Changes - j0ke.net Open Build Service

Changes of Revision 266

[-] [+]	Changed	nginx.changes
@@ -1,4 +1,9 @@ ------------------------------------------------------------------- +Tue Dec 12 11:37:50 UTC 2017 - cs@linux-administrator.com + +- update to nginx 1.13.7 + +------------------------------------------------------------------- Wed Apr 5 10:58:26 UTC 2017 - cs@linux-administrator.com - update to nginx 1.11.13 1 @@ -1,4 +1,9 @@ 2 ------------------------------------------------------------------- 3 +Tue Dec 12 11:37:50 UTC 2017 - cs@linux-administrator.com 4 + 5 +- update to nginx 1.13.7 6 + 7 +------------------------------------------------------------------- 8 Wed Apr 5 10:58:26 UTC 2017 - cs@linux-administrator.com 9 10 - update to nginx 1.11.13 11
[-] [+]	Changed	nginx.spec ^
@@ -17,14 +17,14 @@ %define psol_version 1.12.34.2-x64 %define slowfs_version 1.5 #%define waf_version 2.8.0 -%define openssl_version 1.1.0f +%define openssl_version 1.1.0g %define ngxpurge_version 2.3 %define ajpmodule_version 0.3 %define with_ldap_auth 0 %define with_ajp_module 1 Name: nginx -Version: 1.13.2 +Version: 1.13.7 Release: 1 Summary: Robust, small and high performance http and reverse proxy server Group: System Environment/Daemons 18 1 @@ -17,14 +17,14 @@ 2 %define psol_version 1.12.34.2-x64 3 %define slowfs_version 1.5 4 #%define waf_version 2.8.0 5 -%define openssl_version 1.1.0f 6 +%define openssl_version 1.1.0g 7 %define ngxpurge_version 2.3 8 %define ajpmodule_version 0.3 9 %define with_ldap_auth 0 10 %define with_ajp_module 1 11 12 Name: nginx 13 -Version: 1.13.2 14 +Version: 1.13.7 15 Release: 1 16 Summary: Robust, small and high performance http and reverse proxy server 17 Group: System Environment/Daemons 18
[-] [+]	Changed	_service ^
@@ -2,6 +2,6 @@ <service name="download_url"> <param name="host">nginx.org</param> <param name="protocol">http</param> - <param name="path">/download/nginx-1.13.2.tar.gz</param> + <param name="path">/download/nginx-1.13.7.tar.gz</param> </service> -<service name="download_url"><param name="host">www.openssl.org</param><param name="protocol">https</param><param name="path">/source/openssl-1.1.0f.tar.gz</param></service></services> \ No newline at end of file +<service name="download_url"><param name="host">www.openssl.org</param><param name="protocol">https</param><param name="path">/source/openssl-1.1.0g.tar.gz</param></service></services>
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/CHANGES ^
@@ -1,4 +1,106 @@ +Changes with nginx 1.13.7 21 Nov 2017 + + ) Bugfix: in the $upstream_status variable. + + ) Bugfix: a segmentation fault might occur in a worker process if a + backend returned a "101 Switching Protocols" response to a + subrequest. + + ) Bugfix: a segmentation fault occurred in a master process if a shared + memory zone size was changed during a reconfiguration and the + reconfiguration failed. + + ) Bugfix: in the ngx_http_fastcgi_module. + + ) Bugfix: nginx returned the 500 error if parameters without variables + were specified in the "xslt_stylesheet" directive. + + ) Workaround: "gzip filter failed to use preallocated memory" alerts + appeared in logs when using a zlib library variant from Intel. + + ) Bugfix: the "worker_shutdown_timeout" directive did not work when + using mail proxy and when proxying WebSocket connections. + + +Changes with nginx 1.13.6 10 Oct 2017 + + ) Bugfix: switching to the next upstream server in the stream module + did not work when using the "ssl_preread" directive. + + ) Bugfix: in the ngx_http_v2_module. + Thanks to Piotr Sikora. + + ) Bugfix: nginx did not support dates after the year 2038 on 32-bit + platforms with 64-bit time_t. + + ) Bugfix: in handling of dates prior to the year 1970 and after the + year 10000. + + ) Bugfix: in the stream module timeouts waiting for UDP datagrams from + upstream servers were not logged or logged at the "info" level + instead of "error". + + ) Bugfix: when using HTTP/2 nginx might return the 400 response without + logging the reason. + + ) Bugfix: in processing of corrupted cache files. + + ) Bugfix: cache control headers were ignored when caching errors + intercepted by error_page. + + ) Bugfix: when using HTTP/2 client request body might be corrupted. + + ) Bugfix: in handling of client addresses when using unix domain + sockets. + + ) Bugfix: nginx hogged CPU when using the "hash ... consistent" + directive in the upstream block if large weights were used and all or + most of the servers were unavailable. + + +Changes with nginx 1.13.5 05 Sep 2017 + + ) Feature: the $ssl_client_escaped_cert variable. + + ) Bugfix: the "ssl_session_ticket_key" directive and the "include" + parameter of the "geo" directive did not work on Windows. + + ) Bugfix: incorrect response length was returned on 32-bit platforms + when requesting more than 4 gigabytes with multiple ranges. + + ) Bugfix: the "expires modified" directive and processing of the + "If-Range" request header line did not use the response last + modification time if proxying without caching was used. + + +Changes with nginx 1.13.4 08 Aug 2017 + + ) Feature: the ngx_http_mirror_module. + + ) Bugfix: client connections might be dropped during configuration + testing when using the "reuseport" parameter of the "listen" + directive on Linux. + + ) Bugfix: request body might not be available in subrequests if it was + saved to a file and proxying was used. + + ) Bugfix: cleaning cache based on the "max_size" parameter did not work + on Windows. + + ) Bugfix: any shared memory allocation required 4096 bytes on Windows. + + ) Bugfix: nginx worker might be terminated abnormally when using the + "zone" directive inside the "upstream" block on Windows. + + +Changes with nginx 1.13.3 11 Jul 2017 + + ) Security: a specially crafted request might result in an integer + overflow and incorrect processing of ranges in the range filter, + potentially resulting in sensitive information leak (CVE-2017-7529). + + Changes with nginx 1.13.2 27 Jun 2017 ) Change: nginx now returns 200 instead of 416 when a range starting
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/CHANGES.ru ^
@@ -1,4 +1,107 @@ +Изменения в nginx 1.13.7 21.11.2017 + + ) Исправление: в переменной $upstream_status. + + ) Исправление: в рабочем процессе мог произойти segmentation fault, + если бэкенд возвращал ответ "101 Switching Protocols" на подзапрос. + + ) Исправление: если при переконфигурации изменялся размер зоны + разделяемой памяти и переконфигурация завершалась неудачно, то в + главном процессе происходил segmentation fault. + + ) Исправление: в модуле ngx_http_fastcgi_module. + + ) Исправление: nginx возвращал ошибку 500, если в директиве + xslt_stylesheet были заданы параметры без использования переменных. + + ) Изменение: при использовании варианта библиотеки zlib от Intel в лог + писались сообщения "gzip filter failed to use preallocated memory". + + ) Исправление: директива worker_shutdown_timeout не работала при + использовании почтового прокси-сервера и при проксировании + WebSocket-соединений. + + +Изменения в nginx 1.13.6 10.10.2017 + + ) Исправление: при использовании директивы ssl_preread в модуле stream + не работало переключение на следующий бэкенд. + + ) Исправление: в модуле ngx_http_v2_module. + Спасибо Piotr Sikora. + + ) Исправление: nginx не поддерживал даты после 2038 года на 32-битных + платформах с 64-битным time_t. + + ) Исправление: в обработке дат до 1970 года и после 10000 года. + + ) Исправление: в модуле stream таймауты ожидания UDP-пакетов от + бэкендов не логгировались или логгировались на уровне info вместо + error. + + ) Исправление: при использовании HTTP/2 nginx мог вернуть ошибку 400, + не указав в логе причину. + + ) Исправление: в обработке повреждённых файлов кэша. + + ) Исправление: при кэшировании ошибок, перехваченных error_page, не + учитывались заголовки управления кэшированием. + + ) Исправление: при использовании HTTP/2 тело запроса могло быть + повреждено. + + ) Исправление: в обработке адресов клиентов при использовании unix + domain сокетов. + + ) Исправление: при использовании директивы "hash ... consistent" в + блоке upstream nginx нагружал процессор, если использовались большие + веса и все или почти все бэкенды были недоступны. + + +Изменения в nginx 1.13.5 05.09.2017 + + ) Добавление: переменная $ssl_client_escaped_cert. + + ) Исправление: директива ssl_session_ticket_key и параметр include + директивы geo не работали на Windows. + + ) Исправление: на 32-битных платформах при запросе более 4 гигабайт с + помощью нескольких диапазонов возвращалась некорректная длина ответа. + + ) Исправление: директива "expires modified" и обработка строки If-Range + заголовка запроса не учитывали время последнего изменения ответа, + если использовалось проксирование без кэширования. + + +Изменения в nginx 1.13.4 08.08.2017 + + ) Добавление: модуль ngx_http_mirror_module. + + ) Исправление: клиентские соединения могли сбрасываться при + тестировании конфигурации, если использовался параметр reuseport + директивы listen на Linux. + + ) Исправление: тело запроса могло быть недоступно в подзапросах, если + оно было сохранено в файл и использовалось проксирование. + + ) Исправление: очистка кэша по max_size не работала на Windows. + + ) Исправление: любое выделение разделяемой памяти на Windows требовало + 4096 байт памяти. + + ) Исправление: при использовании директивы zone в блоке upstream на + Windows рабочий процесс мог завершаться аварийно. + + +Изменения в nginx 1.13.3 11.07.2017 + + ) Безопасность: специально созданный запрос мог вызвать целочисленное + переполнение в range-фильтре и последующую некорректную обработку + запрошенных диапазонов, что потенциально могло привести к утечке + конфиденциальной информации (CVE-2017-7529). + + Изменения в nginx 1.13.2 27.06.2017 ) Изменение: теперь при запросе диапазона, начинающегося с 0, из
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/auto/lib/conf ^
@@ -7,7 +7,7 @@ . auto/lib/pcre/conf else - if [ $USE_PCRE = DISABLED -a $HTTP_REWRITE = YES ]; then + if [ $USE_PCRE = DISABLED -a $HTTP = YES -a $HTTP_REWRITE = YES ]; then cat << END
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/auto/modules ^
@@ -506,6 +506,28 @@ . auto/module fi + if [ $HTTP_MIRROR = YES ]; then + ngx_module_name=ngx_http_mirror_module + ngx_module_incs= + ngx_module_deps= + ngx_module_srcs=src/http/modules/ngx_http_mirror_module.c + ngx_module_libs= + ngx_module_link=$HTTP_MIRROR + + . auto/module + fi + + if :; then + ngx_module_name=ngx_http_try_files_module + ngx_module_incs= + ngx_module_deps= + ngx_module_srcs=src/http/modules/ngx_http_try_files_module.c + ngx_module_libs= + ngx_module_link=YES + + . auto/module + fi + if [ $HTTP_AUTH_REQUEST = YES ]; then ngx_module_name=ngx_http_auth_request_module ngx_module_incs=
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/auto/options ^
@@ -70,6 +70,7 @@ HTTP_ACCESS=YES HTTP_AUTH_BASIC=YES HTTP_AUTH_REQUEST=NO +HTTP_MIRROR=YES HTTP_USERID=YES HTTP_SLICE=NO HTTP_AUTOINDEX=YES @@ -249,6 +250,7 @@ --without-http_userid_module) HTTP_USERID=NO ;; --without-http_access_module) HTTP_ACCESS=NO ;; --without-http_auth_basic_module) HTTP_AUTH_BASIC=NO ;; + --without-http_mirror_module) HTTP_MIRROR=NO ;; --without-http_autoindex_module) HTTP_AUTOINDEX=NO ;; --without-http_status_module) HTTP_STATUS=NO ;; --without-http_geo_module) HTTP_GEO=NO ;; @@ -458,6 +460,7 @@ --without-http_userid_module disable ngx_http_userid_module --without-http_access_module disable ngx_http_access_module --without-http_auth_basic_module disable ngx_http_auth_basic_module + --without-http_mirror_module disable ngx_http_mirror_module --without-http_autoindex_module disable ngx_http_autoindex_module --without-http_geo_module disable ngx_http_geo_module --without-http_map_module disable ngx_http_map_module
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/conf/mime.types ^
@@ -1,89 +1,95 @@ types { - text/html html htm shtml; - text/css css; - text/xml xml; - image/gif gif; - image/jpeg jpeg jpg; - application/javascript js; - application/atom+xml atom; - application/rss+xml rss; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - image/svg+xml svg svgz; - image/webp webp; - - application/font-woff woff; - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.apple.mpegurl m3u8; - application/vnd.ms-excel xls; - application/vnd.ms-fontobject eot; - application/vnd.ms-powerpoint ppt; - application/vnd.wap.wmlc wmlc; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/xspf+xml xspf; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - - application/vnd.openxmlformats-officedocument.wordprocessingml.document docx; - application/vnd.openxmlformats-officedocument.spreadsheetml.sheet xlsx; - application/vnd.openxmlformats-officedocument.presentationml.presentation pptx; - - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - - video/3gpp 3gpp 3gp; - video/mp2t ts; - video/mp4 mp4; - video/mpeg mpeg mpg; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-m4v m4v; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; + text/html html htm shtml; + text/css css; + text/xml xml; + image/gif gif; + image/jpeg jpeg jpg; + application/javascript js; + application/atom+xml atom; + application/rss+xml rss; + + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/x-ms-bmp bmp; + + application/font-woff woff; + application/java-archive jar war ear; + application/json json; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.apple.mpegurl m3u8; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/vnd.ms-excel xls; + application/vnd.ms-fontobject eot; + application/vnd.ms-powerpoint ppt; + application/vnd.oasis.opendocument.graphics odg; + application/vnd.oasis.opendocument.presentation odp; + application/vnd.oasis.opendocument.spreadsheet ods; + application/vnd.oasis.opendocument.text odt; + application/vnd.openxmlformats-officedocument.presentationml.presentation + pptx; + application/vnd.openxmlformats-officedocument.spreadsheetml.sheet + xlsx; + application/vnd.openxmlformats-officedocument.wordprocessingml.document + docx; + application/vnd.wap.wmlc wmlc; + application/x-7z-compressed 7z; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/x-xpinstall xpi; + application/xhtml+xml xhtml; + application/xspf+xml xspf; + application/zip zip; + + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg ogg; + audio/x-m4a m4a; + audio/x-realaudio ra; + + video/3gpp 3gpp 3gp; + video/mp2t ts; + video/mp4 mp4; + video/mpeg mpeg mpg; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-m4v m4v; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/nginx.c ^
