdParty contained sass_precision
syn keyword ngxDirectiveThirdParty contained sass_output_style
+syn keyword ngxDirectiveThirdParty contained sass_precision
syn keyword ngxDirectiveThirdParty contained sass_source_comments
syn keyword ngxDirectiveThirdParty contained sass_source_map_embed
-" Secure Download Module <https://www.nginx.com/resources/wiki/modules/secure_download/>
-" Enables you to create links which are only valid until a certain datetime is reached
-syn keyword ngxDirectiveThirdParty contained secure_download
-syn keyword ngxDirectiveThirdParty contained secure_download_secret
-syn keyword ngxDirectiveThirdParty contained secure_download_path_mode
-
-" Selective Cache Purge Module <https://github.com/wandenberg/nginx-selective-cache-purge-module>
-" A module to purge cache by GLOB patterns. The supported patterns are the same as supported by Redis.
-syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_unix_socket
+" Nginx Selective Cache Purge Module
+" https://github.com/wandenberg/nginx-selective-cache-purge-module
+syn keyword ngxDirectiveThirdParty contained selective_cache_purge_query
+syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_database
syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_host
+syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_password
syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_port
-syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_database
-syn keyword ngxDirectiveThirdParty contained selective_cache_purge_query
+syn keyword ngxDirectiveThirdParty contained selective_cache_purge_redis_unix_socket
-" Set cconv Module <https://github.com/liseen/set-cconv-nginx-module>
-" Cconv rewrite set commands
+" cconv nginx module
+" https://github.com/liseen/set-cconv-nginx-module
syn keyword ngxDirectiveThirdParty contained set_cconv_to_simp
syn keyword ngxDirectiveThirdParty contained set_cconv_to_trad
syn keyword ngxDirectiveThirdParty contained set_pinyin_to_normal
-" Set Hash Module <https://github.com/simpl/ngx_http_set_hash>
" Nginx module that allows the setting of variables to the value of a variety of hashes
+" https://github.com/simpl/ngx_http_set_hash
syn keyword ngxDirectiveThirdParty contained set_md5
syn keyword ngxDirectiveThirdParty contained set_md5_upper
syn keyword ngxDirectiveThirdParty contained set_murmur2
@@ -1732,421 +2076,169 @@
syn keyword ngxDirectiveThirdParty contained set_sha1
syn keyword ngxDirectiveThirdParty contained set_sha1_upper
-" Set Lang Module <https://github.com/simpl/ngx_http_set_lang>
-" Provides a variety of ways for setting a variable denoting the langauge that content should be returned in.
-syn keyword ngxDirectiveThirdParty contained set_lang
-syn keyword ngxDirectiveThirdParty contained set_lang_method
+" Nginx module to set the language of a request based on a number of options
+" https://github.com/simpl/ngx_http_set_lang
syn keyword ngxDirectiveThirdParty contained lang_cookie
syn keyword ngxDirectiveThirdParty contained lang_get_var
+syn keyword ngxDirectiveThirdParty contained lang_host
syn keyword ngxDirectiveThirdParty contained lang_list
syn keyword ngxDirectiveThirdParty contained lang_post_var
-syn keyword ngxDirectiveThirdParty contained lang_host
syn keyword ngxDirectiveThirdParty contained lang_referer
+syn keyword ngxDirectiveThirdParty contained set_lang
+syn keyword ngxDirectiveThirdParty contained set_lang_method
-" Set Misc Module <https://github.com/openresty/set-misc-nginx-module>
-" Various set_xxx directives added to nginx's rewrite module
-syn keyword ngxDirectiveThirdParty contained set_if_empty
-syn keyword ngxDirectiveThirdParty contained set_quote_sql_str
-syn keyword ngxDirectiveThirdParty contained set_quote_pgsql_str
-syn keyword ngxDirectiveThirdParty contained set_quote_json_str
-syn keyword ngxDirectiveThirdParty contained set_unescape_uri
-syn keyword ngxDirectiveThirdParty contained set_escape_uri
-syn keyword ngxDirectiveThirdParty contained set_hashed_upstream
-syn keyword ngxDirectiveThirdParty contained set_encode_base32
-syn keyword ngxDirectiveThirdParty contained set_base32_padding
-syn keyword ngxDirectiveThirdParty contained set_misc_base32_padding
-syn keyword ngxDirectiveThirdParty contained set_base32_alphabet
-syn keyword ngxDirectiveThirdParty contained set_decode_base32
-syn keyword ngxDirectiveThirdParty contained set_encode_base64
-syn keyword ngxDirectiveThirdParty contained set_decode_base64
-syn keyword ngxDirectiveThirdParty contained set_encode_hex
-syn keyword ngxDirectiveThirdParty contained set_decode_hex
-syn keyword ngxDirectiveThirdParty contained set_sha1
-syn keyword ngxDirectiveThirdParty contained set_md5
-syn keyword ngxDirectiveThirdParty contained set_hmac_sha1
-syn keyword ngxDirectiveThirdParty contained set_random
-syn keyword ngxDirectiveThirdParty contained set_secure_random_alphanum
-syn keyword ngxDirectiveThirdParty contained set_secure_random_lcalpha
-syn keyword ngxDirectiveThirdParty contained set_rotate
-syn keyword ngxDirectiveThirdParty contained set_local_today
-syn keyword ngxDirectiveThirdParty contained set_formatted_gmt_time
-syn keyword ngxDirectiveThirdParty contained set_formatted_local_time
-
-" SFlow Module <https://github.com/sflow/nginx-sflow-module>
-" A binary, random-sampling nginx module designed for: lightweight, centralized, continuous, real-time monitoring of very large and very busy web farms.
-syn keyword ngxDirectiveThirdParty contained sflow
-
-" Shibboleth Module <https://github.com/nginx-shib/nginx-http-shibboleth>
-" Shibboleth auth request module for nginx
-syn keyword ngxDirectiveThirdParty contained shib_request
-syn keyword ngxDirectiveThirdParty contained shib_request_set
-syn keyword ngxDirectiveThirdParty contained shib_request_use_headers
-
-" Slice Module <https://github.com/alibaba/nginx-http-slice>
-" Nginx module for serving a file in slices (reverse byte-range)
-" syn keyword ngxDirectiveThirdParty contained slice
-syn keyword ngxDirectiveThirdParty contained slice_arg_begin
-syn keyword ngxDirectiveThirdParty contained slice_arg_end
-syn keyword ngxDirectiveThirdParty contained slice_header
-syn keyword ngxDirectiveThirdParty contained slice_footer
-syn keyword ngxDirectiveThirdParty contained slice_header_first
-syn keyword ngxDirectiveThirdParty contained slice_footer_last
-
-" SlowFS Cache Module <https://github.com/FRiCKLE/ngx_slowfs_cache/>
-" Module adding ability to cache static files.
-syn keyword ngxDirectiveThirdParty contained slowfs_big_file_size
-syn keyword ngxDirectiveThirdParty contained slowfs_cache
-syn keyword ngxDirectiveThirdParty contained slowfs_cache_key
-syn keyword ngxDirectiveThirdParty contained slowfs_cache_min_uses
-syn keyword ngxDirectiveThirdParty contained slowfs_cache_path
-syn keyword ngxDirectiveThirdParty contained slowfs_cache_purge
-syn keyword ngxDirectiveThirdParty contained slowfs_cache_valid
-syn keyword ngxDirectiveThirdParty contained slowfs_temp_path
-
-" Small Light Module <https://github.com/cubicdaiya/ngx_small_light>
-" Dynamic Image Transformation Module For nginx.
-syn keyword ngxDirectiveThirdParty contained small_light
-syn keyword ngxDirectiveThirdParty contained small_light_getparam_mode
-syn keyword ngxDirectiveThirdParty contained small_light_material_dir
-syn keyword ngxDirectiveThirdParty contained small_light_pattern_define
-syn keyword ngxDirectiveThirdParty contained small_light_radius_max
-syn keyword ngxDirectiveThirdParty contained small_light_sigma_max
-syn keyword ngxDirectiveThirdParty contained small_light_imlib2_temp_dir
-syn keyword ngxDirectiveThirdParty contained small_light_buffer
-
-" Sorted Querystring Filter Module <https://github.com/wandenberg/nginx-sorted-querystring-module>
-" Nginx module to expose querystring parameters sorted in a variable to be used on cache_key as example
-syn keyword ngxDirectiveThirdParty contained sorted_querystring_filter_parameter
+" Nginx Sorted Querystring Module
+" https://github.com/wandenberg/nginx-sorted-querystring-module
+syn keyword ngxDirectiveThirdParty contained sorted_querysting_filter_parameter
-" Sphinx2 Module <https://github.com/reeteshranjan/sphinx2-nginx-module>
-" Nginx upstream module for Sphinx 2.x
-syn keyword ngxDirectiveThirdParty contained sphinx2_pass
+" Nginx upstream module for Sphinx 2.x search daemon
+" https://github.com/reeteshranjan/sphinx2-nginx-module
syn keyword ngxDirectiveThirdParty contained sphinx2_bind
-syn keyword ngxDirectiveThirdParty contained sphinx2_connect_timeout
-syn keyword ngxDirectiveThirdParty contained sphinx2_send_timeout
syn keyword ngxDirectiveThirdParty contained sphinx2_buffer_size
-syn keyword ngxDirectiveThirdParty contained sphinx2_read_timeout
+syn keyword ngxDirectiveThirdParty contained sphinx2_connect_timeout
syn keyword ngxDirectiveThirdParty contained sphinx2_next_upstream
+syn keyword ngxDirectiveThirdParty contained sphinx2_pass
+syn keyword ngxDirectiveThirdParty contained sphinx2_read_timeout
+syn keyword ngxDirectiveThirdParty contained sphinx2_send_timeout
-" HTTP SPNEGO auth Module <https://github.com/stnoonan/spnego-http-auth-nginx-module>
-" This module implements adds SPNEGO support to nginx(http://nginx.org). It currently supports only Kerberos authentication via GSSAPI
-syn keyword ngxDirectiveThirdParty contained auth_gss
-syn keyword ngxDirectiveThirdParty contained auth_gss_keytab
-syn keyword ngxDirectiveThirdParty contained auth_gss_realm
-syn keyword ngxDirectiveThirdParty contained auth_gss_service_name
-syn keyword ngxDirectiveThirdParty contained auth_gss_authorized_principal
-syn keyword ngxDirectiveThirdParty contained auth_gss_allow_basic_fallback
-
-" SR Cache Module <https://github.com/openresty/srcache-nginx-module>
-" Transparent subrequest-based caching layout for arbitrary nginx locations
-syn keyword ngxDirectiveThirdParty contained srcache_fetch
-syn keyword ngxDirectiveThirdParty contained srcache_fetch_skip
-syn keyword ngxDirectiveThirdParty contained srcache_store
-syn keyword ngxDirectiveThirdParty contained srcache_store_max_size
-syn keyword ngxDirectiveThirdParty contained srcache_store_skip
-syn keyword ngxDirectiveThirdParty contained srcache_store_statuses
-syn keyword ngxDirectiveThirdParty contained srcache_store_ranges
-syn keyword ngxDirectiveThirdParty contained srcache_header_buffer_size
-syn keyword ngxDirectiveThirdParty contained srcache_store_hide_header
-syn keyword ngxDirectiveThirdParty contained srcache_store_pass_header
-syn keyword ngxDirectiveThirdParty contained srcache_methods
-syn keyword ngxDirectiveThirdParty contained srcache_ignore_content_encoding
-syn keyword ngxDirectiveThirdParty contained srcache_request_cache_control
-syn keyword ngxDirectiveThirdParty contained srcache_response_cache_control
-syn keyword ngxDirectiveThirdParty contained srcache_store_no_store
-syn keyword ngxDirectiveThirdParty contained srcache_store_no_cache
-syn keyword ngxDirectiveThirdParty contained srcache_store_private
-syn keyword ngxDirectiveThirdParty contained srcache_default_expire
-syn keyword ngxDirectiveThirdParty contained srcache_max_expire
-
-" SSSD Info Module <https://github.com/veruu/ngx_sssd_info>
-" Retrives additional attributes from SSSD for current authentizated user
+" Nginx module for retrieving user attributes and groups from SSSD
+" https://github.com/veruu/ngx_sssd_info
syn keyword ngxDirectiveThirdParty contained sssd_info
-syn keyword ngxDirectiveThirdParty contained sssd_info_output_to
-syn keyword ngxDirectiveThirdParty contained sssd_info_groups
-syn keyword ngxDirectiveThirdParty contained sssd_info_group
-syn keyword ngxDirectiveThirdParty contained sssd_info_group_separator
-syn keyword ngxDirectiveThirdParty contained sssd_info_attributes
syn keyword ngxDirectiveThirdParty contained sssd_info_attribute
syn keyword ngxDirectiveThirdParty contained sssd_info_attribute_separator
+syn keyword ngxDirectiveThirdParty contained sssd_info_attributes
+syn keyword ngxDirectiveThirdParty contained sssd_info_group
+syn keyword ngxDirectiveThirdParty contained sssd_info_group_separator
+syn keyword ngxDirectiveThirdParty contained sssd_info_groups
+syn keyword ngxDirectiveThirdParty contained sssd_info_output_to
-" Static Etags Module <https://github.com/mikewest/nginx-static-etags>
-" Generate etags for static content
-syn keyword ngxDirectiveThirdParty contained FileETag
-
-" Statsd Module <https://github.com/zebrafishlabs/nginx-statsd>
" An nginx module for sending statistics to statsd
-syn keyword ngxDirectiveThirdParty contained statsd_server
-syn keyword ngxDirectiveThirdParty contained statsd_sample_rate
+" https://github.com/zebrafishlabs/nginx-statsd
syn keyword ngxDirectiveThirdParty contained statsd_count
+syn keyword ngxDirectiveThirdParty contained statsd_sample_rate
+syn keyword ngxDirectiveThirdParty contained statsd_server
syn keyword ngxDirectiveThirdParty contained statsd_timing
-" Sticky Module <https://bitbucket.org/nginx-goodies/nginx-sticky-module-ng>
-" Add a sticky cookie to be always forwarded to the same upstream server
-" syn keyword ngxDirectiveThirdParty contained sticky
-
-" Stream Echo Module <https://github.com/openresty/stream-echo-nginx-module>
-" TCP/stream echo module for NGINX (a port of ngx_http_echo_module)
+" ngx_stream_echo - TCP/stream echo module for NGINX (a port of the ngx_http_echo module)
+" https://github.com/openresty/stream-echo-nginx-module
syn keyword ngxDirectiveThirdParty contained echo
+syn keyword ngxDirectiveThirdParty contained echo_client_error_log_level
+syn keyword ngxDirectiveThirdParty contained echo_discard_request
syn keyword ngxDirectiveThirdParty contained echo_duplicate
syn keyword ngxDirectiveThirdParty contained echo_flush_wait
-syn keyword ngxDirectiveThirdParty contained echo_sleep
-syn keyword ngxDirectiveThirdParty contained echo_send_timeout
-syn keyword ngxDirectiveThirdParty contained echo_read_bytes
-syn keyword ngxDirectiveThirdParty contained echo_read_line
-syn keyword ngxDirectiveThirdParty contained echo_request_data
-syn keyword ngxDirectiveThirdParty contained echo_discard_request
-syn keyword ngxDirectiveThirdParty contained echo_read_buffer_size
-syn keyword ngxDirectiveThirdParty contained echo_read_timeout
-syn keyword ngxDirectiveThirdParty contained echo_client_error_log_level
syn keyword ngxDirectiveThirdParty contained echo_lingering_close
syn keyword ngxDirectiveThirdParty contained echo_lingering_time
syn keyword ngxDirectiveThirdParty contained echo_lingering_timeout
+syn keyword ngxDirectiveThirdParty contained echo_read_buffer_size
+syn keyword ngxDirectiveThirdParty contained echo_read_bytes
+syn keyword ngxDirectiveThirdParty contained echo_read_line
+syn keyword ngxDirectiveThirdParty contained echo_read_timeout
+syn keyword ngxDirectiveThirdParty contained echo_request_data
+syn keyword ngxDirectiveThirdParty contained echo_send_timeout
+syn keyword ngxDirectiveThirdParty contained echo_sleep
-" Stream Lua Module <https://github.com/openresty/stream-lua-nginx-module>
-" Embed the power of Lua into Nginx stream/TCP Servers.
-syn keyword ngxDirectiveThirdParty contained lua_resolver
-syn keyword ngxDirectiveThirdParty contained lua_resolver_timeout
-syn keyword ngxDirectiveThirdParty contained lua_lingering_close
-syn keyword ngxDirectiveThirdParty contained lua_lingering_time
-syn keyword ngxDirectiveThirdParty contained lua_lingering_timeout
+" Embed the power of Lua into NGINX TCP/UDP servers
+" https://github.com/openresty/stream-lua-nginx-module
+syn keyword ngxDirectiveThirdParty contained lua_add_variable
+syn keyword ngxDirectiveThirdParty contained preread_by_lua_block
+syn keyword ngxDirectiveThirdParty contained preread_by_lua_file
+syn keyword ngxDirectiveThirdParty contained preread_by_lua_no_postpone
-" Stream Upsync Module <https://github.com/xiaokai-wang/nginx-stream-upsync-module>
-" Sync upstreams from consul or others, dynamiclly modify backend-servers attribute(weight, max_fails,...), needn't reload nginx.
+" nginx-upsync-module
+" https://github.com/weibocom/nginx-upsync-module
+syn keyword ngxDirectiveThirdParty contained upstream_show
syn keyword ngxDirectiveThirdParty contained upsync
syn keyword ngxDirectiveThirdParty contained upsync_dump_path
syn keyword ngxDirectiveThirdParty contained upsync_lb
-syn keyword ngxDirectiveThirdParty contained upsync_show
-" Strip Module <https://github.com/evanmiller/mod_strip>
-" Whitespace remover.
+" Whitespace stripper for nginx
+" https://github.com/evanmiller/mod_strip
syn keyword ngxDirectiveThirdParty contained strip
-" Subrange Module <https://github.com/Qihoo360/ngx_http_subrange_module>
" Split one big HTTP/Range request to multiple subrange requesets
+" https://github.com/Qihoo360/ngx_http_subrange_module
syn keyword ngxDirectiveThirdParty contained subrange
-" Substitutions Module <https://www.nginx.com/resources/wiki/modules/substitutions/>
-" A filter module which can do both regular expression and fixed string substitutions on response bodies.
-syn keyword ngxDirectiveThirdParty contained subs_filter
-syn keyword ngxDirectiveThirdParty contained subs_filter_types
+" summarizer-nginx-module
+" https://github.com/reeteshranjan/summarizer-nginx-module
+syn keyword ngxDirectiveThirdParty contained summarizer_bind
+syn keyword ngxDirectiveThirdParty contained summarizer_buffer_size
+syn keyword ngxDirectiveThirdParty contained summarizer_connect_timeout
+syn keyword ngxDirectiveThirdParty contained summarizer_next_upstream
+syn keyword ngxDirectiveThirdParty contained summarizer_pass
+syn keyword ngxDirectiveThirdParty contained summarizer_read_timeout
+syn keyword ngxDirectiveThirdParty contained summarizer_send_timeout
-" Summarizer Module <https://github.com/reeteshranjan/summarizer-nginx-module>
-" Upstream nginx module to get summaries of documents using the summarizer daemon service
-syn keyword ngxDirectiveThirdParty contained smrzr_filename
-syn keyword ngxDirectiveThirdParty contained smrzr_ratio
-
-" Supervisord Module <https://github.com/FRiCKLE/ngx_supervisord/>
-" Module providing nginx with API to communicate with supervisord and manage (start/stop) backends on-demand.
+" nginx module providing API to communicate with supervisord and manage (start/stop) backends on-demand
+" https://github.com/FRiCKLE/ngx_supervisord
syn keyword ngxDirectiveThirdParty contained supervisord
syn keyword ngxDirectiveThirdParty contained supervisord_inherit_backend_status
syn keyword ngxDirectiveThirdParty contained supervisord_name
syn keyword ngxDirectiveThirdParty contained supervisord_start
syn keyword ngxDirectiveThirdParty contained supervisord_stop
-" Tarantool Upstream Module <https://github.com/tarantool/nginx_upstream_module>
-" Tarantool NginX upstream module (REST, JSON API, websockets, load balancing)
-syn keyword ngxDirectiveThirdParty contained tnt_pass
-syn keyword ngxDirectiveThirdParty contained tnt_http_methods
-syn keyword ngxDirectiveThirdParty contained tnt_http_rest_methods
-syn keyword ngxDirectiveThirdParty contained tnt_pass_http_request
-syn keyword ngxDirectiveThirdParty contained tnt_pass_http_request_buffer_size
-syn keyword ngxDirectiveThirdParty contained tnt_method
-syn keyword ngxDirectiveThirdParty contained tnt_http_allowed_methods - experemental
-syn keyword ngxDirectiveThirdParty contained tnt_send_timeout
-syn keyword ngxDirectiveThirdParty contained tnt_read_timeout
-syn keyword ngxDirectiveThirdParty contained tnt_buffer_size
-syn keyword ngxDirectiveThirdParty contained tnt_next_upstream
-syn keyword ngxDirectiveThirdParty contained tnt_connect_timeout
-syn keyword ngxDirectiveThirdParty contained tnt_next_upstream
-syn keyword ngxDirectiveThirdParty contained tnt_next_upstream_tries
-syn keyword ngxDirectiveThirdParty contained tnt_next_upstream_timeout
-
-" TCP Proxy Module <http://yaoweibin.github.io/nginx_tcp_proxy_module/>
-" Add the feature of tcp proxy with nginx, with health check and status monitor
-syn keyword ngxDirectiveBlock contained tcp
-" syn keyword ngxDirectiveThirdParty contained server
-" syn keyword ngxDirectiveThirdParty contained listen
-" syn keyword ngxDirectiveThirdParty contained allow
-" syn keyword ngxDirectiveThirdParty contained deny
-" syn keyword ngxDirectiveThirdParty contained so_keepalive
-" syn keyword ngxDirectiveThirdParty contained tcp_nodelay
-" syn keyword ngxDirectiveThirdParty contained timeout
-" syn keyword ngxDirectiveThirdParty contained server_name
-" syn keyword ngxDirectiveThirdParty contained resolver
-" syn keyword ngxDirectiveThirdParty contained resolver_timeout
-" syn keyword ngxDirectiveThirdParty contained upstream
-syn keyword ngxDirectiveThirdParty contained check
-syn keyword ngxDirectiveThirdParty contained check_http_send
-syn keyword ngxDirectiveThirdParty contained check_http_expect_alive
-syn keyword ngxDirectiveThirdParty contained check_smtp_send
-syn keyword ngxDirectiveThirdParty contained check_smtp_expect_alive
-syn keyword ngxDirectiveThirdParty contained check_shm_size
-syn keyword ngxDirectiveThirdParty contained check_status
-" syn keyword ngxDirectiveThirdParty contained ip_hash
-" syn keyword ngxDirectiveThirdParty contained proxy_pass
-" syn keyword ngxDirectiveThirdParty contained proxy_buffer
-" syn keyword ngxDirectiveThirdParty contained proxy_connect_timeout
-" syn keyword ngxDirectiveThirdParty contained proxy_read_timeout
-syn keyword ngxDirectiveThirdParty contained proxy_write_timeout
-
-" Testcookie Module <https://github.com/kyprizel/testcookie-nginx-module>
-" NGINX module for L7 DDoS attack mitigation
+" simple robot mitigation module using cookie based challenge/response technique. Not supported any more.
+" https://github.com/kyprizel/testcookie-nginx-module
syn keyword ngxDirectiveThirdParty contained testcookie
-syn keyword ngxDirectiveThirdParty contained testcookie_name
+syn keyword ngxDirectiveThirdParty contained testcookie_arg
+syn keyword ngxDirectiveThirdParty contained testcookie_deny_keepalive
syn keyword ngxDirectiveThirdParty contained testcookie_domain
syn keyword ngxDirectiveThirdParty contained testcookie_expires
-syn keyword ngxDirectiveThirdParty contained testcookie_path
-syn keyword ngxDirectiveThirdParty contained testcookie_secret
-syn keyword ngxDirectiveThirdParty contained testcookie_session
-syn keyword ngxDirectiveThirdParty contained testcookie_arg
+syn keyword ngxDirectiveThirdParty contained testcookie_fallback
+syn keyword ngxDirectiveThirdParty contained testcookie_get_only
+syn keyword ngxDirectiveThirdParty contained testcookie_httponly_flag
+syn keyword ngxDirectiveThirdParty contained testcookie_https_location
+syn keyword ngxDirectiveThirdParty contained testcookie_internal
syn keyword ngxDirectiveThirdParty contained testcookie_max_attempts
+syn keyword ngxDirectiveThirdParty contained testcookie_name
syn keyword ngxDirectiveThirdParty contained testcookie_p3p
-syn keyword ngxDirectiveThirdParty contained testcookie_fallback
-syn keyword ngxDirectiveThirdParty contained testcookie_whitelist
syn keyword ngxDirectiveThirdParty contained testcookie_pass
+syn keyword ngxDirectiveThirdParty contained testcookie_path
+syn keyword ngxDirectiveThirdParty contained testcookie_port_in_redirect
syn keyword ngxDirectiveThirdParty contained testcookie_redirect_via_refresh
-syn keyword ngxDirectiveThirdParty contained testcookie_refresh_template
-syn keyword ngxDirectiveThirdParty contained testcookie_refresh_status
-syn keyword ngxDirectiveThirdParty contained testcookie_deny_keepalive
-syn keyword ngxDirectiveThirdParty contained testcookie_get_only
-syn keyword ngxDirectiveThirdParty contained testcookie_https_location
syn keyword ngxDirectiveThirdParty contained testcookie_refresh_encrypt_cookie
+syn keyword ngxDirectiveThirdParty contained testcookie_refresh_encrypt_cookie_iv
syn keyword ngxDirectiveThirdParty contained testcookie_refresh_encrypt_cookie_key
-syn keyword ngxDirectiveThirdParty contained testcookie_refresh_encrypt_iv
-syn keyword ngxDirectiveThirdParty contained testcookie_internal
-syn keyword ngxDirectiveThirdParty contained testcookie_httponly_flag
+syn keyword ngxDirectiveThirdParty contained testcookie_refresh_status
+syn keyword ngxDirectiveThirdParty contained testcookie_refresh_template
+syn keyword ngxDirectiveThirdParty contained testcookie_secret
syn keyword ngxDirectiveThirdParty contained testcookie_secure_flag
+syn keyword ngxDirectiveThirdParty contained testcookie_session
+syn keyword ngxDirectiveThirdParty contained testcookie_whitelist
-" Types Filter Module <https://github.com/flygoast/ngx_http_types_filter>
-" Change the `Content-Type` output header depending on an extension variable according to a condition specified in the 'if' clause.
+" ngx_http_types_filter_module
+" https://github.com/flygoast/ngx_http_types_filter
syn keyword ngxDirectiveThirdParty contained types_filter
syn keyword ngxDirectiveThirdParty contained types_filter_use_default
-" Unzip Module <https://github.com/youzee/nginx-unzip-module>
-" Enabling fetching of files that are stored in zipped archives.
+" A module allowing the nginx to use files embedded in a zip file
+" https://github.com/youzee/nginx-unzip-module
+syn keyword ngxDirectiveThirdParty contained file_in_unzip
syn keyword ngxDirectiveThirdParty contained file_in_unzip_archivefile
syn keyword ngxDirectiveThirdParty contained file_in_unzip_extract
-syn keyword ngxDirectiveThirdParty contained file_in_unzip
-
-" Upload Progress Module <https://www.nginx.com/resources/wiki/modules/upload_progress/>
-" An upload progress system, that monitors RFC1867 POST upload as they are transmitted to upstream servers
-syn keyword ngxDirectiveThirdParty contained upload_progress
-syn keyword ngxDirectiveThirdParty contained track_uploads
-syn keyword ngxDirectiveThirdParty contained report_uploads
-syn keyword ngxDirectiveThirdParty contained upload_progress_content_type
-syn keyword ngxDirectiveThirdParty contained upload_progress_header
-syn keyword ngxDirectiveThirdParty contained upload_progress_jsonp_parameter
-syn keyword ngxDirectiveThirdParty contained upload_progress_json_output
-syn keyword ngxDirectiveThirdParty contained upload_progress_jsonp_output
-syn keyword ngxDirectiveThirdParty contained upload_progress_template
-" Upload Module <https://www.nginx.com/resources/wiki/modules/upload/>
-" Parses request body storing all files being uploaded to a directory specified by upload_store directive
-syn keyword ngxDirectiveThirdParty contained upload_pass
-syn keyword ngxDirectiveThirdParty contained upload_resumable
-syn keyword ngxDirectiveThirdParty contained upload_store
-syn keyword ngxDirectiveThirdParty contained upload_state_store
-syn keyword ngxDirectiveThirdParty contained upload_store_access
-syn keyword ngxDirectiveThirdParty contained upload_set_form_field
-syn keyword ngxDirectiveThirdParty contained upload_aggregate_form_field
-syn keyword ngxDirectiveThirdParty contained upload_pass_form_field
-syn keyword ngxDirectiveThirdParty contained upload_cleanup
-syn keyword ngxDirectiveThirdParty contained upload_buffer_size
-syn keyword ngxDirectiveThirdParty contained upload_max_part_header_len
-syn keyword ngxDirectiveThirdParty contained upload_max_file_size
-syn keyword ngxDirectiveThirdParty contained upload_limit_rate
-syn keyword ngxDirectiveThirdParty contained upload_max_output_body_len
-syn keyword ngxDirectiveThirdParty contained upload_tame_arrays
-syn keyword ngxDirectiveThirdParty contained upload_pass_args
-
-" Upstream Fair Module <https://github.com/gnosek/nginx-upstream-fair>
-" The fair load balancer module for nginx http://nginx.localdomain.pl
-syn keyword ngxDirectiveThirdParty contained fair
-syn keyword ngxDirectiveThirdParty contained upstream_fair_shm_size
-
-" Upstream Hash Module (DEPRECATED) <http://wiki.nginx.org/NginxHttpUpstreamRequestHashModule>
-" Provides simple upstream load distribution by hashing a configurable variable.
-" syn keyword ngxDirectiveDeprecated contained hash
-syn keyword ngxDirectiveDeprecated contained hash_again
-
-" Upstream Domain Resolve Module <https://www.nginx.com/resources/wiki/modules/domain_resolve/>
-" A load-balancer that resolves an upstream domain name asynchronously.
+" An asynchronous domain name resolve module for nginx upstream
+" https://github.com/wdaike/ngx_upstream_jdomain
syn keyword ngxDirectiveThirdParty contained jdomain
-" Upsync Module <https://github.com/weibocom/nginx-upsync-module>
-" Sync upstreams from consul or others, dynamiclly modify backend-servers attribute(weight, max_fails,...), needn't reload nginx
-syn keyword ngxDirectiveThirdParty contained upsync
-syn keyword ngxDirectiveThirdParty contained upsync_dump_path
-syn keyword ngxDirectiveThirdParty contained upsync_lb
-syn keyword ngxDirectiveThirdParty contained upstream_show
-
-" URL Module <https://github.com/vozlt/nginx-module-url>
" Nginx url encoding converting module
+" https://github.com/vozlt/nginx-module-url
syn keyword ngxDirectiveThirdParty contained url_encoding_convert
+syn keyword ngxDirectiveThirdParty contained url_encoding_convert_alloc_size
+syn keyword ngxDirectiveThirdParty contained url_encoding_convert_alloc_size_x
syn keyword ngxDirectiveThirdParty contained url_encoding_convert_from
+syn keyword ngxDirectiveThirdParty contained url_encoding_convert_phase
syn keyword ngxDirectiveThirdParty contained url_encoding_convert_to
-" User Agent Module <https://github.com/alibaba/nginx-http-user-agent>
-" Match browsers and crawlers
+" A nginx module to match browsers and crawlers
+" https://github.com/alibaba/nginx-http-user-agent
syn keyword ngxDirectiveThirdParty contained user_agent
-" Upstrema Ketama Chash Module <https://github.com/flygoast/ngx_http_upstream_ketama_chash>
-" Nginx load-balancer module implementing ketama consistent hashing.
+" nginx load-balancer module implementing ketama consistent hashing
+" https://github.com/flygoast/ngx_http_upstream_ketama_chash
syn keyword ngxDirectiveThirdParty contained ketama_chash
-" Video Thumbextractor Module <https://github.com/wandenberg/nginx-video-thumbextractor-module>
-" Extract thumbs from a video file
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_video_filename
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_video_second
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_image_width
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_image_height
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_only_keyframe
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_next_time
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_rows
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_cols
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_max_rows
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_max_cols
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_sample_interval
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_color
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_margin
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_tile_padding
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_threads
-syn keyword ngxDirectiveThirdParty contained video_thumbextractor_processes_per_worker
-
-" Eval Module <http://www.grid.net.ru/nginx/eval.en.html>
-" Module for nginx web server evaluates response of proxy or memcached module into variables.
-syn keyword ngxDirectiveThirdParty contained eval
-syn keyword ngxDirectiveThirdParty contained eval_escalate
-syn keyword ngxDirectiveThirdParty contained eval_override_content_type
-
-" VTS Module <https://github.com/vozlt/nginx-module-vts>
-" Nginx virtual host traffic status module
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_zone
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display_format
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_display_jsonp
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter_by_host
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter_by_set_key
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_filter_check_duplicate
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit_traffic
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit_traffic_by_set_key
-syn keyword ngxDirectiveThirdParty contained vhost_traffic_status_limit_check_duplicate
-
-" XSS Module <https://github.com/openresty/xss-nginx-module>
-" Native support for cross-site scripting (XSS) in an nginx.
-syn keyword ngxDirectiveThirdParty contained xss_get
-syn keyword ngxDirectiveThirdParty contained xss_callback_arg
-syn keyword ngxDirectiveThirdParty contained xss_override_status
-syn keyword ngxDirectiveThirdParty contained xss_check_status
-syn keyword ngxDirectiveThirdParty contained xss_input_types
-" ZIP Module <https://www.nginx.com/resources/wiki/modules/zip/>
-" ZIP archiver for nginx
" highlight
@@ -2168,7 +2260,9 @@
hi link ngxDirectiveDeprecated Error
hi link ngxDirective Identifier
hi link ngxDirectiveThirdParty Special
+hi link ngxDirectiveThirdPartyDeprecated Error
hi link ngxListenOptions Keyword
+hi link ngxListenOptionsDeprecated Error
let b:current_syntax = "nginx"
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/core/nginx.c
^
|
@@ -228,6 +228,7 @@
#endif
ngx_pid = ngx_getpid();
+ ngx_parent = ngx_getppid();
log = ngx_log_init(ngx_prefix);
if (log == NULL) {
@@ -984,8 +985,8 @@
p--)
{
if (ngx_path_separator(*p)) {
- cycle->conf_prefix.len = p - ngx_cycle->conf_file.data + 1;
- cycle->conf_prefix.data = ngx_cycle->conf_file.data;
+ cycle->conf_prefix.len = p - cycle->conf_file.data + 1;
+ cycle->conf_prefix.data = cycle->conf_file.data;
break;
}
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/core/nginx.h
^
|
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1013007
-#define NGINX_VERSION "1.13.7"
+#define nginx_version 1014002
+#define NGINX_VERSION "1.14.2"
#define NGINX_VER "nginx/" NGINX_VERSION
#ifdef NGX_BUILD
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/core/ngx_conf_file.c
^
|
@@ -709,6 +709,11 @@
last_space = 0;
continue;
+ case '$':
+ variable = 1;
+ last_space = 0;
+ continue;
+
default:
last_space = 0;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/core/ngx_cycle.h
^
|
@@ -31,6 +31,7 @@
ngx_shm_t shm;
ngx_shm_zone_init_pt init;
void *tag;
+ void *sync;
ngx_uint_t noreuse; /* unsigned noreuse:1; */
};
@@ -114,6 +115,8 @@
ngx_array_t env;
char **environment;
+
+ ngx_uint_t transparent; /* unsigned transparent:1; */
} ngx_core_conf_t;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/core/ngx_proxy_protocol.c
^
|
@@ -9,6 +9,41 @@
#include <ngx_core.h>
+#define NGX_PROXY_PROTOCOL_AF_INET 1
+#define NGX_PROXY_PROTOCOL_AF_INET6 2
+
+
+#define ngx_proxy_protocol_parse_uint16(p) ((p)[0] << 8 | (p)[1])
+
+
+typedef struct {
+ u_char signature[12];
+ u_char version_command;
+ u_char family_transport;
+ u_char len[2];
+} ngx_proxy_protocol_header_t;
+
+
+typedef struct {
+ u_char src_addr[4];
+ u_char dst_addr[4];
+ u_char src_port[2];
+ u_char dst_port[2];
+} ngx_proxy_protocol_inet_addrs_t;
+
+
+typedef struct {
+ u_char src_addr[16];
+ u_char dst_addr[16];
+ u_char src_port[2];
+ u_char dst_port[2];
+} ngx_proxy_protocol_inet6_addrs_t;
+
+
+static u_char *ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf,
+ u_char *last);
+
+
u_char *
ngx_proxy_protocol_read(ngx_connection_t *c, u_char *buf, u_char *last)
{
@@ -16,9 +51,17 @@
u_char ch, *p, *addr, *port;
ngx_int_t n;
+ static const u_char signature[] = "\r\n\r\n\0\r\nQUIT\n";
+
p = buf;
len = last - buf;
+ if (len >= sizeof(ngx_proxy_protocol_header_t)
+ && memcmp(p, signature, sizeof(signature) - 1) == 0)
+ {
+ return ngx_proxy_protocol_v2_read(c, buf, last);
+ }
+
if (len < 8 || ngx_strncmp(p, "PROXY ", 6) != 0) {
goto invalid;
}
@@ -105,7 +148,8 @@
c->proxy_protocol_port = (in_port_t) n;
ngx_log_debug2(NGX_LOG_DEBUG_CORE, c->log, 0,
- "PROXY protocol address: %V %i", &c->proxy_protocol_addr, n);
+ "PROXY protocol address: %V %d", &c->proxy_protocol_addr,
+ c->proxy_protocol_port);
skip:
@@ -166,3 +210,134 @@
return ngx_slprintf(buf, last, " %ui %ui" CRLF, port, lport);
}
+
+
+static u_char *
+ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, u_char *last)
+{
+ u_char *end;
+ size_t len;
+ socklen_t socklen;
+ ngx_uint_t version, command, family, transport;
+ ngx_sockaddr_t sockaddr;
+ ngx_proxy_protocol_header_t *header;
+ ngx_proxy_protocol_inet_addrs_t *in;
+#if (NGX_HAVE_INET6)
+ ngx_proxy_protocol_inet6_addrs_t *in6;
+#endif
+
+ header = (ngx_proxy_protocol_header_t *) buf;
+
+ buf += sizeof(ngx_proxy_protocol_header_t);
+
+ version = header->version_command >> 4;
+
+ if (version != 2) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0,
+ "unknown PROXY protocol version: %ui", version);
+ return NULL;
+ }
+
+ len = ngx_proxy_protocol_parse_uint16(header->len);
+
+ if ((size_t) (last - buf) < len) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0, "header is too large");
+ return NULL;
+ }
+
+ end = buf + len;
+
+ command = header->version_command & 0x0f;
+
+ /* only PROXY is supported */
+ if (command != 1) {
+ ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
+ "PROXY protocol v2 unsupported command %ui", command);
+ return end;
+ }
+
+ transport = header->family_transport & 0x0f;
+
+ /* only STREAM is supported */
+ if (transport != 1) {
+ ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
+ "PROXY protocol v2 unsupported transport %ui",
+ transport);
+ return end;
+ }
+
+ family = header->family_transport >> 4;
+
+ switch (family) {
+
+ case NGX_PROXY_PROTOCOL_AF_INET:
+
+ if ((size_t) (end - buf) < sizeof(ngx_proxy_protocol_inet_addrs_t)) {
+ return NULL;
+ }
+
+ in = (ngx_proxy_protocol_inet_addrs_t *) buf;
+
+ sockaddr.sockaddr_in.sin_family = AF_INET;
+ sockaddr.sockaddr_in.sin_port = 0;
+ memcpy(&sockaddr.sockaddr_in.sin_addr, in->src_addr, 4);
+
+ c->proxy_protocol_port = ngx_proxy_protocol_parse_uint16(in->src_port);
+
+ socklen = sizeof(struct sockaddr_in);
+
+ buf += sizeof(ngx_proxy_protocol_inet_addrs_t);
+
+ break;
+
+#if (NGX_HAVE_INET6)
+
+ case NGX_PROXY_PROTOCOL_AF_INET6:
+
+ if ((size_t) (end - buf) < sizeof(ngx_proxy_protocol_inet6_addrs_t)) {
+ return NULL;
+ }
+
+ in6 = (ngx_proxy_protocol_inet6_addrs_t *) buf;
+
+ sockaddr.sockaddr_in6.sin6_family = AF_INET6;
+ sockaddr.sockaddr_in6.sin6_port = 0;
+ memcpy(&sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16);
+
+ c->proxy_protocol_port = ngx_proxy_protocol_parse_uint16(in6->src_port);
+
+ socklen = sizeof(struct sockaddr_in6);
+
+ buf += sizeof(ngx_proxy_protocol_inet6_addrs_t);
+
+ break;
+
+#endif
+
+ default:
+ ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
+ "PROXY protocol v2 unsupported address family %ui",
+ family);
+ return end;
+ }
+
+ c->proxy_protocol_addr.data = ngx_pnalloc(c->pool, NGX_SOCKADDR_STRLEN);
+ if (c->proxy_protocol_addr.data == NULL) {
+ return NULL;
+ }
+
+ c->proxy_protocol_addr.len = ngx_sock_ntop(&sockaddr.sockaddr, socklen,
+ c->proxy_protocol_addr.data,
+ NGX_SOCKADDR_STRLEN, 0);
+
+ ngx_log_debug2(NGX_LOG_DEBUG_CORE, c->log, 0,
+ "PROXY protocol v2 address: %V %d", &c->proxy_protocol_addr,
+ c->proxy_protocol_port);
+
+ if (buf < end) {
+ ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
+ "PROXY protocol v2 %z bytes of tlv ignored", end - buf);
+ }
+
+ return end;
+}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/core/ngx_times.c
^
|
@@ -9,6 +9,9 @@
#include <ngx_core.h>
+static ngx_msec_t ngx_monotonic_time(time_t sec, ngx_uint_t msec);
+
+
/*
* The time may be updated by signal handler or by several threads.
* The time update operations are rare and require to hold the ngx_time_lock.
