From igor at sysoev.ru Tue Nov 1 10:10:51 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 10:10:51 +0000 Subject: [nginx] svn commit: r4240 - in branches/stable-1.0/src: core http/modules/perl Message-ID: Author: is Date: 2011-11-01 10:10:50 +0000 (Tue, 01 Nov 2011) New Revision: 4240 Modified: branches/stable-1.0/src/core/nginx.h branches/stable-1.0/src/http/modules/perl/nginx.pm Log: Version bump. Modified: branches/stable-1.0/src/core/nginx.h =================================================================== --- branches/stable-1.0/src/core/nginx.h 2011-10-31 14:52:53 UTC (rev 4239) +++ branches/stable-1.0/src/core/nginx.h 2011-11-01 10:10:50 UTC (rev 4240) @@ -8,8 +8,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1000008 -#define NGINX_VERSION "1.0.8" +#define nginx_version 1000009 +#define NGINX_VERSION "1.0.9" #define NGINX_VER "nginx/" NGINX_VERSION #define NGINX_VAR "NGINX" Modified: branches/stable-1.0/src/http/modules/perl/nginx.pm =================================================================== --- branches/stable-1.0/src/http/modules/perl/nginx.pm 2011-10-31 14:52:53 UTC (rev 4239) +++ branches/stable-1.0/src/http/modules/perl/nginx.pm 2011-11-01 10:10:50 UTC (rev 4240) @@ -48,7 +48,7 @@ HTTP_INSUFFICIENT_STORAGE ); -our $VERSION = '1.0.8'; +our $VERSION = '1.0.9'; require XSLoader; XSLoader::load('nginx', $VERSION); From igor at sysoev.ru Tue Nov 1 11:06:31 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 11:06:31 +0000 Subject: [nginx] svn commit: r4241 - in branches/stable-1.0: . src/http/modules Message-ID: Author: is Date: 2011-11-01 11:06:31 +0000 (Tue, 01 Nov 2011) New Revision: 4241 Modified: branches/stable-1.0/ branches/stable-1.0/src/http/modules/ngx_http_log_module.c Log: Merging r3992, r4192: access_log related fixes: *) Removal of error message about %name log_format parameters, they have been deleted long ago in 0.5.0-RELEASE. *) Improved access log escaping to better protect other software. Some character sets (notably ISO-8859-1) have C1 control characters in upper half, make sure to escape them. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991,3993-3996,3998,4003-4007,4010-4012,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4135-4137,4154,4156-4157 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4010-4012,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4135-4137,4154,4156-4157,4192 Modified: branches/stable-1.0/src/http/modules/ngx_http_log_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_log_module.c 2011-11-01 10:10:50 UTC (rev 4240) +++ branches/stable-1.0/src/http/modules/ngx_http_log_module.c 2011-11-01 11:06:31 UTC (rev 4241) @@ -690,12 +690,12 @@ 0x10000000, /* 0001 0000 0000 0000 0000 0000 0000 0000 */ /* ~}| {zyx wvut srqp onml kjih gfed cba` */ - 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ + 0x80000000, /* 1000 0000 0000 0000 0000 0000 0000 0000 */ - 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ - 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ - 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ - 0x00000000, /* 0000 0000 0000 0000 0000 0000 0000 0000 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ }; @@ -1055,25 +1055,6 @@ for ( /* void */ ; s < args->nelts; s++) { - for (i = 0; i < value[s].len; i++) { - if (value[s].data[i] != '%') { - continue; - } - - ch = value[s].data[i + 1]; - - if ((ch >= 'A' && ch <= 'Z') - || (ch >= 'a' && ch <= 'z') - || ch == '{') - { - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the parameters in the \"%%name\" form are not supported, " - "use the \"$variable\" instead"); - - return NGX_CONF_ERROR; - } - } - i = 0; while (i < value[s].len) { From igor at sysoev.ru Tue Nov 1 11:19:58 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 11:19:58 +0000 Subject: [nginx] svn commit: r4242 - in branches/stable-1.0: . src/core src/http src/http/modules Message-ID: Author: is Date: 2011-11-01 11:19:58 +0000 (Tue, 01 Nov 2011) New Revision: 4242 Modified: branches/stable-1.0/ branches/stable-1.0/src/core/ngx_parse.c branches/stable-1.0/src/core/ngx_parse.h branches/stable-1.0/src/http/modules/ngx_http_referer_module.c branches/stable-1.0/src/http/ngx_http_core_module.c branches/stable-1.0/src/http/ngx_http_special_response.c Log: Merging r4009, r4133, r4184, r4201, r4202, r4203, r4204, r4205: Miscellaneous fixes: *) Fix of names of the referer hash size directives introduced in r3940. *) Cosmetics: replaced NGX_CONF_TAKE1 to NGX_CONF_FLAG for "sendfile" and "chunked_transfer_encoding" directives, to be in line with all directives taking a boolean argument. Both flags will ensure that a directive takes one argument. *) Improved ngx_parse_time() code readability. *) Preallocating exact number of default MIME types entries. *) Stylistic change in checking the boolean expression. *) Replaced magic constants representing default values of some directives with appropriate #define's. *) Fixed grammar in a comment. *) Fixed two minor bugs in "types" parsing code. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4010-4012,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4135-4137,4154,4156-4157,4192 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4012,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4201-4205 Modified: branches/stable-1.0/src/core/ngx_parse.c =================================================================== --- branches/stable-1.0/src/core/ngx_parse.c 2011-11-01 11:06:31 UTC (rev 4241) +++ branches/stable-1.0/src/core/ngx_parse.c 2011-11-01 11:19:58 UTC (rev 4242) @@ -93,7 +93,7 @@ ngx_int_t -ngx_parse_time(ngx_str_t *line, ngx_uint_t sec) +ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec) { u_char *p, *last; ngx_int_t value, total, scale; @@ -114,8 +114,8 @@ valid = 0; value = 0; total = 0; - step = sec ? st_start : st_month; - scale = sec ? 1 : 1000; + step = is_sec ? st_start : st_month; + scale = is_sec ? 1 : 1000; p = line->data; last = p + line->len; @@ -135,81 +135,81 @@ return NGX_ERROR; } step = st_year; - max = 68; + max = NGX_MAX_INT32_VALUE / (60 * 60 * 24 * 365); scale = 60 * 60 * 24 * 365; break; case 'M': - if (step > st_year) { + if (step >= st_month) { return NGX_ERROR; } step = st_month; - max = 828; + max = NGX_MAX_INT32_VALUE / (60 * 60 * 24 * 30); scale = 60 * 60 * 24 * 30; break; case 'w': - if (step > st_month) { + if (step >= st_week) { return NGX_ERROR; } step = st_week; - max = 3550; + max = NGX_MAX_INT32_VALUE / (60 * 60 * 24 * 7); scale = 60 * 60 * 24 * 7; break; case 'd': - if (step > st_week) { + if (step >= st_day) { return NGX_ERROR; } step = st_day; - max = 24855; + max = NGX_MAX_INT32_VALUE / (60 * 60 * 24); scale = 60 * 60 * 24; break; case 'h': - if (step > st_day) { + if (step >= st_hour) { return NGX_ERROR; } step = st_hour; - max = 596523; + max = NGX_MAX_INT32_VALUE / (60 * 60); scale = 60 * 60; break; case 'm': if (*p == 's') { - if (sec || step > st_sec) { + if (is_sec || step >= st_msec) { return NGX_ERROR; } p++; step = st_msec; - max = 2147483647; + max = NGX_MAX_INT32_VALUE; scale = 1; break; } - if (step > st_hour) { + if (step >= st_min) { return NGX_ERROR; } step = st_min; - max = 35791394; + max = NGX_MAX_INT32_VALUE / 60; scale = 60; break; case 's': - if (step > st_min) { + if (step >= st_sec) { return NGX_ERROR; } step = st_sec; - max = 2147483647; + max = NGX_MAX_INT32_VALUE; scale = 1; break; case ' ': - if (step > st_min) { + if (step >= st_sec) { return NGX_ERROR; } step = st_last; - max = 2147483647; + max = NGX_MAX_INT32_VALUE; scale = 1; break; @@ -217,7 +217,7 @@ return NGX_ERROR; } - if (step != st_msec && !sec) { + if (step != st_msec && !is_sec) { scale *= 1000; max /= 1000; } @@ -228,12 +228,12 @@ total += value * scale; - if ((ngx_uint_t) total > 2147483647) { + if ((ngx_uint_t) total > NGX_MAX_INT32_VALUE) { return NGX_ERROR; } value = 0; - scale = sec ? 1 : 1000; + scale = is_sec ? 1 : 1000; while (p < last && *p == ' ') { p++; Modified: branches/stable-1.0/src/core/ngx_parse.h =================================================================== --- branches/stable-1.0/src/core/ngx_parse.h 2011-11-01 11:06:31 UTC (rev 4241) +++ branches/stable-1.0/src/core/ngx_parse.h 2011-11-01 11:19:58 UTC (rev 4242) @@ -17,7 +17,7 @@ ssize_t ngx_parse_size(ngx_str_t *line); off_t ngx_parse_offset(ngx_str_t *line); -ngx_int_t ngx_parse_time(ngx_str_t *line, ngx_uint_t sec); +ngx_int_t ngx_parse_time(ngx_str_t *line, ngx_uint_t is_sec); #endif /* _NGX_PARSE_H_INCLUDED_ */ Modified: branches/stable-1.0/src/http/modules/ngx_http_referer_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_referer_module.c 2011-11-01 11:06:31 UTC (rev 4241) +++ branches/stable-1.0/src/http/modules/ngx_http_referer_module.c 2011-11-01 11:19:58 UTC (rev 4242) @@ -309,7 +309,7 @@ hash.key = ngx_hash_key_lc; hash.max_size = conf->referer_hash_max_size; hash.bucket_size = conf->referer_hash_bucket_size; - hash.name = "referers_hash"; + hash.name = "referer_hash"; hash.pool = cf->pool; if (conf->keys->keys.nelts) { Modified: branches/stable-1.0/src/http/ngx_http_core_module.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 11:06:31 UTC (rev 4241) +++ branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 11:19:58 UTC (rev 4242) @@ -402,7 +402,7 @@ { ngx_string("sendfile"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF - |NGX_CONF_TAKE1, + |NGX_CONF_FLAG, ngx_conf_set_flag_slot, NGX_HTTP_LOC_CONF_OFFSET, offsetof(ngx_http_core_loc_conf_t, sendfile), @@ -639,7 +639,7 @@ NULL }, { ngx_string("chunked_transfer_encoding"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1, + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, NGX_HTTP_LOC_CONF_OFFSET, offsetof(ngx_http_core_loc_conf_t, chunked_transfer_encoding), @@ -2995,6 +2995,12 @@ value = cf->args->elts; if (ngx_strcmp(value[0].data, "include") == 0) { + if (cf->args->nelts != 2) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid number of arguments" + " in \"include\" directive"); + return NGX_CONF_ERROR; + } file = value[1]; if (ngx_conf_full_name(cf->cycle, &file, 1) != NGX_OK) { @@ -3028,7 +3034,7 @@ "content type: \"%V\", " "old content type: \"%V\"", &value[i], content_type, old); - continue; + goto next; } } @@ -3041,6 +3047,9 @@ type->key = value[i]; type->key_hash = hash; type->value = content_type; + + next: + continue; } return NGX_CONF_OK; @@ -3374,7 +3383,7 @@ ngx_cacheline_size); /* - * the special handling the "types" directive in the "http" section + * the special handling of the "types" directive in the "http" section * to inherit the http's conf->types_hash to all servers */ @@ -3401,7 +3410,7 @@ } if (conf->types == NULL) { - conf->types = ngx_array_create(cf->pool, 4, sizeof(ngx_hash_key_t)); + conf->types = ngx_array_create(cf->pool, 3, sizeof(ngx_hash_key_t)); if (conf->types == NULL) { return NGX_CONF_ERROR; } @@ -3468,9 +3477,10 @@ ngx_conf_merge_uint_value(conf->if_modified_since, prev->if_modified_since, NGX_HTTP_IMS_EXACT); ngx_conf_merge_uint_value(conf->max_ranges, prev->max_ranges, - 0x7fffffff); + NGX_MAX_INT32_VALUE); ngx_conf_merge_uint_value(conf->client_body_in_file_only, - prev->client_body_in_file_only, 0); + prev->client_body_in_file_only, + NGX_HTTP_REQUEST_BODY_FILE_OFF); ngx_conf_merge_value(conf->client_body_in_single_buffer, prev->client_body_in_single_buffer, 0); ngx_conf_merge_value(conf->internal, prev->internal, 0); @@ -3478,11 +3488,11 @@ ngx_conf_merge_size_value(conf->sendfile_max_chunk, prev->sendfile_max_chunk, 0); #if (NGX_HAVE_FILE_AIO) - ngx_conf_merge_value(conf->aio, prev->aio, 0); + ngx_conf_merge_value(conf->aio, prev->aio, NGX_HTTP_AIO_OFF); #endif ngx_conf_merge_size_value(conf->read_ahead, prev->read_ahead, 0); ngx_conf_merge_off_value(conf->directio, prev->directio, - NGX_MAX_OFF_T_VALUE); + NGX_OPEN_FILE_DIRECTIO_OFF); ngx_conf_merge_off_value(conf->directio_alignment, prev->directio_alignment, 512); ngx_conf_merge_value(conf->tcp_nopush, prev->tcp_nopush, 0); Modified: branches/stable-1.0/src/http/ngx_http_special_response.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_special_response.c 2011-11-01 11:06:31 UTC (rev 4241) +++ branches/stable-1.0/src/http/ngx_http_special_response.c 2011-11-01 11:19:58 UTC (rev 4242) @@ -375,7 +375,7 @@ } } - if (r->lingering_close == 1) { + if (r->lingering_close) { switch (error) { case NGX_HTTP_BAD_REQUEST: case NGX_HTTP_TO_HTTPS: From igor at sysoev.ru Tue Nov 1 11:23:26 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 11:23:26 +0000 Subject: [nginx] svn commit: r4243 - in branches/stable-1.0: . auto src/core Message-ID: Author: is Date: 2011-11-01 11:23:26 +0000 (Tue, 01 Nov 2011) New Revision: 4243 Modified: branches/stable-1.0/ branches/stable-1.0/auto/install branches/stable-1.0/src/core/ngx_log.c Log: Merging r4013, r4200: error_log related fixes: *) Complain on invalid log levels. Previously only first log level was required to be correct, while error_log directive in fact accepts list of levels (e.g. one may specify "error_log ... debug_core debug_http;"). This resulted in (avoidable) wierd behaviour on missing semicolon after error_log directive, e.g. error_log /path/to/log info index index.php; silently skipped index directive and it's arguments (trying to interpret them as log levels without checking to be correct). *) Fixed configuration summary and manpage contents for the special --error-log-path=stderr case. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4012,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4201-4205 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4200-4205 Modified: branches/stable-1.0/auto/install =================================================================== --- branches/stable-1.0/auto/install 2011-11-01 11:19:58 UTC (rev 4242) +++ branches/stable-1.0/auto/install 2011-11-01 11:23:26 UTC (rev 4243) @@ -53,7 +53,7 @@ case ".$NGX_ERROR_LOG_PATH" in - ./*) + ./* | .) ;; *) @@ -78,7 +78,7 @@ sed -e "s|%%PREFIX%%|$NGX_PREFIX|" \\ -e "s|%%PID_PATH%%|$NGX_PID_PATH|" \\ -e "s|%%CONF_PATH%%|$NGX_CONF_PATH|" \\ - -e "s|%%ERROR_LOG_PATH%%|$NGX_ERROR_LOG_PATH|" \\ + -e "s|%%ERROR_LOG_PATH%%|${NGX_ERROR_LOG_PATH:-stderr}|" \\ < man/nginx.8 > $NGX_OBJS/nginx.8 install: $NGX_OBJS${ngx_dirsep}nginx${ngx_binext} \ @@ -137,7 +137,7 @@ END -if test -n "\$(DESTDIR)$NGX_ERROR_LOG_PATH"; then +if test -n "$NGX_ERROR_LOG_PATH"; then cat << END >> $NGX_MAKEFILE test -d '\$(DESTDIR)`dirname "$NGX_ERROR_LOG_PATH"`' || \ Modified: branches/stable-1.0/src/core/ngx_log.c =================================================================== --- branches/stable-1.0/src/core/ngx_log.c 2011-11-01 11:19:58 UTC (rev 4242) +++ branches/stable-1.0/src/core/ngx_log.c 2011-11-01 11:23:26 UTC (rev 4243) @@ -369,12 +369,13 @@ char * ngx_log_set_levels(ngx_conf_t *cf, ngx_log_t *log) { - ngx_uint_t i, n, d; + ngx_uint_t i, n, d, found; ngx_str_t *value; value = cf->args->elts; for (i = 2; i < cf->args->nelts; i++) { + found = 0; for (n = 1; n <= NGX_LOG_DEBUG; n++) { if (ngx_strcmp(value[i].data, err_levels[n].data) == 0) { @@ -387,7 +388,8 @@ } log->log_level = n; - continue; + found = 1; + break; } } @@ -401,11 +403,13 @@ } log->log_level |= d; + found = 1; + break; } } - if (log->log_level == 0) { + if (!found) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid log level \"%V\"", &value[i]); return NGX_CONF_ERROR; From igor at sysoev.ru Tue Nov 1 11:25:15 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 11:25:15 +0000 Subject: [nginx] svn commit: r4244 - in branches/stable-1.0: . auto src/core src/os/unix Message-ID: Author: is Date: 2011-11-01 11:25:15 +0000 (Tue, 01 Nov 2011) New Revision: 4244 Modified: branches/stable-1.0/ branches/stable-1.0/auto/unix branches/stable-1.0/src/core/ngx_connection.c branches/stable-1.0/src/os/unix/ngx_freebsd_config.h branches/stable-1.0/src/os/unix/ngx_linux_config.h Log: Merging r4017: Move SO_ACCEPTFILTER and TCP_DEFER_ACCEPT checks into configure. NetBSD 5.0+ has SO_ACCEPTFILTER support merged from FreeBSD, and having accept filter check in FreeBSD-specific ngx_freebsd_config.h prevents it from being used on NetBSD. Therefore move the check into configure (and do the same for Linux-specific TCP_DEFER_ACCEPT, just to be in line). Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4016,4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4200-4205 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4200-4205 Modified: branches/stable-1.0/auto/unix =================================================================== --- branches/stable-1.0/auto/unix 2011-11-01 11:23:26 UTC (rev 4243) +++ branches/stable-1.0/auto/unix 2011-11-01 11:25:15 UTC (rev 4244) @@ -295,6 +295,7 @@ fi fi + ngx_feature="SO_SETFIB" ngx_feature_name="NGX_HAVE_SETFIB" ngx_feature_run=no @@ -305,6 +306,28 @@ . auto/feature +ngx_feature="SO_ACCEPTFILTER" +ngx_feature_name="NGX_HAVE_DEFERRED_ACCEPT" +ngx_feature_run=no +ngx_feature_incs="#include " +ngx_feature_path= +ngx_feature_libs= +ngx_feature_test="setsockopt(0, SOL_SOCKET, SO_ACCEPTFILTER, NULL, 0)" +. auto/feature + + +ngx_feature="TCP_DEFER_ACCEPT" +ngx_feature_name="NGX_HAVE_DEFERRED_ACCEPT" +ngx_feature_run=no +ngx_feature_incs="#include + #include + #include " +ngx_feature_path= +ngx_feature_libs= +ngx_feature_test="setsockopt(0, IPPROTO_TCP, TCP_DEFER_ACCEPT, NULL, 0)" +. auto/feature + + ngx_feature="accept4()" ngx_feature_name="NGX_HAVE_ACCEPT4" ngx_feature_run=no Modified: branches/stable-1.0/src/core/ngx_connection.c =================================================================== --- branches/stable-1.0/src/core/ngx_connection.c 2011-11-01 11:23:26 UTC (rev 4243) +++ branches/stable-1.0/src/core/ngx_connection.c 2011-11-01 11:25:15 UTC (rev 4244) @@ -580,7 +580,7 @@ { ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_errno, "setsockopt(SO_ACCEPTFILTER, \"%s\") " - " for %V failed, ignored", + "for %V failed, ignored", ls[i].accept_filter, &ls[i].addr_text); continue; } Modified: branches/stable-1.0/src/os/unix/ngx_freebsd_config.h =================================================================== --- branches/stable-1.0/src/os/unix/ngx_freebsd_config.h 2011-11-01 11:23:26 UTC (rev 4243) +++ branches/stable-1.0/src/os/unix/ngx_freebsd_config.h 2011-11-01 11:25:15 UTC (rev 4244) @@ -92,11 +92,6 @@ #define NGX_LISTEN_BACKLOG -1 -#if (defined SO_ACCEPTFILTER && !defined NGX_HAVE_DEFERRED_ACCEPT) -#define NGX_HAVE_DEFERRED_ACCEPT 1 -#endif - - #if (__FreeBSD_version < 430000 || __FreeBSD_version < 500012) pid_t rfork_thread(int flags, void *stack, int (*func)(void *arg), void *arg); Modified: branches/stable-1.0/src/os/unix/ngx_linux_config.h =================================================================== --- branches/stable-1.0/src/os/unix/ngx_linux_config.h 2011-11-01 11:23:26 UTC (rev 4243) +++ branches/stable-1.0/src/os/unix/ngx_linux_config.h 2011-11-01 11:25:15 UTC (rev 4244) @@ -96,11 +96,6 @@ #define NGX_LISTEN_BACKLOG 511 -#if defined TCP_DEFER_ACCEPT && !defined NGX_HAVE_DEFERRED_ACCEPT -#define NGX_HAVE_DEFERRED_ACCEPT 1 -#endif - - #ifndef NGX_HAVE_SO_SNDLOWAT /* setsockopt(SO_SNDLOWAT) returns ENOPROTOOPT */ #define NGX_HAVE_SO_SNDLOWAT 0 From igor at sysoev.ru Tue Nov 1 11:26:57 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 11:26:57 +0000 Subject: [nginx] svn commit: r4245 - in branches/stable-1.0: . src/os/unix Message-ID: Author: is Date: 2011-11-01 11:26:56 +0000 (Tue, 01 Nov 2011) New Revision: 4245 Modified: branches/stable-1.0/ branches/stable-1.0/src/os/unix/ngx_process.c Log: Merging r4020: SIGWINCH/NOACCEPT signal is disabled now in non-daemon mode. Non-daemon mode is currently used by supervisord, daemontools and so on or during debugging. The NOACCEPT signal is only used for online upgrade which is not supported when nginx is run under supervisord, etc., so this change should not break existant setups. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4200-4205 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4200-4205 Modified: branches/stable-1.0/src/os/unix/ngx_process.c =================================================================== --- branches/stable-1.0/src/os/unix/ngx_process.c 2011-11-01 11:25:15 UTC (rev 4244) +++ branches/stable-1.0/src/os/unix/ngx_process.c 2011-11-01 11:26:56 UTC (rev 4245) @@ -339,8 +339,10 @@ break; case ngx_signal_value(NGX_NOACCEPT_SIGNAL): - ngx_noaccept = 1; - action = ", stop accepting connections"; + if (ngx_daemonized) { + ngx_noaccept = 1; + action = ", stop accepting connections"; + } break; case ngx_signal_value(NGX_RECONFIGURE_SIGNAL): @@ -392,6 +394,9 @@ switch (signo) { case ngx_signal_value(NGX_NOACCEPT_SIGNAL): + if (!ngx_daemonized) { + break; + } ngx_debug_quit = 1; case ngx_signal_value(NGX_SHUTDOWN_SIGNAL): ngx_quit = 1; From igor at sysoev.ru Tue Nov 1 13:00:30 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 13:00:30 +0000 Subject: [nginx] svn commit: r4246 - in branches/stable-1.0: . src/event src/http src/http/modules Message-ID: Author: is Date: 2011-11-01 13:00:30 +0000 (Tue, 01 Nov 2011) New Revision: 4246 Modified: branches/stable-1.0/ branches/stable-1.0/src/event/ngx_event_openssl.c branches/stable-1.0/src/http/modules/ngx_http_ssl_module.c branches/stable-1.0/src/http/ngx_http_request.c Log: Merging r4034, r4186, r4187, r4229, r4235, r4237: SSL related fixes: *) Better handling of various per-server ssl options with SNI. SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket. *) Disabling SSL compression. This saves about 300K per SSL connection. The SSL_OP_NO_COMPRESSION option is available since OpenSSL 1.0.0. *) Releasing memory of idle SSL connection. This saves about 34K per SSL connection. The SSL_MODE_RELEASE_BUFFERS option is available since OpenSSL 1.0.0d. *) Decrease of log level of some SSL handshake errors. *) Fixed segfault on configuration testing with ssl (ticket #37). The following config caused segmentation fault due to conf->file not being properly set if "ssl on" was inherited from the http level: http { ssl on; server { } } *) Silently ignoring a stale global SSL error left after disabled renegotiation. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4035-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4192,4200-4205 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4186-4187,4192,4200-4205,4229,4235,4237 Modified: branches/stable-1.0/src/event/ngx_event_openssl.c =================================================================== --- branches/stable-1.0/src/event/ngx_event_openssl.c 2011-11-01 11:26:56 UTC (rev 4245) +++ branches/stable-1.0/src/event/ngx_event_openssl.c 2011-11-01 13:00:30 UTC (rev 4246) @@ -175,6 +175,14 @@ SSL_CTX_set_options(ssl->ctx, ngx_ssl_protocols[protocols >> 1]); } +#ifdef SSL_OP_NO_COMPRESSION + SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_COMPRESSION); +#endif + +#ifdef SSL_MODE_RELEASE_BUFFERS + SSL_CTX_set_mode(ssl->ctx, SSL_MODE_RELEASE_BUFFERS); +#endif + SSL_CTX_set_read_ahead(ssl->ctx, 1); SSL_CTX_set_info_callback(ssl->ctx, ngx_ssl_info_callback); @@ -855,6 +863,13 @@ ngx_log_error(NGX_LOG_NOTICE, c->log, 0, "SSL renegotiation disabled"); + while (ERR_peek_error()) { + ngx_ssl_error(NGX_LOG_DEBUG, c->log, 0, + "ignoring stale global SSL error"); + } + + ERR_clear_error(); + c->ssl->no_wait_shutdown = 1; c->ssl->no_send_shutdown = 1; @@ -1344,19 +1359,37 @@ n = ERR_GET_REASON(ERR_peek_error()); /* handshake failures */ - if (n == SSL_R_BLOCK_CIPHER_PAD_IS_WRONG /* 129 */ + if (n == SSL_R_BAD_CHANGE_CIPHER_SPEC /* 103 */ + || n == SSL_R_BLOCK_CIPHER_PAD_IS_WRONG /* 129 */ || n == SSL_R_DIGEST_CHECK_FAILED /* 149 */ + || n == SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST /* 151 */ + || n == SSL_R_EXCESSIVE_MESSAGE_SIZE /* 152 */ || n == SSL_R_LENGTH_MISMATCH /* 159 */ || n == SSL_R_NO_CIPHERS_PASSED /* 182 */ || n == SSL_R_NO_CIPHERS_SPECIFIED /* 183 */ + || n == SSL_R_NO_COMPRESSION_SPECIFIED /* 187 */ || n == SSL_R_NO_SHARED_CIPHER /* 193 */ || n == SSL_R_RECORD_LENGTH_MISMATCH /* 213 */ +#ifdef SSL_R_PARSE_TLSEXT + || n == SSL_R_PARSE_TLSEXT /* 227 */ +#endif || n == SSL_R_UNEXPECTED_MESSAGE /* 244 */ || n == SSL_R_UNEXPECTED_RECORD /* 245 */ || n == SSL_R_UNKNOWN_ALERT_TYPE /* 246 */ || n == SSL_R_UNKNOWN_PROTOCOL /* 252 */ || n == SSL_R_WRONG_VERSION_NUMBER /* 267 */ || n == SSL_R_DECRYPTION_FAILED_OR_BAD_RECORD_MAC /* 281 */ +#ifdef SSL_R_RENEGOTIATE_EXT_TOO_LONG + || n == SSL_R_RENEGOTIATE_EXT_TOO_LONG /* 335 */ + || n == SSL_R_RENEGOTIATION_ENCODING_ERR /* 336 */ + || n == SSL_R_RENEGOTIATION_MISMATCH /* 337 */ +#endif +#ifdef SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED + || n == SSL_R_UNSAFE_LEGACY_RENEGOTIATION_DISABLED /* 338 */ +#endif +#ifdef SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING + || n == SSL_R_SCSV_RECEIVED_WHEN_RENEGOTIATING /* 345 */ +#endif || n == 1000 /* SSL_R_SSLV3_ALERT_CLOSE_NOTIFY */ || n == SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE /* 1010 */ || n == SSL_R_SSLV3_ALERT_BAD_RECORD_MAC /* 1020 */ Modified: branches/stable-1.0/src/http/modules/ngx_http_ssl_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_ssl_module.c 2011-11-01 11:26:56 UTC (rev 4245) +++ branches/stable-1.0/src/http/modules/ngx_http_ssl_module.c 2011-11-01 13:00:30 UTC (rev 4246) @@ -346,8 +346,17 @@ ngx_pool_cleanup_t *cln; - ngx_conf_merge_value(conf->enable, prev->enable, 0); + if (conf->enable == NGX_CONF_UNSET) { + if (prev->enable == NGX_CONF_UNSET) { + conf->enable = 0; + } else { + conf->enable = prev->enable; + conf->file = prev->file; + conf->line = prev->line; + } + } + ngx_conf_merge_value(conf->session_timeout, prev->session_timeout, 300); Modified: branches/stable-1.0/src/http/ngx_http_request.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_request.c 2011-11-01 11:26:56 UTC (rev 4245) +++ branches/stable-1.0/src/http/ngx_http_request.c 2011-11-01 13:00:30 UTC (rev 4246) @@ -673,6 +673,24 @@ SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx); + /* + * SSL_set_SSL_CTX() only changes certs as of 1.0.0d + * adjust other things we care about + */ + + SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx), + SSL_CTX_get_verify_callback(sscf->ssl.ctx)); + + SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx)); + +#ifdef SSL_CTRL_CLEAR_OPTIONS + /* only in 0.9.8m+ */ + SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) & + ~SSL_CTX_get_options(sscf->ssl.ctx)); +#endif + + SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx)); + return SSL_TLSEXT_ERR_OK; } From igor at sysoev.ru Tue Nov 1 13:24:50 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 13:24:50 +0000 Subject: [nginx] svn commit: r4247 - in branches/stable-1.0: . src/core src/event src/http src/http/modules src/os/unix src/os/win32 Message-ID: Author: is Date: 2011-11-01 13:24:50 +0000 (Tue, 01 Nov 2011) New Revision: 4247 Modified: branches/stable-1.0/ branches/stable-1.0/src/core/ngx_cycle.c branches/stable-1.0/src/core/ngx_palloc.c branches/stable-1.0/src/core/ngx_string.c branches/stable-1.0/src/event/ngx_event.c branches/stable-1.0/src/event/ngx_event_timer.c branches/stable-1.0/src/http/modules/ngx_http_dav_module.c branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c branches/stable-1.0/src/http/modules/ngx_http_log_module.c branches/stable-1.0/src/http/ngx_http.c branches/stable-1.0/src/http/ngx_http_core_module.c branches/stable-1.0/src/http/ngx_http_upstream.c branches/stable-1.0/src/os/unix/ngx_errno.c branches/stable-1.0/src/os/unix/ngx_file_aio_read.c branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c branches/stable-1.0/src/os/unix/ngx_process.c branches/stable-1.0/src/os/unix/ngx_process_cycle.c branches/stable-1.0/src/os/win32/ngx_process_cycle.c Log: Merging r4132, r4134, r4143, r4183, r4191, r4199: Various fixes related to error messages: *) Removed old warning that suggested to use "server_name_in_redirect off" (now the default) in place of no longer supported "server_name *". *) Fixing directive name in error message if types hash size is not enough. *) Replaced "can not" with "cannot" and "could not" in a bunch of places. Fixed nearby grammar errors. *) Overhauled error essages. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4186-4187,4192,4200-4205,4229,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4154,4156-4157,4183-4184,4186-4187,4191-4192,4199-4205,4229,4235,4237 Modified: branches/stable-1.0/src/core/ngx_cycle.c =================================================================== --- branches/stable-1.0/src/core/ngx_cycle.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/core/ngx_cycle.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -739,7 +739,7 @@ ngx_temp_pool = ngx_create_pool(128, cycle->log); if (ngx_temp_pool == NULL) { ngx_log_error(NGX_LOG_EMERG, cycle->log, 0, - "can not create ngx_temp_pool"); + "could not create ngx_temp_pool"); exit(1); } Modified: branches/stable-1.0/src/core/ngx_palloc.c =================================================================== --- branches/stable-1.0/src/core/ngx_palloc.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/core/ngx_palloc.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -68,7 +68,7 @@ /* * we could allocate the pool->log from this pool - * so we can not use this log while the free()ing the pool + * so we cannot use this log while free()ing the pool */ for (p = pool, n = pool->d.next; /* void */; p = n, n = n->d.next) { Modified: branches/stable-1.0/src/core/ngx_string.c =================================================================== --- branches/stable-1.0/src/core/ngx_string.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/core/ngx_string.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -381,7 +381,7 @@ /* * (int64_t) cast is required for msvc6: - * it can not convert uint64_t to double + * it cannot convert uint64_t to double */ ui64 = (uint64_t) ((f - (int64_t) ui64) * scale + 0.5); Modified: branches/stable-1.0/src/event/ngx_event.c =================================================================== --- branches/stable-1.0/src/event/ngx_event.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/event/ngx_event.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -1027,7 +1027,7 @@ "when the server runs without a master process " "the \"%V\" event type must be the same as " "in previous configuration - \"%s\" " - "and it can not be changed on the fly, " + "and it cannot be changed on the fly, " "to change it you need to stop server " "and start it again", &value[1], old_ecf->name); Modified: branches/stable-1.0/src/event/ngx_event_timer.c =================================================================== --- branches/stable-1.0/src/event/ngx_event_timer.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/event/ngx_event_timer.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -103,11 +103,11 @@ if (ngx_threaded && ngx_trylock(ev->lock) == 0) { /* - * We can not change the timer of the event that is been - * handling by another thread. And we can not easy walk - * the rbtree to find a next expired timer so we exit the loop. - * However it should be rare case when the event that is - * been handling has expired timer. + * We cannot change the timer of the event that is being + * handled by another thread. And we cannot easy walk + * the rbtree to find next expired timer so we exit the loop. + * However, it should be a rare case when the event that is + * being handled has an expired timer. */ ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0, Modified: branches/stable-1.0/src/http/modules/ngx_http_dav_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_dav_module.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/http/modules/ngx_http_dav_module.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -158,7 +158,7 @@ if (r->uri.data[r->uri.len - 1] == '/') { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, - "can not PUT to a collection"); + "cannot PUT to a collection"); return NGX_HTTP_CONFLICT; } Modified: branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -507,7 +507,7 @@ minus = 0; if (hcf->expires == NGX_HTTP_EXPIRES_MODIFIED) { - return "daily time can not be used with \"modified\" parameter"; + return "daily time cannot be used with \"modified\" parameter"; } hcf->expires = NGX_HTTP_EXPIRES_DAILY; Modified: branches/stable-1.0/src/http/modules/ngx_http_log_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_log_module.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/http/modules/ngx_http_log_module.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -960,7 +960,7 @@ if (log->script) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "buffered logs can not have variables in name"); + "buffered logs cannot have variables in name"); return NGX_CONF_ERROR; } Modified: branches/stable-1.0/src/http/ngx_http.c =================================================================== --- branches/stable-1.0/src/http/ngx_http.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/http/ngx_http.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -1226,7 +1226,7 @@ #endif /* - * we can not compare whole sockaddr struct's as kernel + * we cannot compare whole sockaddr struct's as kernel * may fill some fields in inherited sockaddr struct's */ @@ -1281,7 +1281,7 @@ if (addr[i].opt.set) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "a duplicate listen options for %s", addr[i].opt.addr); + "duplicate listen options for %s", addr[i].opt.addr); return NGX_ERROR; } Modified: branches/stable-1.0/src/http/ngx_http_core_module.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -1259,7 +1259,7 @@ tf++; ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, - "try to use %s: \"%s\" \"%s\"", + "trying to use %s: \"%s\" \"%s\"", test_dir ? "dir" : "file", name, path.data); if (tf->lengths == NULL && tf->name.len == 0) { @@ -1897,7 +1897,7 @@ if (alias && !r->valid_location) { ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0, - "\"alias\" could not be used in location \"%V\" " + "\"alias\" cannot be used in location \"%V\" " "where URI was rewritten", &clcf->name); return NULL; } @@ -2468,7 +2468,7 @@ if (r->uri_changes == 0) { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "rewrite or internal redirection cycle " - "while internal redirect to \"%V\"", uri); + "while internally redirecting to \"%V\"", uri); r->main->count++; ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); @@ -2862,7 +2862,7 @@ if (pclcf->exact_match) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "location \"%V\" could not be inside " + "location \"%V\" cannot be inside " "the exact location \"%V\"", &clcf->name, &pclcf->name); return NGX_CONF_ERROR; @@ -2870,7 +2870,7 @@ if (pclcf->named) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "location \"%V\" could not be inside " + "location \"%V\" cannot be inside " "the named location \"%V\"", &clcf->name, &pclcf->name); return NGX_CONF_ERROR; @@ -2878,8 +2878,8 @@ if (clcf->named) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "named location \"%V\" must be " - "on server level only", + "named location \"%V\" can be " + "on the server level only", &clcf->name); return NGX_CONF_ERROR; } @@ -2948,7 +2948,7 @@ #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the using of the regex \"%V\" requires PCRE library", + "using regex \"%V\" requires PCRE library", regex); return NGX_ERROR; @@ -3030,9 +3030,9 @@ type[n].value = content_type; ngx_conf_log_error(NGX_LOG_WARN, cf, 0, - "duplicate extention \"%V\", " + "duplicate extension \"%V\", " "content type: \"%V\", " - "old content type: \"%V\"", + "previous content type: \"%V\"", &value[i], content_type, old); goto next; } @@ -3187,7 +3187,7 @@ if (conf->large_client_header_buffers.size < conf->connection_pool_size) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "the \"large_client_header_buffers\" size must be " - "equal to or bigger than \"connection_pool_size\""); + "equal to or greater than \"connection_pool_size\""); return NGX_CONF_ERROR; } @@ -3200,7 +3200,7 @@ prev->underscores_in_headers, 0); if (conf->server_names.nelts == 0) { - /* the array has 4 empty preallocated elements, so push can not fail */ + /* the array has 4 empty preallocated elements, so push cannot fail */ sn = ngx_array_push(&conf->server_names); #if (NGX_PCRE) sn->regex = NULL; @@ -3435,7 +3435,7 @@ types_hash.key = ngx_hash_key_lc; types_hash.max_size = conf->types_hash_max_size; types_hash.bucket_size = conf->types_hash_bucket_size; - types_hash.name = "mime_types_hash"; + types_hash.name = "types_hash"; types_hash.pool = cf->pool; types_hash.temp_pool = NULL; @@ -3789,7 +3789,7 @@ continue; #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "bind ipv6only is not supported " + "ipv6only is not supported " "on this platform"); return NGX_CONF_ERROR; #endif @@ -3808,7 +3808,7 @@ } ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the invalid \"%V\" parameter", &value[n]); + "invalid parameter \"%V\"", &value[n]); return NGX_CONF_ERROR; } @@ -3846,17 +3846,10 @@ if (ngx_strchr(value[i].data, '/')) { ngx_conf_log_error(NGX_LOG_WARN, cf, 0, - "server name \"%V\" has strange symbols", + "server name \"%V\" has suspicious symbols", &value[i]); } - if (value[i].len == 1 && ch == '*') { - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "\"server_name *\" is unsupported, use " - "\"server_name_in_redirect off\" instead"); - return NGX_CONF_ERROR; - } - sn = ngx_array_push(&cscf->server_names); if (sn == NULL) { return NGX_CONF_ERROR; @@ -3917,7 +3910,7 @@ } #else ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the using of the regex \"%V\" " + "using regex \"%V\" " "requires PCRE library", &value[i]); return NGX_CONF_ERROR; @@ -3949,7 +3942,7 @@ } else { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "\"%V\" directive is duplicate, " - "\"%s\" directive is specified before", + "\"%s\" directive was specified earlier", &cmd->name, clcf->alias ? "alias" : "root"); } @@ -3958,8 +3951,8 @@ if (clcf->named && alias) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the \"alias\" directive may not be used " - "inside named location"); + "the \"alias\" directive cannot be used " + "inside the named location"); return NGX_CONF_ERROR; } @@ -3970,7 +3963,7 @@ || ngx_strstr(value[1].data, "${document_root}")) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the $document_root variable may not be used " + "the $document_root variable cannot be used " "in the \"%V\" directive", &cmd->name); @@ -3981,7 +3974,7 @@ || ngx_strstr(value[1].data, "${realpath_root}")) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "the $realpath_root variable may not be used " + "the $realpath_root variable cannot be used " "in the \"%V\" directive", &cmd->name); @@ -4440,7 +4433,7 @@ if (max == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "\"open_file_cache\" must have \"max\" parameter"); + "\"open_file_cache\" must have the \"max\" parameter"); return NGX_CONF_ERROR; } Modified: branches/stable-1.0/src/http/ngx_http_upstream.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_upstream.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/http/ngx_http_upstream.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -987,7 +987,7 @@ if (!u->cacheable && u->peer.connection) { ngx_log_error(NGX_LOG_INFO, ev->log, ev->kq_errno, - "kevent() reported that client closed prematurely " + "kevent() reported that client prematurely closed " "connection, so upstream connection is closed too"); ngx_http_upstream_finalize_request(r, u, NGX_HTTP_CLIENT_CLOSED_REQUEST); @@ -995,8 +995,8 @@ } ngx_log_error(NGX_LOG_INFO, ev->log, ev->kq_errno, - "kevent() reported that client closed " - "prematurely connection"); + "kevent() reported that client prematurely closed " + "connection"); if (u->peer.connection == NULL) { ngx_http_upstream_finalize_request(r, u, @@ -1050,7 +1050,7 @@ if (!u->cacheable && u->peer.connection) { ngx_log_error(NGX_LOG_INFO, ev->log, err, - "client closed prematurely connection, " + "client prematurely closed connection, " "so upstream connection is closed too"); ngx_http_upstream_finalize_request(r, u, NGX_HTTP_CLIENT_CLOSED_REQUEST); @@ -1058,7 +1058,7 @@ } ngx_log_error(NGX_LOG_INFO, ev->log, err, - "client closed prematurely connection"); + "client prematurely closed connection"); if (u->peer.connection == NULL) { ngx_http_upstream_finalize_request(r, u, Modified: branches/stable-1.0/src/os/unix/ngx_errno.c =================================================================== --- branches/stable-1.0/src/os/unix/ngx_errno.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/os/unix/ngx_errno.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -12,7 +12,7 @@ * The strerror() messages are copied because: * * 1) strerror() and strerror_r() functions are not Async-Signal-Safe, - * therefore, they can not be used in signal handlers; + * therefore, they cannot be used in signal handlers; * * 2) a direct sys_errlist[] array may be used instead of these functions, * but Linux linker warns about its usage: Modified: branches/stable-1.0/src/os/unix/ngx_file_aio_read.c =================================================================== --- branches/stable-1.0/src/os/unix/ngx_file_aio_read.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/os/unix/ngx_file_aio_read.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -23,7 +23,7 @@ * kqueue EVFILT_AIO filter is level triggered only: an event repeats * until aio_return() will be called; * - * aio_cancel() can not cancel file AIO: it returns AIO_NOTCANCELED always. + * aio_cancel() cannot cancel file AIO: it returns AIO_NOTCANCELED always. */ Modified: branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c =================================================================== --- branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -11,7 +11,7 @@ /* * Although FreeBSD sendfile() allows to pass a header and a trailer, - * it can not send a header with a part of the file in one packet until + * it cannot send a header with a part of the file in one packet until * FreeBSD 5.3. Besides, over the fast ethernet connection sendfile() * may send the partially filled packets, i.e. the 8 file pages may be sent * as the 11 full 1460-bytes packets, then one incomplete 324-bytes packet, Modified: branches/stable-1.0/src/os/unix/ngx_process.c =================================================================== --- branches/stable-1.0/src/os/unix/ngx_process.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/os/unix/ngx_process.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -541,7 +541,7 @@ if (WEXITSTATUS(status) == 2 && ngx_processes[i].respawn) { ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0, "%s %P exited with fatal code %d " - "and can not be respawn", + "and cannot be respawned", process, pid, WEXITSTATUS(status)); ngx_processes[i].respawn = 0; } Modified: branches/stable-1.0/src/os/unix/ngx_process_cycle.c =================================================================== --- branches/stable-1.0/src/os/unix/ngx_process_cycle.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/os/unix/ngx_process_cycle.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -620,7 +620,8 @@ == NGX_INVALID_PID) { ngx_log_error(NGX_LOG_ALERT, cycle->log, 0, - "can not respawn %s", ngx_processes[i].name); + "could not respawn %s", + ngx_processes[i].name); continue; } Modified: branches/stable-1.0/src/os/win32/ngx_process_cycle.c =================================================================== --- branches/stable-1.0/src/os/win32/ngx_process_cycle.c 2011-11-01 13:00:30 UTC (rev 4246) +++ branches/stable-1.0/src/os/win32/ngx_process_cycle.c 2011-11-01 13:24:50 UTC (rev 4247) @@ -530,7 +530,7 @@ == NGX_INVALID_PID) { ngx_log_error(NGX_LOG_ALERT, cycle->log, 0, - "can not respawn %s", ngx_processes[n].name); + "could not respawn %s", ngx_processes[n].name); if (n == ngx_last_process - 1) { ngx_last_process--; From tzury.by at reguluslabs.com Tue Nov 1 13:27:33 2011 From: tzury.by at reguluslabs.com (Tzury Bar Yochay) Date: Tue, 1 Nov 2011 15:27:33 +0200 Subject: [nginx] svn commit: r4247 - in branches/stable-1.0: . src/core src/event src/http src/http/modules src/os/unix src/os/win32 In-Reply-To: <20111101132452.805673F9CA3@mail.nginx.com> References: <20111101132452.805673F9CA3@mail.nginx.com> Message-ID: Igor, Bolshoy Spasiva! Really, you deserve to be thanked personally once in a while for the continuous works and improvements. On Tue, Nov 1, 2011 at 3:24 PM, wrote: > Author: is > Date: 2011-11-01 13:24:50 +0000 (Tue, 01 Nov 2011) > New Revision: 4247 > > Modified: > branches/stable-1.0/ > branches/stable-1.0/src/core/ngx_cycle.c > branches/stable-1.0/src/core/ngx_palloc.c > branches/stable-1.0/src/core/ngx_string.c > branches/stable-1.0/src/event/ngx_event.c > branches/stable-1.0/src/event/ngx_event_timer.c > branches/stable-1.0/src/http/modules/ngx_http_dav_module.c > branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c > branches/stable-1.0/src/http/modules/ngx_http_log_module.c > branches/stable-1.0/src/http/ngx_http.c > branches/stable-1.0/src/http/ngx_http_core_module.c > branches/stable-1.0/src/http/ngx_http_upstream.c > branches/stable-1.0/src/os/unix/ngx_errno.c > branches/stable-1.0/src/os/unix/ngx_file_aio_read.c > branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c > branches/stable-1.0/src/os/unix/ngx_process.c > branches/stable-1.0/src/os/unix/ngx_process_cycle.c > branches/stable-1.0/src/os/win32/ngx_process_cycle.c > Log: > Merging r4132, r4134, r4143, r4183, r4191, r4199: > > Various fixes related to error messages: > > *) Removed old warning that suggested to use "server_name_in_redirect off" > (now the default) in place of no longer supported "server_name *". > > *) Fixing directive name in error message if types hash size is not enough. > > *) Replaced "can not" with "cannot" and "could not" in a bunch of places. > Fixed nearby grammar errors. > > *) Overhauled error essages. > > > > Property changes on: branches/stable-1.0 > ___________________________________________________________________ > Modified: svn:mergeinfo > - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013, > 4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102, > 4106-4108,4113-4114,4129-4131,4133,4135-4137,4154,4156-4157,4184,4186-4187 > ,4192,4200-4205,4229,4235,4237 > + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013, > 4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102, > 4106-4108,4113-4114,4129-4137,4143,4154,4156-4157,4183-4184,4186-4187, > 4191-4192,4199-4205,4229,4235,4237 > > Modified: branches/stable-1.0/src/core/ngx_cycle.c > =================================================================== > --- branches/stable-1.0/src/core/ngx_cycle.c 2011-11-01 13:00:30 UTC > (rev 4246) > +++ branches/stable-1.0/src/core/ngx_cycle.c 2011-11-01 13:24:50 UTC > (rev 4247) > @@ -739,7 +739,7 @@ > ngx_temp_pool = ngx_create_pool(128, cycle->log); > if (ngx_temp_pool == NULL) { > ngx_log_error(NGX_LOG_EMERG, cycle->log, 0, > - "can not create ngx_temp_pool"); > + "could not create ngx_temp_pool"); > exit(1); > } > > > Modified: branches/stable-1.0/src/core/ngx_palloc.c > =================================================================== > --- branches/stable-1.0/src/core/ngx_palloc.c 2011-11-01 13:00:30 UTC > (rev 4246) > +++ branches/stable-1.0/src/core/ngx_palloc.c 2011-11-01 13:24:50 UTC > (rev 4247) > @@ -68,7 +68,7 @@ > > /* > * we could allocate the pool->log from this pool > - * so we can not use this log while the free()ing the pool > + * so we cannot use this log while free()ing the pool > */ > > for (p = pool, n = pool->d.next; /* void */; p = n, n = n->d.next) { > > Modified: branches/stable-1.0/src/core/ngx_string.c > =================================================================== > --- branches/stable-1.0/src/core/ngx_string.c 2011-11-01 13:00:30 UTC > (rev 4246) > +++ branches/stable-1.0/src/core/ngx_string.c 2011-11-01 13:24:50 UTC > (rev 4247) > @@ -381,7 +381,7 @@ > > /* > * (int64_t) cast is required for msvc6: > - * it can not convert uint64_t to double > + * it cannot convert uint64_t to double > */ > ui64 = (uint64_t) ((f - (int64_t) ui64) * scale + 0.5); > > > Modified: branches/stable-1.0/src/event/ngx_event.c > =================================================================== > --- branches/stable-1.0/src/event/ngx_event.c 2011-11-01 13:00:30 UTC > (rev 4246) > +++ branches/stable-1.0/src/event/ngx_event.c 2011-11-01 13:24:50 UTC > (rev 4247) > @@ -1027,7 +1027,7 @@ > "when the server runs without a master > process " > "the \"%V\" event type must be the same as " > "in previous configuration - \"%s\" " > - "and it can not be changed on the fly, " > + "and it cannot be changed on the fly, " > "to change it you need to stop server " > "and start it again", > &value[1], old_ecf->name); > > Modified: branches/stable-1.0/src/event/ngx_event_timer.c > =================================================================== > --- branches/stable-1.0/src/event/ngx_event_timer.