@@ -273,6 +273,12 @@ return 1; } + /* + * ngx_slab_sizes_init() requires ngx_pagesize set in ngx_os_init() + */ + + ngx_slab_sizes_init(); + if (ngx_add_inherited_sockets(&init_cycle) != NGX_OK) { return 1; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/nginx.h ^
@@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1013002 -#define NGINX_VERSION "1.13.2" +#define nginx_version 1013007 +#define NGINX_VERSION "1.13.7" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_conf_file.c ^
@@ -178,6 +178,7 @@ /* open configuration file */ fd = ngx_open_file(filename->data, NGX_FILE_RDONLY, NGX_FILE_OPEN, 0); + if (fd == NGX_INVALID_FILE) { ngx_conf_log_error(NGX_LOG_EMERG, cf, ngx_errno, ngx_open_file_n " \"%s\" failed",
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_conf_file.h ^
@@ -128,7 +128,7 @@ ngx_uint_t cmd_type; ngx_conf_handler_pt handler; - char handler_conf; + void handler_conf; };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_connection.c ^
@@ -165,6 +165,10 @@ continue; } + if (ls[i].socklen > (socklen_t) sizeof(ngx_sockaddr_t)) { + ls[i].socklen = sizeof(ngx_sockaddr_t); + } + switch (ls[i].sockaddr->sa_family) { #if (NGX_HAVE_INET6) @@ -473,7 +477,7 @@ #if (NGX_HAVE_REUSEPORT) - if (ls[i].reuseport) { + if (ls[i].reuseport && !ngx_test_config) { int reuseport; reuseport = 1; @@ -483,7 +487,7 @@ == -1) { ngx_log_error(NGX_LOG_EMERG, log, ngx_socket_errno, - "setsockopt(SO_REUSEPORT) %V failed, ignored", + "setsockopt(SO_REUSEPORT) %V failed", &ls[i].addr_text); if (ngx_close_socket(s) == -1) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_cycle.c ^
@@ -470,8 +470,6 @@ goto shm_zone_found; } - ngx_shm_free(&oshm_zone[n].shm); - break; } @@ -662,14 +660,26 @@ n = 0; } - if (oshm_zone[i].shm.name.len == shm_zone[n].shm.name.len - && ngx_strncmp(oshm_zone[i].shm.name.data, - shm_zone[n].shm.name.data, - oshm_zone[i].shm.name.len) - == 0) + if (oshm_zone[i].shm.name.len != shm_zone[n].shm.name.len) { + continue; + } + + if (ngx_strncmp(oshm_zone[i].shm.name.data, + shm_zone[n].shm.name.data, + oshm_zone[i].shm.name.len) + != 0) + { + continue; + } + + if (oshm_zone[i].tag == shm_zone[n].tag + && oshm_zone[i].shm.size == shm_zone[n].shm.size + && !oshm_zone[i].noreuse) { goto live_shm_zone; } + + break; } ngx_shm_free(&oshm_zone[i].shm);
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_inet.c ^
@@ -182,9 +182,11 @@ ngx_uint_t port) { u_char p; +#if (NGX_HAVE_INET6 \|\| NGX_HAVE_UNIX_DOMAIN) + size_t n; +#endif struct sockaddr_in sin; #if (NGX_HAVE_INET6) - size_t n; struct sockaddr_in6 sin6; #endif #if (NGX_HAVE_UNIX_DOMAIN) @@ -241,7 +243,9 @@ p = ngx_snprintf(text, len, "unix:%Z"); } else { - p = ngx_snprintf(text, len, "unix:%s%Z", saun->sun_path); + n = ngx_strnlen((u_char ) saun->sun_path, + socklen - offsetof(struct sockaddr_un, sun_path)); + p = ngx_snprintf(text, len, "unix:%s%Z", n, saun->sun_path); } / we do not include trailing zero in address length */
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_inet.h ^
@@ -17,10 +17,11 @@ #define NGX_INET6_ADDRSTRLEN \ (sizeof("ffff:ffff:ffff:ffff:ffff:ffff:255.255.255.255") - 1) #define NGX_UNIX_ADDRSTRLEN \ - (sizeof(struct sockaddr_un) - offsetof(struct sockaddr_un, sun_path)) + (sizeof("unix:") - 1 + \ + sizeof(struct sockaddr_un) - offsetof(struct sockaddr_un, sun_path)) #if (NGX_HAVE_UNIX_DOMAIN) -#define NGX_SOCKADDR_STRLEN (sizeof("unix:") - 1 + NGX_UNIX_ADDRSTRLEN) +#define NGX_SOCKADDR_STRLEN NGX_UNIX_ADDRSTRLEN #elif (NGX_HAVE_INET6) #define NGX_SOCKADDR_STRLEN (NGX_INET6_ADDRSTRLEN + sizeof("[]:65535") - 1) #else
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_parse_time.c ^
@@ -44,21 +44,22 @@ } } - for (p++; p < end; p++) + for (p++; p < end; p++) { if (p != ' ') { break; } + } if (end - p < 18) { return NGX_ERROR; - } + } if (fmt != isoc) { if (p < '0' \|\| p > '9' \|\| (p + 1) < '0' \|\| (p + 1) > '9') { return NGX_ERROR; } - day = (p - '0') * 10 + (p + 1) - '0'; + day = (p - '0') * 10 + ((p + 1) - '0'); p += 2; if (p == ' ') { @@ -132,7 +133,7 @@ } year = (p - '0') 1000 + ((p + 1) - '0') 100 - + ((p + 2) - '0') 10 + (p + 3) - '0'; + + ((p + 2) - '0') * 10 + ((p + 3) - '0'); p += 4; } else if (fmt == rfc850) { @@ -140,7 +141,7 @@ return NGX_ERROR; } - year = (p - '0') * 10 + (p + 1) - '0'; + year = (p - '0') * 10 + ((p + 1) - '0'); year += (year < 70) ? 2000 : 1900; p += 2; } @@ -161,7 +162,7 @@ return NGX_ERROR; } - day = day 10 + p++ - '0'; + day = day 10 + (p++ - '0'); } if (end - p < 14) { @@ -177,7 +178,7 @@ return NGX_ERROR; } - hour = (p - '0') * 10 + (p + 1) - '0'; + hour = (p - '0') * 10 + ((p + 1) - '0'); p += 2; if (p++ != ':') { @@ -188,7 +189,7 @@ return NGX_ERROR; } - min = (p - '0') 10 + (p + 1) - '0'; + min = (p - '0') * 10 + ((p + 1) - '0'); p += 2; if (p++ != ':') { @@ -199,7 +200,7 @@ return NGX_ERROR; } - sec = (p - '0') 10 + (p + 1) - '0'; + sec = (p - '0') * 10 + ((p + 1) - '0'); if (fmt == isoc) { p += 2; @@ -216,7 +217,7 @@ } year = (p - '0') * 1000 + ((p + 1) - '0') 100 - + ((p + 2) - '0') 10 + (p + 3) - '0'; + + ((p + 2) - '0') * 10 + (*(p + 3) - '0'); } if (hour > 23 \|\| min > 59 \|\| sec > 59) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_regex.c ^
@@ -262,7 +262,7 @@ part = &studies->part; elts = part->elts; - for (i = 0 ; /* void / ; i++) { + for (i = 0; / void / ; i++) { if (i >= part->nelts) { if (part->next == NULL) { @@ -326,7 +326,7 @@ part = &ngx_pcre_studies->part; elts = part->elts; - for (i = 0 ; / void / ; i++) { + for (i = 0; / void */ ; i++) { if (i >= part->nelts) { if (part->next == NULL) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_resolver.c ^
@@ -105,6 +105,8 @@ ngx_rbtree_node_t node, ngx_rbtree_node_t sentinel); static ngx_int_t ngx_resolver_copy(ngx_resolver_t r, ngx_str_t name, u_char buf, u_char src, u_char last); +static ngx_int_t ngx_resolver_set_timeout(ngx_resolver_t r, + ngx_resolver_ctx_t ctx); static void ngx_resolver_timeout_handler(ngx_event_t ev); static void ngx_resolver_free_node(ngx_resolver_t r, ngx_resolver_node_t rn); static void ngx_resolver_alloc(ngx_resolver_t r, size_t size); @@ -189,6 +191,7 @@ r->event->handler = ngx_resolver_resend_handler; r->event->data = r; r->event->log = &cf->cycle->new_log; + r->event->cancelable = 1; r->ident = -1; r->resend_timeout = 5; @@ -728,19 +731,8 @@ } if (rn->waiting) { - - if (ctx->event == NULL && ctx->timeout) { - ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t)); - if (ctx->event == NULL) { - return NGX_ERROR; - } - - ctx->event->handler = ngx_resolver_timeout_handler; - ctx->event->data = ctx; - ctx->event->log = r->log; - ctx->ident = -1; - - ngx_add_timer(ctx->event, ctx->timeout); + if (ngx_resolver_set_timeout(r, ctx) != NGX_OK) { + return NGX_ERROR; } last->next = rn->waiting; @@ -864,18 +856,8 @@ goto failed; } - if (ctx->event == NULL && ctx->timeout) { - ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t)); - if (ctx->event == NULL) { - goto failed; - } - - ctx->event->handler = ngx_resolver_timeout_handler; - ctx->event->data = ctx; - ctx->event->log = r->log; - ctx->ident = -1; - - ngx_add_timer(ctx->event, ctx->timeout); + if (ngx_resolver_set_timeout(r, ctx) != NGX_OK) { + goto failed; } if (ngx_resolver_resend_empty(r)) { @@ -1007,19 +989,8 @@ } if (rn->waiting) { - - if (ctx->event == NULL && ctx->timeout) { - ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t)); - if (ctx->event == NULL) { - return NGX_ERROR; - } - - ctx->event->handler = ngx_resolver_timeout_handler; - ctx->event->data = ctx; - ctx->event->log = r->log; - ctx->ident = -1; - - ngx_add_timer(ctx->event, ctx->timeout); + if (ngx_resolver_set_timeout(r, ctx) != NGX_OK) { + return NGX_ERROR; } ctx->next = rn->waiting; @@ -1089,18 +1060,8 @@ goto failed; } - if (ctx->event == NULL && ctx->timeout) { - ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t)); - if (ctx->event == NULL) { - goto failed; - } - - ctx->event->handler = ngx_resolver_timeout_handler; - ctx->event->data = ctx; - ctx->event->log = r->log; - ctx->ident = -1; - - ngx_add_timer(ctx->event, ctx->timeout); + if (ngx_resolver_set_timeout(r, ctx) != NGX_OK) { + goto failed; } if (ngx_resolver_resend_empty(r)) { @@ -3034,25 +2995,15 @@ addrs = ngx_resolver_calloc(r, cctx->naddrs * sizeof(ngx_addr_t)); if (addrs == NULL) { - ngx_resolve_name_done(cctx); - - ctx->state = NGX_ERROR; - ctx->valid = ngx_time() + (r->valid ? r->valid : 10); - - ctx->handler(ctx); - return; + srv->state = NGX_ERROR; + goto done; } sockaddr = ngx_resolver_alloc(r, cctx->naddrs * sizeof(ngx_sockaddr_t)); if (sockaddr == NULL) { ngx_resolver_free(r, addrs); - ngx_resolve_name_done(cctx); - - ctx->state = NGX_ERROR; - ctx->valid = ngx_time() + (r->valid ? r->valid : 10); - - ctx->handler(ctx); - return; + srv->state = NGX_ERROR; + goto done; } for (i = 0; i < cctx->naddrs; i++) { @@ -3069,6 +3020,8 @@ srv->naddrs = cctx->naddrs; } +done: + ngx_resolve_name_done(cctx); if (ctx->count == 0) { @@ -4041,6 +3994,30 @@ } +static ngx_int_t +ngx_resolver_set_timeout(ngx_resolver_t r, ngx_resolver_ctx_t ctx) +{ + if (ctx->event \|\| ctx->timeout == 0) { + return NGX_OK; + } + + ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t)); + if (ctx->event == NULL) { + return NGX_ERROR; + } + + ctx->event->handler = ngx_resolver_timeout_handler; + ctx->event->data = ctx; + ctx->event->log = r->log; + ctx->event->cancelable = ctx->cancelable; + ctx->ident = -1; + + ngx_add_timer(ctx->event, ctx->timeout); + + return NGX_OK; +} + + static void ngx_resolver_timeout_handler(ngx_event_t ev) { @@ -4254,10 +4231,21 @@ ngx_resolver_addr_t addrs; ngx_resolver_srv_name_t *srvs; + srvs = ctx->srvs; + nsrvs = ctx->nsrvs; + naddrs = 0; - for (i = 0; i < ctx->nsrvs; i++) { - naddrs += ctx->srvs[i].naddrs; + for (i = 0; i < nsrvs; i++) { + if (srvs[i].state == NGX_ERROR) { + ctx->state = NGX_ERROR; + ctx->valid = ngx_time() + (r->valid ? r->valid : 10); + + ctx->handler(ctx); + return; + } + + naddrs += srvs[i].naddrs; } if (naddrs == 0) { @@ -4277,9 +4265,6 @@ return; } - srvs = ctx->srvs; - nsrvs = ctx->nsrvs; - i = 0; n = 0;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_resolver.h ^
@@ -220,6 +220,7 @@ unsigned quick:1; unsigned async:1; + unsigned cancelable:1; ngx_uint_t recursion; ngx_event_t *event; };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_slab.c ^
@@ -83,6 +83,19 @@ void +ngx_slab_sizes_init(void) +{ + ngx_uint_t n; + + ngx_slab_max_size = ngx_pagesize / 2; + ngx_slab_exact_size = ngx_pagesize / (8 * sizeof(uintptr_t)); + for (n = ngx_slab_exact_size; n >>= 1; ngx_slab_exact_shift++) { + /* void / + } +} + + +void ngx_slab_init(ngx_slab_pool_t pool) { u_char p; @@ -91,16 +104,6 @@ ngx_uint_t i, n, pages; ngx_slab_page_t slots, page; - / STUB / - if (ngx_slab_max_size == 0) { - ngx_slab_max_size = ngx_pagesize / 2; - ngx_slab_exact_size = ngx_pagesize / (8 sizeof(uintptr_t)); - for (n = ngx_slab_exact_size; n >>= 1; ngx_slab_exact_shift++) { - /* void / - } - } - // - pool->min_size = (size_t) 1 << pool->min_shift; slots = ngx_slab_slots(pool); @@ -181,8 +184,8 @@ ngx_slab_alloc_locked(ngx_slab_pool_t pool, size_t size) { size_t s; - uintptr_t p, n, m, mask, bitmap; - ngx_uint_t i, slot, shift, map; + uintptr_t p, m, mask, bitmap; + ngx_uint_t i, n, slot, shift, map; ngx_slab_page_t page, prev, slots; if (size > ngx_slab_max_size) { @@ -226,7 +229,7 @@ bitmap = (uintptr_t ) ngx_slab_page_addr(pool, page); - map = (ngx_pagesize >> shift) / (sizeof(uintptr_t) * 8); + map = (ngx_pagesize >> shift) / (8 * sizeof(uintptr_t)); for (n = 0; n < map; n++) { @@ -239,7 +242,7 @@ bitmap[n] \|= m; - i = (n * sizeof(uintptr_t) * 8 + i) << shift; + i = (n * 8 * sizeof(uintptr_t) + i) << shift; p = (uintptr_t) bitmap + i; @@ -339,11 +342,17 @@ } /* "n" elements for bitmap, plus one requested / - bitmap[0] = ((uintptr_t) 2 << n) - 1; - map = (ngx_pagesize >> shift) / (sizeof(uintptr_t) 8); + for (i = 0; i < (n + 1) / (8 * sizeof(uintptr_t)); i++) { + bitmap[i] = NGX_SLAB_BUSY; + } - for (i = 1; i < map; i++) { + m = ((uintptr_t) 1 << ((n + 1) % (8 * sizeof(uintptr_t)))) - 1; + bitmap[i] = m; + + map = (ngx_pagesize >> shift) / (8 * sizeof(uintptr_t)); + + for (i = i + 1; i < map; i++) { bitmap[i] = 0; } @@ -369,7 +378,7 @@ slots[slot].next = page; - pool->stats[slot].total += sizeof(uintptr_t) * 8; + pool->stats[slot].total += 8 * sizeof(uintptr_t); p = ngx_slab_page_addr(pool, page); @@ -480,8 +489,8 @@ } n = ((uintptr_t) p & (ngx_pagesize - 1)) >> shift; - m = (uintptr_t) 1 << (n % (sizeof(uintptr_t) * 8)); - n /= sizeof(uintptr_t) * 8; + m = (uintptr_t) 1 << (n % (8 * sizeof(uintptr_t))); + n /= 8 * sizeof(uintptr_t); bitmap = (uintptr_t ) ((uintptr_t) p & ~((uintptr_t) ngx_pagesize - 1)); @@ -506,13 +515,16 @@ n = 1; } - if (bitmap[0] & ~(((uintptr_t) 1 << n) - 1)) { + i = n / (8 sizeof(uintptr_t)); + m = ((uintptr_t) 1 << (n % (8 * sizeof(uintptr_t)))) - 1; + + if (bitmap[i] & ~m) { goto done; } - map = (ngx_pagesize >> shift) / (sizeof(uintptr_t) * 8); + map = (ngx_pagesize >> shift) / (8 * sizeof(uintptr_t)); - for (i = 1; i < map; i++) { + for (i = i + 1; i < map; i++) { if (bitmap[i]) { goto done; } @@ -558,7 +570,7 @@ ngx_slab_free_pages(pool, page, 1); - pool->stats[slot].total -= sizeof(uintptr_t) * 8; + pool->stats[slot].total -= 8 * sizeof(uintptr_t); goto done; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_slab.h ^
