[-]
[+]
|
Changed |
nginx.spec
|
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/CHANGES
^
|
@@ -1,4 +1,24 @@
+Changes with nginx 1.9.1 26 May 2015
+
+ *) Change: now SSLv3 protocol is disabled by default.
+
+ *) Change: some long deprecated directives are not supported anymore.
+
+ *) Feature: the "reuseport" parameter of the "listen" directive.
+ Thanks to Sepherosa Ziehau and Yingqi Lu.
+
+ *) Feature: the $upstream_connect_time variable.
+
+ *) Bugfix: in the "hash" directive on big-endian platforms.
+
+ *) Bugfix: nginx might fail to start on some old Linux variants; the bug
+ had appeared in 1.7.11.
+
+ *) Bugfix: in IP address parsing.
+ Thanks to Sergey Polovko.
+
+
Changes with nginx 1.9.0 28 Apr 2015
*) Change: obsolete aio and rtsig event methods have been removed.
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/CHANGES.ru
^
|
@@ -1,4 +1,25 @@
+Изменения в nginx 1.9.1 26.05.2015
+
+ *) Изменение: теперь протокол SSLv3 по умолчанию запрещён.
+
+ *) Изменение: некоторые давно устаревшие директивы больше не
+ поддерживаются.
+
+ *) Добавление: параметр reuseport директивы listen.
+ Спасибо Sepherosa Ziehau и Yingqi Lu.
+
+ *) Добавление: переменная $upstream_connect_time.
+
+ *) Исправление: в директиве hash на big-endian платформах.
+
+ *) Исправление: nginx мог не запускаться на некоторых старых версиях
+ Linux; ошибка появилась в 1.7.11.
+
+ *) Исправление: в парсинге IP-адресов.
+ Спасибо Сергею Половко.
+
+
Изменения в nginx 1.9.0 28.04.2015
*) Изменение: устаревшие методы обработки соединений aio и rtsig больше
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/auto/options
^
|
@@ -243,12 +243,6 @@
--without-http_uwsgi_module) HTTP_UWSGI=NO ;;
--without-http_scgi_module) HTTP_SCGI=NO ;;
--without-http_memcached_module) HTTP_MEMCACHED=NO ;;
- --without-http_limit_zone_module)
- HTTP_LIMIT_CONN=NO
- NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
-$0: warning: the \"--without-http_limit_zone_module\" option is deprecated, \
-use the \"--without-http_limit_conn_module\" option instead"
- ;;
--without-http_limit_conn_module) HTTP_LIMIT_CONN=NO ;;
--without-http_limit_req_module) HTTP_LIMIT_REQ=NO ;;
--without-http_empty_gif_module) HTTP_EMPTY_GIF=NO ;;
@@ -270,8 +264,18 @@
--with-mail) MAIL=YES ;;
--with-mail_ssl_module) MAIL_SSL=YES ;;
# STUB
- --with-imap) MAIL=YES ;;
- --with-imap_ssl_module) MAIL_SSL=YES ;;
+ --with-imap)
+ MAIL=YES
+ NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
+$0: warning: the \"--with-imap\" option is deprecated, \
+use the \"--with-mail\" option instead"
+ ;;
+ --with-imap_ssl_module)
+ MAIL_SSL=YES
+ NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
+$0: warning: the \"--with-imap_ssl_module\" option is deprecated, \
+use the \"--with-mail_ssl_module\" option instead"
+ ;;
--without-mail_pop3_module) MAIL_POP3=NO ;;
--without-mail_imap_module) MAIL_IMAP=NO ;;
--without-mail_smtp_module) MAIL_SMTP=NO ;;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/auto/os/conf
^
|
@@ -60,6 +60,15 @@
CORE_SRCS="$UNIX_SRCS"
;;
+ GNU:*)
+ # GNU Hurd
+ have=NGX_GNU_HURD . auto/have_headers
+ CORE_INCS="$UNIX_INCS"
+ CORE_DEPS="$UNIX_DEPS $POSIX_DEPS"
+ CORE_SRCS="$UNIX_SRCS"
+ CC_AUX_FLAGS="$CC_AUX_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64"
+ ;;
+
*)
CORE_INCS="$UNIX_INCS"
CORE_DEPS="$UNIX_DEPS $POSIX_DEPS"
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/auto/unix
^
|
@@ -304,7 +304,17 @@
ngx_feature_incs="#include <sys/socket.h>"
ngx_feature_path=
ngx_feature_libs=
-ngx_feature_test="setsockopt(0, SOL_SOCKET, SO_SETFIB, NULL, 4)"
+ngx_feature_test="setsockopt(0, SOL_SOCKET, SO_SETFIB, NULL, 0)"
+. auto/feature
+
+
+ngx_feature="SO_REUSEPORT"
+ngx_feature_name="NGX_HAVE_REUSEPORT"