@@ -93,7 +96,7 @@
sec = tv.tv_sec;
msec = tv.tv_usec / 1000;
- ngx_current_msec = (ngx_msec_t) sec * 1000 + msec;
+ ngx_current_msec = ngx_monotonic_time(sec, msec);
tp = &cached_time[slot];
@@ -189,6 +192,31 @@
}
+static ngx_msec_t
+ngx_monotonic_time(time_t sec, ngx_uint_t msec)
+{
+#if (NGX_HAVE_CLOCK_MONOTONIC)
+ struct timespec ts;
+
+#if defined(CLOCK_MONOTONIC_FAST)
+ clock_gettime(CLOCK_MONOTONIC_FAST, &ts);
+
+#elif defined(CLOCK_MONOTONIC_COARSE)
+ clock_gettime(CLOCK_MONOTONIC_COARSE, &ts);
+
+#else
+ clock_gettime(CLOCK_MONOTONIC, &ts);
+#endif
+
+ sec = ts.tv_sec;
+ msec = ts.tv_nsec / 1000000;
+
+#endif
+
+ return (ngx_msec_t) sec * 1000 + msec;
+}
+
+
#if !(NGX_WIN32)
void
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/event/modules/ngx_eventport_module.c
^
|
@@ -19,6 +19,8 @@
#define CLOCK_REALTIME 0
typedef int clockid_t;
typedef void * timer_t;
+#elif (NGX_DARWIN)
+typedef void * timer_t;
#endif
/* Solaris declarations */
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/event/ngx_event_accept.c
^
|
@@ -448,6 +448,18 @@
c->socklen = sizeof(ngx_sockaddr_t);
}
+ if (c->socklen == 0) {
+
+ /*
+ * on Linux recvmsg() returns zero msg_namelen
+ * when receiving packets from unbound AF_UNIX sockets
+ */
+
+ c->socklen = sizeof(struct sockaddr);
+ ngx_memzero(&sa, sizeof(struct sockaddr));
+ sa.sockaddr.sa_family = ls->sockaddr->sa_family;
+ }
+
#if (NGX_STAT_STUB)
(void) ngx_atomic_fetch_add(ngx_stat_active, 1);
#endif
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/event/ngx_event_connect.c
^
|
@@ -388,7 +388,16 @@
return NGX_ERROR;
}
+#else
+
+ ngx_log_error(NGX_LOG_ALERT, pc->log, 0,
+ "could not enable transparent proxying for IPv6 "
+ "on this platform");
+
+ return NGX_ERROR;
+
#endif
+
break;
#endif /* NGX_HAVE_INET6 */
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/event/ngx_event_openssl.c
^
|
@@ -296,7 +296,7 @@
SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_DH_USE);
-#ifdef SSL_CTRL_CLEAR_OPTIONS
+#if OPENSSL_VERSION_NUMBER >= 0x009080dfL
/* only in 0.9.8m+ */
SSL_CTX_clear_options(ssl->ctx,
SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1);
@@ -330,6 +330,16 @@
}
#endif
+#ifdef SSL_CTX_set_min_proto_version
+ SSL_CTX_set_min_proto_version(ssl->ctx, 0);
+ SSL_CTX_set_max_proto_version(ssl->ctx, TLS1_2_VERSION);
+#endif
+
+#ifdef TLS1_3_VERSION
+ SSL_CTX_set_min_proto_version(ssl->ctx, 0);
+ SSL_CTX_set_max_proto_version(ssl->ctx, TLS1_3_VERSION);
+#endif
+
#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_COMPRESSION);
#endif
@@ -2059,10 +2069,18 @@
/* handshake failures */
if (n == SSL_R_BAD_CHANGE_CIPHER_SPEC /* 103 */
+#ifdef SSL_R_NO_SUITABLE_KEY_SHARE
+ || n == SSL_R_NO_SUITABLE_KEY_SHARE /* 101 */
+#endif
+#ifdef SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM
+ || n == SSL_R_NO_SUITABLE_SIGNATURE_ALGORITHM /* 118 */
+#endif
|| n == SSL_R_BLOCK_CIPHER_PAD_IS_WRONG /* 129 */
|| n == SSL_R_DIGEST_CHECK_FAILED /* 149 */
|| n == SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST /* 151 */
|| n == SSL_R_EXCESSIVE_MESSAGE_SIZE /* 152 */
+ || n == SSL_R_HTTPS_PROXY_REQUEST /* 155 */
+ || n == SSL_R_HTTP_REQUEST /* 156 */
|| n == SSL_R_LENGTH_MISMATCH /* 159 */
#ifdef SSL_R_NO_CIPHERS_PASSED
|| n == SSL_R_NO_CIPHERS_PASSED /* 182 */
@@ -2078,6 +2096,13 @@
|| n == SSL_R_UNEXPECTED_RECORD /* 245 */
|| n == SSL_R_UNKNOWN_ALERT_TYPE /* 246 */
|| n == SSL_R_UNKNOWN_PROTOCOL /* 252 */
+#ifdef SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS
+ || n == SSL_R_NO_COMMON_SIGNATURE_ALGORITHMS /* 253 */
+#endif
+ || n == SSL_R_UNSUPPORTED_PROTOCOL /* 258 */
+#ifdef SSL_R_NO_SHARED_GROUP
+ || n == SSL_R_NO_SHARED_GROUP /* 266 */
+#endif
|| n == SSL_R_WRONG_VERSION_NUMBER /* 267 */
|| n == SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC /* 281 */
#ifdef SSL_R_RENEGOTIATE_EXT_TOO_LONG
@@ -2094,6 +2119,9 @@
#ifdef SSL_R_INAPPROPRIATE_FALLBACK
|| n == SSL_R_INAPPROPRIATE_FALLBACK /* 373 */
#endif
+#ifdef SSL_R_VERSION_TOO_LOW
+ || n == SSL_R_VERSION_TOO_LOW /* 396 */
+#endif
|| n == 1000 /* SSL_R_SSLV3_ALERT_CLOSE_NOTIFY */
#ifdef SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE
|| n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE /* 1010 */
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/event/ngx_event_openssl.h
^
|
@@ -36,8 +36,12 @@
#if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
#undef OPENSSL_VERSION_NUMBER
+#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL)
+#define OPENSSL_VERSION_NUMBER 0x1010000fL
+#else
#define OPENSSL_VERSION_NUMBER 0x1000107fL
#endif
+#endif
#if (OPENSSL_VERSION_NUMBER >= 0x10100001L)
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_auth_basic_module.c
^
|
@@ -266,8 +266,8 @@
}
ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
- "user \"%V\" was not found in \"%V\"",
- &r->headers_in.user, &user_file);
+ "user \"%V\" was not found in \"%s\"",
+ &r->headers_in.user, user_file.data);
return ngx_http_auth_basic_set_realm(r, &realm);
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_autoindex_module.c
^
|
@@ -180,6 +180,12 @@
return NGX_DECLINED;
}
+ rc = ngx_http_discard_request_body(r);
+
+ if (rc != NGX_OK) {
+ return rc;
+ }
+
/* NGX_DIR_MASK_LEN is lesser than NGX_HTTP_AUTOINDEX_PREALLOCATE */
last = ngx_http_map_uri_to_path(r, &path, &root,
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_dav_module.c
^
|
@@ -213,7 +213,16 @@
ngx_ext_rename_file_t ext;
ngx_http_dav_loc_conf_t *dlcf;
- if (r->request_body == NULL || r->request_body->temp_file == NULL) {
+ if (r->request_body == NULL) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "PUT request body is unavailable");
+ ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return;
+ }
+
+ if (r->request_body->temp_file == NULL) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "PUT request body must be in a file");
ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_fastcgi_module.c
^
|
@@ -2512,36 +2512,6 @@
break;
}
- /* provide continuous buffer for subrequests in memory */
-
- if (r->subrequest_in_memory) {
-
- cl = u->out_bufs;
-
- if (cl) {
- buf->pos = cl->buf->pos;
- }
-
- buf->last = buf->pos;
-
- for (cl = u->out_bufs; cl; cl = cl->next) {
- ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
- "http fastcgi in memory %p-%p %O",
- cl->buf->pos, cl->buf->last, ngx_buf_size(cl->buf));
-
- if (buf->last == cl->buf->pos) {
- buf->last = cl->buf->last;
- continue;
- }
-
- buf->last = ngx_movemem(buf->last, cl->buf->pos,
- cl->buf->last - cl->buf->pos);
-
- cl->buf->pos = buf->last - (cl->buf->last - cl->buf->pos);
- cl->buf->last = buf->last;
- }
- }
-
return NGX_OK;
}
@@ -2736,8 +2706,6 @@
* conf->upstream.cache_methods = 0;
* conf->upstream.temp_path = NULL;
* conf->upstream.hide_headers_hash = { NULL, 0 };
- * conf->upstream.uri = { 0, NULL };
- * conf->upstream.location = NULL;
* conf->upstream.store_lengths = NULL;
* conf->upstream.store_values = NULL;
*
@@ -3296,7 +3264,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].key.len;
copy = ngx_array_push_n(params->lengths,
@@ -3305,7 +3274,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].skip_empty;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_geo_module.c
^
|
@@ -439,6 +439,7 @@
ctx.temp_pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, cf->log);
if (ctx.temp_pool == NULL) {
+ ngx_destroy_pool(pool);
return NGX_CONF_ERROR;
}
@@ -460,6 +461,10 @@
*cf = save;
+ if (rv != NGX_CONF_OK) {
+ goto failed;
+ }
+
geo->proxies = ctx.proxies;
geo->proxy_recursive = ctx.proxy_recursive;
@@ -482,7 +487,7 @@
ctx.high.low[i] = ngx_palloc(cf->pool, len + sizeof(void *));
if (ctx.high.low[i] == NULL) {
- return NGX_CONF_ERROR;
+ goto failed;
}
ngx_memcpy(ctx.high.low[i], a->elts, len);
@@ -508,14 +513,11 @@
var->get_handler = ngx_http_geo_range_variable;
var->data = (uintptr_t) geo;
- ngx_destroy_pool(ctx.temp_pool);
- ngx_destroy_pool(pool);
-
} else {
if (ctx.tree == NULL) {
ctx.tree = ngx_radix_tree_create(cf->pool, -1);
if (ctx.tree == NULL) {
- return NGX_CONF_ERROR;
+ goto failed;
}
}
@@ -525,7 +527,7 @@
if (ctx.tree6 == NULL) {
ctx.tree6 = ngx_radix_tree_create(cf->pool, -1);
if (ctx.tree6 == NULL) {
- return NGX_CONF_ERROR;
+ goto failed;
}
}
@@ -535,14 +537,11 @@
var->get_handler = ngx_http_geo_cidr_variable;
var->data = (uintptr_t) geo;
- ngx_destroy_pool(ctx.temp_pool);
- ngx_destroy_pool(pool);
-
if (ngx_radix32tree_insert(ctx.tree, 0, 0,
(uintptr_t) &ngx_http_variable_null_value)
== NGX_ERROR)
{
- return NGX_CONF_ERROR;
+ goto failed;
}
/* NGX_BUSY is okay (default was set explicitly) */
@@ -552,12 +551,22 @@
(uintptr_t) &ngx_http_variable_null_value)
== NGX_ERROR)
{
- return NGX_CONF_ERROR;
+ goto failed;
}
#endif
}
- return rv;
+ ngx_destroy_pool(ctx.temp_pool);
+ ngx_destroy_pool(pool);
+
+ return NGX_CONF_OK;
+
+failed:
+
+ ngx_destroy_pool(ctx.temp_pool);
+ ngx_destroy_pool(pool);
+
+ return NGX_CONF_ERROR;
}
|
[-]
[+]
|
Added |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_grpc_module.c
^
|
@@ -0,0 +1,4707 @@
+
+/*
+ * Copyright (C) Maxim Dounin
+ * Copyright (C) Nginx, Inc.
+ */
+
+
+#include <ngx_config.h>
+#include <ngx_core.h>
+#include <ngx_http.h>
+
+
+typedef struct {
+ ngx_array_t *flushes;
+ ngx_array_t *lengths;
+ ngx_array_t *values;
+ ngx_hash_t hash;
+} ngx_http_grpc_headers_t;
+
+
+typedef struct {
+ ngx_http_upstream_conf_t upstream;
+
+ ngx_http_grpc_headers_t headers;
+ ngx_array_t *headers_source;
+
+ ngx_str_t host;
+ ngx_uint_t host_set;
+
+#if (NGX_HTTP_SSL)
+ ngx_uint_t ssl;
+ ngx_uint_t ssl_protocols;
+ ngx_str_t ssl_ciphers;
+ ngx_uint_t ssl_verify_depth;
+ ngx_str_t ssl_trusted_certificate;
+ ngx_str_t ssl_crl;
+ ngx_str_t ssl_certificate;
+ ngx_str_t ssl_certificate_key;
+ ngx_array_t *ssl_passwords;
+#endif
+} ngx_http_grpc_loc_conf_t;
+
+
+typedef enum {
+ ngx_http_grpc_st_start = 0,
+ ngx_http_grpc_st_length_2,
+ ngx_http_grpc_st_length_3,
+ ngx_http_grpc_st_type,
+ ngx_http_grpc_st_flags,
+ ngx_http_grpc_st_stream_id,
+ ngx_http_grpc_st_stream_id_2,
+ ngx_http_grpc_st_stream_id_3,
+ ngx_http_grpc_st_stream_id_4,
+ ngx_http_grpc_st_payload,
+ ngx_http_grpc_st_padding
+} ngx_http_grpc_state_e;
+
+
+typedef struct {
+ size_t init_window;
+ size_t send_window;
+ size_t recv_window;
+ ngx_uint_t last_stream_id;
+} ngx_http_grpc_conn_t;
+
+
+typedef struct {
+ ngx_http_grpc_state_e state;
+ ngx_uint_t frame_state;
+ ngx_uint_t fragment_state;
+
+ ngx_chain_t *in;
+ ngx_chain_t *out;
+ ngx_chain_t *free;
+ ngx_chain_t *busy;
+
+ ngx_http_grpc_conn_t *connection;
+
+ ngx_uint_t id;
+
+ ngx_uint_t pings;
+ ngx_uint_t settings;
+
+ ssize_t send_window;
+ size_t recv_window;
+
+ size_t rest;
+ ngx_uint_t stream_id;
+ u_char type;
+ u_char flags;
+ u_char padding;
+
+ ngx_uint_t error;
+ ngx_uint_t window_update;
+
+ ngx_uint_t setting_id;
+ ngx_uint_t setting_value;
+
+ u_char ping_data[8];
+
+ ngx_uint_t index;
+ ngx_str_t name;
+ ngx_str_t value;
+
+ u_char *field_end;
+ size_t field_length;
+ size_t field_rest;
+ u_char field_state;
+
+ unsigned literal:1;
+ unsigned field_huffman:1;
+
+ unsigned header_sent:1;
+ unsigned output_closed:1;
+ unsigned output_blocked:1;
+ unsigned parsing_headers:1;
+ unsigned end_stream:1;
+ unsigned done:1;
+ unsigned status:1;
+
+ ngx_http_request_t *request;
+} ngx_http_grpc_ctx_t;
+
+
+typedef struct {
+ u_char length_0;
+ u_char length_1;
+ u_char length_2;
+ u_char type;
+ u_char flags;
+ u_char stream_id_0;
+ u_char stream_id_1;
+ u_char stream_id_2;
+ u_char stream_id_3;
+} ngx_http_grpc_frame_t;
+
+
+static ngx_int_t ngx_http_grpc_create_request(ngx_http_request_t *r);
+static ngx_int_t ngx_http_grpc_reinit_request(ngx_http_request_t *r);
+static ngx_int_t ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in);
+static ngx_int_t ngx_http_grpc_process_header(ngx_http_request_t *r);
+static ngx_int_t ngx_http_grpc_filter_init(void *data);
+static ngx_int_t ngx_http_grpc_filter(void *data, ssize_t bytes);
+
+static ngx_int_t ngx_http_grpc_parse_frame(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_parse_header(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_parse_fragment(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_validate_header_name(ngx_http_request_t *r,
+ ngx_str_t *s);
+static ngx_int_t ngx_http_grpc_validate_header_value(ngx_http_request_t *r,
+ ngx_str_t *s);
+static ngx_int_t ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_parse_goaway(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_parse_window_update(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_parse_settings(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+static ngx_int_t ngx_http_grpc_parse_ping(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b);
+
+static ngx_int_t ngx_http_grpc_send_settings_ack(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx);
+static ngx_int_t ngx_http_grpc_send_ping_ack(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx);
+static ngx_int_t ngx_http_grpc_send_window_update(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx);
+
+static ngx_chain_t *ngx_http_grpc_get_buf(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx);
+static ngx_http_grpc_ctx_t *ngx_http_grpc_get_ctx(ngx_http_request_t *r);
+static ngx_int_t ngx_http_grpc_get_connection_data(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc);
+static void ngx_http_grpc_cleanup(void *data);
+
+static void ngx_http_grpc_abort_request(ngx_http_request_t *r);
+static void ngx_http_grpc_finalize_request(ngx_http_request_t *r,
+ ngx_int_t rc);
+
+static ngx_int_t ngx_http_grpc_internal_trailers_variable(
+ ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data);
+
+static ngx_int_t ngx_http_grpc_add_variables(ngx_conf_t *cf);
+static void *ngx_http_grpc_create_loc_conf(ngx_conf_t *cf);
+static char *ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf,
+ void *parent, void *child);
+static ngx_int_t ngx_http_grpc_init_headers(ngx_conf_t *cf,
+ ngx_http_grpc_loc_conf_t *conf, ngx_http_grpc_headers_t *headers,
+ ngx_keyval_t *default_headers);
+
+static char *ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd,
+ void *conf);
+
+#if (NGX_HTTP_SSL)
+static char *ngx_http_grpc_ssl_password_file(ngx_conf_t *cf,
+ ngx_command_t *cmd, void *conf);
+static ngx_int_t ngx_http_grpc_set_ssl(ngx_conf_t *cf,
+ ngx_http_grpc_loc_conf_t *glcf);
+#endif
+
+
+static ngx_conf_bitmask_t ngx_http_grpc_next_upstream_masks[] = {
+ { ngx_string("error"), NGX_HTTP_UPSTREAM_FT_ERROR },
+ { ngx_string("timeout"), NGX_HTTP_UPSTREAM_FT_TIMEOUT },
+ { ngx_string("invalid_header"), NGX_HTTP_UPSTREAM_FT_INVALID_HEADER },
+ { ngx_string("non_idempotent"), NGX_HTTP_UPSTREAM_FT_NON_IDEMPOTENT },
+ { ngx_string("http_500"), NGX_HTTP_UPSTREAM_FT_HTTP_500 },
+ { ngx_string("http_502"), NGX_HTTP_UPSTREAM_FT_HTTP_502 },
+ { ngx_string("http_503"), NGX_HTTP_UPSTREAM_FT_HTTP_503 },
+ { ngx_string("http_504"), NGX_HTTP_UPSTREAM_FT_HTTP_504 },
+ { ngx_string("http_403"), NGX_HTTP_UPSTREAM_FT_HTTP_403 },
+ { ngx_string("http_404"), NGX_HTTP_UPSTREAM_FT_HTTP_404 },
+ { ngx_string("http_429"), NGX_HTTP_UPSTREAM_FT_HTTP_429 },
+ { ngx_string("off"), NGX_HTTP_UPSTREAM_FT_OFF },
+ { ngx_null_string, 0 }
+};
+
+
+#if (NGX_HTTP_SSL)
+
+static ngx_conf_bitmask_t ngx_http_grpc_ssl_protocols[] = {
+ { ngx_string("SSLv2"), NGX_SSL_SSLv2 },
+ { ngx_string("SSLv3"), NGX_SSL_SSLv3 },
+ { ngx_string("TLSv1"), NGX_SSL_TLSv1 },
+ { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 },
+ { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 },
+ { ngx_string("TLSv1.3"), NGX_SSL_TLSv1_3 },
+ { ngx_null_string, 0 }
+};
+
+#endif
+
+
+static ngx_command_t ngx_http_grpc_commands[] = {
+
+ { ngx_string("grpc_pass"),
+ NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE1,
+ ngx_http_grpc_pass,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ 0,
+ NULL },
+
+ { ngx_string("grpc_bind"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
+ ngx_http_upstream_bind_set_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.local),
+ NULL },
+
+ { ngx_string("grpc_connect_timeout"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_msec_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.connect_timeout),
+ NULL },
+
+ { ngx_string("grpc_send_timeout"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_msec_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.send_timeout),
+ NULL },
+
+ { ngx_string("grpc_intercept_errors"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+ ngx_conf_set_flag_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.intercept_errors),
+ NULL },
+
+ { ngx_string("grpc_buffer_size"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_size_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.buffer_size),
+ NULL },
+
+ { ngx_string("grpc_read_timeout"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_msec_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.read_timeout),
+ NULL },
+
+ { ngx_string("grpc_next_upstream"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
+ ngx_conf_set_bitmask_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream),
+ &ngx_http_grpc_next_upstream_masks },
+
+ { ngx_string("grpc_next_upstream_tries"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_num_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_tries),
+ NULL },
+
+ { ngx_string("grpc_next_upstream_timeout"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_msec_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.next_upstream_timeout),
+ NULL },
+
+ { ngx_string("grpc_set_header"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2,
+ ngx_conf_set_keyval_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, headers_source),
+ NULL },
+
+ { ngx_string("grpc_pass_header"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_array_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.pass_headers),
+ NULL },
+
+ { ngx_string("grpc_hide_header"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_array_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.hide_headers),
+ NULL },
+
+ { ngx_string("grpc_ignore_headers"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
+ ngx_conf_set_bitmask_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.ignore_headers),
+ &ngx_http_upstream_ignore_headers_masks },
+
+#if (NGX_HTTP_SSL)
+
+ { ngx_string("grpc_ssl_session_reuse"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+ ngx_conf_set_flag_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_session_reuse),
+ NULL },
+
+ { ngx_string("grpc_ssl_protocols"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
+ ngx_conf_set_bitmask_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_protocols),
+ &ngx_http_grpc_ssl_protocols },
+
+ { ngx_string("grpc_ssl_ciphers"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_ciphers),
+ NULL },
+
+ { ngx_string("grpc_ssl_name"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_http_set_complex_value_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_name),
+ NULL },
+
+ { ngx_string("grpc_ssl_server_name"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+ ngx_conf_set_flag_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_server_name),
+ NULL },
+
+ { ngx_string("grpc_ssl_verify"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+ ngx_conf_set_flag_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, upstream.ssl_verify),
+ NULL },
+
+ { ngx_string("grpc_ssl_verify_depth"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_num_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_verify_depth),
+ NULL },
+
+ { ngx_string("grpc_ssl_trusted_certificate"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_trusted_certificate),
+ NULL },
+
+ { ngx_string("grpc_ssl_crl"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_crl),
+ NULL },
+
+ { ngx_string("grpc_ssl_certificate"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate),
+ NULL },
+
+ { ngx_string("grpc_ssl_certificate_key"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_str_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_grpc_loc_conf_t, ssl_certificate_key),
+ NULL },
+
+ { ngx_string("grpc_ssl_password_file"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_http_grpc_ssl_password_file,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ 0,
+ NULL },
+
+#endif
+
+ ngx_null_command
+};
+
+
+static ngx_http_module_t ngx_http_grpc_module_ctx = {
+ ngx_http_grpc_add_variables, /* preconfiguration */
+ NULL, /* postconfiguration */
+
+ NULL, /* create main configuration */
+ NULL, /* init main configuration */
+
+ NULL, /* create server configuration */
+ NULL, /* merge server configuration */
+
+ ngx_http_grpc_create_loc_conf, /* create location configuration */
+ ngx_http_grpc_merge_loc_conf /* merge location configuration */
+};
+
+
+ngx_module_t ngx_http_grpc_module = {
+ NGX_MODULE_V1,
+ &ngx_http_grpc_module_ctx, /* module context */
+ ngx_http_grpc_commands, /* module directives */
+ NGX_HTTP_MODULE, /* module type */
+ NULL, /* init master */
+ NULL, /* init module */
+ NULL, /* init process */
+ NULL, /* init thread */
+ NULL, /* exit thread */
+ NULL, /* exit process */
+ NULL, /* exit master */
+ NGX_MODULE_V1_PADDING
+};
+
+
+static u_char ngx_http_grpc_connection_start[] =
+ "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n" /* connection preface */
+
+ "\x00\x00\x12\x04\x00\x00\x00\x00\x00" /* settings frame */
+ "\x00\x01\x00\x00\x00\x00" /* header table size */
+ "\x00\x02\x00\x00\x00\x00" /* disable push */
+ "\x00\x04\x7f\xff\xff\xff" /* initial window */
+
+ "\x00\x00\x04\x08\x00\x00\x00\x00\x00" /* window update frame */
+ "\x7f\xff\x00\x00";
+
+
+static ngx_keyval_t ngx_http_grpc_headers[] = {
+ { ngx_string("Content-Length"), ngx_string("$content_length") },
+ { ngx_string("TE"), ngx_string("$grpc_internal_trailers") },
+ { ngx_string("Host"), ngx_string("") },
+ { ngx_string("Connection"), ngx_string("") },
+ { ngx_string("Transfer-Encoding"), ngx_string("") },
+ { ngx_string("Keep-Alive"), ngx_string("") },
+ { ngx_string("Expect"), ngx_string("") },
+ { ngx_string("Upgrade"), ngx_string("") },
+ { ngx_null_string, ngx_null_string }
+};
+
+
+static ngx_str_t ngx_http_grpc_hide_headers[] = {
+ ngx_string("Date"),
+ ngx_string("Server"),
+ ngx_string("X-Accel-Expires"),
+ ngx_string("X-Accel-Redirect"),
+ ngx_string("X-Accel-Limit-Rate"),
+ ngx_string("X-Accel-Buffering"),
+ ngx_string("X-Accel-Charset"),
+ ngx_null_string
+};
+
+
+static ngx_http_variable_t ngx_http_grpc_vars[] = {
+
+ { ngx_string("grpc_internal_trailers"), NULL,
+ ngx_http_grpc_internal_trailers_variable, 0,
+ NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_NOHASH, 0 },
+
+ ngx_http_null_variable
+};
+
+
+static ngx_int_t
+ngx_http_grpc_handler(ngx_http_request_t *r)
+{
+ ngx_int_t rc;
+ ngx_http_upstream_t *u;
+ ngx_http_grpc_ctx_t *ctx;
+ ngx_http_grpc_loc_conf_t *glcf;
+
+ if (ngx_http_upstream_create(r) != NGX_OK) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module);
+
+ u = r->upstream;
+
+#if (NGX_HTTP_SSL)
+ u->ssl = (glcf->upstream.ssl != NULL);
+
+ if (u->ssl) {
+ ngx_str_set(&u->schema, "grpcs://");
+
+ } else {
+ ngx_str_set(&u->schema, "grpc://");
+ }
+#else
+ ngx_str_set(&u->schema, "grpc://");
+#endif
+
+ u->output.tag = (ngx_buf_tag_t) &ngx_http_grpc_module;
+
+ u->conf = &glcf->upstream;
+
+ u->create_request = ngx_http_grpc_create_request;
+ u->reinit_request = ngx_http_grpc_reinit_request;
+ u->process_header = ngx_http_grpc_process_header;
+ u->abort_request = ngx_http_grpc_abort_request;
+ u->finalize_request = ngx_http_grpc_finalize_request;
+
+ ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_grpc_ctx_t));
+ if (ctx == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ ctx->request = r;
+
+ ngx_http_set_ctx(r, ctx, ngx_http_grpc_module);
+
+ u->input_filter_init = ngx_http_grpc_filter_init;
+ u->input_filter = ngx_http_grpc_filter;
+ u->input_filter_ctx = ctx;
+
+ r->request_body_no_buffering = 1;
+
+ rc = ngx_http_read_client_request_body(r, ngx_http_upstream_init);
+
+ if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
+ return rc;
+ }
+
+ return NGX_DONE;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_create_request(ngx_http_request_t *r)
+{
+ u_char *p, *tmp, *key_tmp, *val_tmp, *headers_frame;
+ size_t len, tmp_len, key_len, val_len, uri_len;
+ uintptr_t escape;
+ ngx_buf_t *b;
+ ngx_uint_t i, next;
+ ngx_chain_t *cl, *body;
+ ngx_list_part_t *part;
+ ngx_table_elt_t *header;
+ ngx_http_upstream_t *u;
+ ngx_http_grpc_frame_t *f;
+ ngx_http_script_code_pt code;
+ ngx_http_grpc_loc_conf_t *glcf;
+ ngx_http_script_engine_t e, le;
+ ngx_http_script_len_code_pt lcode;
+
+ u = r->upstream;
+
+ glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module);
+
+ len = sizeof(ngx_http_grpc_connection_start) - 1
+ + sizeof(ngx_http_grpc_frame_t); /* headers frame */
+
+ /* :method header */
+
+ if (r->method == NGX_HTTP_GET || r->method == NGX_HTTP_POST) {
+ len += 1;
+ tmp_len = 0;
+
+ } else {
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + r->method_name.len;
+ tmp_len = r->method_name.len;
+ }
+
+ /* :scheme header */
+
+ len += 1;
+
+ /* :path header */
+
+ if (r->valid_unparsed_uri) {
+ escape = 0;
+ uri_len = r->unparsed_uri.len;
+
+ } else {
+ escape = 2 * ngx_escape_uri(NULL, r->uri.data, r->uri.len,
+ NGX_ESCAPE_URI);
+ uri_len = r->uri.len + escape + sizeof("?") - 1 + r->args.len;
+ }
+
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + uri_len;
+
+ if (tmp_len < uri_len) {
+ tmp_len = uri_len;
+ }
+
+ /* :authority header */
+
+ if (!glcf->host_set) {
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + glcf->host.len;
+
+ if (tmp_len < glcf->host.len) {
+ tmp_len = glcf->host.len;
+ }
+ }
+
+ /* other headers */
+
+ ngx_http_script_flush_no_cacheable_variables(r, glcf->headers.flushes);
+ ngx_memzero(&le, sizeof(ngx_http_script_engine_t));
+
+ le.ip = glcf->headers.lengths->elts;
+ le.request = r;
+ le.flushed = 1;
+
+ while (*(uintptr_t *) le.ip) {
+
+ lcode = *(ngx_http_script_len_code_pt *) le.ip;
+ key_len = lcode(&le);
+
+ for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) {
+ lcode = *(ngx_http_script_len_code_pt *) le.ip;
+ }
+ le.ip += sizeof(uintptr_t);
+
+ if (val_len == 0) {
+ continue;
+ }
+
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + key_len
+ + NGX_HTTP_V2_INT_OCTETS + val_len;
+
+ if (tmp_len < key_len) {
+ tmp_len = key_len;
+ }
+
+ if (tmp_len < val_len) {
+ tmp_len = val_len;
+ }
+ }
+
+ if (glcf->upstream.pass_request_headers) {
+ part = &r->headers_in.headers.part;
+ header = part->elts;
+
+ for (i = 0; /* void */; i++) {
+
+ if (i >= part->nelts) {
+ if (part->next == NULL) {
+ break;
+ }
+
+ part = part->next;
+ header = part->elts;
+ i = 0;
+ }
+
+ if (ngx_hash_find(&glcf->headers.hash, header[i].hash,
+ header[i].lowcase_key, header[i].key.len))
+ {
+ continue;
+ }
+
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + header[i].key.len
+ + NGX_HTTP_V2_INT_OCTETS + header[i].value.len;
+
+ if (tmp_len < header[i].key.len) {
+ tmp_len = header[i].key.len;
+ }
+
+ if (tmp_len < header[i].value.len) {
+ tmp_len = header[i].value.len;
+ }
+ }
+ }
+
+ /* continuation frames */
+
+ len += sizeof(ngx_http_grpc_frame_t)
+ * (len / NGX_HTTP_V2_DEFAULT_FRAME_SIZE);
+
+
+ b = ngx_create_temp_buf(r->pool, len);
+ if (b == NULL) {
+ return NGX_ERROR;
+ }
+
+ cl = ngx_alloc_chain_link(r->pool);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ cl->buf = b;
+ cl->next = NULL;
+
+ tmp = ngx_palloc(r->pool, tmp_len * 3);
+ if (tmp == NULL) {
+ return NGX_ERROR;
+ }
+
+ key_tmp = tmp + tmp_len;
+ val_tmp = tmp + 2 * tmp_len;
+
+ /* connection preface */
+
+ b->last = ngx_copy(b->last, ngx_http_grpc_connection_start,
+ sizeof(ngx_http_grpc_connection_start) - 1);
+
+ /* headers frame */
+
+ headers_frame = b->last;
+
+ f = (ngx_http_grpc_frame_t *) b->last;
+ b->last += sizeof(ngx_http_grpc_frame_t);
+
+ f->length_0 = 0;
+ f->length_1 = 0;
+ f->length_2 = 0;
+ f->type = NGX_HTTP_V2_HEADERS_FRAME;
+ f->flags = 0;
+ f->stream_id_0 = 0;
+ f->stream_id_1 = 0;
+ f->stream_id_2 = 0;
+ f->stream_id_3 = 1;
+
+ if (r->method == NGX_HTTP_GET) {
+ *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_GET_INDEX);
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":method: GET\"");
+
+ } else if (r->method == NGX_HTTP_POST) {
+ *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_POST_INDEX);
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":method: POST\"");
+
+ } else {
+ *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_METHOD_INDEX);
+ b->last = ngx_http_v2_write_value(b->last, r->method_name.data,
+ r->method_name.len, tmp);
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":method: %V\"", &r->method_name);
+ }
+
+#if (NGX_HTTP_SSL)
+ if (glcf->ssl) {
+ *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTPS_INDEX);
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":scheme: https\"");
+ } else
+#endif
+ {
+ *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTP_INDEX);
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":scheme: http\"");
+ }
+
+ if (r->valid_unparsed_uri) {
+
+ if (r->unparsed_uri.len == 1 && r->unparsed_uri.data[0] == '/') {
+ *b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_PATH_ROOT_INDEX);
+
+ } else {
+ *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
+ b->last = ngx_http_v2_write_value(b->last, r->unparsed_uri.data,
+ r->unparsed_uri.len, tmp);
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":path: %V\"", &r->unparsed_uri);
+
+ } else if (escape || r->args.len > 0) {
+ p = val_tmp;
+
+ if (escape) {
+ p = (u_char *) ngx_escape_uri(p, r->uri.data, r->uri.len,
+ NGX_ESCAPE_URI);
+
+ } else {
+ p = ngx_copy(p, r->uri.data, r->uri.len);
+ }
+
+ if (r->args.len > 0) {
+ *p++ = '?';
+ p = ngx_copy(p, r->args.data, r->args.len);
+ }
+
+ *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
+ b->last = ngx_http_v2_write_value(b->last, val_tmp, p - val_tmp, tmp);
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":path: %*s\"", p - val_tmp, val_tmp);
+
+ } else {
+ *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
+ b->last = ngx_http_v2_write_value(b->last, r->uri.data,
+ r->uri.len, tmp);
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":path: %V\"", &r->uri);
+ }
+
+ if (!glcf->host_set) {
+ *b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_AUTHORITY_INDEX);
+ b->last = ngx_http_v2_write_value(b->last, glcf->host.data,
+ glcf->host.len, tmp);
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \":authority: %V\"", &glcf->host);
+ }
+
+ ngx_memzero(&e, sizeof(ngx_http_script_engine_t));
+
+ e.ip = glcf->headers.values->elts;
+ e.request = r;
+ e.flushed = 1;
+
+ le.ip = glcf->headers.lengths->elts;
+
+ while (*(uintptr_t *) le.ip) {
+
+ lcode = *(ngx_http_script_len_code_pt *) le.ip;
+ key_len = lcode(&le);
+
+ for (val_len = 0; *(uintptr_t *) le.ip; val_len += lcode(&le)) {
+ lcode = *(ngx_http_script_len_code_pt *) le.ip;
+ }
+ le.ip += sizeof(uintptr_t);
+
+ if (val_len == 0) {
+ e.skip = 1;
+
+ while (*(uintptr_t *) e.ip) {
+ code = *(ngx_http_script_code_pt *) e.ip;
+ code((ngx_http_script_engine_t *) &e);
+ }
+ e.ip += sizeof(uintptr_t);
+
+ e.skip = 0;
+
+ continue;
+ }
+
+ *b->last++ = 0;
+
+ e.pos = key_tmp;
+
+ code = *(ngx_http_script_code_pt *) e.ip;
+ code((ngx_http_script_engine_t *) &e);
+
+ b->last = ngx_http_v2_write_name(b->last, key_tmp, key_len, tmp);
+
+ e.pos = val_tmp;
+
+ while (*(uintptr_t *) e.ip) {
+ code = *(ngx_http_script_code_pt *) e.ip;
+ code((ngx_http_script_engine_t *) &e);
+ }
+ e.ip += sizeof(uintptr_t);
+
+ b->last = ngx_http_v2_write_value(b->last, val_tmp, val_len, tmp);
+
+#if (NGX_DEBUG)
+ if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
+ ngx_strlow(key_tmp, key_tmp, key_len);
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \"%*s: %*s\"",
+ key_len, key_tmp, val_len, val_tmp);
+ }
+#endif
+ }
+
+ if (glcf->upstream.pass_request_headers) {
+ part = &r->headers_in.headers.part;
+ header = part->elts;
+
+ for (i = 0; /* void */; i++) {
+
+ if (i >= part->nelts) {
+ if (part->next == NULL) {
+ break;
+ }
+
+ part = part->next;
+ header = part->elts;
+ i = 0;
+ }
+
+ if (ngx_hash_find(&glcf->headers.hash, header[i].hash,
+ header[i].lowcase_key, header[i].key.len))
+ {
+ continue;
+ }
+
+ *b->last++ = 0;
+
+ b->last = ngx_http_v2_write_name(b->last, header[i].key.data,
+ header[i].key.len, tmp);
+
+ b->last = ngx_http_v2_write_value(b->last, header[i].value.data,
+ header[i].value.len, tmp);
+
+#if (NGX_DEBUG)
+ if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
+ ngx_strlow(tmp, header[i].key.data, header[i].key.len);
+
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \"%*s: %V\"",
+ header[i].key.len, tmp, &header[i].value);
+ }
+#endif
+ }
+ }
+
+ /* update headers frame length */
+
+ len = b->last - headers_frame - sizeof(ngx_http_grpc_frame_t);
+
+ if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) {
+ len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
+ next = 1;
+
+ } else {
+ next = 0;
+ }
+
+ f = (ngx_http_grpc_frame_t *) headers_frame;
+
+ f->length_0 = (u_char) ((len >> 16) & 0xff);
+ f->length_1 = (u_char) ((len >> 8) & 0xff);
+ f->length_2 = (u_char) (len & 0xff);
+
+ /* create additional continuation frames */
+
+ p = headers_frame;
+
+ while (next) {
+ p += sizeof(ngx_http_grpc_frame_t) + NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
+ len = b->last - p;
+
+ ngx_memmove(p + sizeof(ngx_http_grpc_frame_t), p, len);
+ b->last += sizeof(ngx_http_grpc_frame_t);
+
+ if (len > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) {
+ len = NGX_HTTP_V2_DEFAULT_FRAME_SIZE;
+ next = 1;
+
+ } else {
+ next = 0;
+ }
+
+ f = (ngx_http_grpc_frame_t *) p;
+
+ f->length_0 = (u_char) ((len >> 16) & 0xff);
+ f->length_1 = (u_char) ((len >> 8) & 0xff);
+ f->length_2 = (u_char) (len & 0xff);
+ f->type = NGX_HTTP_V2_CONTINUATION_FRAME;
+ f->flags = 0;
+ f->stream_id_0 = 0;
+ f->stream_id_1 = 0;
+ f->stream_id_2 = 0;
+ f->stream_id_3 = 1;
+ }
+
+ f->flags |= NGX_HTTP_V2_END_HEADERS_FLAG;
+
+#if (NGX_DEBUG)
+ if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
+ u_char buf[512];
+ size_t n, m;
+
+ n = ngx_min(b->last - b->pos, 256);
+ m = ngx_hex_dump(buf, b->pos, n) - buf;
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: %*s%s, len: %uz",
+ m, buf, b->last - b->pos > 256 ? "..." : "",
+ b->last - b->pos);
+ }
+#endif
+
+ if (r->request_body_no_buffering) {
+
+ u->request_bufs = cl;
+
+ } else {
+
+ body = u->request_bufs;
+ u->request_bufs = cl;
+
+ if (body == NULL) {
+ f = (ngx_http_grpc_frame_t *) headers_frame;
+ f->flags |= NGX_HTTP_V2_END_STREAM_FLAG;
+ }
+
+ while (body) {
+ b = ngx_alloc_buf(r->pool);
+ if (b == NULL) {
+ return NGX_ERROR;
+ }
+
+ ngx_memcpy(b, body->buf, sizeof(ngx_buf_t));
+
+ cl->next = ngx_alloc_chain_link(r->pool);
+ if (cl->next == NULL) {
+ return NGX_ERROR;
+ }
+
+ cl = cl->next;
+ cl->buf = b;
+
+ body = body->next;
+ }
+
+ b->last_buf = 1;
+ }
+
+ u->output.output_filter = ngx_http_grpc_body_output_filter;
+ u->output.filter_ctx = r;
+
+ b->flush = 1;
+ cl->next = NULL;
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_reinit_request(ngx_http_request_t *r)
+{
+ ngx_http_grpc_ctx_t *ctx;
+
+ ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module);
+
+ if (ctx == NULL) {
+ return NGX_OK;
+ }
+
+ ctx->state = 0;
+ ctx->header_sent = 0;
+ ctx->output_closed = 0;
+ ctx->output_blocked = 0;
+ ctx->parsing_headers = 0;
+ ctx->end_stream = 0;
+ ctx->done = 0;
+ ctx->status = 0;
+ ctx->connection = NULL;
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in)
+{
+ ngx_http_request_t *r = data;
+
+ off_t file_pos;
+ u_char *p, *pos, *start;
+ size_t len, limit;
+ ngx_buf_t *b;
+ ngx_int_t rc;
+ ngx_uint_t next, last;
+ ngx_chain_t *cl, *out, **ll;
+ ngx_http_upstream_t *u;
+ ngx_http_grpc_ctx_t *ctx;
+ ngx_http_grpc_frame_t *f;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc output filter");
+
+ ctx = ngx_http_grpc_get_ctx(r);
+
+ if (ctx == NULL) {
+ return NGX_ERROR;
+ }
+
+ if (in) {
+ if (ngx_chain_add_copy(r->pool, &ctx->in, in) != NGX_OK) {
+ return NGX_ERROR;
+ }
+ }
+
+ out = NULL;
+ ll = &out;
+
+ if (!ctx->header_sent) {
+ /* first buffer contains headers */
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc output header");
+
+ ctx->header_sent = 1;
+
+ if (ctx->id != 1) {
+ /*
+ * keepalive connection: skip connection preface,
+ * update stream identifiers
+ */
+
+ b = ctx->in->buf;
+ b->pos += sizeof(ngx_http_grpc_connection_start) - 1;
+
+ p = b->pos;
+
+ while (p < b->last) {
+ f = (ngx_http_grpc_frame_t *) p;
+ p += sizeof(ngx_http_grpc_frame_t);
+
+ f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
+ f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
+ f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
+ f->stream_id_3 = (u_char) (ctx->id & 0xff);
+
+ p += (f->length_0 << 16) + (f->length_1 << 8) + f->length_2;
+ }
+ }
+
+ if (ctx->in->buf->last_buf) {
+ ctx->output_closed = 1;
+ }
+
+ *ll = ctx->in;
+ ll = &ctx->in->next;
+
+ ctx->in = ctx->in->next;
+ }
+
+ if (ctx->out) {
+ /* queued control frames */
+
+ *ll = ctx->out;
+
+ for (cl = ctx->out, ll = &cl->next; cl; cl = cl->next) {
+ ll = &cl->next;
+ }
+
+ ctx->out = NULL;
+ }
+
+ f = NULL;
+ last = 0;
+
+ limit = ngx_max(0, ctx->send_window);
+
+ if (limit > ctx->connection->send_window) {
+ limit = ctx->connection->send_window;
+ }
+
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc output limit: %uz w:%z:%uz",
+ limit, ctx->send_window, ctx->connection->send_window);
+
+#if (NGX_SUPPRESS_WARN)
+ file_pos = 0;
+ pos = NULL;
+ cl = NULL;
+#endif
+
+ in = ctx->in;
+
+ while (in && limit > 0) {
+
+ ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0,
+ "grpc output in l:%d f:%d %p, pos %p, size: %z "
+ "file: %O, size: %O",
+ in->buf->last_buf,
+ in->buf->in_file,
+ in->buf->start, in->buf->pos,
+ in->buf->last - in->buf->pos,
+ in->buf->file_pos,
+ in->buf->file_last - in->buf->file_pos);
+
+ if (ngx_buf_special(in->buf)) {
+ goto next;
+ }
+
+ if (in->buf->in_file) {
+ file_pos = in->buf->file_pos;
+
+ } else {
+ pos = in->buf->pos;
+ }
+
+ next = 0;
+
+ do {
+
+ cl = ngx_http_grpc_get_buf(r, ctx);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ b = cl->buf;
+
+ f = (ngx_http_grpc_frame_t *) b->last;
+ b->last += sizeof(ngx_http_grpc_frame_t);
+
+ *ll = cl;
+ ll = &cl->next;
+
+ cl = ngx_chain_get_free_buf(r->pool, &ctx->free);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ b = cl->buf;
+ start = b->start;
+
+ ngx_memcpy(b, in->buf, sizeof(ngx_buf_t));
+
+ /*
+ * restore b->start to preserve memory allocated in the buffer,
+ * to reuse it later for headers and control frames
+ */
+
+ b->start = start;
+
+ if (in->buf->in_file) {
+ b->file_pos = file_pos;
+ file_pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit);
+
+ if (file_pos >= in->buf->file_last) {
+ file_pos = in->buf->file_last;
+ next = 1;
+ }
+
+ b->file_last = file_pos;
+ len = (ngx_uint_t) (file_pos - b->file_pos);
+
+ } else {
+ b->pos = pos;
+ pos += ngx_min(NGX_HTTP_V2_DEFAULT_FRAME_SIZE, limit);
+
+ if (pos >= in->buf->last) {
+ pos = in->buf->last;
+ next = 1;
+ }
+
+ b->last = pos;
+ len = (ngx_uint_t) (pos - b->pos);
+ }
+
+ b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter;
+ b->shadow = in->buf;
+ b->last_shadow = next;
+
+ b->last_buf = 0;
+ b->last_in_chain = 0;
+
+ *ll = cl;
+ ll = &cl->next;
+
+ f->length_0 = (u_char) ((len >> 16) & 0xff);
+ f->length_1 = (u_char) ((len >> 8) & 0xff);
+ f->length_2 = (u_char) (len & 0xff);
+ f->type = NGX_HTTP_V2_DATA_FRAME;
+ f->flags = 0;
+ f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
+ f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
+ f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
+ f->stream_id_3 = (u_char) (ctx->id & 0xff);
+
+ limit -= len;
+ ctx->send_window -= len;
+ ctx->connection->send_window -= len;
+
+ } while (!next && limit > 0);
+
+ if (!next) {
+ /*
+ * if the buffer wasn't fully sent due to flow control limits,
+ * preserve position for future use
+ */
+
+ if (in->buf->in_file) {
+ in->buf->file_pos = file_pos;
+
+ } else {
+ in->buf->pos = pos;
+ }
+
+ break;
+ }
+
+ next:
+
+ if (in->buf->last_buf) {
+ last = 1;
+ }
+
+ in = in->next;
+ }
+
+ ctx->in = in;
+
+ if (last) {
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc output last");
+
+ ctx->output_closed = 1;
+
+ if (f) {
+ f->flags |= NGX_HTTP_V2_END_STREAM_FLAG;
+
+ } else {
+ cl = ngx_http_grpc_get_buf(r, ctx);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ b = cl->buf;
+
+ f = (ngx_http_grpc_frame_t *) b->last;
+ b->last += sizeof(ngx_http_grpc_frame_t);
+
+ f->length_0 = 0;
+ f->length_1 = 0;
+ f->length_2 = 0;
+ f->type = NGX_HTTP_V2_DATA_FRAME;
+ f->flags = NGX_HTTP_V2_END_STREAM_FLAG;
+ f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
+ f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
+ f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
+ f->stream_id_3 = (u_char) (ctx->id & 0xff);
+
+ *ll = cl;
+ ll = &cl->next;
+ }
+
+ cl->buf->last_buf = 1;
+ }
+
+ *ll = NULL;
+
+#if (NGX_DEBUG)
+
+ for (cl = out; cl; cl = cl->next) {
+ ngx_log_debug7(NGX_LOG_DEBUG_EVENT, r->connection->log, 0,
+ "grpc output out l:%d f:%d %p, pos %p, size: %z "
+ "file: %O, size: %O",
+ cl->buf->last_buf,
+ cl->buf->in_file,
+ cl->buf->start, cl->buf->pos,
+ cl->buf->last - cl->buf->pos,
+ cl->buf->file_pos,
+ cl->buf->file_last - cl->buf->file_pos);
+ }
+
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc output limit: %uz w:%z:%uz",
+ limit, ctx->send_window, ctx->connection->send_window);
+
+#endif
+
+ rc = ngx_chain_writer(&r->upstream->writer, out);
+
+ ngx_chain_update_chains(r->pool, &ctx->free, &ctx->busy, &out,
+ (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter);
+
+ for (cl = ctx->free; cl; cl = cl->next) {
+
+ /* mark original buffers as sent */
+
+ if (cl->buf->shadow) {
+ if (cl->buf->last_shadow) {
+ b = cl->buf->shadow;
+ b->pos = b->last;
+ }
+
+ cl->buf->shadow = NULL;
+ }
+ }
+
+ if (rc == NGX_OK && ctx->in) {
+ rc = NGX_AGAIN;
+ }
+
+ if (rc == NGX_AGAIN) {
+ ctx->output_blocked = 1;
+
+ } else {
+ ctx->output_blocked = 0;
+ }
+
+ if (ctx->done) {
+
+ /*
+ * We have already got the response and were sending some additional
+ * control frames. Even if there is still something unsent, stop
+ * here anyway.