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/event/ngx_event_timer.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -103,11 +103,11 @@ > if (ngx_threaded && ngx_trylock(ev->lock) == 0) { > > /* > - * We can not change the timer of the event that is been > - * handling by another thread. And we can not easy walk > - * the rbtree to find a next expired timer so we exit the > loop. > - * However it should be rare case when the event that is > - * been handling has expired timer. > + * We cannot change the timer of the event that is being > + * handled by another thread. And we cannot easy walk > + * the rbtree to find next expired timer so we exit the > loop. > + * However, it should be a rare case when the event that > is > + * being handled has an expired timer. > */ > > ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0, > > Modified: branches/stable-1.0/src/http/modules/ngx_http_dav_module.c > =================================================================== > --- branches/stable-1.0/src/http/modules/ngx_http_dav_module.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/http/modules/ngx_http_dav_module.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -158,7 +158,7 @@ > > if (r->uri.data[r->uri.len - 1] == '/') { > ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, > - "can not PUT to a collection"); > + "cannot PUT to a collection"); > return NGX_HTTP_CONFLICT; > } > > > Modified: > branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c > =================================================================== > --- branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c > 2011-11-01 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/http/modules/ngx_http_headers_filter_module.c > 2011-11-01 13:24:50 UTC (rev 4247) > @@ -507,7 +507,7 @@ > minus = 0; > > if (hcf->expires == NGX_HTTP_EXPIRES_MODIFIED) { > - return "daily time can not be used with \"modified\" > parameter"; > + return "daily time cannot be used with \"modified\" > parameter"; > } > > hcf->expires = NGX_HTTP_EXPIRES_DAILY; > > Modified: branches/stable-1.0/src/http/modules/ngx_http_log_module.c > =================================================================== > --- branches/stable-1.0/src/http/modules/ngx_http_log_module.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/http/modules/ngx_http_log_module.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -960,7 +960,7 @@ > > if (log->script) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "buffered logs can not have variables in > name"); > + "buffered logs cannot have variables in > name"); > return NGX_CONF_ERROR; > } > > > Modified: branches/stable-1.0/src/http/ngx_http.c > =================================================================== > --- branches/stable-1.0/src/http/ngx_http.c 2011-11-01 13:00:30 UTC > (rev 4246) > +++ branches/stable-1.0/src/http/ngx_http.c 2011-11-01 13:24:50 UTC > (rev 4247) > @@ -1226,7 +1226,7 @@ > #endif > > /* > - * we can not compare whole sockaddr struct's as kernel > + * we cannot compare whole sockaddr struct's as kernel > * may fill some fields in inherited sockaddr struct's > */ > > @@ -1281,7 +1281,7 @@ > > if (addr[i].opt.set) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "a duplicate listen options for %s", > addr[i].opt.addr); > + "duplicate listen options for %s", > addr[i].opt.addr); > return NGX_ERROR; > } > > > Modified: branches/stable-1.0/src/http/ngx_http_core_module.c > =================================================================== > --- branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -1259,7 +1259,7 @@ > tf++; > > ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, > - "try to use %s: \"%s\" \"%s\"", > + "trying to use %s: \"%s\" \"%s\"", > test_dir ? "dir" : "file", name, path.data); > > if (tf->lengths == NULL && tf->name.len == 0) { > @@ -1897,7 +1897,7 @@ > > if (alias && !r->valid_location) { > ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0, > - "\"alias\" could not be used in location \"%V\" " > + "\"alias\" cannot be used in location \"%V\" " > "where URI was rewritten", &clcf->name); > return NULL; > } > @@ -2468,7 +2468,7 @@ > if (r->uri_changes == 0) { > ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, > "rewrite or internal redirection cycle " > - "while internal redirect to \"%V\"", uri); > + "while internally redirecting to \"%V\"", uri); > > r->main->count++; > ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); > @@ -2862,7 +2862,7 @@ > > if (pclcf->exact_match) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "location \"%V\" could not be inside " > + "location \"%V\" cannot be inside " > "the exact location \"%V\"", > &clcf->name, &pclcf->name); > return NGX_CONF_ERROR; > @@ -2870,7 +2870,7 @@ > > if (pclcf->named) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "location \"%V\" could not be inside " > + "location \"%V\" cannot be inside " > "the named location \"%V\"", > &clcf->name, &pclcf->name); > return NGX_CONF_ERROR; > @@ -2878,8 +2878,8 @@ > > if (clcf->named) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "named location \"%V\" must be " > - "on server level only", > + "named location \"%V\" can be " > + "on the server level only", > &clcf->name); > return NGX_CONF_ERROR; > } > @@ -2948,7 +2948,7 @@ > #else > > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "the using of the regex \"%V\" requires PCRE > library", > + "using regex \"%V\" requires PCRE library", > regex); > return NGX_ERROR; > > @@ -3030,9 +3030,9 @@ > type[n].value = content_type; > > ngx_conf_log_error(NGX_LOG_WARN, cf, 0, > - "duplicate extention \"%V\", " > + "duplicate extension \"%V\", " > "content type: \"%V\", " > - "old content type: \"%V\"", > + "previous content type: \"%V\"", > &value[i], content_type, old); > goto next; > } > @@ -3187,7 +3187,7 @@ > if (conf->large_client_header_buffers.size < > conf->connection_pool_size) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > "the \"large_client_header_buffers\" size must > be " > - "equal to or bigger than > \"connection_pool_size\""); > + "equal to or greater than > \"connection_pool_size\""); > return NGX_CONF_ERROR; > } > > @@ -3200,7 +3200,7 @@ > prev->underscores_in_headers, 0); > > if (conf->server_names.nelts == 0) { > - /* the array has 4 empty preallocated elements, so push can not > fail */ > + /* the array has 4 empty preallocated elements, so push cannot > fail */ > sn = ngx_array_push(&conf->server_names); > #if (NGX_PCRE) > sn->regex = NULL; > @@ -3435,7 +3435,7 @@ > types_hash.key = ngx_hash_key_lc; > types_hash.max_size = conf->types_hash_max_size; > types_hash.bucket_size = conf->types_hash_bucket_size; > - types_hash.name = "mime_types_hash"; > + types_hash.name = "types_hash"; > types_hash.pool = cf->pool; > types_hash.temp_pool = NULL; > > @@ -3789,7 +3789,7 @@ > continue; > #else > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "bind ipv6only is not supported " > + "ipv6only is not supported " > "on this platform"); > return NGX_CONF_ERROR; > #endif > @@ -3808,7 +3808,7 @@ > } > > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "the invalid \"%V\" parameter", &value[n]); > + "invalid parameter \"%V\"", &value[n]); > return NGX_CONF_ERROR; > } > > @@ -3846,17 +3846,10 @@ > > if (ngx_strchr(value[i].data, '/')) { > ngx_conf_log_error(NGX_LOG_WARN, cf, 0, > - "server name \"%V\" has strange symbols", > + "server name \"%V\" has suspicious > symbols", > &value[i]); > } > > - if (value[i].len == 1 && ch == '*') { > - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "\"server_name *\" is unsupported, use " > - "\"server_name_in_redirect off\" instead"); > - return NGX_CONF_ERROR; > - } > - > sn = ngx_array_push(&cscf->server_names); > if (sn == NULL) { > return NGX_CONF_ERROR; > @@ -3917,7 +3910,7 @@ > } > #else > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "the using of the regex \"%V\" " > + "using regex \"%V\" " > "requires PCRE library", &value[i]); > > return NGX_CONF_ERROR; > @@ -3949,7 +3942,7 @@ > } else { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > "\"%V\" directive is duplicate, " > - "\"%s\" directive is specified before", > + "\"%s\" directive was specified earlier", > &cmd->name, clcf->alias ? "alias" : "root"); > } > > @@ -3958,8 +3951,8 @@ > > if (clcf->named && alias) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "the \"alias\" directive may not be used " > - "inside named location"); > + "the \"alias\" directive cannot be used " > + "inside the named location"); > > return NGX_CONF_ERROR; > } > @@ -3970,7 +3963,7 @@ > || ngx_strstr(value[1].data, "${document_root}")) > { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "the $document_root variable may not be used " > + "the $document_root variable cannot be used " > "in the \"%V\" directive", > &cmd->name); > > @@ -3981,7 +3974,7 @@ > || ngx_strstr(value[1].data, "${realpath_root}")) > { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "the $realpath_root variable may not be used " > + "the $realpath_root variable cannot be used " > "in the \"%V\" directive", > &cmd->name); > > @@ -4440,7 +4433,7 @@ > > if (max == 0) { > ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, > - "\"open_file_cache\" must have \"max\" > parameter"); > + "\"open_file_cache\" must have the \"max\" > parameter"); > return NGX_CONF_ERROR; > } > > > Modified: branches/stable-1.0/src/http/ngx_http_upstream.c > =================================================================== > --- branches/stable-1.0/src/http/ngx_http_upstream.c 2011-11-0113:00:30 UTC (rev > 4246) > +++ branches/stable-1.0/src/http/ngx_http_upstream.c 2011-11-0113:24:50 UTC (rev > 4247) > @@ -987,7 +987,7 @@ > > if (!u->cacheable && u->peer.connection) { > ngx_log_error(NGX_LOG_INFO, ev->log, ev->kq_errno, > - "kevent() reported that client closed > prematurely " > + "kevent() reported that client prematurely > closed " > "connection, so upstream connection is closed > too"); > ngx_http_upstream_finalize_request(r, u, > > NGX_HTTP_CLIENT_CLOSED_REQUEST); > @@ -995,8 +995,8 @@ > } > > ngx_log_error(NGX_LOG_INFO, ev->log, ev->kq_errno, > - "kevent() reported that client closed " > - "prematurely connection"); > + "kevent() reported that client prematurely closed " > + "connection"); > > if (u->peer.connection == NULL) { > ngx_http_upstream_finalize_request(r, u, > @@ -1050,7 +1050,7 @@ > > if (!u->cacheable && u->peer.connection) { > ngx_log_error(NGX_LOG_INFO, ev->log, err, > - "client closed prematurely connection, " > + "client prematurely closed connection, " > "so upstream connection is closed too"); > ngx_http_upstream_finalize_request(r, u, > NGX_HTTP_CLIENT_CLOSED_REQUEST); > @@ -1058,7 +1058,7 @@ > } > > ngx_log_error(NGX_LOG_INFO, ev->log, err, > - "client closed prematurely connection"); > + "client prematurely closed connection"); > > if (u->peer.connection == NULL) { > ngx_http_upstream_finalize_request(r, u, > > Modified: branches/stable-1.0/src/os/unix/ngx_errno.c > =================================================================== > --- branches/stable-1.0/src/os/unix/ngx_errno.c 2011-11-01 13:00:30 UTC > (rev 4246) > +++ branches/stable-1.0/src/os/unix/ngx_errno.c 2011-11-01 13:24:50 UTC > (rev 4247) > @@ -12,7 +12,7 @@ > * The strerror() messages are copied because: > * > * 1) strerror() and strerror_r() functions are not Async-Signal-Safe, > - * therefore, they can not be used in signal handlers; > + * therefore, they cannot be used in signal handlers; > * > * 2) a direct sys_errlist[] array may be used instead of these functions, > * but Linux linker warns about its usage: > > Modified: branches/stable-1.0/src/os/unix/ngx_file_aio_read.c > =================================================================== > --- branches/stable-1.0/src/os/unix/ngx_file_aio_read.c 2011-11-0113:00:30 UTC (rev > 4246) > +++ branches/stable-1.0/src/os/unix/ngx_file_aio_read.c 2011-11-0113:24:50 UTC (rev > 4247) > @@ -23,7 +23,7 @@ > * kqueue EVFILT_AIO filter is level triggered only: an event repeats > * until aio_return() will be called; > * > - * aio_cancel() can not cancel file AIO: it returns AIO_NOTCANCELED > always. > + * aio_cancel() cannot cancel file AIO: it returns AIO_NOTCANCELED > always. > */ > > > > Modified: branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c > =================================================================== > --- branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c > 2011-11-01 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/os/unix/ngx_freebsd_sendfile_chain.c > 2011-11-01 13:24:50 UTC (rev 4247) > @@ -11,7 +11,7 @@ > > /* > * Although FreeBSD sendfile() allows to pass a header and a trailer, > - * it can not send a header with a part of the file in one packet until > + * it cannot send a header with a part of the file in one packet until > * FreeBSD 5.3. Besides, over the fast ethernet connection sendfile() > * may send the partially filled packets, i.e. the 8 file pages may be sent > * as the 11 full 1460-bytes packets, then one incomplete 324-bytes packet, > > Modified: branches/stable-1.0/src/os/unix/ngx_process.c > =================================================================== > --- branches/stable-1.0/src/os/unix/ngx_process.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/os/unix/ngx_process.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -541,7 +541,7 @@ > if (WEXITSTATUS(status) == 2 && ngx_processes[i].respawn) { > ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0, > "%s %P exited with fatal code %d " > - "and can not be respawn", > + "and cannot be respawned", > process, pid, WEXITSTATUS(status)); > ngx_processes[i].respawn = 0; > } > > Modified: branches/stable-1.0/src/os/unix/ngx_process_cycle.c > =================================================================== > --- branches/stable-1.0/src/os/unix/ngx_process_cycle.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/os/unix/ngx_process_cycle.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -620,7 +620,8 @@ > == NGX_INVALID_PID) > { > ngx_log_error(NGX_LOG_ALERT, cycle->log, 0, > - "can not respawn %s", > ngx_processes[i].name); > + "could not respawn %s", > + ngx_processes[i].name); > continue; > } > > > Modified: branches/stable-1.0/src/os/win32/ngx_process_cycle.c > =================================================================== > --- branches/stable-1.0/src/os/win32/ngx_process_cycle.c 2011-11-01 > 13:00:30 UTC (rev 4246) > +++ branches/stable-1.0/src/os/win32/ngx_process_cycle.c 2011-11-01 > 13:24:50 UTC (rev 4247) > @@ -530,7 +530,7 @@ > == NGX_INVALID_PID) > { > ngx_log_error(NGX_LOG_ALERT, cycle->log, 0, > - "can not respawn %s", > ngx_processes[n].name); > + "could not respawn %s", > ngx_processes[n].name); > > if (n == ngx_last_process - 1) { > ngx_last_process--; > > _______________________________________________ > nginx-devel mailing list > nginx-devel at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx-devel > -------------- next part -------------- An HTML attachment was scrubbed... URL: From igor at sysoev.ru Tue Nov 1 13:45:33 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 13:45:33 +0000 Subject: [nginx] svn commit: r4248 - in branches/stable-1.0: . src/http src/http/modules Message-ID: Author: is Date: 2011-11-01 13:45:33 +0000 (Tue, 01 Nov 2011) New Revision: 4248 Modified: branches/stable-1.0/ branches/stable-1.0/src/http/modules/ngx_http_empty_gif_module.c branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c branches/stable-1.0/src/http/modules/ngx_http_static_module.c branches/stable-1.0/src/http/ngx_http_core_module.c branches/stable-1.0/src/http/ngx_http_core_module.h branches/stable-1.0/src/http/ngx_http_script.c branches/stable-1.0/src/http/ngx_http_special_response.c Log: Merging r4147, r4148, r4149, r4150, r4207: Fixes of combination of error_page and return directives: *) Fix for incorrect 201 replies from dav module. Replies with 201 code contain body, and we should clearly indicate it's empty if it's empty. Before 0.8.32 chunked was explicitly disabled for 201 replies and as a result empty body was indicated by connection close (not perfect, but worked). Since 0.8.32 chunked is enabled, and this causes incorrect responses from dav module when HTTP/1.1 is used: with "Transfer-Encoding: chunked" but no chunks at all. Fix is to actually return empty body in special response handler instead of abusing r->header_only flag. See here for initial report: http://mailman.nginx.org/pipermail/nginx-ru/2010-October/037535.html *) Fix for double content when return is used in error_page handler. Test case: location / { error_page 405 /nope; return 405; } location /nope { return 200; } This is expected to return 405 with empty body, but in 0.8.42+ will return builtin 405 error page as well (though not counted in Content-Length, thus breaking protocol). Fix is to use status provided by rewrite script execution in case it's less than NGX_HTTP_BAD_REQUEST even if r->error_status set. This check is in line with one in ngx_http_script_return_code(). Note that this patch also changes behaviour for "return 302 ..." and "rewrite ... redirect" used as error handler. E.g. location / { error_page 405 /redirect; return 405; } location /redirect { rewrite ^ http://example.com/; } will actually return redirect to "http://example.com/" instead of builtin 405 error page with meaningless Location header. This looks like correct change and it's in line with what happens on e.g. directory redirects in error handlers. *) Fix for "return 202" not discarding body. Big POST (not fully preread) to a location / { return 202; } resulted in incorrect behaviour due to "return" code path not calling ngx_http_discard_request_body(). The same applies to all "return" used with 2xx/3xx codes except 201 and 204, and to all "return ... text" uses. Fix is to add ngx_http_discard_request_body() call to ngx_http_send_response() function where it looks appropriate. Discard body call from emtpy gif module removed as it's now redundant. Reported by Pyry Hakulinen, see http://mailman.nginx.org/pipermail/nginx/2011-August/028503.html *) Incorrect special case for "return 204" removed. The special case in question leads to replies without body in configuration like location / { error_page 404 /zero; return 404; } location /zero { return 204; } while replies with empty body are expected per protocol specs. Correct one will look like if (status == NGX_HTTP_NO_CONTENT) { rc = ngx_http_send_header(r); if (rc == NGX_ERROR || r->header_only) { return rc; } return ngx_http_send_special(r, NGX_HTTP_LAST); } though it looks like it's better to drop this special case at all. *) Clear old Location header (if any) while adding a new one. This prevents incorrect behaviour when another redirect is issued within error_page 302 handler. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4154,4156-4157,4183-4184,4186-4187,4191-4192,4199-4205,4229,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4150,4154,4156-4157,4183-4184,4186-4187,4191-4192,4199-4205,4207,4229,4235,4237 Modified: branches/stable-1.0/src/http/modules/ngx_http_empty_gif_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_empty_gif_module.c 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/modules/ngx_http_empty_gif_module.c 2011-11-01 13:45:33 UTC (rev 4248) @@ -111,19 +111,12 @@ static ngx_int_t ngx_http_empty_gif_handler(ngx_http_request_t *r) { - ngx_int_t rc; ngx_http_complex_value_t cv; if (!(r->method & (NGX_HTTP_GET|NGX_HTTP_HEAD))) { return NGX_HTTP_NOT_ALLOWED; } - rc = ngx_http_discard_request_body(r); - - if (rc != NGX_OK) { - return rc; - } - ngx_memzero(&cv, sizeof(ngx_http_complex_value_t)); cv.value.len = sizeof(ngx_empty_gif); Modified: branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c 2011-11-01 13:45:33 UTC (rev 4248) @@ -167,8 +167,8 @@ code(e); } - if (e->status == NGX_DECLINED) { - return NGX_DECLINED; + if (e->status < NGX_HTTP_BAD_REQUEST) { + return e->status; } if (r->err_status == 0) { Modified: branches/stable-1.0/src/http/modules/ngx_http_static_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_static_module.c 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/modules/ngx_http_static_module.c 2011-11-01 13:45:33 UTC (rev 4248) @@ -139,6 +139,8 @@ ngx_log_debug0(NGX_LOG_DEBUG_HTTP, log, 0, "http dir"); + ngx_http_clear_location(r); + r->headers_out.location = ngx_palloc(r->pool, sizeof(ngx_table_elt_t)); if (r->headers_out.location == NULL) { return NGX_HTTP_INTERNAL_SERVER_ERROR; Modified: branches/stable-1.0/src/http/ngx_http_core_module.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/ngx_http_core_module.c 2011-11-01 13:45:33 UTC (rev 4248) @@ -983,6 +983,8 @@ } if (rc == NGX_DONE) { + ngx_http_clear_location(r); + r->headers_out.location = ngx_list_push(&r->headers_out.headers); if (r->headers_out.location == NULL) { ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); @@ -1784,19 +1786,20 @@ ngx_buf_t *b; ngx_chain_t out; + if (ngx_http_discard_request_body(r) != NGX_OK) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + r->headers_out.status = status; - if (status == NGX_HTTP_NO_CONTENT) { - r->header_only = 1; - return ngx_http_send_header(r); - } - if (ngx_http_complex_value(r, cv, &val) != NGX_OK) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } if (status >= NGX_HTTP_MOVED_PERMANENTLY && status <= NGX_HTTP_SEE_OTHER) { + ngx_http_clear_location(r); + r->headers_out.location = ngx_list_push(&r->headers_out.headers); if (r->headers_out.location == NULL) { return NGX_HTTP_INTERNAL_SERVER_ERROR; Modified: branches/stable-1.0/src/http/ngx_http_core_module.h =================================================================== --- branches/stable-1.0/src/http/ngx_http_core_module.h 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/ngx_http_core_module.h 2011-11-01 13:45:33 UTC (rev 4248) @@ -529,5 +529,12 @@ r->headers_out.last_modified = NULL; \ } +#define ngx_http_clear_location(r) \ + \ + if (r->headers_out.location) { \ + r->headers_out.location->hash = 0; \ + r->headers_out.location = NULL; \ + } + #endif /* _NGX_HTTP_CORE_H_INCLUDED_ */ Modified: branches/stable-1.0/src/http/ngx_http_script.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_script.c 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/ngx_http_script.c 2011-11-01 13:45:33 UTC (rev 4248) @@ -1106,6 +1106,8 @@ "rewritten redirect: \"%V\"", &e->buf); } + ngx_http_clear_location(r); + r->headers_out.location = ngx_list_push(&r->headers_out.headers); if (r->headers_out.location == NULL) { e->ip = ngx_http_script_exit; Modified: branches/stable-1.0/src/http/ngx_http_special_response.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_special_response.c 2011-11-01 13:24:50 UTC (rev 4247) +++ branches/stable-1.0/src/http/ngx_http_special_response.c 2011-11-01 13:45:33 UTC (rev 4248) @@ -421,7 +421,6 @@ if (error == NGX_HTTP_CREATED) { /* 201 */ err = 0; - r->header_only = 1; } else if (error == NGX_HTTP_NO_CONTENT) { /* 204 */ @@ -583,6 +582,8 @@ ngx_str_set(&location->key, "Location"); location->value = uri; + ngx_http_clear_location(r); + r->headers_out.location = location; clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); @@ -636,7 +637,7 @@ r->headers_out.content_type_lowcase = NULL; } else { - r->headers_out.content_length_n = -1; + r->headers_out.content_length_n = 0; } if (r->headers_out.content_length) { @@ -654,7 +655,7 @@ } if (ngx_http_error_pages[err].len == 0) { - return NGX_OK; + return ngx_http_send_special(r, NGX_HTTP_LAST); } b = ngx_calloc_buf(r->pool); From igor at sysoev.ru Tue Nov 1 13:49:31 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 13:49:31 +0000 Subject: [nginx] svn commit: r4249 - in branches/stable-1.0: . src/http Message-ID: Author: is Date: 2011-11-01 13:49:31 +0000 (Tue, 01 Nov 2011) New Revision: 4249 Modified: branches/stable-1.0/ branches/stable-1.0/src/http/ngx_http_file_cache.c branches/stable-1.0/src/http/ngx_http_upstream.c Log: Merging r4151, r4152, r4177: HTTP cache related fixes: *) Cache: fix for sending of empty responses. Revert wrong fix for empty responses introduced in 0.8.31 and apply new one, rewritten to match things done by static module as close as possible. *) Cache: fix for sending of stale responses. For normal cached responses ngx_http_cache_send() sends last buffer and then request finalized via ngx_http_finalize_request() call, i.e. everything is ok. But for stale responses (i.e. when upstream died, but we have something in cache) the same ngx_http_cache_send() sends last buffer, but then in ngx_http_upstream_finalize_request() another last buffer is send. This causes duplicate final chunk to appear if chunked encoding is used (and resulting problems with keepalive connections and so on). Fix this by not sending in ngx_http_upstream_finalize_request() another last buffer if we know response was from cache. *) Fixed cache bypass caching of non-cacheable replies (ticket #21). If cache was bypassed with proxy_cache_bypass, cache-controlling headers (Cache-Control, Expires) wasn't considered and response was cached even if it was actually non-cacheable. Patch by John Ferlito. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4150,4154,4156-4157,4183-4184,4186-4187,4191-4192,4199-4205,4207,4229,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154,4156-4157,4177,4183-4184,4186-4187,4191-4192,4199-4205,4207,4229,4235,4237 Modified: branches/stable-1.0/src/http/ngx_http_file_cache.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_file_cache.c 2011-11-01 13:45:33 UTC (rev 4248) +++ branches/stable-1.0/src/http/ngx_http_file_cache.c 2011-11-01 13:49:31 UTC (rev 4249) @@ -854,6 +854,10 @@ ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http file cache send: %s", c->file.name.data); + if (r != r->main && c->length - c->body_start == 0) { + return ngx_http_send_header(r); + } + /* we need to allocate all before the header would be sent */ b = ngx_pcalloc(r->pool, sizeof(ngx_buf_t)); @@ -866,8 +870,6 @@ return NGX_HTTP_INTERNAL_SERVER_ERROR; } - r->header_only = (c->length - c->body_start) == 0; - rc = ngx_http_send_header(r); if (rc == NGX_ERROR || rc > NGX_OK || r->header_only) { @@ -877,7 +879,7 @@ b->file_pos = c->body_start; b->file_last = c->length; - b->in_file = 1; + b->in_file = (c->length - c->body_start) ? 1: 0; b->last_buf = (r == r->main) ? 1: 0; b->last_in_chain = 1; Modified: branches/stable-1.0/src/http/ngx_http_upstream.c =================================================================== --- branches/stable-1.0/src/http/ngx_http_upstream.c 2011-11-01 13:45:33 UTC (rev 4248) +++ branches/stable-1.0/src/http/ngx_http_upstream.c 2011-11-01 13:49:31 UTC (rev 4249) @@ -672,6 +672,8 @@ return NGX_DECLINED; } + u->cacheable = 1; + switch (ngx_http_test_predicates(r, u->conf->cache_bypass)) { case NGX_ERROR: @@ -685,8 +687,6 @@ break; } - u->cacheable = 1; - c = r->cache; c->min_uses = u->conf->cache_min_uses; @@ -2154,8 +2154,6 @@ ngx_http_upstream_finalize_request(r, u, 0); return; } - - u->cacheable = 1; } break; @@ -3027,7 +3025,12 @@ r->connection->log->action = "sending to client"; - if (rc == 0) { + if (rc == 0 +#if (NGX_HTTP_CACHE) + && !r->cached +#endif + ) + { rc = ngx_http_send_special(r, NGX_HTTP_LAST); } From igor at sysoev.ru Tue Nov 1 13:56:27 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 13:56:27 +0000 Subject: [nginx] svn commit: r4250 - in branches/stable-1.0: . auto/cc src/http src/os/win32 Message-ID: Author: is Date: 2011-11-01 13:56:26 +0000 (Tue, 01 Nov 2011) New Revision: 4250 Modified: branches/stable-1.0/ branches/stable-1.0/auto/cc/name branches/stable-1.0/src/http/ngx_http.c branches/stable-1.0/src/os/win32/ngx_win32_config.h Log: Merging r4155, r4219, r4220, r4230: Windows related fixes: *) Fixed segmentation fault with empty config on Windows. See here for report: http://mailman.nginx.org/pipermail/nginx-ru/2011-September/043288.html *) Recent SDKs allow to build IPV6 only for Windows XP or above. *) Fixing conflict with SDK off_t definition. *) Fix of building by Microsoft Visual C++ 10 compiler. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154,4156-4157,4177,4183-4184,4186-4187,4191-4192,4199-4205,4207,4229,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4157,4177,4183-4184,4186-4187,4191-4192,4199-4205,4207,4219-4220,4229-4230,4235,4237 Modified: branches/stable-1.0/auto/cc/name =================================================================== --- branches/stable-1.0/auto/cc/name 2011-11-01 13:49:31 UTC (rev 4249) +++ branches/stable-1.0/auto/cc/name 2011-11-01 13:56:26 UTC (rev 4250) @@ -25,6 +25,13 @@ if [ "$CC" = cl ]; then if `$NGX_WINE $CC -v 2>&1 \ + | grep '^Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 16' \ + >/dev/null 2>&1`; then + + NGX_CC_NAME=msvc10 + echo " + using Microsoft Visual C++ 10 compiler" + + else if `$NGX_WINE $CC -v 2>&1 \ | grep '^Microsoft (R) 32-bit C/C++ Optimizing Compiler Version 14' \ >/dev/null 2>&1`; then @@ -43,6 +50,7 @@ echo " + using Microsoft Visual C++ compiler" fi fi + fi else if [ "$CC" = wcl386 ]; then Modified: branches/stable-1.0/src/http/ngx_http.c =================================================================== --- branches/stable-1.0/src/http/ngx_http.c 2011-11-01 13:49:31 UTC (rev 4249) +++ branches/stable-1.0/src/http/ngx_http.c 2011-11-01 13:56:26 UTC (rev 4250) @@ -1747,10 +1747,12 @@ #if (NGX_WIN32) { - ngx_iocp_conf_t *iocpcf; + ngx_iocp_conf_t *iocpcf = NULL; - iocpcf = ngx_event_get_conf(cf->cycle->conf_ctx, ngx_iocp_module); - if (iocpcf->acceptex_read) { + if (ngx_get_conf(cf->cycle->conf_ctx, ngx_events_module)) { + iocpcf = ngx_event_get_conf(cf->cycle->conf_ctx, ngx_iocp_module); + } + if (iocpcf && iocpcf->acceptex_read) { ls->post_accept_buffer_size = cscf->client_header_buffer_size; } } Modified: branches/stable-1.0/src/os/win32/ngx_win32_config.h =================================================================== --- branches/stable-1.0/src/os/win32/ngx_win32_config.h 2011-11-01 13:49:31 UTC (rev 4249) +++ branches/stable-1.0/src/os/win32/ngx_win32_config.h 2011-11-01 13:56:26 UTC (rev 4250) @@ -9,7 +9,7 @@ #define WIN32 0x0400 -#define _WIN32_WINNT 0x0500 +#define _WIN32_WINNT 0x0501 #define STRICT @@ -126,8 +126,11 @@ typedef int intptr_t; typedef u_int uintptr_t; +/* Windows defines off_t as long, which is 32-bit */ +typedef __int64 off_t; +#define _OFF_T_DEFINED + typedef int ssize_t; -typedef __int64 off_t; typedef uint32_t in_addr_t; typedef u_short in_port_t; typedef int sig_atomic_t; From igor at sysoev.ru Tue Nov 1 14:00:04 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 14:00:04 +0000 Subject: [nginx] svn commit: r4251 - in branches/stable-1.0: . misc Message-ID: Author: is Date: 2011-11-01 14:00:04 +0000 (Tue, 01 Nov 2011) New Revision: 4251 Modified: branches/stable-1.0/ branches/stable-1.0/misc/GNUmakefile Log: Merging r4179, r4182, r4212: Adding RELEASE procedure in GNUmakefile. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4157,4177,4183-4184,4186-4187,4191-4192,4199-4205,4207,4219-4220,4229-4230,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4157,4177,4179,4182-4184,4186-4187,4191-4192,4199-4205,4207,4212,4219-4220,4229-4230,4235,4237 Modified: branches/stable-1.0/misc/GNUmakefile =================================================================== --- branches/stable-1.0/misc/GNUmakefile 2011-11-01 13:56:26 UTC (rev 4250) +++ branches/stable-1.0/misc/GNUmakefile 2011-11-01 14:00:04 UTC (rev 4251) @@ -3,6 +3,7 @@ | sed -e 's/^.*\"\(.*\)\"/\1/') NGINX = nginx-$(VER) TEMP = tmp +REPO = svn://svn.nginx.com OBJS = objs.msvc8 OPENSSL = openssl-0.9.8r @@ -40,6 +41,22 @@ tar -c -z -f $(NGINX).tar.gz --directory $(TEMP) $(NGINX) +RELEASE: + test -d $(TEMP) || mkdir -p $(TEMP) + + echo "nginx-$(VER)-RELEASE" > $(TEMP)/message + svn ci -F $(TEMP)/message + + echo "release-$(VER) tag" > $(TEMP)/message + svn copy $(REPO)/nginx/branches/stable-1.0 \ + $(REPO)/nginx/tags/release-$(VER) \ + -F $(TEMP)/message + + svn up + + $(MAKE) release + + snapshot: rm -rf $(TEMP) From igor at sysoev.ru Tue Nov 1 14:02:07 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 14:02:07 +0000 Subject: [nginx] svn commit: r4252 - in branches/stable-1.0: . conf src/http/modules Message-ID: Author: is Date: 2011-11-01 14:02:07 +0000 (Tue, 01 Nov 2011) New Revision: 4252 Modified: branches/stable-1.0/ branches/stable-1.0/conf/mime.types branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c Log: Merging r4190, r4232: MP4 related fixes: *) Fixing mp4 module seeking on 32-bit platforms. *) Adding m4a and m4v MIME types (ticket #42). Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4157,4177,4179,4182-4184,4186-4187,4191-4192,4199-4205,4207,4212,4219-4220,4229-4230,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4157,4177,4179,4182-4184,4186-4187,4190-4192,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237 Modified: branches/stable-1.0/conf/mime.types =================================================================== --- branches/stable-1.0/conf/mime.types 2011-11-01 14:00:04 UTC (rev 4251) +++ branches/stable-1.0/conf/mime.types 2011-11-01 14:02:07 UTC (rev 4252) @@ -62,6 +62,7 @@ audio/midi mid midi kar; audio/mpeg mp3; audio/ogg ogg; + audio/x-m4a m4a; audio/x-realaudio ra; video/3gpp 3gpp 3gp; @@ -69,6 +70,7 @@ video/mpeg mpeg mpg; video/quicktime mov; video/x-flv flv; + video/x-m4v m4v; video/x-mng mng; video/x-ms-asf asx asf; video/x-ms-wmv wmv; Modified: branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c 2011-11-01 14:00:04 UTC (rev 4251) +++ branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c 2011-11-01 14:02:07 UTC (rev 4252) @@ -1882,7 +1882,7 @@ } entries = trak->time_to_sample_entries; - start_time = mp4->start * trak->timescale / 1000; + start_time = (uint64_t) mp4->start * trak->timescale / 1000; ngx_log_debug1(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "time-to-sample start_time:%uL", start_time); From igor at sysoev.ru Tue Nov 1 14:04:23 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 14:04:23 +0000 Subject: [nginx] svn commit: r4253 - in branches/stable-1.0: . src/http/modules Message-ID: Author: is Date: 2011-11-01 14:04:23 +0000 (Tue, 01 Nov 2011) New Revision: 4253 Modified: branches/stable-1.0/ branches/stable-1.0/src/http/modules/ngx_http_scgi_module.c branches/stable-1.0/src/http/modules/ngx_http_uwsgi_module.c Log: Merging r4158: Added uwsgi_buffering and scgi_buffering directives. Patch by Peter Smit. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4157,4177,4179,4182-4184,4186-4187,4190-4192,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4190-4192,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237 Modified: branches/stable-1.0/src/http/modules/ngx_http_scgi_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_scgi_module.c 2011-11-01 14:02:07 UTC (rev 4252) +++ branches/stable-1.0/src/http/modules/ngx_http_scgi_module.c 2011-11-01 14:04:23 UTC (rev 4253) @@ -96,6 +96,13 @@ offsetof(ngx_http_scgi_loc_conf_t, upstream.store_access), NULL }, + { ngx_string("scgi_buffering"), + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, + ngx_conf_set_flag_slot, + NGX_HTTP_LOC_CONF_OFFSET, + offsetof(ngx_http_scgi_loc_conf_t, upstream.buffering), + NULL }, + { ngx_string("scgi_ignore_client_abort"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, @@ -412,7 +419,7 @@ u->abort_request = ngx_http_scgi_abort_request; u->finalize_request = ngx_http_scgi_finalize_request; - u->buffering = 1; + u->buffering = scf->upstream.buffering; u->pipe = ngx_pcalloc(r->pool, sizeof(ngx_event_pipe_t)); if (u->pipe == NULL) { @@ -1038,6 +1045,8 @@ /* "scgi_cyclic_temp_file" is disabled */ conf->upstream.cyclic_temp_file = 0; + conf->upstream.change_buffering = 1; + ngx_str_set(&conf->upstream.module, "scgi"); return conf; Modified: branches/stable-1.0/src/http/modules/ngx_http_uwsgi_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_uwsgi_module.c 2011-11-01 14:02:07 UTC (rev 4252) +++ branches/stable-1.0/src/http/modules/ngx_http_uwsgi_module.c 2011-11-01 14:04:23 UTC (rev 4253) @@ -123,6 +123,13 @@ offsetof(ngx_http_uwsgi_loc_conf_t, upstream.store_access), NULL }, + { ngx_string("uwsgi_buffering"), + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, + ngx_conf_set_flag_slot, + NGX_HTTP_LOC_CONF_OFFSET, + offsetof(ngx_http_uwsgi_loc_conf_t, upstream.buffering), + NULL }, + { ngx_string("uwsgi_ignore_client_abort"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG, ngx_conf_set_flag_slot, @@ -445,7 +452,7 @@ u->abort_request = ngx_http_uwsgi_abort_request; u->finalize_request = ngx_http_uwsgi_finalize_request; - u->buffering = 1; + u->buffering = uwcf->upstream.buffering; u->pipe = ngx_pcalloc(r->pool, sizeof(ngx_event_pipe_t)); if (u->pipe == NULL) { @@ -1091,6 +1098,8 @@ /* "uwsgi_cyclic_temp_file" is disabled */ conf->upstream.cyclic_temp_file = 0; + conf->upstream.change_buffering = 1; + ngx_str_set(&conf->upstream.module, "uwsgi"); return conf; From igor at sysoev.ru Tue Nov 1 14:09:15 2011 From: igor at sysoev.ru (igor at sysoev.ru) Date: Tue, 1 Nov 2011 14:09:15 +0000 Subject: [nginx] svn commit: r4254 - in branches/stable-1.0: . src/core src/http/modules Message-ID: Author: is Date: 2011-11-01 14:09:15 +0000 (Tue, 01 Nov 2011) New Revision: 4254 Modified: branches/stable-1.0/ branches/stable-1.0/src/core/ngx_string.c branches/stable-1.0/src/core/ngx_string.h branches/stable-1.0/src/http/modules/ngx_http_autoindex_module.c Log: Merging r4193, r4194: Autoindex fixes: *) Autoindex: escape '?' in file names. For files with '?' in their names autoindex generated links with '?' not escaped. This resulted in effectively truncated links as '?' indicates query string start. This is an updated version of the patch originally posted at [1]. It introduces generic NGX_ESCAPE_URI_COMPONENT which escapes everything but unreserved characters as per RFC 3986. This approach also renders unneeded special colon processing (as colon is percent-encoded now), it's dropped accordingly. [1] http://nginx.org/pipermail/nginx-devel/2010-February/000112.html *) Autoindex: escape html in file names. Property changes on: branches/stable-1.0 ___________________________________________________________________ Modified: svn:mergeinfo - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4190-4192,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237 + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4190-4194,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237 Modified: branches/stable-1.0/src/core/ngx_string.c =================================================================== --- branches/stable-1.0/src/core/ngx_string.c 2011-11-01 14:04:23 UTC (rev 4253) +++ branches/stable-1.0/src/core/ngx_string.c 2011-11-01 14:09:15 UTC (rev 4254) @@ -1380,6 +1380,26 @@ 0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */ }; + /* not ALPHA, DIGIT, "-", ".", "_", "~" */ + + static uint32_t uri_component[] = { + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + + /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */ + 0xfc009fff, /* 1111 1100 0000 0000 1001 1111 1111 1111 */ + + /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */ + 0x78000001, /* 0111 1000 0000 0000 0000 0000 0000 0001 */ + + /* ~}| {zyx wvut srqp onml kjih gfed cba` */ + 0xb8000001, /* 1011 1000 0000 0000 0000 0000 0000 0001 */ + + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + }; + /* " ", "#", """, "%", "'", %00-%1F, %7F-%FF */ static uint32_t html[] = { @@ -1443,7 +1463,7 @@ /* mail_auth is the same as memcached */ static uint32_t *map[] = - { uri, args, html, refresh, memcached, memcached }; + { uri, args, uri_component, html, refresh, memcached, memcached }; escape = map[type]; Modified: branches/stable-1.0/src/core/ngx_string.h =================================================================== --- branches/stable-1.0/src/core/ngx_string.h 2011-11-01 14:04:23 UTC (rev 4253) +++ branches/stable-1.0/src/core/ngx_string.h 2011-11-01 14:09:15 UTC (rev 4254) @@ -189,12 +189,13 @@ u_char *ngx_utf8_cpystrn(u_char *dst, u_char *src, size_t n, size_t len); -#define NGX_ESCAPE_URI 0 -#define NGX_ESCAPE_ARGS 1 -#define NGX_ESCAPE_HTML 2 -#define NGX_ESCAPE_REFRESH 3 -#define NGX_ESCAPE_MEMCACHED 4 -#define NGX_ESCAPE_MAIL_AUTH 5 +#define NGX_ESCAPE_URI 0 +#define NGX_ESCAPE_ARGS 1 +#define NGX_ESCAPE_URI_COMPONENT 2 +#define NGX_ESCAPE_HTML 3 +#define NGX_ESCAPE_REFRESH 4 +#define NGX_ESCAPE_MEMCACHED 5 +#define NGX_ESCAPE_MAIL_AUTH 6 #define NGX_UNESCAPE_URI 1 #define NGX_UNESCAPE_REDIRECT 2 Modified: branches/stable-1.0/src/http/modules/ngx_http_autoindex_module.c =================================================================== --- branches/stable-1.0/src/http/modules/ngx_http_autoindex_module.c 2011-11-01 14:04:23 UTC (rev 4253) +++ branches/stable-1.0/src/http/modules/ngx_http_autoindex_module.c 2011-11-01 14:09:15 UTC (rev 4254) @@ -26,9 +26,9 @@ ngx_str_t name; size_t utf_len; size_t escape; + size_t escape_html; unsigned dir:1; - unsigned colon:1; time_t mtime; off_t size; @@ -138,7 +138,7 @@ { u_char *last, *filename, scale; off_t length; - size_t len, utf_len, allocated, root; + size_t len, char_len, escape_html, allocated, root; ngx_tm_t tm; ngx_err_t err; ngx_buf_t *b; @@ -338,16 +338,17 @@ ngx_cpystrn(entry->name.data, ngx_de_name(&dir), len + 1); entry->escape = 2 * ngx_escape_uri(NULL, ngx_de_name(&dir), len, - NGX_ESCAPE_HTML); + NGX_ESCAPE_URI_COMPONENT); + entry->escape_html = ngx_escape_html(NULL, entry->name.data, + entry->name.len); + if (utf8) { entry->utf_len = ngx_utf8_length(entry->name.data, entry->name.len); } else { entry->utf_len = len; } - entry->colon = (ngx_strchr(entry->name.data, ':') != NULL); - entry->dir = ngx_de_is_dir(&dir); entry->mtime = ngx_de_mtime(&dir); entry->size = ngx_de_size(&dir); @@ -358,10 +359,12 @@ ngx_close_dir_n " \"%s\" failed", &path); } + escape_html = ngx_escape_html(NULL, r->uri.data, r->uri.len); + len = sizeof(title) - 1 - + r->uri.len + + r->uri.len + escape_html + sizeof(header) - 1 - + r->uri.len + + r->uri.len + escape_html + sizeof("") - 1 + sizeof("
../" CRLF) - 1
           + sizeof("
") - 1 @@ -373,7 +376,8 @@ + entry[i].name.len + entry[i].escape + 1 /* 1 is for "/" */ + sizeof("\">") - 1 - + entry[i].name.len - entry[i].utf_len + entry[i].colon * 2 + + entry[i].name.len - entry[i].utf_len + + entry[i].escape_html + NGX_HTTP_AUTOINDEX_NAME_LEN + sizeof(">") - 2 + sizeof("") - 1 + sizeof(" 28-Sep-1970 12:00 ") - 1 @@ -393,9 +397,18 @@ } b->last = ngx_cpymem(b->last, title, sizeof(title) - 1); - b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); - b->last = ngx_cpymem(b->last, header, sizeof(header) - 1); - b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); + + if (escape_html) { + b->last = (u_char *) ngx_escape_html(b->last, r->uri.data, r->uri.len); + b->last = ngx_cpymem(b->last, header, sizeof(header) - 1); + b->last = (u_char *) ngx_escape_html(b->last, r->uri.data, r->uri.len); + + } else { + b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); + b->last = ngx_cpymem(b->last, header, sizeof(header) - 1); + b->last = ngx_cpymem(b->last, r->uri.data, r->uri.len); + } + b->last = ngx_cpymem(b->last, "", sizeof("") - 1); b->last = ngx_cpymem(b->last, "
../" CRLF,
@@ -406,14 +419,9 @@
     for (i = 0; i < entries.nelts; i++) {
         b->last = ngx_cpymem(b->last, "last++ = '.';
-            *b->last++ = '/';
-        }
-
         if (entry[i].escape) {
             ngx_escape_uri(b->last, entry[i].name.data, entry[i].name.len,
-                           NGX_ESCAPE_HTML);
+                           NGX_ESCAPE_URI_COMPONENT);
 
