nginx 0.8.41 segfaults in ngx_list_push
mdounin at mdounin.ru
Tue Jun 22 02:10:32 MSD 2010
On Mon, Jun 21, 2010 at 02:44:17PM -0700, Roman Vasilyev wrote:
> Thank you Maxim for extended description.
> Seems like I need some extra advice :)
> Let me describe my architecture and may be you will see better solution.
> I have openvpn server which storing some information at login time
> to some temp file and sending throw DHCP local IP address to client.
> All 80 port transparently goes throw nginx as forward proxy, results
First of all - it's not a good idea to use nginx as forward proxy.
It was never designed to be used as forward proxy and issues
including security ones are expected.
> from nginx in comparing with apache even without keep-alive support
> on highly loaded server MUCH better. No problems with memory usage,
> cpu utilization, and we have 10% faster browsing. Thank you guys for
> perfect web/proxy server.
> So... temp file is simple comma separated fields. From nginx part
> I'm getting this file by file name which is equals to local IP
> address, parsing it and providing to some scripts like input
> headers. If this method is unsafe could you recommend me best way to
> give this fast changeable session data to my scripts?
The unsafe part is direct modification of r->headers_in. As long
as you'll use something like
proxy_set_header X-Your-Header $variable_from_your_module;
instead - you are on the safe side.
More information about the nginx