diff options
Diffstat (limited to 'src/http')
| -rw-r--r-- | src/http/modules/ngx_http_autoindex_module.c | 5 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_headers_filter_module.c | 5 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_proxy_module.c | 2 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_ssl_module.c | 20 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_static_module.c | 5 | ||||
| -rw-r--r-- | src/http/ngx_http.c | 5 | ||||
| -rw-r--r-- | src/http/ngx_http_core_module.c | 109 | ||||
| -rw-r--r-- | src/http/ngx_http_core_module.h | 1 | ||||
| -rw-r--r-- | src/http/ngx_http_request.c | 11 | ||||
| -rw-r--r-- | src/http/ngx_http_request.h | 1 | ||||
| -rw-r--r-- | src/http/ngx_http_upstream.c | 6 |
11 files changed, 116 insertions, 54 deletions
diff --git a/src/http/modules/ngx_http_autoindex_module.c b/src/http/modules/ngx_http_autoindex_module.c index 2838e9fc7..fb40669ba 100644 --- a/src/http/modules/ngx_http_autoindex_module.c +++ b/src/http/modules/ngx_http_autoindex_module.c @@ -203,7 +203,10 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) if (ngx_open_dir(&dname, &dir) == NGX_ERROR) { err = ngx_errno; - if (err == NGX_ENOENT || err == NGX_ENOTDIR) { + if (err == NGX_ENOENT + || err == NGX_ENOTDIR + || err == NGX_ENAMETOOLONG) + { level = NGX_LOG_ERR; rc = NGX_HTTP_NOT_FOUND; diff --git a/src/http/modules/ngx_http_headers_filter_module.c b/src/http/modules/ngx_http_headers_filter_module.c index 1ad225fe9..43cb5c8cd 100644 --- a/src/http/modules/ngx_http_headers_filter_module.c +++ b/src/http/modules/ngx_http_headers_filter_module.c @@ -82,7 +82,10 @@ ngx_http_headers_filter(ngx_http_request_t *r) ngx_table_elt_t *expires, *cc, **ccp; ngx_http_headers_conf_t *conf; - if (r->headers_out.status != NGX_HTTP_OK || r->main) { + if ((r->headers_out.status != NGX_HTTP_OK + && r->headers_out.status != NGX_HTTP_NOT_MODIFIED) + || r->main) + { return ngx_http_next_header_filter(r); } diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c index 1415f2180..c807df94d 100644 --- a/src/http/modules/ngx_http_proxy_module.c +++ b/src/http/modules/ngx_http_proxy_module.c @@ -160,7 +160,7 @@ static ngx_command_t ngx_http_proxy_commands[] = { NULL }, { ngx_string("proxy_pass_unparsed_uri"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, + NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, NGX_HTTP_LOC_CONF_OFFSET, offsetof(ngx_http_proxy_loc_conf_t, upstream.pass_unparsed_uri), diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c index 5137af0d8..130f2b305 100644 --- a/src/http/modules/ngx_http_ssl_module.c +++ b/src/http/modules/ngx_http_ssl_module.c @@ -83,6 +83,9 @@ ngx_module_t ngx_http_ssl_module = { }; +static u_char ngx_http_session_id_ctx[] = "HTTP"; + + static void * ngx_http_ssl_create_srv_conf(ngx_conf_t *cf) { @@ -147,12 +150,6 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) } -#if 0 - SSL_CTX_set_options(conf->ssl_ctx, SSL_OP_ALL); - SSL_CTX_set_options(conf->ssl_ctx, SSL_OP_NO_SSLv3); - SSL_CTX_set_options(conf->ssl_ctx, SSL_OP_SINGLE_DH_USE); -#endif - if (conf->ciphers.len) { if (SSL_CTX_set_cipher_list(conf->ssl_ctx, (const char *) conf->ciphers.data) == 0) @@ -182,7 +179,16 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) return NGX_CONF_ERROR; } - SSL_CTX_set_verify(conf->ssl_ctx, SSL_VERIFY_NONE, NULL); + SSL_CTX_set_options(conf->ssl_ctx, SSL_OP_ALL); + + SSL_CTX_set_mode(conf->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER); + + SSL_CTX_set_read_ahead(conf->ssl_ctx, 1); + + SSL_CTX_set_session_cache_mode(conf->ssl_ctx, SSL_SESS_CACHE_SERVER); + + SSL_CTX_set_session_id_context(conf->ssl_ctx, ngx_http_session_id_ctx, + sizeof(ngx_http_session_id_ctx) - 1); return NGX_CONF_OK; } diff --git a/src/http/modules/ngx_http_static_module.c b/src/http/modules/ngx_http_static_module.c index eac3c193a..d8884cac8 100644 --- a/src/http/modules/ngx_http_static_module.c +++ b/src/http/modules/ngx_http_static_module.c @@ -203,7 +203,10 @@ ngx_http_static_handler(ngx_http_request_t *r) if (fd == NGX_INVALID_FILE) { err = ngx_errno; - if (err == NGX_ENOENT || err == NGX_ENOTDIR) { + if (err == NGX_ENOENT + || err == NGX_ENOTDIR + || err == NGX_ENAMETOOLONG) + { level = NGX_LOG_ERR; rc = NGX_HTTP_NOT_FOUND; diff --git a/src/http/ngx_http.c b/src/http/ngx_http.c index 646e16d50..54702cc90 100644 --- a/src/http/ngx_http.c +++ b/src/http/ngx_http.c @@ -646,7 +646,10 @@ ngx_http_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) ls->post_accept_timeout = cscf->client_header_timeout; clcf = cscf->ctx->loc_conf[ngx_http_core_module.ctx_index]; - ls->log = clcf->err_log; + + ls->log = *clcf->err_log; + ls->log.data = &ls->addr_text; + ls->log.handler = ngx_accept_log_error; #if (NGX_WIN32) iocpcf = ngx_event_get_conf(cf->cycle->conf_ctx, ngx_iocp_module); diff --git a/src/http/ngx_http_core_module.c b/src/http/ngx_http_core_module.c index 66373e389..e9f594217 100644 --- a/src/http/ngx_http_core_module.c +++ b/src/http/ngx_http_core_module.c @@ -284,6 +284,13 @@ static ngx_command_t ngx_http_core_commands[] = { 0, NULL }, + { ngx_string("satisfy_any"), + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, + ngx_conf_set_flag_slot, + NGX_HTTP_LOC_CONF_OFFSET, + offsetof(ngx_http_core_loc_conf_t, satisfy_any), + NULL }, + { ngx_string("internal"), NGX_HTTP_LOC_CONF|NGX_CONF_NOARGS, ngx_http_core_internal, @@ -401,50 +408,43 @@ ngx_http_handler(ngx_http_request_t *r) r->connection->unexpected_eof = 0; - switch (r->headers_in.connection_type) { - case 0: - if (r->http_version > NGX_HTTP_VERSION_10) { - r->keepalive = 1; - } else { - r->keepalive = 0; - } - break; - - case NGX_HTTP_CONNECTION_CLOSE: - r->keepalive = 0; - break; + if (r->err_ctx == NULL) { + switch (r->headers_in.connection_type) { + case 0: + if (r->http_version > NGX_HTTP_VERSION_10) { + r->keepalive = 1; + } else { + r->keepalive = 0; + } + break; - case NGX_HTTP_CONNECTION_KEEP_ALIVE: - r->keepalive = 1; - break; - } + case NGX_HTTP_CONNECTION_CLOSE: + r->keepalive = 0; + break; - if (r->keepalive && r->headers_in.msie && r->method == NGX_HTTP_POST) { + case NGX_HTTP_CONNECTION_KEEP_ALIVE: + r->keepalive = 1; + break; + } - /* - * MSIE may wait for some time if the response for the POST request - * is sent over the keepalive connection - */ + if (r->keepalive && r->headers_in.msie && r->method == NGX_HTTP_POST) { - r->keepalive = 0; - } + /* + * MSIE may wait for some time if the response for the POST request + * is sent over the keepalive connection + */ -#if 0 - /* TEST STUB */ r->http_version = NGX_HTTP_VERSION_10; - /* TEST STUB */ r->keepalive = 0; -#endif + r->keepalive = 0; + } - if (r->headers_in.content_length_n > 0) { - r->lingering_close = 1; + if (r->headers_in.content_length_n > 0) { + r->lingering_close = 1; - } else { - r->lingering_close = 0; + } else { + r->lingering_close = 0; + } } -#if 0 - /* TEST STUB */ r->lingering_close = 1; -#endif - r->write_event_handler = ngx_http_core_run_phases; r->valid_unparsed_uri = 1; @@ -498,6 +498,10 @@ ngx_http_core_run_phases(ngx_http_request_t *r) r->phase = NGX_HTTP_FIND_CONFIG_PHASE; } + if (r->phase == NGX_HTTP_ACCESS_PHASE && r->main) { + continue; + } + if (r->phase == NGX_HTTP_CONTENT_PHASE && r->content_handler) { r->write_event_handler = ngx_http_request_empty_handler; ngx_http_finalize_request(r, r->content_handler(r)); @@ -515,7 +519,7 @@ ngx_http_core_run_phases(ngx_http_request_t *r) /* * we should never use r here because - * it could point to already freed data + * it may point to already freed data */ return; @@ -525,6 +529,30 @@ ngx_http_core_run_phases(ngx_http_request_t *r) continue; } + if (r->phase == NGX_HTTP_ACCESS_PHASE) { + clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); + + if (clcf->satisfy_any) { + + if (rc == NGX_OK) { + r->access_code = 0; + + if (r->headers_out.www_authenticate) { + r->headers_out.www_authenticate->hash = 0; + } + + break; + } + + if (rc == NGX_HTTP_FORBIDDEN || rc == NGX_HTTP_UNAUTHORIZED) + { + r->access_code = rc; + + continue; + } + } + } + if (rc >= NGX_HTTP_SPECIAL_RESPONSE || rc == NGX_HTTP_NO_CONTENT || rc == NGX_ERROR) @@ -545,6 +573,12 @@ ngx_http_core_run_phases(ngx_http_request_t *r) if (rc == NGX_OK && cmcf->phases[r->phase].type == NGX_OK) { break; } + + } + + if (r->phase == NGX_HTTP_ACCESS_PHASE && r->access_code) { + ngx_http_finalize_request(r, r->access_code); + return; } } @@ -1102,6 +1136,7 @@ ngx_http_subrequest(ngx_http_request_t *r, sr->internal = 1; + sr->discard_body = r->discard_body; sr->main_filter_need_in_memory = r->main_filter_need_in_memory; ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, @@ -1793,6 +1828,7 @@ ngx_http_core_create_loc_conf(ngx_conf_t *cf) lcf->client_max_body_size = NGX_CONF_UNSET_SIZE; lcf->client_body_buffer_size = NGX_CONF_UNSET_SIZE; lcf->client_body_timeout = NGX_CONF_UNSET_MSEC; + lcf->satisfy_any = NGX_CONF_UNSET; lcf->internal = NGX_CONF_UNSET; lcf->sendfile = NGX_CONF_UNSET; lcf->tcp_nopush = NGX_CONF_UNSET; @@ -1895,6 +1931,7 @@ ngx_http_core_merge_loc_conf(ngx_conf_t *cf, ngx_conf_merge_msec_value(conf->client_body_timeout, prev->client_body_timeout, 60000); + ngx_conf_merge_value(conf->satisfy_any, prev->satisfy_any, 0); ngx_conf_merge_value(conf->internal, prev->internal, 0); ngx_conf_merge_value(conf->sendfile, prev->sendfile, 0); ngx_conf_merge_value(conf->tcp_nopush, prev->tcp_nopush, 0); diff --git a/src/http/ngx_http_core_module.h b/src/http/ngx_http_core_module.h index 59fc32a79..d175f2e4c 100644 --- a/src/http/ngx_http_core_module.h +++ b/src/http/ngx_http_core_module.h @@ -217,6 +217,7 @@ struct ngx_http_core_loc_conf_s { time_t keepalive_header; /* keepalive_timeout */ + ngx_flag_t satisfy_any; /* satisfy_any */ ngx_flag_t internal; /* internal */ ngx_flag_t sendfile; /* sendfile */ ngx_flag_t tcp_nopush; /* tcp_nopush */ diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c index 594a272ed..cb3937c0a 100644 --- a/src/http/ngx_http_request.c +++ b/src/http/ngx_http_request.c @@ -359,7 +359,7 @@ void ngx_http_init_request(ngx_event_t *rev) if (sscf->enable) { if (c->ssl == NULL) { - if (ngx_ssl_create_session(sscf->ssl_ctx, c, NGX_SSL_BUFFER) + if (ngx_ssl_create_connection(sscf->ssl_ctx, c, NGX_SSL_BUFFER) == NGX_ERROR) { ngx_http_close_connection(c); @@ -1732,10 +1732,6 @@ ngx_http_postponed_handler(ngx_http_request_t *r) ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http postponed output filter: %d", rc); - if (rc == NGX_AGAIN) { - return rc; - } - /* * we treat NGX_ERROR as NGX_OK, because we need to complete * all postponed requests @@ -1744,6 +1740,11 @@ ngx_http_postponed_handler(ngx_http_request_t *r) pr = r->postponed; if (pr == NULL) { + + if (rc == NGX_AGAIN) { + return NGX_AGAIN; + } + return NGX_OK; } } diff --git a/src/http/ngx_http_request.h b/src/http/ngx_http_request.h index fe56b26f5..8dbf0bac1 100644 --- a/src/http/ngx_http_request.h +++ b/src/http/ngx_http_request.h @@ -307,6 +307,7 @@ struct ngx_http_request_s { ngx_uint_t phase; ngx_int_t phase_handler; ngx_http_handler_pt content_handler; + ngx_uint_t access_code; ngx_http_variable_value_t **variables; diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c index 04a7a572b..834c30244 100644 --- a/src/http/ngx_http_upstream.c +++ b/src/http/ngx_http_upstream.c @@ -459,7 +459,11 @@ ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u) u->state->peer = &u->peer.peers->peer[u->peer.cur_peer].name; - if (rc == NGX_CONNECT_ERROR) { + if (rc == NGX_BUSY) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "no live upstreams"); + } + + if (rc == NGX_BUSY || rc == NGX_DECLINED) { ngx_http_upstream_next(r, u, NGX_HTTP_UPSTREAM_FT_ERROR); return; } |