             b->last += entry[i].name.len + entry[i].escape;
 
@@ -433,20 +441,41 @@
 
         if (entry[i].name.len != len) {
             if (len > NGX_HTTP_AUTOINDEX_NAME_LEN) {
-                utf_len = NGX_HTTP_AUTOINDEX_NAME_LEN - 3 + 1;
+                char_len = NGX_HTTP_AUTOINDEX_NAME_LEN - 3 + 1;
 
             } else {
-                utf_len = NGX_HTTP_AUTOINDEX_NAME_LEN + 1;
+                char_len = NGX_HTTP_AUTOINDEX_NAME_LEN + 1;
             }
 
+            last = b->last;
             b->last = ngx_utf8_cpystrn(b->last, entry[i].name.data,
-                                       utf_len, entry[i].name.len + 1);
+                                       char_len, entry[i].name.len + 1);
+
+            if (entry[i].escape_html) {
+                b->last = (u_char *) ngx_escape_html(last, entry[i].name.data,
+                                                     b->last - last);
+            }
+
             last = b->last;
 
         } else {
-            b->last = ngx_cpystrn(b->last, entry[i].name.data,
-                                  NGX_HTTP_AUTOINDEX_NAME_LEN + 1);
-            last = b->last - 3;
+            if (entry[i].escape_html) {
+                if (len > NGX_HTTP_AUTOINDEX_NAME_LEN) {
+                    char_len = NGX_HTTP_AUTOINDEX_NAME_LEN - 3;
+
+                } else {
+                    char_len = len;
+                }
+
+                b->last = (u_char *) ngx_escape_html(b->last,
+                                                  entry[i].name.data, char_len);
+                last = b->last;
+
+            } else {
+                b->last = ngx_cpystrn(b->last, entry[i].name.data,
+                                      NGX_HTTP_AUTOINDEX_NAME_LEN + 1);
+                last = b->last - 3;
+            }
         }
 
         if (len > NGX_HTTP_AUTOINDEX_NAME_LEN) {


From igor at sysoev.ru  Tue Nov  1 14:13:25 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:13:25 +0000
Subject: [nginx] svn commit:  r4255 - in branches/stable-1.0: . src/http
Message-ID: 

Author: is
Date: 2011-11-01 14:13:25 +0000 (Tue, 01 Nov 2011)
New Revision: 4255

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/http/ngx_http_copy_filter_module.c
   branches/stable-1.0/src/http/ngx_http_request.c
Log:
Merging r4195, r4196:

AIO related fixes:

*) Fix for connection drops with AIO.

   Connections serving content with AIO to fast clients were dropped with
   "client timed out" messages after send_timeout from response start.

*) Fix for socket leak with "aio sendfile" and "limit_rate".

   Second aio post happened when timer set by limit_rate expired while we have
   aio request in flight, resulting in "second aio post" alert and socket leak.
   
   The patch adds actual protection from aio calls with r->aio already set to
   aio sendfile code in ngx_http_copy_filter().  This should fix other cases
   as well, e.g. when sending buffered to disk upstream replies while still
   talking to upstream.
   
   The ngx_http_writer() is also fixed to handle the above case (though it's
   mostly optimization now).



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4190-4194,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4190-4196,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237

Modified: branches/stable-1.0/src/http/ngx_http_copy_filter_module.c
===================================================================
--- branches/stable-1.0/src/http/ngx_http_copy_filter_module.c	2011-11-01 14:09:15 UTC (rev 4254)
+++ branches/stable-1.0/src/http/ngx_http_copy_filter_module.c	2011-11-01 14:13:25 UTC (rev 4255)
@@ -158,6 +158,11 @@
             ngx_file_t            *file;
             ngx_http_ephemeral_t  *e;
 
+            if (r->aio) {
+                c->busy_sendfile = NULL;
+                return rc;
+            }
+
             file = c->busy_sendfile->file;
             offset = c->busy_sendfile->file_pos;
 

Modified: branches/stable-1.0/src/http/ngx_http_request.c
===================================================================
--- branches/stable-1.0/src/http/ngx_http_request.c	2011-11-01 14:09:15 UTC (rev 4254)
+++ branches/stable-1.0/src/http/ngx_http_request.c	2011-11-01 14:13:25 UTC (rev 4255)
@@ -2248,17 +2248,17 @@
             return;
         }
 
-    } else {
-        if (wev->delayed || r->aio) {
-            ngx_log_debug0(NGX_LOG_DEBUG_HTTP, wev->log, 0,
-                           "http writer delayed");
+    }
 
-            if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
-                ngx_http_close_request(r, 0);
-            }
+    if (wev->delayed || r->aio) {
+        ngx_log_debug0(NGX_LOG_DEBUG_HTTP, wev->log, 0,
+                       "http writer delayed");
 
-            return;
+        if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
+            ngx_http_close_request(r, 0);
         }
+
+        return;
     }
 
     rc = ngx_http_output_filter(r, NULL);
@@ -2274,7 +2274,7 @@
 
     if (r->buffered || r->postponed || (r == r->main && c->buffered)) {
 
-        if (!wev->ready && !wev->delayed) {
+        if (!wev->delayed) {
             ngx_add_timer(wev, clcf->send_timeout);
         }
 


From igor at sysoev.ru  Tue Nov  1 14:15:43 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:15:43 +0000
Subject: [nginx] svn commit: r4256 - in branches/stable-1.0: .
	src/http/modules/perl
Message-ID: 

Author: is
Date: 2011-11-01 14:15:42 +0000 (Tue, 01 Nov 2011)
New Revision: 4256

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/http/modules/perl/nginx.xs
Log:
Merging r4189, r4197:

Perl related fixes:

*) Handling of Content-Encoding set from perl.

   This fixes double gzipping in case of gzip filter being enabled while perl
   returns already gzipped response.

*) Fixed macro name.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4190-4196,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4197,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237

Modified: branches/stable-1.0/src/http/modules/perl/nginx.xs
===================================================================
--- branches/stable-1.0/src/http/modules/perl/nginx.xs	2011-11-01 14:13:25 UTC (rev 4255)
+++ branches/stable-1.0/src/http/modules/perl/nginx.xs	2011-11-01 14:15:42 UTC (rev 4256)
@@ -474,7 +474,14 @@
         r->headers_out.content_length = header;
     }
 
+    if (header->key.len == sizeof("Content-Encoding") - 1
+        && ngx_strncasecmp(header->key.data, "Content-Encoding",
+                           sizeof("Content-Encoding") - 1) == 0)
+    {
+        r->headers_out.content_encoding = header;
+    }
 
+
 void
 filename(r)
     CODE:
@@ -836,7 +843,7 @@
     var.len = len;
     var.data = lowcase;
 
-    #if (NGX_LOG_DEBUG)
+    #if (NGX_DEBUG)
 
     if (value) {
         ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,


From igor at sysoev.ru  Tue Nov  1 14:18:10 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:18:10 +0000
Subject: [nginx] svn commit:  r4257 - in branches/stable-1.0: . src/http
Message-ID: 

Author: is
Date: 2011-11-01 14:18:10 +0000 (Tue, 01 Nov 2011)
New Revision: 4257

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/http/ngx_http_upstream.c
   branches/stable-1.0/src/http/ngx_http_upstream.h
Log:
Merging r4198:

Additional headers for proxy/fastcgi/uwsgi/scgi_ignore_headers.

Now the following headers may be ignored as well: X-Accel-Limit-Rate,
X-Accel-Buffering, X-Accel-Charset.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4197,4199-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237

Modified: branches/stable-1.0/src/http/ngx_http_upstream.c
===================================================================
--- branches/stable-1.0/src/http/ngx_http_upstream.c	2011-11-01 14:15:42 UTC (rev 4256)
+++ branches/stable-1.0/src/http/ngx_http_upstream.c	2011-11-01 14:18:10 UTC (rev 4257)
@@ -360,6 +360,9 @@
 ngx_conf_bitmask_t  ngx_http_upstream_ignore_headers_masks[] = {
     { ngx_string("X-Accel-Redirect"), NGX_HTTP_UPSTREAM_IGN_XA_REDIRECT },
     { ngx_string("X-Accel-Expires"), NGX_HTTP_UPSTREAM_IGN_XA_EXPIRES },
+    { ngx_string("X-Accel-Limit-Rate"), NGX_HTTP_UPSTREAM_IGN_XA_LIMIT_RATE },
+    { ngx_string("X-Accel-Buffering"), NGX_HTTP_UPSTREAM_IGN_XA_BUFFERING },
+    { ngx_string("X-Accel-Charset"), NGX_HTTP_UPSTREAM_IGN_XA_CHARSET },
     { ngx_string("Expires"), NGX_HTTP_UPSTREAM_IGN_EXPIRES },
     { ngx_string("Cache-Control"), NGX_HTTP_UPSTREAM_IGN_CACHE_CONTROL },
     { ngx_string("Set-Cookie"), NGX_HTTP_UPSTREAM_IGN_SET_COOKIE },
@@ -3268,10 +3271,16 @@
 ngx_http_upstream_process_limit_rate(ngx_http_request_t *r, ngx_table_elt_t *h,
     ngx_uint_t offset)
 {
-    ngx_int_t  n;
+    ngx_int_t             n;
+    ngx_http_upstream_t  *u;
 
-    r->upstream->headers_in.x_accel_limit_rate = h;
+    u = r->upstream;
+    u->headers_in.x_accel_limit_rate = h;
 
+    if (u->conf->ignore_headers & NGX_HTTP_UPSTREAM_IGN_XA_LIMIT_RATE) {
+        return NGX_OK;
+    }
+
     n = ngx_atoi(h->value.data, h->value.len);
 
     if (n != NGX_ERROR) {
@@ -3286,16 +3295,23 @@
 ngx_http_upstream_process_buffering(ngx_http_request_t *r, ngx_table_elt_t *h,
     ngx_uint_t offset)
 {
-    u_char  c0, c1, c2;
+    u_char                c0, c1, c2;
+    ngx_http_upstream_t  *u;
 
-    if (r->upstream->conf->change_buffering) {
+    u = r->upstream;
 
+    if (u->conf->ignore_headers & NGX_HTTP_UPSTREAM_IGN_XA_BUFFERING) {
+        return NGX_OK;
+    }
+
+    if (u->conf->change_buffering) {
+
         if (h->value.len == 2) {
             c0 = ngx_tolower(h->value.data[0]);
             c1 = ngx_tolower(h->value.data[1]);
 
             if (c0 == 'n' && c1 == 'o') {
-                r->upstream->buffering = 0;
+                u->buffering = 0;
             }
 
         } else if (h->value.len == 3) {
@@ -3304,7 +3320,7 @@
             c2 = ngx_tolower(h->value.data[2]);
 
             if (c0 == 'y' && c1 == 'e' && c2 == 's') {
-                r->upstream->buffering = 1;
+                u->buffering = 1;
             }
         }
     }
@@ -3317,6 +3333,10 @@
 ngx_http_upstream_process_charset(ngx_http_request_t *r, ngx_table_elt_t *h,
     ngx_uint_t offset)
 {
+    if (r->upstream->conf->ignore_headers & NGX_HTTP_UPSTREAM_IGN_XA_CHARSET) {
+        return NGX_OK;
+    }
+
     r->headers_out.override_charset = &h->value;
 
     return NGX_OK;

Modified: branches/stable-1.0/src/http/ngx_http_upstream.h
===================================================================
--- branches/stable-1.0/src/http/ngx_http_upstream.h	2011-11-01 14:15:42 UTC (rev 4256)
+++ branches/stable-1.0/src/http/ngx_http_upstream.h	2011-11-01 14:18:10 UTC (rev 4257)
@@ -44,6 +44,9 @@
 #define NGX_HTTP_UPSTREAM_IGN_EXPIRES        0x00000008
 #define NGX_HTTP_UPSTREAM_IGN_CACHE_CONTROL  0x00000010
 #define NGX_HTTP_UPSTREAM_IGN_SET_COOKIE     0x00000020
+#define NGX_HTTP_UPSTREAM_IGN_XA_LIMIT_RATE  0x00000040
+#define NGX_HTTP_UPSTREAM_IGN_XA_BUFFERING   0x00000080
+#define NGX_HTTP_UPSTREAM_IGN_XA_CHARSET     0x00000100
 
 
 typedef struct {


From igor at sysoev.ru  Tue Nov  1 14:19:14 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:19:14 +0000
Subject: [nginx] svn commit: r4258 - in branches/stable-1.0: . src/http/modules
Message-ID: 

Author: is
Date: 2011-11-01 14:19:13 +0000 (Tue, 01 Nov 2011)
New Revision: 4258

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c
Log:
Merging r4209:

Skipping location rewrite phase for server null location.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4212,4219-4220,4229-4230,4232,4235,4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209,4212,4219-4220,4229-4230,4232,4235,4237

Modified: branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c
===================================================================
--- branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c	2011-11-01 14:18:10 UTC (rev 4257)
+++ branches/stable-1.0/src/http/modules/ngx_http_rewrite_module.c	2011-11-01 14:19:13 UTC (rev 4258)
@@ -135,10 +135,22 @@
 static ngx_int_t
 ngx_http_rewrite_handler(ngx_http_request_t *r)
 {
+    ngx_int_t                     index;
     ngx_http_script_code_pt       code;
     ngx_http_script_engine_t     *e;
+    ngx_http_core_srv_conf_t     *cscf;
+    ngx_http_core_main_conf_t    *cmcf;
     ngx_http_rewrite_loc_conf_t  *rlcf;
 
+    cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
+    cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
+    index = cmcf->phase_engine.location_rewrite_index;
+
+    if (r->phase_handler == index && r->loc_conf == cscf->ctx->loc_conf) {
+        /* skipping location rewrite phase for server null location */
+        return NGX_DECLINED;
+    }
+
     rlcf = ngx_http_get_module_loc_conf(r, ngx_http_rewrite_module);
 
     if (rlcf->codes == NULL) {


From igor at sysoev.ru  Tue Nov  1 14:20:43 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:20:43 +0000
Subject: [nginx] svn commit:  r4259 - in branches/stable-1.0: . src/core
Message-ID: 

Author: is
Date: 2011-11-01 14:20:43 +0000 (Tue, 01 Nov 2011)
New Revision: 4259

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/core/ngx_string.c
Log:
Merging r4210:

Fixed utf8 decode (ticket #25).

Patch by Alexey Kuts.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209,4212,4219-4220,4229-4230,4232,4235,4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235,4237

Modified: branches/stable-1.0/src/core/ngx_string.c
===================================================================
--- branches/stable-1.0/src/core/ngx_string.c	2011-11-01 14:19:13 UTC (rev 4258)
+++ branches/stable-1.0/src/core/ngx_string.c	2011-11-01 14:20:43 UTC (rev 4259)
@@ -1211,19 +1211,19 @@
 
     u = **p;
 
-    if (u > 0xf0) {
+    if (u >= 0xf0) {
 
         u &= 0x07;
         valid = 0xffff;
         len = 3;
 
-    } else if (u > 0xe0) {
+    } else if (u >= 0xe0) {
 
         u &= 0x0f;
         valid = 0x7ff;
         len = 2;
 
-    } else if (u > 0xc0) {
+    } else if (u >= 0xc2) {
 
         u &= 0x1f;
         valid = 0x7f;


From igor at sysoev.ru  Tue Nov  1 14:21:22 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:21:22 +0000
Subject: [nginx] svn commit:  r4260 - in branches/stable-1.0: . docs/text
Message-ID: 

Author: is
Date: 2011-11-01 14:21:22 +0000 (Tue, 01 Nov 2011)
New Revision: 4260

Modified:
   branches/stable-1.0/
   branches/stable-1.0/docs/text/README
Log:
Merging r4236:

Fixed documentation pointer.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235,4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237

Modified: branches/stable-1.0/docs/text/README
===================================================================
--- branches/stable-1.0/docs/text/README	2011-11-01 14:20:43 UTC (rev 4259)
+++ branches/stable-1.0/docs/text/README	2011-11-01 14:21:22 UTC (rev 4260)
@@ -1,4 +1,3 @@
 
-The Russian documentation is available at http://sysoev.ru/nginx/
-The English documentation is available at http://nginx.net
+Documentation is available at http://nginx.org
 


From igor at sysoev.ru  Tue Nov  1 14:39:36 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:39:36 +0000
Subject: [nginx] svn commit:  r4261 - branches/stable-1.0/docs/xml/nginx
Message-ID: 

Author: is
Date: 2011-11-01 14:39:36 +0000 (Tue, 01 Nov 2011)
New Revision: 4261

Modified:
   branches/stable-1.0/docs/xml/nginx/changes.xml
Log:
Surplus CHANGES line removal.


