aboutsummaryrefslogtreecommitdiff
path: root/src
Commit message (Collapse)AuthorAge
...
* Cache size accounting fix: actual cache size on disk was less thanIgor Sysoev2011-08-25
| | | | | | | needed by sum of sizes of files loaded by worker processes themselves while cache loader was running. The bug has been introduced in r3900.
* Better handling of various per-server ssl options with SNI.Maxim Dounin2011-08-23
| | | | | | | | | | | | | | | | | | SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket.
* Version bump.Igor Sysoev2011-08-23
|
* SIGWINCH/NOACCEPT signal is disabled now in non-daemon mode.Igor Sysoev2011-08-22
| | | | | | | Non-daemon mode is currently used by supervisord, daemontools and so on or during debugging. The NOACCEPT signal is only used for online upgrade which is not supported when nginx is run under supervisord, etc., so this change should not break existant setups.
* The change in adaptive loader behaviour introduced in r3975:Igor Sysoev2011-08-22
| | | | | | | | | | now cache loader processes either as many files as specified by loader_files or works no more than time specified by loader_threshold during each iteration. loader_threshold was previously used to decrease loader_files or to increase loader_timeout and this might eventually result in downgrading loader_files to 1 and increasing loader_timeout to large values causing loading cache for forever.
* Fix buffer overrun under Windows.Maxim Dounin2011-08-22
|
* Move SO_ACCEPTFILTER and TCP_DEFER_ACCEPT checks into configure.Maxim Dounin2011-08-21
| | | | | | | NetBSD 5.0+ has SO_ACCEPTFILTER support merged from FreeBSD, and having accept filter check in FreeBSD-specific ngx_freebsd_config.h prevents it from being used on NetBSD. Therefore move the check into configure (and do the same for Linux-specific TCP_DEFER_ACCEPT, just to be in line).
* Fix ignored headers handling in fastcgi/scgi/uwsgi.Maxim Dounin2011-08-19
| | | | The bug had appeared in r3561 (fastcgi), r3638 (scgi), r3567 (uwsgi).
* Complain on invalid log levels.Maxim Dounin2011-08-18
| | | | | | | | | | | | | Previously only first log level was required to be correct, while error_log directive in fact accepts list of levels (e.g. one may specify "error_log ... debug_core debug_http;"). This resulted in (avoidable) wierd behaviour on missing semicolon after error_log directive, e.g. error_log /path/to/log info index index.php; silently skipped index directive and it's arguments (trying to interpret them as log levels without checking to be correct).
* Upstream: properly allocate memory for tried flags.Maxim Dounin2011-08-18
| | | | | | | | Previous allocation only took into account number of non-backup servers, and this caused memory corruption with many backup servers. See report here: http://mailman.nginx.org/pipermail/nginx/2011-May/026531.html
* Fixing cpu hog with all upstream servers marked "down".Maxim Dounin2011-08-18
| | | | | | | | | | | | | | | | | | | | | | | | The following configuration causes nginx to hog cpu due to infinite loop in ngx_http_upstream_get_peer(): upstream backend { server 127.0.0.1:8080 down; server 127.0.0.1:8080 down; } server { ... location / { proxy_pass http://backend; } } Make sure we don't loop infinitely in ngx_http_upstream_get_peer() but stop after resetting peer weights once. Return 0 if we are stuck. This is guaranteed to work as peer 0 always exists, and eventually ngx_http_upstream_get_round_robin_peer() will do the right thing falling back to backup servers or returning NGX_BUSY.
* Fixing proxy_set_body and proxy_pass_request_body with SSL.Maxim Dounin2011-08-18
| | | | | | | | | Flush flag wasn't set in constructed buffer and this prevented any data from being actually sent to upstream due to SSL buffering. Make sure we always set flush in the last buffer we are going to sent. See here for report: http://nginx.org/pipermail/nginx-ru/2011-June/041552.html
* Fix names of the referer hash size directives introduced in r3940.Igor Sysoev2011-08-18
|
* Fix body with request_body_in_single_buf.Maxim Dounin2011-08-18
| | | | | | | | If there were preread data and request body was big enough first part of the request body was duplicated. See report here: http://mailman.nginx.org/pipermail/nginx/2011-July/027756.html
* Correctly set body if it's preread and there are extra data.Maxim Dounin2011-08-18
| | | | | | Previously all available data was used as body, resulting in garbage after real body e.g. in case of pipelined requests. Make sure to use only as many bytes as request's Content-Length specifies.