@@ -59,6 +59,7 @@ } ngx_slab_pool_t; +void ngx_slab_sizes_init(void); void ngx_slab_init(ngx_slab_pool_t pool); void ngx_slab_alloc(ngx_slab_pool_t pool, size_t size); void ngx_slab_alloc_locked(ngx_slab_pool_t *pool, size_t size);
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_string.c ^
@@ -29,6 +29,22 @@ } +size_t +ngx_strnlen(u_char p, size_t n) +{ + size_t i; + + for (i = 0; i < n; i++) { + + if (p[i] == '\0') { + return i; + } + } + + return n; +} + + u_char ngx_cpystrn(u_char dst, u_char src, size_t n) { @@ -178,7 +194,7 @@ slen = (size_t) -1; while (fmt >= '0' && fmt <= '9') { - width = width * 10 + fmt++ - '0'; + width = width 10 + (fmt++ - '0'); } @@ -211,7 +227,7 @@ fmt++; while (fmt >= '0' && fmt <= '9') { - frac_width = frac_width 10 + fmt++ - '0'; + frac_width = frac_width 10 + (*fmt++ - '0'); } break; @@ -1655,7 +1671,7 @@ state = sw_usual; if (ch >= '0' && ch <= '9') { - ch = (u_char) ((decoded << 4) + ch - '0'); + ch = (u_char) ((decoded << 4) + (ch - '0')); if (type & NGX_UNESCAPE_REDIRECT) { if (ch > '%' && ch < 0x7f) { @@ -1675,7 +1691,7 @@ c = (u_char) (ch \| 0x20); if (c >= 'a' && c <= 'f') { - ch = (u_char) ((decoded << 4) + c - 'a' + 10); + ch = (u_char) ((decoded << 4) + (c - 'a') + 10); if (type & NGX_UNESCAPE_URI) { if (ch == '?') {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_string.h ^
@@ -60,6 +60,8 @@ #define ngx_strstr(s1, s2) strstr((const char ) s1, (const char ) s2) #define ngx_strlen(s) strlen((const char ) s) +size_t ngx_strnlen(u_char p, size_t n); + #define ngx_strchr(s1, c) strchr((const char ) s1, (int) c) static ngx_inline u_char
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/core/ngx_times.c ^
@@ -300,27 +300,39 @@ ngx_gmtime(time_t t, ngx_tm_t tp) { ngx_int_t yday; - ngx_uint_t n, sec, min, hour, mday, mon, year, wday, days, leap; + ngx_uint_t sec, min, hour, mday, mon, year, wday, days, leap; / the calculation is valid for positive time_t only / - n = (ngx_uint_t) t; + if (t < 0) { + t = 0; + } - days = n / 86400; + days = t / 86400; + sec = t % 86400; + + / + * no more than 4 year digits supported, + * truncate to December 31, 9999, 23:59:59 + / + + if (days > 2932896) { + days = 2932896; + sec = 86399; + } / January 1, 1970 was Thursday / wday = (4 + days) % 7; - n %= 86400; - hour = n / 3600; - n %= 3600; - min = n / 60; - sec = n % 60; + hour = sec / 3600; + sec %= 3600; + min = sec / 60; + sec %= 60; / * the algorithm based on Gauss' formula, - * see src/http/ngx_http_parse_time.c + * see src/core/ngx_parse_time.c / / days since March 1, 1 BC */
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/event/ngx_event.h ^
@@ -152,12 +152,12 @@ ngx_event_handler_pt handler; ngx_file_t file; + ngx_fd_t fd; + #if (NGX_HAVE_AIO_SENDFILE \|\| NGX_COMPAT) ssize_t (preload_handler)(ngx_buf_t *file); #endif - ngx_fd_t fd; - #if (NGX_HAVE_EVENTFD) int64_t res; #endif
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/event/ngx_event_accept.c ^
@@ -164,6 +164,10 @@ return; } + if (socklen > (socklen_t) sizeof(ngx_sockaddr_t)) { + socklen = sizeof(ngx_sockaddr_t); + } + c->sockaddr = ngx_palloc(c->pool, socklen); if (c->sockaddr == NULL) { ngx_close_accepted_connection(c); @@ -440,6 +444,10 @@ c->type = SOCK_DGRAM; c->socklen = msg.msg_namelen; + if (c->socklen > (socklen_t) sizeof(ngx_sockaddr_t)) { + c->socklen = sizeof(ngx_sockaddr_t); + } + #if (NGX_STAT_STUB) (void) ngx_atomic_fetch_add(ngx_stat_active, 1); #endif
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/event/ngx_event_openssl.c ^
@@ -924,6 +924,7 @@ cln->data = passwords; fd = ngx_open_file(file->data, NGX_FILE_RDONLY, NGX_FILE_OPEN, 0); + if (fd == NGX_INVALID_FILE) { ngx_conf_log_error(NGX_LOG_EMERG, cf, ngx_errno, ngx_open_file_n " \"%s\" failed", file->data); @@ -2905,7 +2906,9 @@ file.name = path[i]; file.log = cf->log; - file.fd = ngx_open_file(file.name.data, NGX_FILE_RDONLY, 0, 0); + file.fd = ngx_open_file(file.name.data, NGX_FILE_RDONLY, + NGX_FILE_OPEN, 0); + if (file.fd == NGX_INVALID_FILE) { ngx_conf_log_error(NGX_LOG_EMERG, cf, ngx_errno, ngx_open_file_n " \"%V\" failed", &file.name); @@ -3128,7 +3131,7 @@ { if (paths) { ngx_log_error(NGX_LOG_WARN, ssl->log, 0, - "\"ssl_session_ticket_keys\" ignored, not supported"); + "\"ssl_session_ticket_key\" ignored, not supported"); } return NGX_OK; @@ -3548,13 +3551,22 @@ { #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME - const char servername; + size_t len; + const char name; + + name = SSL_get_servername(c->ssl->connection, TLSEXT_NAMETYPE_host_name); + + if (name) { + len = ngx_strlen(name); + + s->len = len; + s->data = ngx_pnalloc(pool, len); + if (s->data == NULL) { + return NGX_ERROR; + } + + ngx_memcpy(s->data, name, len); - servername = SSL_get_servername(c->ssl->connection, - TLSEXT_NAMETYPE_host_name); - if (servername) { - s->data = (u_char ) servername; - s->len = ngx_strlen(servername); return NGX_OK; } @@ -3657,6 +3669,36 @@ return NGX_OK; } + + +ngx_int_t +ngx_ssl_get_escaped_certificate(ngx_connection_t c, ngx_pool_t pool, + ngx_str_t s) +{ + ngx_str_t cert; + uintptr_t n; + + if (ngx_ssl_get_raw_certificate(c, pool, &cert) != NGX_OK) { + return NGX_ERROR; + } + + if (cert.len == 0) { + s->len = 0; + return NGX_OK; + } + + n = ngx_escape_uri(NULL, cert.data, cert.len, NGX_ESCAPE_URI_COMPONENT); + + s->len = cert.len + n * 2; + s->data = ngx_pnalloc(pool, s->len); + if (s->data == NULL) { + return NGX_ERROR; + } + + ngx_escape_uri(s->data, cert.data, cert.len, NGX_ESCAPE_URI_COMPONENT); + + return NGX_OK; +} ngx_int_t
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/event/ngx_event_openssl.h ^
@@ -22,6 +22,7 @@ #include <openssl/engine.h> #endif #include <openssl/evp.h> +#include <openssl/hmac.h> #ifndef OPENSSL_NO_OCSP #include <openssl/ocsp.h> #endif @@ -212,6 +213,8 @@ ngx_str_t s); ngx_int_t ngx_ssl_get_certificate(ngx_connection_t c, ngx_pool_t pool, ngx_str_t s); +ngx_int_t ngx_ssl_get_escaped_certificate(ngx_connection_t c, ngx_pool_t pool, + ngx_str_t s); ngx_int_t ngx_ssl_get_subject_dn(ngx_connection_t c, ngx_pool_t pool, ngx_str_t s); ngx_int_t ngx_ssl_get_issuer_dn(ngx_connection_t c, ngx_pool_t pool,
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/event/ngx_event_openssl_stapling.c ^
@@ -1486,7 +1486,7 @@ return NGX_ERROR; } - ctx->code = ctx->code * 10 + ch - '0'; + ctx->code = ctx->code * 10 + (ch - '0'); if (++ctx->count == 3) { state = sw_space_after_status;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_addition_filter_module.c ^
@@ -123,6 +123,8 @@ ngx_http_clear_accept_ranges(r); ngx_http_weak_etag(r); + r->preserve_body = 1; + return ngx_http_next_header_filter(r); }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_auth_basic_module.c ^
@@ -15,11 +15,6 @@ typedef struct { - ngx_str_t passwd; -} ngx_http_auth_basic_ctx_t; - - -typedef struct { ngx_http_complex_value_t realm; ngx_http_complex_value_t user_file; } ngx_http_auth_basic_loc_conf_t; @@ -27,7 +22,7 @@ static ngx_int_t ngx_http_auth_basic_handler(ngx_http_request_t r); static ngx_int_t ngx_http_auth_basic_crypt_handler(ngx_http_request_t r, - ngx_http_auth_basic_ctx_t ctx, ngx_str_t passwd, ngx_str_t realm); + ngx_str_t passwd, ngx_str_t realm); static ngx_int_t ngx_http_auth_basic_set_realm(ngx_http_request_t r, ngx_str_t realm); static void ngx_http_auth_basic_close(ngx_file_t file); @@ -103,7 +98,6 @@ ngx_str_t pwd, realm, user_file; ngx_uint_t i, level, login, left, passwd; ngx_file_t file; - ngx_http_auth_basic_ctx_t ctx; ngx_http_auth_basic_loc_conf_t alcf; u_char buf[NGX_HTTP_AUTH_BUF_SIZE]; enum { @@ -126,13 +120,6 @@ return NGX_DECLINED; } - ctx = ngx_http_get_module_ctx(r, ngx_http_auth_basic_module); - - if (ctx) { - return ngx_http_auth_basic_crypt_handler(r, ctx, &ctx->passwd, - &realm); - } - rc = ngx_http_auth_basic_user(r); if (rc == NGX_DECLINED) { @@ -237,8 +224,7 @@ pwd.len = i - passwd; pwd.data = &buf[passwd]; - return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, - &realm); + return ngx_http_auth_basic_crypt_handler(r, &pwd, &realm); } break; @@ -276,7 +262,7 @@ ngx_cpystrn(pwd.data, &buf[passwd], pwd.len + 1); - return ngx_http_auth_basic_crypt_handler(r, NULL, &pwd, &realm); + return ngx_http_auth_basic_crypt_handler(r, &pwd, &realm); } ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, @@ -288,8 +274,8 @@ static ngx_int_t -ngx_http_auth_basic_crypt_handler(ngx_http_request_t r, - ngx_http_auth_basic_ctx_t ctx, ngx_str_t passwd, ngx_str_t realm) +ngx_http_auth_basic_crypt_handler(ngx_http_request_t r, ngx_str_t passwd, + ngx_str_t realm) { ngx_int_t rc; u_char encrypted; @@ -301,48 +287,22 @@ "rc: %i user: \"%V\" salt: \"%s\"", rc, &r->headers_in.user, passwd->data); - if (rc == NGX_OK) { - if (ngx_strcmp(encrypted, passwd->data) == 0) { - return NGX_OK; - } - - ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "encrypted: \"%s\"", encrypted); - - ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, - "user \"%V\": password mismatch", - &r->headers_in.user); - - return ngx_http_auth_basic_set_realm(r, realm); - } - - if (rc == NGX_ERROR) { + if (rc != NGX_OK) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } - / rc == NGX_AGAIN / - - if (ctx == NULL) { - ctx = ngx_palloc(r->pool, sizeof(ngx_http_auth_basic_ctx_t)); - if (ctx == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } - - ngx_http_set_ctx(r, ctx, ngx_http_auth_basic_module); - - ctx->passwd.len = passwd->len; - passwd->len++; - - ctx->passwd.data = ngx_pstrdup(r->pool, passwd); - if (ctx->passwd.data == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } - + if (ngx_strcmp(encrypted, passwd->data) == 0) { + return NGX_OK; } - / TODO: add mutex event */ + ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "encrypted: \"%s\"", encrypted); + + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "user \"%V\": password mismatch", + &r->headers_in.user); - return rc; + return ngx_http_auth_basic_set_realm(r, realm); }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_browser_module.c ^
@@ -38,13 +38,6 @@ typedef struct { - ngx_str_t name; - ngx_http_get_variable_pt handler; - uintptr_t data; -} ngx_http_browser_variable_t; - - -typedef struct { ngx_array_t modern_browsers; ngx_array_t ancient_browsers; ngx_http_variable_value_t modern_browser_value; @@ -63,7 +56,7 @@ static ngx_uint_t ngx_http_browser(ngx_http_request_t r, ngx_http_browser_conf_t cf); -static ngx_int_t ngx_http_browser_add_variable(ngx_conf_t cf); +static ngx_int_t ngx_http_browser_add_variables(ngx_conf_t cf); static void ngx_http_browser_create_conf(ngx_conf_t cf); static char ngx_http_browser_merge_conf(ngx_conf_t cf, void parent, void child); @@ -114,7 +107,7 @@ static ngx_http_module_t ngx_http_browser_module_ctx = { - ngx_http_browser_add_variable, / preconfiguration / + ngx_http_browser_add_variables, / preconfiguration / NULL, / postconfiguration / NULL, / create main configuration / @@ -218,13 +211,18 @@ }; -static ngx_http_browser_variable_t ngx_http_browsers[] = { - { ngx_string("msie"), ngx_http_msie_variable, 0 }, - { ngx_string("modern_browser"), ngx_http_browser_variable, - NGX_HTTP_MODERN_BROWSER }, - { ngx_string("ancient_browser"), ngx_http_browser_variable, - NGX_HTTP_ANCIENT_BROWSER }, - { ngx_null_string, NULL, 0 } +static ngx_http_variable_t ngx_http_browser_vars[] = { + + { ngx_string("msie"), NULL, ngx_http_msie_variable, + 0, NGX_HTTP_VAR_CHANGEABLE, 0 }, + + { ngx_string("modern_browser"), NULL, ngx_http_browser_variable, + NGX_HTTP_MODERN_BROWSER, NGX_HTTP_VAR_CHANGEABLE, 0 }, + + { ngx_string("ancient_browser"), NULL, ngx_http_browser_variable, + NGX_HTTP_ANCIENT_BROWSER, NGX_HTTP_VAR_CHANGEABLE, 0 }, + + ngx_http_null_variable }; @@ -397,20 +395,19 @@ static ngx_int_t -ngx_http_browser_add_variable(ngx_conf_t cf) +ngx_http_browser_add_variables(ngx_conf_t cf) { - ngx_http_browser_variable_t var; - ngx_http_variable_t v; + ngx_http_variable_t var, *v; - for (var = ngx_http_browsers; var->name.len; var++) { + for (v = ngx_http_browser_vars; v->name.len; v++) { - v = ngx_http_add_variable(cf, &var->name, NGX_HTTP_VAR_CHANGEABLE); - if (v == NULL) { + var = ngx_http_add_variable(cf, &v->name, v->flags); + if (var == NULL) { return NGX_ERROR; } - v->get_handler = var->handler; - v->data = var->data; + var->get_handler = v->get_handler; + var->data = v->data; } return NGX_OK;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_fastcgi_module.c ^
@@ -631,7 +631,7 @@ ngx_http_fastcgi_path_info_variable, 0, NGX_HTTP_VAR_NOCACHEABLE\|NGX_HTTP_VAR_NOHASH, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable }; @@ -2646,6 +2646,7 @@ } } + f->pos = p; f->state = state; return NGX_AGAIN;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_geo_module.c ^
@@ -1400,7 +1400,8 @@ file.name = *name; file.log = cf->log; - file.fd = ngx_open_file(name->data, NGX_FILE_RDONLY, 0, 0); + file.fd = ngx_open_file(name->data, NGX_FILE_RDONLY, NGX_FILE_OPEN, 0); + if (file.fd == NGX_INVALID_FILE) { err = ngx_errno; if (err != NGX_ENOENT) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_geoip_module.c ^
@@ -232,7 +232,7 @@ ngx_http_geoip_city_int_variable, offsetof(GeoIPRecord, area_code), 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_gzip_filter_module.c ^