Modified: branches/stable-1.0/docs/xml/nginx/changes.xml
===================================================================
--- branches/stable-1.0/docs/xml/nginx/changes.xml	2011-11-01 14:21:22 UTC (rev 4260)
+++ branches/stable-1.0/docs/xml/nginx/changes.xml	2011-11-01 14:39:36 UTC (rev 4261)
@@ -136,15 +136,6 @@
 
 
 
-? ?????????? proxy/fastcgi/scgi/ uwsgi_ignore_client_abort.
-
-
-in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort" directives.
-
-
-
-
-
 ????????? ???? ??????? ????? ???? ????????, ???? ?????? ??????????? pipelining.
 
 


From igor at sysoev.ru  Tue Nov  1 14:51:20 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:51:20 +0000
Subject: [nginx] svn commit:  r4262 - branches/stable-1.0/docs/xml/nginx
Message-ID: 

Author: is
Date: 2011-11-01 14:51:19 +0000 (Tue, 01 Nov 2011)
New Revision: 4262

Modified:
   branches/stable-1.0/docs/xml/nginx/changes.xml
Log:
nginx-1.0.9-RELEASE


Modified: branches/stable-1.0/docs/xml/nginx/changes.xml
===================================================================
--- branches/stable-1.0/docs/xml/nginx/changes.xml	2011-11-01 14:39:36 UTC (rev 4261)
+++ branches/stable-1.0/docs/xml/nginx/changes.xml	2011-11-01 14:51:19 UTC (rev 4262)
@@ -9,6 +9,197 @@
 nginx changelog
 
 
+
+
+
+
+?????? ??????? 0x7F-0xFF ? access_log ???????????? ? ???? \xXX.
+
+
+now the 0x7F-0x1F characters are escaped as \xXX in an access_log.
+
+
+
+
+
+SIGWINCH ?????? ?????? ???????? ?????? ? ?????? ??????.
+
+
+now SIGWINCH signal works only in daemon mode.
+
+
+
+
+
+????????? "proxy/fastcgi/scgi/uwsgi_ignore_headers" ?????? ????????????
+???????? X-Accel-Limit-Rate, X-Accel-Buffering ? X-Accel-Charset.
+
+
+"proxy/fastcgi/scgi/uwsgi_ignore_headers" directives support the following
+additional values: X-Accel-Limit-Rate, X-Accel-Buffering, X-Accel-Charset.
+
+
+
+
+
+?????????? ??????????? ?????? ??? ????????????? SSL.
+
+
+decrease of memory consumption if SSL is used.
+
+
+
+
+
+?????? ?? NetBSD ?????????????? accept ???????.
+
+
+accept filters are now supported on NetBSD.
+
+
+
+
+
+????????? uwsgi_buffering ? scgi_buffering.

+??????? Peter Smit.
+
+
+the "uwsgi_buffering" and "scgi_buffering" directives.

+Thanks to Peter Smit.
+
+
+
+
+
+?? ?????? ??? ?? ????? ???????????????? ?????????? segmentation fault,
+???? ????????? ssl ?????????????? ?? ?????? http ? ?? ??? ??????
+ssl_certificate.
+
+
+a segmentation fault occurred on start or while reconfiguration
+if the "ssl" directive was used at http level and there was
+no "ssl_certificate" defined.
+
+
+
+
+
+????????? UTF-8 ??????? ?????????????? ???????????.

+??????? ??????? ????.
+
+
+some UTF-8 characters were processed incorrectly.

+Thanks to Alexey Kuts.
+
+
+
+
+
+????????? ?????? ngx_http_rewrite_module, ???????? ?? ?????? server,
+??????????? ????????, ???? ??? ??????? ?? ?????????? ?? ?????? location'?.
+
+
+the ngx_http_rewrite_module directives specified at "server" level were
+executed twice if no matching locations were defined.
+
+
+
+
+
+??? ????????????? "aio sendfile" ????? ??????????? ?????? ???????.
+
+
+a socket leak might occurred if "aio sendfile" was used.
+
+
+
+
+
+??? ????????????? ????????? AIO ?????????? ? ???????? ?????????
+????? ???? ??????? ?? ????????? send_timeout.
+
+
+connections with fast clients might be closed after send_timeout
+if file AIO was used.
+
+
+
+
+
+? ?????? ngx_http_autoindex_module.
+
+
+in the ngx_http_autoindex_module.
+
+
+
+
+
+?????? ngx_http_mp4_module ?? ??????????? ????????? ?? 32-?????? ??????????.
+
+
+the module ngx_http_mp4_module did not support seeking on 32-bit platforms.
+
+
+
+
+
+??? ????????????? proxy_cache_bypass ????? ???? ????????????
+???????????? ??????.

+??????? John Ferlito.
+
+
+non-cacheable responses might be cached if "proxy_cache_bypass" directive
+was used.

+Thanks to John Ferlito.
+
+
+
+
+
+?????????????? ?????? ? ?????? ????? ???????????? ???????????;
+?????? ????????? ? 0.8.31.
+
+
+cached responses with an empty body were returned incorrectly;
+the bug had appeared in 0.8.31.
+
+
+
+
+
+?????? ? ????? 201 ?????? ngx_http_dav_module ???? ???????????;
+?????? ????????? ? 0.8.32.
+
+
+201 responses of the ngx_http_dav_module were incorrect;
+the bug had appeared in 0.8.32.
+
+
+
+
+
+? ????????? return.
+
+
+in the "return" directive.
+
+
+
+
+
+????????? ssl_verify_client, ssl_verify_depth ? ssl_prefer_server_cipher
+????? ???????? ???????????, ???? ????????????? SNI.
+
+
+the "ssl_verify_client", "ssl_verify_depth", and "ssl_prefer_server_ciphers"
+directives might work incorrectly if SNI was used.
+
+
+
+
+
+
 
 
 


From igor at sysoev.ru  Tue Nov  1 14:51:27 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 14:51:27 +0000
Subject: [nginx] svn commit:  r4263 - in tags: . release-1.0.9
Message-ID: 

Author: is
Date: 2011-11-01 14:51:26 +0000 (Tue, 01 Nov 2011)
New Revision: 4263

Added:
   tags/release-1.0.9/
Log:
release-1.0.9 tag



Property changes on: tags/release-1.0.9
___________________________________________________________________
Added: svn:ignore
   + access.log
client_body_temp
fastcgi_temp
proxy_temp
GNUmakefile
Makefile
makefile
nginx
nginx.conf
nginx-*.tar.gz
objs*
tmp

Added: svn:mergeinfo
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237


From igor at sysoev.ru  Tue Nov  1 15:10:47 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 15:10:47 +0000
Subject: [nginx] svn commit:  r4264 - in trunk/src: core http/modules/perl
Message-ID: 

Author: is
Date: 2011-11-01 15:10:46 +0000 (Tue, 01 Nov 2011)
New Revision: 4264

Modified:
   trunk/src/core/nginx.h
   trunk/src/http/modules/perl/nginx.pm
Log:
Version bump.


Modified: trunk/src/core/nginx.h
===================================================================
--- trunk/src/core/nginx.h	2011-11-01 14:51:26 UTC (rev 4263)
+++ trunk/src/core/nginx.h	2011-11-01 15:10:46 UTC (rev 4264)
@@ -8,8 +8,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1001007
-#define NGINX_VERSION      "1.1.7"
+#define nginx_version      1001008
+#define NGINX_VERSION      "1.1.8"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

Modified: trunk/src/http/modules/perl/nginx.pm
===================================================================
--- trunk/src/http/modules/perl/nginx.pm	2011-11-01 14:51:26 UTC (rev 4263)
+++ trunk/src/http/modules/perl/nginx.pm	2011-11-01 15:10:46 UTC (rev 4264)
@@ -48,7 +48,7 @@
     HTTP_INSUFFICIENT_STORAGE
 );
 
-our $VERSION = '1.1.7';
+our $VERSION = '1.1.8';
 
 require XSLoader;
 XSLoader::load('nginx', $VERSION);


From igor at sysoev.ru  Tue Nov  1 15:16:28 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  1 Nov 2011 15:16:28 +0000
Subject: [nginx] svn commit:  r4265 - in trunk: misc src/http/modules
Message-ID: 

Author: is
Date: 2011-11-01 15:16:28 +0000 (Tue, 01 Nov 2011)
New Revision: 4265

Removed:
   trunk/src/http/modules/ngx_http_status_module.c
Modified:
   trunk/misc/GNUmakefile
Log:
Ancient incomplete ngx_http_status_module removal.


Modified: trunk/misc/GNUmakefile
===================================================================
--- trunk/misc/GNUmakefile	2011-11-01 15:10:46 UTC (rev 4264)
+++ trunk/misc/GNUmakefile	2011-11-01 15:16:28 UTC (rev 4265)
@@ -26,8 +26,6 @@
 
 	rm -r $(TEMP)/$(NGINX)/src/mysql
 
-	rm $(TEMP)/$(NGINX)/src/http/modules/ngx_http_status_module.c
-
 	mv $(TEMP)/$(NGINX)/docs/text/LICENSE $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/text/README $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/html $(TEMP)/$(NGINX)
@@ -72,8 +70,6 @@
 
 	rm -r $(TEMP)/$(NGINX)/src/mysql
 
-	rm $(TEMP)/$(NGINX)/src/http/modules/ngx_http_status_module.c
-
 	mv $(TEMP)/$(NGINX)/docs/text/LICENSE $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/text/README $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/html $(TEMP)/$(NGINX)

Deleted: trunk/src/http/modules/ngx_http_status_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_status_module.c	2011-11-01 15:10:46 UTC (rev 4264)
+++ trunk/src/http/modules/ngx_http_status_module.c	2011-11-01 15:16:28 UTC (rev 4265)
@@ -1,309 +0,0 @@
-
-/*
- * Copyright (C) Igor Sysoev
- */
-
-
-#include 
-#include 
-#include 
-
-
-typedef struct {
-    ngx_http_request_t  *request;
-    ngx_pool_t          *pool;
-    ngx_chain_t         *head;
-    ngx_buf_t           *last;
-    size_t               size;
-} ngx_http_status_ctx_t;
-
-
-static ngx_int_t ngx_http_status(ngx_http_status_ctx_t *ctx);
-static char *ngx_http_set_status(ngx_conf_t *cf, ngx_command_t *cmd,
-                                 void *conf);
-
-static ngx_command_t  ngx_http_status_commands[] = {
-
-    { ngx_string("status"),
-      NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
-      ngx_http_set_status,
-      0,
-      0,
-      NULL },
-
-      ngx_null_command
-};
-
-
-
-static ngx_http_module_t  ngx_http_status_module_ctx = {
-    NULL,                                  /* pre conf */
-
-    NULL,                                  /* create main configuration */
-    NULL,                                  /* init main configuration */
-
-    NULL,                                  /* create server configuration */
-    NULL,                                  /* merge server configuration */
-
-    NULL,                                  /* create location configuration */
-    NULL                                   /* merge location configuration */
-};
-
-
-ngx_module_t  ngx_http_status_module = {
-    NGX_MODULE,
-    &ngx_http_status_module_ctx,           /* module context */
-    ngx_http_status_commands,              /* module directives */
-    NGX_HTTP_MODULE,                       /* module type */
-    NULL,                                  /* init module */
-    NULL                                   /* init process */
-};
-
-
-static ngx_int_t ngx_http_status_handler(ngx_http_request_t *r)
-{
-    ngx_int_t              rc;
-    ngx_http_status_ctx_t  ctx;
-
-    if (r->method != NGX_HTTP_GET && r->method != NGX_HTTP_HEAD) {
-        return NGX_HTTP_NOT_ALLOWED;
-    }
-
-    rc = ngx_http_discard_body(r);
-
-    if (rc != NGX_OK && rc != NGX_AGAIN) {
-        return rc;
-    }
-
-    r->headers_out.content_type = ngx_list_push(&r->headers_out.headers);
-    if (r->headers_out.content_type == NULL) {
-        return NGX_HTTP_INTERNAL_SERVER_ERROR;
-    }
-
-    r->headers_out.content_type->key.len = 0;
-    r->headers_out.content_type->key.data = NULL;
-    r->headers_out.content_type->value.len = sizeof("text/plain") - 1;
-    r->headers_out.content_type->value.data = (u_char *) "text/plain";
-
-    if (r->method == NGX_HTTP_HEAD) {
-        r->headers_out.status = NGX_HTTP_OK;
-
-        rc = ngx_http_send_header(r);
-
-        if (rc == NGX_ERROR || rc > NGX_OK || r->header_only) {
-            return rc;
-        }
-    }
-
-    ctx.request = r;
-    ctx.pool = r->pool;
-    ctx.head = NULL;
-    ctx.size = 0;
-
-    if (ngx_http_status(&ctx) != NGX_OK) {
-        return NGX_HTTP_INTERNAL_SERVER_ERROR;
-    }
-
-    r->headers_out.status = NGX_HTTP_OK;
-    r->headers_out.content_length_n = ctx.size;
-
-    rc = ngx_http_send_header(r);
-
-    if (rc == NGX_ERROR || rc > NGX_OK || r->header_only) {
-        return rc;
-    }
-
-    if (!r->main) {
-        ctx.last->last_buf = 1;
-    }
-
-    return ngx_http_output_filter(r, ctx.head);
-}
-
-
-static ngx_int_t ngx_http_status(ngx_http_status_ctx_t *ctx)
-{
-    u_char                      ch;
-    size_t                      len, n;
-    ngx_uint_t                  i, dash;
-    ngx_buf_t                  *b;
-    ngx_chain_t                *cl, **ll;
-    ngx_connection_t           *c;
-    ngx_http_request_t         *r;
-    ngx_http_core_main_conf_t  *cmcf;
-
-    cmcf = ngx_http_get_module_main_conf(ctx->request, ngx_http_core_module);
-
-#if (NGX_SUPPRESS_WARN)
-    b = NULL;
-    ll = NULL;
-#endif
-
-    dash = 0;
-
-    /* TODO: old connections */
-
-    c = ngx_cycle->connections;
-    for (i = 0; i < ngx_cycle->connection_n; i++) {
-
-        /* TODO: trylock connection mutex */
-
-        r = c[i].data;
-        if (r && r->signature == NGX_HTTP_MODULE) {
-
-                   /* STUB: should be NGX_PID_T_LEN */
-            len = NGX_INT64_LEN                       /* pid */
-                  + 1 + NGX_INT32_LEN                 /* connection */
-                  + 1 + 1                             /* state */
-                  + 1 + NGX_INET_ADDRSTRLEN
-                  + 1 + (r->server_name ? cmcf->max_server_name_len : 1)
-                  + 2;                                /* "\r\n" */
-
-            /* BUG: cmcf->max_server_name_len and "*.domain.tld" */
-
-
-            if (r->request_line.len) {
-                len += 1 + 1 + r->request_line.len + 1;
-            }
-
-            if (!(b = ngx_create_temp_buf(ctx->pool, len))) {
-                /* TODO: unlock mutex */
-                return NGX_ERROR;
-            }
-
-            b->last = ngx_sprintf(b->last, "%P %5ui", ngx_pid, i);
-
-            switch (r->http_state) {
-            case NGX_HTTP_INITING_REQUEST_STATE:
-                ch = 'I';
-                break;
-
-            case NGX_HTTP_READING_REQUEST_STATE:
-                ch = 'R';
-                break;
-
-            case NGX_HTTP_PROCESS_REQUEST_STATE:
-                ch = 'P';
-                break;
-
-            case NGX_HTTP_WRITING_REQUEST_STATE:
-                ch = 'W';
-                break;
-
-            case NGX_HTTP_KEEPALIVE_STATE:
-                ch = 'K';
-                break;
-
-            default:
-                ch = '?';
-            }
-
-            *(b->last++) = ' ';
-            *(b->last++) = ch;
-
-            *(b->last++) = ' ';
-            b->last = ngx_cpymem(b->last, c[i].addr_text.data,
-                                 c[i].addr_text.len);
-            for (n = c[i].addr_text.len; n < NGX_INET_ADDRSTRLEN; n++) {
-                 *(b->last++) = ' ';
-            }
-
-            *(b->last++) = ' ';
-            if (r->server_name) {
-                b->last = ngx_cpymem(b->last, r->server_name->data,
-                                     r->server_name->len);
-                for (n = r->server_name->len;
-                     n < cmcf->max_server_name_len;
-                     n++)
-                {
-                     *(b->last++) = ' ';
-                }
-
-            } else {
-                *(b->last++) = '?';
-            }
-
-            if (r->request_line.len) {
-                *(b->last++) = ' ';
-                *(b->last++) = '"';
-                b->last = ngx_cpymem(b->last, r->request_line.data,
-                                     r->request_line.len);
-                *(b->last++) = '"';
-
-            }
-
-            *(b->last++) = CR; *(b->last++) = LF;
-
-            dash = 0;
-
-        } else if (c[i].fd != -1) {
-            len = NGX_INT64_LEN                       /* pid */
-                  + 1 + NGX_INT32_LEN                 /* connection */
-                  + 1 + 1                             /* state */
-                  + 2;                                /* "\r\n" */
-
-            if (!(b = ngx_create_temp_buf(ctx->pool, len))) {
-                /* TODO: unlock mutex */
-                return NGX_ERROR;
-            }
-
-            b->last = ngx_sprintf(b->last, "%P %5ui", ngx_pid, i);
-
-            *(b->last++) = ' ';
-            *(b->last++) = 's';
-
-            *(b->last++) = CR; *(b->last++) = LF;
-
-            dash = 0;
-
-       } else if (!dash) {
-            len = 3;
-
-            if (!(b = ngx_create_temp_buf(ctx->pool, len))) {
-                /* TODO: unlock mutex */
-                return NGX_ERROR;
-            }
-
-            *(b->last++) = '-'; *(b->last++) = CR; *(b->last++) = LF;
-
-            dash = 1;
-
-        } else {
-            continue;
-        }
-
-        /* TODO: unlock mutex */
-
-        if (!(cl = ngx_alloc_chain_link(ctx->pool))) {
-            return NGX_ERROR;
-        }
-
-        if (ctx->head) {
-            *ll = cl;
-
-        } else {
-            ctx->head = cl;
-        }
-
-        cl->buf = b;
-        cl->next = NULL;
-        ll = &cl->next;
-
-        ctx->size += b->last - b->pos;
-    }
-
-    ctx->last = b;
-
-    return NGX_OK;
-}
-
-
-static char *ngx_http_set_status(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
-{
-    ngx_http_core_loc_conf_t  *clcf;
-
-    clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
-    clcf->handler = ngx_http_status_handler;
-
-    return NGX_CONF_OK;
-}


From drafting at samizdat.cc  Sat Nov  5 19:34:17 2011
From: drafting at samizdat.cc (Samizdat Drafting Co.)
Date: Sat, 5 Nov 2011 15:34:17 -0400
Subject: a digest authentication module
Message-ID: 

i've recently been working on a digest auth module for nginx and have
some functional (but untested) code posted here:
https://github.com/samizdatco/ngx-http-auth-digest

for the most part it seems to obey the RFC and is compatible with the
browsers i've tried, so i'm confident that with a bit more work it
could actually be usable in practice.

however i've run into a few roadblocks along the way, mostly relating
to saving state across requests and i wondered if anyone here could
point me in the right direction as i try to make it work in a way that
doesn't kill performance with mutex contention or i/o blocking.

the current implementation stores state in a shm-segment rbtree. this
works well so long as the amount of state doesn't exceed what was
allocated at config time, but that's hard to guarantee under high load
(and given the potentially long lifetimes for the tree nodes). is it
possible to grow the shm size after config? and if not, is this a sign
that i should actually be using the file system to cache this data
instead?

i'm also a little confused as to how the module should schedule a
recurring node-expiration callback that purges stale entries from the
rbtree. at the moment the purge function is called at the top of every
request, which feels like the wrongest possible way to do it. i've
seen mention of the cleanup hook attached to the request's pool. is
this a more appropriate place to run or are there other problems
associated with that?

these and other questions can be found here:
https://github.com/samizdatco/ngx-http-auth-digest/issues

personally i'm looking forward to a day where i no longer need apache
if i want to use digest authentication, so i'd love to get this module
to a reasonably trustworthy state. any feedback or guidance (or code!)
you could offer would be a great help.

thanks,
christian


From zzz at zzz.org.ua  Sun Nov  6 00:50:37 2011
From: zzz at zzz.org.ua (Alexandr Gomoliako)
Date: Sun, 6 Nov 2011 02:50:37 +0200
Subject: a digest authentication module
In-Reply-To: 
References: 
Message-ID: 

On Sat, Nov 5, 2011 at 9:34 PM, Samizdat Drafting Co.
 wrote:
> i've recently been working on a digest auth module for nginx and have
> some functional (but untested) code posted here:
> https://github.com/samizdatco/ngx-http-auth-digest
>
> for the most part it seems to obey the RFC and is compatible with the
> browsers i've tried, so i'm confident that with a bit more work it
> could actually be usable in practice.
>
> however i've run into a few roadblocks along the way, mostly relating
> to saving state across requests and i wondered if anyone here could
> point me in the right direction as i try to make it work in a way that
> doesn't kill performance with mutex contention or i/o blocking.
>
> the current implementation stores state in a shm-segment rbtree. this
> works well so long as the amount of state doesn't exceed what was
> allocated at config time, but that's hard to guarantee under high load
> (and given the potentially long lifetimes for the tree nodes). is it
> possible to grow the shm size after config? and if not, is this a sign
> that i should actually be using the file system to cache this data
> instead?

There is no special function to grow shm size, if that's what you're
wondering. And I think keeping it simple is the right thing to do at this
point.

> i'm also a little confused as to how the module should schedule a
> recurring node-expiration callback that purges stale entries from the
> rbtree. at the moment the purge function is called at the top of every
> request, which feels like the wrongest possible way to do it. i've
> seen mention of the cleanup hook attached to the request's pool. is
> this a more appropriate place to run or are there other problems
> associated with that?

Well, it's up to you to decide. But since entries are completely unrelated
to the request you should probably move expiration somewhere else.

> these and other questions can be found here:
> https://github.com/samizdatco/ngx-http-auth-digest/issues
>
> personally i'm looking forward to a day where i no longer need apache
> if i want to use digest authentication, so i'd love to get this module
> to a reasonably trustworthy state. any feedback or guidance (or code!)
> you could offer would be a great help.


From agentzh at gmail.com  Mon Nov  7 11:48:29 2011
From: agentzh at gmail.com (agentzh)
Date: Mon, 7 Nov 2011 19:48:29 +0800
Subject: [PATCH] Check stale write events in ngx_epoll_module
Message-ID: 

Hello!

We've run into an issue with stale write event in ngx_epoll_module.
Here's a scenario for the issue:

1. epoll_wait returns a read event and a write event for a connection,
2. ngx_epoll_process_events checks if the read event is stale and sees
it is not, then invoke the read event handler.
3. the read event handler closes the current connection and makes the
write event not yet processed stale,
4. ngx_epoll_process_events blindly continues to run the write event
handler even if the write event is already stale.

I've already attached a patch for the nginx 1.0.9 core to fix this issue.

Thanks!
-agentzh

--- nginx-1.0.9/src/event/modules/ngx_epoll_module.c	2011-09-30
22:12:53.000000000 +0800
+++ nginx-1.0.9-patched/src/event/modules/ngx_epoll_module.c	2011-11-07
18:07:04.764111952 +0800
@@ -681,6 +681,18 @@

         wev = c->write;

+        if (c->fd == -1 || wev->instance != instance) {
+
+            /*
+             * the stale event from a file descriptor
+             * that was just closed in this iteration
+             */
+
+            ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                           "epoll: stale event %p", c);
+            continue;
+        }
+
         if ((revents & EPOLLOUT) && wev->active) {

             if (flags & NGX_POST_THREAD_EVENTS) {
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-1.0.9-epoll_check_stale_wev.patch
Type: application/octet-stream
Size: 701 bytes
Desc: not available
URL: 

From mdounin at mdounin.ru  Mon Nov  7 17:51:58 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 7 Nov 2011 21:51:58 +0400
Subject: [PATCH] Check stale write events in ngx_epoll_module
In-Reply-To: 
References: 
Message-ID: <20111107175158.GU95664@mdounin.ru>

Hello!

On Mon, Nov 07, 2011 at 07:48:29PM +0800, agentzh wrote:

> Hello!
> 
> We've run into an issue with stale write event in ngx_epoll_module.
> Here's a scenario for the issue:
> 
> 1. epoll_wait returns a read event and a write event for a connection,
> 2. ngx_epoll_process_events checks if the read event is stale and sees
> it is not, then invoke the read event handler.
> 3. the read event handler closes the current connection and makes the
> write event not yet processed stale,
> 4. ngx_epoll_process_events blindly continues to run the write event
> handler even if the write event is already stale.
> 
> I've already attached a patch for the nginx 1.0.9 core to fix this issue.
> 
> Thanks!
> -agentzh
> 
> --- nginx-1.0.9/src/event/modules/ngx_epoll_module.c	2011-09-30
> 22:12:53.000000000 +0800
> +++ nginx-1.0.9-patched/src/event/modules/ngx_epoll_module.c	2011-11-07
> 18:07:04.764111952 +0800
> @@ -681,6 +681,18 @@
> 
>          wev = c->write;
> 
> +        if (c->fd == -1 || wev->instance != instance) {
> +
> +            /*
> +             * the stale event from a file descriptor
> +             * that was just closed in this iteration
> +             */
> +
> +            ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
> +                           "epoll: stale event %p", c);
> +            continue;
> +        }
> +
>          if ((revents & EPOLLOUT) && wev->active) {
> 
>              if (flags & NGX_POST_THREAD_EVENTS) {

Patch looks fine for me.  Could you please provide some details 
about user-visible effects observed if the problem occurs?

Maxim Dounin


From maage at hard.ware.fi  Mon Nov  7 19:28:07 2011
From: maage at hard.ware.fi (Markus Linnala)
Date: Mon, 07 Nov 2011 21:28:07 +0200
Subject: nginx modules and multiple escape_uri / unescape_uri definitions
Message-ID: <4EB83147.6090103@hard.ware.fi>

I ran into some problems with uri encoding. Problem is multiple and 
different implementations of escaping and unescaping uri. And 
because different programming language libraries use different ways 
of encoding.



unescape_uri:

https://github.com/phusion/nginx/blob/master/src/core/ngx_string.c#L1336

These seems to be the same with each other. They differ from core 
one by unescapeing '+' to ' '. I guess nginx conforms RFC 3986 and 
external modules tries to be compatible with other programs like 
PHP, .NET, Java.

https://github.com/agentzh/set-misc-nginx-module/blob/master/src/ngx_http_set_unescape_uri.c#L46

https://github.com/chaoslawful/lua-nginx-module/blob/master/src/ngx_http_lua_util.c#L1328

PHP encodes ' ' to '+' with urlencode
http://php.net/manual/en/function.urlencode.php

.NET Framework 4 encode ' ' to '+' with HttpUtility.UrlEncode
http://msdn.microsoft.com/en-us/library/4fkewx0t.aspx

Java 5-7 at least encode ' ' to '+'
http://download.oracle.com/javase/7/docs/api/java/net/URLEncoder.html

There is way to consolidate of unescape_uri. Add new type and then 
add version checks on modules and use core version with proper type. 
And extend modules to handle different types. Patch for nginx 
attached. 0001-application-x-www-form-urlencoded-compatible-mode.patch




escape_uri:

I guess there was need for different implementations, but it might 
be possible to consolidate external modules after this:

http://trac.nginx.org/nginx/changeset/4193/nginx

https://github.com/phusion/nginx/blob/master/src/core/ngx_string.c#L1505

These seems to be be the same. They differ from core somewhat. Core 
version of uri_component almost the same as uri on modules 
(!$*(),@`). Also args differ slightly (;&).

https://github.com/agentzh/set-misc-nginx-module/blob/master/src/ngx_http_set_escape_uri.c#L57

https://github.com/chaoslawful/lua-nginx-module/blob/master/src/ngx_http_lua_util.c#L1179

Could it be possible for set-misc and lua modules to use nginx core 
version of uri_component and args?


This is almost the same as nginx core version of uri_component. 
Couple of differences ( *~) and hex is uppercase. Commit message 
hints that new encoding was needed for java.

https://github.com/yaoweibin/memc-nginx-module/blob/master/src/ngx_http_memc_request.c#L8

I guess this is for special need and not needed to consider further.

-- 
Markus Linnala, Chief Systems Architect
Cybercom Finland
Pakkahuoneenaukio 2 A; 33100 Tampere
Mobile +358 40 5919 735
Markus.Linnala at cybercom.com

www.cybercom.fi | www.cybercom.com

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 0001-application-x-www-form-urlencoded-compatible-mode.patch
URL: 

From agentzh at gmail.com  Tue Nov  8 00:40:29 2011
From: agentzh at gmail.com (agentzh)
Date: Tue, 8 Nov 2011 08:40:29 +0800
Subject: [PATCH] Check stale write events in ngx_epoll_module
In-Reply-To: <20111107175158.GU95664@mdounin.ru>
References: 
	<20111107175158.GU95664@mdounin.ru>
Message-ID: 

On Tue, Nov 8, 2011 at 1:51 AM, Maxim Dounin  wrote:
>
> Patch looks fine for me. ?Could you please provide some details
> about user-visible effects observed if the problem occurs?
>

We've noticed this when using the ngx_postgres module to connect to a
PostgreSQL database via libpq over a no-so-good network.

The libpq library's documentation requires a write event to occur
before calling PQconnectPoll when PGRES_POLLING_WRITING was last
returned. So when a stale write event triggers the PQconnectPoll call,
libpq will simply complain about it and return an error. This is a
limitation in libpq to do non-blocking I/O and we have to work around
on the Nginx side.

Regards,
-agentzh


From robm at fastmail.fm  Tue Nov  8 01:04:01 2011
From: robm at fastmail.fm (Robert Mueller)
Date: Tue, 08 Nov 2011 12:04:01 +1100
Subject: Very odd epoll_ctl calls in mail proxy
Message-ID: <1320714241.24176.140660995963405@webmail.messagingengine.com>

I'm using nginx 1.0.8 in mail proxy mode and when trying to track down a
particular issue I happened to do an strace of a process and found
something very odd.

Our config looks pretty straight forward.

mail {
    auth_http unix:/var/state/saslauthd/nginx:/;
    imap_client_buffer  16k;

    pop3_capabilities "SASL OTP" "EXPIRE NEVER" "LOGIN-DELAY 0" ... ;
    imap_capabilities "IMAP4" "IMAP4rev1" "LITERAL+" ... ;

    server {
      listen 66.111.4.61:110;
      ... a number of other ips

      protocol pop3;
      proxy on;
      proxy_timeout  5m;
      proxy_pass_error_message on;
      auth_http_header "ServerHostname" "mail.messagingengine.com";
    }

    server {
      listen 66.111.4.61:143;
      ... a number of other ips

      protocol imap;
      proxy on;
      proxy_timeout  1h;
      auth_http_header "ServerHostname" "mail.messagingengine.com";
    }

    ... a number of other similar server blocks including ssl ones
}

Here's what the strace of the nginx process on our server looked like
(20k concurrent connections across 8 procs).

17:55:00.682440 read(599, 0xac4ba60, 34821) = -1 EAGAIN (Resource
temporarily unavailable)
17:55:00.682551 sendto(4128, "cick SELECT \"INBOX."..., 68, 0, NULL, 0)
= 68
17:55:00.682674 epoll_ctl(203, EPOLL_CTL_DEL, 7, {0, {u32=0, u64=0}}) =
0
17:55:00.682770 epoll_ctl(203, EPOLL_CTL_DEL, 8, {0, {u32=0, u64=0}}) =
0

... 170 lines or so of the same thing deleted ...

17:55:00.710905 epoll_ctl(203, EPOLL_CTL_DEL, 177, {0, {u32=0, u64=0}})
= 0
17:55:00.710997 epoll_ctl(203, EPOLL_CTL_DEL, 178, {0, {u32=0, u64=0}})
= 0
17:55:00.711092 epoll_ctl(203, EPOLL_CTL_DEL, 179, {0, {u32=0, u64=0}})
= 0
17:55:00.711184 epoll_wait(203, {{EPOLLIN|EPOLLOUT, {u32=2113145168,
u64=139674449611088}}, ...
17:55:00.711327 recvfrom(4128, "* OK [CLOSED] Ok\r\n* 37
EXISTS\r\n*"..., 4096, 0, NULL, NULL) = 344

... lots more read/write/recvfrom/sendto/epoll_wait calls

17:55:00.815683 sendto(3271, "6 EXPUNGE\r\n", 11, 0, NULL, 0) = 11
17:55:00.815820 epoll_ctl(203, EPOLL_CTL_ADD, 7, {EPOLLIN,
{u32=2112495632, u64=139674448961552}}) = 0
17:55:00.815947 epoll_ctl(203, EPOLL_CTL_ADD, 8, {EPOLLIN,
{u32=2112495824, u64=139674448961744}}) = 0

... 170 lines or so of the same thing deleted ...

17:55:00.849680 epoll_ctl(203, EPOLL_CTL_ADD, 178, {EPOLLIN,
{u32=2112528464, u64=139674448994384}}) = 0
17:55:00.850305 epoll_ctl(203, EPOLL_CTL_ADD, 179, {EPOLLIN,
{u32=2112528656, u64=139674448994576}}) = 0
17:55:00.850466 epoll_wait(203, {{EPOLLIN|EPOLLOUT, {u32=2113156497,
u64=139674449622417}}, ...
17:55:00.850638 accept4(105, {sa_family=AF_INET, sin_port=htons(4899),
sin_addr=inet_addr("a.a.a.a")}, [16], SOCK_NONBLOCK) = 4356
17:55:00.850784 write(5, "2011/11/07 17:55:00 [info] 24092"..., 94) = 94

... lots more read/write/recvfrom/sendto/epoll_wait calls

17:55:00.861272 recvfrom(3471, 0x8653b70, 4096, 0, 0, 0) = -1 EAGAIN
(Resource temporarily unavailable)
17:55:00.861404 epoll_ctl(203, EPOLL_CTL_DEL, 7, {0, {u32=0, u64=0}}) =
0
17:55:00.861514 epoll_ctl(203, EPOLL_CTL_DEL, 8, {0, {u32=0, u64=0}}) =
0

... 170 lines or so again just like above ...

I see this over and over, the same fd's (7-179) added and removed over
and over again quite rapidly.

So why would nginx be adding 170 fd's to it's epoll descriptor, then
deleting those 170 fd's a fraction later, and repeating that over and
over?

Rob
Rob Mueller
robm at fastmail.fm


From igor at sysoev.ru  Tue Nov  8 09:54:49 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Tue, 8 Nov 2011 13:54:49 +0400
Subject: Very odd epoll_ctl calls in mail proxy
In-Reply-To: <1320714241.24176.140660995963405@webmail.messagingengine.com>
References: <1320714241.24176.140660995963405@webmail.messagingengine.com>
Message-ID: <20111108095449.GC9232@nginx.com>

On Tue, Nov 08, 2011 at 12:04:01PM +1100, Robert Mueller wrote:
> I'm using nginx 1.0.8 in mail proxy mode and when trying to track down a
> particular issue I happened to do an strace of a process and found
> something very odd.
> 
> Our config looks pretty straight forward.
> 
> mail {
>     auth_http unix:/var/state/saslauthd/nginx:/;
>     imap_client_buffer  16k;
> 
>     pop3_capabilities "SASL OTP" "EXPIRE NEVER" "LOGIN-DELAY 0" ... ;
>     imap_capabilities "IMAP4" "IMAP4rev1" "LITERAL+" ... ;
> 
>     server {
>       listen 66.111.4.61:110;
>       ... a number of other ips
> 
>       protocol pop3;
>       proxy on;
>       proxy_timeout  5m;
>       proxy_pass_error_message on;
>       auth_http_header "ServerHostname" "mail.messagingengine.com";
>     }
> 
>     server {
>       listen 66.111.4.61:143;
>       ... a number of other ips
> 
>       protocol imap;
>       proxy on;
>       proxy_timeout  1h;
>       auth_http_header "ServerHostname" "mail.messagingengine.com";
>     }
> 
>     ... a number of other similar server blocks including ssl ones
> }
> 
> Here's what the strace of the nginx process on our server looked like
> (20k concurrent connections across 8 procs).
> 
> 17:55:00.682440 read(599, 0xac4ba60, 34821) = -1 EAGAIN (Resource
> temporarily unavailable)
> 17:55:00.682551 sendto(4128, "cick SELECT \"INBOX."..., 68, 0, NULL, 0)
> = 68
> 17:55:00.682674 epoll_ctl(203, EPOLL_CTL_DEL, 7, {0, {u32=0, u64=0}}) =
> 0
> 17:55:00.682770 epoll_ctl(203, EPOLL_CTL_DEL, 8, {0, {u32=0, u64=0}}) =
> 0
> 
> ... 170 lines or so of the same thing deleted ...
> 
> 17:55:00.710905 epoll_ctl(203, EPOLL_CTL_DEL, 177, {0, {u32=0, u64=0}})
> = 0
> 17:55:00.710997 epoll_ctl(203, EPOLL_CTL_DEL, 178, {0, {u32=0, u64=0}})
> = 0
> 17:55:00.711092 epoll_ctl(203, EPOLL_CTL_DEL, 179, {0, {u32=0, u64=0}})
> = 0
> 17:55:00.711184 epoll_wait(203, {{EPOLLIN|EPOLLOUT, {u32=2113145168,
> u64=139674449611088}}, ...
> 17:55:00.711327 recvfrom(4128, "* OK [CLOSED] Ok\r\n* 37
> EXISTS\r\n*"..., 4096, 0, NULL, NULL) = 344
> 
> ... lots more read/write/recvfrom/sendto/epoll_wait calls
> 
> 17:55:00.815683 sendto(3271, "6 EXPUNGE\r\n", 11, 0, NULL, 0) = 11
> 17:55:00.815820 epoll_ctl(203, EPOLL_CTL_ADD, 7, {EPOLLIN,
> {u32=2112495632, u64=139674448961552}}) = 0
> 17:55:00.815947 epoll_ctl(203, EPOLL_CTL_ADD, 8, {EPOLLIN,
> {u32=2112495824, u64=139674448961744}}) = 0
> 
> ... 170 lines or so of the same thing deleted ...
> 
> 17:55:00.849680 epoll_ctl(203, EPOLL_CTL_ADD, 178, {EPOLLIN,
> {u32=2112528464, u64=139674448994384}}) = 0
> 17:55:00.850305 epoll_ctl(203, EPOLL_CTL_ADD, 179, {EPOLLIN,
> {u32=2112528656, u64=139674448994576}}) = 0
> 17:55:00.850466 epoll_wait(203, {{EPOLLIN|EPOLLOUT, {u32=2113156497,
> u64=139674449622417}}, ...
> 17:55:00.850638 accept4(105, {sa_family=AF_INET, sin_port=htons(4899),
> sin_addr=inet_addr("a.a.a.a")}, [16], SOCK_NONBLOCK) = 4356
> 17:55:00.850784 write(5, "2011/11/07 17:55:00 [info] 24092"..., 94) = 94
> 
> ... lots more read/write/recvfrom/sendto/epoll_wait calls
> 
> 17:55:00.861272 recvfrom(3471, 0x8653b70, 4096, 0, 0, 0) = -1 EAGAIN
> (Resource temporarily unavailable)
> 17:55:00.861404 epoll_ctl(203, EPOLL_CTL_DEL, 7, {0, {u32=0, u64=0}}) =
> 0
> 17:55:00.861514 epoll_ctl(203, EPOLL_CTL_DEL, 8, {0, {u32=0, u64=0}}) =
> 0
> 
> ... 170 lines or so again just like above ...
> 
> I see this over and over, the same fd's (7-179) added and removed over
> and over again quite rapidly.
> 
> So why would nginx be adding 170 fd's to it's epoll descriptor, then
> deleting those 170 fd's a fraction later, and repeating that over and
> over?