+ */
+
+ u = r->upstream;
+ u->length = 0;
+
+ if (ctx->in == NULL
+ && ctx->out == NULL
+ && ctx->output_closed
+ && !ctx->output_blocked
+ && ctx->state == ngx_http_grpc_st_start)
+ {
+ u->keepalive = 1;
+ }
+
+ ngx_post_event(u->peer.connection->read, &ngx_posted_events);
+ }
+
+ return rc;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_process_header(ngx_http_request_t *r)
+{
+ ngx_str_t *status_line;
+ ngx_int_t rc, status;
+ ngx_buf_t *b;
+ ngx_table_elt_t *h;
+ ngx_http_upstream_t *u;
+ ngx_http_grpc_ctx_t *ctx;
+ ngx_http_upstream_header_t *hh;
+ ngx_http_upstream_main_conf_t *umcf;
+
+ u = r->upstream;
+ b = &u->buffer;
+
+#if (NGX_DEBUG)
+ if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
+ u_char buf[512];
+ size_t n, m;
+
+ n = ngx_min(b->last - b->pos, 256);
+ m = ngx_hex_dump(buf, b->pos, n) - buf;
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc response: %*s%s, len: %uz",
+ m, buf, b->last - b->pos > 256 ? "..." : "",
+ b->last - b->pos);
+ }
+#endif
+
+ ctx = ngx_http_grpc_get_ctx(r);
+
+ if (ctx == NULL) {
+ return NGX_ERROR;
+ }
+
+ umcf = ngx_http_get_module_main_conf(r, ngx_http_upstream_module);
+
+ for ( ;; ) {
+
+ if (ctx->state < ngx_http_grpc_st_payload) {
+
+ rc = ngx_http_grpc_parse_frame(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+
+ /*
+ * there can be a lot of window update frames,
+ * so we reset buffer if it is empty and we haven't
+ * started parsing headers yet
+ */
+
+ if (!ctx->parsing_headers) {
+ b->pos = b->start;
+ b->last = b->pos;
+ }
+
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ /*
+ * RFC 7540 says that implementations MUST discard frames
+ * that have unknown or unsupported types. However, extension
+ * frames that appear in the middle of a header block are
+ * not permitted. Also, for obvious reasons CONTINUATION frames
+ * cannot appear before headers, and DATA frames are not expected
+ * to appear before all headers are parsed.
+ */
+
+ if (ctx->type == NGX_HTTP_V2_DATA_FRAME
+ || (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME
+ && !ctx->parsing_headers)
+ || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME
+ && ctx->parsing_headers))
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent unexpected http2 frame: %d",
+ ctx->type);
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (ctx->stream_id && ctx->stream_id != ctx->id) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent frame for unknown stream %ui",
+ ctx->stream_id);
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+ }
+
+ /* frame payload */
+
+ if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) {
+
+ rc = ngx_http_grpc_parse_rst_stream(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream rejected request with error %ui",
+ ctx->error);
+
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) {
+
+ rc = ngx_http_grpc_parse_goaway(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ /*
+ * If stream_id is lower than one we use, our
+ * request won't be processed and needs to be retried.
+ * If stream_id is greater or equal to the one we use,
+ * we can continue normally (except we can't use this
+ * connection for additional requests). If there is
+ * a real error, the connection will be closed.
+ */
+
+ if (ctx->stream_id < ctx->id) {
+
+ /* TODO: we can retry non-idempotent requests */
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent goaway with error %ui",
+ ctx->error);
+
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) {
+
+ rc = ngx_http_grpc_parse_window_update(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (ctx->in) {
+ ngx_post_event(u->peer.connection->write, &ngx_posted_events);
+ }
+
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) {
+
+ rc = ngx_http_grpc_parse_settings(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (ctx->in) {
+ ngx_post_event(u->peer.connection->write, &ngx_posted_events);
+ }
+
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_PING_FRAME) {
+
+ rc = ngx_http_grpc_parse_ping(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ ngx_post_event(u->peer.connection->write, &ngx_posted_events);
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent unexpected push promise frame");
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (ctx->type != NGX_HTTP_V2_HEADERS_FRAME
+ && ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME)
+ {
+ /* priority, unknown frames */
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ ctx->rest -= b->last - b->pos;
+ b->pos = b->last;
+ return NGX_AGAIN;
+ }
+
+ b->pos += ctx->rest;
+ ctx->rest = 0;
+ ctx->state = ngx_http_grpc_st_start;
+
+ continue;
+ }
+
+ /* headers */
+
+ for ( ;; ) {
+
+ rc = ngx_http_grpc_parse_header(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ break;
+ }
+
+ if (rc == NGX_OK) {
+
+ /* a header line has been parsed successfully */
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header: \"%V: %V\"",
+ &ctx->name, &ctx->value);
+
+ if (ctx->name.len && ctx->name.data[0] == ':') {
+
+ if (ctx->name.len != sizeof(":status") - 1
+ || ngx_strncmp(ctx->name.data, ":status",
+ sizeof(":status") - 1)
+ != 0)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid header \"%V: %V\"",
+ &ctx->name, &ctx->value);
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (ctx->status) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent duplicate :status header");
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ status_line = &ctx->value;
+
+ if (status_line->len != 3) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid :status \"%V\"",
+ status_line);
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ status = ngx_atoi(status_line->data, 3);
+
+ if (status == NGX_ERROR) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid :status \"%V\"",
+ status_line);
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ if (status < NGX_HTTP_OK) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent unexpected :status \"%V\"",
+ status_line);
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ u->headers_in.status_n = status;
+
+ if (u->state && u->state->status == 0) {
+ u->state->status = status;
+ }
+
+ ctx->status = 1;
+
+ continue;
+
+ } else if (!ctx->status) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent no :status header");
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ h = ngx_list_push(&u->headers_in.headers);
+ if (h == NULL) {
+ return NGX_ERROR;
+ }
+
+ h->key = ctx->name;
+ h->value = ctx->value;
+ h->lowcase_key = h->key.data;
+ h->hash = ngx_hash_key(h->key.data, h->key.len);
+
+ hh = ngx_hash_find(&umcf->headers_in_hash, h->hash,
+ h->lowcase_key, h->key.len);
+
+ if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
+ return NGX_ERROR;
+ }
+
+ continue;
+ }
+
+ if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
+
+ /* a whole header has been parsed successfully */
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header done");
+
+ if (ctx->end_stream) {
+ u->headers_in.content_length_n = 0;
+
+ if (ctx->in == NULL
+ && ctx->out == NULL
+ && ctx->output_closed
+ && !ctx->output_blocked
+ && b->last == b->pos)
+ {
+ u->keepalive = 1;
+ }
+ }
+
+ return NGX_OK;
+ }
+
+ /* there was error while a header line parsing */
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid header");
+
+ return NGX_HTTP_UPSTREAM_INVALID_HEADER;
+ }
+
+ /* rc == NGX_AGAIN */
+
+ if (ctx->rest == 0) {
+ ctx->state = ngx_http_grpc_st_start;
+ continue;
+ }
+
+ return NGX_AGAIN;
+ }
+}
+
+
+static ngx_int_t
+ngx_http_grpc_filter_init(void *data)
+{
+ ngx_http_grpc_ctx_t *ctx = data;
+
+ ngx_http_request_t *r;
+ ngx_http_upstream_t *u;
+
+ r = ctx->request;
+ u = r->upstream;
+
+ u->length = 1;
+
+ if (ctx->end_stream) {
+ u->length = 0;
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_filter(void *data, ssize_t bytes)
+{
+ ngx_http_grpc_ctx_t *ctx = data;
+
+ ngx_int_t rc;
+ ngx_buf_t *b, *buf;
+ ngx_chain_t *cl, **ll;
+ ngx_table_elt_t *h;
+ ngx_http_request_t *r;
+ ngx_http_upstream_t *u;
+
+ r = ctx->request;
+ u = r->upstream;
+ b = &u->buffer;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc filter bytes:%z", bytes);
+
+ b->pos = b->last;
+ b->last += bytes;
+
+ for (cl = u->out_bufs, ll = &u->out_bufs; cl; cl = cl->next) {
+ ll = &cl->next;
+ }
+
+ for ( ;; ) {
+
+ if (ctx->state < ngx_http_grpc_st_payload) {
+
+ rc = ngx_http_grpc_parse_frame(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+
+ if (ctx->done) {
+
+ /*
+ * We have finished parsing the response and the
+ * remaining control frames. If there are unsent
+ * control frames, post a write event to send them.
+ */
+
+ if (ctx->out) {
+ ngx_post_event(u->peer.connection->write,
+ &ngx_posted_events);
+ return NGX_AGAIN;
+ }
+
+ u->length = 0;
+
+ if (ctx->in == NULL
+ && ctx->output_closed
+ && !ctx->output_blocked
+ && ctx->state == ngx_http_grpc_st_start)
+ {
+ u->keepalive = 1;
+ }
+
+ break;
+ }
+
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ if ((ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME
+ && !ctx->parsing_headers)
+ || (ctx->type != NGX_HTTP_V2_CONTINUATION_FRAME
+ && ctx->parsing_headers))
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent unexpected http2 frame: %d",
+ ctx->type);
+ return NGX_ERROR;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_DATA_FRAME) {
+
+ if (ctx->stream_id != ctx->id) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent data frame "
+ "for unknown stream %ui",
+ ctx->stream_id);
+ return NGX_ERROR;
+ }
+
+ if (ctx->rest > ctx->recv_window) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream violated stream flow control, "
+ "received %uz data frame with window %uz",
+ ctx->rest, ctx->recv_window);
+ return NGX_ERROR;
+ }
+
+ if (ctx->rest > ctx->connection->recv_window) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream violated connection flow control, "
+ "received %uz data frame with window %uz",
+ ctx->rest, ctx->connection->recv_window);
+ return NGX_ERROR;
+ }
+
+ ctx->recv_window -= ctx->rest;
+ ctx->connection->recv_window -= ctx->rest;
+
+ if (ctx->connection->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4
+ || ctx->recv_window < NGX_HTTP_V2_MAX_WINDOW / 4)
+ {
+ if (ngx_http_grpc_send_window_update(r, ctx) != NGX_OK) {
+ return NGX_ERROR;
+ }
+
+ ngx_post_event(u->peer.connection->write,
+ &ngx_posted_events);
+ }
+ }
+
+ if (ctx->stream_id && ctx->stream_id != ctx->id) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent frame for unknown stream %ui",
+ ctx->stream_id);
+ return NGX_ERROR;
+ }
+
+ if (ctx->stream_id && ctx->done) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent frame for closed stream %ui",
+ ctx->stream_id);
+ return NGX_ERROR;
+ }
+
+ ctx->padding = 0;
+ }
+
+ if (ctx->state == ngx_http_grpc_st_padding) {
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ ctx->rest -= b->last - b->pos;
+ b->pos = b->last;
+ return NGX_AGAIN;
+ }
+
+ b->pos += ctx->rest;
+ ctx->rest = 0;
+ ctx->state = ngx_http_grpc_st_start;
+
+ if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) {
+ ctx->done = 1;
+ }
+
+ continue;
+ }
+
+ /* frame payload */
+
+ if (ctx->type == NGX_HTTP_V2_RST_STREAM_FRAME) {
+
+ rc = ngx_http_grpc_parse_rst_stream(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream rejected request with error %ui",
+ ctx->error);
+
+ return NGX_ERROR;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_GOAWAY_FRAME) {
+
+ rc = ngx_http_grpc_parse_goaway(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ /*
+ * If stream_id is lower than one we use, our
+ * request won't be processed and needs to be retried.
+ * If stream_id is greater or equal to the one we use,
+ * we can continue normally (except we can't use this
+ * connection for additional requests). If there is
+ * a real error, the connection will be closed.
+ */
+
+ if (ctx->stream_id < ctx->id) {
+
+ /* TODO: we can retry non-idempotent requests */
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent goaway with error %ui",
+ ctx->error);
+
+ return NGX_ERROR;
+ }
+
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_WINDOW_UPDATE_FRAME) {
+
+ rc = ngx_http_grpc_parse_window_update(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ if (ctx->in) {
+ ngx_post_event(u->peer.connection->write, &ngx_posted_events);
+ }
+
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_SETTINGS_FRAME) {
+
+ rc = ngx_http_grpc_parse_settings(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ if (ctx->in) {
+ ngx_post_event(u->peer.connection->write, &ngx_posted_events);
+ }
+
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_PING_FRAME) {
+
+ rc = ngx_http_grpc_parse_ping(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ ngx_post_event(u->peer.connection->write, &ngx_posted_events);
+ continue;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent unexpected push promise frame");
+ return NGX_ERROR;
+ }
+
+ if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME
+ || ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME)
+ {
+ for ( ;; ) {
+
+ rc = ngx_http_grpc_parse_header(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ break;
+ }
+
+ if (rc == NGX_OK) {
+
+ /* a header line has been parsed successfully */
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc trailer: \"%V: %V\"",
+ &ctx->name, &ctx->value);
+
+ if (ctx->name.len && ctx->name.data[0] == ':') {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid "
+ "trailer \"%V: %V\"",
+ &ctx->name, &ctx->value);
+ return NGX_ERROR;
+ }
+
+ h = ngx_list_push(&u->headers_in.trailers);
+ if (h == NULL) {
+ return NGX_ERROR;
+ }
+
+ h->key = ctx->name;
+ h->value = ctx->value;
+ h->lowcase_key = h->key.data;
+ h->hash = ngx_hash_key(h->key.data, h->key.len);
+
+ continue;
+ }
+
+ if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
+
+ /* a whole header has been parsed successfully */
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc trailer done");
+
+ if (ctx->end_stream) {
+ ctx->done = 1;
+ break;
+ }
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent trailer without "
+ "end stream flag");
+ return NGX_ERROR;
+ }
+
+ /* there was error while a header line parsing */
+
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid trailer");
+
+ return NGX_ERROR;
+ }
+
+ if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
+ continue;
+ }
+
+ /* rc == NGX_AGAIN */
+
+ if (ctx->rest == 0) {
+ ctx->state = ngx_http_grpc_st_start;
+ continue;
+ }
+
+ return NGX_AGAIN;
+ }
+
+ if (ctx->type != NGX_HTTP_V2_DATA_FRAME) {
+
+ /* priority, unknown frames */
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ ctx->rest -= b->last - b->pos;
+ b->pos = b->last;
+ return NGX_AGAIN;
+ }
+
+ b->pos += ctx->rest;
+ ctx->rest = 0;
+ ctx->state = ngx_http_grpc_st_start;
+
+ continue;
+ }
+
+ /*
+ * data frame:
+ *
+ * +---------------+
+ * |Pad Length? (8)|
+ * +---------------+-----------------------------------------------+
+ * | Data (*) ...
+ * +---------------------------------------------------------------+
+ * | Padding (*) ...
+ * +---------------------------------------------------------------+
+ */
+
+ if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) {
+
+ if (ctx->rest == 0) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too short http2 frame");
+ return NGX_ERROR;
+ }
+
+ if (b->pos == b->last) {
+ return NGX_AGAIN;
+ }
+
+ ctx->flags &= ~NGX_HTTP_V2_PADDED_FLAG;
+ ctx->padding = *b->pos++;
+ ctx->rest -= 1;
+
+ if (ctx->padding > ctx->rest) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent http2 frame with too long "
+ "padding: %d in frame %uz",
+ ctx->padding, ctx->rest);
+ return NGX_ERROR;
+ }
+
+ continue;
+ }
+
+ if (ctx->rest == ctx->padding) {
+ goto done;
+ }
+
+ if (b->pos == b->last) {
+ return NGX_AGAIN;
+ }
+
+ cl = ngx_chain_get_free_buf(r->pool, &u->free_bufs);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ *ll = cl;
+ ll = &cl->next;
+
+ buf = cl->buf;
+
+ buf->flush = 1;
+ buf->memory = 1;
+
+ buf->pos = b->pos;
+ buf->tag = u->output.tag;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc output buf %p", buf->pos);
+
+ if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) {
+
+ ctx->rest -= b->last - b->pos;
+ b->pos = b->last;
+ buf->last = b->pos;
+
+ return NGX_AGAIN;
+ }
+
+ b->pos += ctx->rest - ctx->padding;
+ buf->last = b->pos;
+ ctx->rest = ctx->padding;
+
+ done:
+
+ if (ctx->padding) {
+ ctx->state = ngx_http_grpc_st_padding;
+ continue;
+ }
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) {
+ ctx->done = 1;
+ }
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_frame(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_buf_t *b)
+{
+ u_char ch, *p;
+ ngx_http_grpc_state_e state;
+
+ state = ctx->state;
+
+ for (p = b->pos; p < b->last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc frame byte: %02Xd, s:%d", ch, state);
+#endif
+
+ switch (state) {
+
+ case ngx_http_grpc_st_start:
+ ctx->rest = ch << 16;
+ state = ngx_http_grpc_st_length_2;
+ break;
+
+ case ngx_http_grpc_st_length_2:
+ ctx->rest |= ch << 8;
+ state = ngx_http_grpc_st_length_3;
+ break;
+
+ case ngx_http_grpc_st_length_3:
+ ctx->rest |= ch;
+
+ if (ctx->rest > NGX_HTTP_V2_DEFAULT_FRAME_SIZE) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too large http2 frame: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+
+ state = ngx_http_grpc_st_type;
+ break;
+
+ case ngx_http_grpc_st_type:
+ ctx->type = ch;
+ state = ngx_http_grpc_st_flags;
+ break;
+
+ case ngx_http_grpc_st_flags:
+ ctx->flags = ch;
+ state = ngx_http_grpc_st_stream_id;
+ break;
+
+ case ngx_http_grpc_st_stream_id:
+ ctx->stream_id = (ch & 0x7f) << 24;
+ state = ngx_http_grpc_st_stream_id_2;
+ break;
+
+ case ngx_http_grpc_st_stream_id_2:
+ ctx->stream_id |= ch << 16;
+ state = ngx_http_grpc_st_stream_id_3;
+ break;
+
+ case ngx_http_grpc_st_stream_id_3:
+ ctx->stream_id |= ch << 8;
+ state = ngx_http_grpc_st_stream_id_4;
+ break;
+
+ case ngx_http_grpc_st_stream_id_4:
+ ctx->stream_id |= ch;
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc frame: %d, len: %uz, f:%d, i:%ui",
+ ctx->type, ctx->rest, ctx->flags, ctx->stream_id);
+
+ b->pos = p + 1;
+
+ ctx->state = ngx_http_grpc_st_payload;
+ ctx->frame_state = 0;
+
+ return NGX_OK;
+
+ /* suppress warning */
+ case ngx_http_grpc_st_payload:
+ case ngx_http_grpc_st_padding:
+ break;
+ }
+ }
+
+ b->pos = p;
+ ctx->state = state;
+
+ return NGX_AGAIN;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_header(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ size_t min;
+ ngx_int_t rc;
+ enum {
+ sw_start = 0,
+ sw_padding_length,
+ sw_dependency,
+ sw_dependency_2,
+ sw_dependency_3,
+ sw_dependency_4,
+ sw_weight,
+ sw_fragment,
+ sw_padding
+ } state;
+
+ state = ctx->frame_state;
+
+ if (state == sw_start) {
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc parse header: start");
+
+ if (ctx->type == NGX_HTTP_V2_HEADERS_FRAME) {
+ ctx->parsing_headers = 1;
+ ctx->fragment_state = 0;
+
+ min = (ctx->flags & NGX_HTTP_V2_PADDED_FLAG ? 1 : 0)
+ + (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG ? 5 : 0);
+
+ if (ctx->rest < min) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent headers frame "
+ "with invalid length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+
+ if (ctx->flags & NGX_HTTP_V2_END_STREAM_FLAG) {
+ ctx->end_stream = 1;
+ }
+
+ if (ctx->flags & NGX_HTTP_V2_PADDED_FLAG) {
+ state = sw_padding_length;
+
+ } else if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) {
+ state = sw_dependency;
+
+ } else {
+ state = sw_fragment;
+ }
+
+ } else if (ctx->type == NGX_HTTP_V2_CONTINUATION_FRAME) {
+ state = sw_fragment;
+ }
+
+ ctx->padding = 0;
+ ctx->frame_state = state;
+ }
+
+ if (state < sw_fragment) {
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest;
+ }
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header byte: %02Xd s:%d", ch, state);
+#endif
+
+ /*
+ * headers frame:
+ *
+ * +---------------+
+ * |Pad Length? (8)|
+ * +-+-------------+----------------------------------------------+
+ * |E| Stream Dependency? (31) |
+ * +-+-------------+----------------------------------------------+
+ * | Weight? (8) |
+ * +-+-------------+----------------------------------------------+
+ * | Header Block Fragment (*) ...
+ * +--------------------------------------------------------------+
+ * | Padding (*) ...
+ * +--------------------------------------------------------------+
+ */
+
+ switch (state) {
+
+ case sw_padding_length:
+
+ ctx->padding = ch;
+
+ if (ctx->flags & NGX_HTTP_V2_PRIORITY_FLAG) {
+ state = sw_dependency;
+ break;
+ }
+
+ goto fragment;
+
+ case sw_dependency:
+ state = sw_dependency_2;
+ break;
+
+ case sw_dependency_2:
+ state = sw_dependency_3;
+ break;
+
+ case sw_dependency_3:
+ state = sw_dependency_4;
+ break;
+
+ case sw_dependency_4:
+ state = sw_weight;
+ break;
+
+ case sw_weight:
+ goto fragment;
+
+ /* suppress warning */
+ case sw_start:
+ case sw_fragment:
+ case sw_padding:
+ break;
+ }
+ }
+
+ ctx->rest -= p - b->pos;
+ b->pos = p;
+
+ ctx->frame_state = state;
+ return NGX_AGAIN;
+
+ fragment:
+
+ p++;
+ ctx->rest -= p - b->pos;
+ b->pos = p;
+
+ if (ctx->padding > ctx->rest) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent http2 frame with too long "
+ "padding: %d in frame %uz",
+ ctx->padding, ctx->rest);
+ return NGX_ERROR;
+ }
+
+ state = sw_fragment;
+ ctx->frame_state = state;
+ }
+
+ if (state == sw_fragment) {
+
+ rc = ngx_http_grpc_parse_fragment(r, ctx, b);
+
+ if (rc == NGX_AGAIN) {
+ return NGX_AGAIN;
+ }
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ if (rc == NGX_OK) {
+ return NGX_OK;
+ }
+
+ /* rc == NGX_DONE */
+
+ state = sw_padding;
+ ctx->frame_state = state;
+ }
+
+ if (state == sw_padding) {
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+
+ ctx->rest -= b->last - b->pos;
+ b->pos = b->last;
+
+ return NGX_AGAIN;
+ }
+
+ b->pos += ctx->rest;
+ ctx->rest = 0;
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ if (ctx->flags & NGX_HTTP_V2_END_HEADERS_FLAG) {
+
+ if (ctx->fragment_state) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent truncated http2 header");
+ return NGX_ERROR;
+ }
+
+ ctx->parsing_headers = 0;
+
+ return NGX_HTTP_PARSE_HEADER_DONE;
+ }
+
+ return NGX_AGAIN;
+ }
+
+ /* unreachable */
+
+ return NGX_ERROR;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_fragment(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ size_t size;
+ ngx_uint_t index, size_update;
+ enum {
+ sw_start = 0,
+ sw_index,
+ sw_name_length,
+ sw_name_length_2,
+ sw_name_length_3,
+ sw_name_length_4,
+ sw_name,
+ sw_name_bytes,
+ sw_value_length,
+ sw_value_length_2,
+ sw_value_length_3,
+ sw_value_length_4,
+ sw_value,
+ sw_value_bytes
+ } state;
+
+ /* header block fragment */
+
+#if 0
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header fragment %p:%p rest:%uz",
+ b->pos, b->last, ctx->rest);
+#endif
+
+ if (b->last - b->pos < (ssize_t) ctx->rest - ctx->padding) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest - ctx->padding;
+ }
+
+ state = ctx->fragment_state;
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header byte: %02Xd s:%d", ch, state);
+#endif
+
+ switch (state) {
+
+ case sw_start:
+ ctx->index = 0;
+
+ if ((ch & 0x80) == 0x80) {
+ /*
+ * indexed header:
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 1 | Index (7+) |
+ * +---+---------------------------+
+ */
+
+ index = ch & ~0x80;
+
+ if (index == 0 || index > 61) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid http2 "
+ "table index: %ui", index);
+ return NGX_ERROR;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc indexed header: %ui", index);
+
+ ctx->index = index;
+ ctx->literal = 0;
+
+ goto done;
+
+ } else if ((ch & 0xc0) == 0x40) {
+ /*
+ * literal header with incremental indexing:
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 1 | Index (6+) |
+ * +---+---+-----------------------+
+ * | H | Value Length (7+) |
+ * +---+---------------------------+
+ * | Value String (Length octets) |
+ * +-------------------------------+
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 1 | 0 |
+ * +---+---+-----------------------+
+ * | H | Name Length (7+) |
+ * +---+---------------------------+
+ * | Name String (Length octets) |
+ * +---+---------------------------+
+ * | H | Value Length (7+) |
+ * +---+---------------------------+
+ * | Value String (Length octets) |
+ * +-------------------------------+
+ */
+
+ index = ch & ~0xc0;
+
+ if (index > 61) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid http2 "
+ "table index: %ui", index);
+ return NGX_ERROR;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc literal header: %ui", index);
+
+ if (index == 0) {
+ state = sw_name_length;
+ break;
+ }
+
+ ctx->index = index;
+ ctx->literal = 1;
+
+ state = sw_value_length;
+ break;
+
+ } else if ((ch & 0xe0) == 0x20) {
+ /*
+ * dynamic table size update:
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 0 | 1 | Max size (5+) |
+ * +---+---------------------------+
+ */
+
+ size_update = ch & ~0xe0;
+
+ if (size_update > 0) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid http2 "
+ "dynamic table size update: %ui",
+ size_update);
+ return NGX_ERROR;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc table size update: %ui", size_update);
+
+ break;
+
+ } else if ((ch & 0xf0) == 0x10) {
+ /*
+ * literal header field never indexed:
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 0 | 0 | 1 | Index (4+) |
+ * +---+---+-----------------------+
+ * | H | Value Length (7+) |
+ * +---+---------------------------+
+ * | Value String (Length octets) |
+ * +-------------------------------+
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 0 | 0 | 1 | 0 |
+ * +---+---+-----------------------+
+ * | H | Name Length (7+) |
+ * +---+---------------------------+
+ * | Name String (Length octets) |
+ * +---+---------------------------+
+ * | H | Value Length (7+) |
+ * +---+---------------------------+
+ * | Value String (Length octets) |
+ * +-------------------------------+
+ */
+
+ index = ch & ~0xf0;
+
+ if (index == 0x0f) {
+ ctx->index = index;
+ ctx->literal = 1;
+ state = sw_index;
+ break;
+ }
+
+ if (index == 0) {
+ state = sw_name_length;
+ break;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc literal header never indexed: %ui",
+ index);
+
+ ctx->index = index;
+ ctx->literal = 1;
+
+ state = sw_value_length;
+ break;
+
+ } else if ((ch & 0xf0) == 0x00) {
+ /*
+ * literal header field without indexing:
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 0 | 0 | 0 | Index (4+) |
+ * +---+---+-----------------------+
+ * | H | Value Length (7+) |
+ * +---+---------------------------+
+ * | Value String (Length octets) |
+ * +-------------------------------+
+ *
+ * 0 1 2 3 4 5 6 7
+ * +---+---+---+---+---+---+---+---+
+ * | 0 | 0 | 0 | 0 | 0 |
+ * +---+---+-----------------------+
+ * | H | Name Length (7+) |
+ * +---+---------------------------+
+ * | Name String (Length octets) |
+ * +---+---------------------------+
+ * | H | Value Length (7+) |
+ * +---+---------------------------+
+ * | Value String (Length octets) |
+ * +-------------------------------+
+ */
+
+ index = ch & ~0xf0;
+
+ if (index == 0x0f) {
+ ctx->index = index;
+ ctx->literal = 1;
+ state = sw_index;
+ break;
+ }
+
+ if (index == 0) {
+ state = sw_name_length;
+ break;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc literal header without indexing: %ui",
+ index);
+
+ ctx->index = index;
+ ctx->literal = 1;
+
+ state = sw_value_length;
+ break;
+ }
+
+ /* not reached */
+
+ return NGX_ERROR;
+
+ case sw_index:
+ ctx->index = ctx->index + (ch & ~0x80);
+
+ if (ch & 0x80) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent http2 table index "
+ "with continuation flag");
+ return NGX_ERROR;
+ }
+
+ if (ctx->index > 61) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid http2 "
+ "table index: %ui", ctx->index);
+ return NGX_ERROR;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc header index: %ui", ctx->index);
+
+ state = sw_value_length;
+ break;
+
+ case sw_name_length:
+ ctx->field_huffman = ch & 0x80 ? 1 : 0;
+ ctx->field_length = ch & ~0x80;
+
+ if (ctx->field_length == 0x7f) {
+ state = sw_name_length_2;
+ break;
+ }
+
+ if (ctx->field_length == 0) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent zero http2 "
+ "header name length");
+ return NGX_ERROR;
+ }
+
+ state = sw_name;
+ break;
+
+ case sw_name_length_2:
+ ctx->field_length += ch & ~0x80;
+
+ if (ch & 0x80) {
+ state = sw_name_length_3;
+ break;
+ }
+
+ state = sw_name;
+ break;
+
+ case sw_name_length_3:
+ ctx->field_length += (ch & ~0x80) << 7;
+
+ if (ch & 0x80) {
+ state = sw_name_length_4;
+ break;
+ }
+
+ state = sw_name;
+ break;
+
+ case sw_name_length_4:
+ ctx->field_length += (ch & ~0x80) << 14;
+
+ if (ch & 0x80) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too large http2 "
+ "header name length");
+ return NGX_ERROR;
+ }
+
+ state = sw_name;
+ break;
+
+ case sw_name:
+ ctx->name.len = ctx->field_huffman ?
+ ctx->field_length * 8 / 5 : ctx->field_length;
+
+ ctx->name.data = ngx_pnalloc(r->pool, ctx->name.len + 1);
+ if (ctx->name.data == NULL) {
+ return NGX_ERROR;
+ }
+
+ ctx->field_end = ctx->name.data;
+ ctx->field_rest = ctx->field_length;
+ ctx->field_state = 0;
+
+ state = sw_name_bytes;
+
+ /* fall through */
+
+ case sw_name_bytes:
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc name: len:%uz h:%d last:%uz, rest:%uz",
+ ctx->field_length,
+ ctx->field_huffman,
+ last - p,
+ ctx->rest - (p - b->pos));
+
+ size = ngx_min(last - p, (ssize_t) ctx->field_rest);
+ ctx->field_rest -= size;
+
+ if (ctx->field_huffman) {
+ if (ngx_http_v2_huff_decode(&ctx->field_state, p, size,
+ &ctx->field_end,
+ ctx->field_rest == 0,
+ r->connection->log)
+ != NGX_OK)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid encoded header");
+ return NGX_ERROR;
+ }
+
+ ctx->name.len = ctx->field_end - ctx->name.data;
+ ctx->name.data[ctx->name.len] = '\0';
+
+ } else {
+ ctx->field_end = ngx_cpymem(ctx->field_end, p, size);
+ ctx->name.data[ctx->name.len] = '\0';
+ }
+
+ p += size - 1;
+
+ if (ctx->field_rest == 0) {
+ state = sw_value_length;
+ }
+
+ break;
+
+ case sw_value_length:
+ ctx->field_huffman = ch & 0x80 ? 1 : 0;
+ ctx->field_length = ch & ~0x80;
+
+ if (ctx->field_length == 0x7f) {
+ state = sw_value_length_2;
+ break;
+ }
+
+ if (ctx->field_length == 0) {
+ ngx_str_set(&ctx->value, "");
+ goto done;
+ }
+
+ state = sw_value;
+ break;
+
+ case sw_value_length_2:
+ ctx->field_length += ch & ~0x80;
+
+ if (ch & 0x80) {
+ state = sw_value_length_3;
+ break;
+ }
+
+ state = sw_value;
+ break;
+
+ case sw_value_length_3:
+ ctx->field_length += (ch & ~0x80) << 7;
+
+ if (ch & 0x80) {
+ state = sw_value_length_4;
+ break;
+ }
+
+ state = sw_value;
+ break;
+
+ case sw_value_length_4:
+ ctx->field_length += (ch & ~0x80) << 14;
+
+ if (ch & 0x80) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too large http2 "
+ "header value length");
+ return NGX_ERROR;
+ }
+
+ state = sw_value;
+ break;
+
+ case sw_value:
+ ctx->value.len = ctx->field_huffman ?
+ ctx->field_length * 8 / 5 : ctx->field_length;
+
+ ctx->value.data = ngx_pnalloc(r->pool, ctx->value.len + 1);
+ if (ctx->value.data == NULL) {
+ return NGX_ERROR;
+ }
+
+ ctx->field_end = ctx->value.data;
+ ctx->field_rest = ctx->field_length;
+ ctx->field_state = 0;
+
+ state = sw_value_bytes;
+
+ /* fall through */
+
+ case sw_value_bytes:
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc value: len:%uz h:%d last:%uz, rest:%uz",
+ ctx->field_length,
+ ctx->field_huffman,
+ last - p,
+ ctx->rest - (p - b->pos));
+
+ size = ngx_min(last - p, (ssize_t) ctx->field_rest);
+ ctx->field_rest -= size;
+
+ if (ctx->field_huffman) {
+ if (ngx_http_v2_huff_decode(&ctx->field_state, p, size,
+ &ctx->field_end,
+ ctx->field_rest == 0,
+ r->connection->log)
+ != NGX_OK)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid encoded header");
+ return NGX_ERROR;
+ }
+
+ ctx->value.len = ctx->field_end - ctx->value.data;
+ ctx->value.data[ctx->value.len] = '\0';
+
+ } else {
+ ctx->field_end = ngx_cpymem(ctx->field_end, p, size);
+ ctx->value.data[ctx->value.len] = '\0';
+ }
+
+ p += size - 1;
+
+ if (ctx->field_rest == 0) {
+ goto done;
+ }
+
+ break;
+ }
+
+ continue;
+
+ done:
+
+ p++;
+ ctx->rest -= p - b->pos;
+ ctx->fragment_state = sw_start;
+ b->pos = p;
+
+ if (ctx->index) {
+ ctx->name = *ngx_http_v2_get_static_name(ctx->index);
+ }
+
+ if (ctx->index && !ctx->literal) {
+ ctx->value = *ngx_http_v2_get_static_value(ctx->index);
+ }
+
+ if (!ctx->index) {
+ if (ngx_http_grpc_validate_header_name(r, &ctx->name) != NGX_OK) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid header: \"%V: %V\"",
+ &ctx->name, &ctx->value);
+ return NGX_ERROR;
+ }
+ }
+
+ if (!ctx->index || ctx->literal) {
+ if (ngx_http_grpc_validate_header_value(r, &ctx->value) != NGX_OK) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent invalid header: \"%V: %V\"",
+ &ctx->name, &ctx->value);
+ return NGX_ERROR;
+ }
+ }
+
+ return NGX_OK;
+ }
+
+ ctx->rest -= p - b->pos;
+ ctx->fragment_state = state;
+ b->pos = p;
+
+ if (ctx->rest > ctx->padding) {
+ return NGX_AGAIN;
+ }
+
+ return NGX_DONE;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_validate_header_name(ngx_http_request_t *r, ngx_str_t *s)
+{
+ u_char ch;
+ ngx_uint_t i;
+
+ for (i = 0; i < s->len; i++) {
+ ch = s->data[i];
+
+ if (ch == ':' && i > 0) {
+ return NGX_ERROR;
+ }
+
+ if (ch >= 'A' && ch <= 'Z') {
+ return NGX_ERROR;
+ }
+
+ if (ch == '\0' || ch == CR || ch == LF) {
+ return NGX_ERROR;
+ }
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_validate_header_value(ngx_http_request_t *r, ngx_str_t *s)
+{
+ u_char ch;
+ ngx_uint_t i;
+
+ for (i = 0; i < s->len; i++) {
+ ch = s->data[i];
+
+ if (ch == '\0' || ch == CR || ch == LF) {
+ return NGX_ERROR;
+ }
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_rst_stream(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ enum {
+ sw_start = 0,
+ sw_error_2,
+ sw_error_3,
+ sw_error_4
+ } state;
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest;
+ }
+
+ state = ctx->frame_state;
+
+ if (state == sw_start) {
+ if (ctx->rest != 4) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent rst stream frame "
+ "with invalid length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+ }
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc rst byte: %02Xd s:%d", ch, state);
+#endif
+
+ switch (state) {
+
+ case sw_start:
+ ctx->error = (ngx_uint_t) ch << 24;
+ state = sw_error_2;
+ break;
+
+ case sw_error_2:
+ ctx->error |= ch << 16;
+ state = sw_error_3;
+ break;
+
+ case sw_error_3:
+ ctx->error |= ch << 8;
+ state = sw_error_4;
+ break;
+
+ case sw_error_4:
+ ctx->error |= ch;
+ state = sw_start;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc error: %ui", ctx->error);
+
+ break;
+ }
+ }
+
+ ctx->rest -= p - b->pos;
+ ctx->frame_state = state;
+ b->pos = p;
+
+ if (ctx->rest > 0) {
+ return NGX_AGAIN;
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_goaway(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ enum {
+ sw_start = 0,
+ sw_last_stream_id_2,
+ sw_last_stream_id_3,
+ sw_last_stream_id_4,
+ sw_error,
+ sw_error_2,
+ sw_error_3,
+ sw_error_4,
+ sw_debug
+ } state;
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest;
+ }
+
+ state = ctx->frame_state;
+
+ if (state == sw_start) {
+
+ if (ctx->stream_id) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent goaway frame "
+ "with non-zero stream id: %ui",
+ ctx->stream_id);
+ return NGX_ERROR;
+ }
+
+ if (ctx->rest < 8) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent goaway frame "
+ "with invalid length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+ }
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc goaway byte: %02Xd s:%d", ch, state);
+#endif
+
+ switch (state) {
+
+ case sw_start:
+ ctx->stream_id = (ch & 0x7f) << 24;
+ state = sw_last_stream_id_2;
+ break;
+
+ case sw_last_stream_id_2:
+ ctx->stream_id |= ch << 16;
+ state = sw_last_stream_id_3;
+ break;
+
+ case sw_last_stream_id_3:
+ ctx->stream_id |= ch << 8;
+ state = sw_last_stream_id_4;
+ break;
+
+ case sw_last_stream_id_4:
+ ctx->stream_id |= ch;
+ state = sw_error;
+ break;
+
+ case sw_error:
+ ctx->error = (ngx_uint_t) ch << 24;
+ state = sw_error_2;
+ break;
+
+ case sw_error_2:
+ ctx->error |= ch << 16;
+ state = sw_error_3;
+ break;
+
+ case sw_error_3:
+ ctx->error |= ch << 8;
+ state = sw_error_4;
+ break;
+
+ case sw_error_4:
+ ctx->error |= ch;
+ state = sw_debug;
+ break;
+
+ case sw_debug:
+ break;
+ }
+ }
+
+ ctx->rest -= p - b->pos;
+ ctx->frame_state = state;
+ b->pos = p;
+
+ if (ctx->rest > 0) {
+ return NGX_AGAIN;
+ }
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc goaway: %ui, stream %ui",
+ ctx->error, ctx->stream_id);
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_window_update(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ enum {
+ sw_start = 0,
+ sw_size_2,
+ sw_size_3,
+ sw_size_4
+ } state;
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest;
+ }
+
+ state = ctx->frame_state;
+
+ if (state == sw_start) {
+ if (ctx->rest != 4) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent window update frame "
+ "with invalid length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+ }
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc window update byte: %02Xd s:%d", ch, state);
+#endif
+
+ switch (state) {
+
+ case sw_start:
+ ctx->window_update = (ch & 0x7f) << 24;
+ state = sw_size_2;
+ break;
+
+ case sw_size_2:
+ ctx->window_update |= ch << 16;
+ state = sw_size_3;
+ break;
+
+ case sw_size_3:
+ ctx->window_update |= ch << 8;
+ state = sw_size_4;
+ break;
+
+ case sw_size_4:
+ ctx->window_update |= ch;
+ state = sw_start;
+ break;
+ }
+ }
+
+ ctx->rest -= p - b->pos;
+ ctx->frame_state = state;
+ b->pos = p;
+
+ if (ctx->rest > 0) {
+ return NGX_AGAIN;
+ }
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc window update: %ui", ctx->window_update);
+
+ if (ctx->stream_id) {
+
+ if (ctx->window_update > (size_t) NGX_HTTP_V2_MAX_WINDOW
+ - ctx->send_window)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too large window update");
+ return NGX_ERROR;
+ }
+
+ ctx->send_window += ctx->window_update;
+
+ } else {
+
+ if (ctx->window_update > NGX_HTTP_V2_MAX_WINDOW
+ - ctx->connection->send_window)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too large window update");
+ return NGX_ERROR;
+ }
+
+ ctx->connection->send_window += ctx->window_update;
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_settings(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ ssize_t window_update;
+ enum {
+ sw_start = 0,
+ sw_id,
+ sw_id_2,
+ sw_value,
+ sw_value_2,
+ sw_value_3,
+ sw_value_4
+ } state;
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest;
+ }
+
+ state = ctx->frame_state;
+
+ if (state == sw_start) {
+
+ if (ctx->stream_id) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent settings frame "
+ "with non-zero stream id: %ui",
+ ctx->stream_id);
+ return NGX_ERROR;
+ }
+
+ if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) {
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc settings ack");
+
+ if (ctx->rest != 0) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent settings frame "
+ "with ack flag and non-zero length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ return NGX_OK;
+ }
+
+ if (ctx->rest % 6 != 0) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent settings frame "
+ "with invalid length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+
+ if (ctx->free == NULL && ctx->settings++ > 1000) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too many settings frames");
+ return NGX_ERROR;
+ }
+ }
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc settings byte: %02Xd s:%d", ch, state);
+#endif
+
+ switch (state) {
+
+ case sw_start:
+ case sw_id:
+ ctx->setting_id = ch << 8;
+ state = sw_id_2;
+ break;
+
+ case sw_id_2:
+ ctx->setting_id |= ch;
+ state = sw_value;
+ break;
+
+ case sw_value:
+ ctx->setting_value = (ngx_uint_t) ch << 24;
+ state = sw_value_2;
+ break;
+
+ case sw_value_2:
+ ctx->setting_value |= ch << 16;
+ state = sw_value_3;
+ break;
+
+ case sw_value_3:
+ ctx->setting_value |= ch << 8;
+ state = sw_value_4;
+ break;
+
+ case sw_value_4:
+ ctx->setting_value |= ch;
+ state = sw_id;
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc setting: %ui %ui",
+ ctx->setting_id, ctx->setting_value);
+
+ /*
+ * The following settings are defined by the protocol:
+ *
+ * SETTINGS_HEADER_TABLE_SIZE, SETTINGS_ENABLE_PUSH,
+ * SETTINGS_MAX_CONCURRENT_STREAMS, SETTINGS_INITIAL_WINDOW_SIZE,
+ * SETTINGS_MAX_FRAME_SIZE, SETTINGS_MAX_HEADER_LIST_SIZE
+ *
+ * Only SETTINGS_INITIAL_WINDOW_SIZE seems to be needed in
+ * a simple client.