@@ -57,6 +57,7 @@ unsigned nomem:1; unsigned gzheader:1; unsigned buffering:1; + unsigned intel:1; size_t zin; size_t zout; @@ -233,6 +234,8 @@ static ngx_http_output_header_filter_pt ngx_http_next_header_filter; static ngx_http_output_body_filter_pt ngx_http_next_body_filter; +static ngx_uint_t ngx_http_gzip_assume_intel; + static ngx_int_t ngx_http_gzip_header_filter(ngx_http_request_t r) @@ -527,7 +530,27 @@ ) 5920 bytes on amd64 and sparc64 / - ctx->allocated = 8192 + (1 << (wbits + 2)) + (1 << (memlevel + 9)); + if (!ngx_http_gzip_assume_intel) { + ctx->allocated = 8192 + (1 << (wbits + 2)) + (1 << (memlevel + 9)); + + } else { + /* + * A zlib variant from Intel, https://github.com/jtkukunas/zlib. + * It can force window bits to 13 for fast compression level, + * on processors with SSE 4.2 it uses 64K hash instead of scaling + * it from the specified memory level, and also introduces + * 16-byte padding in one out of the two window-sized buffers. + / + + if (conf->level == 1) { + wbits = ngx_max(wbits, 13); + } + + ctx->allocated = 8192 + 16 + (1 << (wbits + 2)) + + (1 << (ngx_max(memlevel, 8) + 8)) + + (1 << (memlevel + 8)); + ctx->intel = 1; + } } @@ -1003,7 +1026,7 @@ alloc = items size; - if (alloc % 512 != 0 && alloc < 8192) { + if (items == 1 && alloc % 512 != 0 && alloc < 8192) { /* * The zlib deflate_state allocation, it takes about 6K, @@ -1025,9 +1048,14 @@ return p; } - ngx_log_error(NGX_LOG_ALERT, ctx->request->connection->log, 0, - "gzip filter failed to use preallocated memory: %ud of %ui", - items * size, ctx->allocated); + if (ctx->intel) { + ngx_log_error(NGX_LOG_ALERT, ctx->request->connection->log, 0, + "gzip filter failed to use preallocated memory: " + "%ud of %ui", items * size, ctx->allocated); + + } else { + ngx_http_gzip_assume_intel = 1; + } p = ngx_palloc(ctx->request->pool, items * size);
[-] [+]	Added	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_mirror_module.c ^
@@ -0,0 +1,264 @@ + +/* + * Copyright (C) Roman Arutyunyan + * Copyright (C) Nginx, Inc. + / + + +#include <ngx_config.h> +#include <ngx_core.h> +#include <ngx_http.h> + + +typedef struct { + ngx_array_t mirror; + ngx_flag_t request_body; +} ngx_http_mirror_loc_conf_t; + + +typedef struct { + ngx_int_t status; +} ngx_http_mirror_ctx_t; + + +static ngx_int_t ngx_http_mirror_handler(ngx_http_request_t r); +static void ngx_http_mirror_body_handler(ngx_http_request_t r); +static ngx_int_t ngx_http_mirror_handler_internal(ngx_http_request_t r); +static void ngx_http_mirror_create_loc_conf(ngx_conf_t cf); +static char ngx_http_mirror_merge_loc_conf(ngx_conf_t cf, void parent, + void child); +static char ngx_http_mirror(ngx_conf_t cf, ngx_command_t cmd, void conf); +static ngx_int_t ngx_http_mirror_init(ngx_conf_t cf); + + +static ngx_command_t ngx_http_mirror_commands[] = { + + { ngx_string("mirror"), + NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_CONF_TAKE1, + ngx_http_mirror, + NGX_HTTP_LOC_CONF_OFFSET, + 0, + NULL }, + + { ngx_string("mirror_request_body"), + NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_CONF_FLAG, + ngx_conf_set_flag_slot, + NGX_HTTP_LOC_CONF_OFFSET, + offsetof(ngx_http_mirror_loc_conf_t, request_body), + NULL }, + + ngx_null_command +}; + + +static ngx_http_module_t ngx_http_mirror_module_ctx = { + NULL, /* preconfiguration / + ngx_http_mirror_init, / postconfiguration / + + NULL, / create main configuration / + NULL, / init main configuration / + + NULL, / create server configuration / + NULL, / merge server configuration / + + ngx_http_mirror_create_loc_conf, / create location configuration / + ngx_http_mirror_merge_loc_conf / merge location configuration / +}; + + +ngx_module_t ngx_http_mirror_module = { + NGX_MODULE_V1, + &ngx_http_mirror_module_ctx, / module context / + ngx_http_mirror_commands, / module directives / + NGX_HTTP_MODULE, / module type / + NULL, / init master / + NULL, / init module / + NULL, / init process / + NULL, / init thread / + NULL, / exit thread / + NULL, / exit process / + NULL, / exit master / + NGX_MODULE_V1_PADDING +}; + + +static ngx_int_t +ngx_http_mirror_handler(ngx_http_request_t r) +{ + ngx_int_t rc; + ngx_http_mirror_ctx_t ctx; + ngx_http_mirror_loc_conf_t mlcf; + + if (r != r->main) { + return NGX_DECLINED; + } + + mlcf = ngx_http_get_module_loc_conf(r, ngx_http_mirror_module); + + if (mlcf->mirror == NULL) { + return NGX_DECLINED; + } + + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "mirror handler"); + + if (mlcf->request_body) { + ctx = ngx_http_get_module_ctx(r, ngx_http_mirror_module); + + if (ctx) { + return ctx->status; + } + + ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_mirror_ctx_t)); + if (ctx == NULL) { + return NGX_ERROR; + } + + ctx->status = NGX_DONE; + + ngx_http_set_ctx(r, ctx, ngx_http_mirror_module); + + rc = ngx_http_read_client_request_body(r, ngx_http_mirror_body_handler); + if (rc >= NGX_HTTP_SPECIAL_RESPONSE) { + return rc; + } + + ngx_http_finalize_request(r, NGX_DONE); + return NGX_DONE; + } + + return ngx_http_mirror_handler_internal(r); +} + + +static void +ngx_http_mirror_body_handler(ngx_http_request_t r) +{ + ngx_http_mirror_ctx_t ctx; + + ctx = ngx_http_get_module_ctx(r, ngx_http_mirror_module); + + ctx->status = ngx_http_mirror_handler_internal(r); + + r->preserve_body = 1; + + r->write_event_handler = ngx_http_core_run_phases; + ngx_http_core_run_phases(r); +} + + +static ngx_int_t +ngx_http_mirror_handler_internal(ngx_http_request_t r) +{ + ngx_str_t name; + ngx_uint_t i; + ngx_http_request_t sr; + ngx_http_mirror_loc_conf_t mlcf; + + mlcf = ngx_http_get_module_loc_conf(r, ngx_http_mirror_module); + + name = mlcf->mirror->elts; + + for (i = 0; i < mlcf->mirror->nelts; i++) { + if (ngx_http_subrequest(r, &name[i], &r->args, &sr, NULL, + NGX_HTTP_SUBREQUEST_BACKGROUND) + != NGX_OK) + { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + + sr->header_only = 1; + sr->method = r->method; + sr->method_name = r->method_name; + } + + return NGX_DECLINED; +} + + +static void * +ngx_http_mirror_create_loc_conf(ngx_conf_t cf) +{ + ngx_http_mirror_loc_conf_t mlcf; + + mlcf = ngx_pcalloc(cf->pool, sizeof(ngx_http_mirror_loc_conf_t)); + if (mlcf == NULL) { + return NULL; + } + + mlcf->mirror = NGX_CONF_UNSET_PTR; + mlcf->request_body = NGX_CONF_UNSET; + + return mlcf; +} + + +static char * +ngx_http_mirror_merge_loc_conf(ngx_conf_t cf, void parent, void child) +{ + ngx_http_mirror_loc_conf_t prev = parent; + ngx_http_mirror_loc_conf_t conf = child; + + ngx_conf_merge_ptr_value(conf->mirror, prev->mirror, NULL); + ngx_conf_merge_value(conf->request_body, prev->request_body, 1); + + return NGX_CONF_OK; +} + + +static char +ngx_http_mirror(ngx_conf_t cf, ngx_command_t cmd, void conf) +{ + ngx_http_mirror_loc_conf_t mlcf = conf; + + ngx_str_t value, s; + + value = cf->args->elts; + + if (ngx_strcmp(value[1].data, "off") == 0) { + if (mlcf->mirror != NGX_CONF_UNSET_PTR) { + return "is duplicate"; + } + + mlcf->mirror = NULL; + return NGX_CONF_OK; + } + + if (mlcf->mirror == NULL) { + return "is duplicate"; + } + + if (mlcf->mirror == NGX_CONF_UNSET_PTR) { + mlcf->mirror = ngx_array_create(cf->pool, 4, sizeof(ngx_str_t)); + if (mlcf->mirror == NULL) { + return NGX_CONF_ERROR; + } + } + + s = ngx_array_push(mlcf->mirror); + if (s == NULL) { + return NGX_CONF_ERROR; + } + + s = value[1]; + + return NGX_CONF_OK; +} + + +static ngx_int_t +ngx_http_mirror_init(ngx_conf_t cf) +{ + ngx_http_handler_pt h; + ngx_http_core_main_conf_t cmcf; + + cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module); + + h = ngx_array_push(&cmcf->phases[NGX_HTTP_PRECONTENT_PHASE].handlers); + if (h == NULL) { + return NGX_ERROR; + } + + *h = ngx_http_mirror_handler; + + return NGX_OK; +}
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_proxy_module.c ^
@@ -829,7 +829,7 @@ ngx_http_proxy_internal_chunked_variable, 0, NGX_HTTP_VAR_NOCACHEABLE\|NGX_HTTP_VAR_NOHASH, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable }; @@ -1143,7 +1143,8 @@ static ngx_int_t ngx_http_proxy_create_request(ngx_http_request_t r) { - size_t len, uri_len, loc_len, body_len; + size_t len, uri_len, loc_len, body_len, + key_len, val_len; uintptr_t escape; ngx_buf_t b; ngx_str_t method; @@ -1258,11 +1259,20 @@ le.flushed = 1; while ((uintptr_t ) le.ip) { - while ((uintptr_t ) le.ip) { + + lcode = (ngx_http_script_len_code_pt ) le.ip; + key_len = lcode(&le); + + for (val_len = 0; (uintptr_t ) le.ip; val_len += lcode(&le)) { lcode = (ngx_http_script_len_code_pt ) le.ip; - len += lcode(&le); } le.ip += sizeof(uintptr_t); + + if (val_len == 0) { + continue; + } + + len += key_len + sizeof(": ") - 1 + val_len + sizeof(CRLF) - 1; } @@ -1362,30 +1372,41 @@ le.ip = headers->lengths->elts; while ((uintptr_t ) le.ip) { - lcode = (ngx_http_script_len_code_pt ) le.ip; - /* skip the header line name length / + lcode = (ngx_http_script_len_code_pt ) le.ip; (void) lcode(&le); - if ((ngx_http_script_len_code_pt ) le.ip) { + for (val_len = 0; (uintptr_t ) le.ip; val_len += lcode(&le)) { + lcode = (ngx_http_script_len_code_pt ) le.ip; + } + le.ip += sizeof(uintptr_t); - for (len = 0; (uintptr_t ) le.ip; len += lcode(&le)) { - lcode = (ngx_http_script_len_code_pt ) le.ip; - } + if (val_len == 0) { + e.skip = 1; - e.skip = (len == sizeof(CRLF) - 1) ? 1 : 0; + while ((uintptr_t ) e.ip) { + code = (ngx_http_script_code_pt ) e.ip; + code((ngx_http_script_engine_t ) &e); + } + e.ip += sizeof(uintptr_t); - } else { e.skip = 0; + + continue; } - le.ip += sizeof(uintptr_t); + code = (ngx_http_script_code_pt ) e.ip; + code((ngx_http_script_engine_t ) &e); + + e.pos++ = ':'; e.pos++ = ' '; while ((uintptr_t ) e.ip) { code = (ngx_http_script_code_pt ) e.ip; code((ngx_http_script_engine_t ) &e); } e.ip += sizeof(uintptr_t); + + e.pos++ = CR; e.pos++ = LF; } b->last = e.pos; @@ -3498,108 +3519,40 @@ continue; } - if (ngx_http_script_variables_count(&src[i].value) == 0) { - copy = ngx_array_push_n(headers->lengths, - sizeof(ngx_http_script_copy_code_t)); - if (copy == NULL) { - return NGX_ERROR; - } - - copy->code = (ngx_http_script_code_pt) - ngx_http_script_copy_len_code; - copy->len = src[i].key.len + sizeof(": ") - 1 - + src[i].value.len + sizeof(CRLF) - 1; - - - size = (sizeof(ngx_http_script_copy_code_t) - + src[i].key.len + sizeof(": ") - 1 - + src[i].value.len + sizeof(CRLF) - 1 - + sizeof(uintptr_t) - 1) - & ~(sizeof(uintptr_t) - 1); - - copy = ngx_array_push_n(headers->values, size); - if (copy == NULL) { - return NGX_ERROR; - } - - copy->code = ngx_http_script_copy_code; - copy->len = src[i].key.len + sizeof(": ") - 1 - + src[i].value.len + sizeof(CRLF) - 1; - - p = (u_char ) copy + sizeof(ngx_http_script_copy_code_t); - - p = ngx_cpymem(p, src[i].key.data, src[i].key.len); - p++ = ':'; p++ = ' '; - p = ngx_cpymem(p, src[i].value.data, src[i].value.len); - p++ = CR; p = LF; - - } else { - copy = ngx_array_push_n(headers->lengths, - sizeof(ngx_http_script_copy_code_t)); - if (copy == NULL) { - return NGX_ERROR; - } - - copy->code = (ngx_http_script_code_pt) - ngx_http_script_copy_len_code; - copy->len = src[i].key.len + sizeof(": ") - 1; - - - size = (sizeof(ngx_http_script_copy_code_t) - + src[i].key.len + sizeof(": ") - 1 + sizeof(uintptr_t) - 1) - & ~(sizeof(uintptr_t) - 1); - - copy = ngx_array_push_n(headers->values, size); - if (copy == NULL) { - return NGX_ERROR; - } - - copy->code = ngx_http_script_copy_code; - copy->len = src[i].key.len + sizeof(": ") - 1; - - p = (u_char ) copy + sizeof(ngx_http_script_copy_code_t); - p = ngx_cpymem(p, src[i].key.data, src[i].key.len); - p++ = ':'; p = ' '; - - - ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); - - sc.cf = cf; - sc.source = &src[i].value; - sc.flushes = &headers->flushes; - sc.lengths = &headers->lengths; - sc.values = &headers->values; - - if (ngx_http_script_compile(&sc) != NGX_OK) { - return NGX_ERROR; - } + copy = ngx_array_push_n(headers->lengths, + sizeof(ngx_http_script_copy_code_t)); + if (copy == NULL) { + return NGX_ERROR; + } + copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code; + copy->len = src[i].key.len; - copy = ngx_array_push_n(headers->lengths, - sizeof(ngx_http_script_copy_code_t)); - if (copy == NULL) { - return NGX_ERROR; - } + size = (sizeof(ngx_http_script_copy_code_t) + + src[i].key.len + sizeof(uintptr_t) - 1) + & ~(sizeof(uintptr_t) - 1); - copy->code = (ngx_http_script_code_pt) - ngx_http_script_copy_len_code; - copy->len = sizeof(CRLF) - 1; + copy = ngx_array_push_n(headers->values, size); + if (copy == NULL) { + return NGX_ERROR; + } + copy->code = ngx_http_script_copy_code; + copy->len = src[i].key.len; - size = (sizeof(ngx_http_script_copy_code_t) - + sizeof(CRLF) - 1 + sizeof(uintptr_t) - 1) - & ~(sizeof(uintptr_t) - 1); + p = (u_char ) copy + sizeof(ngx_http_script_copy_code_t); + ngx_memcpy(p, src[i].key.data, src[i].key.len); - copy = ngx_array_push_n(headers->values, size); - if (copy == NULL) { - return NGX_ERROR; - } + ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); - copy->code = ngx_http_script_copy_code; - copy->len = sizeof(CRLF) - 1; + sc.cf = cf; + sc.source = &src[i].value; + sc.flushes = &headers->flushes; + sc.lengths = &headers->lengths; + sc.values = &headers->values; - p = (u_char ) copy + sizeof(ngx_http_script_copy_code_t); - p++ = CR; p = LF; + if (ngx_http_script_compile(&sc) != NGX_OK) { + return NGX_ERROR; } code = ngx_array_push_n(headers->lengths, sizeof(uintptr_t));
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_range_filter_module.c ^