+ngx_feature_run=no
+ngx_feature_incs="#include <sys/socket.h>"
+ngx_feature_path=
+ngx_feature_libs=
+ngx_feature_test="setsockopt(0, SOL_SOCKET, SO_REUSEPORT, NULL, 0)"
. auto/feature
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/core/nginx.h
^
|
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1009000
-#define NGINX_VERSION "1.9.0"
+#define nginx_version 1009001
+#define NGINX_VERSION "1.9.1"
#define NGINX_VER "nginx/" NGINX_VERSION
#ifdef NGX_BUILD
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/core/ngx_connection.c
^
|
@@ -91,6 +91,43 @@
ngx_int_t
+ngx_clone_listening(ngx_conf_t *cf, ngx_listening_t *ls)
+{
+#if (NGX_HAVE_REUSEPORT)
+
+ ngx_int_t n;
+ ngx_core_conf_t *ccf;
+ ngx_listening_t ols;
+
+ if (!ls->reuseport) {
+ return NGX_OK;
+ }
+
+ ols = *ls;
+
+ ccf = (ngx_core_conf_t *) ngx_get_conf(cf->cycle->conf_ctx,
+ ngx_core_module);
+
+ for (n = 1; n < ccf->worker_processes; n++) {
+
+ /* create a socket for each worker process */
+
+ ls = ngx_array_push(&cf->cycle->listening);
+ if (ls == NULL) {
+ return NGX_ERROR;
+ }
+
+ *ls = ols;
+ ls->worker = n;
+ }
+
+#endif
+
+ return NGX_OK;
+}
+
+
+ngx_int_t
ngx_set_inherited_sockets(ngx_cycle_t *cycle)
{
size_t len;
@@ -106,6 +143,9 @@
#if (NGX_HAVE_DEFERRED_ACCEPT && defined TCP_DEFER_ACCEPT)
int timeout;
#endif
+#if (NGX_HAVE_REUSEPORT)
+ int reuseport;
+#endif
ls = cycle->listening.elts;
for (i = 0; i < cycle->listening.nelts; i++) {
@@ -215,6 +255,25 @@
#endif
#endif
+#if (NGX_HAVE_REUSEPORT)
+
+ reuseport = 0;
+ olen = sizeof(int);
+
+ if (getsockopt(ls[i].fd, SOL_SOCKET, SO_REUSEPORT,
+ (void *) &reuseport, &olen)
+ == -1)
+ {
+ ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_socket_errno,
+ "getsockopt(SO_REUSEPORT) %V failed, ignored",
+ &ls[i].addr_text);
+
+ } else {
+ ls[i].reuseport = reuseport ? 1 : 0;
+ }
+
+#endif
+
#if (NGX_HAVE_TCP_FASTOPEN)
olen = sizeof(int);
@@ -332,6 +391,31 @@
continue;
}
+#if (NGX_HAVE_REUSEPORT)
+
+ if (ls[i].add_reuseport) {
+
+ /*
+ * to allow transition from a socket without SO_REUSEPORT
+ * to multiple sockets with SO_REUSEPORT, we have to set
+ * SO_REUSEPORT on the old socket before opening new ones
+ */
+
+ int reuseport = 1;
+
+ if (setsockopt(ls[i].fd, SOL_SOCKET, SO_REUSEPORT,
+ (const void *) &reuseport, sizeof(int))
+ == -1)
+ {
+ ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_socket_errno,
+ "setsockopt(SO_REUSEPORT) %V failed, ignored",
+ &ls[i].addr_text);
+ }
+
+ ls[i].add_reuseport = 0;
+ }
+#endif
+
if (ls[i].fd != (ngx_socket_t) -1) {
continue;
}
@@ -370,6 +454,32 @@
return NGX_ERROR;
}
+#if (NGX_HAVE_REUSEPORT)
+
+ if (ls[i].reuseport) {
+ int reuseport;
+
+ reuseport = 1;
+
+ if (setsockopt(s, SOL_SOCKET, SO_REUSEPORT,
+ (const void *) &reuseport, sizeof(int))
+ == -1)
+ {
+ ngx_log_error(NGX_LOG_EMERG, log, ngx_socket_errno,
+ "setsockopt(SO_REUSEPORT) %V failed, ignored",
+ &ls[i].addr_text);
+
+ if (ngx_close_socket(s) == -1) {
+ ngx_log_error(NGX_LOG_EMERG, log, ngx_socket_errno,
+ ngx_close_socket_n " %V failed",
+ &ls[i].addr_text);
+ }
+
+ return NGX_ERROR;
+ }
+ }
+#endif
+
#if (NGX_HAVE_INET6 && defined IPV6_V6ONLY)
if (ls[i].sockaddr->sa_family == AF_INET6) {
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/core/ngx_connection.h
^
|
@@ -51,6 +51,8 @@
ngx_listening_t *previous;
ngx_connection_t *connection;
+ ngx_uint_t worker;
+
unsigned open:1;
unsigned remain:1;
unsigned ignore:1;
@@ -66,6 +68,10 @@
#if (NGX_HAVE_INET6 && defined IPV6_V6ONLY)
unsigned ipv6only:1;
#endif
+#if (NGX_HAVE_REUSEPORT)
+ unsigned reuseport:1;
+ unsigned add_reuseport:1;
+#endif
unsigned keepalive:2;
#if (NGX_HAVE_DEFERRED_ACCEPT)
@@ -203,6 +209,7 @@
ngx_listening_t *ngx_create_listening(ngx_conf_t *cf, void *sockaddr,