+ */
+
+ if (ctx->setting_id == 0x04) {
+ /* SETTINGS_INITIAL_WINDOW_SIZE */
+
+ if (ctx->setting_value > NGX_HTTP_V2_MAX_WINDOW) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent settings frame "
+ "with too large initial window size: %ui",
+ ctx->setting_value);
+ return NGX_ERROR;
+ }
+
+ window_update = ctx->setting_value
+ - ctx->connection->init_window;
+ ctx->connection->init_window = ctx->setting_value;
+
+ if (ctx->send_window > 0
+ && window_update > (ssize_t) NGX_HTTP_V2_MAX_WINDOW
+ - ctx->send_window)
+ {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent settings frame "
+ "with too large initial window size: %ui",
+ ctx->setting_value);
+ return NGX_ERROR;
+ }
+
+ ctx->send_window += window_update;
+ }
+
+ break;
+ }
+ }
+
+ ctx->rest -= p - b->pos;
+ ctx->frame_state = state;
+ b->pos = p;
+
+ if (ctx->rest > 0) {
+ return NGX_AGAIN;
+ }
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ return ngx_http_grpc_send_settings_ack(r, ctx);
+}
+
+
+static ngx_int_t
+ngx_http_grpc_parse_ping(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_buf_t *b)
+{
+ u_char ch, *p, *last;
+ enum {
+ sw_start = 0,
+ sw_data_2,
+ sw_data_3,
+ sw_data_4,
+ sw_data_5,
+ sw_data_6,
+ sw_data_7,
+ sw_data_8
+ } state;
+
+ if (b->last - b->pos < (ssize_t) ctx->rest) {
+ last = b->last;
+
+ } else {
+ last = b->pos + ctx->rest;
+ }
+
+ state = ctx->frame_state;
+
+ if (state == sw_start) {
+
+ if (ctx->stream_id) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent ping frame "
+ "with non-zero stream id: %ui",
+ ctx->stream_id);
+ return NGX_ERROR;
+ }
+
+ if (ctx->rest != 8) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent ping frame "
+ "with invalid length: %uz",
+ ctx->rest);
+ return NGX_ERROR;
+ }
+
+ if (ctx->flags & NGX_HTTP_V2_ACK_FLAG) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent ping frame with ack flag");
+ return NGX_ERROR;
+ }
+
+ if (ctx->free == NULL && ctx->pings++ > 1000) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "upstream sent too many ping frames");
+ return NGX_ERROR;
+ }
+ }
+
+ for (p = b->pos; p < last; p++) {
+ ch = *p;
+
+#if 0
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc ping byte: %02Xd s:%d", ch, state);
+#endif
+
+ if (state < sw_data_8) {
+ ctx->ping_data[state] = ch;
+ state++;
+
+ } else {
+ ctx->ping_data[7] = ch;
+ state = sw_start;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc ping");
+ }
+ }
+
+ ctx->rest -= p - b->pos;
+ ctx->frame_state = state;
+ b->pos = p;
+
+ if (ctx->rest > 0) {
+ return NGX_AGAIN;
+ }
+
+ ctx->state = ngx_http_grpc_st_start;
+
+ return ngx_http_grpc_send_ping_ack(r, ctx);
+}
+
+
+static ngx_int_t
+ngx_http_grpc_send_settings_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx)
+{
+ ngx_chain_t *cl, **ll;
+ ngx_http_grpc_frame_t *f;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc send settings ack");
+
+ for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) {
+ ll = &cl->next;
+ }
+
+ cl = ngx_http_grpc_get_buf(r, ctx);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ f = (ngx_http_grpc_frame_t *) cl->buf->last;
+ cl->buf->last += sizeof(ngx_http_grpc_frame_t);
+
+ f->length_0 = 0;
+ f->length_1 = 0;
+ f->length_2 = 0;
+ f->type = NGX_HTTP_V2_SETTINGS_FRAME;
+ f->flags = NGX_HTTP_V2_ACK_FLAG;
+ f->stream_id_0 = 0;
+ f->stream_id_1 = 0;
+ f->stream_id_2 = 0;
+ f->stream_id_3 = 0;
+
+ *ll = cl;
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_send_ping_ack(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx)
+{
+ ngx_chain_t *cl, **ll;
+ ngx_http_grpc_frame_t *f;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc send ping ack");
+
+ for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) {
+ ll = &cl->next;
+ }
+
+ cl = ngx_http_grpc_get_buf(r, ctx);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ f = (ngx_http_grpc_frame_t *) cl->buf->last;
+ cl->buf->last += sizeof(ngx_http_grpc_frame_t);
+
+ f->length_0 = 0;
+ f->length_1 = 0;
+ f->length_2 = 8;
+ f->type = NGX_HTTP_V2_PING_FRAME;
+ f->flags = NGX_HTTP_V2_ACK_FLAG;
+ f->stream_id_0 = 0;
+ f->stream_id_1 = 0;
+ f->stream_id_2 = 0;
+ f->stream_id_3 = 0;
+
+ cl->buf->last = ngx_copy(cl->buf->last, ctx->ping_data, 8);
+
+ *ll = cl;
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_send_window_update(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx)
+{
+ size_t n;
+ ngx_chain_t *cl, **ll;
+ ngx_http_grpc_frame_t *f;
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "grpc send window update: %uz %uz",
+ ctx->connection->recv_window, ctx->recv_window);
+
+ for (cl = ctx->out, ll = &ctx->out; cl; cl = cl->next) {
+ ll = &cl->next;
+ }
+
+ cl = ngx_http_grpc_get_buf(r, ctx);
+ if (cl == NULL) {
+ return NGX_ERROR;
+ }
+
+ f = (ngx_http_grpc_frame_t *) cl->buf->last;
+ cl->buf->last += sizeof(ngx_http_grpc_frame_t);
+
+ f->length_0 = 0;
+ f->length_1 = 0;
+ f->length_2 = 4;
+ f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME;
+ f->flags = 0;
+ f->stream_id_0 = 0;
+ f->stream_id_1 = 0;
+ f->stream_id_2 = 0;
+ f->stream_id_3 = 0;
+
+ n = NGX_HTTP_V2_MAX_WINDOW - ctx->connection->recv_window;
+ ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW;
+
+ *cl->buf->last++ = (u_char) ((n >> 24) & 0xff);
+ *cl->buf->last++ = (u_char) ((n >> 16) & 0xff);
+ *cl->buf->last++ = (u_char) ((n >> 8) & 0xff);
+ *cl->buf->last++ = (u_char) (n & 0xff);
+
+ f = (ngx_http_grpc_frame_t *) cl->buf->last;
+ cl->buf->last += sizeof(ngx_http_grpc_frame_t);
+
+ f->length_0 = 0;
+ f->length_1 = 0;
+ f->length_2 = 4;
+ f->type = NGX_HTTP_V2_WINDOW_UPDATE_FRAME;
+ f->flags = 0;
+ f->stream_id_0 = (u_char) ((ctx->id >> 24) & 0xff);
+ f->stream_id_1 = (u_char) ((ctx->id >> 16) & 0xff);
+ f->stream_id_2 = (u_char) ((ctx->id >> 8) & 0xff);
+ f->stream_id_3 = (u_char) (ctx->id & 0xff);
+
+ n = NGX_HTTP_V2_MAX_WINDOW - ctx->recv_window;
+ ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW;
+
+ *cl->buf->last++ = (u_char) ((n >> 24) & 0xff);
+ *cl->buf->last++ = (u_char) ((n >> 16) & 0xff);
+ *cl->buf->last++ = (u_char) ((n >> 8) & 0xff);
+ *cl->buf->last++ = (u_char) (n & 0xff);
+
+ *ll = cl;
+
+ return NGX_OK;
+}
+
+
+static ngx_chain_t *
+ngx_http_grpc_get_buf(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx)
+{
+ u_char *start;
+ ngx_buf_t *b;
+ ngx_chain_t *cl;
+
+ cl = ngx_chain_get_free_buf(r->pool, &ctx->free);
+ if (cl == NULL) {
+ return NULL;
+ }
+
+ b = cl->buf;
+ start = b->start;
+
+ if (start == NULL) {
+
+ /*
+ * each buffer is large enough to hold two window update
+ * frames in a row
+ */
+
+ start = ngx_palloc(r->pool, 2 * sizeof(ngx_http_grpc_frame_t) + 8);
+ if (start == NULL) {
+ return NULL;
+ }
+
+ }
+
+ ngx_memzero(b, sizeof(ngx_buf_t));
+
+ b->start = start;
+ b->pos = start;
+ b->last = start;
+ b->end = start + 2 * sizeof(ngx_http_grpc_frame_t) + 8;
+
+ b->tag = (ngx_buf_tag_t) &ngx_http_grpc_body_output_filter;
+ b->temporary = 1;
+ b->flush = 1;
+
+ return cl;
+}
+
+
+static ngx_http_grpc_ctx_t *
+ngx_http_grpc_get_ctx(ngx_http_request_t *r)
+{
+ ngx_http_grpc_ctx_t *ctx;
+ ngx_http_upstream_t *u;
+
+ ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module);
+
+ if (ctx->connection == NULL) {
+ u = r->upstream;
+
+ if (ngx_http_grpc_get_connection_data(r, ctx, &u->peer) != NGX_OK) {
+ return NULL;
+ }
+ }
+
+ return ctx;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_get_connection_data(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_peer_connection_t *pc)
+{
+ ngx_connection_t *c;
+ ngx_pool_cleanup_t *cln;
+
+ c = pc->connection;
+
+ if (pc->cached) {
+
+ /*
+ * for cached connections, connection data can be found
+ * in the cleanup handler
+ */
+
+ for (cln = c->pool->cleanup; cln; cln = cln->next) {
+ if (cln->handler == ngx_http_grpc_cleanup) {
+ ctx->connection = cln->data;
+ break;
+ }
+ }
+
+ if (ctx->connection == NULL) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0,
+ "no connection data found for "
+ "keepalive http2 connection");
+ return NGX_ERROR;
+ }
+
+ ctx->send_window = ctx->connection->init_window;
+ ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW;
+
+ ctx->connection->last_stream_id += 2;
+ ctx->id = ctx->connection->last_stream_id;
+
+ return NGX_OK;
+ }
+
+ cln = ngx_pool_cleanup_add(c->pool, sizeof(ngx_http_grpc_conn_t));
+ if (cln == NULL) {
+ return NGX_ERROR;
+ }
+
+ cln->handler = ngx_http_grpc_cleanup;
+ ctx->connection = cln->data;
+
+ ctx->connection->init_window = NGX_HTTP_V2_DEFAULT_WINDOW;
+ ctx->connection->send_window = NGX_HTTP_V2_DEFAULT_WINDOW;
+ ctx->connection->recv_window = NGX_HTTP_V2_MAX_WINDOW;
+
+ ctx->send_window = NGX_HTTP_V2_DEFAULT_WINDOW;
+ ctx->recv_window = NGX_HTTP_V2_MAX_WINDOW;
+
+ ctx->id = 1;
+ ctx->connection->last_stream_id = 1;
+
+ return NGX_OK;
+}
+
+
+static void
+ngx_http_grpc_cleanup(void *data)
+{
+#if 0
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
+ "grpc cleanup");
+#endif
+ return;
+}
+
+
+static void
+ngx_http_grpc_abort_request(ngx_http_request_t *r)
+{
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "abort grpc request");
+ return;
+}
+
+
+static void
+ngx_http_grpc_finalize_request(ngx_http_request_t *r, ngx_int_t rc)
+{
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "finalize grpc request");
+ return;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_internal_trailers_variable(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data)
+{
+ ngx_table_elt_t *te;
+
+ te = r->headers_in.te;
+
+ if (te == NULL) {
+ v->not_found = 1;
+ return NGX_OK;
+ }
+
+ if (ngx_strlcasestrn(te->value.data, te->value.data + te->value.len,
+ (u_char *) "trailers", 8 - 1)
+ == NULL)
+ {
+ v->not_found = 1;
+ return NGX_OK;
+ }
+
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
+
+ v->data = (u_char *) "trailers";
+ v->len = sizeof("trailers") - 1;
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_add_variables(ngx_conf_t *cf)
+{
+ ngx_http_variable_t *var, *v;
+
+ for (v = ngx_http_grpc_vars; v->name.len; v++) {
+ var = ngx_http_add_variable(cf, &v->name, v->flags);
+ if (var == NULL) {
+ return NGX_ERROR;
+ }
+
+ var->get_handler = v->get_handler;
+ var->data = v->data;
+ }
+
+ return NGX_OK;
+}
+
+
+static void *
+ngx_http_grpc_create_loc_conf(ngx_conf_t *cf)
+{
+ ngx_http_grpc_loc_conf_t *conf;
+
+ conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_grpc_loc_conf_t));
+ if (conf == NULL) {
+ return NULL;
+ }
+
+ /*
+ * set by ngx_pcalloc():
+ *
+ * conf->upstream.ignore_headers = 0;
+ * conf->upstream.next_upstream = 0;
+ * conf->upstream.hide_headers_hash = { NULL, 0 };
+ * conf->upstream.ssl_name = NULL;
+ *
+ * conf->headers_source = NULL;
+ * conf->headers.lengths = NULL;
+ * conf->headers.values = NULL;
+ * conf->headers.hash = { NULL, 0 };
+ * conf->host = { 0, NULL };
+ * conf->host_set = 0;
+ * conf->ssl = 0;
+ * conf->ssl_protocols = 0;
+ * conf->ssl_ciphers = { 0, NULL };
+ * conf->ssl_trusted_certificate = { 0, NULL };
+ * conf->ssl_crl = { 0, NULL };
+ * conf->ssl_certificate = { 0, NULL };
+ * conf->ssl_certificate_key = { 0, NULL };
+ */
+
+ conf->upstream.local = NGX_CONF_UNSET_PTR;
+ conf->upstream.next_upstream_tries = NGX_CONF_UNSET_UINT;
+ conf->upstream.connect_timeout = NGX_CONF_UNSET_MSEC;
+ conf->upstream.send_timeout = NGX_CONF_UNSET_MSEC;
+ conf->upstream.read_timeout = NGX_CONF_UNSET_MSEC;
+ conf->upstream.next_upstream_timeout = NGX_CONF_UNSET_MSEC;
+
+ conf->upstream.buffer_size = NGX_CONF_UNSET_SIZE;
+
+ conf->upstream.hide_headers = NGX_CONF_UNSET_PTR;
+ conf->upstream.pass_headers = NGX_CONF_UNSET_PTR;
+
+ conf->upstream.intercept_errors = NGX_CONF_UNSET;
+
+#if (NGX_HTTP_SSL)
+ conf->upstream.ssl_session_reuse = NGX_CONF_UNSET;
+ conf->upstream.ssl_server_name = NGX_CONF_UNSET;
+ conf->upstream.ssl_verify = NGX_CONF_UNSET;
+ conf->ssl_verify_depth = NGX_CONF_UNSET_UINT;
+ conf->ssl_passwords = NGX_CONF_UNSET_PTR;
+#endif
+
+ /* the hardcoded values */
+ conf->upstream.cyclic_temp_file = 0;
+ conf->upstream.buffering = 0;
+ conf->upstream.ignore_client_abort = 0;
+ conf->upstream.send_lowat = 0;
+ conf->upstream.bufs.num = 0;
+ conf->upstream.busy_buffers_size = 0;
+ conf->upstream.max_temp_file_size = 0;
+ conf->upstream.temp_file_write_size = 0;
+ conf->upstream.pass_request_headers = 1;
+ conf->upstream.pass_request_body = 1;
+ conf->upstream.force_ranges = 0;
+ conf->upstream.pass_trailers = 1;
+ conf->upstream.preserve_output = 1;
+
+ ngx_str_set(&conf->upstream.module, "grpc");
+
+ return conf;
+}
+
+
+static char *
+ngx_http_grpc_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
+{
+ ngx_http_grpc_loc_conf_t *prev = parent;
+ ngx_http_grpc_loc_conf_t *conf = child;
+
+ ngx_int_t rc;
+ ngx_hash_init_t hash;
+ ngx_http_core_loc_conf_t *clcf;
+
+ ngx_conf_merge_ptr_value(conf->upstream.local,
+ prev->upstream.local, NULL);
+
+ ngx_conf_merge_uint_value(conf->upstream.next_upstream_tries,
+ prev->upstream.next_upstream_tries, 0);
+
+ ngx_conf_merge_msec_value(conf->upstream.connect_timeout,
+ prev->upstream.connect_timeout, 60000);
+
+ ngx_conf_merge_msec_value(conf->upstream.send_timeout,
+ prev->upstream.send_timeout, 60000);
+
+ ngx_conf_merge_msec_value(conf->upstream.read_timeout,
+ prev->upstream.read_timeout, 60000);
+
+ ngx_conf_merge_msec_value(conf->upstream.next_upstream_timeout,
+ prev->upstream.next_upstream_timeout, 0);
+
+ ngx_conf_merge_size_value(conf->upstream.buffer_size,
+ prev->upstream.buffer_size,
+ (size_t) ngx_pagesize);
+
+ ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers,
+ prev->upstream.ignore_headers,
+ NGX_CONF_BITMASK_SET);
+
+ ngx_conf_merge_bitmask_value(conf->upstream.next_upstream,
+ prev->upstream.next_upstream,
+ (NGX_CONF_BITMASK_SET
+ |NGX_HTTP_UPSTREAM_FT_ERROR
+ |NGX_HTTP_UPSTREAM_FT_TIMEOUT));
+
+ if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) {
+ conf->upstream.next_upstream = NGX_CONF_BITMASK_SET
+ |NGX_HTTP_UPSTREAM_FT_OFF;
+ }
+
+ ngx_conf_merge_value(conf->upstream.intercept_errors,
+ prev->upstream.intercept_errors, 0);
+
+#if (NGX_HTTP_SSL)
+
+ ngx_conf_merge_value(conf->upstream.ssl_session_reuse,
+ prev->upstream.ssl_session_reuse, 1);
+
+ ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols,
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
+
+ ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers,
+ "DEFAULT");
+
+ if (conf->upstream.ssl_name == NULL) {
+ conf->upstream.ssl_name = prev->upstream.ssl_name;
+ }
+
+ ngx_conf_merge_value(conf->upstream.ssl_server_name,
+ prev->upstream.ssl_server_name, 0);
+ ngx_conf_merge_value(conf->upstream.ssl_verify,
+ prev->upstream.ssl_verify, 0);
+ ngx_conf_merge_uint_value(conf->ssl_verify_depth,
+ prev->ssl_verify_depth, 1);
+ ngx_conf_merge_str_value(conf->ssl_trusted_certificate,
+ prev->ssl_trusted_certificate, "");
+ ngx_conf_merge_str_value(conf->ssl_crl, prev->ssl_crl, "");
+
+ ngx_conf_merge_str_value(conf->ssl_certificate,
+ prev->ssl_certificate, "");
+ ngx_conf_merge_str_value(conf->ssl_certificate_key,
+ prev->ssl_certificate_key, "");
+ ngx_conf_merge_ptr_value(conf->ssl_passwords, prev->ssl_passwords, NULL);
+
+ if (conf->ssl && ngx_http_grpc_set_ssl(cf, conf) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
+#endif
+
+ hash.max_size = 512;
+ hash.bucket_size = ngx_align(64, ngx_cacheline_size);
+ hash.name = "grpc_headers_hash";
+
+ if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream,
+ &prev->upstream, ngx_http_grpc_hide_headers, &hash)
+ != NGX_OK)
+ {
+ return NGX_CONF_ERROR;
+ }
+
+ clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+
+ if (clcf->noname && conf->upstream.upstream == NULL) {
+ conf->upstream.upstream = prev->upstream.upstream;
+ conf->host = prev->host;
+#if (NGX_HTTP_SSL)
+ conf->upstream.ssl = prev->upstream.ssl;
+#endif
+ }
+
+ if (clcf->lmt_excpt && clcf->handler == NULL && conf->upstream.upstream) {
+ clcf->handler = ngx_http_grpc_handler;
+ }
+
+ if (conf->headers_source == NULL) {
+ conf->headers = prev->headers;
+ conf->headers_source = prev->headers_source;
+ conf->host_set = prev->host_set;
+ }
+
+ rc = ngx_http_grpc_init_headers(cf, conf, &conf->headers,
+ ngx_http_grpc_headers);
+ if (rc != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
+ /*
+ * special handling to preserve conf->headers in the "http" section
+ * to inherit it to all servers
+ */
+
+ if (prev->headers.hash.buckets == NULL
+ && conf->headers_source == prev->headers_source)
+ {
+ prev->headers = conf->headers;
+ prev->host_set = conf->host_set;
+ }
+
+ return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_init_headers(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *conf,
+ ngx_http_grpc_headers_t *headers, ngx_keyval_t *default_headers)
+{
+ u_char *p;
+ size_t size;
+ uintptr_t *code;
+ ngx_uint_t i;
+ ngx_array_t headers_names, headers_merged;
+ ngx_keyval_t *src, *s, *h;
+ ngx_hash_key_t *hk;
+ ngx_hash_init_t hash;
+ ngx_http_script_compile_t sc;
+ ngx_http_script_copy_code_t *copy;
+
+ if (headers->hash.buckets) {
+ return NGX_OK;
+ }
+
+ if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
+ if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
+ headers->lengths = ngx_array_create(cf->pool, 64, 1);
+ if (headers->lengths == NULL) {
+ return NGX_ERROR;
+ }
+
+ headers->values = ngx_array_create(cf->pool, 512, 1);
+ if (headers->values == NULL) {
+ return NGX_ERROR;
+ }
+
+ if (conf->headers_source) {
+
+ src = conf->headers_source->elts;
+ for (i = 0; i < conf->headers_source->nelts; i++) {
+
+ if (src[i].key.len == 4
+ && ngx_strncasecmp(src[i].key.data, (u_char *) "Host", 4) == 0)
+ {
+ conf->host_set = 1;
+ }
+
+ s = ngx_array_push(&headers_merged);
+ if (s == NULL) {
+ return NGX_ERROR;
+ }
+
+ *s = src[i];
+ }
+ }
+
+ h = default_headers;
+
+ while (h->key.len) {
+
+ src = headers_merged.elts;
+ for (i = 0; i < headers_merged.nelts; i++) {
+ if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
+ goto next;
+ }
+ }
+
+ s = ngx_array_push(&headers_merged);
+ if (s == NULL) {
+ return NGX_ERROR;
+ }
+
+ *s = *h;
+
+ next:
+
+ h++;
+ }
+
+
+ src = headers_merged.elts;
+ for (i = 0; i < headers_merged.nelts; i++) {
+
+ hk = ngx_array_push(&headers_names);
+ if (hk == NULL) {
+ return NGX_ERROR;
+ }
+
+ hk->key = src[i].key;
+ hk->key_hash = ngx_hash_key_lc(src[i].key.data, src[i].key.len);
+ hk->value = (void *) 1;
+
+ if (src[i].value.len == 0) {
+ continue;
+ }
+
+ copy = ngx_array_push_n(headers->lengths,
+ sizeof(ngx_http_script_copy_code_t));
+ if (copy == NULL) {
+ return NGX_ERROR;
+ }
+
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
+ copy->len = src[i].key.len;
+
+ size = (sizeof(ngx_http_script_copy_code_t)
+ + src[i].key.len + sizeof(uintptr_t) - 1)
+ & ~(sizeof(uintptr_t) - 1);
+
+ copy = ngx_array_push_n(headers->values, size);
+ if (copy == NULL) {
+ return NGX_ERROR;
+ }
+
+ copy->code = ngx_http_script_copy_code;
+ copy->len = src[i].key.len;
+
+ p = (u_char *) copy + sizeof(ngx_http_script_copy_code_t);
+ ngx_memcpy(p, src[i].key.data, src[i].key.len);
+
+ ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
+
+ sc.cf = cf;
+ sc.source = &src[i].value;
+ sc.flushes = &headers->flushes;
+ sc.lengths = &headers->lengths;
+ sc.values = &headers->values;
+
+ if (ngx_http_script_compile(&sc) != NGX_OK) {
+ return NGX_ERROR;
+ }
+
+ code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t));
+ if (code == NULL) {
+ return NGX_ERROR;
+ }
+
+ *code = (uintptr_t) NULL;
+
+ code = ngx_array_push_n(headers->values, sizeof(uintptr_t));
+ if (code == NULL) {
+ return NGX_ERROR;
+ }
+
+ *code = (uintptr_t) NULL;
+ }
+
+ code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t));
+ if (code == NULL) {
+ return NGX_ERROR;
+ }
+
+ *code = (uintptr_t) NULL;
+
+
+ hash.hash = &headers->hash;
+ hash.key = ngx_hash_key_lc;
+ hash.max_size = 512;
+ hash.bucket_size = 64;
+ hash.name = "grpc_headers_hash";
+ hash.pool = cf->pool;
+ hash.temp_pool = NULL;
+
+ return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
+}
+
+
+static char *
+ngx_http_grpc_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+ ngx_http_grpc_loc_conf_t *glcf = conf;
+
+ size_t add;
+ ngx_str_t *value, *url;
+ ngx_url_t u;
+ ngx_http_core_loc_conf_t *clcf;
+
+ if (glcf->upstream.upstream) {
+ return "is duplicate";
+ }
+
+ value = cf->args->elts;
+ url = &value[1];
+
+ if (ngx_strncasecmp(url->data, (u_char *) "grpc://", 7) == 0) {
+ add = 7;
+
+ } else if (ngx_strncasecmp(url->data, (u_char *) "grpcs://", 8) == 0) {
+
+#if (NGX_HTTP_SSL)
+ glcf->ssl = 1;
+
+ add = 8;
+#else
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "grpcs protocol requires SSL support");
+ return NGX_CONF_ERROR;
+#endif
+
+ } else {
+ add = 0;
+ }
+
+ ngx_memzero(&u, sizeof(ngx_url_t));
+
+ u.url.len = url->len - add;
+ u.url.data = url->data + add;
+ u.no_resolve = 1;
+
+ glcf->upstream.upstream = ngx_http_upstream_add(cf, &u, 0);
+ if (glcf->upstream.upstream == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ if (u.family != AF_UNIX) {
+
+ if (u.no_port) {
+ glcf->host = u.host;
+
+ } else {
+ glcf->host.len = u.host.len + 1 + u.port_text.len;
+ glcf->host.data = u.host.data;
+ }
+
+ } else {
+ ngx_str_set(&glcf->host, "localhost");
+ }
+
+ clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+
+ clcf->handler = ngx_http_grpc_handler;
+
+ if (clcf->name.data[clcf->name.len - 1] == '/') {
+ clcf->auto_redirect = 1;
+ }
+
+ return NGX_CONF_OK;
+}
+
+
+#if (NGX_HTTP_SSL)
+
+static char *
+ngx_http_grpc_ssl_password_file(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+ ngx_http_grpc_loc_conf_t *glcf = conf;
+
+ ngx_str_t *value;
+
+ if (glcf->ssl_passwords != NGX_CONF_UNSET_PTR) {
+ return "is duplicate";
+ }
+
+ value = cf->args->elts;
+
+ glcf->ssl_passwords = ngx_ssl_read_password_file(cf, &value[1]);
+
+ if (glcf->ssl_passwords == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_grpc_set_ssl(ngx_conf_t *cf, ngx_http_grpc_loc_conf_t *glcf)
+{
+ ngx_pool_cleanup_t *cln;
+
+ glcf->upstream.ssl = ngx_pcalloc(cf->pool, sizeof(ngx_ssl_t));
+ if (glcf->upstream.ssl == NULL) {
+ return NGX_ERROR;
+ }
+
+ glcf->upstream.ssl->log = cf->log;
+
+ if (ngx_ssl_create(glcf->upstream.ssl, glcf->ssl_protocols, NULL)
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
+ cln = ngx_pool_cleanup_add(cf->pool, 0);
+ if (cln == NULL) {
+ return NGX_ERROR;
+ }
+
+ cln->handler = ngx_ssl_cleanup_ctx;
+ cln->data = glcf->upstream.ssl;
+
+ if (glcf->ssl_certificate.len) {
+
+ if (glcf->ssl_certificate_key.len == 0) {
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
+ "no \"grpc_ssl_certificate_key\" is defined "
+ "for certificate \"%V\"", &glcf->ssl_certificate);
+ return NGX_ERROR;
+ }
+
+ if (ngx_ssl_certificate(cf, glcf->upstream.ssl, &glcf->ssl_certificate,
+ &glcf->ssl_certificate_key, glcf->ssl_passwords)
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+ }
+
+ if (ngx_ssl_ciphers(cf, glcf->upstream.ssl, &glcf->ssl_ciphers, 0)
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
+ if (glcf->upstream.ssl_verify) {
+ if (glcf->ssl_trusted_certificate.len == 0) {
+ ngx_log_error(NGX_LOG_EMERG, cf->log, 0,
+ "no grpc_ssl_trusted_certificate for grpc_ssl_verify");
+ return NGX_ERROR;
+ }
+
+ if (ngx_ssl_trusted_certificate(cf, glcf->upstream.ssl,
+ &glcf->ssl_trusted_certificate,
+ glcf->ssl_verify_depth)
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
+ if (ngx_ssl_crl(cf, glcf->upstream.ssl, &glcf->ssl_crl) != NGX_OK) {
+ return NGX_ERROR;
+ }
+ }
+
+#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
+
+ if (SSL_CTX_set_alpn_protos(glcf->upstream.ssl->ctx,
+ (u_char *) "\x02h2", 3)
+ != 0)
+ {
+ ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0,
+ "SSL_CTX_set_alpn_protos() failed");
+ return NGX_ERROR;
+ }
+
+#endif
+
+ return NGX_OK;
+}
+
+#endif
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_log_module.c
^
|
@@ -90,6 +90,11 @@
} ngx_http_log_var_t;
+#define NGX_HTTP_LOG_ESCAPE_DEFAULT 0
+#define NGX_HTTP_LOG_ESCAPE_JSON 1
+#define NGX_HTTP_LOG_ESCAPE_NONE 2
+
+
static void ngx_http_log_write(ngx_http_request_t *r, ngx_http_log_t *log,
u_char *buf, size_t len);
static ssize_t ngx_http_log_script_write(ngx_http_request_t *r,
@@ -126,7 +131,7 @@
ngx_http_log_op_t *op);
static ngx_int_t ngx_http_log_variable_compile(ngx_conf_t *cf,
- ngx_http_log_op_t *op, ngx_str_t *value, ngx_uint_t json);
+ ngx_http_log_op_t *op, ngx_str_t *value, ngx_uint_t escape);
static size_t ngx_http_log_variable_getlen(ngx_http_request_t *r,
uintptr_t data);
static u_char *ngx_http_log_variable(ngx_http_request_t *r, u_char *buf,
@@ -136,6 +141,10 @@
uintptr_t data);
static u_char *ngx_http_log_json_variable(ngx_http_request_t *r, u_char *buf,
ngx_http_log_op_t *op);
+static size_t ngx_http_log_unescaped_variable_getlen(ngx_http_request_t *r,
+ uintptr_t data);
+static u_char *ngx_http_log_unescaped_variable(ngx_http_request_t *r,
+ u_char *buf, ngx_http_log_op_t *op);
static void *ngx_http_log_create_main_conf(ngx_conf_t *cf);
@@ -905,7 +914,7 @@
static ngx_int_t
ngx_http_log_variable_compile(ngx_conf_t *cf, ngx_http_log_op_t *op,
- ngx_str_t *value, ngx_uint_t json)
+ ngx_str_t *value, ngx_uint_t escape)
{
ngx_int_t index;
@@ -916,11 +925,18 @@
op->len = 0;
- if (json) {
+ switch (escape) {
+ case NGX_HTTP_LOG_ESCAPE_JSON:
op->getlen = ngx_http_log_json_variable_getlen;
op->run = ngx_http_log_json_variable;
+ break;
- } else {
+ case NGX_HTTP_LOG_ESCAPE_NONE:
+ op->getlen = ngx_http_log_unescaped_variable_getlen;
+ op->run = ngx_http_log_unescaped_variable;
+ break;
+
+ default: /* NGX_HTTP_LOG_ESCAPE_DEFAULT */
op->getlen = ngx_http_log_variable_getlen;
op->run = ngx_http_log_variable;
}
@@ -1073,6 +1089,39 @@
}
+static size_t
+ngx_http_log_unescaped_variable_getlen(ngx_http_request_t *r, uintptr_t data)
+{
+ ngx_http_variable_value_t *value;
+
+ value = ngx_http_get_indexed_variable(r, data);
+
+ if (value == NULL || value->not_found) {
+ return 0;
+ }
+
+ value->escape = 0;
+
+ return value->len;
+}
+
+
+static u_char *
+ngx_http_log_unescaped_variable(ngx_http_request_t *r, u_char *buf,
+ ngx_http_log_op_t *op)
+{
+ ngx_http_variable_value_t *value;
+
+ value = ngx_http_get_indexed_variable(r, op->data);
+
+ if (value == NULL || value->not_found) {
+ return buf;
+ }
+
+ return ngx_cpymem(buf, value->data, value->len);
+}
+
+
static void *
ngx_http_log_create_main_conf(ngx_conf_t *cf)
{
@@ -1536,18 +1585,21 @@
size_t i, len;
ngx_str_t *value, var;
ngx_int_t *flush;
- ngx_uint_t bracket, json;
+ ngx_uint_t bracket, escape;
ngx_http_log_op_t *op;
ngx_http_log_var_t *v;
- json = 0;
+ escape = NGX_HTTP_LOG_ESCAPE_DEFAULT;
value = args->elts;
if (s < args->nelts && ngx_strncmp(value[s].data, "escape=", 7) == 0) {
data = value[s].data + 7;
if (ngx_strcmp(data, "json") == 0) {
- json = 1;
+ escape = NGX_HTTP_LOG_ESCAPE_JSON;
+
+ } else if (ngx_strcmp(data, "none") == 0) {
+ escape = NGX_HTTP_LOG_ESCAPE_NONE;
} else if (ngx_strcmp(data, "default") != 0) {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
@@ -1636,7 +1688,7 @@
}
}
- if (ngx_http_log_variable_compile(cf, op, &var, json)
+ if (ngx_http_log_variable_compile(cf, op, &var, escape)
!= NGX_OK)
{
return NGX_CONF_ERROR;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_memcached_module.c
^
|
@@ -592,8 +592,6 @@
* conf->upstream.bufs.num = 0;
* conf->upstream.next_upstream = 0;
* conf->upstream.temp_path = NULL;
- * conf->upstream.uri = { 0, NULL };
- * conf->upstream.location = NULL;
*/
conf->upstream.local = NGX_CONF_UNSET_PTR;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_mp4_module.c
^
|
@@ -169,7 +169,14 @@
#define ngx_mp4_atom_next(mp4, n) \
- mp4->buffer_pos += (size_t) n; \
+ \
+ if (n > (size_t) (mp4->buffer_end - mp4->buffer_pos)) { \
+ mp4->buffer_pos = mp4->buffer_end; \
+ \
+ } else { \
+ mp4->buffer_pos += (size_t) n; \
+ } \
+ \
mp4->offset += n
@@ -942,6 +949,13 @@
atom_size = ngx_mp4_get_64value(atom_header + 8);
atom_header_size = sizeof(ngx_mp4_atom_header64_t);
+ if (atom_size < sizeof(ngx_mp4_atom_header64_t)) {
+ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
+ "\"%s\" mp4 atom is too small:%uL",
+ mp4->file.name.data, atom_size);
+ return NGX_ERROR;
+ }
+
} else {
ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0,
"\"%s\" mp4 atom is too small:%uL",
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_proxy_module.c
^
|
@@ -1086,8 +1086,7 @@
return NGX_OK;
- } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri && r == r->main)
- {
+ } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri) {
*key = r->unparsed_uri;
u->uri = r->unparsed_uri;
@@ -1096,7 +1095,7 @@
loc_len = (r->valid_location && ctx->vars.uri.len) ? plcf->location.len : 0;
- if (r->quoted_uri || r->internal) {
+ if (r->quoted_uri || r->space_in_uri || r->internal) {
escape = 2 * ngx_escape_uri(NULL, r->uri.data + loc_len,
r->uri.len - loc_len, NGX_ESCAPE_URI);
} else {
@@ -1201,8 +1200,7 @@
if (plcf->proxy_lengths && ctx->vars.uri.len) {
uri_len = ctx->vars.uri.len;
- } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri && r == r->main)
- {
+ } else if (ctx->vars.uri.len == 0 && r->valid_unparsed_uri) {
unparsed_uri = 1;
uri_len = r->unparsed_uri.len;
@@ -2323,36 +2321,6 @@
return NGX_ERROR;
}
- /* provide continuous buffer for subrequests in memory */
-
- if (r->subrequest_in_memory) {
-
- cl = u->out_bufs;
-
- if (cl) {
- buf->pos = cl->buf->pos;
- }
-
- buf->last = buf->pos;
-
- for (cl = u->out_bufs; cl; cl = cl->next) {
- ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
- "http proxy in memory %p-%p %O",
- cl->buf->pos, cl->buf->last, ngx_buf_size(cl->buf));
-
- if (buf->last == cl->buf->pos) {
- buf->last = cl->buf->last;
- continue;
- }
-
- buf->last = ngx_movemem(buf->last, cl->buf->pos,
- cl->buf->last - cl->buf->pos);
-
- cl->buf->pos = buf->last - (cl->buf->last - cl->buf->pos);
- cl->buf->last = buf->last;
- }
- }
-
return NGX_OK;
}
@@ -2829,13 +2797,13 @@
* conf->upstream.cache_methods = 0;
* conf->upstream.temp_path = NULL;
* conf->upstream.hide_headers_hash = { NULL, 0 };
- * conf->upstream.uri = { 0, NULL };
- * conf->upstream.location = NULL;
* conf->upstream.store_lengths = NULL;
* conf->upstream.store_values = NULL;
* conf->upstream.ssl_name = NULL;
*
* conf->method = NULL;
+ * conf->location = NULL;
+ * conf->url = { 0, NULL };
* conf->headers_source = NULL;
* conf->headers.lengths = NULL;
* conf->headers.values = NULL;
@@ -3525,7 +3493,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].key.len;
size = (sizeof(ngx_http_script_copy_code_t)
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_scgi_module.c
^
|
@@ -1724,7 +1724,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].key.len + 1;
copy = ngx_array_push_n(params->lengths,
@@ -1733,7 +1734,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].skip_empty;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_ssi_filter_module.c
^
|
@@ -2231,9 +2231,11 @@
{
ngx_str_t *value = data;
- if (r->upstream) {
- value->len = r->upstream->buffer.last - r->upstream->buffer.pos;
- value->data = r->upstream->buffer.pos;
+ if (r->headers_out.status < NGX_HTTP_SPECIAL_RESPONSE
+ && r->out && r->out->buf)
+ {
+ value->len = r->out->buf->last - r->out->buf->pos;
+ value->data = r->out->buf->pos;
}
return rc;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_upstream_keepalive_module.c
^
|
@@ -340,6 +340,7 @@
pc->connection = NULL;
if (c->read->timer_set) {
+ c->read->delayed = 0;
ngx_del_timer(c->read);
}
if (c->write->timer_set) {
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/modules/ngx_http_uwsgi_module.c
^
|
@@ -1987,7 +1987,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].key.len;
copy = ngx_array_push_n(params->lengths,
@@ -1996,7 +1997,8 @@
return NGX_ERROR;
}
- copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ copy->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
copy->len = src[i].skip_empty;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_core_module.c
^
|
@@ -399,6 +399,13 @@
offsetof(ngx_http_core_loc_conf_t, sendfile_max_chunk),
NULL },
+ { ngx_string("subrequest_output_buffer_size"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_size_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_core_loc_conf_t, subrequest_output_buffer_size),
+ NULL },
+
{ ngx_string("aio"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
ngx_http_core_set_aio,
@@ -2237,6 +2244,12 @@
return NGX_ERROR;
}
+ if (r->subrequest_in_memory) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "nested in-memory subrequest \"%V\"", uri);
+ return NGX_ERROR;
+ }
+
sr = ngx_pcalloc(r->pool, sizeof(ngx_http_request_t));
if (sr == NULL) {
return NGX_ERROR;
@@ -2318,6 +2331,10 @@
sr->log_handler = r->log_handler;
+ if (sr->subrequest_in_memory) {
+ sr->filter_need_in_memory = 1;
+ }
+
if (!sr->background) {
if (c->data == r && r->postponed == NULL) {
c->data = sr;
@@ -2363,6 +2380,7 @@
sr->method_name = r->method_name;
sr->loc_conf = r->loc_conf;
sr->valid_location = r->valid_location;
+ sr->valid_unparsed_uri = r->valid_unparsed_uri;
sr->content_handler = r->content_handler;
sr->phase_handler = r->phase_handler;
sr->write_event_handler = ngx_http_core_run_phases;
@@ -3355,6 +3373,7 @@
clcf->internal = NGX_CONF_UNSET;
clcf->sendfile = NGX_CONF_UNSET;
clcf->sendfile_max_chunk = NGX_CONF_UNSET_SIZE;
+ clcf->subrequest_output_buffer_size = NGX_CONF_UNSET_SIZE;
clcf->aio = NGX_CONF_UNSET;
clcf->aio_write = NGX_CONF_UNSET;
#if (NGX_THREADS)
@@ -3577,6 +3596,9 @@
ngx_conf_merge_value(conf->sendfile, prev->sendfile, 0);
ngx_conf_merge_size_value(conf->sendfile_max_chunk,
prev->sendfile_max_chunk, 0);
+ ngx_conf_merge_size_value(conf->subrequest_output_buffer_size,
+ prev->subrequest_output_buffer_size,
+ (size_t) ngx_pagesize);
ngx_conf_merge_value(conf->aio, prev->aio, NGX_HTTP_AIO_OFF);
ngx_conf_merge_value(conf->aio_write, prev->aio_write, 0);
#if (NGX_THREADS)
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_core_module.h
^
|
@@ -351,6 +351,8 @@
size_t limit_rate_after; /* limit_rate_after */
size_t sendfile_max_chunk; /* sendfile_max_chunk */
size_t read_ahead; /* read_ahead */
+ size_t subrequest_output_buffer_size;
+ /* subrequest_output_buffer_size */
ngx_msec_t client_body_timeout; /* client_body_timeout */
ngx_msec_t send_timeout; /* send_timeout */
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_postpone_filter_module.c
^
|
@@ -12,6 +12,8 @@
static ngx_int_t ngx_http_postpone_filter_add(ngx_http_request_t *r,
ngx_chain_t *in);
+static ngx_int_t ngx_http_postpone_filter_in_memory(ngx_http_request_t *r,
+ ngx_chain_t *in);
static ngx_int_t ngx_http_postpone_filter_init(ngx_conf_t *cf);
@@ -60,6 +62,10 @@
ngx_log_debug3(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http postpone filter \"%V?%V\" %p", &r->uri, &r->args, in);
+ if (r->subrequest_in_memory) {
+ return ngx_http_postpone_filter_in_memory(r, in);
+ }
+
if (r != c->data) {
if (in) {
@@ -171,6 +177,78 @@
}
+static ngx_int_t
+ngx_http_postpone_filter_in_memory(ngx_http_request_t *r, ngx_chain_t *in)
+{
+ size_t len;
+ ngx_buf_t *b;
+ ngx_connection_t *c;
+ ngx_http_core_loc_conf_t *clcf;
+
+ c = r->connection;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
+ "http postpone filter in memory");
+
+ if (r->out == NULL) {
+ clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
+
+ if (r->headers_out.content_length_n != -1) {
+ len = r->headers_out.content_length_n;
+
+ if (len > clcf->subrequest_output_buffer_size) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0,
+ "too big subrequest response: %uz", len);
+ return NGX_ERROR;
+ }
+
+ } else {
+ len = clcf->subrequest_output_buffer_size;
+ }
+
+ b = ngx_create_temp_buf(r->pool, len);
+ if (b == NULL) {
+ return NGX_ERROR;
+ }
+
+ b->last_buf = 1;
+
+ r->out = ngx_alloc_chain_link(r->pool);
+ if (r->out == NULL) {
+ return NGX_ERROR;
+ }
+
+ r->out->buf = b;
+ r->out->next = NULL;
+ }
+
+ b = r->out->buf;
+
+ for ( /* void */ ; in; in = in->next) {
+
+ if (ngx_buf_special(in->buf)) {
+ continue;
+ }
+
+ len = in->buf->last - in->buf->pos;
+
+ if (len > (size_t) (b->end - b->last)) {
+ ngx_log_error(NGX_LOG_ERR, c->log, 0,
+ "too big subrequest response");
+ return NGX_ERROR;
+ }
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
+ "http postpone filter in memory %uz bytes", len);
+
+ b->last = ngx_cpymem(b->last, in->buf->pos, len);
+ in->buf->pos = in->buf->last;
+ }
+
+ return NGX_OK;
+}
+
+
static ngx_int_t
ngx_http_postpone_filter_init(ngx_conf_t *cf)
{
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_request.c
^
|
@@ -132,6 +132,10 @@
offsetof(ngx_http_headers_in_t, transfer_encoding),
ngx_http_process_header_line },
+ { ngx_string("TE"),
+ offsetof(ngx_http_headers_in_t, te),
+ ngx_http_process_header_line },
+
{ ngx_string("Expect"),
offsetof(ngx_http_headers_in_t, expect),
ngx_http_process_unique_header_line },
@@ -140,7 +144,7 @@
offsetof(ngx_http_headers_in_t, upgrade),
ngx_http_process_header_line },
-#if (NGX_HTTP_GZIP)
+#if (NGX_HTTP_GZIP || NGX_HTTP_HEADERS)
{ ngx_string("Accept-Encoding"),
offsetof(ngx_http_headers_in_t, accept_encoding),
ngx_http_process_header_line },
@@ -919,7 +923,7 @@
SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
-#ifdef SSL_CTRL_CLEAR_OPTIONS
+#if OPENSSL_VERSION_NUMBER >= 0x009080dfL
/* only in 0.9.8m+ */
SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
~SSL_CTX_get_options(sscf->ssl.ctx));
@@ -1902,7 +1906,7 @@
"client SSL certificate verify error: (%l:%s)",
rc, X509_verify_cert_error_string(rc));
- ngx_ssl_remove_cached_session(sscf->ssl.ctx,
+ ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR);
@@ -1916,7 +1920,7 @@
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent no required SSL certificate");
- ngx_ssl_remove_cached_session(sscf->ssl.ctx,
+ ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_request.h
^
|
@@ -197,10 +197,11 @@
ngx_table_elt_t *if_range;
ngx_table_elt_t *transfer_encoding;
+ ngx_table_elt_t *te;
ngx_table_elt_t *expect;
ngx_table_elt_t *upgrade;
-#if (NGX_HTTP_GZIP)
+#if (NGX_HTTP_GZIP || NGX_HTTP_HEADERS)
ngx_table_elt_t *accept_encoding;
ngx_table_elt_t *via;
#endif
@@ -279,6 +280,7 @@
ngx_uint_t content_type_hash;
ngx_array_t cache_control;
+ ngx_array_t link;
off_t content_length_n;
off_t content_offset;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_script.c
^
|
@@ -695,7 +695,8 @@
return NGX_ERROR;
}
- code->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
+ code->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_len_code;
code->len = len;
size = (sizeof(ngx_http_script_copy_code_t) + len + sizeof(uintptr_t) - 1)
@@ -784,7 +785,8 @@
return NGX_ERROR;
}
- code->code = (ngx_http_script_code_pt) ngx_http_script_copy_var_len_code;
+ code->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_var_len_code;
code->index = (uintptr_t) index;
code = ngx_http_script_add_code(*sc->values,
@@ -1178,8 +1180,8 @@
return NGX_ERROR;
}
- code->code = (ngx_http_script_code_pt)
- ngx_http_script_copy_capture_len_code;
+ code->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_copy_capture_len_code;
code->n = 2 * n;
@@ -1293,7 +1295,8 @@
return NGX_ERROR;
}