@@ -315,7 +315,7 @@ return NGX_HTTP_RANGE_NOT_SATISFIABLE; } - start = start * 10 + p++ - '0'; + start = start 10 + (p++ - '0'); } while (p == ' ') { p++; } @@ -345,7 +345,7 @@ return NGX_HTTP_RANGE_NOT_SATISFIABLE; } - end = end * 10 + p++ - '0'; + end = end 10 + (p++ - '0'); } while (p == ' ') { p++; } @@ -355,7 +355,7 @@ } if (suffix) { - start = content_length - end; + start = (end < content_length) ? content_length - end : 0; end = content_length - 1; } @@ -377,6 +377,10 @@ range->start = start; range->end = end; + if (size > NGX_MAX_OFF_T_VALUE - (end - start)) { + return NGX_HTTP_RANGE_NOT_SATISFIABLE; + } + size += end - start; if (ranges-- == 0) { @@ -459,23 +463,24 @@ ngx_http_range_multipart_header(ngx_http_request_t r, ngx_http_range_filter_ctx_t ctx) { - size_t len; + off_t len; + size_t size; ngx_uint_t i; ngx_http_range_t *range; ngx_atomic_uint_t boundary; - len = sizeof(CRLF "--") - 1 + NGX_ATOMIC_T_LEN - + sizeof(CRLF "Content-Type: ") - 1 - + r->headers_out.content_type.len - + sizeof(CRLF "Content-Range: bytes ") - 1; + size = sizeof(CRLF "--") - 1 + NGX_ATOMIC_T_LEN + + sizeof(CRLF "Content-Type: ") - 1 + + r->headers_out.content_type.len + + sizeof(CRLF "Content-Range: bytes ") - 1; if (r->headers_out.content_type_len == r->headers_out.content_type.len && r->headers_out.charset.len) { - len += sizeof("; charset=") - 1 + r->headers_out.charset.len; + size += sizeof("; charset=") - 1 + r->headers_out.charset.len; } - ctx->boundary_header.data = ngx_pnalloc(r->pool, len); + ctx->boundary_header.data = ngx_pnalloc(r->pool, size); if (ctx->boundary_header.data == NULL) { return NGX_ERROR; } @@ -565,7 +570,7 @@ - range[i].content_range.data; len += ctx->boundary_header.len + range[i].content_range.len - + (size_t) (range[i].end - range[i].start); + + (range[i].end - range[i].start); } r->headers_out.content_length_n = len;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_realip_module.c ^
@@ -122,7 +122,7 @@ { ngx_string("realip_remote_port"), NULL, ngx_http_realip_remote_port_variable, 0, 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_referer_module.c ^
@@ -32,6 +32,7 @@ } ngx_http_referer_conf_t; +static ngx_int_t ngx_http_referer_add_variables(ngx_conf_t cf); static void ngx_http_referer_create_conf(ngx_conf_t cf); static char ngx_http_referer_merge_conf(ngx_conf_t cf, void parent, void child); @@ -77,7 +78,7 @@ static ngx_http_module_t ngx_http_referer_module_ctx = { - NULL, / preconfiguration / + ngx_http_referer_add_variables, / preconfiguration / NULL, / postconfiguration / NULL, / create main configuration / @@ -107,6 +108,9 @@ }; +static ngx_str_t ngx_http_invalid_referer_name = ngx_string("invalid_referer"); + + static ngx_int_t ngx_http_referer_variable(ngx_http_request_t r, ngx_http_variable_value_t v, uintptr_t data) @@ -263,6 +267,23 @@ } +static ngx_int_t +ngx_http_referer_add_variables(ngx_conf_t cf) +{ + ngx_http_variable_t var; + + var = ngx_http_add_variable(cf, &ngx_http_invalid_referer_name, + NGX_HTTP_VAR_CHANGEABLE); + if (var == NULL) { + return NGX_ERROR; + } + + var->get_handler = ngx_http_referer_variable; + + return NGX_OK; +} + + static void ngx_http_referer_create_conf(ngx_conf_t cf) { @@ -452,19 +473,9 @@ { ngx_http_referer_conf_t rlcf = conf; - u_char p; - ngx_str_t value, uri, name; - ngx_uint_t i; - ngx_http_variable_t var; - - ngx_str_set(&name, "invalid_referer"); - - var = ngx_http_add_variable(cf, &name, NGX_HTTP_VAR_CHANGEABLE); - if (var == NULL) { - return NGX_CONF_ERROR; - } - - var->get_handler = ngx_http_referer_variable; + u_char p; + ngx_str_t *value, uri; + ngx_uint_t i; if (rlcf->keys == NULL) { rlcf->keys = ngx_pcalloc(cf->temp_pool, sizeof(ngx_hash_keys_arrays_t));
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_scgi_module.c ^
@@ -819,7 +819,7 @@ key = e.pos; #endif code = (ngx_http_script_code_pt ) e.ip; - code((ngx_http_script_engine_t ) & e); + code((ngx_http_script_engine_t ) &e); #if (NGX_DEBUG) val = e.pos;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_secure_link_module.c ^
@@ -107,7 +107,7 @@ ngx_md5_t md5; ngx_http_secure_link_ctx_t ctx; ngx_http_secure_link_conf_t conf; - u_char hash_buf[16], md5_buf[16]; + u_char hash_buf[18], md5_buf[16]; conf = ngx_http_get_module_loc_conf(r, ngx_http_secure_link_module); @@ -154,7 +154,6 @@ goto not_found; } - hash.len = 16; hash.data = hash_buf; if (ngx_decode_base64url(&hash, &val) != NGX_OK) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_slice_filter_module.c ^
@@ -190,6 +190,8 @@ return rc; } + r->preserve_body = 1; + if (r->headers_out.status == NGX_HTTP_PARTIAL_CONTENT) { if (ctx->start + (off_t) slcf->size <= r->headers_out.content_offset) { ctx->start = slcf->size @@ -317,7 +319,7 @@ return NGX_ERROR; } - start = start * 10 + p++ - '0'; + start = start 10 + (p++ - '0'); } while (p == ' ') { p++; } @@ -337,7 +339,7 @@ return NGX_ERROR; } - end = end * 10 + p++ - '0'; + end = end 10 + (p++ - '0'); } end++; @@ -362,7 +364,7 @@ return NGX_ERROR; } - complete_length = complete_length 10 + p++ - '0'; + complete_length = complete_length 10 + (p++ - '0'); } } else { @@ -479,7 +481,7 @@ return 0; } - start = start 10 + p++ - '0'; + start = start 10 + (*p++ - '0'); } return start;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_ssi_filter_module.c ^
@@ -321,7 +321,7 @@ { ngx_string("date_gmt"), NULL, ngx_http_ssi_date_gmt_local_variable, 1, NGX_HTTP_VAR_NOCACHEABLE, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable }; @@ -370,6 +370,8 @@ ngx_http_clear_content_length(r); ngx_http_clear_accept_ranges(r); + r->preserve_body = 1; + if (!slcf->last_modified) { ngx_http_clear_last_modified(r); ngx_http_clear_etag(r); @@ -1628,8 +1630,7 @@ u_char ch, p, value, data, part_data; size_t size, len, prefix, part_len; ngx_str_t var, val; - ngx_int_t key; - ngx_uint_t i, n, bracket, quoted; + ngx_uint_t i, n, bracket, quoted, key; ngx_array_t lengths, values; ngx_http_variable_value_t vv; @@ -1881,9 +1882,8 @@ int rc, captures; u_char p, errstr[NGX_MAX_CONF_ERRSTR]; size_t size; - ngx_int_t key; ngx_str_t vv, name, value; - ngx_uint_t i, n; + ngx_uint_t i, n, key; ngx_http_ssi_ctx_t ctx; ngx_http_ssi_var_t var; ngx_regex_compile_t rgc; @@ -1986,10 +1986,10 @@ ngx_http_ssi_include(ngx_http_request_t r, ngx_http_ssi_ctx_t ctx, ngx_str_t params) { - ngx_int_t rc, key; + ngx_int_t rc; ngx_str_t uri, file, wait, set, stub, args; ngx_buf_t b; - ngx_uint_t flags, i; + ngx_uint_t flags, i, key; ngx_chain_t cl, tl, ll, out; ngx_http_request_t sr; ngx_http_ssi_var_t var; @@ -2246,9 +2246,9 @@ { u_char p; uintptr_t len; - ngx_int_t key; ngx_buf_t b; ngx_str_t var, value, enc, text; + ngx_uint_t key; ngx_chain_t cl; ngx_http_variable_value_t vv; @@ -2408,8 +2408,9 @@ ngx_http_ssi_set(ngx_http_request_t r, ngx_http_ssi_ctx_t ctx, ngx_str_t params) { - ngx_int_t key, rc; + ngx_int_t rc; ngx_str_t name, value, vv; + ngx_uint_t key; ngx_http_ssi_var_t var; ngx_http_ssi_ctx_t mctx;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_ssl_module.c ^
@@ -299,6 +299,10 @@ (uintptr_t) ngx_ssl_get_raw_certificate, NGX_HTTP_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_client_escaped_cert"), NULL, ngx_http_ssl_variable, + (uintptr_t) ngx_ssl_get_escaped_certificate, + NGX_HTTP_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_client_s_dn"), NULL, ngx_http_ssl_variable, (uintptr_t) ngx_ssl_get_subject_dn, NGX_HTTP_VAR_CHANGEABLE, 0 }, @@ -329,7 +333,7 @@ { ngx_string("ssl_client_v_remain"), NULL, ngx_http_ssl_variable, (uintptr_t) ngx_ssl_get_client_v_remain, NGX_HTTP_VAR_CHANGEABLE, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_stub_status_module.c ^
@@ -76,7 +76,7 @@ { ngx_string("connections_waiting"), NULL, ngx_http_stub_status_variable, 3, NGX_HTTP_VAR_NOCACHEABLE, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable };
[-] [+]	Added	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_try_files_module.c ^
@@ -0,0 +1,404 @@ + +/* + * Copyright (C) Igor Sysoev + * Copyright (C) Nginx, Inc. + / + + +#include <ngx_config.h> +#include <ngx_core.h> +#include <ngx_http.h> + + +typedef struct { + ngx_array_t lengths; + ngx_array_t values; + ngx_str_t name; + + unsigned code:10; + unsigned test_dir:1; +} ngx_http_try_file_t; + + +typedef struct { + ngx_http_try_file_t try_files; +} ngx_http_try_files_loc_conf_t; + + +static ngx_int_t ngx_http_try_files_handler(ngx_http_request_t r); +static char ngx_http_try_files(ngx_conf_t cf, ngx_command_t cmd, void conf); +static void ngx_http_try_files_create_loc_conf(ngx_conf_t cf); +static ngx_int_t ngx_http_try_files_init(ngx_conf_t cf); + + +static ngx_command_t ngx_http_try_files_commands[] = { + + { ngx_string("try_files"), + NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_CONF_2MORE, + ngx_http_try_files, + NGX_HTTP_LOC_CONF_OFFSET, + 0, + NULL }, + + ngx_null_command +}; + + +static ngx_http_module_t ngx_http_try_files_module_ctx = { + NULL, /* preconfiguration / + ngx_http_try_files_init, / postconfiguration / + + NULL, / create main configuration / + NULL, / init main configuration / + + NULL, / create server configuration / + NULL, / merge server configuration / + + ngx_http_try_files_create_loc_conf, / create location configuration / + NULL / merge location configuration / +}; + + +ngx_module_t ngx_http_try_files_module = { + NGX_MODULE_V1, + &ngx_http_try_files_module_ctx, / module context / + ngx_http_try_files_commands, / module directives / + NGX_HTTP_MODULE, / module type / + NULL, / init master / + NULL, / init module / + NULL, / init process / + NULL, / init thread / + NULL, / exit thread / + NULL, / exit process / + NULL, / exit master / + NGX_MODULE_V1_PADDING +}; + + +static ngx_int_t +ngx_http_try_files_handler(ngx_http_request_t r) +{ + size_t len, root, alias, reserve, allocated; + u_char p, name; + ngx_str_t path, args; + ngx_uint_t test_dir; + ngx_http_try_file_t tf; + ngx_open_file_info_t of; + ngx_http_script_code_pt code; + ngx_http_script_engine_t e; + ngx_http_core_loc_conf_t clcf; + ngx_http_script_len_code_pt lcode; + ngx_http_try_files_loc_conf_t tlcf; + + tlcf = ngx_http_get_module_loc_conf(r, ngx_http_try_files_module); + + if (tlcf->try_files == NULL) { + return NGX_DECLINED; + } + + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "try files handler"); + + allocated = 0; + root = 0; + name = NULL; + / suppress MSVC warning / + path.data = NULL; + + tf = tlcf->try_files; + + clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); + + alias = clcf->alias; + + for ( ;; ) { + + if (tf->lengths) { + ngx_memzero(&e, sizeof(ngx_http_script_engine_t)); + + e.ip = tf->lengths->elts; + e.request = r; + + / 1 is for terminating '\0' as in static names / + len = 1; + + while ((uintptr_t ) e.ip) { + lcode = (ngx_http_script_len_code_pt ) e.ip; + len += lcode(&e); + } + + } else { + len = tf->name.len; + } + + if (!alias) { + reserve = len > r->uri.len ? len - r->uri.len : 0; + + } else if (alias == NGX_MAX_SIZE_T_VALUE) { + reserve = len; + + } else { + reserve = len > r->uri.len - alias ? len - (r->uri.len - alias) : 0; + } + + if (reserve > allocated \|\| !allocated) { + + / 16 bytes are preallocation / + allocated = reserve + 16; + + if (ngx_http_map_uri_to_path(r, &path, &root, allocated) == NULL) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + + name = path.data + root; + } + + if (tf->values == NULL) { + + / tf->name.len includes the terminating '\0' / + + ngx_memcpy(name, tf->name.data, tf->name.len); + + path.len = (name + tf->name.len - 1) - path.data; + + } else { + e.ip = tf->values->elts; + e.pos = name; + e.flushed = 1; + + while ((uintptr_t ) e.ip) { + code = (ngx_http_script_code_pt ) e.ip; + code((ngx_http_script_engine_t ) &e); + } + + path.len = e.pos - path.data; + + e.pos = '\0'; + + if (alias && alias != NGX_MAX_SIZE_T_VALUE + && ngx_strncmp(name, r->uri.data, alias) == 0) + { + ngx_memmove(name, name + alias, len - alias); + path.len -= alias; + } + } + + test_dir = tf->test_dir; + + tf++; + + ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "trying to use %s: \"%s\" \"%s\"", + test_dir ? "dir" : "file", name, path.data); + + if (tf->lengths == NULL && tf->name.len == 0) { + + if (tf->code) { + return tf->code; + } + + path.len -= root; + path.data += root; + + if (path.data[0] == '@') { + (void) ngx_http_named_location(r, &path); + + } else { + ngx_http_split_args(r, &path, &args); + + (void) ngx_http_internal_redirect(r, &path, &args); + } + + ngx_http_finalize_request(r, NGX_DONE); + return NGX_DONE; + } + + ngx_memzero(&of, sizeof(ngx_open_file_info_t)); + + of.read_ahead = clcf->read_ahead; + of.directio = clcf->directio; + of.valid = clcf->open_file_cache_valid; + of.min_uses = clcf->open_file_cache_min_uses; + of.test_only = 1; + of.errors = clcf->open_file_cache_errors; + of.events = clcf->open_file_cache_events; + + if (ngx_http_set_disable_symlinks(r, clcf, &path, &of) != NGX_OK) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + + if (ngx_open_cached_file(clcf->open_file_cache, &path, &of, r->pool) + != NGX_OK) + { + if (of.err == 0) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + + if (of.err != NGX_ENOENT + && of.err != NGX_ENOTDIR + && of.err != NGX_ENAMETOOLONG) + { + ngx_log_error(NGX_LOG_CRIT, r->connection->log, of.err, + "%s \"%s\" failed", of.failed, path.data); + } + + continue; + } + + if (of.is_dir != test_dir) { + continue; + } + + path.len -= root; + path.data += root; + + if (!alias) { + r->uri = path; + + } else if (alias == NGX_MAX_SIZE_T_VALUE) { + if (!test_dir) { + r->uri = path; + r->add_uri_to_alias = 1; + } + + } else { + name = r->uri.data; + + r->uri.len = alias + path.len; + r->uri.data = ngx_pnalloc(r->pool, r->uri.len); + if (r->uri.data == NULL) { + r->uri.len = 0; + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + + p = ngx_copy(r->uri.data, name, alias); + ngx_memcpy(p, path.data, path.len); + } + + ngx_http_set_exten(r); + + ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "try file uri: \"%V\"", &r->uri); + + return NGX_DECLINED; + } + + / not reached / +} + + +static char +ngx_http_try_files(ngx_conf_t cf, ngx_command_t cmd, void conf) +{ + ngx_http_try_files_loc_conf_t tlcf = conf; + + ngx_str_t value; + ngx_int_t code; + ngx_uint_t i, n; + ngx_http_try_file_t tf; + ngx_http_script_compile_t sc; + + if (tlcf->try_files) { + return "is duplicate"; + } + + tf = ngx_pcalloc(cf->pool, cf->args->nelts * sizeof(ngx_http_try_file_t)); + if (tf == NULL) { + return NGX_CONF_ERROR; + } + + tlcf->try_files = tf; + + value = cf->args->elts; + + for (i = 0; i < cf->args->nelts - 1; i++) { + + tf[i].name = value[i + 1]; + + if (tf[i].name.len > 0 + && tf[i].name.data[tf[i].name.len - 1] == '/' + && i + 2 < cf->args->nelts) + { + tf[i].test_dir = 1; + tf[i].name.len--; + tf[i].name.data[tf[i].name.len] = '\0'; + } + + n = ngx_http_script_variables_count(&tf[i].name); + + if (n) { + ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); + + sc.cf = cf; + sc.source = &tf[i].name; + sc.lengths = &tf[i].lengths; + sc.values = &tf[i].values; + sc.variables = n; + sc.complete_lengths = 1; + sc.complete_values = 1; + + if (ngx_http_script_compile(&sc) != NGX_OK) { + return NGX_CONF_ERROR; + } + + } else { + /* add trailing '\0' to length / + tf[i].name.len++; + } + } + + if (tf[i - 1].name.data[0] == '=') { + + code = ngx_atoi(tf[i - 1].name.data + 1, tf[i - 1].name.len - 2); + + if (code == NGX_ERROR \|\| code > 999) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid code \"%s\"", + tf[i - 1].name.len - 1, tf[i - 1].name.data); + return NGX_CONF_ERROR; + } + + tf[i].code = code; + } + + return NGX_CONF_OK; +} + + +static void * +ngx_http_try_files_create_loc_conf(ngx_conf_t cf) +{ + ngx_http_try_files_loc_conf_t tlcf; + + tlcf = ngx_pcalloc(cf->pool, sizeof(ngx_http_try_files_loc_conf_t)); + if (tlcf == NULL) { + return NULL; + } + + /* + * set by ngx_pcalloc(): + * + * tlcf->try_files = NULL; + / + + return tlcf; +} + + +static ngx_int_t +ngx_http_try_files_init(ngx_conf_t cf) +{ + ngx_http_handler_pt h; + ngx_http_core_main_conf_t cmcf; + + cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module); + + h = ngx_array_push(&cmcf->phases[NGX_HTTP_PRECONTENT_PHASE].handlers); + if (h == NULL) { + return NGX_ERROR; + } + + *h = ngx_http_try_files_handler; + + return NGX_OK; +}