socklen_t socklen);
+ngx_int_t ngx_clone_listening(ngx_conf_t *cf, ngx_listening_t *ls);
ngx_int_t ngx_set_inherited_sockets(ngx_cycle_t *cycle);
ngx_int_t ngx_open_listening_sockets(ngx_cycle_t *cycle);
void ngx_configure_listening_sockets(ngx_cycle_t *cycle);
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/core/ngx_cycle.c
^
|
@@ -493,6 +493,10 @@
continue;
}
+ if (ls[i].remain) {
+ continue;
+ }
+
if (ngx_cmp_sockaddr(nls[n].sockaddr, nls[n].socklen,
ls[i].sockaddr, ls[i].socklen, 1)
== NGX_OK)
@@ -540,6 +544,13 @@
nls[n].add_deferred = 1;
}
#endif
+
+#if (NGX_HAVE_REUSEPORT)
+ if (nls[n].reuseport && !ls[i].reuseport) {
+ nls[n].add_reuseport = 1;
+ }
+#endif
+
break;
}
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/core/ngx_inet.c
^
|
@@ -26,15 +26,15 @@
n = 0;
for (p = text; p < text + len; p++) {
-
- if (octet > 255) {
- return INADDR_NONE;
- }
-
c = *p;
if (c >= '0' && c <= '9') {
octet = octet * 10 + (c - '0');
+
+ if (octet > 255) {
+ return INADDR_NONE;
+ }
+
continue;
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/core/ngx_log.c
^
|
@@ -609,7 +609,7 @@
return NGX_CONF_ERROR;
}
- buf = ngx_palloc(cf->pool, sizeof(ngx_log_memory_buf_t));
+ buf = ngx_pcalloc(cf->pool, sizeof(ngx_log_memory_buf_t));
if (buf == NULL) {
return NGX_CONF_ERROR;
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/event/modules/ngx_epoll_module.c
^
|
@@ -329,7 +329,7 @@
#if (NGX_HAVE_EVENTFD)
if (ngx_epoll_notify_init(cycle->log) != NGX_OK) {
- return NGX_ERROR;
+ ngx_epoll_module_ctx.actions.notify = NULL;
}
#endif
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/event/ngx_event.c
^
|
@@ -126,13 +126,6 @@
0,
NULL },
- { ngx_string("connections"),
- NGX_EVENT_CONF|NGX_CONF_TAKE1,
- ngx_event_connections,
- 0,
- 0,
- NULL },
-
{ ngx_string("use"),
NGX_EVENT_CONF|NGX_CONF_TAKE1,
ngx_event_use,
@@ -732,6 +725,12 @@
ls = cycle->listening.elts;
for (i = 0; i < cycle->listening.nelts; i++) {
+#if (NGX_HAVE_REUSEPORT)
+ if (ls[i].reuseport && ls[i].worker != ngx_worker) {
+ continue;
+ }
+#endif
+
c = ngx_get_connection(ls[i].fd, cycle->log);
if (c == NULL) {
@@ -812,7 +811,12 @@
rev->handler = ngx_event_accept;
- if (ngx_use_accept_mutex) {
+ if (ngx_use_accept_mutex
+#if (NGX_HAVE_REUSEPORT)
+ && !ls[i].reuseport
+#endif
+ )
+ {
continue;
}
@@ -956,12 +960,6 @@
return "is duplicate";
}
- if (ngx_strcmp(cmd->name.data, "connections") == 0) {
- ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
- "the \"connections\" directive is deprecated, "
- "use the \"worker_connections\" directive instead");
- }
-
value = cf->args->elts;
ecf->connections = ngx_atoi(value[1].data, value[1].len);
if (ecf->connections == (ngx_uint_t) NGX_ERROR) {
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/event/ngx_event.h
^
|
@@ -68,6 +68,14 @@
unsigned posted:1;
+ unsigned closed:1;
+
+ /* to test on worker exit */
+ unsigned channel:1;
+ unsigned resolver:1;
+
+ unsigned cancelable:1;
+
#if (NGX_WIN32)
/* setsockopt(SO_UPDATE_ACCEPT_CONTEXT) was successful */
unsigned accept_context_updated:1;
@@ -116,15 +124,6 @@
/* the posted queue */
ngx_queue_t queue;
- unsigned closed:1;
-
- /* to test on worker exit */
- unsigned channel:1;
- unsigned resolver:1;
-
- unsigned cancelable:1;
-
-
#if 0
/* the threads support */
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/event/ngx_event_accept.c
^
|
@@ -11,7 +11,7 @@
static ngx_int_t ngx_enable_accept_events(ngx_cycle_t *cycle);
-static ngx_int_t ngx_disable_accept_events(ngx_cycle_t *cycle);
+static ngx_int_t ngx_disable_accept_events(ngx_cycle_t *cycle, ngx_uint_t all);
static void ngx_close_accepted_connection(ngx_connection_t *c);
@@ -109,7 +109,7 @@
}
if (err == NGX_EMFILE || err == NGX_ENFILE) {