It seems you have about 170 listen directives.
This is probably caused by accept_mutex. Try

events {
     accept_mutex  off;
     ...
}

Probably it's better to disable accept_mutex by default.


-- 
Igor Sysoev


From igor at sysoev.ru  Tue Nov  8 13:17:15 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  8 Nov 2011 13:17:15 +0000
Subject: [nginx] svn commit:  r4266 - trunk/src/http/modules
Message-ID: 

Author: is
Date: 2011-11-08 13:17:14 +0000 (Tue, 08 Nov 2011)
New Revision: 4266

Modified:
   trunk/src/http/modules/ngx_http_image_filter_module.c
Log:
The "image_filter_sharpen" directive.


Modified: trunk/src/http/modules/ngx_http_image_filter_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_image_filter_module.c	2011-11-01 15:16:28 UTC (rev 4265)
+++ trunk/src/http/modules/ngx_http_image_filter_module.c	2011-11-08 13:17:14 UTC (rev 4266)
@@ -41,6 +41,7 @@
     ngx_uint_t                   height;
     ngx_uint_t                   angle;
     ngx_uint_t                   jpeg_quality;
+    ngx_uint_t                   sharpen;
 
     ngx_flag_t                   transparency;
 
@@ -48,6 +49,7 @@
     ngx_http_complex_value_t    *hcv;
     ngx_http_complex_value_t    *acv;
     ngx_http_complex_value_t    *jqcv;
+    ngx_http_complex_value_t    *shcv;
 
     size_t                       buffer_size;
 } ngx_http_image_filter_conf_t;
@@ -105,6 +107,8 @@
     void *conf);
 static char *ngx_http_image_filter_jpeg_quality(ngx_conf_t *cf,
     ngx_command_t *cmd, void *conf);
+static char *ngx_http_image_filter_sharpen(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
 static ngx_int_t ngx_http_image_filter_init(ngx_conf_t *cf);
 
 
@@ -124,6 +128,13 @@
       0,
       NULL },
 
+    { ngx_string("image_filter_sharpen"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+      ngx_http_image_filter_sharpen,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      0,
+      NULL },
+
     { ngx_string("image_filter_transparency"),
       NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
       ngx_conf_set_flag_slot,
@@ -724,7 +735,7 @@
 ngx_http_image_resize(ngx_http_request_t *r, ngx_http_image_filter_ctx_t *ctx)
 {
     int                            sx, sy, dx, dy, ox, oy, ax, ay, size,
-                                   colors, palette, transparent,
+                                   colors, palette, transparent, sharpen,
                                    red, green, blue, t;
     u_char                        *out;
     ngx_buf_t                     *b;
@@ -948,6 +959,11 @@
         gdImageColorTransparent(dst, gdImageColorExact(dst, red, green, blue));
     }
 
+    sharpen = ngx_http_image_filter_get_value(r, conf->shcv, conf->sharpen);
+    if (sharpen > 0) {
+        gdImageSharpen(dst, sharpen);
+    }
+
     out = ngx_http_image_out(r, ctx->type, dst, &size);
 
     ngx_log_debug3(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
@@ -1156,6 +1172,7 @@
 
     conf->filter = NGX_CONF_UNSET_UINT;
     conf->jpeg_quality = NGX_CONF_UNSET_UINT;
+    conf->sharpen = NGX_CONF_UNSET_UINT;
     conf->angle = NGX_CONF_UNSET_UINT;
     conf->transparency = NGX_CONF_UNSET;
     conf->buffer_size = NGX_CONF_UNSET_SIZE;
@@ -1191,6 +1208,12 @@
         conf->jqcv = prev->jqcv;
     }
 
+    ngx_conf_merge_uint_value(conf->sharpen, prev->sharpen, 0);
+
+    if (conf->shcv == NULL) {
+        conf->shcv = prev->shcv;
+    }
+
     ngx_conf_merge_uint_value(conf->angle, prev->angle, 0);
     if (conf->acv == NULL) {
         conf->acv = prev->acv;
@@ -1401,6 +1424,53 @@
 }
 
 
+static char *
+ngx_http_image_filter_sharpen(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf)
+{
+    ngx_http_image_filter_conf_t *imcf = conf;
+
+    ngx_str_t                         *value;
+    ngx_int_t                          n;
+    ngx_http_complex_value_t           cv;
+    ngx_http_compile_complex_value_t   ccv;
+
+    value = cf->args->elts;
+
+    ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
+
+    ccv.cf = cf;
+    ccv.value = &value[1];
+    ccv.complex_value = &cv;
+
+    if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    if (cv.lengths == NULL) {
+        n = ngx_http_image_filter_value(&value[1]);
+
+        if (n < 0) {
+            ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                               "invalid parameter \"%V\"", &value[1]);
+            return NGX_CONF_ERROR;
+        }
+
+        imcf->sharpen = (ngx_uint_t) n;
+
+    } else {
+        imcf->shcv = ngx_palloc(cf->pool, sizeof(ngx_http_complex_value_t));
+        if (imcf->shcv == NULL) {
+            return NGX_CONF_ERROR;
+        }
+
+        *imcf->shcv = cv;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
 static ngx_int_t
 ngx_http_image_filter_init(ngx_conf_t *cf)
 {


From igor at sysoev.ru  Tue Nov  8 13:48:23 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue,  8 Nov 2011 13:48:23 +0000
Subject: [nginx] svn commit:  r4267 - trunk/src/http
Message-ID: 

Author: is
Date: 2011-11-08 13:48:23 +0000 (Tue, 08 Nov 2011)
New Revision: 4267

Modified:
   trunk/src/http/ngx_http_core_module.c
Log:
Fix of "keepalive_disable" directive.


Modified: trunk/src/http/ngx_http_core_module.c
===================================================================
--- trunk/src/http/ngx_http_core_module.c	2011-11-08 13:17:14 UTC (rev 4266)
+++ trunk/src/http/ngx_http_core_module.c	2011-11-08 13:48:23 UTC (rev 4267)
@@ -143,7 +143,7 @@
 };
 
 
-static ngx_conf_enum_t  ngx_http_core_keepalive_disable[] = {
+static ngx_conf_bitmask_t  ngx_http_core_keepalive_disable[] = {
     { ngx_string("none"), NGX_HTTP_KEEPALIVE_DISABLE_NONE },
     { ngx_string("msie6"), NGX_HTTP_KEEPALIVE_DISABLE_MSIE6 },
     { ngx_string("safari"), NGX_HTTP_KEEPALIVE_DISABLE_SAFARI },
@@ -513,8 +513,8 @@
       NULL },
 
     { ngx_string("keepalive_disable"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
-      ngx_conf_set_enum_slot,
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE12,
+      ngx_conf_set_bitmask_slot,
       NGX_HTTP_LOC_CONF_OFFSET,
       offsetof(ngx_http_core_loc_conf_t, keepalive_disable),
       &ngx_http_core_keepalive_disable },
@@ -3475,9 +3475,11 @@
     ngx_conf_merge_msec_value(conf->client_body_timeout,
                               prev->client_body_timeout, 60000);
 
-    ngx_conf_merge_uint_value(conf->keepalive_disable, prev->keepalive_disable,
-                              NGX_HTTP_KEEPALIVE_DISABLE_MSIE6
-                              |NGX_HTTP_KEEPALIVE_DISABLE_SAFARI);
+    ngx_conf_merge_bitmask_value(conf->keepalive_disable,
+                              prev->keepalive_disable,
+                              (NGX_CONF_BITMASK_SET
+                               |NGX_HTTP_KEEPALIVE_DISABLE_MSIE6
+                               |NGX_HTTP_KEEPALIVE_DISABLE_SAFARI));
     ngx_conf_merge_uint_value(conf->satisfy, prev->satisfy,
                               NGX_HTTP_SATISFY_ALL);
     ngx_conf_merge_uint_value(conf->if_modified_since, prev->if_modified_since,


From robm at fastmail.fm  Tue Nov  8 22:54:32 2011
From: robm at fastmail.fm (Robert Mueller)
Date: Wed, 09 Nov 2011 09:54:32 +1100
Subject: Very odd epoll_ctl calls in mail proxy
In-Reply-To: <20111108095449.GC9232@nginx.com>
References: <1320714241.24176.140660995963405@webmail.messagingengine.com>
	<20111108095449.GC9232@nginx.com>
Message-ID: <1320792872.4104.140660996418381@webmail.messagingengine.com>


> It seems you have about 170 listen directives.

Indeed we do! Add together ipv4 + ipv6 + a failover ips + a number of
alternative ports and configurations, and it does add up!

> This is probably caused by accept_mutex. Try
> 
> events {
>      accept_mutex  off;
>      ...
> }
> 
> Probably it's better to disable accept_mutex by default.

Ah right, makes sense, I've gone and added that.

Not sure if it's an issue, but an alternative would be to create a
separate "accepting" fd, add all the listening fd's to that one, and
only add/remove that fd from the main polling set when you have the
mutex.

That at least should work for epoll, which says:

Q3  Is the epoll file descriptor itself poll/epoll/selectable?
A3  Yes.  If an epoll file descriptor has events waiting then it will
indicate as being readable.

Not sure if it's worth it though, given you can just turn off the accept
mutex, and apparently linux no longer has a thundering herd issue:

http://stackoverflow.com/questions/2213779/does-the-thundering-herd-problem-exist-on-linux-anymore

I'd like to see an LKML post about that though...

Rob


From simohayha.bobo at gmail.com  Wed Nov  9 08:48:38 2011
From: simohayha.bobo at gmail.com (Simon Liu)
Date: Wed, 9 Nov 2011 16:48:38 +0800
Subject: [PATCH] off_t size problem
Message-ID: 

Nginx define _FILE_OFFSET_BITS=64 in linux platform(ngx_linux_config.h),
and it will cause size of off_t is 8 byte. Therefore it should  include
nginx header file in starting position of other module(must be before
), otherwise off_t will be 4 byte(32 bit system) in the
module, this will be to cause some confusion .

I think use gcc -D will be better.

this is my patch:

Index: auto/os/linux
=================================================================== ---
auto/os/linux (revision 4267) +++ auto/os/linux (working copy) @@ -15,6
+15,9 @@ CC_AUX_FLAGS="$cc_aux_flags -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64"
+CFLAGS="$CFLAGS -D_FILE_OFFSET_BITS=64" + + # Linux kernel version
version=$((`uname -r \ Index: src/os/unix/ngx_linux_config.h
=================================================================== ---
src/os/unix/ngx_linux_config.h (revision 4267) +++
src/os/unix/ngx_linux_config.h (working copy) @@ -12,7 +12,6 @@ #define
_GNU_SOURCE /* pread(), pwrite(), gethostname() */ #endif -#define
_FILE_OFFSET_BITS 64 #include  #include 



-- 
douban:www.douban.com/people/mustang/

blog: www.pagefault.info

twitter: www.twitter.com/minibobo

weibo:  www.weibo.com/diaoliang
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: off.patch
Type: text/x-patch
Size: 726 bytes
Desc: not available
URL: 

From agentzh at gmail.com  Wed Nov  9 09:49:51 2011
From: agentzh at gmail.com (agentzh)
Date: Wed, 9 Nov 2011 17:49:51 +0800
Subject: [PATCH] Ignore response header entries with zero hash in
	ngx_http_varaible_headers
In-Reply-To: 
References: 
	<20110930160528.GX1137@mdounin.ru>
	
Message-ID: 

On Sat, Oct 1, 2011 at 2:08 AM, agentzh  wrote:
>
> Thank you for the review. I've already updated the patch per your
> suggestion and tested on my side :)
>

Markus Linnala has found a memory overflow issue in my previous patch.
Here attaches an updated one for nginx 1.0.9.

Thanks!
-agentzh

--- nginx-1.0.9/src/http/ngx_http_variables.c	2011-05-30
20:36:17.000000000 +0800
+++ nginx-1.0.9-patched/src/http/ngx_http_variables.c	2011-11-08
22:21:55.229247198 +0800
@@ -648,7 +648,17 @@

     a = (ngx_array_t *) ((char *) r + data);

-    n = a->nelts;
+    h = a->elts;
+    n = 0;
+
+    for (i = 0; i < a->nelts; i++) {
+
+        if (h[i]->hash == 0) {
+            continue;
+        }
+
+        n++;
+    }

     if (n == 0) {
         v->not_found = 1;
@@ -659,9 +669,7 @@
     v->no_cacheable = 0;
     v->not_found = 0;

-    h = a->elts;
-
-    if (n == 1) {
+    if (n == 1 && a->nelts == 1) {
         v->len = (*h)->value.len;
         v->data = (*h)->value.data;

@@ -670,7 +678,12 @@

     len = - (ssize_t) (sizeof("; ") - 1);

-    for (i = 0; i < n; i++) {
+    for (i = 0; i < a->nelts; i++) {
+
+        if (h[i]->hash == 0) {
+            continue;
+        }
+
         len += h[i]->value.len + sizeof("; ") - 1;
     }

@@ -683,9 +696,14 @@
     v->data = p;

     for (i = 0; /* void */ ; i++) {
+
+        if (h[i]->hash == 0) {
+            continue;
+        }
+
         p = ngx_copy(p, h[i]->value.data, h[i]->value.len);

-        if (i == n - 1) {
+        if (--n == 0) {
             break;
         }

@@ -738,6 +756,10 @@
             i = 0;
         }

+        if (header[i].hash == 0) {
+            continue;
+        }
+
         for (n = 0; n + prefix < var->len && n < header[i].key.len; n++) {
             ch = header[i].key.data[n];
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-1.0.9-variable_header_ignore_no_hash.patch
Type: application/octet-stream
Size: 1499 bytes
Desc: not available
URL: 

From igor at sysoev.ru  Wed Nov  9 10:47:21 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Wed, 9 Nov 2011 14:47:21 +0400
Subject: Very odd epoll_ctl calls in mail proxy
In-Reply-To: <1320792872.4104.140660996418381@webmail.messagingengine.com>
References: <1320714241.24176.140660995963405@webmail.messagingengine.com>
	<20111108095449.GC9232@nginx.com>
	<1320792872.4104.140660996418381@webmail.messagingengine.com>
Message-ID: <20111109104721.GC36753@nginx.com>

On Wed, Nov 09, 2011 at 09:54:32AM +1100, Robert Mueller wrote:
> 
> > It seems you have about 170 listen directives.
> 
> Indeed we do! Add together ipv4 + ipv6 + a failover ips + a number of
> alternative ports and configurations, and it does add up!
> 
> > This is probably caused by accept_mutex. Try
> > 
> > events {
> >      accept_mutex  off;
> >      ...
> > }
> > 
> > Probably it's better to disable accept_mutex by default.
> 
> Ah right, makes sense, I've gone and added that.
> 
> Not sure if it's an issue, but an alternative would be to create a
> separate "accepting" fd, add all the listening fd's to that one, and
> only add/remove that fd from the main polling set when you have the
> mutex.
> 
> That at least should work for epoll, which says:
> 
> Q3  Is the epoll file descriptor itself poll/epoll/selectable?
> A3  Yes.  If an epoll file descriptor has events waiting then it will
> indicate as being readable.

Yes, this method should work with epoll and kqueue, but not sure about
Solaris /dev/poll and event ports.

> Not sure if it's worth it though, given you can just turn off the accept
> mutex, and apparently linux no longer has a thundering herd issue:
> 
> http://stackoverflow.com/questions/2213779/does-the-thundering-herd-problem-exist-on-linux-anymore
> 
> I'd like to see an LKML post about that though...

Could you tell is any difference in CPU usage or in "top" if accept_mutex
is off in your system ? How much accepts per second does nginx process ?


-- 
Igor Sysoev


From igor at sysoev.ru  Wed Nov  9 13:54:07 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Wed,  9 Nov 2011 13:54:07 +0000
Subject: [nginx] svn commit:  r4268 - trunk/src/core
Message-ID: 

Author: is
Date: 2011-11-09 13:54:07 +0000 (Wed, 09 Nov 2011)
New Revision: 4268

Modified:
   trunk/src/core/ngx_resolver.c
Log:
Fixed compression pointer processing in DNS response greater than 255 bytes.

Thanks to Ben Hawkes.


Modified: trunk/src/core/ngx_resolver.c
===================================================================
--- trunk/src/core/ngx_resolver.c	2011-11-08 13:48:23 UTC (rev 4267)
+++ trunk/src/core/ngx_resolver.c	2011-11-09 13:54:07 UTC (rev 4268)
@@ -1952,7 +1952,13 @@
     n = *src++;
 
     for ( ;; ) {
-        if (n != 0xc0) {
+        if (n & 0xc0) {
+            n = ((n & 0x3f) << 8) + *src;
+            src = &buf[n];
+
+            n = *src++;
+
+        } else {
             ngx_memcpy(dst, src, n);
             dst += n;
             src += n;
@@ -1962,12 +1968,6 @@
             if (n != 0) {
                 *dst++ = '.';
             }
-
-        } else {
-            n = ((n & 0x3f) << 8) + *src;
-            src = &buf[n];
-
-            n = *src++;
         }
 
         if (n == 0) {


From ru at nginx.com  Wed Nov  9 14:50:33 2011
From: ru at nginx.com (ru at nginx.com)
Date: Wed,  9 Nov 2011 14:50:33 +0000
Subject: [nginx] svn commit:  r4269 - trunk/docs/xml/nginx
Message-ID: <20111109145033.BE0E23F9C39@mail.nginx.com>

Author: ru
Date: 2011-11-09 14:50:33 +0000 (Wed, 09 Nov 2011)
New Revision: 4269

Log:
Belatedly fixed language in 1.1.7 relnotes.


Modified:
   trunk/docs/xml/nginx/changes.xml

Modified: trunk/docs/xml/nginx/changes.xml
===================================================================
--- trunk/docs/xml/nginx/changes.xml	2011-11-09 13:54:07 UTC (rev 4268)
+++ trunk/docs/xml/nginx/changes.xml	2011-11-09 14:50:33 UTC (rev 4269)
@@ -17,7 +17,7 @@
 ??????? ??????? ??????????.
 
 
-support of several resolvers in the "resolver" directive.

+support of several DNS servers in the "resolver" directive.

 Thanks to Kirill A. Korinskiy.
 
 
@@ -29,7 +29,7 @@
 ssl_certificate.
 
 
-a segmentation fault occurred on start or while reconfiguration 
+a segmentation fault occurred on start or during reconfiguration 
 if the "ssl" directive was used at http level and there was
 no "ssl_certificate" defined.
 
@@ -41,7 +41,7 @@
 ???? ??? ???????????????? ?? ????.
 
 
-reduced memory consumption while proxying of big files
+reduced memory consumption while proxying big files
 if they were buffered to disk.
 
 


From mdounin at mdounin.ru  Wed Nov  9 19:53:01 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 9 Nov 2011 23:53:01 +0400
Subject: [PATCH] off_t size problem
In-Reply-To: 
References: 
Message-ID: <20111109195301.GN95664@mdounin.ru>

Hello!

On Wed, Nov 09, 2011 at 04:48:38PM +0800, Simon Liu wrote:

> Nginx define _FILE_OFFSET_BITS=64 in linux platform(ngx_linux_config.h),
> and it will cause size of off_t is 8 byte. Therefore it should  include
> nginx header file in starting position of other module(must be before
> ), otherwise off_t will be 4 byte(32 bit system) in the
> module, this will be to cause some confusion .
> 
> I think use gcc -D will be better.

Not really.  Failing to include nginx headers before anything else 
will cause other problems as well (e.g. take a look at 
ngx_win32_config.h), and moving _FILE_OFFSET_BITS to compiler 
arguments won't solve the problem but rather hide it.

Maxim Dounin


From ru at nginx.com  Thu Nov 10 09:13:10 2011
From: ru at nginx.com (ru at nginx.com)
Date: Thu, 10 Nov 2011 09:13:10 +0000
Subject: [nginx] svn commit:  r4270 - trunk/src/http
Message-ID: <20111110091310.33FE33F9C2E@mail.nginx.com>

Author: ru
Date: 2011-11-10 09:13:09 +0000 (Thu, 10 Nov 2011)
New Revision: 4270

Log:
Changed error message to be more appropriate in the imaginary
"open_file_cache max=0" case.


Modified:
   trunk/src/http/ngx_http_core_module.c

Modified: trunk/src/http/ngx_http_core_module.c
===================================================================
--- trunk/src/http/ngx_http_core_module.c	2011-11-09 14:50:33 UTC (rev 4269)
+++ trunk/src/http/ngx_http_core_module.c	2011-11-10 09:13:09 UTC (rev 4270)
@@ -4400,7 +4400,7 @@
         if (ngx_strncmp(value[i].data, "max=", 4) == 0) {
 
             max = ngx_atoi(value[i].data + 4, value[i].len - 4);
-            if (max == NGX_ERROR) {
+            if (max <= 0) {
                 goto failed;
             }
 


From emmanuel.deloget at efixo.com  Thu Nov 10 10:32:53 2011
From: emmanuel.deloget at efixo.com (Emmanuel Deloget)
Date: Thu, 10 Nov 2011 11:32:53 +0100
Subject: Support to build nginx from an out-of-tree directory
Message-ID: <4EBBA855.7030102@efixo.com>

Hello list,

Attached you'll find a small patch that allow someone to build nginx from a
random directory. Its goal is to support the persons who want to test multiple
build of nginx, or people who do not want to pollute the nginx source tree
with files and directories that do not belong here.

Here is a sample use:

~$ tar zxvf nginx-1.0.9.tar.gz
~$ mkdir nginx-build && cd nginx-build
~$ ../nginx-1.0.9/configure --prefix=/home/me/nginx --user=me --group=me
~$ make && make install

The role of the patch is to find where the nginx source are located (thankfully,
this path is also the path were the configure script is stored) and to setup the
build directory in order to allow successfull compilation and installation of
nginx.

It successfully isolate the build directory from the source directory, unlike
the --builddir option (which still add some files in the source directory).

Signed-Off-By: Emmanuel Deloget 

Best regards,

-- Emmanuel Deloget
-------------- next part --------------
A non-text attachment was scrubbed...
Name: call-configure-from-build-dir.patch
Type: text/x-diff
Size: 405 bytes
Desc: not available
URL: 

From igor at sysoev.ru  Thu Nov 10 10:34:03 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Thu, 10 Nov 2011 14:34:03 +0400
Subject: Very odd epoll_ctl calls in mail proxy
In-Reply-To: <20111109104721.GC36753@nginx.com>
References: <1320714241.24176.140660995963405@webmail.messagingengine.com>
	<20111108095449.GC9232@nginx.com>
	<1320792872.4104.140660996418381@webmail.messagingengine.com>
	<20111109104721.GC36753@nginx.com>
Message-ID: <20111110103403.GB74306@nginx.com>

On Wed, Nov 09, 2011 at 02:47:21PM +0400, Igor Sysoev wrote:
> On Wed, Nov 09, 2011 at 09:54:32AM +1100, Robert Mueller wrote:
> > 
> > > It seems you have about 170 listen directives.
> > 
> > Indeed we do! Add together ipv4 + ipv6 + a failover ips + a number of
> > alternative ports and configurations, and it does add up!
> > 
> > > This is probably caused by accept_mutex. Try
> > > 
> > > events {
> > >      accept_mutex  off;
> > >      ...
> > > }
> > > 
> > > Probably it's better to disable accept_mutex by default.
> > 
> > Ah right, makes sense, I've gone and added that.
> > 
> > Not sure if it's an issue, but an alternative would be to create a
> > separate "accepting" fd, add all the listening fd's to that one, and
> > only add/remove that fd from the main polling set when you have the
> > mutex.
> > 
> > That at least should work for epoll, which says:
> > 
> > Q3  Is the epoll file descriptor itself poll/epoll/selectable?
> > A3  Yes.  If an epoll file descriptor has events waiting then it will
> > indicate as being readable.
> 
> Yes, this method should work with epoll and kqueue, but not sure about
> Solaris /dev/poll and event ports.
> 
> > Not sure if it's worth it though, given you can just turn off the accept
> > mutex, and apparently linux no longer has a thundering herd issue:
> > 
> > http://stackoverflow.com/questions/2213779/does-the-thundering-herd-problem-exist-on-linux-anymore
> > 
> > I'd like to see an LKML post about that though...
> 
> Could you tell is any difference in CPU usage or in "top" if accept_mutex
> is off in your system ? How much accepts per second does nginx process ?

I've just tested on FreeBSD 8.2-STABLE/amd64:

FreeBSD/SMP: Multiprocessor System Detected: 8 CPUs
FreeBSD/SMP: 1 package(s) x 4 core(s) x 2 SMT threads

8 workers eat ~1% more without accept_mutex on ~240 accepts/second.


-- 
Igor Sysoev


From vbart at nginx.com  Thu Nov 10 15:51:56 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Thu, 10 Nov 2011 15:51:56 +0000
Subject: [nginx] svn commit:  r4271 - trunk/src/http/modules
Message-ID: 

Author: vbart
Date: 2011-11-10 15:51:55 +0000 (Thu, 10 Nov 2011)
New Revision: 4271

Modified:
   trunk/src/http/modules/ngx_http_limit_zone_module.c
Log:
Limit zone: rbtree lookup moved to a separate function.

No functional changes.


Modified: trunk/src/http/modules/ngx_http_limit_zone_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-10 09:13:09 UTC (rev 4270)
+++ trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-10 15:51:55 UTC (rev 4271)
@@ -37,6 +37,8 @@
 } ngx_http_limit_zone_conf_t;
 
 
+static ngx_rbtree_node_t *ngx_http_limit_zone_lookup(ngx_rbtree_t *rbtree,
+    ngx_http_variable_value_t *vv, uint32_t hash);
 static void ngx_http_limit_zone_cleanup(void *data);
 
 static void *ngx_http_limit_zone_create_conf(ngx_conf_t *cf);
@@ -121,9 +123,8 @@
 {
     size_t                          len, n;
     uint32_t                        hash;
-    ngx_int_t                       rc;
     ngx_slab_pool_t                *shpool;
-    ngx_rbtree_node_t              *node, *sentinel;
+    ngx_rbtree_node_t              *node;
     ngx_pool_cleanup_t             *cln;
     ngx_http_variable_value_t      *vv;
     ngx_http_limit_zone_ctx_t      *ctx;
@@ -176,71 +177,47 @@
 
     ngx_shmtx_lock(&shpool->mutex);
 
-    node = ctx->rbtree->root;
-    sentinel = ctx->rbtree->sentinel;
+    node = ngx_http_limit_zone_lookup(ctx->rbtree, vv, hash);
 
-    while (node != sentinel) {
+    if (node == NULL) {
 
-        if (hash < node->key) {
-            node = node->left;
-            continue;
-        }
+        n = offsetof(ngx_rbtree_node_t, color)
+            + offsetof(ngx_http_limit_zone_node_t, data)
+            + len;
 
-        if (hash > node->key) {
-            node = node->right;
-            continue;
+        node = ngx_slab_alloc_locked(shpool, n);
+        if (node == NULL) {
+            ngx_shmtx_unlock(&shpool->mutex);
+            return NGX_HTTP_SERVICE_UNAVAILABLE;
         }
 
-        /* hash == node->key */
+        lz = (ngx_http_limit_zone_node_t *) &node->color;
 
-        do {
-            lz = (ngx_http_limit_zone_node_t *) &node->color;
+        node->key = hash;
+        lz->len = (u_char) len;
+        lz->conn = 1;
+        ngx_memcpy(lz->data, vv->data, len);
 
-            rc = ngx_memn2cmp(vv->data, lz->data, len, (size_t) lz->len);
+        ngx_rbtree_insert(ctx->rbtree, node);
 
-            if (rc == 0) {
-                if ((ngx_uint_t) lz->conn < lzcf->conn) {
-                    lz->conn++;
-                    goto done;
-                }
+    } else {
 
-                ngx_shmtx_unlock(&shpool->mutex);
+        lz = (ngx_http_limit_zone_node_t *) &node->color;
 
-                ngx_log_error(lzcf->log_level, r->connection->log, 0,
-                              "limiting connections by zone \"%V\"",
-                              &lzcf->shm_zone->shm.name);
+        if ((ngx_uint_t) lz->conn >= lzcf->conn) {
 
-                return NGX_HTTP_SERVICE_UNAVAILABLE;
-            }
+            ngx_shmtx_unlock(&shpool->mutex);
 
-            node = (rc < 0) ? node->left : node->right;
+            ngx_log_error(lzcf->log_level, r->connection->log, 0,
+                          "limiting connections by zone \"%V\"",
+                          &lzcf->shm_zone->shm.name);
 
-        } while (node != sentinel && hash == node->key);
+            return NGX_HTTP_SERVICE_UNAVAILABLE;
+        }
 
-        break;
+        lz->conn++;
     }
 
-    n = offsetof(ngx_rbtree_node_t, color)
-        + offsetof(ngx_http_limit_zone_node_t, data)
-        + len;
-
-    node = ngx_slab_alloc_locked(shpool, n);
-    if (node == NULL) {
-        ngx_shmtx_unlock(&shpool->mutex);
-        return NGX_HTTP_SERVICE_UNAVAILABLE;
-    }
-
-    lz = (ngx_http_limit_zone_node_t *) &node->color;
-
-    node->key = hash;
-    lz->len = (u_char) len;
-    lz->conn = 1;
-    ngx_memcpy(lz->data, vv->data, len);
-
-    ngx_rbtree_insert(ctx->rbtree, node);
-
-done:
-
     ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "limit zone: %08XD %d", node->key, lz->conn);
 
@@ -297,6 +274,51 @@
 }
 
 
+static ngx_rbtree_node_t *
+ngx_http_limit_zone_lookup(ngx_rbtree_t *rbtree, ngx_http_variable_value_t *vv,
+    uint32_t hash)
+{
+    ngx_int_t                    rc;
+    ngx_rbtree_node_t           *node, *sentinel;
+    ngx_http_limit_zone_node_t  *lzn;
+
+    node = rbtree->root;
+    sentinel = rbtree->sentinel;
+
+    while (node != sentinel) {
+
+        if (hash < node->key) {
+            node = node->left;
+            continue;
+        }
+
+        if (hash > node->key) {
+            node = node->right;
+            continue;
+        }
+
+        /* hash == node->key */
+
+        do {
+            lzn = (ngx_http_limit_zone_node_t *) &node->color;
+
+            rc = ngx_memn2cmp(vv->data, lzn->data,
+                              (size_t) vv->len, (size_t) lzn->len);
+            if (rc == 0) {
+                return node;
+            }
+
+            node = (rc < 0) ? node->left : node->right;
+
+        } while (node != sentinel && hash == node->key);
+
+        break;
+    }
+
+    return NULL;
+}
+
+
 static void
 ngx_http_limit_zone_cleanup(void *data)
 {


From vbart at nginx.com  Thu Nov 10 16:08:14 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Thu, 10 Nov 2011 16:08:14 +0000
Subject: [nginx] svn commit:  r4272 - trunk/src/http/modules
Message-ID: 

Author: vbart
Date: 2011-11-10 16:08:13 +0000 (Thu, 10 Nov 2011)
New Revision: 4272

Modified:
   trunk/src/http/modules/ngx_http_limit_zone_module.c
Log:
Limit zone: support for multiple "limit_conn" limits.