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_upstream_hash_module.c ^
@@ -503,6 +503,11 @@ ngx_http_upstream_rr_peers_wlock(hp->rrp.peers); + if (hp->tries > 20 \|\| hp->rrp.peers->single) { + ngx_http_upstream_rr_peers_unlock(hp->rrp.peers); + return hp->get_rr_peer(pc, &hp->rrp); + } + pc->cached = 0; pc->connection = NULL; @@ -538,13 +543,6 @@ continue; } - if (peer->server.len != server->len - \|\| ngx_strncmp(peer->server.data, server->data, server->len) - != 0) - { - continue; - } - if (peer->max_fails && peer->fails >= peer->max_fails && now - peer->checked <= peer->fail_timeout) @@ -556,6 +554,13 @@ continue; } + if (peer->server.len != server->len + \|\| ngx_strncmp(peer->server.data, server->data, server->len) + != 0) + { + continue; + } + peer->current_weight += peer->effective_weight; total += peer->effective_weight; @@ -577,10 +582,9 @@ hp->hash++; hp->tries++; - if (hp->tries >= points->number) { - pc->name = hp->rrp.peers->name; + if (hp->tries > 20) { ngx_http_upstream_rr_peers_unlock(hp->rrp.peers); - return NGX_BUSY; + return hp->get_rr_peer(pc, &hp->rrp); } }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_upstream_zone_module.c ^
@@ -16,6 +16,8 @@ void data); static ngx_http_upstream_rr_peers_t ngx_http_upstream_zone_copy_peers( ngx_slab_pool_t shpool, ngx_http_upstream_srv_conf_t uscf); +static ngx_http_upstream_rr_peer_t ngx_http_upstream_zone_copy_peer( + ngx_http_upstream_rr_peers_t peers, ngx_http_upstream_rr_peer_t src); static ngx_command_t ngx_http_upstream_zone_commands[] = { @@ -185,6 +187,7 @@ ngx_http_upstream_zone_copy_peers(ngx_slab_pool_t shpool, ngx_http_upstream_srv_conf_t uscf) { + ngx_str_t name; ngx_http_upstream_rr_peer_t peer, peerp; ngx_http_upstream_rr_peers_t peers, backup; @@ -195,18 +198,30 @@ ngx_memcpy(peers, uscf->peer.data, sizeof(ngx_http_upstream_rr_peers_t)); + name = ngx_slab_alloc(shpool, sizeof(ngx_str_t)); + if (name == NULL) { + return NULL; + } + + name->data = ngx_slab_alloc(shpool, peers->name->len); + if (name->data == NULL) { + return NULL; + } + + ngx_memcpy(name->data, peers->name->data, peers->name->len); + name->len = peers->name->len; + + peers->name = name; + peers->shpool = shpool; for (peerp = &peers->peer; peerp; peerp = &peer->next) { /* pool is unlocked / - peer = ngx_slab_calloc_locked(shpool, - sizeof(ngx_http_upstream_rr_peer_t)); + peer = ngx_http_upstream_zone_copy_peer(peers, peerp); if (peer == NULL) { return NULL; } - ngx_memcpy(peer, peerp, sizeof(ngx_http_upstream_rr_peer_t)); - peerp = peer; } @@ -221,18 +236,17 @@ ngx_memcpy(backup, peers->next, sizeof(ngx_http_upstream_rr_peers_t)); + backup->name = name; + backup->shpool = shpool; for (peerp = &backup->peer; peerp; peerp = &peer->next) { / pool is unlocked / - peer = ngx_slab_calloc_locked(shpool, - sizeof(ngx_http_upstream_rr_peer_t)); + peer = ngx_http_upstream_zone_copy_peer(backup, peerp); if (peer == NULL) { return NULL; } - ngx_memcpy(peer, peerp, sizeof(ngx_http_upstream_rr_peer_t)); - peerp = peer; } @@ -244,3 +258,68 @@ return peers; } + + +static ngx_http_upstream_rr_peer_t * +ngx_http_upstream_zone_copy_peer(ngx_http_upstream_rr_peers_t peers, + ngx_http_upstream_rr_peer_t src) +{ + ngx_slab_pool_t pool; + ngx_http_upstream_rr_peer_t dst; + + pool = peers->shpool; + + dst = ngx_slab_calloc_locked(pool, sizeof(ngx_http_upstream_rr_peer_t)); + if (dst == NULL) { + return NULL; + } + + if (src) { + ngx_memcpy(dst, src, sizeof(ngx_http_upstream_rr_peer_t)); + dst->sockaddr = NULL; + dst->name.data = NULL; + dst->server.data = NULL; + } + + dst->sockaddr = ngx_slab_calloc_locked(pool, sizeof(ngx_sockaddr_t)); + if (dst->sockaddr == NULL) { + goto failed; + } + + dst->name.data = ngx_slab_calloc_locked(pool, NGX_SOCKADDR_STRLEN); + if (dst->name.data == NULL) { + goto failed; + } + + if (src) { + ngx_memcpy(dst->sockaddr, src->sockaddr, src->socklen); + ngx_memcpy(dst->name.data, src->name.data, src->name.len); + + dst->server.data = ngx_slab_alloc_locked(pool, src->server.len); + if (dst->server.data == NULL) { + goto failed; + } + + ngx_memcpy(dst->server.data, src->server.data, src->server.len); + } + + return dst; + +failed: + + if (dst->server.data) { + ngx_slab_free_locked(pool, dst->server.data); + } + + if (dst->name.data) { + ngx_slab_free_locked(pool, dst->name.data); + } + + if (dst->sockaddr) { + ngx_slab_free_locked(pool, dst->sockaddr); + } + + ngx_slab_free_locked(pool, dst); + + return NULL; +}
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_uwsgi_module.c ^
@@ -865,7 +865,7 @@ lcode = (ngx_http_script_len_code_pt ) le.ip; skip_empty = lcode(&le); - for (val_len = 0; (uintptr_t ) le.ip; val_len += lcode (&le)) { + for (val_len = 0; (uintptr_t ) le.ip; val_len += lcode(&le)) { lcode = (ngx_http_script_len_code_pt ) le.ip; } le.ip += sizeof(uintptr_t); @@ -990,7 +990,7 @@ while ((uintptr_t ) le.ip) { lcode = (ngx_http_script_len_code_pt ) le.ip; - key_len = (u_char) lcode (&le); + key_len = (u_char) lcode(&le); lcode = (ngx_http_script_len_code_pt ) le.ip; skip_empty = lcode(&le); @@ -1018,14 +1018,14 @@ e.pos++ = (u_char) ((key_len >> 8) & 0xff); code = (ngx_http_script_code_pt ) e.ip; - code((ngx_http_script_engine_t ) & e); + code((ngx_http_script_engine_t ) &e); e.pos++ = (u_char) (val_len & 0xff); e.pos++ = (u_char) ((val_len >> 8) & 0xff); while ((uintptr_t ) e.ip) { code = (ngx_http_script_code_pt ) e.ip; - code((ngx_http_script_engine_t ) & e); + code((ngx_http_script_engine_t *) &e); } e.ip += sizeof(uintptr_t);
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/modules/ngx_http_xslt_filter_module.c ^
@@ -686,8 +686,19 @@ * specified in xslt_stylesheet directives / - p = string.data; - last = string.data + string.len; + if (param[i].value.lengths) { + p = string.data; + + } else { + p = ngx_pnalloc(r->pool, string.len + 1); + if (p == NULL) { + return NGX_ERROR; + } + + ngx_memcpy(p, string.data, string.len + 1); + } + + last = p + string.len; while (p && p) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http.c ^
@@ -382,6 +382,13 @@ return NGX_ERROR; } + if (ngx_array_init(&cmcf->phases[NGX_HTTP_PRECONTENT_PHASE].handlers, + cf->pool, 2, sizeof(ngx_http_handler_pt)) + != NGX_OK) + { + return NGX_ERROR; + } + if (ngx_array_init(&cmcf->phases[NGX_HTTP_CONTENT_PHASE].handlers, cf->pool, 4, sizeof(ngx_http_handler_pt)) != NGX_OK) @@ -459,8 +466,7 @@ n = 1 /* find config phase / + use_rewrite / post rewrite phase / - + use_access / post access phase / - + cmcf->try_files; + + use_access; / post access phase */ for (i = 0; i < NGX_HTTP_LOG_PHASE; i++) { n += cmcf->phases[i].handlers.nelts; @@ -529,15 +535,6 @@ continue; - case NGX_HTTP_TRY_FILES_PHASE: - if (cmcf->try_files) { - ph->checker = ngx_http_core_try_files_phase; - n++; - ph++; - } - - continue; - case NGX_HTTP_CONTENT_PHASE: checker = ngx_http_core_content_phase; break; @@ -548,7 +545,7 @@ n += cmcf->phases[i].handlers.nelts; - for (j = cmcf->phases[i].handlers.nelts - 1; j >=0; j--) { + for (j = cmcf->phases[i].handlers.nelts - 1; j >= 0; j--) { ph->checker = checker; ph->handler = h[j]; ph->next = n;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_core_module.c ^
@@ -61,8 +61,6 @@ void conf); static char ngx_http_core_error_page(ngx_conf_t cf, ngx_command_t cmd, void conf); -static char ngx_http_core_try_files(ngx_conf_t cf, ngx_command_t cmd, - void conf); static char ngx_http_core_open_file_cache(ngx_conf_t cf, ngx_command_t cmd, void conf); static char ngx_http_core_error_log(ngx_conf_t cf, ngx_command_t cmd, @@ -649,13 +647,6 @@ 0, NULL }, - { ngx_string("try_files"), - NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_CONF_2MORE, - ngx_http_core_try_files, - NGX_HTTP_LOC_CONF_OFFSET, - 0, - NULL }, - { ngx_string("post_action"), NGX_HTTP_MAIN_CONF\|NGX_HTTP_SRV_CONF\|NGX_HTTP_LOC_CONF\|NGX_HTTP_LIF_CONF \|NGX_CONF_TAKE1, @@ -1159,223 +1150,6 @@ ngx_int_t -ngx_http_core_try_files_phase(ngx_http_request_t r, - ngx_http_phase_handler_t ph) -{ - size_t len, root, alias, reserve, allocated; - u_char p, name; - ngx_str_t path, args; - ngx_uint_t test_dir; - ngx_http_try_file_t tf; - ngx_open_file_info_t of; - ngx_http_script_code_pt code; - ngx_http_script_engine_t e; - ngx_http_core_loc_conf_t clcf; - ngx_http_script_len_code_pt lcode; - - ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "try files phase: %ui", r->phase_handler); - - clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); - - if (clcf->try_files == NULL) { - r->phase_handler++; - return NGX_AGAIN; - } - - allocated = 0; - root = 0; - name = NULL; - /* suppress MSVC warning / - path.data = NULL; - - tf = clcf->try_files; - - alias = clcf->alias; - - for ( ;; ) { - - if (tf->lengths) { - ngx_memzero(&e, sizeof(ngx_http_script_engine_t)); - - e.ip = tf->lengths->elts; - e.request = r; - - / 1 is for terminating '\0' as in static names / - len = 1; - - while ((uintptr_t ) e.ip) { - lcode = (ngx_http_script_len_code_pt ) e.ip; - len += lcode(&e); - } - - } else { - len = tf->name.len; - } - - if (!alias) { - reserve = len > r->uri.len ? len - r->uri.len : 0; - - } else if (alias == NGX_MAX_SIZE_T_VALUE) { - reserve = len; - - } else { - reserve = len > r->uri.len - alias ? len - (r->uri.len - alias) : 0; - } - - if (reserve > allocated \|\| !allocated) { - - / 16 bytes are preallocation / - allocated = reserve + 16; - - if (ngx_http_map_uri_to_path(r, &path, &root, allocated) == NULL) { - ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); - return NGX_OK; - } - - name = path.data + root; - } - - if (tf->values == NULL) { - - / tf->name.len includes the terminating '\0' / - - ngx_memcpy(name, tf->name.data, tf->name.len); - - path.len = (name + tf->name.len - 1) - path.data; - - } else { - e.ip = tf->values->elts; - e.pos = name; - e.flushed = 1; - - while ((uintptr_t ) e.ip) { - code = (ngx_http_script_code_pt ) e.ip; - code((ngx_http_script_engine_t ) &e); - } - - path.len = e.pos - path.data; - - e.pos = '\0'; - - if (alias && alias != NGX_MAX_SIZE_T_VALUE - && ngx_strncmp(name, r->uri.data, alias) == 0) - { - ngx_memmove(name, name + alias, len - alias); - path.len -= alias; - } - } - - test_dir = tf->test_dir; - - tf++; - - ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "trying to use %s: \"%s\" \"%s\"", - test_dir ? "dir" : "file", name, path.data); - - if (tf->lengths == NULL && tf->name.len == 0) { - - if (tf->code) { - ngx_http_finalize_request(r, tf->code); - return NGX_OK; - } - - path.len -= root; - path.data += root; - - if (path.data[0] == '@') { - (void) ngx_http_named_location(r, &path); - - } else { - ngx_http_split_args(r, &path, &args); - - (void) ngx_http_internal_redirect(r, &path, &args); - } - - ngx_http_finalize_request(r, NGX_DONE); - return NGX_OK; - } - - ngx_memzero(&of, sizeof(ngx_open_file_info_t)); - - of.read_ahead = clcf->read_ahead; - of.directio = clcf->directio; - of.valid = clcf->open_file_cache_valid; - of.min_uses = clcf->open_file_cache_min_uses; - of.test_only = 1; - of.errors = clcf->open_file_cache_errors; - of.events = clcf->open_file_cache_events; - - if (ngx_http_set_disable_symlinks(r, clcf, &path, &of) != NGX_OK) { - ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); - return NGX_OK; - } - - if (ngx_open_cached_file(clcf->open_file_cache, &path, &of, r->pool) - != NGX_OK) - { - if (of.err == 0) { - ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); - return NGX_OK; - } - - if (of.err != NGX_ENOENT - && of.err != NGX_ENOTDIR - && of.err != NGX_ENAMETOOLONG) - { - ngx_log_error(NGX_LOG_CRIT, r->connection->log, of.err, - "%s \"%s\" failed", of.failed, path.data); - } - - continue; - } - - if (of.is_dir != test_dir) { - continue; - } - - path.len -= root; - path.data += root; - - if (!alias) { - r->uri = path; - - } else if (alias == NGX_MAX_SIZE_T_VALUE) { - if (!test_dir) { - r->uri = path; - r->add_uri_to_alias = 1; - } - - } else { - name = r->uri.data; - - r->uri.len = alias + path.len; - r->uri.data = ngx_pnalloc(r->pool, r->uri.len); - if (r->uri.data == NULL) { - r->uri.len = 0; - ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); - return NGX_OK; - } - - p = ngx_copy(r->uri.data, name, alias); - ngx_memcpy(p, path.data, path.len); - } - - ngx_http_set_exten(r); - - ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "try file uri: \"%V\"", &r->uri); - - r->phase_handler++; - return NGX_AGAIN; - } - - / not reached / -} - - -ngx_int_t ngx_http_core_content_phase(ngx_http_request_t r, ngx_http_phase_handler_t ph) { @@ -3561,7 +3335,6 @@ clcf->default_type = { 0, NULL }; * clcf->error_log = NULL; * clcf->error_pages = NULL; - * clcf->try_files = NULL; * clcf->client_body_path = NULL; * clcf->regex = NULL; * clcf->exact_match = 0; @@ -4881,89 +4654,6 @@ } return NGX_CONF_OK; -} - - -static char * -ngx_http_core_try_files(ngx_conf_t cf, ngx_command_t cmd, void conf) -{ - ngx_http_core_loc_conf_t clcf = conf; - - ngx_str_t value; - ngx_int_t code; - ngx_uint_t i, n; - ngx_http_try_file_t tf; - ngx_http_script_compile_t sc; - ngx_http_core_main_conf_t cmcf; - - if (clcf->try_files) { - return "is duplicate"; - } - - cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module); - - cmcf->try_files = 1; - - tf = ngx_pcalloc(cf->pool, cf->args->nelts sizeof(ngx_http_try_file_t)); - if (tf == NULL) { - return NGX_CONF_ERROR; - } - - clcf->try_files = tf; - - value = cf->args->elts; - - for (i = 0; i < cf->args->nelts - 1; i++) { - - tf[i].name = value[i + 1]; - - if (tf[i].name.len > 0 - && tf[i].name.data[tf[i].name.len - 1] == '/' - && i + 2 < cf->args->nelts) - { - tf[i].test_dir = 1; - tf[i].name.len--; - tf[i].name.data[tf[i].name.len] = '\0'; - } - - n = ngx_http_script_variables_count(&tf[i].name); - - if (n) { - ngx_memzero(&sc, sizeof(ngx_http_script_compile_t)); - - sc.cf = cf; - sc.source = &tf[i].name; - sc.lengths = &tf[i].lengths; - sc.values = &tf[i].values; - sc.variables = n; - sc.complete_lengths = 1; - sc.complete_values = 1; - - if (ngx_http_script_compile(&sc) != NGX_OK) { - return NGX_CONF_ERROR; - } - - } else { - /* add trailing '\0' to length / - tf[i].name.len++; - } - } - - if (tf[i - 1].name.data[0] == '=') { - - code = ngx_atoi(tf[i - 1].name.data + 1, tf[i - 1].name.len - 2); - - if (code == NGX_ERROR \|\| code > 999) { - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "invalid code \"%s\"", - tf[i - 1].name.len - 1, tf[i - 1].name.data); - return NGX_CONF_ERROR; - } - - tf[i].code = code; - } - - return NGX_CONF_OK; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_core_module.h ^