- if (ngx_disable_accept_events((ngx_cycle_t *) ngx_cycle)
+ if (ngx_disable_accept_events((ngx_cycle_t *) ngx_cycle, 1)
!= NGX_OK)
{
return;
@@ -390,7 +390,7 @@
"accept mutex lock failed: %ui", ngx_accept_mutex_held);
if (ngx_accept_mutex_held) {
- if (ngx_disable_accept_events(cycle) == NGX_ERROR) {
+ if (ngx_disable_accept_events(cycle, 0) == NGX_ERROR) {
return NGX_ERROR;
}
@@ -413,7 +413,7 @@
c = ls[i].connection;
- if (c->read->active) {
+ if (c == NULL || c->read->active) {
continue;
}
@@ -427,7 +427,7 @@
static ngx_int_t
-ngx_disable_accept_events(ngx_cycle_t *cycle)
+ngx_disable_accept_events(ngx_cycle_t *cycle, ngx_uint_t all)
{
ngx_uint_t i;
ngx_listening_t *ls;
@@ -438,10 +438,23 @@
c = ls[i].connection;
- if (!c->read->active) {
+ if (c == NULL || !c->read->active) {
continue;
}
+#if (NGX_HAVE_REUSEPORT)
+
+ /*
+ * do not disable accept on worker's own sockets
+ * when disabling accept events due to accept mutex
+ */
+
+ if (ls[i].reuseport && !all) {
+ continue;
+ }
+
+#endif
+
if (ngx_del_event(c->read, NGX_READ_EVENT, NGX_DISABLE_EVENT)
== NGX_ERROR)
{
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/modules/ngx_http_proxy_module.c
^
|
@@ -3168,9 +3168,8 @@
prev->upstream.ssl_session_reuse, 1);
ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3
- |NGX_SSL_TLSv1|NGX_SSL_TLSv1_1
- |NGX_SSL_TLSv1_2));
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers,
"DEFAULT");
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/modules/ngx_http_ssl_module.c
^
|
@@ -561,7 +561,7 @@
prev->prefer_server_ciphers, 0);
ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
|NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size,
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/modules/ngx_http_upstream_hash_module.c
^
|
@@ -277,13 +277,17 @@
{
u_char *host, *port, c;
size_t host_len, port_len, size;
- uint32_t hash, base_hash, prev_hash;
+ uint32_t hash, base_hash;
ngx_str_t *server;
ngx_uint_t npoints, i, j;
ngx_http_upstream_rr_peer_t *peer;
ngx_http_upstream_rr_peers_t *peers;
ngx_http_upstream_chash_points_t *points;
ngx_http_upstream_hash_srv_conf_t *hcf;
+ union {
+ uint32_t value;
+ u_char byte[4];
+ } prev_hash;
if (ngx_http_upstream_init_round_robin(cf, us) != NGX_OK) {
return NGX_ERROR;
@@ -350,20 +354,27 @@
ngx_crc32_update(&base_hash, (u_char *) "", 1);
ngx_crc32_update(&base_hash, port, port_len);
- prev_hash = 0;
+ prev_hash.value = 0;
npoints = peer->weight * 160;
for (j = 0; j < npoints; j++) {
hash = base_hash;
- ngx_crc32_update(&hash, (u_char *) &prev_hash, sizeof(uint32_t));
+ ngx_crc32_update(&hash, prev_hash.byte, 4);
ngx_crc32_final(hash);
points->point[points->number].hash = hash;
points->point[points->number].server = server;
points->number++;
- prev_hash = hash;
+#if (NGX_HAVE_LITTLE_ENDIAN)
+ prev_hash.value = hash;
+#else
+ prev_hash.byte[0] = (u_char) (hash & 0xff);
+ prev_hash.byte[1] = (u_char) ((hash >> 8) & 0xff);
+ prev_hash.byte[2] = (u_char) ((hash >> 16) & 0xff);
+ prev_hash.byte[3] = (u_char) ((hash >> 24) & 0xff);
+#endif
}
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/modules/ngx_http_uwsgi_module.c
^
|
@@ -1724,9 +1724,8 @@
prev->upstream.ssl_session_reuse, 1);
ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3
- |NGX_SSL_TLSv1|NGX_SSL_TLSv1_1
- |NGX_SSL_TLSv1_2));
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers,
"DEFAULT");
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/ngx_http.c
^
|
@@ -1719,13 +1719,7 @@
ls->servers = hport;
- if (i == last - 1) {
- hport->naddrs = last;
-
- } else {
- hport->naddrs = 1;
- i = 0;
- }
+ hport->naddrs = i + 1;
switch (ls->sockaddr->sa_family) {
@@ -1743,6 +1737,10 @@
break;
}
+ if (ngx_clone_listening(cf, ls) != NGX_OK) {