* fix gzip quantity: "q=0." and "q=1." are valid values according to RFCIgor Sysoev2011-08-05
|
* refactor gzip quantity introduced in r3981: it ignored "q=1.000"Igor Sysoev2011-08-04
|
* A new fix for the case when ssl_session_cache defined, but ssl is notIgor Sysoev2011-08-04
| | | | | | | | enabled in any server. The previous r1033 does not help when unused zone becomes used after reconfiguration, so it is backed out. The initial thought was to make SSL modules independed from SSL implementation and to keep OpenSSL code dependance as much as in separate files.
* removal of error message about %name log_format parameters,Igor Sysoev2011-08-03
| | | | they have been deleted long ago in 0.5.0-RELEASE
* fix typo introduced in r3985Igor Sysoev2011-08-02
|
* bump versionIgor Sysoev2011-08-02
|
* fix r3981 again for case "Accept-Encoding: gzip"Igor Sysoev2011-08-01
|
* always set timer in discard body handler, this fixes the casesIgor Sysoev2011-08-01
| | | | | | when request for static file is redirected by error_page to an SSI page patch by Maxim Dounin
* lingering_close "off|on|always"Igor Sysoev2011-08-01
| | | | patch by Maxim Dounin
* do not send RST on normal lingering close read timeout,Igor Sysoev2011-08-01
| | | | | | if reset_timedout_connection is on patch by Maxim Dounin
* fix r3981 for case "Accept-Encoding: gzip"Igor Sysoev2011-08-01
|
* enable lingering close for pipelined requestsIgor Sysoev2011-08-01
| | | | patch by Maxim Dounin
* Accept-Encoding refactoring: "gzip; q=0" supportIgor Sysoev2011-08-01
|
* Accept-Encoding refactoring: test first the most common case "gzip,"Igor Sysoev2011-07-30
|
* Accept-Encoding refactoring: remove ancient MSIE 4.x test for gzipIgor Sysoev2011-07-30
|
* test length of proxy_pass with variablesIgor Sysoev2011-07-30
| | | | patch by Lanshun Zhou
* update r3945 with more descriptive error messageIgor Sysoev2011-07-29
|
* loader_files, loader_sleep, and loader_thresholdIgor Sysoev2011-07-29
|
* set correct configuration file values while adding pathIgor Sysoev2011-07-25
| | | | patch by Maxim Dounin
* rename ngx_http_file_cache_manager_sleep() to ngx_http_file_cache_loader_sleep()Igor Sysoev2011-07-25
| | | | | and do not use it all in cache manager: this is a vestige of the times when cache manager loaded cache
* do not close connection if cache file is too small: replace it with valid oneIgor Sysoev2011-07-24
|
* elimination of reading cache files by cache loaderIgor Sysoev2011-07-24
|
* fix r3968Igor Sysoev2011-07-24
|
* update the previous commit:Igor Sysoev2011-07-24
| | | | removing dependencies on file uniq since WIN32_FIND_DATA has no such field
* The cache loader performs two tasks: inserting cache objects in inactivityIgor Sysoev2011-07-24
| | | | | | | | | | | list and evaluating total cache size. Reading just directory is enough for this purpose. Elimination of reading cache files saves at least one disk I/O operation per file. Preparation for elimination of reading cache files by cache loader: removing dependencies on the reading: *) cache node valid_sec and valid_msec are used only for caching errors; *) upstream buffer size can be used instead of cache node body_start.
* fuse two if's in one conditionIgor Sysoev2011-07-24
|
* style fixIgor Sysoev2011-07-24
|
* do not try to reuse and save a SSL session for a peer created on the flyIgor Sysoev2011-07-22
| | | | | | | | by ngx_http_upstream_create_round_robin_peer(), since the peer lives only during request so the saved SSL session will never be used again and just causes memory leak patch by Maxim Dounin
* finalizing with rc == 0 in unbuffered proxy mode caused nginx to waitIgor Sysoev2011-07-22
| | | | | | | for another send_timeout before actually closing client's connection if client timed out while still talking to upstream server patch by Maxim Dounin
* fix SSL connection issues on platforms with 32-bit off_tIgor Sysoev2011-07-22
| | | | patch by Maxim Dounin
* fix build by gcc46 with -Wunused-value optionIgor Sysoev2011-07-22
| | | | patch by Maxim Dounin
* ECDHE supportIgor Sysoev2011-07-20
| | | | patch by Adrian Kotelba
* MSIE export versions are rare now, so RSA 512 key is generated on demandIgor Sysoev2011-07-20
| | | | | | and is shared among all hosts instead of pregenerating for every HTTPS host on configuraiton phase. This decreases start time for configuration with large number of HTTPS hosts.
* bump version: 1.1.0 development versionIgor Sysoev2011-07-20
|
* fix segfault if cache key is larger than upstream buffer sizeIgor Sysoev2011-07-19
| | | | patch by Lanshun Zhou
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-21 03:18:24 +0000