Modified: trunk/src/http/modules/ngx_http_limit_zone_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-10 15:51:55 UTC (rev 4271)
+++ trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-10 16:08:13 UTC (rev 4272)
@@ -33,6 +33,11 @@
 typedef struct {
     ngx_shm_zone_t     *shm_zone;
     ngx_uint_t          conn;
+} ngx_http_limit_zone_limit_t;
+
+
+typedef struct {
+    ngx_array_t         limits;
     ngx_uint_t          log_level;
 } ngx_http_limit_zone_conf_t;
 
@@ -40,6 +45,7 @@
 static ngx_rbtree_node_t *ngx_http_limit_zone_lookup(ngx_rbtree_t *rbtree,
     ngx_http_variable_value_t *vv, uint32_t hash);
 static void ngx_http_limit_zone_cleanup(void *data);
+static ngx_inline void ngx_http_limit_zone_cleanup_all(ngx_pool_t *pool);
 
 static void *ngx_http_limit_zone_create_conf(ngx_conf_t *cf);
 static char *ngx_http_limit_zone_merge_conf(ngx_conf_t *cf, void *parent,
@@ -123,6 +129,7 @@
 {
     size_t                          len, n;
     uint32_t                        hash;
+    ngx_uint_t                      i;
     ngx_slab_pool_t                *shpool;
     ngx_rbtree_node_t              *node;
     ngx_pool_cleanup_t             *cln;
@@ -130,6 +137,7 @@
     ngx_http_limit_zone_ctx_t      *ctx;
     ngx_http_limit_zone_node_t     *lz;
     ngx_http_limit_zone_conf_t     *lzcf;
+    ngx_http_limit_zone_limit_t    *limits;
     ngx_http_limit_zone_cleanup_t  *lzcln;
 
     if (r->main->limit_zone_set) {
@@ -137,97 +145,100 @@
     }
 
     lzcf = ngx_http_get_module_loc_conf(r, ngx_http_limit_zone_module);
+    limits = lzcf->limits.elts;
 
-    if (lzcf->shm_zone == NULL) {
-        return NGX_DECLINED;
-    }
+    r->main->limit_zone_set = 1;
 
-    ctx = lzcf->shm_zone->data;
+    for (i = 0; i < lzcf->limits.nelts; i++) {
+        ctx = limits[i].shm_zone->data;
 
-    vv = ngx_http_get_indexed_variable(r, ctx->index);
+        vv = ngx_http_get_indexed_variable(r, ctx->index);
 
-    if (vv == NULL || vv->not_found) {
-        return NGX_DECLINED;
-    }
+        if (vv == NULL || vv->not_found) {
+            continue;
+        }
 
-    len = vv->len;
+        len = vv->len;
 
-    if (len == 0) {
-        return NGX_DECLINED;
-    }
+        if (len == 0) {
+            continue;
+        }
 
-    if (len > 255) {
-        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
-                      "the value of the \"%V\" variable "
-                      "is more than 255 bytes: \"%v\"",
-                      &ctx->var, vv);
-        return NGX_DECLINED;
-    }
+        if (len > 255) {
+            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                          "the value of the \"%V\" variable "
+                          "is more than 255 bytes: \"%v\"",
+                          &ctx->var, vv);
+            continue;
+        }
 
-    r->main->limit_zone_set = 1;
+        hash = ngx_crc32_short(vv->data, len);
 
-    hash = ngx_crc32_short(vv->data, len);
+        shpool = (ngx_slab_pool_t *) limits[i].shm_zone->shm.addr;
 
-    cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_http_limit_zone_cleanup_t));
-    if (cln == NULL) {
-        return NGX_HTTP_INTERNAL_SERVER_ERROR;
-    }
+        ngx_shmtx_lock(&shpool->mutex);
 
-    shpool = (ngx_slab_pool_t *) lzcf->shm_zone->shm.addr;
+        node = ngx_http_limit_zone_lookup(ctx->rbtree, vv, hash);
 
-    ngx_shmtx_lock(&shpool->mutex);
+        if (node == NULL) {
 
-    node = ngx_http_limit_zone_lookup(ctx->rbtree, vv, hash);
+            n = offsetof(ngx_rbtree_node_t, color)
+                + offsetof(ngx_http_limit_zone_node_t, data)
+                + len;
 
-    if (node == NULL) {
+            node = ngx_slab_alloc_locked(shpool, n);
 
-        n = offsetof(ngx_rbtree_node_t, color)
-            + offsetof(ngx_http_limit_zone_node_t, data)
-            + len;
+            if (node == NULL) {
+                ngx_shmtx_unlock(&shpool->mutex);
+                ngx_http_limit_zone_cleanup_all(r->pool);
+                return NGX_HTTP_SERVICE_UNAVAILABLE;
+            }
 
-        node = ngx_slab_alloc_locked(shpool, n);
-        if (node == NULL) {
-            ngx_shmtx_unlock(&shpool->mutex);
-            return NGX_HTTP_SERVICE_UNAVAILABLE;
-        }
+            lz = (ngx_http_limit_zone_node_t *) &node->color;
 
-        lz = (ngx_http_limit_zone_node_t *) &node->color;
+            node->key = hash;
+            lz->len = (u_char) len;
+            lz->conn = 1;
+            ngx_memcpy(lz->data, vv->data, len);
 
-        node->key = hash;
-        lz->len = (u_char) len;
-        lz->conn = 1;
-        ngx_memcpy(lz->data, vv->data, len);
+            ngx_rbtree_insert(ctx->rbtree, node);
 
-        ngx_rbtree_insert(ctx->rbtree, node);
+        } else {
 
-    } else {
+            lz = (ngx_http_limit_zone_node_t *) &node->color;
 
-        lz = (ngx_http_limit_zone_node_t *) &node->color;
+            if ((ngx_uint_t) lz->conn >= limits[i].conn) {
 
-        if ((ngx_uint_t) lz->conn >= lzcf->conn) {
+                ngx_shmtx_unlock(&shpool->mutex);
 
-            ngx_shmtx_unlock(&shpool->mutex);
+                ngx_log_error(lzcf->log_level, r->connection->log, 0,
+                              "limiting connections by zone \"%V\"",
+                              &limits[i].shm_zone->shm.name);
 
-            ngx_log_error(lzcf->log_level, r->connection->log, 0,
-                          "limiting connections by zone \"%V\"",
-                          &lzcf->shm_zone->shm.name);
+                ngx_http_limit_zone_cleanup_all(r->pool);
+                return NGX_HTTP_SERVICE_UNAVAILABLE;
+            }
 
-            return NGX_HTTP_SERVICE_UNAVAILABLE;
+            lz->conn++;
         }
 
-        lz->conn++;
-    }
+        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+                       "limit zone: %08XD %d", node->key, lz->conn);
 
-    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
-                   "limit zone: %08XD %d", node->key, lz->conn);
+        ngx_shmtx_unlock(&shpool->mutex);
 
-    ngx_shmtx_unlock(&shpool->mutex);
+        cln = ngx_pool_cleanup_add(r->pool,
+                                   sizeof(ngx_http_limit_zone_cleanup_t));
+        if (cln == NULL) {
+            return NGX_HTTP_INTERNAL_SERVER_ERROR;
+        }
 
-    cln->handler = ngx_http_limit_zone_cleanup;
-    lzcln = cln->data;
+        cln->handler = ngx_http_limit_zone_cleanup;
+        lzcln = cln->data;
 
-    lzcln->shm_zone = lzcf->shm_zone;
-    lzcln->node = node;
+        lzcln->shm_zone = limits[i].shm_zone;
+        lzcln->node = node;
+    }
 
     return NGX_DECLINED;
 }
@@ -350,6 +361,22 @@
 }
 
 
+static ngx_inline void
+ngx_http_limit_zone_cleanup_all(ngx_pool_t *pool)
+{
+    ngx_pool_cleanup_t  *cln;
+
+    cln = pool->cleanup;
+
+    while (cln && cln->handler == ngx_http_limit_zone_cleanup) {
+        ngx_http_limit_zone_cleanup(cln->data);
+        cln = cln->next;
+    }
+
+    pool->cleanup = cln;
+}
+
+
 static ngx_int_t
 ngx_http_limit_zone_init_zone(ngx_shm_zone_t *shm_zone, void *data)
 {
@@ -426,8 +453,7 @@
     /*
      * set by ngx_pcalloc():
      *
-     *     conf->shm_zone = NULL;
-     *     conf->conn = 0;
+     *     conf->limits.elts = NULL;
      */
 
     conf->log_level = NGX_CONF_UNSET_UINT;
@@ -442,7 +468,7 @@
     ngx_http_limit_zone_conf_t *prev = parent;
     ngx_http_limit_zone_conf_t *conf = child;
 
-    if (conf->shm_zone == NULL) {
+    if (conf->limits.elts == NULL) {
         *conf = *prev;
     }
 
@@ -523,23 +549,39 @@
 static char *
 ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 {
-    ngx_http_limit_zone_conf_t  *lzcf = conf;
+    ngx_shm_zone_t               *shm_zone;
+    ngx_http_limit_zone_conf_t   *lzcf = conf;
+    ngx_http_limit_zone_limit_t  *limit, *limits;
 
+    ngx_str_t  *value;
     ngx_int_t   n;
-    ngx_str_t  *value;
+    ngx_uint_t  i;
 
-    if (lzcf->shm_zone) {
-        return "is duplicate";
-    }
-
     value = cf->args->elts;
 
-    lzcf->shm_zone = ngx_shared_memory_add(cf, &value[1], 0,
-                                           &ngx_http_limit_zone_module);
-    if (lzcf->shm_zone == NULL) {
+    shm_zone = ngx_shared_memory_add(cf, &value[1], 0,
+                                     &ngx_http_limit_zone_module);
+    if (shm_zone == NULL) {
         return NGX_CONF_ERROR;
     }
 
+    limits = lzcf->limits.elts;
+
+    if (limits == NULL) {
+        if (ngx_array_init(&lzcf->limits, cf->pool, 1,
+                           sizeof(ngx_http_limit_zone_limit_t))
+            != NGX_OK)
+        {
+            return NGX_CONF_ERROR;
+        }
+    }
+
+    for (i = 0; i < lzcf->limits.nelts; i++) {
+        if (shm_zone == limits[i].shm_zone) {
+            return "is duplicate";
+        }
+    }
+
     n = ngx_atoi(value[2].data, value[2].len);
     if (n <= 0) {
         ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
@@ -553,7 +595,9 @@
         return NGX_CONF_ERROR;
     }
 
-    lzcf->conn = n;
+    limit = ngx_array_push(&lzcf->limits);
+    limit->conn = n;
+    limit->shm_zone = shm_zone;
 
     return NGX_CONF_OK;
 }


From vbart at nginx.com  Thu Nov 10 16:25:09 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Thu, 10 Nov 2011 16:25:09 +0000
Subject: [nginx] svn commit:  r4273 - trunk/src/http/modules
Message-ID: 

Author: vbart
Date: 2011-11-10 16:25:08 +0000 (Thu, 10 Nov 2011)
New Revision: 4273

Modified:
   trunk/src/http/modules/ngx_http_limit_zone_module.c
Log:
Limit zone: added the "limit_conn_zone" directive.

It superseeds old "limit_zone" directive (deprecated accordingly) and uses
syntax consistent with the "limit_req_zone" directive.


Modified: trunk/src/http/modules/ngx_http_limit_zone_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-10 16:08:13 UTC (rev 4272)
+++ trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-10 16:25:08 UTC (rev 4273)
@@ -50,6 +50,8 @@
 static void *ngx_http_limit_zone_create_conf(ngx_conf_t *cf);
 static char *ngx_http_limit_zone_merge_conf(ngx_conf_t *cf, void *parent,
     void *child);
+static char *ngx_http_limit_conn_zone(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
 static char *ngx_http_limit_zone(ngx_conf_t *cf, ngx_command_t *cmd,
     void *conf);
 static char *ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd,
@@ -57,6 +59,11 @@
 static ngx_int_t ngx_http_limit_zone_init(ngx_conf_t *cf);
 
 
+static ngx_conf_deprecated_t  ngx_conf_deprecated_limit_zone = {
+    ngx_conf_deprecated, "limit_zone", "limit_conn_zone"
+};
+
+
 static ngx_conf_enum_t  ngx_http_limit_conn_log_levels[] = {
     { ngx_string("info"), NGX_LOG_INFO },
     { ngx_string("notice"), NGX_LOG_NOTICE },
@@ -68,6 +75,13 @@
 
 static ngx_command_t  ngx_http_limit_zone_commands[] = {
 
+    { ngx_string("limit_conn_zone"),
+      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE2,
+      ngx_http_limit_conn_zone,
+      0,
+      0,
+      NULL },
+
     { ngx_string("limit_zone"),
       NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE3,
       ngx_http_limit_zone,
@@ -392,7 +406,7 @@
     if (octx) {
         if (ngx_strcmp(ctx->var.data, octx->var.data) != 0) {
             ngx_log_error(NGX_LOG_EMERG, shm_zone->shm.log, 0,
-                          "limit_zone \"%V\" uses the \"%V\" variable "
+                          "limit_conn_zone \"%V\" uses the \"%V\" variable "
                           "while previously it used the \"%V\" variable",
                           &shm_zone->shm.name, &ctx->var, &octx->var);
             return NGX_ERROR;
@@ -426,14 +440,14 @@
     ngx_rbtree_init(ctx->rbtree, sentinel,
                     ngx_http_limit_zone_rbtree_insert_value);
 
-    len = sizeof(" in limit_zone \"\"") + shm_zone->shm.name.len;
+    len = sizeof(" in limit_conn_zone \"\"") + shm_zone->shm.name.len;
 
     shpool->log_ctx = ngx_slab_alloc(shpool, len);
     if (shpool->log_ctx == NULL) {
         return NGX_ERROR;
     }
 
-    ngx_sprintf(shpool->log_ctx, " in limit_zone \"%V\"%Z",
+    ngx_sprintf(shpool->log_ctx, " in limit_conn_zone \"%V\"%Z",
                 &shm_zone->shm.name);
 
     return NGX_OK;
@@ -479,6 +493,119 @@
 
 
 static char *
+ngx_http_limit_conn_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    u_char                     *p;
+    ssize_t                     size;
+    ngx_str_t                  *value, name, s;
+    ngx_uint_t                  i;
+    ngx_shm_zone_t             *shm_zone;
+    ngx_http_limit_zone_ctx_t  *ctx;
+
+    value = cf->args->elts;
+
+    ctx = NULL;
+    size = 0;
+    name.len = 0;
+
+    for (i = 1; i < cf->args->nelts; i++) {
+
+        if (ngx_strncmp(value[i].data, "zone=", 5) == 0) {
+
+            name.data = value[i].data + 5;
+
+            p = (u_char *) ngx_strchr(name.data, ':');
+
+            if (p == NULL) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "invalid zone size \"%V\"", &value[i]);
+                return NGX_CONF_ERROR;
+            }
+
+            name.len = p - name.data;
+
+            s.data = p + 1;
+            s.len = value[i].data + value[i].len - s.data;
+
+            size = ngx_parse_size(&s);
+
+            if (size == NGX_ERROR) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "invalid zone size \"%V\"", &value[i]);
+                return NGX_CONF_ERROR;
+            }
+
+            if (size < (ssize_t) (8 * ngx_pagesize)) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "zone \"%V\" is too small", &value[i]);
+                return NGX_CONF_ERROR;
+            }
+
+            continue;
+        }
+
+        if (value[i].data[0] == '$') {
+
+            value[i].len--;
+            value[i].data++;
+
+            ctx = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_zone_ctx_t));
+            if (ctx == NULL) {
+                return NGX_CONF_ERROR;
+            }
+
+            ctx->index = ngx_http_get_variable_index(cf, &value[i]);
+            if (ctx->index == NGX_ERROR) {
+                return NGX_CONF_ERROR;
+            }
+
+            ctx->var = value[i];
+
+            continue;
+        }
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid parameter \"%V\"", &value[i]);
+        return NGX_CONF_ERROR;
+    }
+
+    if (name.len == 0) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "\"%V\" must have \"zone\" parameter",
+                           &cmd->name);
+        return NGX_CONF_ERROR;
+    }
+
+    if (ctx == NULL) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "no variable is defined for %V \"%V\"",
+                           &cmd->name, &name);
+        return NGX_CONF_ERROR;
+    }
+
+    shm_zone = ngx_shared_memory_add(cf, &name, size,
+                                     &ngx_http_limit_zone_module);
+    if (shm_zone == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    if (shm_zone->data) {
+        ctx = shm_zone->data;
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "%V \"%V\" is already bound to variable \"%V\"",
+                           &cmd->name, &name, &ctx->var);
+        return NGX_CONF_ERROR;
+    }
+
+    shm_zone->init = ngx_http_limit_zone_init_zone;
+    shm_zone->data = ctx;
+
+    return NGX_CONF_OK;
+}
+
+
+static char *
 ngx_http_limit_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
 {
     ssize_t                     n;
@@ -486,6 +613,8 @@
     ngx_shm_zone_t             *shm_zone;
     ngx_http_limit_zone_ctx_t  *ctx;
 
+    ngx_conf_deprecated(cf, &ngx_conf_deprecated_limit_zone, NULL);
+
     value = cf->args->elts;
 
     if (value[2].data[0] != '$') {


From mdounin at mdounin.ru  Fri Nov 11 00:08:00 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 11 Nov 2011 03:08:00 +0300
Subject: [PATCH 0 of 5] ticket #45 related fixes
Message-ID: 

Hello!

Here are patch series which fixes several bugs in proxy_set_header
(as well as fastcgi/scgi/uwsgi_param) handling.

Inspired by ticket #45, see
http://trac.nginx.org/nginx/ticket/45

Tests are available here:
http://mdounin.ru/hg/nginx-tests/rev/23f81eb0a817

Maxim Dounin

p.s. Mecurial produces awfull diff for fastcgi part of "Separate
functions to merge fastcgi/scgi/uwsgi params" patch for some reason.  It's
in fact similar to scgi/uwsgi parts, i.e. no real changes.


From mdounin at mdounin.ru  Fri Nov 11 00:08:01 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 11 Nov 2011 03:08:01 +0300
Subject: [PATCH 1 of 5] Fixed proxy_set_header inheritance with proxy_cache
	(ticket #45)
In-Reply-To: 
References: 
Message-ID: <3a36355f93db9030e7a3.1320966481@vm-bsd.mdounin.ru>

# HG changeset patch
# User Maxim Dounin 
# Date 1320965910 -10800
# Node ID 3a36355f93db9030e7a39427a9e68cc1b6431044
# Parent  bec017127243c9287255589ed25ccf913e0d9a3e
Fixed proxy_set_header inheritance with proxy_cache (ticket #45).

Headers cleared with cache enabled (If-Modified-Since etc.) might be cleared
in unrelated servers/locations without proxy_cache enabled if proxy_cache was
used in some server/location.

Example config which triggered the problem:

    proxy_set_header X-Test "test";
    server { location /1 { proxy_cache name; proxy_pass ... } }
    server { location /2 { proxy_pass ... } }

Another one:

    server {
        proxy_cache name;
        location /1 { proxy_pass ... }
        location /2 { proxy_cache off; proxy_pass ... }
    }

In both cases If-Modified-Since header wasn't sent to backend in location /2.

Fix is to not modify conf->headers_source, but instead merge user-supplied
headers from conf->headers_source and default headers (either cache or not)
into separate headers_merged array.

diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -2875,7 +2875,7 @@ ngx_http_proxy_merge_headers(ngx_conf_t 
     size_t                        size;
     uintptr_t                    *code;
     ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
+    ngx_array_t                   headers_names, headers_merged;
     ngx_keyval_t                 *src, *s, *h;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -2906,6 +2906,12 @@ ngx_http_proxy_merge_headers(ngx_conf_t 
         return NGX_ERROR;
     }
 
+    if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+        != NGX_OK)
+    {
+        return NGX_ERROR;
+    }
+
     if (conf->headers_source == NULL) {
         conf->headers_source = ngx_array_create(cf->pool, 4,
                                                 sizeof(ngx_keyval_t));
@@ -2925,8 +2931,6 @@ ngx_http_proxy_merge_headers(ngx_conf_t 
     }
 
 
-    src = conf->headers_source->elts;
-
 #if (NGX_HTTP_CACHE)
 
     h = conf->upstream.cache ? ngx_http_proxy_cache_headers:
@@ -2937,31 +2941,41 @@ ngx_http_proxy_merge_headers(ngx_conf_t 
 
 #endif
 
+    src = conf->headers_source->elts;
+    for (i = 0; i < conf->headers_source->nelts; i++) {
+
+        s = ngx_array_push(&headers_merged);
+        if (s == NULL) {
+            return NGX_ERROR;
+        }
+
+        *s = src[i];
+    }
+
     while (h->key.len) {
 
-        for (i = 0; i < conf->headers_source->nelts; i++) {
+        src = headers_merged.elts;
+        for (i = 0; i < headers_merged.nelts; i++) {
             if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                 goto next;
             }
         }
 
-        s = ngx_array_push(conf->headers_source);
+        s = ngx_array_push(&headers_merged);
         if (s == NULL) {
             return NGX_ERROR;
         }
 
         *s = *h;
 
-        src = conf->headers_source->elts;
-
     next:
 
         h++;
     }
 
 
-    src = conf->headers_source->elts;
-    for (i = 0; i < conf->headers_source->nelts; i++) {
+    src = headers_merged.elts;
+    for (i = 0; i < headers_merged.nelts; i++) {
 
         hk = ngx_array_push(&headers_names);
         if (hk == NULL) {


From mdounin at mdounin.ru  Fri Nov 11 00:08:02 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 11 Nov 2011 03:08:02 +0300
Subject: [PATCH 2 of 5] Fixed proxy_set_header inheritance with proxy_set_body
In-Reply-To: 
References: 
Message-ID: 

# HG changeset patch
# User Maxim Dounin 
# Date 1320965912 -10800
# Node ID de56bca2d2e849444f52655c87b2e99c10c42f4a
# Parent  3a36355f93db9030e7a39427a9e68cc1b6431044
Fixed proxy_set_header inheritance with proxy_set_body.

diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -2493,7 +2493,6 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t
 
     u_char                     *p;
     size_t                      size;
-    ngx_keyval_t               *s;
     ngx_hash_init_t             hash;
     ngx_http_core_loc_conf_t   *clcf;
     ngx_http_proxy_redirect_t  *pr;
@@ -2841,22 +2840,6 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t
         if (ngx_http_script_compile(&sc) != NGX_OK) {
             return NGX_CONF_ERROR;
         }
-
-        if (conf->headers_source == NULL) {
-            conf->headers_source = ngx_array_create(cf->pool, 4,
-                                                    sizeof(ngx_keyval_t));
-            if (conf->headers_source == NULL) {
-                return NGX_CONF_ERROR;
-            }
-        }
-
-        s = ngx_array_push(conf->headers_source);
-        if (s == NULL) {
-            return NGX_CONF_ERROR;
-        }
-
-        ngx_str_set(&s->key, "Content-Length");
-        ngx_str_set(&s->value, "$proxy_internal_body_length");
     }
 
     if (ngx_http_proxy_merge_headers(cf, conf, prev) != NGX_OK) {
@@ -2891,6 +2874,8 @@ ngx_http_proxy_merge_headers(ngx_conf_t 
     }
 
     if (conf->headers_set_hash.buckets
+        && ((conf->body_source.data == NULL)
+            == (prev->body_source.data == NULL))
 #if (NGX_HTTP_CACHE)
         && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
 #endif
@@ -2973,6 +2958,16 @@ ngx_http_proxy_merge_headers(ngx_conf_t 
         h++;
     }
 
+    if (conf->body_source.data) {
+        s = ngx_array_push(&headers_merged);
+        if (s == NULL) {
+            return NGX_ERROR;
+        }
+
+        ngx_str_set(&s->key, "Content-Length");
+        ngx_str_set(&s->value, "$proxy_internal_body_length");
+    }
+
 
     src = headers_merged.elts;
     for (i = 0; i < headers_merged.nelts; i++) {


From mdounin at mdounin.ru  Fri Nov 11 00:08:03 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 11 Nov 2011 03:08:03 +0300
Subject: [PATCH 3 of 5] Fixed Upgrade header clearing with proxy_cache
In-Reply-To: 
References: 
Message-ID: 

# HG changeset patch
# User Maxim Dounin 
# Date 1320965914 -10800
# Node ID a0e9e95fbbf7913506f455669217f87c1b8da2de
# Parent  de56bca2d2e849444f52655c87b2e99c10c42f4a
Fixed Upgrade header clearing with proxy_cache.

This was missed in proxy HTTP/1.1 support commit (r4127).

diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -543,6 +543,7 @@ static ngx_keyval_t  ngx_http_proxy_cach
     { ngx_string("Connection"), ngx_string("close") },
     { ngx_string("Keep-Alive"), ngx_string("") },
     { ngx_string("Expect"), ngx_string("") },
+    { ngx_string("Upgrade"), ngx_string("") },
     { ngx_string("If-Modified-Since"), ngx_string("") },
     { ngx_string("If-Unmodified-Since"), ngx_string("") },
     { ngx_string("If-None-Match"), ngx_string("") },


From mdounin at mdounin.ru  Fri Nov 11 00:08:04 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 11 Nov 2011 03:08:04 +0300
Subject: [PATCH 4 of 5] Separate functions to merge fastcgi/scgi/uwsgi params
In-Reply-To: 
References: 
Message-ID: <9512a3b65290db26bfc7.1320966484@vm-bsd.mdounin.ru>

# HG changeset patch
# User Maxim Dounin 
# Date 1320965916 -10800
# Node ID 9512a3b65290db26bfc7b554e8b3ce8d13eb2458
# Parent  a0e9e95fbbf7913506f455669217f87c1b8da2de
Separate functions to merge fastcgi/scgi/uwsgi params.

No functional changes.

diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c
--- a/src/http/modules/ngx_http_fastcgi_module.c
+++ b/src/http/modules/ngx_http_fastcgi_module.c
@@ -147,6 +147,9 @@ static ngx_int_t ngx_http_fastcgi_add_va
 static void *ngx_http_fastcgi_create_loc_conf(ngx_conf_t *cf);
 static char *ngx_http_fastcgi_merge_loc_conf(ngx_conf_t *cf,
     void *parent, void *child);
+static ngx_int_t ngx_http_fastcgi_merge_params(ngx_conf_t *cf,
+    ngx_http_fastcgi_loc_conf_t *conf, ngx_http_fastcgi_loc_conf_t *prev);
+
 static ngx_int_t ngx_http_fastcgi_script_name_variable(ngx_http_request_t *r,
     ngx_http_variable_value_t *v, uintptr_t data);
 static ngx_int_t ngx_http_fastcgi_path_info_variable(ngx_http_request_t *r,
@@ -2085,6 +2088,280 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
     ngx_http_fastcgi_loc_conf_t *prev = parent;
     ngx_http_fastcgi_loc_conf_t *conf = child;
 
+    size_t                        size;
+    ngx_hash_init_t               hash;
+    ngx_http_core_loc_conf_t     *clcf;
+
+    if (conf->upstream.store != 0) {
+        ngx_conf_merge_value(conf->upstream.store,
+                              prev->upstream.store, 0);
+
+        if (conf->upstream.store_lengths == NULL) {
+            conf->upstream.store_lengths = prev->upstream.store_lengths;
+            conf->upstream.store_values = prev->upstream.store_values;
+        }
+    }
+
+    ngx_conf_merge_uint_value(conf->upstream.store_access,
+                              prev->upstream.store_access, 0600);
+
+    ngx_conf_merge_value(conf->upstream.buffering,
+                              prev->upstream.buffering, 1);
+
+    ngx_conf_merge_value(conf->upstream.ignore_client_abort,
+                              prev->upstream.ignore_client_abort, 0);
+
+    ngx_conf_merge_msec_value(conf->upstream.connect_timeout,
+                              prev->upstream.connect_timeout, 60000);
+
+    ngx_conf_merge_msec_value(conf->upstream.send_timeout,
+                              prev->upstream.send_timeout, 60000);
+
+    ngx_conf_merge_msec_value(conf->upstream.read_timeout,
+                              prev->upstream.read_timeout, 60000);
+
+    ngx_conf_merge_size_value(conf->upstream.send_lowat,
+                              prev->upstream.send_lowat, 0);
+
+    ngx_conf_merge_size_value(conf->upstream.buffer_size,
+                              prev->upstream.buffer_size,
+                              (size_t) ngx_pagesize);
+
+
+    ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
+                              8, ngx_pagesize);
+
+    if (conf->upstream.bufs.num < 2) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "there must be at least 2 \"fastcgi_buffers\"");
+        return NGX_CONF_ERROR;
+    }
+
+
+    size = conf->upstream.buffer_size;
+    if (size < conf->upstream.bufs.size) {
+        size = conf->upstream.bufs.size;
+    }
+
+
+    ngx_conf_merge_size_value(conf->upstream.busy_buffers_size_conf,
+                              prev->upstream.busy_buffers_size_conf,
+                              NGX_CONF_UNSET_SIZE);
+
+    if (conf->upstream.busy_buffers_size_conf == NGX_CONF_UNSET_SIZE) {
+        conf->upstream.busy_buffers_size = 2 * size;
+    } else {
+        conf->upstream.busy_buffers_size =
+                                         conf->upstream.busy_buffers_size_conf;
+    }
+
+    if (conf->upstream.busy_buffers_size < size) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+             "\"fastcgi_busy_buffers_size\" must be equal or bigger than "
+             "maximum of the value of \"fastcgi_buffer_size\" and "
+             "one of the \"fastcgi_buffers\"");
+
+        return NGX_CONF_ERROR;
+    }
+
+    if (conf->upstream.busy_buffers_size
+        > (conf->upstream.bufs.num - 1) * conf->upstream.bufs.size)
+    {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+             "\"fastcgi_busy_buffers_size\" must be less than "
+             "the size of all \"fastcgi_buffers\" minus one buffer");
+
+        return NGX_CONF_ERROR;
+    }
+
+
+    ngx_conf_merge_size_value(conf->upstream.temp_file_write_size_conf,
+                              prev->upstream.temp_file_write_size_conf,
+                              NGX_CONF_UNSET_SIZE);
+
+    if (conf->upstream.temp_file_write_size_conf == NGX_CONF_UNSET_SIZE) {
+        conf->upstream.temp_file_write_size = 2 * size;
+    } else {
+        conf->upstream.temp_file_write_size =
+                                      conf->upstream.temp_file_write_size_conf;
+    }
+
+    if (conf->upstream.temp_file_write_size < size) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+             "\"fastcgi_temp_file_write_size\" must be equal or bigger than "
+             "maximum of the value of \"fastcgi_buffer_size\" and "
+             "one of the \"fastcgi_buffers\"");
+
+        return NGX_CONF_ERROR;
+    }
+
+
+    ngx_conf_merge_size_value(conf->upstream.max_temp_file_size_conf,
+                              prev->upstream.max_temp_file_size_conf,
+                              NGX_CONF_UNSET_SIZE);
+
+    if (conf->upstream.max_temp_file_size_conf == NGX_CONF_UNSET_SIZE) {
+        conf->upstream.max_temp_file_size = 1024 * 1024 * 1024;
+    } else {
+        conf->upstream.max_temp_file_size =
+                                        conf->upstream.max_temp_file_size_conf;
+    }
+
+    if (conf->upstream.max_temp_file_size != 0
+        && conf->upstream.max_temp_file_size < size)
+    {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+             "\"fastcgi_max_temp_file_size\" must be equal to zero to disable "
+             "the temporary files usage or must be equal or bigger than "
+             "maximum of the value of \"fastcgi_buffer_size\" and "
+             "one of the \"fastcgi_buffers\"");
+
+        return NGX_CONF_ERROR;
+    }
+
+
+    ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers,
+                              prev->upstream.ignore_headers,
+                              NGX_CONF_BITMASK_SET);
+
+
+    ngx_conf_merge_bitmask_value(conf->upstream.next_upstream,
+                              prev->upstream.next_upstream,
+                              (NGX_CONF_BITMASK_SET
+                               |NGX_HTTP_UPSTREAM_FT_ERROR
+                               |NGX_HTTP_UPSTREAM_FT_TIMEOUT));
+
+    if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) {
+        conf->upstream.next_upstream = NGX_CONF_BITMASK_SET
+                                       |NGX_HTTP_UPSTREAM_FT_OFF;
+    }
+
+    if (ngx_conf_merge_path_value(cf, &conf->upstream.temp_path,
+                              prev->upstream.temp_path,
+                              &ngx_http_fastcgi_temp_path)
+        != NGX_OK)
+    {
+        return NGX_CONF_ERROR;
+    }
+
+#if (NGX_HTTP_CACHE)
+
+    ngx_conf_merge_ptr_value(conf->upstream.cache,
+                              prev->upstream.cache, NULL);
+
+    if (conf->upstream.cache && conf->upstream.cache->data == NULL) {
+        ngx_shm_zone_t  *shm_zone;
+
+        shm_zone = conf->upstream.cache;
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "\"fastcgi_cache\" zone \"%V\" is unknown",
+                           &shm_zone->shm.name);
+
+        return NGX_CONF_ERROR;
+    }
+
+    ngx_conf_merge_uint_value(conf->upstream.cache_min_uses,
+                              prev->upstream.cache_min_uses, 1);
+
+    ngx_conf_merge_bitmask_value(conf->upstream.cache_use_stale,
+                              prev->upstream.cache_use_stale,
+                              (NGX_CONF_BITMASK_SET
+                               |NGX_HTTP_UPSTREAM_FT_OFF));
+
+    if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_OFF) {
+        conf->upstream.cache_use_stale = NGX_CONF_BITMASK_SET
+                                         |NGX_HTTP_UPSTREAM_FT_OFF;
+    }
+
+    if (conf->upstream.cache_methods == 0) {
+        conf->upstream.cache_methods = prev->upstream.cache_methods;
+    }
+
+    conf->upstream.cache_methods |= NGX_HTTP_GET|NGX_HTTP_HEAD;
+
+    ngx_conf_merge_ptr_value(conf->upstream.cache_bypass,
+                             prev->upstream.cache_bypass, NULL);
+
+    ngx_conf_merge_ptr_value(conf->upstream.no_cache,
+                             prev->upstream.no_cache, NULL);
+
+    if (conf->upstream.no_cache && conf->upstream.cache_bypass == NULL) {
+        ngx_log_error(NGX_LOG_WARN, cf->log, 0,
+             "\"fastcgi_no_cache\" functionality has been changed in 0.8.46, "
+             "now it should be used together with \"fastcgi_cache_bypass\"");
+    }
+
+    ngx_conf_merge_ptr_value(conf->upstream.cache_valid,
+                             prev->upstream.cache_valid, NULL);
+
+    if (conf->cache_key.value.data == NULL) {
+        conf->cache_key = prev->cache_key;
+    }
+
+#endif
+
+    ngx_conf_merge_value(conf->upstream.pass_request_headers,
+                              prev->upstream.pass_request_headers, 1);
+    ngx_conf_merge_value(conf->upstream.pass_request_body,
+                              prev->upstream.pass_request_body, 1);
+
+    ngx_conf_merge_value(conf->upstream.intercept_errors,
+                              prev->upstream.intercept_errors, 0);
+
+    ngx_conf_merge_ptr_value(conf->catch_stderr, prev->catch_stderr, NULL);
+
+    ngx_conf_merge_value(conf->keep_conn, prev->keep_conn, 0);
+
+
+    ngx_conf_merge_str_value(conf->index, prev->index, "");
+
+    hash.max_size = 512;
+    hash.bucket_size = ngx_align(64, ngx_cacheline_size);
+    hash.name = "fastcgi_hide_headers_hash";
+
+    if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream,
+             &prev->upstream, ngx_http_fastcgi_hide_headers, &hash)
+        != NGX_OK)
+    {
+        return NGX_CONF_ERROR;
+    }
+
+    if (conf->upstream.upstream == NULL) {
+        conf->upstream.upstream = prev->upstream.upstream;
+    }
+
+    if (conf->fastcgi_lengths == NULL) {
+        conf->fastcgi_lengths = prev->fastcgi_lengths;
+        conf->fastcgi_values = prev->fastcgi_values;
+    }
+
+    if (conf->upstream.upstream || conf->fastcgi_lengths) {
+        clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+        if (clcf->handler == NULL && clcf->lmt_excpt) {
+            clcf->handler = ngx_http_fastcgi_handler;
+        }
+    }
+
+#if (NGX_PCRE)
+    if (conf->split_regex == NULL) {
+        conf->split_regex = prev->split_regex;
+        conf->split_name = prev->split_name;
+    }
+#endif
+
+    if (ngx_http_fastcgi_merge_params(cf, conf, prev) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_fastcgi_merge_params(ngx_conf_t *cf,
+    ngx_http_fastcgi_loc_conf_t *conf, ngx_http_fastcgi_loc_conf_t *prev)
+{
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
@@ -2093,268 +2370,9 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
-    ngx_http_core_loc_conf_t     *clcf;
     ngx_http_script_compile_t     sc;
     ngx_http_script_copy_code_t  *copy;
 