@@ -119,7 +119,8 @@ NGX_HTTP_ACCESS_PHASE, NGX_HTTP_POST_ACCESS_PHASE, - NGX_HTTP_TRY_FILES_PHASE, + NGX_HTTP_PRECONTENT_PHASE, + NGX_HTTP_CONTENT_PHASE, NGX_HTTP_LOG_PHASE @@ -172,8 +173,6 @@ ngx_array_t ports; - ngx_uint_t try_files; / unsigned try_files:1 / - ngx_http_phase_t phases[NGX_HTTP_LOG_PHASE + 1]; } ngx_http_core_main_conf_t; @@ -296,16 +295,6 @@ } ngx_http_err_page_t; -typedef struct { - ngx_array_t lengths; - ngx_array_t values; - ngx_str_t name; - - unsigned code:10; - unsigned test_dir:1; -} ngx_http_try_file_t; - - struct ngx_http_core_loc_conf_s { ngx_str_t name; / location name / @@ -425,7 +414,6 @@ #endif ngx_array_t error_pages; /* error_page / - ngx_http_try_file_t try_files; /* try_files / ngx_path_t client_body_temp_path; /* client_body_temp_path / @@ -486,8 +474,6 @@ ngx_http_phase_handler_t ph); ngx_int_t ngx_http_core_post_access_phase(ngx_http_request_t r, ngx_http_phase_handler_t ph); -ngx_int_t ngx_http_core_try_files_phase(ngx_http_request_t r, - ngx_http_phase_handler_t ph); ngx_int_t ngx_http_core_content_phase(ngx_http_request_t r, ngx_http_phase_handler_t ph);
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_file_cache.c ^
@@ -129,6 +129,7 @@ if (shm_zone->shm.exists) { cache->sh = cache->shpool->data; cache->bsize = ngx_fs_bsize(cache->path->name.data); + cache->max_size /= cache->bsize; return NGX_OK; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_parse.c ^
@@ -742,7 +742,7 @@ return NGX_HTTP_PARSE_INVALID_REQUEST; } - r->http_major = r->http_major * 10 + ch - '0'; + r->http_major = r->http_major * 10 + (ch - '0'); if (r->http_major > 1) { return NGX_HTTP_PARSE_INVALID_VERSION; @@ -784,7 +784,7 @@ return NGX_HTTP_PARSE_INVALID_REQUEST; } - r->http_minor = r->http_minor * 10 + ch - '0'; + r->http_minor = r->http_minor * 10 + (ch - '0'); break; case sw_spaces_after_digit: @@ -1518,7 +1518,7 @@ case sw_quoted_second: if (ch >= '0' && ch <= '9') { - ch = (u_char) ((decoded << 4) + ch - '0'); + ch = (u_char) ((decoded << 4) + (ch - '0')); if (ch == '%' \|\| ch == '#') { state = sw_usual; @@ -1536,7 +1536,7 @@ c = (u_char) (ch \| 0x20); if (c >= 'a' && c <= 'f') { - ch = (u_char) ((decoded << 4) + c - 'a' + 10); + ch = (u_char) ((decoded << 4) + (c - 'a') + 10); if (ch == '?') { state = sw_usual; @@ -1701,7 +1701,7 @@ return NGX_ERROR; } - r->http_major = r->http_major * 10 + ch - '0'; + r->http_major = r->http_major * 10 + (ch - '0'); break; /* the first digit of minor HTTP version / @@ -1729,7 +1729,7 @@ return NGX_ERROR; } - r->http_minor = r->http_minor 10 + ch - '0'; + r->http_minor = r->http_minor * 10 + (ch - '0'); break; /* HTTP status code / @@ -1742,7 +1742,7 @@ return NGX_ERROR; } - status->code = status->code 10 + ch - '0'; + status->code = status->code * 10 + (ch - '0'); if (++status->count == 3) { state = sw_space_after_status;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_postpone_filter_module.c ^
@@ -63,7 +63,10 @@ if (r != c->data) { if (in) { - ngx_http_postpone_filter_add(r, in); + if (ngx_http_postpone_filter_add(r, in) != NGX_OK) { + return NGX_ERROR; + } + return NGX_OK; } @@ -86,7 +89,9 @@ } if (in) { - ngx_http_postpone_filter_add(r, in); + if (ngx_http_postpone_filter_add(r, in) != NGX_OK) { + return NGX_ERROR; + } } do {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_request.c ^
@@ -2225,6 +2225,13 @@ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0, "http run request: \"%V?%V\"", &r->uri, &r->args); + if (c->close) { + r->main->count++; + ngx_http_terminate_request(r, 0); + ngx_http_run_posted_requests(c); + return; + } + if (ev->delayed && ev->timedout) { ev->delayed = 0; ev->timedout = 0;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_request.h ^
@@ -537,6 +537,7 @@ unsigned main_filter_need_in_memory:1; unsigned filter_need_in_memory:1; unsigned filter_need_temporary:1; + unsigned preserve_body:1; unsigned allow_ranges:1; unsigned subrequest_ranges:1; unsigned single_range:1;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_upstream.c ^
@@ -427,7 +427,7 @@ { ngx_string("upstream_cookie_"), NULL, ngx_http_upstream_cookie_variable, 0, NGX_HTTP_VAR_NOCACHEABLE\|NGX_HTTP_VAR_PREFIX, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable }; @@ -582,6 +582,9 @@ if (rc == NGX_HTTP_UPSTREAM_INVALID_HEADER) { rc = NGX_DECLINED; r->cached = 0; + u->buffer.start = NULL; + u->cache_status = NGX_HTTP_CACHE_MISS; + u->request_sent = 1; } if (ngx_http_upstream_cache_background_update(r, u) != NGX_OK) { @@ -1059,8 +1062,16 @@ return NGX_ERROR; } + if (rc == NGX_AGAIN) { + rc = NGX_HTTP_UPSTREAM_INVALID_HEADER; + } + /* rc == NGX_HTTP_UPSTREAM_INVALID_HEADER / + ngx_log_error(NGX_LOG_CRIT, r->connection->log, 0, + "cache file \"%s\" contains invalid header", + c->file.name.data); + / TODO: delete file / return rc; @@ -1077,6 +1088,10 @@ return NGX_OK; } + if (r == r->main) { + r->preserve_body = 1; + } + if (ngx_http_subrequest(r, &r->uri, &r->args, &sr, NULL, NGX_HTTP_SUBREQUEST_CLONE \|NGX_HTTP_SUBREQUEST_BACKGROUND) @@ -2389,9 +2404,20 @@ rc = u->reinit_request(r); - if (rc == NGX_OK) { - u->cache_status = NGX_HTTP_CACHE_STALE; - rc = ngx_http_upstream_cache_send(r, u); + if (rc != NGX_OK) { + ngx_http_upstream_finalize_request(r, u, rc); + return NGX_OK; + } + + u->cache_status = NGX_HTTP_CACHE_STALE; + rc = ngx_http_upstream_cache_send(r, u); + + if (rc == NGX_DONE) { + return NGX_OK; + } + + if (rc == NGX_HTTP_UPSTREAM_INVALID_HEADER) { + rc = NGX_HTTP_INTERNAL_SERVER_ERROR; } ngx_http_upstream_finalize_request(r, u, rc); @@ -2429,6 +2455,14 @@ u->cache_status = NGX_HTTP_CACHE_REVALIDATED; rc = ngx_http_upstream_cache_send(r, u); + if (rc == NGX_DONE) { + return NGX_OK; + } + + if (rc == NGX_HTTP_UPSTREAM_INVALID_HEADER) { + rc = NGX_HTTP_INTERNAL_SERVER_ERROR; + } + if (valid == 0) { valid = r->cache->valid_sec; updating = r->cache->updating_sec; @@ -2514,13 +2548,23 @@ #if (NGX_HTTP_CACHE) if (r->cache) { - time_t valid; - valid = ngx_http_file_cache_valid(u->conf->cache_valid, status); + if (u->cacheable) { + time_t valid; - if (valid) { - r->cache->valid_sec = ngx_time() + valid; - r->cache->error = status; + valid = r->cache->valid_sec; + + if (valid == 0) { + valid = ngx_http_file_cache_valid(u->conf->cache_valid, + status); + if (valid) { + r->cache->valid_sec = ngx_time() + valid; + } + } + + if (valid) { + r->cache->error = status; + } } ngx_http_file_cache_free(r->cache, u->pipe->temp_file); @@ -2857,7 +2901,9 @@ u->pipe->downstream_error = 1; } - if (r->request_body && r->request_body->temp_file) { + if (r->request_body && r->request_body->temp_file + && r == r->main && !r->preserve_body) + { ngx_pool_run_cleanup_file(r->pool, r->request_body->temp_file->file.fd); r->request_body->temp_file->file.fd = NGX_INVALID_FILE; } @@ -3160,6 +3206,13 @@ / TODO: prevent upgrade if not requested or not possible / + if (r != r->main) { + ngx_log_error(NGX_LOG_ERR, c->log, 0, + "connection upgrade in subrequest"); + ngx_http_upstream_finalize_request(r, u, NGX_ERROR); + return; + } + r->keepalive = 0; c->log->action = "proxying upgraded connection"; @@ -4065,6 +4118,7 @@ switch (ft_type) { case NGX_HTTP_UPSTREAM_FT_TIMEOUT: + case NGX_HTTP_UPSTREAM_FT_HTTP_504: status = NGX_HTTP_GATEWAY_TIME_OUT; break; @@ -4072,6 +4126,10 @@ status = NGX_HTTP_INTERNAL_SERVER_ERROR; break; + case NGX_HTTP_UPSTREAM_FT_HTTP_503: + status = NGX_HTTP_SERVICE_UNAVAILABLE; + break; + case NGX_HTTP_UPSTREAM_FT_HTTP_403: status = NGX_HTTP_FORBIDDEN; break; @@ -4123,9 +4181,20 @@ rc = u->reinit_request(r); - if (rc == NGX_OK) { - u->cache_status = NGX_HTTP_CACHE_STALE; - rc = ngx_http_upstream_cache_send(r, u); + if (rc != NGX_OK) { + ngx_http_upstream_finalize_request(r, u, rc); + return; + } + + u->cache_status = NGX_HTTP_CACHE_STALE; + rc = ngx_http_upstream_cache_send(r, u); + + if (rc == NGX_DONE) { + return; + } + + if (rc == NGX_HTTP_UPSTREAM_INVALID_HEADER) { + rc = NGX_HTTP_INTERNAL_SERVER_ERROR; } ngx_http_upstream_finalize_request(r, u, rc); @@ -4384,15 +4453,8 @@ u = r->upstream; u->headers_in.last_modified = h; - -#if (NGX_HTTP_CACHE) - - if (u->cacheable) { - u->headers_in.last_modified_time = ngx_parse_http_time(h->value.data, - h->value.len); - } - -#endif + u->headers_in.last_modified_time = ngx_parse_http_time(h->value.data, + h->value.len); return NGX_OK; } @@ -4503,7 +4565,7 @@ } if (p >= '0' && p <= '9') { - n = n 10 + p - '0'; + n = n 10 + (p - '0'); continue; } @@ -4531,7 +4593,7 @@ } if (p >= '0' && p <= '9') { - n = n 10 + p - '0'; + n = n 10 + (p - '0'); continue; } @@ -4554,7 +4616,7 @@ } if (p >= '0' && p <= '9') { - n = n 10 + p - '0'; + n = n 10 + (p - '0'); continue; } @@ -4934,15 +4996,8 @@ ho = *h; r->headers_out.last_modified = ho; - -#if (NGX_HTTP_CACHE) - - if (r->upstream->cacheable) { - r->headers_out.last_modified_time = + r->headers_out.last_modified_time = r->upstream->headers_in.last_modified_time; - } - -#endif return NGX_OK; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_upstream.h ^
@@ -98,8 +98,8 @@ ngx_uint_t max_fails; time_t fail_timeout; ngx_msec_t slow_start; + ngx_uint_t down; - unsigned down:1; unsigned backup:1; NGX_COMPAT_BEGIN(6)
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_variables.c ^
@@ -376,7 +376,7 @@ { ngx_string("arg_"), NULL, ngx_http_variable_argument, 0, NGX_HTTP_VAR_NOCACHEABLE\|NGX_HTTP_VAR_PREFIX, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable }; @@ -1240,6 +1240,18 @@ break; #endif +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + + v->len = r->connection->addr_text.len; + v->valid = 1; + v->no_cacheable = 0; + v->not_found = 0; + v->data = r->connection->addr_text.data; + + break; +#endif + default: /* AF_INET / sin = (struct sockaddr_in ) r->connection->sockaddr; @@ -1463,17 +1475,15 @@ ngx_http_variable_is_args(ngx_http_request_t r, ngx_http_variable_value_t v, uintptr_t data) { - v->valid = 1; - v->no_cacheable = 0; - v->not_found = 0; - if (r->args.len == 0) { - v->len = 0; - v->data = NULL; + v = ngx_http_variable_null_value; return NGX_OK; } v->len = 1; + v->valid = 1; + v->no_cacheable = 0; + v->not_found = 0; v->data = (u_char ) "?"; return NGX_OK; @@ -1990,11 +2000,7 @@ return NGX_OK; } - v->len = 0; - v->valid = 1; - v->no_cacheable = 0; - v->not_found = 0; - v->data = (u_char ) ""; + v = ngx_http_variable_null_value; return NGX_OK; }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/ngx_http_variables.h ^
@@ -43,6 +43,8 @@ ngx_uint_t index; }; +#define ngx_http_null_variable { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_variable_t ngx_http_add_variable(ngx_conf_t cf, ngx_str_t *name, ngx_uint_t flags);
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/v2/ngx_http_v2.c ^