+ return NGX_ERROR;
+ }
+
addr++;
last--;
}
@@ -1821,6 +1819,10 @@
ls->fastopen = addr->opt.fastopen;
#endif
+#if (NGX_HAVE_REUSEPORT)
+ ls->reuseport = addr->opt.reuseport;
+#endif
+
return ls;
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/ngx_http_core_module.c
^
|
@@ -96,18 +96,6 @@
static ngx_conf_post_handler_pt ngx_http_core_pool_size_p =
ngx_http_core_pool_size;
-static ngx_conf_deprecated_t ngx_conf_deprecated_optimize_server_names = {
- ngx_conf_deprecated, "optimize_server_names", "server_name_in_redirect"
-};
-
-static ngx_conf_deprecated_t ngx_conf_deprecated_open_file_cache_retest = {
- ngx_conf_deprecated, "open_file_cache_retest", "open_file_cache_valid"
-};
-
-static ngx_conf_deprecated_t ngx_conf_deprecated_satisfy_any = {
- ngx_conf_deprecated, "satisfy_any", "satisfy"
-};
-
static ngx_conf_enum_t ngx_http_core_request_body_in_file[] = {
{ ngx_string("off"), NGX_HTTP_REQUEST_BODY_FILE_OFF },
@@ -255,13 +243,6 @@
offsetof(ngx_http_core_srv_conf_t, large_client_header_buffers),
NULL },
- { ngx_string("optimize_server_names"),
- NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
- ngx_conf_set_flag_slot,
- NGX_HTTP_LOC_CONF_OFFSET,
- offsetof(ngx_http_core_loc_conf_t, server_name_in_redirect),
- &ngx_conf_deprecated_optimize_server_names },
-
{ ngx_string("ignore_invalid_headers"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
ngx_conf_set_flag_slot,
@@ -519,13 +500,6 @@
offsetof(ngx_http_core_loc_conf_t, satisfy),
&ngx_http_core_satisfy },
- { ngx_string("satisfy_any"),
- NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
- ngx_conf_set_flag_slot,
- NGX_HTTP_LOC_CONF_OFFSET,
- offsetof(ngx_http_core_loc_conf_t, satisfy),
- &ngx_conf_deprecated_satisfy_any },
-
{ ngx_string("internal"),
NGX_HTTP_LOC_CONF|NGX_CONF_NOARGS,
ngx_http_core_internal,
@@ -689,13 +663,6 @@
offsetof(ngx_http_core_loc_conf_t, open_file_cache_valid),
NULL },
- { ngx_string("open_file_cache_retest"),
- NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
- ngx_conf_set_sec_slot,
- NGX_HTTP_LOC_CONF_OFFSET,
- offsetof(ngx_http_core_loc_conf_t, open_file_cache_valid),
- &ngx_conf_deprecated_open_file_cache_retest },
-
{ ngx_string("open_file_cache_min_uses"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
ngx_conf_set_num_slot,
@@ -4199,6 +4166,19 @@
#endif
}
+ if (ngx_strcmp(value[n].data, "reuseport") == 0) {
+#if (NGX_HAVE_REUSEPORT)
+ lsopt.reuseport = 1;
+ lsopt.set = 1;
+ lsopt.bind = 1;
+#else
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "reuseport is not supported "
+ "on this platform, ignored");
+#endif
+ continue;
+ }
+
if (ngx_strcmp(value[n].data, "ssl") == 0) {
#if (NGX_HTTP_SSL)
lsopt.ssl = 1;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/ngx_http_core_module.h
^
|
@@ -85,6 +85,9 @@
#if (NGX_HAVE_INET6 && defined IPV6_V6ONLY)
unsigned ipv6only:1;
#endif
+#if (NGX_HAVE_REUSEPORT)
+ unsigned reuseport:1;
+#endif
unsigned so_keepalive:2;
unsigned proxy_protocol:1;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/ngx_http_upstream.c
^
|
@@ -363,6 +363,10 @@
ngx_http_upstream_status_variable, 0,
NGX_HTTP_VAR_NOCACHEABLE, 0 },
+ { ngx_string("upstream_connect_time"), NULL,
+ ngx_http_upstream_response_time_variable, 2,
+ NGX_HTTP_VAR_NOCACHEABLE, 0 },
+
{ ngx_string("upstream_header_time"), NULL,
ngx_http_upstream_response_time_variable, 1,
NGX_HTTP_VAR_NOCACHEABLE, 0 },
@@ -1300,15 +1304,12 @@
ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
{
ngx_int_t rc;
- ngx_time_t *tp;
ngx_connection_t *c;
r->connection->log->action = "connecting to upstream";
- if (u->state && u->state->response_sec) {
- tp = ngx_timeofday();
- u->state->response_sec = tp->sec - u->state->response_sec;
- u->state->response_msec = tp->msec - u->state->response_msec;