- code->code = (ngx_http_script_code_pt) ngx_http_script_full_name_len_code;
+ code->code = (ngx_http_script_code_pt) (void *)
+ ngx_http_script_full_name_len_code;
code->conf_prefix = sc->conf_prefix;
code = ngx_http_script_add_code(*sc->values,
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_upstream.c
^
|
@@ -55,7 +55,7 @@
static ngx_int_t ngx_http_upstream_test_connect(ngx_connection_t *c);
static ngx_int_t ngx_http_upstream_process_headers(ngx_http_request_t *r,
ngx_http_upstream_t *u);
-static void ngx_http_upstream_process_body_in_memory(ngx_http_request_t *r,
+static ngx_int_t ngx_http_upstream_process_trailers(ngx_http_request_t *r,
ngx_http_upstream_t *u);
static void ngx_http_upstream_send_response(ngx_http_request_t *r,
ngx_http_upstream_t *u);
@@ -166,6 +166,8 @@
ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_upstream_header_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_http_upstream_trailer_variable(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_http_upstream_cookie_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data);
@@ -284,9 +286,10 @@
ngx_http_upstream_process_vary, 0,
ngx_http_upstream_copy_header_line, 0, 0 },
- { ngx_string("X-Powered-By"),
+ { ngx_string("Link"),
ngx_http_upstream_ignore_header_line, 0,
- ngx_http_upstream_copy_header_line, 0, 0 },
+ ngx_http_upstream_copy_multi_header_lines,
+ offsetof(ngx_http_headers_out_t, link), 0 },
{ ngx_string("X-Accel-Expires"),
ngx_http_upstream_process_accel_expires, 0,
@@ -424,6 +427,9 @@
{ ngx_string("upstream_http_"), NULL, ngx_http_upstream_header_variable,
0, NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_PREFIX, 0 },
+ { ngx_string("upstream_trailer_"), NULL, ngx_http_upstream_trailer_variable,
+ 0, NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_PREFIX, 0 },
+
{ ngx_string("upstream_cookie_"), NULL, ngx_http_upstream_cookie_variable,
0, NGX_HTTP_VAR_NOCACHEABLE|NGX_HTTP_VAR_PREFIX, 0 },
@@ -1047,6 +1053,13 @@
return NGX_ERROR;
}
+ if (ngx_list_init(&u->headers_in.trailers, r->pool, 2,
+ sizeof(ngx_table_elt_t))
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
rc = u->process_header(r);
if (rc == NGX_OK) {
@@ -1603,6 +1616,7 @@
u->request_sent = 0;
u->request_body_sent = 0;
+ u->request_body_blocked = 0;
if (rc == NGX_AGAIN) {
ngx_add_timer(c->write, u->conf->connect_timeout);
@@ -1884,6 +1898,13 @@
return NGX_ERROR;
}
+ if (ngx_list_init(&u->headers_in.trailers, r->pool, 2,
+ sizeof(ngx_table_elt_t))
+ != NGX_OK)
+ {
+ return NGX_ERROR;
+ }
+
/* reinit the request chain */
file_pos = 0;
@@ -1974,7 +1995,7 @@
}
if (rc == NGX_AGAIN) {
- if (!c->write->ready) {
+ if (!c->write->ready || u->request_body_blocked) {
ngx_add_timer(c->write, u->conf->send_timeout);
} else if (c->write->timer_set) {
@@ -1987,19 +2008,29 @@
return;
}
+ if (c->write->ready && c->tcp_nopush == NGX_TCP_NOPUSH_SET) {
+ if (ngx_tcp_push(c->fd) == -1) {
+ ngx_log_error(NGX_LOG_CRIT, c->log, ngx_socket_errno,
+ ngx_tcp_push_n " failed");
+ ngx_http_upstream_finalize_request(r, u,
+ NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return;
+ }
+
+ c->tcp_nopush = NGX_TCP_NOPUSH_UNSET;
+ }
+
return;
}
/* rc == NGX_OK */
- u->request_body_sent = 1;
-
if (c->write->timer_set) {
ngx_del_timer(c->write);
}
if (c->tcp_nopush == NGX_TCP_NOPUSH_SET) {
- if (ngx_tcp_push(c->fd) == NGX_ERROR) {
+ if (ngx_tcp_push(c->fd) == -1) {
ngx_log_error(NGX_LOG_CRIT, c->log, ngx_socket_errno,
ngx_tcp_push_n " failed");
ngx_http_upstream_finalize_request(r, u,
@@ -2010,7 +2041,9 @@
c->tcp_nopush = NGX_TCP_NOPUSH_UNSET;
}
- u->write_event_handler = ngx_http_upstream_dummy_handler;
+ if (!u->conf->preserve_output) {
+ u->write_event_handler = ngx_http_upstream_dummy_handler;
+ }
if (ngx_handle_write_event(c->write, 0) != NGX_OK) {
ngx_http_upstream_finalize_request(r, u,
@@ -2018,11 +2051,19 @@
return;
}
- ngx_add_timer(c->read, u->conf->read_timeout);
+ if (!u->request_body_sent) {
+ u->request_body_sent = 1;
- if (c->read->ready) {
- ngx_http_upstream_process_header(r, u);
- return;
+ if (u->header_sent) {
+ return;
+ }
+
+ ngx_add_timer(c->read, u->conf->read_timeout);
+
+ if (c->read->ready) {
+ ngx_http_upstream_process_header(r, u);
+ return;
+ }
}
}
@@ -2051,7 +2092,16 @@
out = NULL;
}
- return ngx_output_chain(&u->output, out);
+ rc = ngx_output_chain(&u->output, out);
+
+ if (rc == NGX_AGAIN) {
+ u->request_body_blocked = 1;
+
+ } else {
+ u->request_body_blocked = 0;
+ }
+
+ return rc;
}
if (!u->request_sent) {
@@ -2092,6 +2142,13 @@
ngx_free_chain(r->pool, ln);
}
+ if (rc == NGX_AGAIN) {
+ u->request_body_blocked = 1;
+
+ } else {
+ u->request_body_blocked = 0;
+ }
+
if (rc == NGX_OK && !r->reading_body) {
break;
}
@@ -2156,7 +2213,7 @@
#endif
- if (u->header_sent) {
+ if (u->header_sent && !u->conf->preserve_output) {
u->write_event_handler = ngx_http_upstream_dummy_handler;
(void) ngx_handle_write_event(c->write, 0);
@@ -2238,6 +2295,15 @@
return;
}
+ if (ngx_list_init(&u->headers_in.trailers, r->pool, 2,
+ sizeof(ngx_table_elt_t))
+ != NGX_OK)
+ {
+ ngx_http_upstream_finalize_request(r, u,
+ NGX_HTTP_INTERNAL_SERVER_ERROR);
+ return;
+ }
+
#if (NGX_HTTP_CACHE)
if (r->cache) {
@@ -2334,52 +2400,15 @@
return;
}
- if (!r->subrequest_in_memory) {
- ngx_http_upstream_send_response(r, u);
- return;
- }
-
- /* subrequest content in memory */
-
- if (u->input_filter == NULL) {
- u->input_filter_init = ngx_http_upstream_non_buffered_filter_init;
- u->input_filter = ngx_http_upstream_non_buffered_filter;
- u->input_filter_ctx = r;
- }
-
- if (u->input_filter_init(u->input_filter_ctx) == NGX_ERROR) {
- ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
- return;
- }
-
- n = u->buffer.last - u->buffer.pos;
-
- if (n) {
- u->buffer.last = u->buffer.pos;
-
- u->state->response_length += n;
-
- if (u->input_filter(u->input_filter_ctx, n) == NGX_ERROR) {
- ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
- return;
- }
- }
-
- if (u->length == 0) {
- ngx_http_upstream_finalize_request(r, u, 0);
- return;
- }
-
- u->read_event_handler = ngx_http_upstream_process_body_in_memory;
-
- ngx_http_upstream_process_body_in_memory(r, u);
+ ngx_http_upstream_send_response(r, u);
}
static ngx_int_t
ngx_http_upstream_test_next(ngx_http_request_t *r, ngx_http_upstream_t *u)
{
- ngx_uint_t status;
+ ngx_msec_t timeout;
+ ngx_uint_t status, mask;
ngx_http_upstream_next_t *un;
status = u->headers_in.status_n;
@@ -2390,7 +2419,22 @@
continue;
}
- if (u->peer.tries > 1 && (u->conf->next_upstream & un->mask)) {
+ timeout = u->conf->next_upstream_timeout;
+
+ if (u->request_sent
+ && (r->method & (NGX_HTTP_POST|NGX_HTTP_LOCK|NGX_HTTP_PATCH)))
+ {
+ mask = un->mask | NGX_HTTP_UPSTREAM_FT_NON_IDEMPOTENT;
+
+ } else {
+ mask = un->mask;
+ }
+
+ if (u->peer.tries > 1
+ && ((u->conf->next_upstream & mask) == mask)
+ && !(u->request_sent && r->request_body_no_buffering)
+ && !(timeout && ngx_current_msec - u->peer.start_time >= timeout))
+ {
ngx_http_upstream_next(r, u, un->mask);
return NGX_OK;
}
@@ -2774,81 +2818,48 @@
}
-static void
-ngx_http_upstream_process_body_in_memory(ngx_http_request_t *r,
+static ngx_int_t
+ngx_http_upstream_process_trailers(ngx_http_request_t *r,
ngx_http_upstream_t *u)
{
- size_t size;
- ssize_t n;
- ngx_buf_t *b;
- ngx_event_t *rev;
- ngx_connection_t *c;
+ ngx_uint_t i;
+ ngx_list_part_t *part;
+ ngx_table_elt_t *h, *ho;
- c = u->peer.connection;
- rev = c->read;
-
- ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
- "http upstream process body in memory");
-
- if (rev->timedout) {
- ngx_connection_error(c, NGX_ETIMEDOUT, "upstream timed out");
- ngx_http_upstream_finalize_request(r, u, NGX_HTTP_GATEWAY_TIME_OUT);
- return;
+ if (!u->conf->pass_trailers) {
+ return NGX_OK;
}
- b = &u->buffer;
-
- for ( ;; ) {
-
- size = b->end - b->last;
-
- if (size == 0) {
- ngx_log_error(NGX_LOG_ALERT, c->log, 0,
- "upstream buffer is too small to read response");
- ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
- return;
- }
+ part = &u->headers_in.trailers.part;
+ h = part->elts;
- n = c->recv(c, b->last, size);
+ for (i = 0; /* void */; i++) {
- if (n == NGX_AGAIN) {
- break;
- }
+ if (i >= part->nelts) {
+ if (part->next == NULL) {
+ break;
+ }
- if (n == 0 || n == NGX_ERROR) {
- ngx_http_upstream_finalize_request(r, u, n);
- return;
+ part = part->next;
+ h = part->elts;
+ i = 0;
}
- u->state->bytes_received += n;
- u->state->response_length += n;
-
- if (u->input_filter(u->input_filter_ctx, n) == NGX_ERROR) {
- ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
- return;
+ if (ngx_hash_find(&u->conf->hide_headers_hash, h[i].hash,
+ h[i].lowcase_key, h[i].key.len))
+ {
+ continue;
}
- if (!rev->ready) {
- break;
+ ho = ngx_list_push(&r->headers_out.trailers);
+ if (ho == NULL) {
+ return NGX_ERROR;
}
- }
- if (u->length == 0) {
- ngx_http_upstream_finalize_request(r, u, 0);
- return;
+ *ho = h[i];
}
- if (ngx_handle_read_event(rev, 0) != NGX_OK) {
- ngx_http_upstream_finalize_request(r, u, NGX_ERROR);
- return;
- }
-
- if (rev->active) {
- ngx_add_timer(rev, u->conf->read_timeout);
-
- } else if (rev->timer_set) {
- ngx_del_timer(rev);
- }
+ return NGX_OK;
}
@@ -2902,7 +2913,8 @@
}
if (r->request_body && r->request_body->temp_file
- && r == r->main && !r->preserve_body)
+ && r == r->main && !r->preserve_body
+ && !u->conf->preserve_output)
{
ngx_pool_run_cleanup_file(r->pool, r->request_body->temp_file->file.fd);
r->request_body->temp_file->file.fd = NGX_INVALID_FILE;
@@ -3533,7 +3545,7 @@
if (do_write) {
- if (u->out_bufs || u->busy_bufs) {
+ if (u->out_bufs || u->busy_bufs || downstream->buffered) {
rc = ngx_http_output_filter(r, u->out_bufs);
if (rc == NGX_ERROR) {
@@ -4358,12 +4370,6 @@
#endif
- if (r->subrequest_in_memory
- && u->headers_in.status_n >= NGX_HTTP_SPECIAL_RESPONSE)
- {
- u->buffer.last = u->buffer.pos;
- }
-
r->read_event_handler = ngx_http_block_reading;
if (rc == NGX_DECLINED) {
@@ -4374,8 +4380,7 @@
if (!u->header_sent
|| rc == NGX_HTTP_REQUEST_TIME_OUT
- || rc == NGX_HTTP_CLIENT_CLOSED_REQUEST
- || (u->pipe && u->pipe->downstream_error))
+ || rc == NGX_HTTP_CLIENT_CLOSED_REQUEST)
{
ngx_http_finalize_request(r, rc);
return;
@@ -4388,12 +4393,20 @@
flush = 1;
}
- if (r->header_only) {
+ if (r->header_only
+ || (u->pipe && u->pipe->downstream_error))
+ {
ngx_http_finalize_request(r, rc);
return;
}
if (rc == 0) {
+
+ if (ngx_http_upstream_process_trailers(r, u) != NGX_OK) {
+ ngx_http_finalize_request(r, NGX_ERROR);
+ return;
+ }
+
rc = ngx_http_send_special(r, NGX_HTTP_LAST);
} else if (flush) {
@@ -5504,6 +5517,21 @@
static ngx_int_t
+ngx_http_upstream_trailer_variable(ngx_http_request_t *r,
+ ngx_http_variable_value_t *v, uintptr_t data)
+{
+ if (r->upstream == NULL) {
+ v->not_found = 1;
+ return NGX_OK;
+ }
+
+ return ngx_http_variable_unknown_header(v, (ngx_str_t *) data,
+ &r->upstream->headers_in.trailers.part,
+ sizeof("upstream_trailer_") - 1);
+}
+
+
+static ngx_int_t
ngx_http_upstream_cookie_variable(ngx_http_request_t *r,
ngx_http_variable_value_t *v, uintptr_t data)
{
@@ -6078,6 +6106,12 @@
if (cf->args->nelts > 2) {
if (ngx_strcmp(value[2].data, "transparent") == 0) {
#if (NGX_HAVE_TRANSPARENT_PROXY)
+ ngx_core_conf_t *ccf;
+
+ ccf = (ngx_core_conf_t *) ngx_get_conf(cf->cycle->conf_ctx,
+ ngx_core_module);
+
+ ccf->transparent = 1;
local->transparent = 1;
#else
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_upstream.h
^
|
@@ -61,6 +61,7 @@
ngx_msec_t response_time;
ngx_msec_t connect_time;
ngx_msec_t header_time;
+ ngx_msec_t queue_time;
off_t response_length;
off_t bytes_received;
@@ -221,6 +222,8 @@
signed store:2;
unsigned intercept_404:1;
unsigned change_buffering:1;
+ unsigned pass_trailers:1;
+ unsigned preserve_output:1;
#if (NGX_HTTP_SSL || NGX_COMPAT)
ngx_ssl_t *ssl;
@@ -250,6 +253,7 @@
typedef struct {
ngx_list_t headers;
+ ngx_list_t trailers;
ngx_uint_t status_n;
ngx_str_t status_line;
@@ -388,6 +392,7 @@
unsigned request_sent:1;
unsigned request_body_sent:1;
+ unsigned request_body_blocked:1;
unsigned header_sent:1;
};
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/ngx_http_variables.c
^
|
@@ -318,6 +318,9 @@
{ ngx_string("sent_http_cache_control"), NULL, ngx_http_variable_headers,
offsetof(ngx_http_request_t, headers_out.cache_control), 0, 0 },
+ { ngx_string("sent_http_link"), NULL, ngx_http_variable_headers,
+ offsetof(ngx_http_request_t, headers_out.link), 0, 0 },
+
{ ngx_string("limit_rate"), ngx_http_variable_request_set_size,
ngx_http_variable_request_get_size,
offsetof(ngx_http_request_t, limit_rate),
@@ -426,7 +429,9 @@
return NULL;
}
- v->flags &= flags | ~NGX_HTTP_VAR_WEAK;
+ if (!(flags & NGX_HTTP_VAR_WEAK)) {
+ v->flags &= ~NGX_HTTP_VAR_WEAK;
+ }
return v;
}
@@ -491,7 +496,9 @@
return NULL;
}
- v->flags &= flags | ~NGX_HTTP_VAR_WEAK;
+ if (!(flags & NGX_HTTP_VAR_WEAK)) {
+ v->flags &= ~NGX_HTTP_VAR_WEAK;
+ }
return v;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2.c
^
|
@@ -11,6 +11,14 @@
#include <ngx_http_v2_module.h>
+typedef struct {
+ ngx_str_t name;
+ ngx_uint_t offset;
+ ngx_uint_t hash;
+ ngx_http_header_t *hh;
+} ngx_http_v2_parse_header_t;
+
+
/* errors */
#define NGX_HTTP_V2_NO_ERROR 0x0
#define NGX_HTTP_V2_PROTOCOL_ERROR 0x1
@@ -35,20 +43,17 @@
#define NGX_HTTP_V2_GOAWAY_SIZE 8
#define NGX_HTTP_V2_WINDOW_UPDATE_SIZE 4
-#define NGX_HTTP_V2_STREAM_ID_SIZE 4
-
#define NGX_HTTP_V2_SETTINGS_PARAM_SIZE 6
/* settings fields */
#define NGX_HTTP_V2_HEADER_TABLE_SIZE_SETTING 0x1
+#define NGX_HTTP_V2_ENABLE_PUSH_SETTING 0x2
#define NGX_HTTP_V2_MAX_STREAMS_SETTING 0x3
#define NGX_HTTP_V2_INIT_WINDOW_SIZE_SETTING 0x4
#define NGX_HTTP_V2_MAX_FRAME_SIZE_SETTING 0x5
#define NGX_HTTP_V2_FRAME_BUFFER_SIZE 24
-#define NGX_HTTP_V2_DEFAULT_FRAME_SIZE (1 << 14)
-
#define NGX_HTTP_V2_ROOT (void *) -1
@@ -121,7 +126,7 @@
u_char **pos, u_char *end, ngx_uint_t prefix);
static ngx_http_v2_stream_t *ngx_http_v2_create_stream(
- ngx_http_v2_connection_t *h2c);
+ ngx_http_v2_connection_t *h2c, ngx_uint_t push);
static ngx_http_v2_node_t *ngx_http_v2_get_node_by_id(
ngx_http_v2_connection_t *h2c, ngx_uint_t sid, ngx_uint_t alloc);
static ngx_http_v2_node_t *ngx_http_v2_get_closed_node(
@@ -150,18 +155,21 @@
static ngx_int_t ngx_http_v2_pseudo_header(ngx_http_request_t *r,
ngx_http_v2_header_t *header);
static ngx_int_t ngx_http_v2_parse_path(ngx_http_request_t *r,
- ngx_http_v2_header_t *header);
+ ngx_str_t *value);
static ngx_int_t ngx_http_v2_parse_method(ngx_http_request_t *r,
- ngx_http_v2_header_t *header);
+ ngx_str_t *value);
static ngx_int_t ngx_http_v2_parse_scheme(ngx_http_request_t *r,
- ngx_http_v2_header_t *header);
+ ngx_str_t *value);
static ngx_int_t ngx_http_v2_parse_authority(ngx_http_request_t *r,
- ngx_http_v2_header_t *header);
+ ngx_str_t *value);
+static ngx_int_t ngx_http_v2_parse_header(ngx_http_request_t *r,
+ ngx_http_v2_parse_header_t *header, ngx_str_t *value);
static ngx_int_t ngx_http_v2_construct_request_line(ngx_http_request_t *r);
static ngx_int_t ngx_http_v2_cookie(ngx_http_request_t *r,
ngx_http_v2_header_t *header);
static ngx_int_t ngx_http_v2_construct_cookie_header(ngx_http_request_t *r);
static void ngx_http_v2_run_request(ngx_http_request_t *r);
+static void ngx_http_v2_run_request_handler(ngx_event_t *ev);
static ngx_int_t ngx_http_v2_process_request_body(ngx_http_request_t *r,
u_char *pos, size_t size, ngx_uint_t last);
static ngx_int_t ngx_http_v2_filter_request_body(ngx_http_request_t *r);
@@ -185,22 +193,39 @@
static ngx_http_v2_handler_pt ngx_http_v2_frame_states[] = {
- ngx_http_v2_state_data,
- ngx_http_v2_state_headers,
- ngx_http_v2_state_priority,
- ngx_http_v2_state_rst_stream,
- ngx_http_v2_state_settings,
- ngx_http_v2_state_push_promise,
- ngx_http_v2_state_ping,
- ngx_http_v2_state_goaway,
- ngx_http_v2_state_window_update,
- ngx_http_v2_state_continuation
+ ngx_http_v2_state_data, /* NGX_HTTP_V2_DATA_FRAME */
+ ngx_http_v2_state_headers, /* NGX_HTTP_V2_HEADERS_FRAME */
+ ngx_http_v2_state_priority, /* NGX_HTTP_V2_PRIORITY_FRAME */
+ ngx_http_v2_state_rst_stream, /* NGX_HTTP_V2_RST_STREAM_FRAME */
+ ngx_http_v2_state_settings, /* NGX_HTTP_V2_SETTINGS_FRAME */
+ ngx_http_v2_state_push_promise, /* NGX_HTTP_V2_PUSH_PROMISE_FRAME */
+ ngx_http_v2_state_ping, /* NGX_HTTP_V2_PING_FRAME */
+ ngx_http_v2_state_goaway, /* NGX_HTTP_V2_GOAWAY_FRAME */
+ ngx_http_v2_state_window_update, /* NGX_HTTP_V2_WINDOW_UPDATE_FRAME */
+ ngx_http_v2_state_continuation /* NGX_HTTP_V2_CONTINUATION_FRAME */
};
#define NGX_HTTP_V2_FRAME_STATES \
(sizeof(ngx_http_v2_frame_states) / sizeof(ngx_http_v2_handler_pt))
+static ngx_http_v2_parse_header_t ngx_http_v2_parse_headers[] = {
+ { ngx_string("host"),
+ offsetof(ngx_http_headers_in_t, host), 0, NULL },
+
+ { ngx_string("accept-encoding"),
+ offsetof(ngx_http_headers_in_t, accept_encoding), 0, NULL },
+
+ { ngx_string("accept-language"),
+ offsetof(ngx_http_headers_in_t, accept_language), 0, NULL },
+
+ { ngx_string("user-agent"),
+ offsetof(ngx_http_headers_in_t, user_agent), 0, NULL },
+
+ { ngx_null_string, 0, 0, NULL }
+};
+
+
void
ngx_http_v2_init(ngx_event_t *rev)
{
@@ -249,6 +274,8 @@
h2scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v2_module);
+ h2c->concurrent_pushes = h2scf->concurrent_pushes;
+
h2c->pool = ngx_create_pool(h2scf->pool_size, h2c->connection->log);
if (h2c->pool == NULL) {
ngx_http_close_connection(c);
@@ -366,7 +393,9 @@
break;
}
- if (n == 0 && (h2c->state.incomplete || h2c->processing)) {
+ if (n == 0
+ && (h2c->state.incomplete || h2c->processing || h2c->pushing))
+ {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client prematurely closed connection");
}
@@ -405,7 +434,7 @@
h2c->blocked = 0;
- if (h2c->processing) {
+ if (h2c->processing || h2c->pushing) {
if (rev->timer_set) {
ngx_del_timer(rev);
}
@@ -589,7 +618,7 @@
ngx_connection_t *c;
ngx_http_v2_srv_conf_t *h2scf;
- if (h2c->last_out || h2c->processing) {
+ if (h2c->last_out || h2c->processing || h2c->pushing) {
return;
}
@@ -635,6 +664,7 @@
h2c->pool = NULL;
h2c->free_frames = NULL;
+ h2c->frames = 0;
h2c->free_fake_connections = NULL;
#if (NGX_HTTP_SSL)
@@ -752,8 +782,8 @@
type, h2c->state.flags, h2c->state.length, h2c->state.sid);
if (type >= NGX_HTTP_V2_FRAME_STATES) {
- ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
- "http2 frame with unknown type %ui", type);
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent frame with unknown type %ui", type);
return ngx_http_v2_state_skip(h2c, pos, end);
}
@@ -1046,7 +1076,7 @@
depend = 0;
excl = 0;
- weight = 16;
+ weight = NGX_HTTP_V2_DEFAULT_WEIGHT;
if (priority) {
dependency = ngx_http_v2_parse_uint32(pos);
@@ -1059,7 +1089,8 @@
}
ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
- "http2 HEADERS frame sid:%ui on %ui excl:%ui weight:%ui",
+ "http2 HEADERS frame sid:%ui "
+ "depends on %ui excl:%ui weight:%ui",
h2c->state.sid, depend, excl, weight);
if (h2c->state.sid % 2 == 0 || h2c->state.sid <= h2c->last_sid) {
@@ -1122,7 +1153,7 @@
h2c->closed_nodes--;
}
- stream = ngx_http_v2_create_stream(h2c);
+ stream = ngx_http_v2_create_stream(h2c, 0);
if (stream == NULL) {
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_INTERNAL_ERROR);
}
@@ -1582,14 +1613,7 @@
}
if (rc == NGX_DECLINED) {
- if (ngx_http_v2_terminate_stream(h2c, h2c->state.stream,
- NGX_HTTP_V2_PROTOCOL_ERROR)
- == NGX_ERROR)
- {
- return ngx_http_v2_connection_error(h2c,
- NGX_HTTP_V2_INTERNAL_ERROR);
- }
-
+ ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
goto error;
}
@@ -1788,7 +1812,8 @@
pos += NGX_HTTP_V2_PRIORITY_SIZE;
ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
- "http2 PRIORITY frame sid:%ui on %ui excl:%ui weight:%ui",
+ "http2 PRIORITY frame sid:%ui "
+ "depends on %ui excl:%ui weight:%ui",
h2c->state.sid, depend, excl, weight);
if (h2c->state.sid == 0) {
@@ -1914,6 +1939,11 @@
"client canceled stream %ui", h2c->state.sid);
break;
+ case NGX_HTTP_V2_REFUSED_STREAM:
+ ngx_log_error(NGX_LOG_INFO, fc->log, 0,
+ "client refused stream %ui", h2c->state.sid);
+ break;
+
case NGX_HTTP_V2_INTERNAL_ERROR:
ngx_log_error(NGX_LOG_INFO, fc->log, 0,
"client terminated stream %ui due to internal error",
@@ -1961,6 +1991,9 @@
return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_SIZE_ERROR);
}
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 SETTINGS frame");
+
return ngx_http_v2_state_settings_params(h2c, pos, end);
}
@@ -1971,6 +2004,7 @@
{
ssize_t window_delta;
ngx_uint_t id, value;
+ ngx_http_v2_srv_conf_t *h2scf;
ngx_http_v2_out_frame_t *frame;
window_delta = 0;
@@ -1986,6 +2020,9 @@
id = ngx_http_v2_parse_uint16(pos);
value = ngx_http_v2_parse_uint32(&pos[2]);
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 setting %ui:%ui", id, value);
+
switch (id) {
case NGX_HTTP_V2_INIT_WINDOW_SIZE_SETTING:
@@ -2000,8 +2037,6 @@
}
window_delta = value - h2c->init_window;
-
- h2c->init_window = value;
break;
case NGX_HTTP_V2_MAX_FRAME_SIZE_SETTING:
@@ -2020,6 +2055,27 @@
h2c->frame_size = value;
break;
+ case NGX_HTTP_V2_ENABLE_PUSH_SETTING:
+
+ if (value > 1) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "client sent SETTINGS frame with incorrect "
+ "ENABLE_PUSH value %ui", value);
+
+ return ngx_http_v2_connection_error(h2c,
+ NGX_HTTP_V2_PROTOCOL_ERROR);
+ }
+
+ h2c->push_disabled = !value;
+ break;
+
+ case NGX_HTTP_V2_MAX_STREAMS_SETTING:
+ h2scf = ngx_http_get_module_srv_conf(h2c->http_connection->conf_ctx,
+ ngx_http_v2_module);
+
+ h2c->concurrent_pushes = ngx_min(value, h2scf->concurrent_pushes);
+ break;
+
default:
break;
}
@@ -2037,6 +2093,8 @@
ngx_http_v2_queue_ordered_frame(h2c, frame);
if (window_delta) {
+ h2c->init_window += window_delta;
+
if (ngx_http_v2_adjust_windows(h2c, window_delta) != NGX_OK) {
return ngx_http_v2_connection_error(h2c,
NGX_HTTP_V2_INTERNAL_ERROR);
@@ -2076,8 +2134,8 @@
return ngx_http_v2_state_save(h2c, pos, end, ngx_http_v2_state_ping);
}
- ngx_log_debug1(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
- "http2 PING frame, flags: %ud", h2c->state.flags);
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 PING frame");
if (h2c->state.flags & NGX_HTTP_V2_ACK_FLAG) {
return ngx_http_v2_state_skip(h2c, pos, end);
@@ -2485,6 +2543,166 @@
}
+ngx_http_v2_stream_t *
+ngx_http_v2_push_stream(ngx_http_v2_stream_t *parent, ngx_str_t *path)
+{
+ ngx_int_t rc;
+ ngx_str_t value;
+ ngx_pool_t *pool;
+ ngx_uint_t index;
+ ngx_table_elt_t **h;
+ ngx_connection_t *fc;
+ ngx_http_request_t *r;
+ ngx_http_v2_node_t *node;
+ ngx_http_v2_stream_t *stream;
+ ngx_http_v2_srv_conf_t *h2scf;
+ ngx_http_v2_connection_t *h2c;
+ ngx_http_v2_parse_header_t *header;
+
+ h2c = parent->connection;
+
+ pool = ngx_create_pool(1024, h2c->connection->log);
+ if (pool == NULL) {
+ goto rst_stream;
+ }
+
+ node = ngx_http_v2_get_node_by_id(h2c, h2c->last_push, 1);
+
+ if (node == NULL) {
+ ngx_destroy_pool(pool);
+ goto rst_stream;
+ }
+
+ stream = ngx_http_v2_create_stream(h2c, 1);
+ if (stream == NULL) {
+
+ if (node->parent == NULL) {
+ h2scf = ngx_http_get_module_srv_conf(h2c->http_connection->conf_ctx,
+ ngx_http_v2_module);
+
+ index = ngx_http_v2_index(h2scf, h2c->last_push);
+ h2c->streams_index[index] = node->index;
+
+ ngx_queue_insert_tail(&h2c->closed, &node->reuse);
+ h2c->closed_nodes++;
+ }
+
+ ngx_destroy_pool(pool);
+ goto rst_stream;
+ }
+
+ if (node->parent) {
+ ngx_queue_remove(&node->reuse);
+ h2c->closed_nodes--;
+ }
+
+ stream->pool = pool;
+
+ r = stream->request;
+ fc = r->connection;
+
+ stream->in_closed = 1;
+ stream->node = node;
+
+ node->stream = stream;
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 push stream sid:%ui "
+ "depends on %ui excl:0 weight:16",
+ h2c->last_push, parent->node->id);
+
+ node->weight = NGX_HTTP_V2_DEFAULT_WEIGHT;
+ ngx_http_v2_set_dependency(h2c, node, parent->node->id, 0);
+
+ r->method_name = ngx_http_core_get_method;
+ r->method = NGX_HTTP_GET;
+
+ r->schema_start = (u_char *) "https";
+
+#if (NGX_HTTP_SSL)
+ if (fc->ssl) {
+ r->schema_end = r->schema_start + 5;
+
+ } else
+#endif
+ {
+ r->schema_end = r->schema_start + 4;
+ }
+
+ value.data = ngx_pstrdup(pool, path);
+ if (value.data == NULL) {
+ goto close;
+ }
+
+ value.len = path->len;
+
+ rc = ngx_http_v2_parse_path(r, &value);
+
+ if (rc != NGX_OK) {
+ goto error;
+ }
+
+ for (header = ngx_http_v2_parse_headers; header->name.len; header++) {
+ h = (ngx_table_elt_t **)
+ ((char *) &parent->request->headers_in + header->offset);
+
+ if (*h == NULL) {
+ continue;
+ }
+
+ value.len = (*h)->value.len;
+
+ value.data = ngx_pnalloc(pool, value.len + 1);
+ if (value.data == NULL) {
+ goto close;
+ }
+
+ ngx_memcpy(value.data, (*h)->value.data, value.len);
+ value.data[value.len] = '\0';
+
+ rc = ngx_http_v2_parse_header(r, header, &value);
+
+ if (rc != NGX_OK) {
+ goto error;
+ }
+ }
+
+ fc->write->handler = ngx_http_v2_run_request_handler;
+ ngx_post_event(fc->write, &ngx_posted_events);
+
+ return stream;
+
+error:
+
+ if (rc == NGX_ABORT) {
+ /* header handler has already finalized request */
+ return NULL;
+ }
+
+ if (rc == NGX_DECLINED) {
+ ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
+ return NULL;
+ }
+
+close:
+
+ ngx_http_v2_close_stream(stream, NGX_HTTP_INTERNAL_SERVER_ERROR);
+
+ return NULL;
+
+rst_stream:
+
+ if (ngx_http_v2_send_rst_stream(h2c, h2c->last_push,
+ NGX_HTTP_INTERNAL_SERVER_ERROR)
+ != NGX_OK)
+ {
+ h2c->connection->error = 1;
+ }
+
+ return NULL;
+}
+
+
static ngx_int_t
ngx_http_v2_send_settings(ngx_http_v2_connection_t *h2c)
{
@@ -2678,7 +2896,7 @@
frame->blocked = 0;
- } else {
+ } else if (h2c->frames < 10000) {
pool = h2c->pool ? h2c->pool : h2c->connection->pool;
frame = ngx_pcalloc(pool, sizeof(ngx_http_v2_out_frame_t));
@@ -2702,6 +2920,15 @@
frame->last = frame->first;
frame->handler = ngx_http_v2_frame_handler;
+
+ h2c->frames++;
+
+ } else {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "http2 flood detected");
+
+ h2c->connection->error = 1;
+ return NULL;
}
#if (NGX_DEBUG)
@@ -2745,7 +2972,7 @@
static ngx_http_v2_stream_t *
-ngx_http_v2_create_stream(ngx_http_v2_connection_t *h2c)
+ngx_http_v2_create_stream(ngx_http_v2_connection_t *h2c, ngx_uint_t push)
{
ngx_log_t *log;
ngx_event_t *rev, *wev;
@@ -2800,7 +3027,13 @@
ngx_memcpy(log, h2c->connection->log, sizeof(ngx_log_t));
log->data = ctx;
- log->action = "reading client request headers";
+
+ if (push) {
+ log->action = "processing pushed request headers";
+
+ } else {
+ log->action = "reading client request headers";
+ }
ngx_memzero(rev, sizeof(ngx_event_t));
@@ -2872,7 +3105,12 @@
stream->send_window = h2c->init_window;
stream->recv_window = h2scf->preread_size;
- h2c->processing++;
+ if (push) {
+ h2c->pushing++;
+
+ } else {
+ h2c->processing++;
+ }
return stream;
}
@@ -3030,19 +3268,9 @@
continue;
}
- switch (ch) {
- case '\0':
- case LF:
- case CR:
- case ':':
- ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
- "client sent invalid header name: \"%V\"",
- &header->name);
-
- return NGX_ERROR;
- }
-
- if (ch >= 'A' && ch <= 'Z') {
+ if (ch == '\0' || ch == LF || ch == CR || ch == ':'
+ || (ch >= 'A' && ch <= 'Z'))
+ {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid header name: \"%V\"",
&header->name);
@@ -3056,10 +3284,7 @@
for (i = 0; i != header->value.len; i++) {
ch = header->value.data[i];
- switch (ch) {
- case '\0':
- case LF:
- case CR:
+ if (ch == '\0' || ch == LF || ch == CR) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent header \"%V\" with "
"invalid value: \"%V\"",
@@ -3084,7 +3309,7 @@
if (ngx_memcmp(header->name.data, "path", sizeof("path") - 1)
== 0)
{
- return ngx_http_v2_parse_path(r, header);
+ return ngx_http_v2_parse_path(r, &header->value);
}
break;
@@ -3093,13 +3318,13 @@
if (ngx_memcmp(header->name.data, "method", sizeof("method") - 1)
== 0)
{
- return ngx_http_v2_parse_method(r, header);
+ return ngx_http_v2_parse_method(r, &header->value);
}
if (ngx_memcmp(header->name.data, "scheme", sizeof("scheme") - 1)
== 0)
{
- return ngx_http_v2_parse_scheme(r, header);
+ return ngx_http_v2_parse_scheme(r, &header->value);
}
break;
@@ -3108,7 +3333,7 @@
if (ngx_memcmp(header->name.data, "authority", sizeof("authority") - 1)
== 0)
{
- return ngx_http_v2_parse_authority(r, header);
+ return ngx_http_v2_parse_authority(r, &header->value);
}
break;
@@ -3123,7 +3348,7 @@
static ngx_int_t
-ngx_http_v2_parse_path(ngx_http_request_t *r, ngx_http_v2_header_t *header)
+ngx_http_v2_parse_path(ngx_http_request_t *r, ngx_str_t *value)
{
if (r->unparsed_uri.len) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
@@ -3132,20 +3357,19 @@
return NGX_DECLINED;
}
- if (header->value.len == 0) {
+ if (value->len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent empty :path header");
return NGX_DECLINED;
}
- r->uri_start = header->value.data;
- r->uri_end = header->value.data + header->value.len;
+ r->uri_start = value->data;
+ r->uri_end = value->data + value->len;
if (ngx_http_parse_uri(r) != NGX_OK) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
- "client sent invalid :path header: \"%V\"",
- &header->value);
+ "client sent invalid :path header: \"%V\"", value);
return NGX_DECLINED;
}
@@ -3163,7 +3387,7 @@
static ngx_int_t
-ngx_http_v2_parse_method(ngx_http_request_t *r, ngx_http_v2_header_t *header)
+ngx_http_v2_parse_method(ngx_http_request_t *r, ngx_str_t *value)
{
size_t k, len;
ngx_uint_t n;
@@ -3203,15 +3427,15 @@
return NGX_DECLINED;
}
- if (header->value.len == 0) {
+ if (value->len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent empty :method header");
return NGX_DECLINED;
}
- r->method_name.len = header->value.len;
- r->method_name.data = header->value.data;
+ r->method_name.len = value->len;
+ r->method_name.data = value->data;
len = r->method_name.len;
n = sizeof(tests) / sizeof(tests[0]);
@@ -3258,7 +3482,7 @@
static ngx_int_t
-ngx_http_v2_parse_scheme(ngx_http_request_t *r, ngx_http_v2_header_t *header)
+ngx_http_v2_parse_scheme(ngx_http_request_t *r, ngx_str_t *value)
{
if (r->schema_start) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
@@ -3267,58 +3491,62 @@
return NGX_DECLINED;
}
- if (header->value.len == 0) {
+ if (value->len == 0) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent empty :scheme header");
return NGX_DECLINED;
}
- r->schema_start = header->value.data;
- r->schema_end = header->value.data + header->value.len;
+ r->schema_start = value->data;
+ r->schema_end = value->data + value->len;
return NGX_OK;
}
static ngx_int_t
-ngx_http_v2_parse_authority(ngx_http_request_t *r, ngx_http_v2_header_t *header)
+ngx_http_v2_parse_authority(ngx_http_request_t *r, ngx_str_t *value)
+{
+ return ngx_http_v2_parse_header(r, &ngx_http_v2_parse_headers[0], value);
+}
+
+
+static ngx_int_t
+ngx_http_v2_parse_header(ngx_http_request_t *r,
+ ngx_http_v2_parse_header_t *header, ngx_str_t *value)
{
ngx_table_elt_t *h;
- ngx_http_header_t *hh;
ngx_http_core_main_conf_t *cmcf;
- static ngx_str_t host = ngx_string("host");
-
h = ngx_list_push(&r->headers_in.headers);
if (h == NULL) {
return NGX_ERROR;
}
- h->hash = ngx_hash_key(host.data, host.len);
+ h->key.len = header->name.len;
+ h->key.data = header->name.data;
+ h->lowcase_key = header->name.data;
- h->key.len = host.len;
- h->key.data = host.data;
+ if (header->hh == NULL) {
+ header->hash = ngx_hash_key(header->name.data, header->name.len);
- h->value.len = header->value.len;
- h->value.data = header->value.data;
-
- h->lowcase_key = host.data;
+ cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
- cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
+ header->hh = ngx_hash_find(&cmcf->headers_in_hash, header->hash,
+ h->lowcase_key, h->key.len);
+ if (header->hh == NULL) {
+ return NGX_ERROR;
+ }
+ }
- hh = ngx_hash_find(&cmcf->headers_in_hash, h->hash,
- h->lowcase_key, h->key.len);
+ h->hash = header->hash;
- if (hh == NULL) {
- return NGX_ERROR;
- }
+ h->value.len = value->len;
+ h->value.data = value->data;
- if (hh->handler(r, h, hh->offset) != NGX_OK) {
- /*
- * request has been finalized already
- * in ngx_http_process_host()
- */
+ if (header->hh->handler(r, h, header->hh->offset) != NGX_OK) {
+ /* header handler has already finalized request */
return NGX_ABORT;
}
@@ -3343,7 +3571,7 @@
} else if (r->schema_start == NULL) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
- "client sent no :schema header");
+ "client sent no :scheme header");
} else {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
@@ -3468,7 +3696,8 @@
return NGX_ERROR;
}
- h->hash = ngx_hash_key(cookie.data, cookie.len);
+ h->hash = ngx_hash(ngx_hash(ngx_hash(ngx_hash(
+ ngx_hash('c', 'o'), 'o'), 'k'), 'i'), 'e');
h->key.len = cookie.len;
h->key.data = cookie.data;
@@ -3535,6 +3764,22 @@
}
+static void
+ngx_http_v2_run_request_handler(ngx_event_t *ev)
+{
+ ngx_connection_t *fc;
+ ngx_http_request_t *r;
+
+ fc = ev->data;
+ r = fc->data;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 run request handler");
+
+ ngx_http_v2_run_request(r);
+}
+
+
ngx_int_t
ngx_http_v2_read_request_body(ngx_http_request_t *r)
{
@@ -3694,8 +3939,8 @@
} else {
if (size > (size_t) (buf->end - buf->last)) {
ngx_log_error(NGX_LOG_INFO, fc->log, 0,
- "client intended to send body data "
- "larger than declared");
+ "client intended to send body data "
+ "larger than declared");
return NGX_HTTP_BAD_REQUEST;
}
@@ -4006,6 +4251,7 @@
ngx_http_v2_close_stream(ngx_http_v2_stream_t *stream, ngx_int_t rc)
{
ngx_pool_t *pool;
+ ngx_uint_t push;
ngx_event_t *ev;
ngx_connection_t *fc;
ngx_http_v2_node_t *node;
@@ -4014,9 +4260,10 @@
h2c = stream->connection;
node = stream->node;
- ngx_log_debug3(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
- "http2 close stream %ui, queued %ui, processing %ui",
- node->id, stream->queued, h2c->processing);
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 close stream %ui, queued %ui, "
+ "processing %ui, pushing %ui",
+ node->id, stream->queued, h2c->processing, h2c->pushing);
fc = stream->request->connection;
@@ -4072,6 +4319,8 @@
h2c->state.stream = NULL;
}
+ push = stream->node->id % 2 == 0;
+
node->stream = NULL;
ngx_queue_insert_tail(&h2c->closed, &node->reuse);
@@ -4119,9 +4368,14 @@
fc->data = h2c->free_fake_connections;
h2c->free_fake_connections = fc;
- h2c->processing--;
+ if (push) {
+ h2c->pushing--;
- if (h2c->processing || h2c->blocked) {
+ } else {
+ h2c->processing--;
+ }
+
+ if (h2c->processing || h2c->pushing || h2c->blocked) {
return;
}
@@ -4227,12 +4481,19 @@
#endif
- c->destroyed = 0;
- ngx_reusable_connection(c, 0);
-
h2scf = ngx_http_get_module_srv_conf(h2c->http_connection->conf_ctx,
ngx_http_v2_module);
+ if (h2c->idle++ > 10 * h2scf->max_requests) {
+ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0,
+ "http2 flood detected");
+ ngx_http_v2_finalize_connection(h2c, NGX_HTTP_V2_NO_ERROR);
+ return;
+ }
+
+ c->destroyed = 0;
+ ngx_reusable_connection(c, 0);
+
h2c->pool = ngx_create_pool(h2scf->pool_size, h2c->connection->log);
if (h2c->pool == NULL) {
ngx_http_v2_finalize_connection(h2c, NGX_HTTP_V2_INTERNAL_ERROR);
@@ -4270,7 +4531,7 @@
c->error = 1;
- if (!h2c->processing) {
+ if (!h2c->processing && !h2c->pushing) {
ngx_http_close_connection(c);
return;
}
@@ -4319,7 +4580,7 @@
h2c->blocked = 0;
- if (h2c->processing) {
+ if (h2c->processing || h2c->pushing) {
return;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2.h
^
|
@@ -18,12 +18,15 @@
#define NGX_HTTP_V2_STATE_BUFFER_SIZE 16
+#define NGX_HTTP_V2_DEFAULT_FRAME_SIZE (1 << 14)
#define NGX_HTTP_V2_MAX_FRAME_SIZE ((1 << 24) - 1)
#define NGX_HTTP_V2_INT_OCTETS 4
#define NGX_HTTP_V2_MAX_FIELD \
(127 + (1 << (NGX_HTTP_V2_INT_OCTETS - 1) * 7) - 1)
+#define NGX_HTTP_V2_STREAM_ID_SIZE 4
+
#define NGX_HTTP_V2_FRAME_HEADER_SIZE 9
/* frame types */
@@ -49,6 +52,8 @@
#define NGX_HTTP_V2_MAX_WINDOW ((1U << 31) - 1)
#define NGX_HTTP_V2_DEFAULT_WINDOW 65535
+#define NGX_HTTP_V2_DEFAULT_WEIGHT 16
+
typedef struct ngx_http_v2_connection_s ngx_http_v2_connection_t;
typedef struct ngx_http_v2_node_s ngx_http_v2_node_t;
@@ -115,6 +120,11 @@
ngx_http_connection_t *http_connection;
ngx_uint_t processing;
+ ngx_uint_t frames;
+ ngx_uint_t idle;
+
+ ngx_uint_t pushing;
+ ngx_uint_t concurrent_pushes;
size_t send_window;
size_t recv_window;
@@ -141,12 +151,14 @@
ngx_queue_t closed;
ngx_uint_t last_sid;
+ ngx_uint_t last_push;
unsigned closed_nodes:8;
unsigned settings_ack:1;
unsigned table_update:1;
unsigned blocked:1;
unsigned goaway:1;
+ unsigned push_disabled:1;
};
@@ -188,8 +200,6 @@
ngx_array_t *cookies;
- size_t header_limit;
-
ngx_pool_t *pool;
unsigned waiting:1;
@@ -272,16 +282,21 @@
void ngx_http_v2_init(ngx_event_t *rev);
-void ngx_http_v2_request_headers_init(void);
ngx_int_t ngx_http_v2_read_request_body(ngx_http_request_t *r);
ngx_int_t ngx_http_v2_read_unbuffered_request_body(ngx_http_request_t *r);
+ngx_http_v2_stream_t *ngx_http_v2_push_stream(ngx_http_v2_stream_t *parent,
+ ngx_str_t *path);
+
void ngx_http_v2_close_stream(ngx_http_v2_stream_t *stream, ngx_int_t rc);
ngx_int_t ngx_http_v2_send_output_queue(ngx_http_v2_connection_t *h2c);
+ngx_str_t *ngx_http_v2_get_static_name(ngx_uint_t index);
+ngx_str_t *ngx_http_v2_get_static_value(ngx_uint_t index);
+
ngx_int_t ngx_http_v2_get_indexed_header(ngx_http_v2_connection_t *h2c,
ngx_uint_t index, ngx_uint_t name_only);
ngx_int_t ngx_http_v2_add_header(ngx_http_v2_connection_t *h2c,
@@ -348,4 +363,53 @@
#define ngx_http_v2_write_sid ngx_http_v2_write_uint32
+
+#define ngx_http_v2_indexed(i) (128 + (i))
+#define ngx_http_v2_inc_indexed(i) (64 + (i))
+
+#define ngx_http_v2_write_name(dst, src, len, tmp) \
+ ngx_http_v2_string_encode(dst, src, len, tmp, 1)
+#define ngx_http_v2_write_value(dst, src, len, tmp) \
+ ngx_http_v2_string_encode(dst, src, len, tmp, 0)
+
+#define NGX_HTTP_V2_ENCODE_RAW 0
+#define NGX_HTTP_V2_ENCODE_HUFF 0x80
+
+#define NGX_HTTP_V2_AUTHORITY_INDEX 1
+
+#define NGX_HTTP_V2_METHOD_INDEX 2
+#define NGX_HTTP_V2_METHOD_GET_INDEX 2
+#define NGX_HTTP_V2_METHOD_POST_INDEX 3
+
+#define NGX_HTTP_V2_PATH_INDEX 4
+#define NGX_HTTP_V2_PATH_ROOT_INDEX 4
+
+#define NGX_HTTP_V2_SCHEME_HTTP_INDEX 6
+#define NGX_HTTP_V2_SCHEME_HTTPS_INDEX 7
+
+#define NGX_HTTP_V2_STATUS_INDEX 8
+#define NGX_HTTP_V2_STATUS_200_INDEX 8
+#define NGX_HTTP_V2_STATUS_204_INDEX 9
+#define NGX_HTTP_V2_STATUS_206_INDEX 10
+#define NGX_HTTP_V2_STATUS_304_INDEX 11
+#define NGX_HTTP_V2_STATUS_400_INDEX 12
+#define NGX_HTTP_V2_STATUS_404_INDEX 13
+#define NGX_HTTP_V2_STATUS_500_INDEX 14
+
+#define NGX_HTTP_V2_ACCEPT_ENCODING_INDEX 16
+#define NGX_HTTP_V2_ACCEPT_LANGUAGE_INDEX 17
+#define NGX_HTTP_V2_CONTENT_LENGTH_INDEX 28
+#define NGX_HTTP_V2_CONTENT_TYPE_INDEX 31
+#define NGX_HTTP_V2_DATE_INDEX 33
+#define NGX_HTTP_V2_LAST_MODIFIED_INDEX 44
+#define NGX_HTTP_V2_LOCATION_INDEX 46
+#define NGX_HTTP_V2_SERVER_INDEX 54
+#define NGX_HTTP_V2_USER_AGENT_INDEX 58
+#define NGX_HTTP_V2_VARY_INDEX 59
+
+
+u_char *ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len,
+ u_char *tmp, ngx_uint_t lower);
+
+
#endif /* _NGX_HTTP_V2_H_INCLUDED_ */
|
[-]
[+]
|
Added |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2_encode.c
^
|
@@ -0,0 +1,62 @@
+
+/*
+ * Copyright (C) Nginx, Inc.