-    if (conf->upstream.store != 0) {
-        ngx_conf_merge_value(conf->upstream.store,
-                              prev->upstream.store, 0);
-
-        if (conf->upstream.store_lengths == NULL) {
-            conf->upstream.store_lengths = prev->upstream.store_lengths;
-            conf->upstream.store_values = prev->upstream.store_values;
-        }
-    }
-
-    ngx_conf_merge_uint_value(conf->upstream.store_access,
-                              prev->upstream.store_access, 0600);
-
-    ngx_conf_merge_value(conf->upstream.buffering,
-                              prev->upstream.buffering, 1);
-
-    ngx_conf_merge_value(conf->upstream.ignore_client_abort,
-                              prev->upstream.ignore_client_abort, 0);
-
-    ngx_conf_merge_msec_value(conf->upstream.connect_timeout,
-                              prev->upstream.connect_timeout, 60000);
-
-    ngx_conf_merge_msec_value(conf->upstream.send_timeout,
-                              prev->upstream.send_timeout, 60000);
-
-    ngx_conf_merge_msec_value(conf->upstream.read_timeout,
-                              prev->upstream.read_timeout, 60000);
-
-    ngx_conf_merge_size_value(conf->upstream.send_lowat,
-                              prev->upstream.send_lowat, 0);
-
-    ngx_conf_merge_size_value(conf->upstream.buffer_size,
-                              prev->upstream.buffer_size,
-                              (size_t) ngx_pagesize);
-
-
-    ngx_conf_merge_bufs_value(conf->upstream.bufs, prev->upstream.bufs,
-                              8, ngx_pagesize);
-
-    if (conf->upstream.bufs.num < 2) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "there must be at least 2 \"fastcgi_buffers\"");
-        return NGX_CONF_ERROR;
-    }
-
-
-    size = conf->upstream.buffer_size;
-    if (size < conf->upstream.bufs.size) {
-        size = conf->upstream.bufs.size;
-    }
-
-
-    ngx_conf_merge_size_value(conf->upstream.busy_buffers_size_conf,
-                              prev->upstream.busy_buffers_size_conf,
-                              NGX_CONF_UNSET_SIZE);
-
-    if (conf->upstream.busy_buffers_size_conf == NGX_CONF_UNSET_SIZE) {
-        conf->upstream.busy_buffers_size = 2 * size;
-    } else {
-        conf->upstream.busy_buffers_size =
-                                         conf->upstream.busy_buffers_size_conf;
-    }
-
-    if (conf->upstream.busy_buffers_size < size) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-             "\"fastcgi_busy_buffers_size\" must be equal or bigger than "
-             "maximum of the value of \"fastcgi_buffer_size\" and "
-             "one of the \"fastcgi_buffers\"");
-
-        return NGX_CONF_ERROR;
-    }
-
-    if (conf->upstream.busy_buffers_size
-        > (conf->upstream.bufs.num - 1) * conf->upstream.bufs.size)
-    {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-             "\"fastcgi_busy_buffers_size\" must be less than "
-             "the size of all \"fastcgi_buffers\" minus one buffer");
-
-        return NGX_CONF_ERROR;
-    }
-
-
-    ngx_conf_merge_size_value(conf->upstream.temp_file_write_size_conf,
-                              prev->upstream.temp_file_write_size_conf,
-                              NGX_CONF_UNSET_SIZE);
-
-    if (conf->upstream.temp_file_write_size_conf == NGX_CONF_UNSET_SIZE) {
-        conf->upstream.temp_file_write_size = 2 * size;
-    } else {
-        conf->upstream.temp_file_write_size =
-                                      conf->upstream.temp_file_write_size_conf;
-    }
-
-    if (conf->upstream.temp_file_write_size < size) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-             "\"fastcgi_temp_file_write_size\" must be equal or bigger than "
-             "maximum of the value of \"fastcgi_buffer_size\" and "
-             "one of the \"fastcgi_buffers\"");
-
-        return NGX_CONF_ERROR;
-    }
-
-
-    ngx_conf_merge_size_value(conf->upstream.max_temp_file_size_conf,
-                              prev->upstream.max_temp_file_size_conf,
-                              NGX_CONF_UNSET_SIZE);
-
-    if (conf->upstream.max_temp_file_size_conf == NGX_CONF_UNSET_SIZE) {
-        conf->upstream.max_temp_file_size = 1024 * 1024 * 1024;
-    } else {
-        conf->upstream.max_temp_file_size =
-                                        conf->upstream.max_temp_file_size_conf;
-    }
-
-    if (conf->upstream.max_temp_file_size != 0
-        && conf->upstream.max_temp_file_size < size)
-    {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-             "\"fastcgi_max_temp_file_size\" must be equal to zero to disable "
-             "the temporary files usage or must be equal or bigger than "
-             "maximum of the value of \"fastcgi_buffer_size\" and "
-             "one of the \"fastcgi_buffers\"");
-
-        return NGX_CONF_ERROR;
-    }
-
-
-    ngx_conf_merge_bitmask_value(conf->upstream.ignore_headers,
-                              prev->upstream.ignore_headers,
-                              NGX_CONF_BITMASK_SET);
-
-
-    ngx_conf_merge_bitmask_value(conf->upstream.next_upstream,
-                              prev->upstream.next_upstream,
-                              (NGX_CONF_BITMASK_SET
-                               |NGX_HTTP_UPSTREAM_FT_ERROR
-                               |NGX_HTTP_UPSTREAM_FT_TIMEOUT));
-
-    if (conf->upstream.next_upstream & NGX_HTTP_UPSTREAM_FT_OFF) {
-        conf->upstream.next_upstream = NGX_CONF_BITMASK_SET
-                                       |NGX_HTTP_UPSTREAM_FT_OFF;
-    }
-
-    if (ngx_conf_merge_path_value(cf, &conf->upstream.temp_path,
-                              prev->upstream.temp_path,
-                              &ngx_http_fastcgi_temp_path)
-        != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-#if (NGX_HTTP_CACHE)
-
-    ngx_conf_merge_ptr_value(conf->upstream.cache,
-                              prev->upstream.cache, NULL);
-
-    if (conf->upstream.cache && conf->upstream.cache->data == NULL) {
-        ngx_shm_zone_t  *shm_zone;
-
-        shm_zone = conf->upstream.cache;
-
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "\"fastcgi_cache\" zone \"%V\" is unknown",
-                           &shm_zone->shm.name);
-
-        return NGX_CONF_ERROR;
-    }
-
-    ngx_conf_merge_uint_value(conf->upstream.cache_min_uses,
-                              prev->upstream.cache_min_uses, 1);
-
-    ngx_conf_merge_bitmask_value(conf->upstream.cache_use_stale,
-                              prev->upstream.cache_use_stale,
-                              (NGX_CONF_BITMASK_SET
-                               |NGX_HTTP_UPSTREAM_FT_OFF));
-
-    if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_OFF) {
-        conf->upstream.cache_use_stale = NGX_CONF_BITMASK_SET
-                                         |NGX_HTTP_UPSTREAM_FT_OFF;
-    }
-
-    if (conf->upstream.cache_methods == 0) {
-        conf->upstream.cache_methods = prev->upstream.cache_methods;
-    }
-
-    conf->upstream.cache_methods |= NGX_HTTP_GET|NGX_HTTP_HEAD;
-
-    ngx_conf_merge_ptr_value(conf->upstream.cache_bypass,
-                             prev->upstream.cache_bypass, NULL);
-
-    ngx_conf_merge_ptr_value(conf->upstream.no_cache,
-                             prev->upstream.no_cache, NULL);
-
-    if (conf->upstream.no_cache && conf->upstream.cache_bypass == NULL) {
-        ngx_log_error(NGX_LOG_WARN, cf->log, 0,
-             "\"fastcgi_no_cache\" functionality has been changed in 0.8.46, "
-             "now it should be used together with \"fastcgi_cache_bypass\"");
-    }
-
-    ngx_conf_merge_ptr_value(conf->upstream.cache_valid,
-                             prev->upstream.cache_valid, NULL);
-
-    if (conf->cache_key.value.data == NULL) {
-        conf->cache_key = prev->cache_key;
-    }
-
-#endif
-
-    ngx_conf_merge_value(conf->upstream.pass_request_headers,
-                              prev->upstream.pass_request_headers, 1);
-    ngx_conf_merge_value(conf->upstream.pass_request_body,
-                              prev->upstream.pass_request_body, 1);
-
-    ngx_conf_merge_value(conf->upstream.intercept_errors,
-                              prev->upstream.intercept_errors, 0);
-
-    ngx_conf_merge_ptr_value(conf->catch_stderr, prev->catch_stderr, NULL);
-
-    ngx_conf_merge_value(conf->keep_conn, prev->keep_conn, 0);
-
-
-    ngx_conf_merge_str_value(conf->index, prev->index, "");
-
-    hash.max_size = 512;
-    hash.bucket_size = ngx_align(64, ngx_cacheline_size);
-    hash.name = "fastcgi_hide_headers_hash";
-
-    if (ngx_http_upstream_hide_headers_hash(cf, &conf->upstream,
-             &prev->upstream, ngx_http_fastcgi_hide_headers, &hash)
-        != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    if (conf->upstream.upstream == NULL) {
-        conf->upstream.upstream = prev->upstream.upstream;
-    }
-
-    if (conf->fastcgi_lengths == NULL) {
-        conf->fastcgi_lengths = prev->fastcgi_lengths;
-        conf->fastcgi_values = prev->fastcgi_values;
-    }
-
-    if (conf->upstream.upstream || conf->fastcgi_lengths) {
-        clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
-        if (clcf->handler == NULL && clcf->lmt_excpt) {
-            clcf->handler = ngx_http_fastcgi_handler;
-        }
-    }
-
-#if (NGX_PCRE)
-    if (conf->split_regex == NULL) {
-        conf->split_regex = prev->split_regex;
-        conf->split_name = prev->split_name;
-    }
-#endif
-
     if (conf->params_source == NULL) {
         conf->flushes = prev->flushes;
         conf->params_len = prev->params_len;
@@ -2369,20 +2387,20 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
             if ((conf->upstream.cache == NULL)
                 == (prev->upstream.cache == NULL))
             {
-                return NGX_CONF_OK;
+                return NGX_OK;
             }
 
             /* 6 is a number of ngx_http_fastcgi_cache_headers entries */
             conf->params_source = ngx_array_create(cf->pool, 6,
                                                    sizeof(ngx_keyval_t));
             if (conf->params_source == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
         }
 #else
 
         if (conf->params_source == NULL) {
-            return NGX_CONF_OK;
+            return NGX_OK;
         }
 
 #endif
@@ -2390,18 +2408,18 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
     if (conf->params_len == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     conf->params = ngx_array_create(cf->pool, 512, 1);
     if (conf->params == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
         != NGX_OK)
     {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     src = conf->params_source->elts;
@@ -2421,7 +2439,7 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
 
             s = ngx_array_push(conf->params_source);
             if (s == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             *s = *h;
@@ -2443,7 +2461,7 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
         {
             hk = ngx_array_push(&headers_names);
             if (hk == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             hk->key.len = src[i].key.len - 5;
@@ -2459,7 +2477,7 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
         copy = ngx_array_push_n(conf->params_len,
                                 sizeof(ngx_http_script_copy_code_t));
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
@@ -2468,11 +2486,11 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
 
         size = (sizeof(ngx_http_script_copy_code_t)
                 + src[i].key.len + sizeof(uintptr_t) - 1)
-                & ~(sizeof(uintptr_t) - 1);
+               & ~(sizeof(uintptr_t) - 1);
 
         copy = ngx_array_push_n(conf->params, size);
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = ngx_http_script_copy_code;
@@ -2491,12 +2509,12 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
         sc.values = &conf->params;
 
         if (ngx_http_script_compile(&sc) != NGX_OK) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -2504,7 +2522,7 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
 
         code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -2512,12 +2530,11 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
 
     code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
 
-
     conf->header_params = headers_names.nelts;
 
     hash.hash = &conf->headers_hash;
@@ -2528,12 +2545,7 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf
     hash.pool = cf->pool;
     hash.temp_pool = NULL;
 
-    if (ngx_hash_init(&hash, headers_names.elts, headers_names.nelts) != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    return NGX_CONF_OK;
+    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
 }
 
 
diff --git a/src/http/modules/ngx_http_scgi_module.c b/src/http/modules/ngx_http_scgi_module.c
--- a/src/http/modules/ngx_http_scgi_module.c
+++ b/src/http/modules/ngx_http_scgi_module.c
@@ -43,6 +43,8 @@ static void ngx_http_scgi_finalize_reque
 static void *ngx_http_scgi_create_loc_conf(ngx_conf_t *cf);
 static char *ngx_http_scgi_merge_loc_conf(ngx_conf_t *cf, void *parent,
     void *child);
+static ngx_int_t ngx_http_scgi_merge_params(ngx_conf_t *cf,
+    ngx_http_scgi_loc_conf_t *conf, ngx_http_scgi_loc_conf_t *prev);
 
 static char *ngx_http_scgi_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
 static char *ngx_http_scgi_store(ngx_conf_t *cf, ngx_command_t *cmd,
@@ -1059,17 +1061,9 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
     ngx_http_scgi_loc_conf_t *prev = parent;
     ngx_http_scgi_loc_conf_t *conf = child;
 
-    u_char                       *p;
     size_t                        size;
-    uintptr_t                    *code;
-    ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
-    ngx_keyval_t                 *src;
-    ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
     ngx_http_core_loc_conf_t     *clcf;
-    ngx_http_script_compile_t     sc;
-    ngx_http_script_copy_code_t  *copy;
 
     if (conf->upstream.store != 0) {
         ngx_conf_merge_value(conf->upstream.store, prev->upstream.store, 0);
@@ -1307,6 +1301,29 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
         }
     }
 
+    if (ngx_http_scgi_merge_params(cf, conf, prev) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_scgi_merge_params(ngx_conf_t *cf, ngx_http_scgi_loc_conf_t *conf,
+    ngx_http_scgi_loc_conf_t *prev)
+{
+    u_char                       *p;
+    size_t                        size;
+    uintptr_t                    *code;
+    ngx_uint_t                    i;
+    ngx_array_t                   headers_names;
+    ngx_keyval_t                 *src;
+    ngx_hash_key_t               *hk;
+    ngx_hash_init_t               hash;
+    ngx_http_script_compile_t     sc;
+    ngx_http_script_copy_code_t  *copy;
+
     if (conf->params_source == NULL) {
         conf->flushes = prev->flushes;
         conf->params_len = prev->params_len;
@@ -1321,20 +1338,20 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
             if ((conf->upstream.cache == NULL)
                 == (prev->upstream.cache == NULL))
             {
-                return NGX_CONF_OK;
+                return NGX_OK;
             }
 
             /* 6 is a number of ngx_http_scgi_cache_headers entries */
             conf->params_source = ngx_array_create(cf->pool, 6,
                                                    sizeof(ngx_keyval_t));
             if (conf->params_source == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
         }
 #else
 
         if (conf->params_source == NULL) {
-            return NGX_CONF_OK;
+            return NGX_OK;
         }
 
 #endif
@@ -1342,18 +1359,18 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
     if (conf->params_len == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     conf->params = ngx_array_create(cf->pool, 512, 1);
     if (conf->params == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
         != NGX_OK)
     {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     src = conf->params_source->elts;
@@ -1373,7 +1390,7 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
 
             s = ngx_array_push(conf->params_source);
             if (s == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             *s = *h;
@@ -1395,7 +1412,7 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
         {
             hk = ngx_array_push(&headers_names);
             if (hk == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             hk->key.len = src[i].key.len - 5;
@@ -1411,7 +1428,7 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
         copy = ngx_array_push_n(conf->params_len,
                                 sizeof(ngx_http_script_copy_code_t));
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
@@ -1424,7 +1441,7 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
 
         copy = ngx_array_push_n(conf->params, size);
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = ngx_http_script_copy_code;
@@ -1443,12 +1460,12 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
         sc.values = &conf->params;
 
         if (ngx_http_script_compile(&sc) != NGX_OK) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1456,7 +1473,7 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
 
         code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1464,14 +1481,14 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
 
     code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
 
     code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
@@ -1486,12 +1503,7 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t 
     hash.pool = cf->pool;
     hash.temp_pool = NULL;
 
-    if (ngx_hash_init(&hash, headers_names.elts, headers_names.nelts) != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    return NGX_CONF_OK;
+    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
 }
 
 
diff --git a/src/http/modules/ngx_http_uwsgi_module.c b/src/http/modules/ngx_http_uwsgi_module.c
--- a/src/http/modules/ngx_http_uwsgi_module.c
+++ b/src/http/modules/ngx_http_uwsgi_module.c
@@ -50,6 +50,8 @@ static void ngx_http_uwsgi_finalize_requ
 static void *ngx_http_uwsgi_create_loc_conf(ngx_conf_t *cf);
 static char *ngx_http_uwsgi_merge_loc_conf(ngx_conf_t *cf, void *parent,
     void *child);
+static ngx_int_t ngx_http_uwsgi_merge_params(ngx_conf_t *cf,
+    ngx_http_uwsgi_loc_conf_t *conf, ngx_http_uwsgi_loc_conf_t *prev);
 
 static char *ngx_http_uwsgi_pass(ngx_conf_t *cf, ngx_command_t *cmd,
     void *conf);
@@ -1112,17 +1114,9 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
     ngx_http_uwsgi_loc_conf_t *prev = parent;
     ngx_http_uwsgi_loc_conf_t *conf = child;
 
-    u_char                       *p;
     size_t                        size;
-    uintptr_t                    *code;
-    ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
-    ngx_keyval_t                 *src;
-    ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
     ngx_http_core_loc_conf_t     *clcf;
-    ngx_http_script_compile_t     sc;
-    ngx_http_script_copy_code_t  *copy;
 
     if (conf->upstream.store != 0) {
         ngx_conf_merge_value(conf->upstream.store, prev->upstream.store, 0);
@@ -1365,6 +1359,29 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
     ngx_conf_merge_uint_value(conf->modifier1, prev->modifier1, 0);
     ngx_conf_merge_uint_value(conf->modifier2, prev->modifier2, 0);
 
+    if (ngx_http_uwsgi_merge_params(cf, conf, prev) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_uwsgi_merge_params(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *conf,
+    ngx_http_uwsgi_loc_conf_t *prev)
+{
+    u_char                       *p;
+    size_t                        size;
+    uintptr_t                    *code;
+    ngx_uint_t                    i;
+    ngx_array_t                   headers_names;
+    ngx_keyval_t                 *src;
+    ngx_hash_key_t               *hk;
+    ngx_hash_init_t               hash;
+    ngx_http_script_compile_t     sc;
+    ngx_http_script_copy_code_t  *copy;
+
     if (conf->params_source == NULL) {
         conf->flushes = prev->flushes;
         conf->params_len = prev->params_len;
@@ -1379,20 +1396,20 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
             if ((conf->upstream.cache == NULL)
                 == (prev->upstream.cache == NULL))
             {
-                return NGX_CONF_OK;
+                return NGX_OK;
             }
 
             /* 6 is a number of ngx_http_uwsgi_cache_headers entries */
             conf->params_source = ngx_array_create(cf->pool, 6,
                                                    sizeof(ngx_keyval_t));
             if (conf->params_source == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
         }
 #else
 
         if (conf->params_source == NULL) {
-            return NGX_CONF_OK;
+            return NGX_OK;
         }
 
 #endif
@@ -1400,18 +1417,18 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
     if (conf->params_len == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     conf->params = ngx_array_create(cf->pool, 512, 1);
     if (conf->params == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
         != NGX_OK)
     {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     src = conf->params_source->elts;
@@ -1431,7 +1448,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
 
             s = ngx_array_push(conf->params_source);
             if (s == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             *s = *h;
@@ -1453,7 +1470,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
         {
             hk = ngx_array_push(&headers_names);
             if (hk == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             hk->key.len = src[i].key.len - 5;
@@ -1469,7 +1486,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
         copy = ngx_array_push_n(conf->params_len,
                                 sizeof(ngx_http_script_copy_code_t));
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
@@ -1482,7 +1499,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
 
         copy = ngx_array_push_n(conf->params, size);
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = ngx_http_script_copy_code;
@@ -1501,12 +1518,12 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
         sc.values = &conf->params;
 
         if (ngx_http_script_compile(&sc) != NGX_OK) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1514,7 +1531,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
 
         code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1522,7 +1539,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
 
     code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
@@ -1537,12 +1554,7 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t
     hash.pool = cf->pool;
     hash.temp_pool = NULL;
 
-    if (ngx_hash_init(&hash, headers_names.elts, headers_names.nelts) != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    return NGX_CONF_OK;
+    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
 }
 
 


From mdounin at mdounin.ru  Fri Nov 11 00:08:05 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 11 Nov 2011 03:08:05 +0300
Subject: [PATCH 5 of 5] Fixed fastcgi/scgi/uwsgi_param inheritance
In-Reply-To: 
References: 
Message-ID: <2bd4b516e87456f20d1a.1320966485@vm-bsd.mdounin.ru>

# HG changeset patch
# User Maxim Dounin 
# Date 1320965995 -10800
# Node ID 2bd4b516e87456f20d1ad85064348963a718db3a
# Parent  9512a3b65290db26bfc7b554e8b3ce8d13eb2458
Fixed fastcgi/scgi/uwsgi_param inheritance.

The following problems were fixed:

1. Directive fastcgi_cache affected headers sent to backends in unrelated
   servers / locations (see ticket #45).

2. If-Unmodified-Since, If-Match and If-Range headers were sent to backends
   if fastcgi_cache was used.

3. Cache-related headers were sent to backends if there were no fastcgi_param
   directives and fastcgi_cache was used at server level.

diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c
--- a/src/http/modules/ngx_http_fastcgi_module.c
+++ b/src/http/modules/ngx_http_fastcgi_module.c
@@ -2365,8 +2365,11 @@ ngx_http_fastcgi_merge_params(ngx_conf_t
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
-    ngx_uint_t                    i;
+    ngx_uint_t                    i, nsrc;
     ngx_array_t                   headers_names;
+#if (NGX_HTTP_CACHE)
+    ngx_array_t                   params_merged;
+#endif
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -2374,36 +2377,32 @@ ngx_http_fastcgi_merge_params(ngx_conf_t
     ngx_http_script_copy_code_t  *copy;
 
     if (conf->params_source == NULL) {
-        conf->flushes = prev->flushes;
-        conf->params_len = prev->params_len;
-        conf->params = prev->params;
         conf->params_source = prev->params_source;
-        conf->headers_hash = prev->headers_hash;
-
+
+        if (prev->headers_hash.buckets
 #if (NGX_HTTP_CACHE)
-
-        if (conf->params_source == NULL) {
-
-            if ((conf->upstream.cache == NULL)
-                == (prev->upstream.cache == NULL))
-            {
-                return NGX_OK;
-            }
-
-            /* 6 is a number of ngx_http_fastcgi_cache_headers entries */
-            conf->params_source = ngx_array_create(cf->pool, 6,
-                                                   sizeof(ngx_keyval_t));
-            if (conf->params_source == NULL) {
-                return NGX_ERROR;
-            }
-        }
-#else
-
-        if (conf->params_source == NULL) {
+            && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
+#endif
+           )
+        {
+            conf->flushes = prev->flushes;
+            conf->params_len = prev->params_len;
+            conf->params = prev->params;
+            conf->headers_hash = prev->headers_hash;
+            conf->header_params = prev->header_params;
+
             return NGX_OK;
         }
-
+    }
+
+    if (conf->params_source == NULL
+#if (NGX_HTTP_CACHE)
+        && (conf->upstream.cache == NULL)
 #endif
+       )
+    {
+        conf->headers_hash.buckets = (void *) 1;
+        return NGX_OK;
     }
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
@@ -2422,39 +2421,68 @@ ngx_http_fastcgi_merge_params(ngx_conf_t
         return NGX_ERROR;
     }
 
-    src = conf->params_source->elts;
+    if (conf->params_source) {
+        src = conf->params_source->elts;
+        nsrc = conf->params_source->nelts;
+
+    } else {
+        src = NULL;
+        nsrc = 0;
+    }
 
 #if (NGX_HTTP_CACHE)
 
     if (conf->upstream.cache) {
         ngx_keyval_t  *h, *s;
 
-        for (h = ngx_http_fastcgi_cache_headers; h->key.len; h++) {
-
-            for (i = 0; i < conf->params_source->nelts; i++) {
+        if (ngx_array_init(¶ms_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+            != NGX_OK)
+        {
+            return NGX_ERROR;
+        }
+
+        for (i = 0; i < nsrc; i++) {
+
+            s = ngx_array_push(¶ms_merged);
+            if (s == NULL) {
+                return NGX_ERROR;
+            }
+
+            *s = src[i];
+        }
+
+        h = ngx_http_fastcgi_cache_headers;
+
+        while (h->key.len) {
+
+            src = params_merged.elts;
+            nsrc = params_merged.nelts;
+
+            for (i = 0; i < nsrc; i++) {
                 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                     goto next;
                 }
             }
 
-            s = ngx_array_push(conf->params_source);
+            s = ngx_array_push(¶ms_merged);
             if (s == NULL) {
                 return NGX_ERROR;
             }
 
             *s = *h;
 
-            src = conf->params_source->elts;
-
         next:
 
             h++;
         }
+
+        src = params_merged.elts;
+        nsrc = params_merged.nelts;
     }
 
 #endif
 
-    for (i = 0; i < conf->params_source->nelts; i++) {
+    for (i = 0; i < nsrc; i++) {
 
         if (src[i].key.len > sizeof("HTTP_") - 1
             && ngx_strncmp(src[i].key.data, "HTTP_", sizeof("HTTP_") - 1) == 0)
diff --git a/src/http/modules/ngx_http_scgi_module.c b/src/http/modules/ngx_http_scgi_module.c
--- a/src/http/modules/ngx_http_scgi_module.c
+++ b/src/http/modules/ngx_http_scgi_module.c
@@ -1316,8 +1316,11 @@ ngx_http_scgi_merge_params(ngx_conf_t *c
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
-    ngx_uint_t                    i;
+    ngx_uint_t                    i, nsrc;
     ngx_array_t                   headers_names;
+#if (NGX_HTTP_CACHE)
+    ngx_array_t                   params_merged;
+#endif
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -1325,36 +1328,32 @@ ngx_http_scgi_merge_params(ngx_conf_t *c
     ngx_http_script_copy_code_t  *copy;
 
     if (conf->params_source == NULL) {
-        conf->flushes = prev->flushes;
-        conf->params_len = prev->params_len;
-        conf->params = prev->params;
         conf->params_source = prev->params_source;
-        conf->headers_hash = prev->headers_hash;
 
+        if (prev->headers_hash.buckets
 #if (NGX_HTTP_CACHE)
+            && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
+#endif
+           )
+        {
+            conf->flushes = prev->flushes;
+            conf->params_len = prev->params_len;
+            conf->params = prev->params;
+            conf->headers_hash = prev->headers_hash;
+            conf->header_params = prev->header_params;
 
-        if (conf->params_source == NULL) {
-
-            if ((conf->upstream.cache == NULL)
-                == (prev->upstream.cache == NULL))
-            {
-                return NGX_OK;
-            }
-
-            /* 6 is a number of ngx_http_scgi_cache_headers entries */
-            conf->params_source = ngx_array_create(cf->pool, 6,
-                                                   sizeof(ngx_keyval_t));
-            if (conf->params_source == NULL) {
-                return NGX_ERROR;
-            }
-        }
-#else
-
-        if (conf->params_source == NULL) {
             return NGX_OK;
         }
+    }
 
+    if (conf->params_source == NULL
+#if (NGX_HTTP_CACHE)
+        && (conf->upstream.cache == NULL)
 #endif
+       )
+    {
+        conf->headers_hash.buckets = (void *) 1;
+        return NGX_OK;
     }
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
@@ -1373,39 +1372,68 @@ ngx_http_scgi_merge_params(ngx_conf_t *c
         return NGX_ERROR;
     }
 
-    src = conf->params_source->elts;
+    if (conf->params_source) {
+        src = conf->params_source->elts;
+        nsrc = conf->params_source->nelts;
+
+    } else {
+        src = NULL;
+        nsrc = 0;
+    }
 
 #if (NGX_HTTP_CACHE)
 
     if (conf->upstream.cache) {
         ngx_keyval_t  *h, *s;
 
-        for (h = ngx_http_scgi_cache_headers; h->key.len; h++) {
+        if (ngx_array_init(¶ms_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+            != NGX_OK)
+        {
+            return NGX_ERROR;
+        }
 
-            for (i = 0; i < conf->params_source->nelts; i++) {
+        for (i = 0; i < nsrc; i++) {
+
+            s = ngx_array_push(¶ms_merged);
+            if (s == NULL) {
+                return NGX_ERROR;
+            }
+
+            *s = src[i];
+        }
+
+        h = ngx_http_scgi_cache_headers;
+
+        while (h->key.len) {
+
+            src = params_merged.elts;
+            nsrc = params_merged.nelts;
+
+            for (i = 0; i < nsrc; i++) {
                 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                     goto next;
                 }
             }
 
-            s = ngx_array_push(conf->params_source);
+            s = ngx_array_push(¶ms_merged);
             if (s == NULL) {
                 return NGX_ERROR;
             }
 
             *s = *h;
 
-            src = conf->params_source->elts;
-
         next:
 
             h++;
         }
+
+        src = params_merged.elts;
+        nsrc = params_merged.nelts;
     }
 
 #endif
 
-    for (i = 0; i < conf->params_source->nelts; i++) {
+    for (i = 0; i < nsrc; i++) {
 
         if (src[i].key.len > sizeof("HTTP_") - 1
             && ngx_strncmp(src[i].key.data, "HTTP_", sizeof("HTTP_") - 1) == 0)
diff --git a/src/http/modules/ngx_http_uwsgi_module.c b/src/http/modules/ngx_http_uwsgi_module.c
--- a/src/http/modules/ngx_http_uwsgi_module.c
+++ b/src/http/modules/ngx_http_uwsgi_module.c
@@ -1374,8 +1374,11 @@ ngx_http_uwsgi_merge_params(ngx_conf_t *
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
-    ngx_uint_t                    i;
+    ngx_uint_t                    i, nsrc;
     ngx_array_t                   headers_names;
+#if (NGX_HTTP_CACHE)
+    ngx_array_t                   params_merged;
+#endif
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -1383,36 +1386,32 @@ ngx_http_uwsgi_merge_params(ngx_conf_t *
     ngx_http_script_copy_code_t  *copy;
 
     if (conf->params_source == NULL) {
-        conf->flushes = prev->flushes;
-        conf->params_len = prev->params_len;
-        conf->params = prev->params;
         conf->params_source = prev->params_source;
-        conf->headers_hash = prev->headers_hash;
 
+        if (prev->headers_hash.buckets
 #if (NGX_HTTP_CACHE)
+            && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
+#endif
+           )
+        {
+            conf->flushes = prev->flushes;
+            conf->params_len = prev->params_len;
+            conf->params = prev->params;
+            conf->headers_hash = prev->headers_hash;
+            conf->header_params = prev->header_params;
 
-        if (conf->params_source == NULL) {
-
-            if ((conf->upstream.cache == NULL)
-                == (prev->upstream.cache == NULL))
-            {
-                return NGX_OK;
-            }
-
-            /* 6 is a number of ngx_http_uwsgi_cache_headers entries */
-            conf->params_source = ngx_array_create(cf->pool, 6,
-                                                   sizeof(ngx_keyval_t));
-            if (conf->params_source == NULL) {
-                return NGX_ERROR;
-            }
-        }
-#else
-
-        if (conf->params_source == NULL) {
             return NGX_OK;
         }
+    }
 
+    if (conf->params_source == NULL
+#if (NGX_HTTP_CACHE)
+        && (conf->upstream.cache == NULL)
 #endif
+       )
+    {
+        conf->headers_hash.buckets = (void *) 1;
+        return NGX_OK;
     }
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
@@ -1431,39 +1430,68 @@ ngx_http_uwsgi_merge_params(ngx_conf_t *
         return NGX_ERROR;
     }
 
-    src = conf->params_source->elts;
+    if (conf->params_source) {
+        src = conf->params_source->elts;
+        nsrc = conf->params_source->nelts;
+
+    } else {
+        src = NULL;
+        nsrc = 0;
+    }
 
 #if (NGX_HTTP_CACHE)
 
     if (conf->upstream.cache) {
         ngx_keyval_t  *h, *s;
 
-        for (h = ngx_http_uwsgi_cache_headers; h->key.len; h++) {
+        if (ngx_array_init(¶ms_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+            != NGX_OK)
+        {
+            return NGX_ERROR;
+        }
 
-            for (i = 0; i < conf->params_source->nelts; i++) {
+        for (i = 0; i < nsrc; i++) {
+
+            s = ngx_array_push(¶ms_merged);
+            if (s == NULL) {
+                return NGX_ERROR;
+            }
+
+            *s = src[i];
+        }
+
+        h = ngx_http_uwsgi_cache_headers;
+
+        while (h->key.len) {
+
+            src = params_merged.elts;
+            nsrc = params_merged.nelts;
+
+            for (i = 0; i < nsrc; i++) {
                 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                     goto next;
                 }
             }
 
-            s = ngx_array_push(conf->params_source);
+            s = ngx_array_push(¶ms_merged);
             if (s == NULL) {
                 return NGX_ERROR;
             }
 
             *s = *h;
 
-            src = conf->params_source->elts;
-
         next:
 
             h++;
         }
+
+        src = params_merged.elts;
+        nsrc = params_merged.nelts;
     }
 
 #endif
 
-    for (i = 0; i < conf->params_source->nelts; i++) {
+    for (i = 0; i < nsrc; i++) {
 
         if (src[i].key.len > sizeof("HTTP_") - 1
             && ngx_strncmp(src[i].key.data, "HTTP_", sizeof("HTTP_") - 1) == 0)


From magicbearmo at gmail.com  Sat Nov 12 11:14:39 2011
From: magicbearmo at gmail.com (MagicBear)
Date: Sat, 12 Nov 2011 19:14:39 +0800
Subject: nginx crash
Message-ID: 

2011/11/12 19:00:16 [alert] 7552#0: ignore long locked inactive cache
entry 26b0312d67bd41ef132ce5b8a4445ffa, count:1
2011/11/12 19:02:17 [alert] 7552#0: ignore long locked inactive cache
entry ac307ce9b33a01a04f4f17c187d9b11a, count:1
2011/11/12 19:02:45 [alert] 7552#0: ignore long locked inactive cache
entry e5fa15e3f856238feb5e0b7128120e20, count:1
2011/11/12 19:03:59 [alert] 7552#0: ignore long locked inactive cache
entry 1eb06fe015c489159f15b514bb333931, count:1
2011/11/12 19:04:46 [alert] 7552#0: ignore long locked inactive cache
entry 5023f1eb7e74908ae75d6a7a57ac4dfd, count:2
2011/11/12 19:05:41 [alert] 7552#0: ignore long locked inactive cache
entry 9fda125ea01601b6a32536afd2c59aa2, count:1
2011/11/12 19:06:02 [alert] 7547#0: worker process 7548 exited on
signal 11 (core dumped)



nginx: nginx version: nginx/1.1.7
nginx: built by gcc 4.6.1 (Ubuntu/Linaro 4.6.1-9ubuntu3)
nginx: TLS SNI support enabled
nginx: configure arguments: --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock
--http-log-path=/var/log/nginx/access.log
--http-client-body-temp-path=/var/lib/nginx/body
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi
--http-proxy-temp-path=/var/lib/nginx/proxy
--with-http_stub_status_module --without-select_module
--without-http_uwsgi_module --without-http_auth_basic_module
--without-http_geo_module --without-http_empty_gif_module
--with-http_ssl_module --with-http_gzip_static_module
--with-http_realip_module --add-module=../ngx_cache_purge-1.4
--with-google_perftools_module
--add-module=../chaoslawful-lua-nginx-module-71993f1
--add-module=../nginx-accesskey-2.0.3/




GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
...
"/var/www/ngx_coredump/core": not in executable format: File format
not recognized
"/usr/sbin/nginx" is not a core dump: File format not recognized
(gdb) bt
No stack.
(gdb) ^CQuit
(gdb) ^CQuit
(gdb) quit
root at cn-sd-wt:/var/www/ngx_coredump# gdb `which nginx` core
GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
...
Reading symbols from /usr/sbin/nginx...done.
[New LWP 7548]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Core was generated by `nginx:'.
Program terminated with signal 11, Segmentation fault.
#0  ngx_rbtree_min (sentinel=, node=0x0) at
src/core/ngx_rbtree.h:75
75          while (node->left != sentinel) {
(gdb) bt
#0  ngx_rbtree_min (sentinel=, node=0x0) at
src/core/ngx_rbtree.h:75
#1  ngx_rbtree_delete (tree=0x7f59d00d7000, node=0x7f59d00db080) at
src/core/ngx_rbtree.c:178
#2  0x0000000000451a04 in ngx_http_file_cache_free (c=0x1c8d4f0,
tf=0x1c8dfd0) at src/http/ngx_http_file_cache.c:956
#3  0x0000000000447739 in ngx_http_upstream_process_request
(r=0x21b8af0) at src/http/ngx_http_upstream.c:2738
#4  0x000000000044781b in ngx_http_upstream_process_upstream
(r=0x21b8af0, u=0x21e0c88) at src/http/ngx_http_upstream.c:2677
#5  0x000000000044790c in ngx_http_upstream_handler (ev=) at src/http/ngx_http_upstream.c:935
#6  0x0000000000425959 in ngx_event_expire_timers () at
src/event/ngx_event_timer.c:149
#7  0x0000000000425590 in ngx_process_events_and_timers
(cycle=0x1a45c40) at src/event/ngx_event.c:261
#8  0x000000000042b2d7 in ngx_worker_process_cycle (cycle=0x1a45c40,
data=) at src/os/unix/ngx_process_cycle.c:801
#9  0x0000000000429cd2 in ngx_spawn_process (cycle=0x1a45c40,
proc=0x42b206 , data=0x0, name=0x47e0e5
"worker process", respawn=-3) at src/os/unix/ngx_process.c:196
#10 0x000000000042a986 in ngx_start_worker_processes (cycle=0x1a45c40,
n=4, type=-3) at src/os/unix/ngx_process_cycle.c:360
#11 0x000000000042b990 in ngx_master_process_cycle (cycle=0x1a45c40)
at src/os/unix/ngx_process_cycle.c:136
#12 0x00000000004119ea in main (argc=, argv=) at src/core/nginx.c:403
(gdb) bt full
#0  ngx_rbtree_min (sentinel=, node=0x0) at
src/core/ngx_rbtree.h:75
No locals.
#1  ngx_rbtree_delete (tree=0x7f59d00d7000, node=0x7f59d00db080) at
src/core/ngx_rbtree.c:178
        red = 
        root = 0x7f59d00d7000
        sentinel = 0x7f59d00d7018
        subst = 
        temp = 
        w = 
#2  0x0000000000451a04 in ngx_http_file_cache_free (c=0x1c8d4f0,
tf=0x1c8dfd0) at src/http/ngx_http_file_cache.c:956
        cache = 0x1a97650
        fcn = 0x7f59d00db080
#3  0x0000000000447739 in ngx_http_upstream_process_request
(r=0x21b8af0) at src/http/ngx_http_upstream.c:2738
        del = 
        tf = 
        p = 0x21e1078
        u = 0x21e0c88
#4  0x000000000044781b in ngx_http_upstream_process_upstream
(r=0x21b8af0, u=0x21e0c88) at src/http/ngx_http_upstream.c:2677
        c = 
#5  0x000000000044790c in ngx_http_upstream_handler (ev=) at src/http/ngx_http_upstream.c:935
        c = 0x7f59b9db70d0
        r = 
        ctx = 
        u = 
#6  0x0000000000425959 in ngx_event_expire_timers () at
src/event/ngx_event_timer.c:149
        ev = 0x7f59ea790520
        root = 0x7f59ea784da8
        sentinel = 0x6a86e0
#7  0x0000000000425590 in ngx_process_events_and_timers
(cycle=0x1a45c40) at src/event/ngx_event.c:261
        flags = 1
        timer = 
        delta = 21
#8  0x000000000042b2d7 in ngx_worker_process_cycle (cycle=0x1a45c40,
data=) at src/os/unix/ngx_process_cycle.c:801
        i = 
        c = 
#9  0x0000000000429cd2 in ngx_spawn_process (cycle=0x1a45c40,
proc=0x42b206 , data=0x0, name=0x47e0e5
"worker process", respawn=-3) at src/os/unix/ngx_process.c:196
        on = 1
        pid = 0
        s = 0
#10 0x000000000042a986 in ngx_start_worker_processes (cycle=0x1a45c40,
n=4, type=-3) at src/os/unix/ngx_process_cycle.c:360
        i = 
        ch = {command = 1, pid = 11, slot = 0, fd = 844191584}
#11 0x000000000042b990 in ngx_master_process_cycle (cycle=0x1a45c40)
at src/os/unix/ngx_process_cycle.c:136
        title = 0x1bf78c6 "master process nginx"
        p = 
        size = 
        i = 
        n = 
        sigio = 
        set = {__val = {0 }}
        itv = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value =
{tv_sec = 0, tv_usec = 5}}
        live = 
        delay = 
        ls = 
        ccf = 0x1a46b50
#12 0x00000000004119ea in main (argc=, argv=) at src/core/nginx.c:403
        i = 
        log = 0x6a64a0
        cycle = 0x1a45c40
        init_cycle = {conf_ctx = 0x0, pool = 0x1a450d0, log =
0x6a64a0, new_log = {log_level = 0, file = 0x0, connection = 0,
handler = 0, data = 0x0, action = 0x0}, files = 0x0, free_connections
= 0x0, free_connection_n = 0,
          reusable_connections_queue = {prev = 0x0, next = 0x0},
listening = {elts = 0x0, nelts = 0, size = 0, nalloc = 0, pool = 0x0},
pathes = {elts = 0x0, nelts = 0, size = 0, nalloc = 0, pool = 0x0},
open_files = {last = 0x0,
            part = {elts = 0x0, nelts = 0, next = 0x0}, size = 0,
nalloc = 0, pool = 0x0}, shared_memory = {last = 0x0, part = {elts =
0x0, nelts = 0, next = 0x0}, size = 0, nalloc = 0, pool = 0x0},
connection_n = 0, files_n = 0,
          connections = 0x0, read_events = 0x0, write_events = 0x0,
old_cycle = 0x0, conf_file = {len = 21, data = 0x47a836
"/etc/nginx/nginx.conf"}, conf_param = {len = 0, data = 0x0},
conf_prefix = {len = 11,
            data = 0x47a836 "/etc/nginx/nginx.conf"}, prefix = {len =
17, data = 0x47a824 "/usr/local/nginx/"}, lock_file = {len = 0, data =
0x0}, hostname = {len = 0, data = 0x0}}
        ccf = 
(gdb)


-- 
MagicBear


From magicbearmo at gmail.com  Sat Nov 12 14:07:22 2011
From: magicbearmo at gmail.com (MagicBear)
Date: Sat, 12 Nov 2011 22:07:22 +0800
Subject: nginx crash
In-Reply-To: 
References: 
Message-ID: 

happen on a of main upstream server dead.