+ if (u->state && u->state->response_time) {
+ u->state->response_time = ngx_current_msec - u->state->response_time;
}
u->state = ngx_array_push(r->upstream_states);
@@ -1320,10 +1321,9 @@
ngx_memzero(u->state, sizeof(ngx_http_upstream_state_t));
- tp = ngx_timeofday();
- u->state->response_sec = tp->sec;
- u->state->response_msec = tp->msec;
- u->state->header_sec = (time_t) NGX_ERROR;
+ u->state->response_time = ngx_current_msec;
+ u->state->connect_time = (ngx_msec_t) -1;
+ u->state->header_time = (ngx_msec_t) -1;
rc = ngx_event_connect_peer(&u->peer);
@@ -1765,6 +1765,10 @@
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http upstream send request");
+ if (u->state->connect_time == (ngx_msec_t) -1) {
+ u->state->connect_time = ngx_current_msec - u->state->response_time;
+ }
+
if (!u->request_sent && ngx_http_upstream_test_connect(c) != NGX_OK) {
ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR);
return;
@@ -2017,7 +2021,6 @@
{
ssize_t n;
ngx_int_t rc;
- ngx_time_t *tp;
ngx_connection_t *c;
c = u->peer.connection;
@@ -2138,9 +2141,7 @@
/* rc == NGX_OK */
- tp = ngx_timeofday();
- u->state->header_sec = tp->sec - u->state->response_sec;
- u->state->header_msec = tp->msec - u->state->response_msec;
+ u->state->header_time = ngx_current_msec - u->state->response_time;
if (u->headers_in.status_n >= NGX_HTTP_SPECIAL_RESPONSE) {
@@ -3923,8 +3924,7 @@
ngx_http_upstream_finalize_request(ngx_http_request_t *r,
ngx_http_upstream_t *u, ngx_int_t rc)
{
- ngx_uint_t flush;
- ngx_time_t *tp;
+ ngx_uint_t flush;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"finalize http upstream request: %i", rc);
@@ -3943,10 +3943,8 @@
u->resolved->ctx = NULL;
}
- if (u->state && u->state->response_sec) {
- tp = ngx_timeofday();
- u->state->response_sec = tp->sec - u->state->response_sec;
- u->state->response_msec = tp->msec - u->state->response_msec;
+ if (u->state && u->state->response_time) {
+ u->state->response_time = ngx_current_msec - u->state->response_time;
if (u->pipe && u->pipe->read_length) {
u->state->response_length = u->pipe->read_length;
@@ -5020,15 +5018,14 @@
for ( ;; ) {
if (state[i].status) {
- if (data
- && state[i].header_sec != (time_t) NGX_ERROR)
- {
- ms = (ngx_msec_int_t)
- (state[i].header_sec * 1000 + state[i].header_msec);
+ if (data == 1 && state[i].header_time != (ngx_msec_t) -1) {
+ ms = state[i].header_time;
+
+ } else if (data == 2 && state[i].connect_time != (ngx_msec_t) -1) {
+ ms = state[i].connect_time;
} else {
- ms = (ngx_msec_int_t)
- (state[i].response_sec * 1000 + state[i].response_msec);
+ ms = state[i].response_time;
}
ms = ngx_max(ms, 0);
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/ngx_http_upstream.h
^
|
@@ -58,10 +58,9 @@
ngx_uint_t bl_state;
ngx_uint_t status;
- time_t response_sec;
- ngx_uint_t response_msec;
- time_t header_sec;
- ngx_uint_t header_msec;
+ ngx_msec_t response_time;
+ ngx_msec_t connect_time;
+ ngx_msec_t header_time;
off_t response_length;
ngx_str_t *peer;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/http/ngx_http_upstream_round_robin.c
^
|
@@ -622,6 +622,11 @@
if (peer->max_fails) {
peer->effective_weight -= peer->weight / peer->max_fails;
+
+ if (peer->fails >= peer->max_fails) {
+ ngx_log_error(NGX_LOG_WARN, pc->log, 0,
+ "upstream server temporarily disabled");
+ }
}
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, pc->log, 0,
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/mail/ngx_mail.c
^
|
@@ -36,13 +36,6 @@
0,
NULL },
- { ngx_string("imap"),
- NGX_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_NOARGS,
- ngx_mail_block,
- 0,
- 0,
- NULL },
-
ngx_null_command
};
@@ -83,12 +76,6 @@
ngx_mail_core_srv_conf_t **cscfp;