+ * Copyright (C) Valentin V. Bartenev
+ */
+
+
+#include <ngx_config.h>
+#include <ngx_core.h>
+#include <ngx_http.h>
+
+
+static u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix,
+ ngx_uint_t value);
+
+
+u_char *
+ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len, u_char *tmp,
+ ngx_uint_t lower)
+{
+ size_t hlen;
+
+ hlen = ngx_http_v2_huff_encode(src, len, tmp, lower);
+
+ if (hlen > 0) {
+ *dst = NGX_HTTP_V2_ENCODE_HUFF;
+ dst = ngx_http_v2_write_int(dst, ngx_http_v2_prefix(7), hlen);
+ return ngx_cpymem(dst, tmp, hlen);
+ }
+
+ *dst = NGX_HTTP_V2_ENCODE_RAW;
+ dst = ngx_http_v2_write_int(dst, ngx_http_v2_prefix(7), len);
+
+ if (lower) {
+ ngx_strlow(dst, src, len);
+ return dst + len;
+ }
+
+ return ngx_cpymem(dst, src, len);
+}
+
+
+static u_char *
+ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value)
+{
+ if (value < prefix) {
+ *pos++ |= value;
+ return pos;
+ }
+
+ *pos++ |= prefix;
+ value -= prefix;
+
+ while (value >= 128) {
+ *pos++ = value % 128 + 128;
+ value /= 128;
+ }
+
+ *pos++ = (u_char) value;
+
+ return pos;
+}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2_filter_module.c
^
|
@@ -2,6 +2,7 @@
/*
* Copyright (C) Nginx, Inc.
* Copyright (C) Valentin V. Bartenev
+ * Copyright (C) Ruslan Ermilov
*/
@@ -22,43 +23,43 @@
#define ngx_http_v2_literal_size(h) \
(ngx_http_v2_integer_octets(sizeof(h) - 1) + sizeof(h) - 1)
-#define ngx_http_v2_indexed(i) (128 + (i))
-#define ngx_http_v2_inc_indexed(i) (64 + (i))
-
-#define ngx_http_v2_write_name(dst, src, len, tmp) \
- ngx_http_v2_string_encode(dst, src, len, tmp, 1)
-#define ngx_http_v2_write_value(dst, src, len, tmp) \
- ngx_http_v2_string_encode(dst, src, len, tmp, 0)
-
-#define NGX_HTTP_V2_ENCODE_RAW 0
-#define NGX_HTTP_V2_ENCODE_HUFF 0x80
-
-#define NGX_HTTP_V2_STATUS_INDEX 8
-#define NGX_HTTP_V2_STATUS_200_INDEX 8
-#define NGX_HTTP_V2_STATUS_204_INDEX 9
-#define NGX_HTTP_V2_STATUS_206_INDEX 10
-#define NGX_HTTP_V2_STATUS_304_INDEX 11
-#define NGX_HTTP_V2_STATUS_400_INDEX 12
-#define NGX_HTTP_V2_STATUS_404_INDEX 13
-#define NGX_HTTP_V2_STATUS_500_INDEX 14
-
-#define NGX_HTTP_V2_CONTENT_LENGTH_INDEX 28
-#define NGX_HTTP_V2_CONTENT_TYPE_INDEX 31
-#define NGX_HTTP_V2_DATE_INDEX 33
-#define NGX_HTTP_V2_LAST_MODIFIED_INDEX 44
-#define NGX_HTTP_V2_LOCATION_INDEX 46
-#define NGX_HTTP_V2_SERVER_INDEX 54
-#define NGX_HTTP_V2_VARY_INDEX 59
#define NGX_HTTP_V2_NO_TRAILERS (ngx_http_v2_out_frame_t *) -1
-static u_char *ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len,
- u_char *tmp, ngx_uint_t lower);
-static u_char *ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix,
- ngx_uint_t value);
+typedef struct {
+ ngx_str_t name;
+ u_char index;
+ ngx_uint_t offset;
+} ngx_http_v2_push_header_t;
+
+
+static ngx_http_v2_push_header_t ngx_http_v2_push_headers[] = {
+ { ngx_string(":authority"), NGX_HTTP_V2_AUTHORITY_INDEX,
+ offsetof(ngx_http_headers_in_t, host) },
+
+ { ngx_string("accept-encoding"), NGX_HTTP_V2_ACCEPT_ENCODING_INDEX,
+ offsetof(ngx_http_headers_in_t, accept_encoding) },
+
+ { ngx_string("accept-language"), NGX_HTTP_V2_ACCEPT_LANGUAGE_INDEX,
+ offsetof(ngx_http_headers_in_t, accept_language) },
+
+ { ngx_string("user-agent"), NGX_HTTP_V2_USER_AGENT_INDEX,
+ offsetof(ngx_http_headers_in_t, user_agent) },
+};
+
+#define NGX_HTTP_V2_PUSH_HEADERS \
+ (sizeof(ngx_http_v2_push_headers) / sizeof(ngx_http_v2_push_header_t))
+
+
+static ngx_int_t ngx_http_v2_push_resources(ngx_http_request_t *r);
+static ngx_int_t ngx_http_v2_push_resource(ngx_http_request_t *r,
+ ngx_str_t *path, ngx_str_t *binary);
+
static ngx_http_v2_out_frame_t *ngx_http_v2_create_headers_frame(
ngx_http_request_t *r, u_char *pos, u_char *end, ngx_uint_t fin);
+static ngx_http_v2_out_frame_t *ngx_http_v2_create_push_frame(
+ ngx_http_request_t *r, u_char *pos, u_char *end);
static ngx_http_v2_out_frame_t *ngx_http_v2_create_trailers_frame(
ngx_http_request_t *r);
@@ -81,6 +82,8 @@
static ngx_int_t ngx_http_v2_headers_frame_handler(
ngx_http_v2_connection_t *h2c, ngx_http_v2_out_frame_t *frame);
+static ngx_int_t ngx_http_v2_push_frame_handler(
+ ngx_http_v2_connection_t *h2c, ngx_http_v2_out_frame_t *frame);
static ngx_int_t ngx_http_v2_data_frame_handler(
ngx_http_v2_connection_t *h2c, ngx_http_v2_out_frame_t *frame);
static ngx_inline void ngx_http_v2_handle_frame(
@@ -133,11 +136,12 @@
u_char status, *pos, *start, *p, *tmp;
size_t len, tmp_len;
ngx_str_t host, location;
- ngx_uint_t i, port;
+ ngx_uint_t i, port, fin;
ngx_list_part_t *part;
ngx_table_elt_t *header;
ngx_connection_t *fc;
ngx_http_cleanup_t *cln;
+ ngx_http_v2_stream_t *stream;
ngx_http_v2_out_frame_t *frame;
ngx_http_v2_connection_t *h2c;
ngx_http_core_loc_conf_t *clcf;
@@ -157,7 +161,9 @@
ngx_http_v2_literal_size(NGINX_VER_BUILD);
static u_char nginx_ver_build[ngx_http_v2_literal_size(NGINX_VER_BUILD)];
- if (!r->stream) {
+ stream = r->stream;
+
+ if (!stream) {
return ngx_http_next_header_filter(r);
}
@@ -236,7 +242,16 @@
}
}
- h2c = r->stream->connection;
+ h2c = stream->connection;
+
+ if (!h2c->push_disabled && !h2c->goaway
+ && stream->node->id % 2 == 1
+ && r->method != NGX_HTTP_HEAD)
+ {
+ if (ngx_http_v2_push_resources(r) != NGX_OK) {
+ return NGX_ERROR;
+ }
+ }
len = h2c->table_update ? 1 : 0;
@@ -628,14 +643,17 @@
header[i].value.len, tmp);
}
- frame = ngx_http_v2_create_headers_frame(r, start, pos, r->header_only);
+ fin = r->header_only
+ || (r->headers_out.content_length_n == 0 && !r->expect_trailers);
+
+ frame = ngx_http_v2_create_headers_frame(r, start, pos, fin);
if (frame == NULL) {
return NGX_ERROR;
}
- ngx_http_v2_queue_blocked_frame(r->stream->connection, frame);
+ ngx_http_v2_queue_blocked_frame(h2c, frame);
- r->stream->queued = 1;
+ stream->queued++;
cln = ngx_http_cleanup_add(r, 0);
if (cln == NULL) {
@@ -643,172 +661,415 @@
}
cln->handler = ngx_http_v2_filter_cleanup;
- cln->data = r->stream;
+ cln->data = stream;
fc->send_chain = ngx_http_v2_send_chain;
fc->need_last_buf = 1;
- return ngx_http_v2_filter_send(fc, r->stream);
+ return ngx_http_v2_filter_send(fc, stream);
}
-static ngx_http_v2_out_frame_t *
-ngx_http_v2_create_trailers_frame(ngx_http_request_t *r)
+static ngx_int_t
+ngx_http_v2_push_resources(ngx_http_request_t *r)
{
- u_char *pos, *start, *tmp;
- size_t len, tmp_len;
- ngx_uint_t i;
- ngx_list_part_t *part;
- ngx_table_elt_t *header;
+ u_char *start, *end, *last;
+ ngx_int_t rc;
+ ngx_str_t path;
+ ngx_uint_t i, push;
+ ngx_table_elt_t **h;
+ ngx_http_v2_loc_conf_t *h2lcf;
+ ngx_http_complex_value_t *pushes;
+ ngx_str_t binary[NGX_HTTP_V2_PUSH_HEADERS];
- len = 0;
- tmp_len = 0;
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "http2 push resources");
- part = &r->headers_out.trailers.part;
- header = part->elts;
+ ngx_memzero(binary, NGX_HTTP_V2_PUSH_HEADERS * sizeof(ngx_str_t));
- for (i = 0; /* void */; i++) {
+ h2lcf = ngx_http_get_module_loc_conf(r, ngx_http_v2_module);
- if (i >= part->nelts) {
- if (part->next == NULL) {
- break;
+ if (h2lcf->pushes) {
+ pushes = h2lcf->pushes->elts;
+
+ for (i = 0; i < h2lcf->pushes->nelts; i++) {
+
+ if (ngx_http_complex_value(r, &pushes[i], &path) != NGX_OK) {
+ return NGX_ERROR;
}
- part = part->next;
- header = part->elts;
- i = 0;
+ if (path.len == 0) {
+ continue;
+ }
+
+ if (path.len == 3 && ngx_strncmp(path.data, "off", 3) == 0) {
+ continue;
+ }
+
+ rc = ngx_http_v2_push_resource(r, &path, binary);
+
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
+
+ if (rc == NGX_ABORT) {
+ return NGX_OK;
+ }
+
+ /* NGX_OK, NGX_DECLINED */
}
+ }
- if (header[i].hash == 0) {
+ if (!h2lcf->push_preload) {
+ return NGX_OK;
+ }
+
+ h = r->headers_out.link.elts;
+
+ for (i = 0; i < r->headers_out.link.nelts; i++) {
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "http2 parse link: \"%V\"", &h[i]->value);
+
+ start = h[i]->value.data;
+ end = h[i]->value.data + h[i]->value.len;
+
+ next_link:
+
+ while (start < end && *start == ' ') { start++; }
+
+ if (start == end || *start++ != '<') {
continue;
}
- if (header[i].key.len > NGX_HTTP_V2_MAX_FIELD) {
- ngx_log_error(NGX_LOG_CRIT, r->connection->log, 0,
- "too long response trailer name: \"%V\"",
- &header[i].key);
- return NULL;
+ while (start < end && *start == ' ') { start++; }
+
+ for (last = start; last < end && *last != '>'; last++) {
+ /* void */
}
- if (header[i].value.len > NGX_HTTP_V2_MAX_FIELD) {
- ngx_log_error(NGX_LOG_CRIT, r->connection->log, 0,
- "too long response trailer value: \"%V: %V\"",
- &header[i].key, &header[i].value);
- return NULL;
+ if (last == start || last == end) {
+ continue;
}
- len += 1 + NGX_HTTP_V2_INT_OCTETS + header[i].key.len
- + NGX_HTTP_V2_INT_OCTETS + header[i].value.len;
+ path.len = last - start;
+ path.data = start;
- if (header[i].key.len > tmp_len) {
- tmp_len = header[i].key.len;
+ start = last + 1;
+
+ while (start < end && *start == ' ') { start++; }
+
+ if (start == end) {
+ continue;
}
- if (header[i].value.len > tmp_len) {
- tmp_len = header[i].value.len;
+ if (*start == ',') {
+ start++;
+ goto next_link;
}
- }
- if (len == 0) {
- return NGX_HTTP_V2_NO_TRAILERS;
- }
+ if (*start++ != ';') {
+ continue;
+ }
- tmp = ngx_palloc(r->pool, tmp_len);
- pos = ngx_pnalloc(r->pool, len);
+ last = ngx_strlchr(start, end, ',');
- if (pos == NULL || tmp == NULL) {
- return NULL;
- }
+ if (last == NULL) {
+ last = end;
+ }
- start = pos;
+ push = 0;
- part = &r->headers_out.trailers.part;
- header = part->elts;
+ for ( ;; ) {
- for (i = 0; /* void */; i++) {
+ while (start < last && *start == ' ') { start++; }
- if (i >= part->nelts) {
- if (part->next == NULL) {
+ if (last - start >= 6
+ && ngx_strncasecmp(start, (u_char *) "nopush", 6) == 0)
+ {
+ start += 6;
+
+ if (start == last || *start == ' ' || *start == ';') {
+ push = 0;
+ break;
+ }
+
+ goto next_param;
+ }
+
+ if (last - start >= 11
+ && ngx_strncasecmp(start, (u_char *) "rel=preload", 11) == 0)
+ {
+ start += 11;
+
+ if (start == last || *start == ' ' || *start == ';') {
+ push = 1;
+ }
+
+ goto next_param;
+ }
+
+ if (last - start >= 4
+ && ngx_strncasecmp(start, (u_char *) "rel=", 4) == 0)
+ {
+ start += 4;
+
+ while (start < last && *start == ' ') { start++; }
+
+ if (start == last || *start++ != '"') {
+ goto next_param;
+ }
+
+ for ( ;; ) {
+
+ while (start < last && *start == ' ') { start++; }
+
+ if (last - start >= 7
+ && ngx_strncasecmp(start, (u_char *) "preload", 7) == 0)
+ {
+ start += 7;
+
+ if (start < last && (*start == ' ' || *start == '"')) {
+ push = 1;
+ break;
+ }
+ }
+
+ while (start < last && *start != ' ' && *start != '"') {
+ start++;
+ }
+
+ if (start == last) {
+ break;
+ }
+
+ if (*start == '"') {
+ break;
+ }
+
+ start++;
+ }
+ }
+
+ next_param:
+
+ start = ngx_strlchr(start, last, ';');
+
+ if (start == NULL) {
break;
}
- part = part->next;
- header = part->elts;
- i = 0;
+ start++;
}
- if (header[i].hash == 0) {
- continue;
+ if (push) {
+ while (path.len && path.data[path.len - 1] == ' ') {
+ path.len--;
+ }
}
-#if (NGX_DEBUG)
- if (r->connection->log->log_level & NGX_LOG_DEBUG_HTTP) {
- ngx_strlow(tmp, header[i].key.data, header[i].key.len);
+ if (push && path.len
+ && !(path.len > 1 && path.data[0] == '/' && path.data[1] == '/'))
+ {
+ rc = ngx_http_v2_push_resource(r, &path, binary);
- ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
- "http2 output trailer: \"%*s: %V\"",
- header[i].key.len, tmp, &header[i].value);
- }
-#endif
+ if (rc == NGX_ERROR) {
+ return NGX_ERROR;
+ }
- *pos++ = 0;
+ if (rc == NGX_ABORT) {
+ return NGX_OK;
+ }
- pos = ngx_http_v2_write_name(pos, header[i].key.data,
- header[i].key.len, tmp);
+ /* NGX_OK, NGX_DECLINED */
+ }
- pos = ngx_http_v2_write_value(pos, header[i].value.data,
- header[i].value.len, tmp);
+ if (last < end) {
+ start = last + 1;
+ goto next_link;
+ }
}
- return ngx_http_v2_create_headers_frame(r, start, pos, 1);
+ return NGX_OK;
}
-static u_char *
-ngx_http_v2_string_encode(u_char *dst, u_char *src, size_t len, u_char *tmp,
- ngx_uint_t lower)
+static ngx_int_t
+ngx_http_v2_push_resource(ngx_http_request_t *r, ngx_str_t *path,
+ ngx_str_t *binary)
{
- size_t hlen;
+ u_char *start, *pos, *tmp;
+ size_t len;
+ ngx_str_t *value;
+ ngx_uint_t i;
+ ngx_table_elt_t **h;
+ ngx_connection_t *fc;
+ ngx_http_v2_stream_t *stream;
+ ngx_http_v2_out_frame_t *frame;
+ ngx_http_v2_connection_t *h2c;
+ ngx_http_v2_push_header_t *ph;
+
+ fc = r->connection;
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0, "http2 push resource");
- hlen = ngx_http_v2_huff_encode(src, len, tmp, lower);
+ stream = r->stream;
+ h2c = stream->connection;
- if (hlen > 0) {
- *dst = NGX_HTTP_V2_ENCODE_HUFF;
- dst = ngx_http_v2_write_int(dst, ngx_http_v2_prefix(7), hlen);
- return ngx_cpymem(dst, tmp, hlen);
+ if (!ngx_path_separator(path->data[0])) {
+ ngx_log_error(NGX_LOG_WARN, fc->log, 0,
+ "non-absolute path \"%V\" not pushed", path);
+ return NGX_DECLINED;
}
- *dst = NGX_HTTP_V2_ENCODE_RAW;
- dst = ngx_http_v2_write_int(dst, ngx_http_v2_prefix(7), len);
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2 pushing:%ui limit:%ui",
+ h2c->pushing, h2c->concurrent_pushes);
- if (lower) {
- ngx_strlow(dst, src, len);
- return dst + len;
+ if (h2c->pushing >= h2c->concurrent_pushes) {
+ return NGX_ABORT;
}
- return ngx_cpymem(dst, src, len);
-}
+ if (h2c->last_push == 0x7ffffffe) {
+ return NGX_ABORT;
+ }
+ if (path->len > NGX_HTTP_V2_MAX_FIELD) {
+ return NGX_DECLINED;
+ }
-static u_char *
-ngx_http_v2_write_int(u_char *pos, ngx_uint_t prefix, ngx_uint_t value)
-{
- if (value < prefix) {
- *pos++ |= value;
- return pos;
+ if (r->headers_in.host == NULL) {
+ return NGX_ABORT;
+ }
+
+ ph = ngx_http_v2_push_headers;
+
+ if (binary[0].len) {
+ tmp = ngx_palloc(r->pool, path->len);
+ if (tmp == NULL) {
+ return NGX_ERROR;
+ }
+
+ } else {
+ len = path->len;
+
+ for (i = 0; i < NGX_HTTP_V2_PUSH_HEADERS; i++) {
+ h = (ngx_table_elt_t **) ((char *) &r->headers_in + ph[i].offset);
+
+ if (*h) {
+ len = ngx_max(len, (*h)->value.len);
+ }
+ }
+
+ tmp = ngx_palloc(r->pool, len);
+ if (tmp == NULL) {
+ return NGX_ERROR;
+ }
+
+ for (i = 0; i < NGX_HTTP_V2_PUSH_HEADERS; i++) {
+ h = (ngx_table_elt_t **) ((char *) &r->headers_in + ph[i].offset);
+
+ if (*h == NULL) {
+ continue;
+ }
+
+ value = &(*h)->value;
+
+ len = 1 + NGX_HTTP_V2_INT_OCTETS + value->len;
+
+ pos = ngx_pnalloc(r->pool, len);
+ if (pos == NULL) {
+ return NGX_ERROR;
+ }
+
+ binary[i].data = pos;
+
+ *pos++ = ngx_http_v2_inc_indexed(ph[i].index);
+ pos = ngx_http_v2_write_value(pos, value->data, value->len, tmp);
+
+ binary[i].len = pos - binary[i].data;
+ }
+ }
+
+ len = (h2c->table_update ? 1 : 0)
+ + 1
+ + 1 + NGX_HTTP_V2_INT_OCTETS + path->len
+ + 1;
+
+ for (i = 0; i < NGX_HTTP_V2_PUSH_HEADERS; i++) {
+ len += binary[i].len;
+ }
+
+ pos = ngx_pnalloc(r->pool, len);
+ if (pos == NULL) {
+ return NGX_ERROR;
}
- *pos++ |= prefix;
- value -= prefix;
+ start = pos;
+
+ if (h2c->table_update) {
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 table size update: 0");
+ *pos++ = (1 << 5) | 0;
+ h2c->table_update = 0;
+ }
+
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 push header: \":method: GET\"");
+
+ *pos++ = ngx_http_v2_indexed(NGX_HTTP_V2_METHOD_GET_INDEX);
+
+ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 push header: \":path: %V\"", path);
+
+ *pos++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_PATH_INDEX);
+ pos = ngx_http_v2_write_value(pos, path->data, path->len, tmp);
+
+#if (NGX_HTTP_SSL)
+ if (fc->ssl) {
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 push header: \":scheme: https\"");
+ *pos++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTPS_INDEX);
- while (value >= 128) {
- *pos++ = value % 128 + 128;
- value /= 128;
+ } else
+#endif
+ {
+ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 push header: \":scheme: http\"");
+ *pos++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTP_INDEX);
+ }
+
+ for (i = 0; i < NGX_HTTP_V2_PUSH_HEADERS; i++) {
+ h = (ngx_table_elt_t **) ((char *) &r->headers_in + ph[i].offset);
+
+ if (*h == NULL) {
+ continue;
+ }
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 push header: \"%V: %V\"",
+ &ph[i].name, &(*h)->value);
+
+ pos = ngx_cpymem(pos, binary[i].data, binary[i].len);
+ }
+
+ frame = ngx_http_v2_create_push_frame(r, start, pos);
+ if (frame == NULL) {
+ return NGX_ERROR;
}
- *pos++ = (u_char) value;
+ ngx_http_v2_queue_blocked_frame(h2c, frame);
+
+ stream->queued++;
- return pos;
+ stream = ngx_http_v2_push_stream(stream, path);
+
+ if (stream) {
+ stream->request->request_length = pos - start;
+ return NGX_OK;
+ }
+
+ return NGX_ERROR;
}
@@ -908,45 +1169,278 @@
cl->next = NULL;
frame->last = cl;
- ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
- "http2:%ui create HEADERS frame %p: len:%uz",
- stream->node->id, frame, frame->length);
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "http2:%ui create HEADERS frame %p: len:%uz fin:%ui",
+ stream->node->id, frame, frame->length, fin);
return frame;
}
}
-static ngx_chain_t *
-ngx_http_v2_send_chain(ngx_connection_t *fc, ngx_chain_t *in, off_t limit)
+static ngx_http_v2_out_frame_t *
+ngx_http_v2_create_push_frame(ngx_http_request_t *r, u_char *pos, u_char *end)
{
- off_t size, offset;
- size_t rest, frame_size;
- ngx_chain_t *cl, *out, **ln;
- ngx_http_request_t *r;
+ u_char type, flags;
+ size_t rest, frame_size, len;
+ ngx_buf_t *b;
+ ngx_chain_t *cl, **ll;
ngx_http_v2_stream_t *stream;
- ngx_http_v2_loc_conf_t *h2lcf;
- ngx_http_v2_out_frame_t *frame, *trailers;
+ ngx_http_v2_out_frame_t *frame;
ngx_http_v2_connection_t *h2c;
- r = fc->data;
stream = r->stream;
+ h2c = stream->connection;
+ rest = NGX_HTTP_V2_STREAM_ID_SIZE + (end - pos);
-#if (NGX_SUPPRESS_WARN)
- size = 0;
-#endif
+ frame = ngx_palloc(r->pool, sizeof(ngx_http_v2_out_frame_t));
+ if (frame == NULL) {
+ return NULL;
+ }
- while (in) {
- size = ngx_buf_size(in->buf);
+ frame->handler = ngx_http_v2_push_frame_handler;
+ frame->stream = stream;
+ frame->length = rest;
+ frame->blocked = 1;
+ frame->fin = 0;
- if (size || in->buf->last_buf) {
- break;
- }
+ ll = &frame->first;
+
+ type = NGX_HTTP_V2_PUSH_PROMISE_FRAME;
+ flags = NGX_HTTP_V2_NO_FLAG;
+ frame_size = h2c->frame_size;
+
+ for ( ;; ) {
+ if (rest <= frame_size) {
+ frame_size = rest;
+ flags |= NGX_HTTP_V2_END_HEADERS_FLAG;
+ }
+
+ b = ngx_create_temp_buf(r->pool,
+ NGX_HTTP_V2_FRAME_HEADER_SIZE
+ + ((type == NGX_HTTP_V2_PUSH_PROMISE_FRAME)
+ ? NGX_HTTP_V2_STREAM_ID_SIZE : 0));
+ if (b == NULL) {
+ return NULL;
+ }
+
+ b->last = ngx_http_v2_write_len_and_type(b->last, frame_size, type);
+ *b->last++ = flags;
+ b->last = ngx_http_v2_write_sid(b->last, stream->node->id);
+
+ b->tag = (ngx_buf_tag_t) &ngx_http_v2_module;
+
+ if (type == NGX_HTTP_V2_PUSH_PROMISE_FRAME) {
+ h2c->last_push += 2;
+
+ b->last = ngx_http_v2_write_sid(b->last, h2c->last_push);
+ len = frame_size - NGX_HTTP_V2_STREAM_ID_SIZE;
+
+ } else {
+ len = frame_size;
+ }
+
+ cl = ngx_alloc_chain_link(r->pool);
+ if (cl == NULL) {
+ return NULL;
+ }
+
+ cl->buf = b;
+
+ *ll = cl;
+ ll = &cl->next;
+
+ b = ngx_calloc_buf(r->pool);
+ if (b == NULL) {
+ return NULL;
+ }
+
+ b->pos = pos;
+
+ pos += len;
+
+ b->last = pos;
+ b->start = b->pos;
+ b->end = b->last;
+ b->temporary = 1;
+
+ cl = ngx_alloc_chain_link(r->pool);
+ if (cl == NULL) {
+ return NULL;
+ }
+
+ cl->buf = b;
+
+ *ll = cl;
+ ll = &cl->next;
+
+ rest -= frame_size;
+
+ if (rest) {
+ frame->length += NGX_HTTP_V2_FRAME_HEADER_SIZE;
+
+ type = NGX_HTTP_V2_CONTINUATION_FRAME;
+ continue;
+ }
+
+ cl->next = NULL;
+ frame->last = cl;
+
+ ngx_log_debug4(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+ "http2:%ui create PUSH_PROMISE frame %p: "
+ "sid:%ui len:%uz",
+ stream->node->id, frame, h2c->last_push,
+ frame->length);
+
+ return frame;
+ }
+}
+
+
+static ngx_http_v2_out_frame_t *
+ngx_http_v2_create_trailers_frame(ngx_http_request_t *r)
+{
+ u_char *pos, *start, *tmp;
+ size_t len, tmp_len;
+ ngx_uint_t i;
+ ngx_list_part_t *part;
+ ngx_table_elt_t *header;
+ ngx_connection_t *fc;
+
+ fc = r->connection;
+ len = 0;
+ tmp_len = 0;
+
+ part = &r->headers_out.trailers.part;
+ header = part->elts;
+
+ for (i = 0; /* void */; i++) {
+
+ if (i >= part->nelts) {
+ if (part->next == NULL) {
+ break;
+ }
+
+ part = part->next;
+ header = part->elts;
+ i = 0;
+ }
+
+ if (header[i].hash == 0) {
+ continue;
+ }
+
+ if (header[i].key.len > NGX_HTTP_V2_MAX_FIELD) {
+ ngx_log_error(NGX_LOG_CRIT, fc->log, 0,
+ "too long response trailer name: \"%V\"",
+ &header[i].key);
+ return NULL;
+ }
+
+ if (header[i].value.len > NGX_HTTP_V2_MAX_FIELD) {
+ ngx_log_error(NGX_LOG_CRIT, fc->log, 0,
+ "too long response trailer value: \"%V: %V\"",
+ &header[i].key, &header[i].value);
+ return NULL;
+ }
+
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + header[i].key.len
+ + NGX_HTTP_V2_INT_OCTETS + header[i].value.len;
+
+ if (header[i].key.len > tmp_len) {
+ tmp_len = header[i].key.len;
+ }
+
+ if (header[i].value.len > tmp_len) {
+ tmp_len = header[i].value.len;
+ }
+ }
+
+ if (len == 0) {
+ return NGX_HTTP_V2_NO_TRAILERS;
+ }
+
+ tmp = ngx_palloc(r->pool, tmp_len);
+ pos = ngx_pnalloc(r->pool, len);
+
+ if (pos == NULL || tmp == NULL) {
+ return NULL;
+ }
+
+ start = pos;
+
+ part = &r->headers_out.trailers.part;
+ header = part->elts;
+
+ for (i = 0; /* void */; i++) {
+
+ if (i >= part->nelts) {
+ if (part->next == NULL) {
+ break;
+ }
+
+ part = part->next;
+ header = part->elts;
+ i = 0;
+ }
+
+ if (header[i].hash == 0) {
+ continue;
+ }
+
+#if (NGX_DEBUG)
+ if (fc->log->log_level & NGX_LOG_DEBUG_HTTP) {
+ ngx_strlow(tmp, header[i].key.data, header[i].key.len);
+
+ ngx_log_debug3(NGX_LOG_DEBUG_HTTP, fc->log, 0,
+ "http2 output trailer: \"%*s: %V\"",
+ header[i].key.len, tmp, &header[i].value);
+ }
+#endif
+
+ *pos++ = 0;
+
+ pos = ngx_http_v2_write_name(pos, header[i].key.data,
+ header[i].key.len, tmp);
+
+ pos = ngx_http_v2_write_value(pos, header[i].value.data,
+ header[i].value.len, tmp);
+ }
+
+ return ngx_http_v2_create_headers_frame(r, start, pos, 1);
+}
+
+
+static ngx_chain_t *
+ngx_http_v2_send_chain(ngx_connection_t *fc, ngx_chain_t *in, off_t limit)
+{
+ off_t size, offset;
+ size_t rest, frame_size;
+ ngx_chain_t *cl, *out, **ln;
+ ngx_http_request_t *r;
+ ngx_http_v2_stream_t *stream;
+ ngx_http_v2_loc_conf_t *h2lcf;
+ ngx_http_v2_out_frame_t *frame, *trailers;
+ ngx_http_v2_connection_t *h2c;
+
+ r = fc->data;
+ stream = r->stream;
+
+#if (NGX_SUPPRESS_WARN)
+ size = 0;
+#endif
+
+ while (in) {
+ size = ngx_buf_size(in->buf);
+
+ if (size || in->buf->last_buf) {
+ break;
+ }
in = in->next;
}
- if (in == NULL) {
+ if (in == NULL || stream->out_closed) {
if (stream->queued) {
fc->write->active = 1;
@@ -1240,31 +1734,6 @@
static ngx_inline ngx_int_t
-ngx_http_v2_filter_send(ngx_connection_t *fc, ngx_http_v2_stream_t *stream)
-{
- stream->blocked = 1;
-
- if (ngx_http_v2_send_output_queue(stream->connection) == NGX_ERROR) {
- fc->error = 1;
- return NGX_ERROR;
- }
-
- stream->blocked = 0;
-
- if (stream->queued) {
- fc->buffered |= NGX_HTTP_V2_BUFFERED;
- fc->write->active = 1;
- fc->write->ready = 0;
- return NGX_AGAIN;
- }
-
- fc->buffered &= ~NGX_HTTP_V2_BUFFERED;
-
- return NGX_OK;
-}
-
-
-static ngx_inline ngx_int_t
ngx_http_v2_flow_control(ngx_http_v2_connection_t *h2c,
ngx_http_v2_stream_t *stream)
{
@@ -1317,6 +1786,30 @@
}
+static ngx_inline ngx_int_t
+ngx_http_v2_filter_send(ngx_connection_t *fc, ngx_http_v2_stream_t *stream)
+{
+ stream->blocked = 1;
+
+ if (ngx_http_v2_send_output_queue(stream->connection) == NGX_ERROR) {
+ fc->error = 1;
+ return NGX_ERROR;
+ }
+
+ stream->blocked = 0;
+
+ if (stream->queued) {
+ fc->buffered |= NGX_HTTP_V2_BUFFERED;
+ fc->write->active = 1;
+ fc->write->ready = 0;
+ return NGX_AGAIN;
+ }
+
+ fc->buffered &= ~NGX_HTTP_V2_BUFFERED;
+
+ return NGX_OK;
+}
+
static ngx_int_t
ngx_http_v2_headers_frame_handler(ngx_http_v2_connection_t *h2c,
@@ -1362,6 +1855,60 @@
stream->node->id, frame);
stream->request->header_size += NGX_HTTP_V2_FRAME_HEADER_SIZE
+ + frame->length;
+
+ ngx_http_v2_handle_frame(stream, frame);
+
+ ngx_http_v2_handle_stream(h2c, stream);
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_v2_push_frame_handler(ngx_http_v2_connection_t *h2c,
+ ngx_http_v2_out_frame_t *frame)
+{
+ ngx_chain_t *cl, *ln;
+ ngx_http_v2_stream_t *stream;
+
+ stream = frame->stream;
+ cl = frame->first;
+
+ for ( ;; ) {
+ if (cl->buf->pos != cl->buf->last) {
+ frame->first = cl;
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2:%ui PUSH_PROMISE frame %p was sent partially",
+ stream->node->id, frame);
+
+ return NGX_AGAIN;
+ }
+
+ ln = cl->next;
+
+ if (cl->buf->tag == (ngx_buf_tag_t) &ngx_http_v2_module) {
+ cl->next = stream->free_frame_headers;
+ stream->free_frame_headers = cl;
+
+ } else {
+ cl->next = stream->free_bufs;
+ stream->free_bufs = cl;
+ }
+
+ if (cl == frame->last) {
+ break;
+ }
+
+ cl = ln;
+ }
+
+ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
+ "http2:%ui PUSH_PROMISE frame %p was sent",
+ stream->node->id, frame);
+
+ stream->request->header_size += NGX_HTTP_V2_FRAME_HEADER_SIZE
+ frame->length;
ngx_http_v2_handle_frame(stream, frame);
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2_module.c
^
|
@@ -27,6 +27,8 @@
static char *ngx_http_v2_merge_loc_conf(ngx_conf_t *cf, void *parent,
void *child);
+static char *ngx_http_v2_push(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
+
static char *ngx_http_v2_recv_buffer_size(ngx_conf_t *cf, void *post,
void *data);
static char *ngx_http_v2_pool_size(ngx_conf_t *cf, void *post, void *data);
@@ -73,6 +75,13 @@
offsetof(ngx_http_v2_srv_conf_t, concurrent_streams),
NULL },
+ { ngx_string("http2_max_concurrent_pushes"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1,
+ ngx_conf_set_num_slot,
+ NGX_HTTP_SRV_CONF_OFFSET,
+ offsetof(ngx_http_v2_srv_conf_t, concurrent_pushes),
+ NULL },
+
{ ngx_string("http2_max_requests"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1,
ngx_conf_set_num_slot,
@@ -129,6 +138,20 @@
offsetof(ngx_http_v2_loc_conf_t, chunk_size),
&ngx_http_v2_chunk_size_post },
+ { ngx_string("http2_push_preload"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+ ngx_conf_set_flag_slot,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ offsetof(ngx_http_v2_loc_conf_t, push_preload),
+ NULL },
+
+ { ngx_string("http2_push"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ ngx_http_v2_push,
+ NGX_HTTP_LOC_CONF_OFFSET,
+ 0,
+ NULL },
+
{ ngx_string("spdy_recv_buffer_size"),
NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
ngx_http_v2_spdy_deprecated,
@@ -329,6 +352,7 @@
h2scf->pool_size = NGX_CONF_UNSET_SIZE;
h2scf->concurrent_streams = NGX_CONF_UNSET_UINT;
+ h2scf->concurrent_pushes = NGX_CONF_UNSET_UINT;
h2scf->max_requests = NGX_CONF_UNSET_UINT;
h2scf->max_field_size = NGX_CONF_UNSET_SIZE;
@@ -355,6 +379,8 @@
ngx_conf_merge_uint_value(conf->concurrent_streams,
prev->concurrent_streams, 128);
+ ngx_conf_merge_uint_value(conf->concurrent_pushes,
+ prev->concurrent_pushes, 10);
ngx_conf_merge_uint_value(conf->max_requests, prev->max_requests, 1000);
ngx_conf_merge_size_value(conf->max_field_size, prev->max_field_size,
@@ -386,8 +412,17 @@
return NULL;
}
+ /*
+ * set by ngx_pcalloc():
+ *
+ * h2lcf->pushes = NULL;
+ */
+
h2lcf->chunk_size = NGX_CONF_UNSET_SIZE;
+ h2lcf->push_preload = NGX_CONF_UNSET;
+ h2lcf->push = NGX_CONF_UNSET;
+
return h2lcf;
}
@@ -400,6 +435,72 @@
ngx_conf_merge_size_value(conf->chunk_size, prev->chunk_size, 8 * 1024);
+ ngx_conf_merge_value(conf->push, prev->push, 1);
+
+ if (conf->push && conf->pushes == NULL) {
+ conf->pushes = prev->pushes;
+ }
+
+ ngx_conf_merge_value(conf->push_preload, prev->push_preload, 0);
+
+ return NGX_CONF_OK;
+}
+
+
+static char *
+ngx_http_v2_push(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+ ngx_http_v2_loc_conf_t *h2lcf = conf;
+
+ ngx_str_t *value;
+ ngx_http_complex_value_t *cv;
+ ngx_http_compile_complex_value_t ccv;
+
+ value = cf->args->elts;
+
+ if (ngx_strcmp(value[1].data, "off") == 0) {
+
+ if (h2lcf->pushes) {
+ return "\"off\" parameter cannot be used with URI";
+ }
+
+ if (h2lcf->push == 0) {
+ return "is duplicate";
+ }
+
+ h2lcf->push = 0;
+ return NGX_CONF_OK;
+ }
+
+ if (h2lcf->push == 0) {
+ return "URI cannot be used with \"off\" parameter";
+ }
+
+ h2lcf->push = 1;
+
+ if (h2lcf->pushes == NULL) {
+ h2lcf->pushes = ngx_array_create(cf->pool, 1,
+ sizeof(ngx_http_complex_value_t));
+ if (h2lcf->pushes == NULL) {
+ return NGX_CONF_ERROR;
+ }
+ }
+
+ cv = ngx_array_push(h2lcf->pushes);
+ if (cv == NULL) {
+ return NGX_CONF_ERROR;
+ }
+
+ ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
+
+ ccv.cf = cf;
+ ccv.value = &value[1];
+ ccv.complex_value = cv;
+
+ if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
return NGX_CONF_OK;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2_module.h
^
|
@@ -23,6 +23,7 @@
typedef struct {
size_t pool_size;
ngx_uint_t concurrent_streams;
+ ngx_uint_t concurrent_pushes;
ngx_uint_t max_requests;
size_t max_field_size;
size_t max_header_size;
@@ -35,6 +36,11 @@
typedef struct {
size_t chunk_size;
+
+ ngx_flag_t push_preload;
+
+ ngx_flag_t push;
+ ngx_array_t *pushes;
} ngx_http_v2_loc_conf_t;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/http/v2/ngx_http_v2_table.c
^
|
@@ -86,6 +86,20 @@
/ sizeof(ngx_http_v2_header_t))
+ngx_str_t *
+ngx_http_v2_get_static_name(ngx_uint_t index)
+{
+ return &ngx_http_v2_static_table[index - 1].name;
+}
+
+
+ngx_str_t *
+ngx_http_v2_get_static_value(ngx_uint_t index)
+{
+ return &ngx_http_v2_static_table[index - 1].value;
+}
+
+
ngx_int_t
ngx_http_v2_get_indexed_header(ngx_http_v2_connection_t *h2c, ngx_uint_t index,
ngx_uint_t name_only)
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/mail/ngx_mail_handler.c
^
|
@@ -302,7 +302,7 @@
"client SSL certificate verify error: (%l:%s)",
rc, X509_verify_cert_error_string(rc));
- ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
+ ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
@@ -323,7 +323,7 @@
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent no required SSL certificate");
- ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
+ ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_daemon.c
^
|
@@ -26,6 +26,7 @@
exit(0);
}
+ ngx_parent = ngx_pid;
ngx_pid = ngx_getpid();
if (setsid() == -1) {
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_freebsd_sendfile_chain.c
^
|
@@ -135,7 +135,7 @@
if (ngx_freebsd_use_tcp_nopush
&& c->tcp_nopush == NGX_TCP_NOPUSH_UNSET)
{
- if (ngx_tcp_nopush(c->fd) == NGX_ERROR) {
+ if (ngx_tcp_nopush(c->fd) == -1) {
err = ngx_socket_errno;
/*
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_linux_config.h
^
|
@@ -99,6 +99,11 @@
#endif
+#if (NGX_HAVE_CAPABILITIES)
+#include <linux/capability.h>
+#endif
+
+
#define NGX_LISTEN_BACKLOG 511
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_linux_sendfile_chain.c
^
|
@@ -130,7 +130,7 @@
if (c->tcp_nodelay == NGX_TCP_NODELAY_UNSET) {
- if (ngx_tcp_nopush(c->fd) == NGX_ERROR) {
+ if (ngx_tcp_nopush(c->fd) == -1) {
err = ngx_socket_errno;
/*
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_posix_config.h
^
|
@@ -145,26 +145,6 @@
#define ngx_debug_init()
-#if (__FreeBSD__) && (__FreeBSD_version < 400017)
-
-#include <sys/param.h> /* ALIGN() */
-
-/*
- * FreeBSD 3.x has no CMSG_SPACE() and CMSG_LEN() and has the broken CMSG_DATA()
- */
-
-#undef CMSG_SPACE
-#define CMSG_SPACE(l) (ALIGN(sizeof(struct cmsghdr)) + ALIGN(l))
-
-#undef CMSG_LEN
-#define CMSG_LEN(l) (ALIGN(sizeof(struct cmsghdr)) + (l))
-
-#undef CMSG_DATA
-#define CMSG_DATA(cmsg) ((u_char *)(cmsg) + ALIGN(sizeof(struct cmsghdr)))
-
-#endif
-
-
extern char **environ;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_posix_init.c
^
|
@@ -36,6 +36,9 @@
{
ngx_time_t *tp;
ngx_uint_t n;
+#if (NGX_HAVE_LEVEL1_DCACHE_LINESIZE)
+ long size;
+#endif
#if (NGX_HAVE_OS_SPECIFIC_INIT)
if (ngx_os_specific_init(log) != NGX_OK) {
@@ -62,6 +65,13 @@
ngx_ncpu = 1;
}
+#if (NGX_HAVE_LEVEL1_DCACHE_LINESIZE)
+ size = sysconf(_SC_LEVEL1_DCACHE_LINESIZE);
+ if (size > 0) {
+ ngx_cacheline_size = size;
+ }
+#endif
+
ngx_cpuinfo();
if (getrlimit(RLIMIT_NOFILE, &rlmt) == -1) {
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_process.c
^
|
@@ -194,6 +194,7 @@
return NGX_INVALID_PID;
case 0:
+ ngx_parent = ngx_pid;
ngx_pid = ngx_getpid();
proc(cycle, data);
break;
@@ -371,12 +372,12 @@
break;
case ngx_signal_value(NGX_CHANGEBIN_SIGNAL):
- if (getppid() > 1 || ngx_new_binary > 0) {
+ if (ngx_getppid() == ngx_parent || ngx_new_binary > 0) {
/*
* Ignore the signal in the new binary if its parent is
- * not the init process, i.e. the old binary's process
- * is still running. Or ignore the signal in the old binary's
+ * not changed, i.e. the old binary's process is still
+ * running. Or ignore the signal in the old binary's
* process if the new binary's process is already running.