@@ -245,6 +245,8 @@ h2c->frame_size = NGX_HTTP_V2_DEFAULT_FRAME_SIZE; + h2c->table_update = 1; + h2scf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_v2_module); h2c->pool = ngx_create_pool(h2scf->pool_size, h2c->connection->log); @@ -746,7 +748,7 @@ type = ngx_http_v2_parse_type(head); ngx_log_debug4(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, - "process http2 frame type:%ui f:%Xd l:%uz sid:%ui", + "http2 frame type:%ui f:%Xd l:%uz sid:%ui", type, h2c->state.flags, h2c->state.length, h2c->state.sid); if (type >= NGX_HTTP_V2_FRAME_STATES) { @@ -1314,7 +1316,7 @@ } ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, - "http2 hpack %s string length: %i", + "http2 %s string, len:%i", huff ? "encoded" : "raw", len); h2scf = ngx_http_get_module_srv_conf(h2c->http_connection->conf_ctx, @@ -1569,7 +1571,7 @@ if (rc == NGX_OK) { ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "http2 pseudo-header: \":%V: %V\"", + "http2 header: \":%V: %V\"", &header->name, &header->value); return ngx_http_v2_state_header_complete(h2c, pos, end); @@ -1645,7 +1647,7 @@ } ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "http2 http header: \"%V: %V\"", + "http2 header: \"%V: %V\"", &header->name, &header->value); return ngx_http_v2_state_header_complete(h2c, pos, end); @@ -3335,6 +3337,19 @@ \|\| r->schema_start == NULL \|\| r->unparsed_uri.len == 0) { + if (r->method_name.len == 0) { + ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, + "client sent no :method header"); + + } else if (r->schema_start == NULL) { + ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, + "client sent no :schema header"); + + } else { + ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, + "client sent no :path header"); + } + ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST); return NGX_ERROR; } @@ -3360,7 +3375,7 @@ ngx_memcpy(p, ending, sizeof(ending)); ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "http2 http request line: \"%V\"", &r->request_line); + "http2 request line: \"%V\"", &r->request_line); return NGX_OK; } @@ -3574,11 +3589,6 @@ rb->buf = ngx_create_temp_buf(r->pool, (size_t) len); } else { - if (stream->preread) { - /* enforce writing preread buffer to file */ - r->request_body_in_file_only = 1; - } - rb->buf = ngx_calloc_buf(r->pool); if (rb->buf != NULL) { @@ -3679,6 +3689,8 @@ buf->pos = buf->start = pos; buf->last = buf->end = pos + size; + r->request_body_in_file_only = 1; + } else { if (size > (size_t) (buf->end - buf->last)) { ngx_log_error(NGX_LOG_INFO, fc->log, 0,
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/v2/ngx_http_v2.h ^
@@ -144,6 +144,7 @@ unsigned closed_nodes:8; unsigned settings_ack:1; + unsigned table_update:1; unsigned blocked:1; unsigned goaway:1; };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/v2/ngx_http_v2_filter_module.c ^
@@ -139,6 +139,7 @@ ngx_connection_t fc; ngx_http_cleanup_t cln; ngx_http_v2_out_frame_t frame; + ngx_http_v2_connection_t h2c; ngx_http_core_loc_conf_t clcf; ngx_http_core_srv_conf_t cscf; u_char addr[NGX_SOCKADDR_STRLEN]; @@ -235,7 +236,11 @@ } } - len = status ? 1 : 1 + ngx_http_v2_literal_size("418"); + h2c = r->stream->connection; + + len = h2c->table_update ? 1 : 0; + + len += status ? 1 : 1 + ngx_http_v2_literal_size("418"); clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); @@ -423,6 +428,13 @@ start = pos; + if (h2c->table_update) { + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0, + "http2 table size update: 0"); + pos++ = (1 << 5) \| 0; + h2c->table_update = 0; + } + ngx_log_debug1(NGX_LOG_DEBUG_HTTP, fc->log, 0, "http2 output header: \":status: %03ui\"", r->headers_out.status); @@ -1257,7 +1269,7 @@ ngx_http_v2_stream_t stream) { ngx_log_debug3(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, - "http2:%ui available windows: conn:%uz stream:%z", + "http2:%ui windows: conn:%uz stream:%z", stream->node->id, h2c->send_window, stream->send_window); if (stream->send_window <= 0) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/v2/ngx_http_v2_module.c ^
@@ -225,7 +225,7 @@ { ngx_string("http2"), NULL, ngx_http_v2_variable, 0, 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_http_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/http/v2/ngx_http_v2_table.c ^
@@ -102,7 +102,7 @@ ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, "http2 get indexed %s: %ui", - name_only ? "header" : "header name", index); + name_only ? "name" : "header", index); index--; @@ -180,7 +180,7 @@ ngx_http_v2_header_t entry, *entries; ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, - "http2 add header to hpack table: \"%V: %V\"", + "http2 table add: \"%V: %V\"", &header->name, &header->value); if (h2c->hpack.entries == NULL) { @@ -293,7 +293,7 @@ size += 32; ngx_log_debug2(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0, - "http2 hpack table account: %uz free:%uz", + "http2 table account: %uz free:%uz", size, h2c->hpack.free); if (size <= h2c->hpack.free) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/mail/ngx_mail_proxy_module.c ^
@@ -882,10 +882,13 @@ c = ev->data; s = c->data; - if (ev->timedout) { + if (ev->timedout \|\| c->close) { c->log->action = "proxying"; - if (c == s->connection) { + if (c->close) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, "shutdown timeout"); + + } else if (c == s->connection) { ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out"); c->timedout = 1;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/misc/ngx_google_perftools_module.c ^
@@ -36,7 +36,7 @@ offsetof(ngx_google_perftools_conf_t, profiles), NULL }, - ngx_null_command + ngx_null_command };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/os/unix/ngx_files.c ^
@@ -620,6 +620,7 @@ { fm->fd = ngx_open_file(fm->name, NGX_FILE_RDWR, NGX_FILE_TRUNCATE, NGX_FILE_DEFAULT_ACCESS); + if (fm->fd == NGX_INVALID_FILE) { ngx_log_error(NGX_LOG_CRIT, fm->log, ngx_errno, ngx_open_file_n " \"%s\" failed", fm->name);
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/os/unix/ngx_user.c ^
@@ -9,16 +9,6 @@ #include <ngx_core.h> -/* - * Solaris has thread-safe crypt() - * Linux has crypt_r(); "struct crypt_data" is more than 128K - * FreeBSD needs the mutex to protect crypt() - * - * TODO: - * ngx_crypt_init() to init mutex - */ - - #if (NGX_CRYPT) #if (NGX_HAVE_GNU_CRYPT_R)
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_geo_module.c ^
@@ -1326,7 +1326,8 @@ file.name = *name; file.log = cf->log; - file.fd = ngx_open_file(name->data, NGX_FILE_RDONLY, 0, 0); + file.fd = ngx_open_file(name->data, NGX_FILE_RDONLY, NGX_FILE_OPEN, 0); + if (file.fd == NGX_INVALID_FILE) { err = ngx_errno; if (err != NGX_ENOENT) {
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_geoip_module.c ^
@@ -210,7 +210,7 @@ ngx_stream_geoip_city_int_variable, offsetof(GeoIPRecord, area_code), 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_proxy_module.c ^
@@ -1290,6 +1290,12 @@ s = c->data; u = s->upstream; + if (c->close) { + ngx_log_error(NGX_LOG_INFO, c->log, 0, "shutdown timeout"); + ngx_stream_proxy_finalize(s, NGX_STREAM_OK); + return; + } + c = s->connection; pc = u->peer.connection; @@ -1331,13 +1337,17 @@ return; } + ngx_connection_error(pc, NGX_ETIMEDOUT, "upstream timed out"); + if (u->received == 0) { ngx_stream_proxy_next_upstream(s); return; } + + } else { + ngx_connection_error(c, NGX_ETIMEDOUT, "connection timed out"); } - ngx_connection_error(c, NGX_ETIMEDOUT, "connection timed out"); ngx_stream_proxy_finalize(s, NGX_STREAM_OK); return; } @@ -1665,13 +1675,17 @@ u = s->upstream; pc = u->peer.connection; - if (u->upstream_out \|\| u->upstream_busy \|\| (pc && pc->buffered)) { + if (pc && pc->buffered) { ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, - "pending buffers on next upstream"); + "buffered data on next upstream"); ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR); return; } + if (s->connection->type == SOCK_DGRAM) { + u->upstream_out = NULL; + } + if (u->peer.sockaddr) { u->peer.free(&u->peer, u->peer.data, NGX_PEER_FAILED); u->peer.sockaddr = NULL;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_realip_module.c ^
@@ -89,7 +89,7 @@ { ngx_string("realip_remote_port"), NULL, ngx_stream_realip_remote_port_variable, 0, 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_ssl_module.c ^
@@ -249,6 +249,10 @@ (uintptr_t) ngx_ssl_get_raw_certificate, NGX_STREAM_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_client_escaped_cert"), NULL, ngx_stream_ssl_variable, + (uintptr_t) ngx_ssl_get_escaped_certificate, + NGX_STREAM_VAR_CHANGEABLE, 0 }, + { ngx_string("ssl_client_s_dn"), NULL, ngx_stream_ssl_variable, (uintptr_t) ngx_ssl_get_subject_dn, NGX_STREAM_VAR_CHANGEABLE, 0 }, @@ -273,7 +277,7 @@ { ngx_string("ssl_client_v_remain"), NULL, ngx_stream_ssl_variable, (uintptr_t) ngx_ssl_get_client_v_remain, NGX_STREAM_VAR_CHANGEABLE, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_ssl_preread_module.c ^
@@ -85,7 +85,7 @@ { ngx_string("ssl_preread_server_name"), NULL, ngx_stream_ssl_preread_server_name_variable, 0, 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_upstream.c ^
@@ -100,7 +100,7 @@ ngx_stream_upstream_bytes_variable, 1, NGX_STREAM_VAR_NOCACHEABLE, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_null_variable };
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_upstream.h ^
@@ -58,8 +58,8 @@ ngx_uint_t max_fails; time_t fail_timeout; ngx_msec_t slow_start; + ngx_uint_t down; - unsigned down:1; unsigned backup:1; NGX_COMPAT_BEGIN(4)
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_upstream_hash_module.c ^
@@ -505,6 +505,11 @@ ngx_stream_upstream_rr_peers_wlock(hp->rrp.peers); + if (hp->tries > 20 \|\| hp->rrp.peers->single) { + ngx_stream_upstream_rr_peers_unlock(hp->rrp.peers); + return hp->get_rr_peer(pc, &hp->rrp); + } + pc->connection = NULL; now = ngx_time(); @@ -539,13 +544,6 @@ continue; } - if (peer->server.len != server->len - \|\| ngx_strncmp(peer->server.data, server->data, server->len) - != 0) - { - continue; - } - if (peer->max_fails && peer->fails >= peer->max_fails && now - peer->checked <= peer->fail_timeout) @@ -557,6 +555,13 @@ continue; } + if (peer->server.len != server->len + \|\| ngx_strncmp(peer->server.data, server->data, server->len) + != 0) + { + continue; + } + peer->current_weight += peer->effective_weight; total += peer->effective_weight; @@ -578,10 +583,9 @@ hp->hash++; hp->tries++; - if (hp->tries >= points->number) { - pc->name = hp->rrp.peers->name; + if (hp->tries > 20) { ngx_stream_upstream_rr_peers_unlock(hp->rrp.peers); - return NGX_BUSY; + return hp->get_rr_peer(pc, &hp->rrp); } }
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_upstream_zone_module.c ^
@@ -16,6 +16,8 @@ void data); static ngx_stream_upstream_rr_peers_t ngx_stream_upstream_zone_copy_peers( ngx_slab_pool_t shpool, ngx_stream_upstream_srv_conf_t uscf); +static ngx_stream_upstream_rr_peer_t ngx_stream_upstream_zone_copy_peer( + ngx_stream_upstream_rr_peers_t peers, ngx_stream_upstream_rr_peer_t src); static ngx_command_t ngx_stream_upstream_zone_commands[] = { @@ -182,6 +184,7 @@ ngx_stream_upstream_zone_copy_peers(ngx_slab_pool_t shpool, ngx_stream_upstream_srv_conf_t uscf) { + ngx_str_t name; ngx_stream_upstream_rr_peer_t peer, peerp; ngx_stream_upstream_rr_peers_t peers, backup; @@ -192,18 +195,30 @@ ngx_memcpy(peers, uscf->peer.data, sizeof(ngx_stream_upstream_rr_peers_t)); + name = ngx_slab_alloc(shpool, sizeof(ngx_str_t)); + if (name == NULL) { + return NULL; + } + + name->data = ngx_slab_alloc(shpool, peers->name->len); + if (name->data == NULL) { + return NULL; + } + + ngx_memcpy(name->data, peers->name->data, peers->name->len); + name->len = peers->name->len; + + peers->name = name; + peers->shpool = shpool; for (peerp = &peers->peer; peerp; peerp = &peer->next) { /* pool is unlocked / - peer = ngx_slab_calloc_locked(shpool, - sizeof(ngx_stream_upstream_rr_peer_t)); + peer = ngx_stream_upstream_zone_copy_peer(peers, peerp); if (peer == NULL) { return NULL; } - ngx_memcpy(peer, peerp, sizeof(ngx_stream_upstream_rr_peer_t)); - peerp = peer; } @@ -218,18 +233,17 @@ ngx_memcpy(backup, peers->next, sizeof(ngx_stream_upstream_rr_peers_t)); + backup->name = name; + backup->shpool = shpool; for (peerp = &backup->peer; peerp; peerp = &peer->next) { / pool is unlocked / - peer = ngx_slab_calloc_locked(shpool, - sizeof(ngx_stream_upstream_rr_peer_t)); + peer = ngx_stream_upstream_zone_copy_peer(backup, peerp); if (peer == NULL) { return NULL; } - ngx_memcpy(peer, peerp, sizeof(ngx_stream_upstream_rr_peer_t)); - peerp = peer; } @@ -241,3 +255,68 @@ return peers; } + + +static ngx_stream_upstream_rr_peer_t * +ngx_stream_upstream_zone_copy_peer(ngx_stream_upstream_rr_peers_t peers, + ngx_stream_upstream_rr_peer_t src) +{ + ngx_slab_pool_t pool; + ngx_stream_upstream_rr_peer_t dst; + + pool = peers->shpool; + + dst = ngx_slab_calloc_locked(pool, sizeof(ngx_stream_upstream_rr_peer_t)); + if (dst == NULL) { + return NULL; + } + + if (src) { + ngx_memcpy(dst, src, sizeof(ngx_stream_upstream_rr_peer_t)); + dst->sockaddr = NULL; + dst->name.data = NULL; + dst->server.data = NULL; + } + + dst->sockaddr = ngx_slab_calloc_locked(pool, sizeof(ngx_sockaddr_t)); + if (dst->sockaddr == NULL) { + goto failed; + } + + dst->name.data = ngx_slab_calloc_locked(pool, NGX_SOCKADDR_STRLEN); + if (dst->name.data == NULL) { + goto failed; + } + + if (src) { + ngx_memcpy(dst->sockaddr, src->sockaddr, src->socklen); + ngx_memcpy(dst->name.data, src->name.data, src->name.len); + + dst->server.data = ngx_slab_alloc_locked(pool, src->server.len); + if (dst->server.data == NULL) { + goto failed; + } + + ngx_memcpy(dst->server.data, src->server.data, src->server.len); + } + + return dst; + +failed: + + if (dst->server.data) { + ngx_slab_free_locked(pool, dst->server.data); + } + + if (dst->name.data) { + ngx_slab_free_locked(pool, dst->name.data); + } + + if (dst->sockaddr) { + ngx_slab_free_locked(pool, dst->sockaddr); + } + + ngx_slab_free_locked(pool, dst); + + return NULL; +}
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_variables.c ^
@@ -111,7 +111,7 @@ { ngx_string("protocol"), NULL, ngx_stream_variable_protocol, 0, 0, 0 }, - { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_null_variable }; @@ -460,7 +460,7 @@ static ngx_int_t ngx_stream_variable_binary_remote_addr(ngx_stream_session_t s, ngx_stream_variable_value_t v, uintptr_t data) - { +{ struct sockaddr_in sin; #if (NGX_HAVE_INET6) struct sockaddr_in6 sin6; @@ -480,6 +480,18 @@ break; #endif + +#if (NGX_HAVE_UNIX_DOMAIN) + case AF_UNIX: + + v->len = s->connection->addr_text.len; + v->valid = 1; + v->no_cacheable = 0; + v->not_found = 0; + v->data = s->connection->addr_text.data; + + break; +#endif default: /* AF_INET / sin = (struct sockaddr_in ) s->connection->sockaddr;
[-] [+]	Changed	_service:download_url:nginx-1.13.7.tar.gz/src/stream/ngx_stream_variables.h ^
@@ -43,6 +43,8 @@ ngx_uint_t index; }; +#define ngx_stream_null_variable { ngx_null_string, NULL, NULL, 0, 0, 0 } + ngx_stream_variable_t ngx_stream_add_variable(ngx_conf_t cf, ngx_str_t *name, ngx_uint_t flags);
	Deleted	_service:download_url:openssl-1.1.0f.tar.gz ^
	Added	_service:download_url:openssl-1.1.0g.tar.gz ^