ngx_mail_core_main_conf_t *cmcf;
- if (cmd->name.data[0] == 'i') {
- ngx_conf_log_error(NGX_LOG_WARN, cf, 0,
- "the \"imap\" directive is deprecated, "
- "use the \"mail\" directive instead");
- }
-
/* the main mail context */
ctx = ngx_pcalloc(cf->pool, sizeof(ngx_mail_conf_ctx_t));
@@ -405,13 +392,7 @@
ls->servers = mport;
- if (i == last - 1) {
- mport->naddrs = last;
-
- } else {
- mport->naddrs = 1;
- i = 0;
- }
+ mport->naddrs = i + 1;
switch (ls->sockaddr->sa_family) {
#if (NGX_HAVE_INET6)
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/mail/ngx_mail.h
^
|
@@ -131,8 +131,6 @@
ngx_msec_t timeout;
ngx_msec_t resolver_timeout;
- ngx_flag_t so_keepalive;
-
ngx_str_t server_name;
u_char *file_name;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/mail/ngx_mail_core_module.c
^
|
@@ -27,12 +27,6 @@
void *conf);
-static ngx_conf_deprecated_t ngx_conf_deprecated_so_keepalive = {
- ngx_conf_deprecated, "so_keepalive",
- "so_keepalive\" parameter of the \"listen"
-};
-
-
static ngx_command_t ngx_mail_core_commands[] = {
{ ngx_string("server"),
@@ -56,13 +50,6 @@
0,
NULL },
- { ngx_string("so_keepalive"),
- NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG,
- ngx_conf_set_flag_slot,
- NGX_MAIL_SRV_CONF_OFFSET,
- offsetof(ngx_mail_core_srv_conf_t, so_keepalive),
- &ngx_conf_deprecated_so_keepalive },
-
{ ngx_string("timeout"),
NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
ngx_conf_set_msec_slot,
@@ -175,7 +162,6 @@
cscf->timeout = NGX_CONF_UNSET_MSEC;
cscf->resolver_timeout = NGX_CONF_UNSET_MSEC;
- cscf->so_keepalive = NGX_CONF_UNSET;
cscf->resolver = NGX_CONF_UNSET_PTR;
@@ -196,8 +182,6 @@
ngx_conf_merge_msec_value(conf->resolver_timeout, prev->resolver_timeout,
30000);
- ngx_conf_merge_value(conf->so_keepalive, prev->so_keepalive, 0);
-
ngx_conf_merge_str_value(conf->server_name, prev->server_name, "");
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/mail/ngx_mail_proxy_module.c
^
|
@@ -111,7 +111,6 @@
void
ngx_mail_proxy_init(ngx_mail_session_t *s, ngx_addr_t *peer)
{
- int keepalive;
ngx_int_t rc;
ngx_mail_proxy_ctx_t *p;
ngx_mail_proxy_conf_t *pcf;
@@ -121,18 +120,6 @@
cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
- if (cscf->so_keepalive) {
- keepalive = 1;
-
- if (setsockopt(s->connection->fd, SOL_SOCKET, SO_KEEPALIVE,
- (const void *) &keepalive, sizeof(int))
- == -1)
- {
- ngx_log_error(NGX_LOG_ALERT, s->connection->log, ngx_socket_errno,
- "setsockopt(SO_KEEPALIVE) failed");
- }
- }
-
p = ngx_pcalloc(s->connection->pool, sizeof(ngx_mail_proxy_ctx_t));
if (p == NULL) {
ngx_mail_session_internal_server_error(s);
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/mail/ngx_mail_ssl_module.c
^
|
@@ -284,7 +284,7 @@
prev->prefer_server_ciphers, 0);
ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
|NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_uint_value(conf->verify, prev->verify, 0);
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/os/unix/ngx_posix_config.h
^
|
@@ -21,6 +21,14 @@
#endif
+#if (NGX_GNU_HURD)
+#ifndef _GNU_SOURCE
+#define _GNU_SOURCE /* accept4() */
+#endif
+#define _FILE_OFFSET_BITS 64
+#endif
+
+
#ifdef __CYGWIN__
#define timezonevar /* timezone is variable */
#define NGX_BROKEN_SCM_RIGHTS 1
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/os/unix/ngx_process_cycle.c
^
|
@@ -29,6 +29,7 @@
ngx_uint_t ngx_process;
+ngx_uint_t ngx_worker;
ngx_pid_t ngx_pid;
sig_atomic_t ngx_reap;
@@ -731,6 +732,7 @@
ngx_connection_t *c;
ngx_process = NGX_PROCESS_WORKER;
+ ngx_worker = worker;
ngx_worker_process_init(cycle, worker);
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/os/unix/ngx_process_cycle.h
^
|
@@ -39,6 +39,7 @@
extern ngx_uint_t ngx_process;
+extern ngx_uint_t ngx_worker;