*/
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_process.h
^
|
@@ -54,6 +54,7 @@
#define ngx_getpid getpid
+#define ngx_getppid getppid
#ifndef ngx_log_pid
#define ngx_log_pid ngx_pid
@@ -79,6 +80,7 @@
extern char **ngx_os_argv;
extern ngx_pid_t ngx_pid;
+extern ngx_pid_t ngx_parent;
extern ngx_socket_t ngx_channel;
extern ngx_int_t ngx_process_slot;
extern ngx_int_t ngx_last_process;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_process_cycle.c
^
|
@@ -31,6 +31,7 @@
ngx_uint_t ngx_process;
ngx_uint_t ngx_worker;
ngx_pid_t ngx_pid;
+ngx_pid_t ngx_parent;
sig_atomic_t ngx_reap;
sig_atomic_t ngx_sigio;
@@ -838,12 +839,44 @@
ccf->username, ccf->group);
}
+#if (NGX_HAVE_PR_SET_KEEPCAPS && NGX_HAVE_CAPABILITIES)
+ if (ccf->transparent && ccf->user) {
+ if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) == -1) {
+ ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
+ "prctl(PR_SET_KEEPCAPS, 1) failed");
+ /* fatal */
+ exit(2);
+ }
+ }
+#endif
+
if (setuid(ccf->user) == -1) {
ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
"setuid(%d) failed", ccf->user);
/* fatal */
exit(2);
}
+
+#if (NGX_HAVE_CAPABILITIES)
+ if (ccf->transparent && ccf->user) {
+ struct __user_cap_data_struct data;
+ struct __user_cap_header_struct header;
+
+ ngx_memzero(&header, sizeof(struct __user_cap_header_struct));
+ ngx_memzero(&data, sizeof(struct __user_cap_data_struct));
+
+ header.version = _LINUX_CAPABILITY_VERSION_1;
+ data.effective = CAP_TO_MASK(CAP_NET_RAW);
+ data.permitted = data.effective;
+
+ if (syscall(SYS_capset, &header, &data) == -1) {
+ ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
+ "capset() failed");
+ /* fatal */
+ exit(2);
+ }
+ }
+#endif
}
if (worker >= 0) {
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/os/unix/ngx_user.c
^
|
@@ -21,10 +21,6 @@
struct crypt_data cd;
cd.initialized = 0;
-#ifdef __GLIBC__
- /* work around the glibc bug */
- cd.current_salt[0] = ~salt[0];
-#endif
value = crypt_r((char *) key, (char *) salt, &cd);
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_geo_module.c
^
|
@@ -341,18 +341,18 @@
static char *
ngx_stream_geo_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
{
- char *rv;
- size_t len;
- ngx_str_t *value, name;
- ngx_uint_t i;
- ngx_conf_t save;
- ngx_pool_t *pool;
- ngx_array_t *a;
- ngx_stream_variable_t *var;
- ngx_stream_geo_ctx_t *geo;
- ngx_stream_geo_conf_ctx_t ctx;
+ char *rv;
+ size_t len;
+ ngx_str_t *value, name;
+ ngx_uint_t i;
+ ngx_conf_t save;
+ ngx_pool_t *pool;
+ ngx_array_t *a;
+ ngx_stream_variable_t *var;
+ ngx_stream_geo_ctx_t *geo;
+ ngx_stream_geo_conf_ctx_t ctx;
#if (NGX_HAVE_INET6)
- static struct in6_addr zero;
+ static struct in6_addr zero;
#endif
value = cf->args->elts;
@@ -409,6 +409,7 @@
ctx.temp_pool = ngx_create_pool(NGX_DEFAULT_POOL_SIZE, cf->log);
if (ctx.temp_pool == NULL) {
+ ngx_destroy_pool(pool);
return NGX_CONF_ERROR;
}
@@ -430,6 +431,10 @@
*cf = save;
+ if (rv != NGX_CONF_OK) {
+ goto failed;
+ }
+
if (ctx.ranges) {
if (ctx.high.low && !ctx.binary_include) {
@@ -449,7 +454,7 @@
ctx.high.low[i] = ngx_palloc(cf->pool, len + sizeof(void *));
if (ctx.high.low[i] == NULL) {
- return NGX_CONF_ERROR;
+ goto failed;
}
ngx_memcpy(ctx.high.low[i], a->elts, len);
@@ -475,14 +480,11 @@
var->get_handler = ngx_stream_geo_range_variable;
var->data = (uintptr_t) geo;
- ngx_destroy_pool(ctx.temp_pool);
- ngx_destroy_pool(pool);
-
} else {
if (ctx.tree == NULL) {
ctx.tree = ngx_radix_tree_create(cf->pool, -1);
if (ctx.tree == NULL) {
- return NGX_CONF_ERROR;
+ goto failed;
}
}
@@ -492,7 +494,7 @@
if (ctx.tree6 == NULL) {
ctx.tree6 = ngx_radix_tree_create(cf->pool, -1);
if (ctx.tree6 == NULL) {
- return NGX_CONF_ERROR;
+ goto failed;
}
}
@@ -502,14 +504,11 @@
var->get_handler = ngx_stream_geo_cidr_variable;
var->data = (uintptr_t) geo;
- ngx_destroy_pool(ctx.temp_pool);
- ngx_destroy_pool(pool);
-
if (ngx_radix32tree_insert(ctx.tree, 0, 0,
(uintptr_t) &ngx_stream_variable_null_value)
== NGX_ERROR)
{
- return NGX_CONF_ERROR;
+ goto failed;
}
/* NGX_BUSY is okay (default was set explicitly) */
@@ -519,12 +518,22 @@
(uintptr_t) &ngx_stream_variable_null_value)
== NGX_ERROR)
{
- return NGX_CONF_ERROR;
+ goto failed;
}
#endif
}
- return rv;
+ ngx_destroy_pool(ctx.temp_pool);
+ ngx_destroy_pool(pool);
+
+ return NGX_CONF_OK;
+
+failed:
+
+ ngx_destroy_pool(ctx.temp_pool);
+ ngx_destroy_pool(pool);
+
+ return NGX_CONF_ERROR;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_log_module.c
^
|
@@ -89,6 +89,11 @@
} ngx_stream_log_var_t;
+#define NGX_STREAM_LOG_ESCAPE_DEFAULT 0
+#define NGX_STREAM_LOG_ESCAPE_JSON 1
+#define NGX_STREAM_LOG_ESCAPE_NONE 2
+
+
static void ngx_stream_log_write(ngx_stream_session_t *s, ngx_stream_log_t *log,
u_char *buf, size_t len);
static ssize_t ngx_stream_log_script_write(ngx_stream_session_t *s,
@@ -106,7 +111,7 @@
static void ngx_stream_log_flush_handler(ngx_event_t *ev);
static ngx_int_t ngx_stream_log_variable_compile(ngx_conf_t *cf,
- ngx_stream_log_op_t *op, ngx_str_t *value, ngx_uint_t json);
+ ngx_stream_log_op_t *op, ngx_str_t *value, ngx_uint_t escape);
static size_t ngx_stream_log_variable_getlen(ngx_stream_session_t *s,
uintptr_t data);
static u_char *ngx_stream_log_variable(ngx_stream_session_t *s, u_char *buf,
@@ -116,6 +121,10 @@
uintptr_t data);
static u_char *ngx_stream_log_json_variable(ngx_stream_session_t *s,
u_char *buf, ngx_stream_log_op_t *op);
+static size_t ngx_stream_log_unescaped_variable_getlen(ngx_stream_session_t *s,
+ uintptr_t data);
+static u_char *ngx_stream_log_unescaped_variable(ngx_stream_session_t *s,
+ u_char *buf, ngx_stream_log_op_t *op);
static void *ngx_stream_log_create_main_conf(ngx_conf_t *cf);
@@ -682,7 +691,7 @@
static ngx_int_t
ngx_stream_log_variable_compile(ngx_conf_t *cf, ngx_stream_log_op_t *op,
- ngx_str_t *value, ngx_uint_t json)
+ ngx_str_t *value, ngx_uint_t escape)
{
ngx_int_t index;
@@ -693,11 +702,18 @@
op->len = 0;
- if (json) {
+ switch (escape) {
+ case NGX_STREAM_LOG_ESCAPE_JSON:
op->getlen = ngx_stream_log_json_variable_getlen;
op->run = ngx_stream_log_json_variable;
+ break;
- } else {
+ case NGX_STREAM_LOG_ESCAPE_NONE:
+ op->getlen = ngx_stream_log_unescaped_variable_getlen;
+ op->run = ngx_stream_log_unescaped_variable;
+ break;
+
+ default: /* NGX_STREAM_LOG_ESCAPE_DEFAULT */
op->getlen = ngx_stream_log_variable_getlen;
op->run = ngx_stream_log_variable;
}
@@ -851,6 +867,40 @@
}
+static size_t
+ngx_stream_log_unescaped_variable_getlen(ngx_stream_session_t *s,
+ uintptr_t data)
+{
+ ngx_stream_variable_value_t *value;
+
+ value = ngx_stream_get_indexed_variable(s, data);
+
+ if (value == NULL || value->not_found) {
+ return 0;
+ }
+
+ value->escape = 0;
+
+ return value->len;
+}
+
+
+static u_char *
+ngx_stream_log_unescaped_variable(ngx_stream_session_t *s, u_char *buf,
+ ngx_stream_log_op_t *op)
+{
+ ngx_stream_variable_value_t *value;
+
+ value = ngx_stream_get_indexed_variable(s, op->data);
+
+ if (value == NULL || value->not_found) {
+ return buf;
+ }
+
+ return ngx_cpymem(buf, value->data, value->len);
+}
+
+
static void *
ngx_stream_log_create_main_conf(ngx_conf_t *cf)
{
@@ -1265,17 +1315,20 @@
size_t i, len;
ngx_str_t *value, var;
ngx_int_t *flush;
- ngx_uint_t bracket, json;
+ ngx_uint_t bracket, escape;
ngx_stream_log_op_t *op;
- json = 0;
+ escape = NGX_STREAM_LOG_ESCAPE_DEFAULT;
value = args->elts;
if (s < args->nelts && ngx_strncmp(value[s].data, "escape=", 7) == 0) {
data = value[s].data + 7;
if (ngx_strcmp(data, "json") == 0) {
- json = 1;
+ escape = NGX_STREAM_LOG_ESCAPE_JSON;
+
+ } else if (ngx_strcmp(data, "none") == 0) {
+ escape = NGX_STREAM_LOG_ESCAPE_NONE;
} else if (ngx_strcmp(data, "default") != 0) {
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
@@ -1350,7 +1403,7 @@
goto invalid;
}
- if (ngx_stream_log_variable_compile(cf, op, &var, json)
+ if (ngx_stream_log_variable_compile(cf, op, &var, escape)
!= NGX_OK)
{
return NGX_CONF_ERROR;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_proxy_module.c
^
|
@@ -801,8 +801,6 @@
NGX_STREAM_UPSTREAM_NOTIFY_CONNECT);
}
- c->log->action = "proxying connection";
-
if (u->upstream_buf.start == NULL) {
p = ngx_pnalloc(c->pool, pscf->buffer_size);
if (p == NULL) {
@@ -1449,6 +1447,7 @@
ngx_stream_proxy_process(ngx_stream_session_t *s, ngx_uint_t from_upstream,
ngx_uint_t do_write)
{
+ char *recv_action, *send_action;
off_t *received, limit;
size_t size, limit_rate;
ssize_t n;
@@ -1492,6 +1491,8 @@
received = &u->received;
out = &u->downstream_out;
busy = &u->downstream_busy;
+ recv_action = "proxying and reading from upstream";
+ send_action = "proxying and sending to client";
} else {
src = c;
@@ -1501,6 +1502,8 @@
received = &s->received;
out = &u->upstream_out;
busy = &u->upstream_busy;
+ recv_action = "proxying and reading from client";
+ send_action = "proxying and sending to upstream";
}
for ( ;; ) {
@@ -1508,6 +1511,8 @@
if (do_write && dst) {
if (*out || *busy || dst->buffered) {
+ c->log->action = send_action;
+
rc = ngx_stream_top_filter(s, *out, from_upstream);
if (rc == NGX_ERROR) {
@@ -1551,6 +1556,8 @@
}
}
+ c->log->action = recv_action;
+
n = src->recv(src, b->last, size);
if (n == NGX_AGAIN) {
@@ -1620,6 +1627,8 @@
break;
}
+ c->log->action = "proxying connection";
+
if (src->read->eof && dst && (dst->read->eof || !dst->buffered)) {
handler = c->log->handler;
c->log->handler = NULL;
@@ -2155,6 +2164,12 @@
if (cf->args->nelts > 2) {
if (ngx_strcmp(value[2].data, "transparent") == 0) {
#if (NGX_HAVE_TRANSPARENT_PROXY)
+ ngx_core_conf_t *ccf;
+
+ ccf = (ngx_core_conf_t *) ngx_get_conf(cf->cycle->conf_ctx,
+ ngx_core_module);
+
+ ccf->transparent = 1;
local->transparent = 1;
#else
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_script.c
^
|
@@ -587,7 +587,8 @@
return NGX_ERROR;
}
- code->code = (ngx_stream_script_code_pt) ngx_stream_script_copy_len_code;
+ code->code = (ngx_stream_script_code_pt) (void *)
+ ngx_stream_script_copy_len_code;
code->len = len;
size = (sizeof(ngx_stream_script_copy_code_t) + len + sizeof(uintptr_t) - 1)
@@ -677,8 +678,8 @@
return NGX_ERROR;
}
- code->code = (ngx_stream_script_code_pt)
- ngx_stream_script_copy_var_len_code;
+ code->code = (ngx_stream_script_code_pt) (void *)
+ ngx_stream_script_copy_var_len_code;
code->index = (uintptr_t) index;
code = ngx_stream_script_add_code(*sc->values,
@@ -767,8 +768,8 @@
return NGX_ERROR;
}
- code->code = (ngx_stream_script_code_pt)
- ngx_stream_script_copy_capture_len_code;
+ code->code = (ngx_stream_script_code_pt) (void *)
+ ngx_stream_script_copy_capture_len_code;
code->n = 2 * n;
@@ -859,7 +860,7 @@
return NGX_ERROR;
}
- code->code = (ngx_stream_script_code_pt)
+ code->code = (ngx_stream_script_code_pt) (void *)
ngx_stream_script_full_name_len_code;
code->conf_prefix = sc->conf_prefix;
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_ssl_module.c
^
|
@@ -328,7 +328,7 @@
"client SSL certificate verify error: (%l:%s)",
rc, X509_verify_cert_error_string(rc));
- ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
+ ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
return NGX_ERROR;
}
@@ -340,7 +340,7 @@
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent no required SSL certificate");
- ngx_ssl_remove_cached_session(sslcf->ssl.ctx,
+ ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
return NGX_ERROR;
}
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_ssl_preread_module.c
^
|
@@ -17,10 +17,12 @@
typedef struct {
size_t left;
size_t size;
+ size_t ext;
u_char *pos;
u_char *dst;
u_char buf[4];
ngx_str_t host;
+ ngx_str_t alpn;
ngx_log_t *log;
ngx_pool_t *pool;
ngx_uint_t state;
@@ -32,6 +34,8 @@
ngx_stream_ssl_preread_ctx_t *ctx, u_char *pos, u_char *last);
static ngx_int_t ngx_stream_ssl_preread_server_name_variable(
ngx_stream_session_t *s, ngx_stream_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_stream_ssl_preread_alpn_protocols_variable(
+ ngx_stream_session_t *s, ngx_stream_variable_value_t *v, uintptr_t data);
static ngx_int_t ngx_stream_ssl_preread_add_variables(ngx_conf_t *cf);
static void *ngx_stream_ssl_preread_create_srv_conf(ngx_conf_t *cf);
static char *ngx_stream_ssl_preread_merge_srv_conf(ngx_conf_t *cf, void *parent,
@@ -85,6 +89,9 @@
{ ngx_string("ssl_preread_server_name"), NULL,
ngx_stream_ssl_preread_server_name_variable, 0, 0, 0 },
+ { ngx_string("ssl_preread_alpn_protocols"), NULL,
+ ngx_stream_ssl_preread_alpn_protocols_variable, 0, 0, 0 },
+
ngx_stream_null_variable
};
@@ -139,12 +146,14 @@
if (p[0] != 0x16) {
ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
"ssl preread: not a handshake");
+ ngx_stream_set_ctx(s, NULL, ngx_stream_ssl_preread_module);
return NGX_DECLINED;
}
if (p[1] != 3) {
ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
"ssl preread: unsupported SSL version");
+ ngx_stream_set_ctx(s, NULL, ngx_stream_ssl_preread_module);
return NGX_DECLINED;
}
@@ -158,6 +167,12 @@
p += 5;
rc = ngx_stream_ssl_preread_parse_record(ctx, p, p + len);
+
+ if (rc == NGX_DECLINED) {
+ ngx_stream_set_ctx(s, NULL, ngx_stream_ssl_preread_module);
+ return NGX_DECLINED;
+ }
+
if (rc != NGX_AGAIN) {
return rc;
}
@@ -175,7 +190,7 @@
ngx_stream_ssl_preread_parse_record(ngx_stream_ssl_preread_ctx_t *ctx,
u_char *pos, u_char *last)
{
- size_t left, n, size;
+ size_t left, n, size, ext;
u_char *dst, *p;
enum {
@@ -192,7 +207,10 @@
sw_ext_header, /* extension_type, extension_data length */
sw_sni_len, /* SNI length */
sw_sni_host_head, /* SNI name_type, host_name length */
- sw_sni_host /* SNI host_name */
+ sw_sni_host, /* SNI host_name */
+ sw_alpn_len, /* ALPN length */
+ sw_alpn_proto_len, /* ALPN protocol_name length */
+ sw_alpn_proto_data /* ALPN protocol_name */
} state;
ngx_log_debug2(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
@@ -201,6 +219,7 @@
state = ctx->state;
size = ctx->size;
left = ctx->left;
+ ext = ctx->ext;
dst = ctx->dst;
p = ctx->buf;
@@ -299,10 +318,18 @@
break;
case sw_ext_header:
- if (p[0] == 0 && p[1] == 0) {
+ if (p[0] == 0 && p[1] == 0 && ctx->host.data == NULL) {
/* SNI extension */
state = sw_sni_len;
- dst = NULL;
+ dst = p;
+ size = 2;
+ break;
+ }
+
+ if (p[0] == 0 && p[1] == 16 && ctx->alpn.data == NULL) {
+ /* ALPN extension */
+ state = sw_alpn_len;
+ dst = p;
size = 2;
break;
}
@@ -313,6 +340,7 @@
break;
case sw_sni_len:
+ ext = (p[0] << 8) + p[1];
state = sw_sni_host_head;
dst = p;
size = 3;
@@ -325,14 +353,21 @@
return NGX_DECLINED;
}
- state = sw_sni_host;
size = (p[1] << 8) + p[2];
+ if (ext < 3 + size) {
+ ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
+ "ssl preread: SNI format error");
+ return NGX_DECLINED;
+ }
+ ext -= 3 + size;
+
ctx->host.data = ngx_pnalloc(ctx->pool, size);
if (ctx->host.data == NULL) {
return NGX_ERROR;
}
+ state = sw_sni_host;
dst = ctx->host.data;
break;
@@ -341,19 +376,77 @@
ngx_log_debug1(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
"ssl preread: SNI hostname \"%V\"", &ctx->host);
- return NGX_OK;
+
+ state = sw_ext;
+ dst = NULL;
+ size = ext;
+ break;
+
+ case sw_alpn_len:
+ ext = (p[0] << 8) + p[1];
+
+ ctx->alpn.data = ngx_pnalloc(ctx->pool, ext);
+ if (ctx->alpn.data == NULL) {
+ return NGX_ERROR;
+ }
+
+ state = sw_alpn_proto_len;
+ dst = p;
+ size = 1;
+ break;
+
+ case sw_alpn_proto_len:
+ size = p[0];
+
+ if (size == 0) {
+ ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
+ "ssl preread: ALPN empty protocol");
+ return NGX_DECLINED;
+ }
+
+ if (ext < 1 + size) {
+ ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
+ "ssl preread: ALPN format error");
+ return NGX_DECLINED;
+ }
+ ext -= 1 + size;
+
+ state = sw_alpn_proto_data;
+ dst = ctx->alpn.data + ctx->alpn.len;
+ break;
+
+ case sw_alpn_proto_data:
+ ctx->alpn.len += p[0];
+
+ ngx_log_debug1(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
+ "ssl preread: ALPN protocols \"%V\"", &ctx->alpn);
+
+ if (ext) {
+ ctx->alpn.data[ctx->alpn.len++] = ',';
+
+ state = sw_alpn_proto_len;
+ dst = p;
+ size = 1;
+ break;
+ }
+
+ state = sw_ext;
+ dst = NULL;
+ size = 0;
+ break;
}
if (left < size) {
- ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
- "ssl preread: failed to parse handshake");
- return NGX_DECLINED;
+ ngx_log_debug0(NGX_LOG_DEBUG_STREAM, ctx->log, 0,
+ "ssl preread: failed to parse handshake");
+ return NGX_DECLINED;
}
}
ctx->state = state;
ctx->size = size;
ctx->left = left;
+ ctx->ext = ext;
ctx->dst = dst;
return NGX_AGAIN;
@@ -381,6 +474,29 @@
return NGX_OK;
}
+
+
+static ngx_int_t
+ngx_stream_ssl_preread_alpn_protocols_variable(ngx_stream_session_t *s,
+ ngx_variable_value_t *v, uintptr_t data)
+{
+ ngx_stream_ssl_preread_ctx_t *ctx;
+
+ ctx = ngx_stream_get_module_ctx(s, ngx_stream_ssl_preread_module);
+
+ if (ctx == NULL) {
+ v->not_found = 1;
+ return NGX_OK;
+ }
+
+ v->valid = 1;
+ v->no_cacheable = 0;
+ v->not_found = 0;
+ v->len = ctx->alpn.len;
+ v->data = ctx->alpn.data;
+
+ return NGX_OK;
+}
static ngx_int_t
|
[-]
[+]
|
Changed |
_service:download_url:nginx-1.14.2.tar.gz/src/stream/ngx_stream_variables.c
^
|
@@ -161,7 +161,9 @@
return NULL;
}
- v->flags &= flags | ~NGX_STREAM_VAR_WEAK;
+ if (!(flags & NGX_STREAM_VAR_WEAK)) {
+ v->flags &= ~NGX_STREAM_VAR_WEAK;
+ }
return v;
}
@@ -227,7 +229,9 @@
return NULL;
}
- v->flags &= flags | ~NGX_STREAM_VAR_WEAK;
+ if (!(flags & NGX_STREAM_VAR_WEAK)) {
+ v->flags &= ~NGX_STREAM_VAR_WEAK;
+ }
return v;
}
|
|
Deleted |
_service:download_url:openssl-1.1.0g.tar.gz
^
|
|
Added |
_service:download_url:openssl-1.1.1a.tar.gz
^
|
|
Added |
naxsi-0.56.tar.gz
^
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/HEAD
^
|
@@ -1 +0,0 @@
-ref: refs/heads/master
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/config
^
|
@@ -1,12 +0,0 @@
-[core]
- repositoryformatversion = 0
- filemode = true
- bare = false
- logallrefupdates = true
- ignorecase = true
-[remote "origin"]
- fetch = +refs/heads/*:refs/remotes/origin/*
- url = https://github.com/arut/nginx-rtmp-module.git
-[branch "master"]
- remote = origin
- merge = refs/heads/master
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/description
^
|
@@ -1 +0,0 @@
-Unnamed repository; edit this file 'description' to name the repository.
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/applypatch-msg.sample
^
|
@@ -1,15 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to check the commit log message taken by
-# applypatch from an e-mail message.
-#
-# The hook should exit with non-zero status after issuing an
-# appropriate message if it wants to stop the commit. The hook is
-# allowed to edit the commit message file.
-#
-# To enable this hook, rename this file to "applypatch-msg".
-
-. git-sh-setup
-test -x "$GIT_DIR/hooks/commit-msg" &&
- exec "$GIT_DIR/hooks/commit-msg" ${1+"$@"}
-:
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/commit-msg.sample
^
|
@@ -1,24 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to check the commit log message.
-# Called by "git commit" with one argument, the name of the file
-# that has the commit message. The hook should exit with non-zero
-# status after issuing an appropriate message if it wants to stop the
-# commit. The hook is allowed to edit the commit message file.
-#
-# To enable this hook, rename this file to "commit-msg".
-
-# Uncomment the below to add a Signed-off-by line to the message.
-# Doing this in a hook is a bad idea in general, but the prepare-commit-msg
-# hook is more suited to it.
-#
-# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
-# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
-
-# This example catches duplicate Signed-off-by lines.
-
-test "" = "$(grep '^Signed-off-by: ' "$1" |
- sort | uniq -c | sed -e '/^[ ]*1[ ]/d')" || {
- echo >&2 Duplicate Signed-off-by lines.
- exit 1
-}
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/post-update.sample
^
|
@@ -1,8 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to prepare a packed repository for use over
-# dumb transports.
-#
-# To enable this hook, rename this file to "post-update".
-
-exec git update-server-info
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/pre-applypatch.sample
^
|
@@ -1,14 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to verify what is about to be committed
-# by applypatch from an e-mail message.
-#
-# The hook should exit with non-zero status after issuing an
-# appropriate message if it wants to stop the commit.
-#
-# To enable this hook, rename this file to "pre-applypatch".
-
-. git-sh-setup
-test -x "$GIT_DIR/hooks/pre-commit" &&
- exec "$GIT_DIR/hooks/pre-commit" ${1+"$@"}
-:
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/pre-commit.sample
^
|
@@ -1,50 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to verify what is about to be committed.
-# Called by "git commit" with no arguments. The hook should
-# exit with non-zero status after issuing an appropriate message if
-# it wants to stop the commit.
-#
-# To enable this hook, rename this file to "pre-commit".
-
-if git rev-parse --verify HEAD >/dev/null 2>&1
-then
- against=HEAD
-else
- # Initial commit: diff against an empty tree object
- against=4b825dc642cb6eb9a060e54bf8d69288fbee4904
-fi
-
-# If you want to allow non-ascii filenames set this variable to true.
-allownonascii=$(git config hooks.allownonascii)
-
-# Redirect output to stderr.
-exec 1>&2
-
-# Cross platform projects tend to avoid non-ascii filenames; prevent
-# them from being added to the repository. We exploit the fact that the
-# printable range starts at the space character and ends with tilde.
-if [ "$allownonascii" != "true" ] &&
- # Note that the use of brackets around a tr range is ok here, (it's
- # even required, for portability to Solaris 10's /usr/bin/tr), since
- # the square bracket bytes happen to fall in the designated range.
- test $(git diff --cached --name-only --diff-filter=A -z $against |
- LC_ALL=C tr -d '[ -~]\0' | wc -c) != 0
-then
- echo "Error: Attempt to add a non-ascii file name."
- echo
- echo "This can cause problems if you want to work"
- echo "with people on other platforms."
- echo
- echo "To be portable it is advisable to rename the file ..."
- echo
- echo "If you know what you are doing you can disable this"
- echo "check using:"
- echo
- echo " git config hooks.allownonascii true"
- echo
- exit 1
-fi
-
-# If there are whitespace errors, print the offending file names and fail.
-exec git diff-index --check --cached $against --
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/pre-rebase.sample
^
|
@@ -1,169 +0,0 @@
-#!/bin/sh
-#
-# Copyright (c) 2006, 2008 Junio C Hamano
-#
-# The "pre-rebase" hook is run just before "git rebase" starts doing
-# its job, and can prevent the command from running by exiting with
-# non-zero status.
-#
-# The hook is called with the following parameters:
-#
-# $1 -- the upstream the series was forked from.
-# $2 -- the branch being rebased (or empty when rebasing the current branch).
-#
-# This sample shows how to prevent topic branches that are already
-# merged to 'next' branch from getting rebased, because allowing it
-# would result in rebasing already published history.
-
-publish=next
-basebranch="$1"
-if test "$#" = 2
-then
- topic="refs/heads/$2"
-else
- topic=`git symbolic-ref HEAD` ||
- exit 0 ;# we do not interrupt rebasing detached HEAD
-fi
-
-case "$topic" in
-refs/heads/??/*)
- ;;
-*)
- exit 0 ;# we do not interrupt others.
- ;;
-esac
-
-# Now we are dealing with a topic branch being rebased
-# on top of master. Is it OK to rebase it?
-
-# Does the topic really exist?
-git show-ref -q "$topic" || {
- echo >&2 "No such branch $topic"
- exit 1
-}
-
-# Is topic fully merged to master?
-not_in_master=`git rev-list --pretty=oneline ^master "$topic"`
-if test -z "$not_in_master"
-then
- echo >&2 "$topic is fully merged to master; better remove it."
- exit 1 ;# we could allow it, but there is no point.
-fi
-
-# Is topic ever merged to next? If so you should not be rebasing it.
-only_next_1=`git rev-list ^master "^$topic" ${publish} | sort`
-only_next_2=`git rev-list ^master ${publish} | sort`
-if test "$only_next_1" = "$only_next_2"
-then
- not_in_topic=`git rev-list "^$topic" master`
- if test -z "$not_in_topic"
- then
- echo >&2 "$topic is already up-to-date with master"
- exit 1 ;# we could allow it, but there is no point.
- else
- exit 0
- fi
-else
- not_in_next=`git rev-list --pretty=oneline ^${publish} "$topic"`
- /usr/bin/perl -e '
- my $topic = $ARGV[0];
- my $msg = "* $topic has commits already merged to public branch:\n";
- my (%not_in_next) = map {
- /^([0-9a-f]+) /;
- ($1 => 1);
- } split(/\n/, $ARGV[1]);
- for my $elem (map {
- /^([0-9a-f]+) (.*)$/;
- [$1 => $2];
- } split(/\n/, $ARGV[2])) {
- if (!exists $not_in_next{$elem->[0]}) {
- if ($msg) {
- print STDERR $msg;
- undef $msg;
- }
- print STDERR " $elem->[1]\n";
- }
- }
- ' "$topic" "$not_in_next" "$not_in_master"
- exit 1
-fi
-
-exit 0
-
-################################################################
-
-This sample hook safeguards topic branches that have been
-published from being rewound.
-
-The workflow assumed here is:
-
- * Once a topic branch forks from "master", "master" is never
- merged into it again (either directly or indirectly).
-
- * Once a topic branch is fully cooked and merged into "master",
- it is deleted. If you need to build on top of it to correct
- earlier mistakes, a new topic branch is created by forking at
- the tip of the "master". This is not strictly necessary, but
- it makes it easier to keep your history simple.
-
- * Whenever you need to test or publish your changes to topic
- branches, merge them into "next" branch.
-
-The script, being an example, hardcodes the publish branch name
-to be "next", but it is trivial to make it configurable via
-$GIT_DIR/config mechanism.
-
-With this workflow, you would want to know:
-
-(1) ... if a topic branch has ever been merged to "next". Young
- topic branches can have stupid mistakes you would rather
- clean up before publishing, and things that have not been
- merged into other branches can be easily rebased without
- affecting other people. But once it is published, you would
- not want to rewind it.
-
-(2) ... if a topic branch has been fully merged to "master".
- Then you can delete it. More importantly, you should not
- build on top of it -- other people may already want to
- change things related to the topic as patches against your
- "master", so if you need further changes, it is better to
- fork the topic (perhaps with the same name) afresh from the
- tip of "master".
-
-Let's look at this example:
-
- o---o---o---o---o---o---o---o---o---o "next"
- / / / /
- / a---a---b A / /
- / / / /
- / / c---c---c---c B /
- / / / \ /
- / / / b---b C \ /
- / / / / \ /
- ---o---o---o---o---o---o---o---o---o---o---o "master"
-
-
-A, B and C are topic branches.
-
- * A has one fix since it was merged up to "next".
-
- * B has finished. It has been fully merged up to "master" and "next",
- and is ready to be deleted.
-
- * C has not merged to "next" at all.
-
-We would want to allow C to be rebased, refuse A, and encourage
-B to be deleted.
-
-To compute (1):
-
- git rev-list ^master ^topic next
- git rev-list ^master next
-
- if these match, topic has not merged in next at all.
-
-To compute (2):
-
- git rev-list master..topic
-
- if this is empty, it is fully merged to "master".
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/prepare-commit-msg.sample
^
|
@@ -1,36 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to prepare the commit log message.
-# Called by "git commit" with the name of the file that has the
-# commit message, followed by the description of the commit
-# message's source. The hook's purpose is to edit the commit
-# message file. If the hook fails with a non-zero status,
-# the commit is aborted.
-#
-# To enable this hook, rename this file to "prepare-commit-msg".
-
-# This hook includes three examples. The first comments out the
-# "Conflicts:" part of a merge commit.
-#
-# The second includes the output of "git diff --name-status -r"
-# into the message, just before the "git status" output. It is
-# commented because it doesn't cope with --amend or with squashed
-# commits.
-#
-# The third example adds a Signed-off-by line to the message, that can
-# still be edited. This is rarely a good idea.
-
-case "$2,$3" in
- merge,)
- /usr/bin/perl -i.bak -ne 's/^/# /, s/^# #/#/ if /^Conflicts/ .. /#/; print' "$1" ;;
-
-# ,|template,)
-# /usr/bin/perl -i.bak -pe '
-# print "\n" . `git diff --cached --name-status -r`
-# if /^#/ && $first++ == 0' "$1" ;;
-
- *) ;;
-esac
-
-# SOB=$(git var GIT_AUTHOR_IDENT | sed -n 's/^\(.*>\).*$/Signed-off-by: \1/p')
-# grep -qs "^$SOB" "$1" || echo "$SOB" >> "$1"
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/hooks/update.sample
^
|
@@ -1,128 +0,0 @@
-#!/bin/sh
-#
-# An example hook script to blocks unannotated tags from entering.
-# Called by "git receive-pack" with arguments: refname sha1-old sha1-new
-#
-# To enable this hook, rename this file to "update".
-#
-# Config
-# ------
-# hooks.allowunannotated
-# This boolean sets whether unannotated tags will be allowed into the
-# repository. By default they won't be.
-# hooks.allowdeletetag
-# This boolean sets whether deleting tags will be allowed in the
-# repository. By default they won't be.
-# hooks.allowmodifytag
-# This boolean sets whether a tag may be modified after creation. By default
-# it won't be.
-# hooks.allowdeletebranch
-# This boolean sets whether deleting branches will be allowed in the
-# repository. By default they won't be.
-# hooks.denycreatebranch
-# This boolean sets whether remotely creating branches will be denied
-# in the repository. By default this is allowed.
-#
-
-# --- Command line
-refname="$1"
-oldrev="$2"
-newrev="$3"
-
-# --- Safety check
-if [ -z "$GIT_DIR" ]; then
- echo "Don't run this script from the command line." >&2
- echo " (if you want, you could supply GIT_DIR then run" >&2
- echo " $0 <ref> <oldrev> <newrev>)" >&2
- exit 1
-fi
-
-if [ -z "$refname" -o -z "$oldrev" -o -z "$newrev" ]; then
- echo "Usage: $0 <ref> <oldrev> <newrev>" >&2
- exit 1
-fi
-
-# --- Config
-allowunannotated=$(git config --bool hooks.allowunannotated)
-allowdeletebranch=$(git config --bool hooks.allowdeletebranch)
-denycreatebranch=$(git config --bool hooks.denycreatebranch)
-allowdeletetag=$(git config --bool hooks.allowdeletetag)
-allowmodifytag=$(git config --bool hooks.allowmodifytag)
-
-# check for no description
-projectdesc=$(sed -e '1q' "$GIT_DIR/description")
-case "$projectdesc" in
-"Unnamed repository"* | "")
- echo "*** Project description file hasn't been set" >&2
- exit 1
- ;;
-esac
-
-# --- Check types
-# if $newrev is 0000...0000, it's a commit to delete a ref.
-zero="0000000000000000000000000000000000000000"
-if [ "$newrev" = "$zero" ]; then
- newrev_type=delete
-else
- newrev_type=$(git cat-file -t $newrev)
-fi
-
-case "$refname","$newrev_type" in
- refs/tags/*,commit)
- # un-annotated tag
- short_refname=${refname##refs/tags/}
- if [ "$allowunannotated" != "true" ]; then
- echo "*** The un-annotated tag, $short_refname, is not allowed in this repository" >&2
- echo "*** Use 'git tag [ -a | -s ]' for tags you want to propagate." >&2
- exit 1
- fi
- ;;
- refs/tags/*,delete)
- # delete tag
- if [ "$allowdeletetag" != "true" ]; then
- echo "*** Deleting a tag is not allowed in this repository" >&2
- exit 1
- fi
- ;;
- refs/tags/*,tag)
- # annotated tag
- if [ "$allowmodifytag" != "true" ] && git rev-parse $refname > /dev/null 2>&1
- then
- echo "*** Tag '$refname' already exists." >&2
- echo "*** Modifying a tag is not allowed in this repository." >&2
- exit 1
- fi
- ;;
- refs/heads/*,commit)
- # branch
- if [ "$oldrev" = "$zero" -a "$denycreatebranch" = "true" ]; then
- echo "*** Creating a branch is not allowed in this repository" >&2
- exit 1
- fi
- ;;
- refs/heads/*,delete)
- # delete branch
- if [ "$allowdeletebranch" != "true" ]; then
- echo "*** Deleting a branch is not allowed in this repository" >&2
- exit 1
- fi
- ;;
- refs/remotes/*,commit)
- # tracking branch
- ;;
- refs/remotes/*,delete)
- # delete tracking branch
- if [ "$allowdeletebranch" != "true" ]; then
- echo "*** Deleting a tracking branch is not allowed in this repository" >&2
- exit 1
- fi
- ;;
- *)
- # Anything else (is there anything else?)
- echo "*** Update hook: unknown type of update to ref $refname of type $newrev_type" >&2
- exit 1
- ;;
-esac
-
-# --- Finished
-exit 0
|
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/index
^
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/info
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/info/exclude
^
|
@@ -1,6 +0,0 @@
-# git ls-files --others --exclude-from=.git/info/exclude
-# Lines that start with '#' are comments.
-# For a project mostly in C, the following would be a good set of
-# exclude patterns (uncomment them if you want to use them):
-# *.[oa]
-# *~
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/HEAD
^
|
@@ -1 +0,0 @@
-0000000000000000000000000000000000000000 5150993accb5edefa61d71e1c81ad8c02f515428 U-arrakis\jg <jg@arrakis.(none)> 1481905161 +0100 clone: from https://github.com/arut/nginx-rtmp-module.git
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/refs
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/refs/heads
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/logs/refs/heads/master
^
|
@@ -1 +0,0 @@
-0000000000000000000000000000000000000000 5150993accb5edefa61d71e1c81ad8c02f515428 U-arrakis\jg <jg@arrakis.(none)> 1481905161 +0100 clone: from https://github.com/arut/nginx-rtmp-module.git
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/info
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/pack
^
|
-(directory)
|
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/pack/pack-3912c9200a41c4fbd876afb583ab7ecb4733401b.idx
^
|
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/objects/pack/pack-3912c9200a41c4fbd876afb583ab7ecb4733401b.pack
^
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/packed-refs
^
|
@@ -1,369 +0,0 @@
-# pack-refs with: peeled
-406d3a9527e08ea148e7c10ffa4009e0e5070b11 refs/remotes/origin/access-log
-e19ff641b06d3abd30b3bad5cfb491d158835713 refs/remotes/origin/aggregate
-eee52d83c4bdafe712685be06822acb051d407a7 refs/remotes/origin/async-client-handshake
-87686029aa2cfddfea765c626be7161981583482 refs/remotes/origin/atc
-3d5f6df7311594b051fdd26d3ae120d4ae708bb4 refs/remotes/origin/atc-only
-3c2e29f215fb09e5b4cb29040d1e5e092ce73849 refs/remotes/origin/auto-push
-f39d3f66a3ea6bb15b50737b90004b12056a3ad1 refs/remotes/origin/avc-parser
-205664d8c5e040a61b36ae0b74ddf17bc16d2150 refs/remotes/origin/big-endian
-10bcbf0e8daf38e3f3569ba84050f85fd46dd2d0 refs/remotes/origin/big-hls-buffer
-fad4f4717b47ab368d80ff480f2889631edc6521 refs/remotes/origin/big-nal-buffer
-f6ccfb6fa1d05d3babc1bb20ca7003802f85f2f0 refs/remotes/origin/chunksizefix
-d9579d627d727d8ad5edd2a0054f66324bebd459 refs/remotes/origin/close-stream
-aeae84bf8babcd7130f71b5941834eeb4fafa61a refs/remotes/origin/cmd-handler-init
-ebc47f03a43758c4f44ae90c193f4111f9ab1e16 refs/remotes/origin/codec
-cb4623aa4f7e6c2d1cb4c9c9f55ea6107f3a3985 refs/remotes/origin/const-fix
-0b757e8a49480a88f5e051f6590f25e6c4de3288 refs/remotes/origin/control
-ef424df677eb545ba5277649ee99fbea7e38bb55 refs/remotes/origin/control-director
-5e5dd797c2307b40a11409df806f07a427b3cd57 refs/remotes/origin/control-redirect
-b07e0e2dee3a2019dc2be34591b1c4e27730b2a0 refs/remotes/origin/dash
-e8081fd94f1d7ae4483f0a5ca002af8a79d447eb refs/remotes/origin/dash-discont
-fe4877f2168e7e62d6a45cb26708d662f0416961 refs/remotes/origin/dash-timeline
-39717828d67359329797d0ab5f297162b5d5e248 refs/remotes/origin/default-buflen
-90f985fa2f015e8bdfe92a9b57a5d04b779d7be1 refs/remotes/origin/defclose
-63d19ada51b6a1932e1cd73d9895a08cb1ae7827 refs/remotes/origin/drop-old-publisher
-6c79085d5c4203d11d9aa53d456ef7195de8cdc4 refs/remotes/origin/drop-restart
-fe8bf2d6974834ab346b82533151bc953fdfaa7b refs/remotes/origin/drop-restart-mstat
-52c2ef3f91569c3b1c10a40fd1bf56bb4dc1d9de refs/remotes/origin/enotify
-57a96ac2bc1812188aa81237ad582ca115f4391f refs/remotes/origin/envivo-fix
-87686029aa2cfddfea765c626be7161981583482 refs/remotes/origin/exec-fix
-67aa7d5d0da67a43683e8b05467afbdff5622532 refs/remotes/origin/exec-init
-f79aa206ec572c225c8bd32b5c2b1d7cc5ede692 refs/remotes/origin/exec-logging
-b62651efbdcaa77f7836ef5c52ddccfdf9ca473f refs/remotes/origin/exec-pull
-a6913ea68ad017eff14d098f4086c5dafae12af6 refs/remotes/origin/exec-pull-ext
-8c39b37131d150f152aa21a03f076501f39bf4a1 refs/remotes/origin/exec-static
-5e55f62b88f439dc1fbe311060bef53dfcfbc42e refs/remotes/origin/fast-start
-0210f7ca83f8fd65261c4b9040743edf30a258fc refs/remotes/origin/flv-append-fix
-fac68de376a2e20aed5627681ffc90d6374bf295 refs/remotes/origin/flv-header-mask
-b31539ce95d2f84ce8be22b9d11cb4abcd3cb90a refs/remotes/origin/fmle-reset-byte-counter
-990222d643b30a3c9e0db31209416ae9b47e16d3 refs/remotes/origin/fmle-time-fix
-cbccd06babfc66ab920e7e2331d125516715f709 refs/remotes/origin/freebsd-auto-push
-6f2808c7d11564e2269e9f64b9671f8c080c893d refs/remotes/origin/get-notify
-12a0d39bed54bfb3c30272d8d1328d74378853ce refs/remotes/origin/gh-pages
-76211a4bd254e5145d38c0275ad790dc9fac8fd4 refs/remotes/origin/good-logger
-ec282438514e88f7267653728b42c77e3df23bc3 refs/remotes/origin/handshakefix
-d34c6393f6ff22ef6cff6cb2c4ef7c1fe6cd35fa refs/remotes/origin/hls-async-delete
-49a3ee0dc6d5b85fe1164995c8d94424a0971838 refs/remotes/origin/hls-base-url
-4906e816bec876e3e81b129622de3f5e430dcc32 refs/remotes/origin/hls-continuous
-764a039c5856bb8bfb251ff15f4c95cf1c82e54b refs/remotes/origin/hls-debug
-a43bafe3de4641268d04f9105f6ef409abb8ede2 refs/remotes/origin/hls-discont-fix
-8acacd0d7906820039bc5e1e22a4ba332caada3e refs/remotes/origin/hls-encrypt
-7500b4bd90fc942468f94dd3a12dbcdf9c3199a6 refs/remotes/origin/hls-encrypt-auto
-78dcfbcc359f8275a55b7a14d6228e9928c75816 refs/remotes/origin/hls-ensure-directory
-737ea5ce34c8270479811acfacba02112e202625 refs/remotes/origin/hls-event
-546c42efeb910fb6b7b592293f5737324ddd606a refs/remotes/origin/hls-granularity
-2ed36a2611c1674d495f754ef3066c4a8bf98aa3 refs/remotes/origin/hls-nocache
-21174b2ee743c9ea1a0bccb46436c56c871febd3 refs/remotes/origin/hls-nocrackle
-6298aa7e1d95df8b806a262196a6589159284c74 refs/remotes/origin/hls-offset-fix
-059dba448ddeed901d06f825ed84e5e85c0f64cc refs/remotes/origin/hls-read-playlist
-0aaf2a625903ba6d4d9e1e761a0e866215149994 refs/remotes/origin/hls-restart
-2bb16425da9b593f5f9568f7c91bf06a5a1012f1 refs/remotes/origin/hls-restart-on-audio
-3d54d69e252bb537dc8fb03cc96ada084bd5da8d refs/remotes/origin/hls-trailer
-4ff1bd09fcbd8a77618bd528fd8d32fb72bd2661 refs/remotes/origin/hls-ts-discont
-2f1091679b60b8741e59f257ac2c59905cec8206 refs/remotes/origin/hls-variant
-dc698edf242a1ba6d806571e2b32e50fb4d6fcae refs/remotes/origin/hlslight
-7b88858b44371ae03d29052fe6d398750fba851e refs/remotes/origin/http
-050a4e7586552003baff9dd920d28d51eaf8ab22 refs/remotes/origin/idle-streams
-3fc1598db94b234b2ec5f368c34c5d3e877040a0 refs/remotes/origin/init_queue
-d9d749af5b156ea2b4623f7e8d0efa5139885924 refs/remotes/origin/interleave
-5150993accb5edefa61d71e1c81ad8c02f515428 refs/remotes/origin/master
-67443c28b4aff60023ce143475c2d287c264f2f7 refs/remotes/origin/meta-copy
-266e206afcda93cf2880e660fb796eb99fb6df6c refs/remotes/origin/mixed-codecs
-58491f8feddbe801557704dd1d1ac9d0950cdf3f refs/remotes/origin/mp4
-af5703b35756667eb008bdffb22626616bbae020 refs/remotes/origin/mp4-choose-track
-3f9451fdfd2707e91536bb3b942cd0a8202ebc31 refs/remotes/origin/mpeg-dash
-05a23dbc8b8a23bcb49ea71978239ab1e2e79d5d refs/remotes/origin/mstat
-cbe760aa8ad43d3908b7c9408d7f3946747981b1 refs/remotes/origin/msvc-fix1
-4ec43349ad5e16a9216844430695a3479ff6d558 refs/remotes/origin/multi-pull
-004accda9aef265eb1b4df39846156e6892d6a30 refs/remotes/origin/multi-record
-41515325899813d996e092ce4219204cec56ae3a refs/remotes/origin/multiplay
-4ec43349ad5e16a9216844430695a3479ff6d558 refs/remotes/origin/multipull
-1894d333aa9fd76e857532efe6c64d343df137e7 refs/remotes/origin/native-hls
-e22ca286044d343745a4a28b15c6298f80a9fb61 refs/remotes/origin/native-hls-rr
-b5461f61c6833aee803b5134f2285aa652978e09 refs/remotes/origin/new-live
-903abb6646153c9eca2697727231d46804a0c1b7 refs/remotes/origin/new-live2
-02dd440a25097e8528d9cdfa85132b6920649547 refs/remotes/origin/new-live3
-22de95e634b92e23eae85134c05e54c98404e34f refs/remotes/origin/new-relay
-7b5c5e99327c19600ab2bab89960ba217be52949 refs/remotes/origin/new-stat
-591d7f5f3f0a2381f466f578a768ff19344cfbb0 refs/remotes/origin/newhandshake
-cbaff8f1df7c7eabc9474909104f8f4f05324930 refs/remotes/origin/notify-addr
-7f7fcc8d5c0e8468db2b37de9a4ef3ec392c52a7 refs/remotes/origin/notify-redirect
-8d28f7f1de08a81ce356f55c6e29141369bf7aec refs/remotes/origin/notify-redirect-md5
-58bd6029463c79347d45be4488a3786abe5cebb8 refs/remotes/origin/notify-relay
-f89bbae2354ea09cb5d8b04d24ba4df8415e7f09 refs/remotes/origin/on-connect
-62e03d710cd02043156ac86da3b07e5186c78e11 refs/remotes/origin/on-update
-15405e8edde4db9e3c6b56c3a17edbf7dcd974f0 refs/remotes/origin/optsend
-9788b1a5309d40809df6832e81593392f3b381a2 refs/remotes/origin/out-metadata
-2fdec454604b76b40d322b83106ec1a35b98dfce refs/remotes/origin/out-queue-settings
-0478c4445f26f55d33e360a91a7ab4cd57f44f3b refs/remotes/origin/pause
-940ff260099958edf27eb11fe0b959e881fd5dfa refs/remotes/origin/peer-timestamp
-067c73710d15f046945ada24d5ca25d50b2751c7 refs/remotes/origin/play-publish-done
-5d3189ad97c87bbdac9fb455f7505d0d4d5eb058 refs/remotes/origin/play-seek
-8a8f28f3b67d0177f79e754c478e845bac70eb58 refs/remotes/origin/play2
-521f8998b0cf1e197152655b214285ebde974fd3 refs/remotes/origin/play2-continue
-3e25f91004b83c1a1fa25a8993cdd691f65bf658 refs/remotes/origin/postconf-handler-init
-4ec43349ad5e16a9216844430695a3479ff6d558 refs/remotes/origin/preemption
-a72e33ea411ed5f55df04ea9ab9dfceb09137642 refs/remotes/origin/proxy-protocol
-6ab14605ba4a410b39916543302a9a9eb4d19698 refs/remotes/origin/publish-optional-type
-1c2470975e4f23742d3e468649c2ad2bbfb77e7f refs/remotes/origin/publish-time-fix2
-dbc3ac2438757b23a65e1612c36b5691e7173585 refs/remotes/origin/push-reconnect
-0b6a84b0b829c6794c0635dd30a2aa6712417c8f refs/remotes/origin/record-append
-abc2704db1193bd993b886463063059d1ff5050e refs/remotes/origin/record-done
-8658d99529384a487113bb9b80aaffd7714f16a7 refs/remotes/origin/record-keyframes
-9b3471d79f43382db134b407cfce4f5b4ee24ae0 refs/remotes/origin/record-lock
-f79aa206ec572c225c8bd32b5c2b1d7cc5ede692 refs/remotes/origin/record-name-format
-bff1c355ec7db875972da6682e2553d65ac847ad refs/remotes/origin/record-notify
-b69efd3e94113f627f25d0ab67fcd1036eab5fb1 refs/remotes/origin/reentrant-relay
-1f9072bbe69e015021a31784b3ac66f0b296c911 refs/remotes/origin/relay
-c9973fc68a91284c632f3afb736303d6402f6c4e refs/remotes/origin/relay-vars
-7aa513cfcd5fd345ea477ea582faa8858628974d refs/remotes/origin/reltime
-de2a4258d77aecdc2fab34b5857ca4529b1fe0ba refs/remotes/origin/remote-redirect
-60038b6ea15ae34dc1f177625adc73ddb39eb984 refs/remotes/origin/rooms
-35753c5f6221c31edad65a2f70802b856e642fe3 refs/remotes/origin/rooms2
-4a1358723a7ce288aeec9583da97166c260b38dd refs/remotes/origin/rtmp-ads
-71f92aca8d631cbc800c8eed235535e0b0a52991 refs/remotes/origin/safe-amf-parser
-87d1cebfe2822d75f9c97fe2487723029abc272a refs/remotes/origin/sample-access
-57dd1406bd59224eea4e0aabf9dbfe4c82e6be9a refs/remotes/origin/session-relay
-22de95e634b92e23eae85134c05e54c98404e34f refs/remotes/origin/shared-live-streams
-5d7a5ea535ed40e7a9459967dc607bb52b10db12 refs/remotes/origin/shared_record
-18e4762db29139ada9c8be4b36070005e8d01efc refs/remotes/origin/smart-drop
-a8d148473db0fe5fb17e5e7527a3cafcfafb1fff refs/remotes/origin/smartos-compilation-fix
-2cff2a58210c2f964f4d2ee76a8461fb81e28610 refs/remotes/origin/stat-no-underline
-e3be78bc6b6f91fea27ba235a6393dee50817bcf refs/remotes/origin/stat-redesign
-3bd60857bd5ea2f3024e7de248bdc3d64b58859d refs/remotes/origin/static-relay
-7a35372e30dca2a10c843219597bc4bc481fdda0 refs/remotes/origin/static-relay-cleanup
-882b4f15b287b3e313088a67b2a4a543fbb6511d refs/remotes/origin/static-relay2
-ac13bbf1af345532a009a88d93ac4b7869ffe456 refs/remotes/origin/sync
-9b4725a01a9615dfa7133d659ff936bd69e91345 refs/remotes/origin/sync-atc
-7fbfb36440d99786f3c4ecc723ae61fcdedc3ce5 refs/remotes/origin/sync-atc-fmle
-466c1fdf168646d57f0f43c463ad524143917e01 refs/remotes/origin/sync-atc-fmle2
-93b669273561ebd80fbf106b8b482d28a4377b81 refs/remotes/origin/sync-enotify
-c8ad56e2d232933453d54767db55e96e00dd3d6c refs/remotes/origin/video-key
-6ad152ee4c43238bd6a9f71f36b8e5a1757909a0 refs/remotes/origin/video-on-demand
-b6194ed6e6a01ce14026c1778148db61a9a6765e refs/remotes/origin/virtual
-4adc5f7487b0bb27cf027c3e792b00821ad30ada refs/remotes/origin/vod-http
-0f337fe9a482e3da10ca7e8055ae1d8a2ccb9037 refs/remotes/origin/vod-sample-access
-98d959ac5374bd14123f53318e6c8a8d481ffd92 refs/remotes/origin/vod-seek
-770e67b1f33134c7db41e99f27ef167b16be8032 refs/remotes/origin/vod-stat
-5db5d5af24af798f698fcc0f6eeecbac52932139 refs/remotes/origin/vod-stat2
-658f5ec639e290476f19eb91f371e2bf453616c0 refs/remotes/origin/win
-289ee42c53f49728eb134f2226a2ef9ca7a32414 refs/remotes/origin/win1
-92d4c071d91b9de67e7293efcb72ad97c28285a7 refs/tags/freebsd-native-hls
-^1894d333aa9fd76e857532efe6c64d343df137e7
-316b05d54e7e290546872cb26ad5b431b2a935af refs/tags/v0.0.1
-^eda826a386f10109816c57db9ed0908bdca92330
-2ba5b409dfac19e28befd698e0e03ea8f3799517 refs/tags/v0.0.10
-^d943d519754d1c08073298114807a8afb154d07f
-f00415d4264d303b1a2771a3c6a36c026217e000 refs/tags/v0.0.11
-^bcd601832a0a2dc968621e065f1dbeaa14b77bb6
-3080d5f1e2f6e7b4da23585fb538152cbe91bf77 refs/tags/v0.0.12
-^caec91b85772dc5e078a3152cb6ed436c26bfbc3
-740f8034ec343eeab3c19c5e777fc1af05af12e5 refs/tags/v0.0.13
-^d3c5ad11969c6bfba083a33c5c7540d79692ab0a
-18719a9ae0332480c80acac56b54e87b6131f46c refs/tags/v0.0.14
-^cf1976cd05a6e73cdf5fb1506f84508a297688b6
-903e750ce238efa3cde37a40a00c83d0efa7190b refs/tags/v0.0.15
-^6295147db1d44c9e8430b09cf2bf3d0a43c16b56
-93cd6b10d401382dfc8f740dd8e995fc5241eacc refs/tags/v0.0.16
-^359c346d3516403f5545dac0e9d8fe57ff09238e
-88536319dc71fa9e8202eb000dcce7f1aa864321 refs/tags/v0.0.17
-^15405e8edde4db9e3c6b56c3a17edbf7dcd974f0
-6eba477d8578b5c488e034ab25d45e34e30636f5 refs/tags/v0.0.2
-^8204245eb223290cfed21f6748860a4bec510ed1
-4793210ff635d428fc37692d88a1107e32f3839e refs/tags/v0.0.3
-^96ebed857347b368cb78749de3515797eb0d9364
-110118d72aa68bced1a7da6d427c4a1473153f8b refs/tags/v0.0.4
-^b9ee8dbe097b2ab9cd60786c1cfa9a48237c51dd
-49d4548bbc229885290915256d3b75f5d0b2863e refs/tags/v0.0.5
-^1e9a7e6efcd6990662f41e54587f27ab3f28ba87
-1c620f4121a3c4c64ccc71ca9a3aee100b702221 refs/tags/v0.0.6
-^3980a5923715131c8ac011410e63250ef5d13c93
-dbad1b31d510f290c5ebac4f073f5b7c3ef97e04 refs/tags/v0.0.7
-^7b70e9241327b93d04554cd7b8d2eeadb2acc4e6
-41ca3077bdbd20c2ddefdcc5f03a26b9ab6c358b refs/tags/v0.0.8
-^e563c3146e31eb8ce48634262435978bab26f7f0
-dc702ef73579582157563de257bf906d5ac77e18 refs/tags/v0.0.9
-^31d18ed4478684571476aed6125e942bfc738d77
-e2dcb0bea3859e6a66a7601356a7d90434d5ef4f refs/tags/v0.1.0
-^c61d7ac56f4895dc3f0513344b45d74943d4da19
-a0e0796bff7e6a33181d4cb6a1981a9889cf791c refs/tags/v0.1.1
-^f6ccfb6fa1d05d3babc1bb20ca7003802f85f2f0
-80db4c48b3cc30ad12112b5bde3831520c81a92a refs/tags/v0.1.10
-^88346934e51595118518957553316afda5a8b771
-b103795c7f1f41a51451dace848f8de085d59840 refs/tags/v0.1.11
-^45cd9825a2bb882c3b65a9c1139342bc59e40750
-8c8410a1def03c6f535110352398a0fc463d08f8 refs/tags/v0.1.12
-^63c4269a9146370db970894512523b9f3893ffad
-951872e641cbebbd925c17cb8e8cc8a0289fe9cd refs/tags/v0.1.13
-^1719ef4433de03e8d95be7838a933326d717f1ee
-6432ba9937589a7bbd58975d2e253a65e433e17b refs/tags/v0.1.14
-^fa3630d63d77ec4e6dcfa14a88afb5804b1b3596
-4b89a9819cc22c6ca1852613c518e0f400c6c048 refs/tags/v0.1.15
-^8def5f394543b822b6b450e79bdbf9a73f1d0a99
-40d6554b7196933e96aff91bba15f6b31c99dedb refs/tags/v0.1.2
-^4e713b75e8e3cd8f5456303e2f7f4803776f33de
-a33ca7451cbd32dc2f43e01b3b87552f055a56ae refs/tags/v0.1.3
-^d82c16499de14965ff1259c457b33b5a81614c40
-dd9683b203e09b13d08e717e20304060c1d320cb refs/tags/v0.1.4
-^a4f48c5baa427c9d9093c0ceee339820c2167624
-d216f3dd61f67da413503b492af4b1f5c3e58451 refs/tags/v0.1.5
-^32279ddf26a9d9e0f34ff62d460bf4c1b14e2088
-2dab9cce52024dbf7ae3273770e159e73db21618 refs/tags/v0.1.6
-^49382c826b041589badb32b5f5f512592405a736
-c83a64c91d926c1bc5ac35036d49c31f87165466 refs/tags/v0.1.7
-^63e19f8d67d4f442f2700103c4d8ee9d137c0116
-0ab4039b703078ddacd4e70adc67b99efd946de3 refs/tags/v0.1.8
-^4bb48483be9d91a74a2efd5cb80fa136918ae466
-c9d359554132dc807d599b8d28b3193c8e37d841 refs/tags/v0.1.9
-^6143abc41803be6da47bfc4e15bbfe1d315de832
-4d20bb15480652145358c20f444f77ddbe2eeac6 refs/tags/v0.2.0
-^eb4e9e8d9033cb7c1775eec114cd7b90af26b047
-9df13315600aa2752fc99e80fb8b73a78e0f0fbf refs/tags/v0.2.1
-^1a2a8e2867f4d1cd64853bc49af9e725ee7f8343
-7e8b090de600016d965d3080b0cd6bc81eb60f67 refs/tags/v0.2.2
-^4e475cccb507951e5091f0ff5f1d4ef1903fd439
-f7f24bade80cca3a09e7286f250bb464cfab2df1 refs/tags/v0.2.3
-^295551947a187a265e5c60e6cccdf4c894a21e24
-2bf2e04da1cd97187612ba73ce9010c96393b76a refs/tags/v0.3.0
-^58491f8feddbe801557704dd1d1ac9d0950cdf3f
-aded30326d7e233283346dab1258d4fdf69c31e7 refs/tags/v0.4.0
-^3c2e29f215fb09e5b4cb29040d1e5e092ce73849
-3381f10c50c161b0350ca8030535a97f43977940 refs/tags/v0.4.1
-^067c73710d15f046945ada24d5ca25d50b2751c7
-943ca88b8160225ef8decfab7aa3c6ba40c012a7 refs/tags/v0.4.2
-^ff247dafff1cab945c85ceefcf97d76fa1972c0e
-2864097d4bf7e81a95bc85d133121beaf8262fc9 refs/tags/v0.4.3
-^ed5f06db8a90746059730fe8b55cf9ddc64ca67e
-ed9bef4dc07d34078749b79d072cde59f385084a refs/tags/v0.5.0
-^abc2704db1193bd993b886463063059d1ff5050e
-eb94d37c69842eb563fa3e7c9cc286cc942fd2e8 refs/tags/v0.5.1
-^6485716fb4734d5fc25ba12d849e2dedab63707d
-0b020f1757f052a24a4d4c2061fcc4f8e1dbd440 refs/tags/v0.5.2
-^87686029aa2cfddfea765c626be7161981583482
-053bdc9277034a6db7edcc3d46c042ab8c62989b refs/tags/v0.5.3
-^cc632eb6b683eacdced09bfbe905e510779d5efc
-307f468efdffa4ad07e79c0e39eab9f9eb195307 refs/tags/v0.5.4
-^bff1c355ec7db875972da6682e2553d65ac847ad
-98438d54995ad4d11d7a020ff6b77919ca368448 refs/tags/v0.6.0
-^72d175ed7f5dfb4874ac6e002b737d866a0553d7
-f1eeb39f851366614b7dc1afa1fba21e1595475f refs/tags/v0.6.1
-^21174b2ee743c9ea1a0bccb46436c56c871febd3
-2b20008d1f3cb4b357d74ee288e2c00ac801d415 refs/tags/v0.6.2
-^795c1538a3602d5eedf7617c6d13c775721a66b9
-6b1f2547203b946cbac8c60bd86e5f04ad1a9a1d refs/tags/v0.6.3
-^c86e30fd270103b00c244f136c8780fb3a51b921
-d623935695e9ac6418a1baa24283bd35a42fef81 refs/tags/v0.6.4
-^f65f07deb32565b144e22faece57638f8961d62f
-d3a7be773484e670119dfa20ff56cb0a91a8554f refs/tags/v0.6.5
-^4adc5f7487b0bb27cf027c3e792b00821ad30ada
-293ebabd1220ec4615e2eb89d19ca3e7a381d1a3 refs/tags/v0.7.0
-^101b43a478bb44018733e75a3bf3b1f8adc5b2e5
-4b12afb07c889648864458c3a6096dc274c7420e refs/tags/v0.7.1
-^98d959ac5374bd14123f53318e6c8a8d481ffd92
-eb5ccb5fb1f735b82da3a43ee0d8d398bd932840 refs/tags/v0.7.2
-^6f2808c7d11564e2269e9f64b9671f8c080c893d
-23fe9e844ecafd18a5d713618a36fb68846db951 refs/tags/v0.7.3
-^62e03d710cd02043156ac86da3b07e5186c78e11
-09b1e2bab6467a8d50e37939b4d1fc0b9777adfd refs/tags/v0.7.4
-^696e488ecb089236a297939248d4616d4665d347
-fa8752466e94879be074386c2f0420640cec3b41 refs/tags/v0.8.0
-^02dd440a25097e8528d9cdfa85132b6920649547
-7c3df8e2c78a85ef7f5d2e8f100e5f54573c71c7 refs/tags/v0.8.1
-^9f4296c08382b1374018346cce3bb5d40036f47a
-f8899c67c2508ded911a93117b3186df6df631bd refs/tags/v0.8.2
-^ac924d7f940f05063d7ef0503aa7f3a1576bf380
-683a29d4d0a536b6a97c07d1deeacb8cc11a6af7 refs/tags/v0.8.3
-^3d54d69e252bb537dc8fb03cc96ada084bd5da8d
-2aeefa379b700de0c9c1b4ed94e186e0d1d1a580 refs/tags/v0.8.4
-^f2f28cbe487883caed333ffb4f5f7942bed64c09
-5ea2a003691a63630e6c1d492c96d6581338efb8 refs/tags/v0.8.5
-^bd562e4ff7c10cad71711828548cbb584bd4a80b
-11ee9f81e8b8a077113cdf96d655d7cf9961a03d refs/tags/v0.8.6
-^e5e5766ebb51e1c36b6804fe0ddc02ee8ca19cc6
-544c73b3b27c93df0d61172c62a7eee2e8252953 refs/tags/v0.8.7
-^3eaa43a7a327646acdebe87000422c6fd086adbe
-83055d17d104c267aeebda070246b0917dbfffb2 refs/tags/v0.9.0
-^406d3a9527e08ea148e7c10ffa4009e0e5070b11
-37a1511c0e7c6a1a522bab7355289a71a7876ad2 refs/tags/v0.9.1
-^ea65ac688cdd89dad65bcdc3b62d5e152b47f1ec
-ee0df070f78e83f3857301aa0e4340c15743403d refs/tags/v0.9.10
-^6923889e5386abad1aa07e2c29462fc469d3a5d4
-cb5e1df91a1b8d020de63d6cbbacd9f74097a375 refs/tags/v0.9.11
-^3aa528fccd2c3500b2eeafa6589c3f8f07564186
-6d328d3291833a9991cb27df45d1c82cfc3bc5fb refs/tags/v0.9.12
-^11e3f53fd259f0297a4d8f440afceb8395b45622
-b63100856c3a795440047324aaf863c6339e859f refs/tags/v0.9.13
-^0a8f0ee6c560edc032f66a25d527e9cd7ed6b62b
-e13bcdadf3b57f91e8eca678846480522eb214ba refs/tags/v0.9.14
-^612fc4dd7514b3da2ac774a6daeb7baa60314f36
-1c92b49d30e7215483d5c0c038da2d09d6ac1d16 refs/tags/v0.9.15
-^7b5c5e99327c19600ab2bab89960ba217be52949
-bc3fe7a8ebf166e5187f7bac00c70e40a9b192fe refs/tags/v0.9.16
-^c0fc4bbdccf1d328eaa098f3287e427e369517c0
-d5288d89f8c1e1c8c82218a23deedfabb845fa1c refs/tags/v0.9.17
-^f79aa206ec572c225c8bd32b5c2b1d7cc5ede692
-bce7ea3e62682b29d61d56cc6bcc0e794857d557 refs/tags/v0.9.18
-^c61e99a36878fc618e29633db0e9652be13f6284
-39cb7ca0a51e7e4bfc400b285141a71ac7b565c7 refs/tags/v0.9.19
-^a47b23204b43d5b823feeb52b0c868b2c96847ca
-43dd6489282d965072eb48479af5e8d90ac6ad38 refs/tags/v0.9.2
-^af5703b35756667eb008bdffb22626616bbae020
-73e60038c62b281fd0e4ff5565f35797fed46a1a refs/tags/v0.9.20
-^e29e64ed7d262904d22ce0a708e67cc02115f497
-828fcd80c23df5caf0b7fdbf897ba45a92f3dce7 refs/tags/v0.9.3
-^aeae84bf8babcd7130f71b5941834eeb4fafa61a
-31f684d189aec37550e82e4c7cf3ac751a781ade refs/tags/v0.9.4
-^f358a2e8f9269afef85d82549de4945942b39d6c
-63540cc06386523c08857cf435ad9c2f6daaef8a refs/tags/v0.9.5
-^c0ad999f37675dd1bbed11d901f34259827bb405
-e7fe15e6ca0cb0f81ec42b5b309ce6f720525193 refs/tags/v0.9.6
-^5325df0135c467d21cf93cd5c5df6af60a87a9e8
-0dda255fe75318707bb20e0078ace6da1f160cd2 refs/tags/v0.9.7
-^138c330da2ace7617af3c6b671fbee049f387fb7
-568ce8f0a850d3d7e00c33247edffe366cff0d51 refs/tags/v0.9.8
-^6903ac23e430b4170b108bb2f631562560c37fe0
-2d5bc52527e46171d2e2a7c4d9c87fa2a4e39fee refs/tags/v0.9.9
-^af8446a0985ba76873c25a6aae5125e47c7a3194
-d27f964d1f45d546419795b058fea60f3f1f21ab refs/tags/v1.0.0
-^613234b866fd08ea2221d183edfd9eb6d8a8bf4d
-421d9ff41f699cc344845df9869dccff0ce4ad86 refs/tags/v1.0.1
-^cbe760aa8ad43d3908b7c9408d7f3946747981b1
-e1ec6d2f08937878a985bfa7d4f49e93312dc7e0 refs/tags/v1.0.2
-^6b92cd6b29ddeea5a113b6e5d8d854b6986e3fd1
-7749d54fb000641dfa6c8eebfb8765175f187a13 refs/tags/v1.0.3
-^7b4df729c1c4d86589f8ccadc0bd20ee733416f9
-aaeca4ff01f858cd719ea5b86eef7dcc3ba259ca refs/tags/v1.0.4
-^67443c28b4aff60023ce143475c2d287c264f2f7
-d7e1af79c4d152d16bcacfcd2ca18d58e6b3201b refs/tags/v1.0.5
-^737ea5ce34c8270479811acfacba02112e202625
-0acf1123a044c8afd68112387712abd59e45a2eb refs/tags/v1.0.6
-^1cfb7aeb582789f3b15a03da5b662d1811e2a3f1
-bd4f1b4cf7c58e55298c326184e5ad1a15c3aff0 refs/tags/v1.0.7
-^995688b9cfea4fb01a5b8ad0e110fec0866e501c
-5beda43a6b388af5e7c1bcc55384163d97dcf836 refs/tags/v1.0.8
-^d01ffc0c88d9ce736be3dee99b4f9d3fcc07b685
-f792dab070dbdedc3b968483287fa59e6ae48a03 refs/tags/v1.0.9
-^471d299f5d5348dfbba6132779587553c3a709a7
-a08c7835b05e2bd816efb1f8036cb7c9bf59b906 refs/tags/v1.1.0
-^8542e21e17587ee2e928cdfedc1cb82996df7719
-e9d11158cb1b18a0631a94c4e8599c0f8c64adb7 refs/tags/v1.1.1
-^8608faad1e0b25c80b1f9b93439d6fd450db5c15
-cf710155b2666d2456a58a49dac1af4d93b215ce refs/tags/v1.1.10
-^5150993accb5edefa61d71e1c81ad8c02f515428
-2a721794867c76e9ac9e653e76da9503cbc9d60f refs/tags/v1.1.2
-^65cd61e43350c0de0a69103aed1ecf7f2b081ab8
-c130de320738a9ae084ba3d54f033c98e6e82d65 refs/tags/v1.1.3
-^6f768dc4eb2a2cb7798e31c7465af77b94ca2733
-3fdbbcc01249d7a3f0559192debfe09f844aef6e refs/tags/v1.1.4
-^8c2229cce5d4d4574e8fb7b130281497f746f0fa
-28618cde22c864eef6ecdba9da636a2f2f611b20 refs/tags/v1.1.5
-^7500b4bd90fc942468f94dd3a12dbcdf9c3199a6
-1706bc84f5b0882dec6f1854d9054be7e3d12ab2 refs/tags/v1.1.6
-^7a35372e30dca2a10c843219597bc4bc481fdda0
-c0a5fb42c214d585a84967b2e172889d9278d325 refs/tags/v1.1.7
-^f62a0838064baf089ad9fe3c8f6f2ffe0775afb2
-1fe006d50fbca7537984fc080dd32906b9cb5455 refs/tags/v1.1.8
-^cb54ed4ac0994e36b92d21a51313af44ecdfdadd
-c7447b49ee18232dab330fadf6c2dfb5fa2bbfb2 refs/tags/v1.1.9
-^c0bf381d10de05c135f913921c58272838d5e1ee
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/heads
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/heads/master
^
|
@@ -1 +0,0 @@
-5150993accb5edefa61d71e1c81ad8c02f515428
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/remotes
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/remotes/origin
^
|
-(directory)
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/remotes/origin/HEAD
^
|
@@ -1 +0,0 @@
-ref: refs/remotes/origin/master
|
[-]
[+]
|
Deleted |
nginx-rtmp-module-1.1.15.tar.gz/.git/refs/tags
^
|
-(directory)
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/dash/ngx_rtmp_dash_module.c
^
|
@@ -52,7 +52,7 @@
ngx_str_t playlist_bak;
ngx_str_t name;
ngx_str_t stream;
- ngx_time_t start_time;
+ time_t start_time;
ngx_uint_t nfrags;
ngx_uint_t frag;
@@ -228,8 +228,8 @@
ngx_rtmp_dash_app_conf_t *dacf;
static u_char buffer[NGX_RTMP_DASH_BUFSIZE];
- static u_char start_time[sizeof("1970-09-28T12:00:00+06:00")];
- static u_char end_time[sizeof("1970-09-28T12:00:00+06:00")];
+ static u_char start_time[sizeof("1970-09-28T12:00:00Z")];
+ static u_char pub_time[sizeof("1970-09-28T12:00:00Z")];
dacf = ngx_rtmp_get_module_app_conf(s, ngx_rtmp_dash_module);
ctx = ngx_rtmp_get_module_ctx(s, ngx_rtmp_dash_module);
@@ -252,18 +252,16 @@
return NGX_ERROR;
}
-
#define NGX_RTMP_DASH_MANIFEST_HEADER \
"<?xml version=\"1.0\"?>\n" \
"<MPD\n" \
" type=\"dynamic\"\n" \
" xmlns=\"urn:mpeg:dash:schema:mpd:2011\"\n" \
" availabilityStartTime=\"%s\"\n" \
- " availabilityEndTime=\"%s\"\n" \
+ " publishTime=\"%s\"\n" \
" minimumUpdatePeriod=\"PT%uiS\"\n" \
" minBufferTime=\"PT%uiS\"\n" \
- " timeShiftBufferDepth=\"PT0H0M0.00S\"\n" \
- " suggestedPresentationDelay=\"PT%uiS\"\n" \
+ " timeShiftBufferDepth=\"PT%uiS\"\n" \
" profiles=\"urn:hbbtv:dash:profile:isoff-live:2012," \
"urn:mpeg:dash:profile:isoff-live:2011\"\n" \
" xmlns:xsi=\"http://www.w3.org/2011/XMLSchema-instance\"\n" \
@@ -285,11 +283,9 @@
" width=\"%ui\"\n" \
" height=\"%ui\"\n" \
" frameRate=\"%ui\"\n" \
- " sar=\"1:1\"\n" \
" startWithSAP=\"1\"\n" \
" bandwidth=\"%ui\">\n" \
" <SegmentTemplate\n" \
- " presentationTimeOffset=\"0\"\n" \
" timescale=\"1000\"\n" \
" media=\"%V%s$Time$.m4v\"\n" \
" initialization=\"%V%sinit.m4v\">\n" \
@@ -323,7 +319,6 @@
" startWithSAP=\"1\"\n" \
" bandwidth=\"%ui\">\n" \
" <SegmentTemplate\n" \
- " presentationTimeOffset=\"0\"\n" \
" timescale=\"1000\"\n" \
" media=\"%V%s$Time$.m4a\"\n" \
" initialization=\"%V%sinit.m4a\">\n" \
@@ -341,38 +336,33 @@
" </Period>\n" \
"</MPD>\n"
- ngx_libc_localtime(ctx->start_time.sec +
- ngx_rtmp_dash_get_frag(s, 0)->timestamp / 1000, &tm);
+ ngx_libc_gmtime(ctx->start_time, &tm);
- *ngx_sprintf(start_time, "%4d-%02d-%02dT%02d:%02d:%02d%c%02d:%02d",
- tm.tm_year + 1900, tm.tm_mon + 1,
- tm.tm_mday, tm.tm_hour,
- tm.tm_min, tm.tm_sec,
- ctx->start_time.gmtoff < 0 ? '-' : '+',
- ngx_abs(ctx->start_time.gmtoff / 60),
- ngx_abs(ctx->start_time.gmtoff % 60)) = 0;
-
- ngx_libc_localtime(ctx->start_time.sec +
- (ngx_rtmp_dash_get_frag(s, ctx->nfrags - 1)->timestamp +
- ngx_rtmp_dash_get_frag(s, ctx->nfrags - 1)->duration) /
- 1000, &tm);
-
- *ngx_sprintf(end_time, "%4d-%02d-%02dT%02d:%02d:%02d%c%02d:%02d",
- tm.tm_year + 1900, tm.tm_mon + 1,
- tm.tm_mday, tm.tm_hour,
- tm.tm_min, tm.tm_sec,
- ctx->start_time.gmtoff < 0 ? '-' : '+',
- ngx_abs(ctx->start_time.gmtoff / 60),
- ngx_abs(ctx->start_time.gmtoff % 60)) = 0;
+ ngx_sprintf(start_time, "%4d-%02d-%02dT%02d:%02d:%02dZ%Z",
+ tm.tm_year + 1900, tm.tm_mon + 1,
+ tm.tm_mday, tm.tm_hour,
+ tm.tm_min, tm.tm_sec);
+
+ ngx_libc_gmtime(ngx_time(), &tm);
+
+ ngx_sprintf(pub_time, "%4d-%02d-%02dT%02d:%02d:%02dZ%Z",
+ tm.tm_year + 1900, tm.tm_mon + 1,
+ tm.tm_mday, tm.tm_hour,
+ tm.tm_min, tm.tm_sec);
last = buffer + sizeof(buffer);
p = ngx_slprintf(buffer, last, NGX_RTMP_DASH_MANIFEST_HEADER,
start_time,
- end_time,
+ pub_time,
(ngx_uint_t) (dacf->fraglen / 1000),
(ngx_uint_t) (dacf->fraglen / 1000),
- (ngx_uint_t) (dacf->fraglen / 500));
+ (ngx_uint_t) (dacf->fraglen / 250 + 1));
+
+ /*
+ * timeShiftBufferDepth formula:
+ * 2 * minBufferTime + max_fragment_length + 1
+ */
n = ngx_write_fd(fd, buffer, p - buffer);
@@ -952,7 +942,7 @@
"dash: playlist='%V' playlist_bak='%V' stream_pattern='%V'",
&ctx->playlist, &ctx->playlist_bak, &ctx->stream);
- ctx->start_time = *ngx_cached_time;
+ ctx->start_time = ngx_time();
if (ngx_rtmp_dash_ensure_directory(s) != NGX_OK) {
return NGX_ERROR;
@@ -1008,6 +998,11 @@
f->duration = timestamp - f->timestamp;
hit = (f->duration >= dacf->fraglen);
+ /* keep fragment lengths within 2x factor for dash.js */
+ if (f->duration >= dacf->fraglen * 2) {
+ boundary = 1;
+ }
+
} else {
/* sometimes clients generate slightly unordered frames */
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/hls/ngx_rtmp_hls_module.c
^
|
@@ -1951,6 +1951,7 @@
ngx_log_error(NGX_LOG_ERR, s->connection->log, 0,
"hls: error appending AUD NAL");
}
+ /* fall through */
case 9:
aud_sent = 1;
break;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp.h
^
|
@@ -135,6 +135,8 @@
#define NGX_RTMP_MSG_AGGREGATE 22
#define NGX_RTMP_MSG_MAX 22
+#define NGX_RTMP_MAX_CHUNK_SIZE 10485760
+
#define NGX_RTMP_CONNECT NGX_RTMP_MSG_MAX + 1
#define NGX_RTMP_DISCONNECT NGX_RTMP_MSG_MAX + 2
#define NGX_RTMP_HANDSHAKE_DONE NGX_RTMP_MSG_MAX + 3
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_access_module.c
^
|
@@ -410,8 +410,8 @@
break;
}
- /* "all" passes through */
#endif
+ /* fall through */
default: /* AF_INET */
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_amf.c
^
|
@@ -331,6 +331,7 @@
if (elts->type & NGX_RTMP_AMF_OPTIONAL) {
return NGX_OK;
}
+ /* fall through */
case NGX_ERROR:
return NGX_ERROR;
}
@@ -398,6 +399,7 @@
if (ngx_rtmp_amf_get(ctx, &max_index, 4) != NGX_OK) {
return NGX_ERROR;
}
+ /* fall through */
case NGX_RTMP_AMF_OBJECT:
if (ngx_rtmp_amf_read_object(ctx, data,
@@ -592,6 +594,7 @@
if (ngx_rtmp_amf_put(ctx, &max_index, 4) != NGX_OK) {
return NGX_ERROR;
}
+ /* fall through */
case NGX_RTMP_AMF_OBJECT:
type8 = NGX_RTMP_AMF_END;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_eval.c
^
|
@@ -154,6 +154,7 @@
name.len = p - name.data;
ngx_rtmp_eval_append_var(ctx, &b, e, &name, log);
+ /* fall through */
case NORMAL:
switch (c) {
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_handler.c
^
|
@@ -821,6 +821,12 @@
ngx_log_debug1(NGX_LOG_DEBUG_RTMP, s->connection->log, 0,
"setting chunk_size=%ui", size);
+ if (size > NGX_RTMP_MAX_CHUNK_SIZE) {
+ ngx_log_error(NGX_LOG_ALERT, s->connection->log, 0,
+ "too big RTMP chunk size:%ui", size);
+ return NGX_ERROR;
+ }
+
cscf = ngx_rtmp_get_module_srv_conf(s, ngx_rtmp_core_module);
s->in_old_pool = s->in_pool;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_handshake.c
^
|
@@ -104,30 +104,37 @@
ngx_rtmp_make_digest(ngx_str_t *key, ngx_buf_t *src,
u_char *skip, u_char *dst, ngx_log_t *log)
{
- static HMAC_CTX hmac;
- static unsigned hmac_initialized;
+ static HMAC_CTX *hmac;
unsigned int len;
- if (!hmac_initialized) {
- HMAC_CTX_init(&hmac);
- hmac_initialized = 1;
+ if (hmac == NULL) {
+#if OPENSSL_VERSION_NUMBER < 0x10100000L
+ static HMAC_CTX shmac;
+ hmac = &shmac;
+ HMAC_CTX_init(hmac);
+#else
+ hmac = HMAC_CTX_new();
+ if (hmac == NULL) {
+ return NGX_ERROR;
+ }
+#endif
}
- HMAC_Init_ex(&hmac, key->data, key->len, EVP_sha256(), NULL);
+ HMAC_Init_ex(hmac, key->data, key->len, EVP_sha256(), NULL);
if (skip && src->pos <= skip && skip <= src->last) {
if (skip != src->pos) {
- HMAC_Update(&hmac, src->pos, skip - src->pos);
+ HMAC_Update(hmac, src->pos, skip - src->pos);
}
if (src->last != skip + NGX_RTMP_HANDSHAKE_KEYLEN) {
- HMAC_Update(&hmac, skip + NGX_RTMP_HANDSHAKE_KEYLEN,
+ HMAC_Update(hmac, skip + NGX_RTMP_HANDSHAKE_KEYLEN,
src->last - skip - NGX_RTMP_HANDSHAKE_KEYLEN);
}
} else {
- HMAC_Update(&hmac, src->pos, src->last - src->pos);
+ HMAC_Update(hmac, src->pos, src->last - src->pos);
}
- HMAC_Final(&hmac, dst, &len);
+ HMAC_Final(hmac, dst, &len);
return NGX_OK;
}
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_init.c
^
|
@@ -79,6 +79,7 @@
case AF_UNIX:
unix_socket = 1;
+ /* fall through */
default: /* AF_INET */
sin = (struct sockaddr_in *) sa;
@@ -110,6 +111,7 @@
case AF_UNIX:
unix_socket = 1;
+ /* fall through */
default: /* AF_INET */
addr = port->addrs;
|
[-]
[+]
|
Changed |
nginx-rtmp-module-1.2.1.tar.gz/ngx_rtmp_notify_module.c
^
|
@@ -892,6 +892,7 @@
n = 0;
state = parse_name;
+ /* fall through */
case parse_name:
switch (c) {
@@ -919,6 +920,7 @@
break;
}
state = parse_value;
+ /* fall through */
case parse_value:
if (c == '\n') {
|
|
Added |
ngx_http_substitutions_filter_module-master.zip
^
|
|
Deleted |
ngx_pagespeed-1.12.34.2-stable.zip
^
|
|
Deleted |
ngx_pagespeed-1.12.34.3-stable.zip
^
|
|
Added |
ngx_pagespeed-1.13.35.2-stable.zip
^
|
|
Deleted |
ngx_pagespeed-latest-testing.zip
^
|
|
Deleted |
openssl-1.1.0c.tar.gz
^
|
|
Deleted |
openssl-1.1.0e.tar.gz
^
|
|
Added |
openssl-1.1.0h.tar.gz
^
|
|
Added |
openssl-1.1.1a.tar.gz
^
|
|
Deleted |
release-1.11.33.2-beta.zip
^
|
|
Deleted |
v1.10.33.6-beta.zip
^
|