extern ngx_pid_t ngx_pid;
extern ngx_pid_t ngx_new_binary;
extern ngx_uint_t ngx_inherited;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream.c
^
|
@@ -393,13 +393,7 @@
ls->servers = stport;
- if (i == last - 1) {
- stport->naddrs = last;
-
- } else {
- stport->naddrs = 1;
- i = 0;
- }
+ stport->naddrs = i + 1;
switch (ls->sockaddr->sa_family) {
#if (NGX_HAVE_INET6)
@@ -416,6 +410,10 @@
break;
}
+ if (ngx_clone_listening(cf, ls) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
addr++;
last--;
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream.h
^
|
@@ -45,6 +45,9 @@
#if (NGX_HAVE_INET6 && defined IPV6_V6ONLY)
unsigned ipv6only:1;
#endif
+#if (NGX_HAVE_REUSEPORT)
+ unsigned reuseport:1;
+#endif
unsigned so_keepalive:2;
#if (NGX_HAVE_KEEPALIVE_TUNABLE)
int tcp_keepidle;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream_core_module.c
^
|
@@ -384,6 +384,18 @@
#endif
}
+ if (ngx_strcmp(value[i].data, "reuseport") == 0) {
+#if (NGX_HAVE_REUSEPORT)
+ ls->reuseport = 1;
+ ls->bind = 1;
+#else
+ ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+ "reuseport is not supported "
+ "on this platform, ignored");
+#endif
+ continue;
+ }
+
if (ngx_strcmp(value[i].data, "ssl") == 0) {
#if (NGX_STREAM_SSL)
ls->ssl = 1;
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream_proxy_module.c
^
|
@@ -1139,9 +1139,8 @@
prev->ssl_session_reuse, 1);
ngx_conf_merge_bitmask_value(conf->ssl_protocols, prev->ssl_protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3
- |NGX_SSL_TLSv1|NGX_SSL_TLSv1_1
- |NGX_SSL_TLSv1_2));
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_str_value(conf->ssl_ciphers, prev->ssl_ciphers, "DEFAULT");
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream_ssl_module.c
^
|
@@ -211,7 +211,7 @@
prev->prefer_server_ciphers, 0);
ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+ (NGX_CONF_BITMASK_SET|NGX_SSL_TLSv1
|NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_str_value(conf->certificate, prev->certificate, "");
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream_upstream_hash_module.c
^
|
@@ -271,13 +271,17 @@
{
u_char *host, *port, c;
size_t host_len, port_len, size;
- uint32_t hash, base_hash, prev_hash;
+ uint32_t hash, base_hash;
ngx_str_t *server;
ngx_uint_t npoints, i, j;
ngx_stream_upstream_rr_peer_t *peer;
ngx_stream_upstream_rr_peers_t *peers;
ngx_stream_upstream_chash_points_t *points;
ngx_stream_upstream_hash_srv_conf_t *hcf;
+ union {
+ uint32_t value;
+ u_char byte[4];
+ } prev_hash;
if (ngx_stream_upstream_init_round_robin(cf, us) != NGX_OK) {
return NGX_ERROR;
@@ -344,20 +348,27 @@
ngx_crc32_update(&base_hash, (u_char *) "", 1);
ngx_crc32_update(&base_hash, port, port_len);
- prev_hash = 0;
+ prev_hash.value = 0;
npoints = peer->weight * 160;
for (j = 0; j < npoints; j++) {
hash = base_hash;
- ngx_crc32_update(&hash, (u_char *) &prev_hash, sizeof(uint32_t));
+ ngx_crc32_update(&hash, prev_hash.byte, 4);
ngx_crc32_final(hash);
points->point[points->number].hash = hash;
points->point[points->number].server = server;
points->number++;
- prev_hash = hash;
+#if (NGX_HAVE_LITTLE_ENDIAN)
+ prev_hash.value = hash;
+#else
+ prev_hash.byte[0] = (u_char) (hash & 0xff);
+ prev_hash.byte[1] = (u_char) ((hash >> 8) & 0xff);
+ prev_hash.byte[2] = (u_char) ((hash >> 16) & 0xff);
+ prev_hash.byte[3] = (u_char) ((hash >> 24) & 0xff);
+#endif
}
}
|
[-]
[+]
|
Changed |
nginx-1.9.1.tar.gz/src/stream/ngx_stream_upstream_round_robin.c
^
|
@@ -495,6 +495,11 @@
if (peer->max_fails) {
peer->effective_weight -= peer->weight / peer->max_fails;
+
+ if (peer->fails >= peer->max_fails) {
+ ngx_log_error(NGX_LOG_WARN, pc->log, 0,
+ "upstream server temporarily disabled");
+ }
}
ngx_log_debug2(NGX_LOG_DEBUG_STREAM, pc->log, 0,
|