Here is the config

proxy_cache_path /dev/shm/cdn_cache_comment  levels=1:2
keys_zone=cache_comment_mem:32m max_size=128m;
limit_req_zone  $binary_remote_addr  zone=limit_comment:16m   rate=50r/s;

upstream backend_comment {
	server 10.0.0.1 weight=10 fail_timeout=30s;
	server 10.0.0.2 backup weight=5 fail_timeout=30s;
	keepalive 30;
}
map $http_accept_encoding $gzip {
	default "";
	~gzip " gzip";
}
server {
	listen 80;
	server_name example.com;
	
	access_log /dev/shm/logger logger;	
	error_log /dev/null;
	
	limit_req zone=limit_comment burst=200;
	
	gzip_buffers     4 16k;
	gzip_min_length  1k;
	gzip_http_version 1.1;
	gzip_comp_level 9;
	gzip_types text/plain application/x-javascript text/css application/xml;
	gzip_vary on;
	gzip_proxied any;
	
	proxy_ssl_session_reuse on;
	proxy_cache_min_uses 1;
	proxy_connect_timeout 5s;
	proxy_send_timeout   60s;
	proxy_read_timeout   60s;
	
	gzip on;
	
	location ~ ^/purge(/.*) {
		proxy_cache_purge cache_comment_mem $1$is_args$args;
	}
	location = /crossdomain.xml
	{
		proxy_cache_min_uses 1;
		proxy_cache cache_comment_mem;
		proxy_cache_valid 200 302 1M;
		proxy_cache_key $uri$is_args$args$gzip;
		proxy_hide_header X-Cache;
		proxy_hide_header X-Via;
		add_header X-Cache "$upstream_cache_status from $hostname";
		add_header X-Cache-Lookup $upstream_http_x_cache;
		gzip on;
		expires max;
		real_ip_header X-Real-IP;
		set_real_ip_from	0.0.0.0/0;
		proxy_set_header X-Cache-Server $hostname;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header Connection "keep-alive";
		proxy_set_header Host example.com;
		proxy_hide_header X-Cache;
		proxy_hide_header X-Via;
		proxy_pass http://backend_comment;
		proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
	}
	location ~ ^/dm,
	{
		proxy_cache_min_uses 1;
		proxy_cache cache_comment_mem;
		proxy_cache_valid 200 302 5s;
		proxy_cache_key $uri$gzip;
		proxy_hide_header X-Cache;
		proxy_hide_header X-Via;
		add_header X-Cache "$upstream_cache_status from $hostname";
		add_header X-Cache-Lookup $upstream_http_x_cache;
		gzip on;
		expires 15s;
		real_ip_header X-Real-IP;
		set_real_ip_from	0.0.0.0/0;
		proxy_set_header X-Cache-Server $hostname;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header Connection "keep-alive";
		proxy_set_header Host example.com;
		proxy_hide_header X-Cache;
		proxy_hide_header X-Via;
		proxy_pass http://backend_comment;
		proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
	}
	location /
	{
		proxy_buffering off;	#Direct send to client
		add_header X-Cache "BYPASS from $hostname";
		add_header X-Cache-Lookup $upstream_http_x_cache;
		gzip on;
		expires -1;
		real_ip_header X-Real-IP;
		set_real_ip_from	0.0.0.0/0;
		proxy_set_header X-Cache-Server $hostname;
		proxy_set_header X-Real-IP $remote_addr;
		proxy_set_header Connection "keep-alive";
		proxy_set_header Host example.com;
		proxy_hide_header X-Cache;
		proxy_hide_header X-Via;
		proxy_pass http://backend_comment;
		proxy_next_upstream error timeout invalid_header http_500 http_502
http_503 http_504;
	}
}


2011/11/12 MagicBear :
> 2011/11/12 19:00:16 [alert] 7552#0: ignore long locked inactive cache
> entry 26b0312d67bd41ef132ce5b8a4445ffa, count:1
> 2011/11/12 19:02:17 [alert] 7552#0: ignore long locked inactive cache
> entry ac307ce9b33a01a04f4f17c187d9b11a, count:1
> 2011/11/12 19:02:45 [alert] 7552#0: ignore long locked inactive cache
> entry e5fa15e3f856238feb5e0b7128120e20, count:1
> 2011/11/12 19:03:59 [alert] 7552#0: ignore long locked inactive cache
> entry 1eb06fe015c489159f15b514bb333931, count:1
> 2011/11/12 19:04:46 [alert] 7552#0: ignore long locked inactive cache
> entry 5023f1eb7e74908ae75d6a7a57ac4dfd, count:2
> 2011/11/12 19:05:41 [alert] 7552#0: ignore long locked inactive cache
> entry 9fda125ea01601b6a32536afd2c59aa2, count:1
> 2011/11/12 19:06:02 [alert] 7547#0: worker process 7548 exited on
> signal 11 (core dumped)
>
>
>
> nginx: nginx version: nginx/1.1.7
> nginx: built by gcc 4.6.1 (Ubuntu/Linaro 4.6.1-9ubuntu3)
> nginx: TLS SNI support enabled
> nginx: configure arguments: --conf-path=/etc/nginx/nginx.conf
> --error-log-path=/var/log/nginx/error.log
> --pid-path=/var/run/nginx.pid --lock-path=/var/lock/nginx.lock
> --http-log-path=/var/log/nginx/access.log
> --http-client-body-temp-path=/var/lib/nginx/body
> --http-fastcgi-temp-path=/var/lib/nginx/fastcgi
> --http-proxy-temp-path=/var/lib/nginx/proxy
> --with-http_stub_status_module --without-select_module
> --without-http_uwsgi_module --without-http_auth_basic_module
> --without-http_geo_module --without-http_empty_gif_module
> --with-http_ssl_module --with-http_gzip_static_module
> --with-http_realip_module --add-module=../ngx_cache_purge-1.4
> --with-google_perftools_module
> --add-module=../chaoslawful-lua-nginx-module-71993f1
> --add-module=../nginx-accesskey-2.0.3/
>
>
>
>
> GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later 
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. ?Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> For bug reporting instructions, please see:
> ...
> "/var/www/ngx_coredump/core": not in executable format: File format
> not recognized
> "/usr/sbin/nginx" is not a core dump: File format not recognized
> (gdb) bt
> No stack.
> (gdb) ^CQuit
> (gdb) ^CQuit
> (gdb) quit
> root at cn-sd-wt:/var/www/ngx_coredump# gdb `which nginx` core
> GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
> Copyright (C) 2011 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later 
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law. ?Type "show copying"
> and "show warranty" for details.
> This GDB was configured as "x86_64-linux-gnu".
> For bug reporting instructions, please see:
> ...
> Reading symbols from /usr/sbin/nginx...done.
> [New LWP 7548]
>
> warning: Can't read pathname for load map: Input/output error.
> [Thread debugging using libthread_db enabled]
> Core was generated by `nginx:'.
> Program terminated with signal 11, Segmentation fault.
> #0 ?ngx_rbtree_min (sentinel=, node=0x0) at
> src/core/ngx_rbtree.h:75
> 75 ? ? ? ? ?while (node->left != sentinel) {
> (gdb) bt
> #0 ?ngx_rbtree_min (sentinel=, node=0x0) at
> src/core/ngx_rbtree.h:75
> #1 ?ngx_rbtree_delete (tree=0x7f59d00d7000, node=0x7f59d00db080) at
> src/core/ngx_rbtree.c:178
> #2 ?0x0000000000451a04 in ngx_http_file_cache_free (c=0x1c8d4f0,
> tf=0x1c8dfd0) at src/http/ngx_http_file_cache.c:956
> #3 ?0x0000000000447739 in ngx_http_upstream_process_request
> (r=0x21b8af0) at src/http/ngx_http_upstream.c:2738
> #4 ?0x000000000044781b in ngx_http_upstream_process_upstream
> (r=0x21b8af0, u=0x21e0c88) at src/http/ngx_http_upstream.c:2677
> #5 ?0x000000000044790c in ngx_http_upstream_handler (ev= out>) at src/http/ngx_http_upstream.c:935
> #6 ?0x0000000000425959 in ngx_event_expire_timers () at
> src/event/ngx_event_timer.c:149
> #7 ?0x0000000000425590 in ngx_process_events_and_timers
> (cycle=0x1a45c40) at src/event/ngx_event.c:261
> #8 ?0x000000000042b2d7 in ngx_worker_process_cycle (cycle=0x1a45c40,
> data=) at src/os/unix/ngx_process_cycle.c:801
> #9 ?0x0000000000429cd2 in ngx_spawn_process (cycle=0x1a45c40,
> proc=0x42b206 , data=0x0, name=0x47e0e5
> "worker process", respawn=-3) at src/os/unix/ngx_process.c:196
> #10 0x000000000042a986 in ngx_start_worker_processes (cycle=0x1a45c40,
> n=4, type=-3) at src/os/unix/ngx_process_cycle.c:360
> #11 0x000000000042b990 in ngx_master_process_cycle (cycle=0x1a45c40)
> at src/os/unix/ngx_process_cycle.c:136
> #12 0x00000000004119ea in main (argc=, argv= out>) at src/core/nginx.c:403
> (gdb) bt full
> #0 ?ngx_rbtree_min (sentinel=, node=0x0) at
> src/core/ngx_rbtree.h:75
> No locals.
> #1 ?ngx_rbtree_delete (tree=0x7f59d00d7000, node=0x7f59d00db080) at
> src/core/ngx_rbtree.c:178
> ? ? ? ?red = 
> ? ? ? ?root = 0x7f59d00d7000
> ? ? ? ?sentinel = 0x7f59d00d7018
> ? ? ? ?subst = 
> ? ? ? ?temp = 
> ? ? ? ?w = 
> #2 ?0x0000000000451a04 in ngx_http_file_cache_free (c=0x1c8d4f0,
> tf=0x1c8dfd0) at src/http/ngx_http_file_cache.c:956
> ? ? ? ?cache = 0x1a97650
> ? ? ? ?fcn = 0x7f59d00db080
> #3 ?0x0000000000447739 in ngx_http_upstream_process_request
> (r=0x21b8af0) at src/http/ngx_http_upstream.c:2738
> ? ? ? ?del = 
> ? ? ? ?tf = 
> ? ? ? ?p = 0x21e1078
> ? ? ? ?u = 0x21e0c88
> #4 ?0x000000000044781b in ngx_http_upstream_process_upstream
> (r=0x21b8af0, u=0x21e0c88) at src/http/ngx_http_upstream.c:2677
> ? ? ? ?c = 
> #5 ?0x000000000044790c in ngx_http_upstream_handler (ev= out>) at src/http/ngx_http_upstream.c:935
> ? ? ? ?c = 0x7f59b9db70d0
> ? ? ? ?r = 
> ? ? ? ?ctx = 
> ? ? ? ?u = 
> #6 ?0x0000000000425959 in ngx_event_expire_timers () at
> src/event/ngx_event_timer.c:149
> ? ? ? ?ev = 0x7f59ea790520
> ? ? ? ?root = 0x7f59ea784da8
> ? ? ? ?sentinel = 0x6a86e0
> #7 ?0x0000000000425590 in ngx_process_events_and_timers
> (cycle=0x1a45c40) at src/event/ngx_event.c:261
> ? ? ? ?flags = 1
> ? ? ? ?timer = 
> ? ? ? ?delta = 21
> #8 ?0x000000000042b2d7 in ngx_worker_process_cycle (cycle=0x1a45c40,
> data=) at src/os/unix/ngx_process_cycle.c:801
> ? ? ? ?i = 
> ? ? ? ?c = 
> #9 ?0x0000000000429cd2 in ngx_spawn_process (cycle=0x1a45c40,
> proc=0x42b206 , data=0x0, name=0x47e0e5
> "worker process", respawn=-3) at src/os/unix/ngx_process.c:196
> ? ? ? ?on = 1
> ? ? ? ?pid = 0
> ? ? ? ?s = 0
> #10 0x000000000042a986 in ngx_start_worker_processes (cycle=0x1a45c40,
> n=4, type=-3) at src/os/unix/ngx_process_cycle.c:360
> ? ? ? ?i = 
> ? ? ? ?ch = {command = 1, pid = 11, slot = 0, fd = 844191584}
> #11 0x000000000042b990 in ngx_master_process_cycle (cycle=0x1a45c40)
> at src/os/unix/ngx_process_cycle.c:136
> ? ? ? ?title = 0x1bf78c6 "master process nginx"
> ? ? ? ?p = 
> ? ? ? ?size = 
> ? ? ? ?i = 
> ? ? ? ?n = 
> ? ? ? ?sigio = 
> ? ? ? ?set = {__val = {0 }}
> ? ? ? ?itv = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value =
> {tv_sec = 0, tv_usec = 5}}
> ? ? ? ?live = 
> ? ? ? ?delay = 
> ? ? ? ?ls = 
> ? ? ? ?ccf = 0x1a46b50
> #12 0x00000000004119ea in main (argc=, argv= out>) at src/core/nginx.c:403
> ? ? ? ?i = 
> ? ? ? ?log = 0x6a64a0
> ? ? ? ?cycle = 0x1a45c40
> ? ? ? ?init_cycle = {conf_ctx = 0x0, pool = 0x1a450d0, log =
> 0x6a64a0, new_log = {log_level = 0, file = 0x0, connection = 0,
> handler = 0, data = 0x0, action = 0x0}, files = 0x0, free_connections
> = 0x0, free_connection_n = 0,
> ? ? ? ? ?reusable_connections_queue = {prev = 0x0, next = 0x0},
> listening = {elts = 0x0, nelts = 0, size = 0, nalloc = 0, pool = 0x0},
> pathes = {elts = 0x0, nelts = 0, size = 0, nalloc = 0, pool = 0x0},
> open_files = {last = 0x0,
> ? ? ? ? ? ?part = {elts = 0x0, nelts = 0, next = 0x0}, size = 0,
> nalloc = 0, pool = 0x0}, shared_memory = {last = 0x0, part = {elts =
> 0x0, nelts = 0, next = 0x0}, size = 0, nalloc = 0, pool = 0x0},
> connection_n = 0, files_n = 0,
> ? ? ? ? ?connections = 0x0, read_events = 0x0, write_events = 0x0,
> old_cycle = 0x0, conf_file = {len = 21, data = 0x47a836
> "/etc/nginx/nginx.conf"}, conf_param = {len = 0, data = 0x0},
> conf_prefix = {len = 11,
> ? ? ? ? ? ?data = 0x47a836 "/etc/nginx/nginx.conf"}, prefix = {len =
> 17, data = 0x47a824 "/usr/local/nginx/"}, lock_file = {len = 0, data =
> 0x0}, hostname = {len = 0, data = 0x0}}
> ? ? ? ?ccf = 
> (gdb)
>
>
> --
> MagicBear
>



-- 
MagicBear


From mdounin at mdounin.ru  Sat Nov 12 16:16:26 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sat, 12 Nov 2011 20:16:26 +0400
Subject: nginx crash
In-Reply-To: 
References: 
	
Message-ID: <20111112161626.GK95664@mdounin.ru>

Hello!

On Sat, Nov 12, 2011 at 10:07:22PM +0800, MagicBear wrote:

> happen on a of main upstream server dead.
> 
> Here is the config
> 
> proxy_cache_path /dev/shm/cdn_cache_comment  levels=1:2
> keys_zone=cache_comment_mem:32m max_size=128m;

[...]

> 	proxy_read_timeout   60s;

How long it takes for response to be removed from cache given 
"max_size=128m" and "keys_zones=" size constraints under your 
load?

> 2011/11/12 MagicBear :
> > 2011/11/12 19:00:16 [alert] 7552#0: ignore long locked inactive cache
> > entry 26b0312d67bd41ef132ce5b8a4445ffa, count:1
> > 2011/11/12 19:02:17 [alert] 7552#0: ignore long locked inactive cache
> > entry ac307ce9b33a01a04f4f17c187d9b11a, count:1
> > 2011/11/12 19:02:45 [alert] 7552#0: ignore long locked inactive cache
> > entry e5fa15e3f856238feb5e0b7128120e20, count:1
> > 2011/11/12 19:03:59 [alert] 7552#0: ignore long locked inactive cache
> > entry 1eb06fe015c489159f15b514bb333931, count:1
> > 2011/11/12 19:04:46 [alert] 7552#0: ignore long locked inactive cache
> > entry 5023f1eb7e74908ae75d6a7a57ac4dfd, count:2
> > 2011/11/12 19:05:41 [alert] 7552#0: ignore long locked inactive cache
> > entry 9fda125ea01601b6a32536afd2c59aa2, count:1
> > 2011/11/12 19:06:02 [alert] 7547#0: worker process 7548 exited on
> > signal 11 (core dumped)

(Just in case: are there any other alerts before "ignore long 
locked inactive cache entry..." ones?)

It looks like nginx decided to remove cache entry (assuming it was 
left locked by a previously died worker) while the entry was in 
fact locked due to nginx waiting for a backend timeout.

Resulting segfault is somewhat expected with current code.  Looks 
like code needs some (more) safeguards against such situations.

As a workaround, you may want to make sure talking to backend 
always takes less than expected cache entry lifetime, this will 
prevent such situations.

Maxim Dounin


From magicbearmo at gmail.com  Sat Nov 12 19:04:57 2011
From: magicbearmo at gmail.com (MagicBear)
Date: Sun, 13 Nov 2011 03:04:57 +0800
Subject: nginx crash
In-Reply-To: <20111112161626.GK95664@mdounin.ru>
References: 
	
	<20111112161626.GK95664@mdounin.ru>
Message-ID: 

2011/11/13 Maxim Dounin :
> Hello!
>
> On Sat, Nov 12, 2011 at 10:07:22PM +0800, MagicBear wrote:
>
>> happen on a of main upstream server dead.
>>
>> Here is the config
>>
>> proxy_cache_path /dev/shm/cdn_cache_comment ?levels=1:2
>> keys_zone=cache_comment_mem:32m max_size=128m;
>
> [...]
>
>> ? ? ? proxy_read_timeout ? 60s;
>
> How long it takes for response to be removed from cache given
> "max_size=128m" and "keys_zones=" size constraints under your
> load?
>

may be several hours to several days.
I think i must be increase keys_zone size.

>> 2011/11/12 MagicBear :
>> > 2011/11/12 19:00:16 [alert] 7552#0: ignore long locked inactive cache
>> > entry 26b0312d67bd41ef132ce5b8a4445ffa, count:1
>> > 2011/11/12 19:02:17 [alert] 7552#0: ignore long locked inactive cache
>> > entry ac307ce9b33a01a04f4f17c187d9b11a, count:1
>> > 2011/11/12 19:02:45 [alert] 7552#0: ignore long locked inactive cache
>> > entry e5fa15e3f856238feb5e0b7128120e20, count:1
>> > 2011/11/12 19:03:59 [alert] 7552#0: ignore long locked inactive cache
>> > entry 1eb06fe015c489159f15b514bb333931, count:1
>> > 2011/11/12 19:04:46 [alert] 7552#0: ignore long locked inactive cache
>> > entry 5023f1eb7e74908ae75d6a7a57ac4dfd, count:2
>> > 2011/11/12 19:05:41 [alert] 7552#0: ignore long locked inactive cache
>> > entry 9fda125ea01601b6a32536afd2c59aa2, count:1
>> > 2011/11/12 19:06:02 [alert] 7547#0: worker process 7548 exited on
>> > signal 11 (core dumped)
>
> (Just in case: are there any other alerts before "ignore long
> locked inactive cache entry..." ones?)
>
> It looks like nginx decided to remove cache entry (assuming it was
> left locked by a previously died worker) while the entry was in
> fact locked due to nginx waiting for a backend timeout.
>
> Resulting segfault is somewhat expected with current code. ?Looks
> like code needs some (more) safeguards against such situations.
>
> As a workaround, you may want to make sure talking to backend
> always takes less than expected cache entry lifetime, this will
> prevent such situations.
>

Ok, I will try this, thanks for your advises.

> Maxim Dounin
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>



-- 
MagicBear


From piotr.sikora at frickle.com  Sun Nov 13 05:49:14 2011
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Sun, 13 Nov 2011 06:49:14 +0100
Subject: [PATCH] Fix Content-Length of seeked mp4 files
Message-ID: <20111113054913.GA2617@fr2.local>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ngx_mp4_content_length.patch
URL: 

From appa at perusio.net  Sun Nov 13 23:16:56 2011
From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida)
Date: Sun, 13 Nov 2011 23:16:56 +0000
Subject: nginx crash
In-Reply-To: 
References: 
	
Message-ID: <87r51blijb.wl%appa@perusio.net>


On 12 Nov 2011 14h07 WET, magicbearmo at gmail.com wrote:

> happen on a of main upstream server dead.
>
> Here is the config
>
> proxy_cache_path /dev/shm/cdn_cache_comment levels=1:2
> keys_zone=cache_comment_mem:32m max_size=128m; limit_req_zone
> $binary_remote_addr zone=limit_comment:16m rate=50r/s;
>
> upstream backend_comment {
> 	server 10.0.0.1 weight=10 fail_timeout=30s;
> 	server 10.0.0.2 backup weight=5 fail_timeout=30s;
> 	keepalive 30;
        ^^^^^^^^^^^^^
I believe you have to use:

proxy_http_version 1.1;

in the location that invoke this upstream for getting keep alive to
the backends. AFAIK this is undocumented and would be nice if Maxim
can shed some light on this issue. Ditto for:

fastcgi_keep_conn on;

in the case of FCGI upstreams.

Thanks,
--- appa


From mdounin at mdounin.ru  Sun Nov 13 23:54:55 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 14 Nov 2011 03:54:55 +0400
Subject: nginx crash
In-Reply-To: <87r51blijb.wl%appa@perusio.net>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
Message-ID: <20111113235455.GO95664@mdounin.ru>

Hello!

On Sun, Nov 13, 2011 at 11:16:56PM +0000, Ant?nio P. P. Almeida wrote:

> 
> On 12 Nov 2011 14h07 WET, magicbearmo at gmail.com wrote:
> 
> > happen on a of main upstream server dead.
> >
> > Here is the config
> >
> > proxy_cache_path /dev/shm/cdn_cache_comment levels=1:2
> > keys_zone=cache_comment_mem:32m max_size=128m; limit_req_zone
> > $binary_remote_addr zone=limit_comment:16m rate=50r/s;
> >
> > upstream backend_comment {
> > 	server 10.0.0.1 weight=10 fail_timeout=30s;
> > 	server 10.0.0.2 backup weight=5 fail_timeout=30s;
> > 	keepalive 30;
>         ^^^^^^^^^^^^^
> I believe you have to use:
> 
> proxy_http_version 1.1;
> 
> in the location that invoke this upstream for getting keep alive to
> the backends. AFAIK this is undocumented and would be nice if Maxim
> can shed some light on this issue.

Keepalive connections are possible with HTTP/1.0 as well.  There 
are some problems with them though:

1. There is no standard which defines keepalive connections in 
HTTP/1.0.  It works with major web servers (including nginx), but 
may not work with others.

2. In HTTP/1.0 connection can't be kept alive if response 
Content-Length isn't known (as response end is signalled by 
connection close).

Due to the above reasons I would recommend using HTTP/1.1 to keep 
backend connections alive.  But it doesn't mean they aren't 
possible (and I'm quite sure MagicBear's config works as expected).

The required thing is

    proxy_set_header Connection "";

in case of HTTP/1.1, or

    proxy_set_header Connection "keep-alive";

in case of HTTP/1.0.

(Well, "Connection: keep-alive" will work in HTTP/1.1 case as 
well, actually.  But an empty string is enough.)

> Ditto for:
> 
> fastcgi_keep_conn on;
> 
> in the case of FCGI upstreams.

The fastcgi_keep_conn directive is required to keep connections 
alive with fastcgi upstreams.  It instructs nginx to claim 
responsibility of closing connection with appropriate flag in 
fastcgi protocol.  Without this directive connection will be 
closed by fastcgi application (upstream) and it won't be possible 
to keep it alive. 

Maxim Dounin


From sb at waeme.net  Mon Nov 14 09:12:16 2011
From: sb at waeme.net (sb at waeme.net)
Date: Mon, 14 Nov 2011 09:12:16 +0000
Subject: [nginx] svn commit:  r4274 - in trunk/src: http/modules mail
Message-ID: <20111114091216.CA9EF3F9CA1@mail.nginx.com>

Author: fabler
Date: 2011-11-14 09:12:15 +0000 (Mon, 14 Nov 2011)
New Revision: 4274

Log:
Fixed NGX_CONF_TAKE1/NGX_CONF_FLAG misuse.


Modified:
   trunk/src/http/modules/ngx_http_fastcgi_module.c
   trunk/src/http/modules/ngx_http_ssi_filter_module.c
   trunk/src/http/modules/ngx_http_ssl_module.c
   trunk/src/mail/ngx_mail_proxy_module.c

Modified: trunk/src/http/modules/ngx_http_fastcgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_fastcgi_module.c	2011-11-10 16:25:08 UTC (rev 4273)
+++ trunk/src/http/modules/ngx_http_fastcgi_module.c	2011-11-14 09:12:15 UTC (rev 4274)
@@ -436,7 +436,7 @@
       &ngx_http_upstream_ignore_headers_masks },
 
     { ngx_string("fastcgi_catch_stderr"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
       ngx_conf_set_str_array_slot,
       NGX_HTTP_LOC_CONF_OFFSET,
       offsetof(ngx_http_fastcgi_loc_conf_t, catch_stderr),

Modified: trunk/src/http/modules/ngx_http_ssi_filter_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_ssi_filter_module.c	2011-11-10 16:25:08 UTC (rev 4273)
+++ trunk/src/http/modules/ngx_http_ssi_filter_module.c	2011-11-14 09:12:15 UTC (rev 4274)
@@ -139,14 +139,14 @@
       NULL },
 
     { ngx_string("ssi_min_file_chunk"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
       ngx_conf_set_size_slot,
       NGX_HTTP_LOC_CONF_OFFSET,
       offsetof(ngx_http_ssi_loc_conf_t, min_file_chunk),
       NULL },
 
     { ngx_string("ssi_value_length"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_FLAG,
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
       ngx_conf_set_size_slot,
       NGX_HTTP_LOC_CONF_OFFSET,
       offsetof(ngx_http_ssi_loc_conf_t, value_len),

Modified: trunk/src/http/modules/ngx_http_ssl_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_ssl_module.c	2011-11-10 16:25:08 UTC (rev 4273)
+++ trunk/src/http/modules/ngx_http_ssl_module.c	2011-11-14 09:12:15 UTC (rev 4274)
@@ -101,7 +101,7 @@
       NULL },
 
     { ngx_string("ssl_verify_client"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG,
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1,
       ngx_conf_set_enum_slot,
       NGX_HTTP_SRV_CONF_OFFSET,
       offsetof(ngx_http_ssl_srv_conf_t, verify),

Modified: trunk/src/mail/ngx_mail_proxy_module.c
===================================================================
--- trunk/src/mail/ngx_mail_proxy_module.c	2011-11-10 16:25:08 UTC (rev 4273)
+++ trunk/src/mail/ngx_mail_proxy_module.c	2011-11-14 09:12:15 UTC (rev 4274)
@@ -60,7 +60,7 @@
       NULL },
 
     { ngx_string("proxy_pass_error_message"),
-      NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_TAKE1,
+      NGX_MAIL_MAIN_CONF|NGX_MAIL_SRV_CONF|NGX_CONF_FLAG,
       ngx_conf_set_flag_slot,
       NGX_MAIL_SRV_CONF_OFFSET,
       offsetof(ngx_mail_proxy_conf_t, pass_error_message),


From mdounin at mdounin.ru  Mon Nov 14 13:18:16 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 14 Nov 2011 13:18:16 +0000
Subject: [nginx] svn commit:  r4275 - trunk/src/http/modules
Message-ID: <20111114131816.5CA793F9C21@mail.nginx.com>

Author: mdounin
Date: 2011-11-14 13:18:15 +0000 (Mon, 14 Nov 2011)
New Revision: 4275

Log:
Fixed proxy_set_header inheritance with proxy_cache (ticket #45).

Headers cleared with cache enabled (If-Modified-Since etc.) might be cleared
in unrelated servers/locations without proxy_cache enabled if proxy_cache was
used in some server/location.

Example config which triggered the problem:

    proxy_set_header X-Test "test";
    server { location /1 { proxy_cache name; proxy_pass ... } }
    server { location /2 { proxy_pass ... } }

Another one:

    server {
        proxy_cache name;
        location /1 { proxy_pass ... }
        location /2 { proxy_cache off; proxy_pass ... }
    }

In both cases If-Modified-Since header wasn't sent to backend in location /2.

Fix is to not modify conf->headers_source, but instead merge user-supplied
headers from conf->headers_source and default headers (either cache or not)
into separate headers_merged array.


Modified:
   trunk/src/http/modules/ngx_http_proxy_module.c

Modified: trunk/src/http/modules/ngx_http_proxy_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_proxy_module.c	2011-11-14 09:12:15 UTC (rev 4274)
+++ trunk/src/http/modules/ngx_http_proxy_module.c	2011-11-14 13:18:15 UTC (rev 4275)
@@ -2875,7 +2875,7 @@
     size_t                        size;
     uintptr_t                    *code;
     ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
+    ngx_array_t                   headers_names, headers_merged;
     ngx_keyval_t                 *src, *s, *h;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -2906,6 +2906,12 @@
         return NGX_ERROR;
     }
 
+    if (ngx_array_init(&headers_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+        != NGX_OK)
+    {
+        return NGX_ERROR;
+    }
+
     if (conf->headers_source == NULL) {
         conf->headers_source = ngx_array_create(cf->pool, 4,
                                                 sizeof(ngx_keyval_t));
@@ -2925,8 +2931,6 @@
     }
 
 
-    src = conf->headers_source->elts;
-
 #if (NGX_HTTP_CACHE)
 
     h = conf->upstream.cache ? ngx_http_proxy_cache_headers:
@@ -2937,31 +2941,41 @@
 
 #endif
 
+    src = conf->headers_source->elts;
+    for (i = 0; i < conf->headers_source->nelts; i++) {
+
+        s = ngx_array_push(&headers_merged);
+        if (s == NULL) {
+            return NGX_ERROR;
+        }
+
+        *s = src[i];
+    }
+
     while (h->key.len) {
 
-        for (i = 0; i < conf->headers_source->nelts; i++) {
+        src = headers_merged.elts;
+        for (i = 0; i < headers_merged.nelts; i++) {
             if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                 goto next;
             }
         }
 
-        s = ngx_array_push(conf->headers_source);
+        s = ngx_array_push(&headers_merged);
         if (s == NULL) {
             return NGX_ERROR;
         }
 
         *s = *h;
 
-        src = conf->headers_source->elts;
-
     next:
 
         h++;
     }
 
 
-    src = conf->headers_source->elts;
-    for (i = 0; i < conf->headers_source->nelts; i++) {
+    src = headers_merged.elts;
+    for (i = 0; i < headers_merged.nelts; i++) {
 
         hk = ngx_array_push(&headers_names);
         if (hk == NULL) {


From mdounin at mdounin.ru  Mon Nov 14 13:19:57 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 14 Nov 2011 13:19:57 +0000
Subject: [nginx] svn commit:  r4276 - trunk/src/http/modules
Message-ID: <20111114131957.7616D3F9C22@mail.nginx.com>

Author: mdounin
Date: 2011-11-14 13:19:56 +0000 (Mon, 14 Nov 2011)
New Revision: 4276

Log:
Fixed proxy_set_header inheritance with proxy_set_body.


Modified:
   trunk/src/http/modules/ngx_http_proxy_module.c

Modified: trunk/src/http/modules/ngx_http_proxy_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_proxy_module.c	2011-11-14 13:18:15 UTC (rev 4275)
+++ trunk/src/http/modules/ngx_http_proxy_module.c	2011-11-14 13:19:56 UTC (rev 4276)
@@ -2493,7 +2493,6 @@
 
     u_char                     *p;
     size_t                      size;
-    ngx_keyval_t               *s;
     ngx_hash_init_t             hash;
     ngx_http_core_loc_conf_t   *clcf;
     ngx_http_proxy_redirect_t  *pr;
@@ -2841,22 +2840,6 @@
         if (ngx_http_script_compile(&sc) != NGX_OK) {
             return NGX_CONF_ERROR;
         }
-
-        if (conf->headers_source == NULL) {
-            conf->headers_source = ngx_array_create(cf->pool, 4,
-                                                    sizeof(ngx_keyval_t));
-            if (conf->headers_source == NULL) {
-                return NGX_CONF_ERROR;
-            }
-        }
-
-        s = ngx_array_push(conf->headers_source);
-        if (s == NULL) {
-            return NGX_CONF_ERROR;
-        }
-
-        ngx_str_set(&s->key, "Content-Length");
-        ngx_str_set(&s->value, "$proxy_internal_body_length");
     }
 
     if (ngx_http_proxy_merge_headers(cf, conf, prev) != NGX_OK) {
@@ -2891,6 +2874,8 @@
     }
 
     if (conf->headers_set_hash.buckets
+        && ((conf->body_source.data == NULL)
+            == (prev->body_source.data == NULL))
 #if (NGX_HTTP_CACHE)
         && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
 #endif
@@ -2973,7 +2958,17 @@
         h++;
     }
 
+    if (conf->body_source.data) {
+        s = ngx_array_push(&headers_merged);
+        if (s == NULL) {
+            return NGX_ERROR;
+        }
 
+        ngx_str_set(&s->key, "Content-Length");
+        ngx_str_set(&s->value, "$proxy_internal_body_length");
+    }
+
+
     src = headers_merged.elts;
     for (i = 0; i < headers_merged.nelts; i++) {
 


From mdounin at mdounin.ru  Mon Nov 14 13:21:11 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 14 Nov 2011 13:21:11 +0000
Subject: [nginx] svn commit:  r4277 - trunk/src/http/modules
Message-ID: <20111114132111.40EED3F9C1A@mail.nginx.com>

Author: mdounin
Date: 2011-11-14 13:21:10 +0000 (Mon, 14 Nov 2011)
New Revision: 4277

Log:
Fixed Upgrade header clearing with proxy_cache.

This was missed in proxy HTTP/1.1 support commit (r4127).


Modified:
   trunk/src/http/modules/ngx_http_proxy_module.c

Modified: trunk/src/http/modules/ngx_http_proxy_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_proxy_module.c	2011-11-14 13:19:56 UTC (rev 4276)
+++ trunk/src/http/modules/ngx_http_proxy_module.c	2011-11-14 13:21:10 UTC (rev 4277)
@@ -543,6 +543,7 @@
     { ngx_string("Connection"), ngx_string("close") },
     { ngx_string("Keep-Alive"), ngx_string("") },
     { ngx_string("Expect"), ngx_string("") },
+    { ngx_string("Upgrade"), ngx_string("") },
     { ngx_string("If-Modified-Since"), ngx_string("") },
     { ngx_string("If-Unmodified-Since"), ngx_string("") },
     { ngx_string("If-None-Match"), ngx_string("") },


From mdounin at mdounin.ru  Mon Nov 14 13:24:43 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 14 Nov 2011 13:24:43 +0000
Subject: [nginx] svn commit:  r4278 - trunk/src/http/modules
Message-ID: <20111114132443.9F6863F9C22@mail.nginx.com>

Author: mdounin
Date: 2011-11-14 13:24:43 +0000 (Mon, 14 Nov 2011)
New Revision: 4278

Log:
Separate functions to merge fastcgi/scgi/uwsgi params.

No functional changes.


Modified:
   trunk/src/http/modules/ngx_http_fastcgi_module.c
   trunk/src/http/modules/ngx_http_scgi_module.c
   trunk/src/http/modules/ngx_http_uwsgi_module.c

Modified: trunk/src/http/modules/ngx_http_fastcgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_fastcgi_module.c	2011-11-14 13:21:10 UTC (rev 4277)
+++ trunk/src/http/modules/ngx_http_fastcgi_module.c	2011-11-14 13:24:43 UTC (rev 4278)
@@ -147,6 +147,9 @@
 static void *ngx_http_fastcgi_create_loc_conf(ngx_conf_t *cf);
 static char *ngx_http_fastcgi_merge_loc_conf(ngx_conf_t *cf,
     void *parent, void *child);
+static ngx_int_t ngx_http_fastcgi_merge_params(ngx_conf_t *cf,
+    ngx_http_fastcgi_loc_conf_t *conf, ngx_http_fastcgi_loc_conf_t *prev);
+
 static ngx_int_t ngx_http_fastcgi_script_name_variable(ngx_http_request_t *r,
     ngx_http_variable_value_t *v, uintptr_t data);
 static ngx_int_t ngx_http_fastcgi_path_info_variable(ngx_http_request_t *r,
@@ -2085,17 +2088,9 @@
     ngx_http_fastcgi_loc_conf_t *prev = parent;
     ngx_http_fastcgi_loc_conf_t *conf = child;
 
-    u_char                       *p;
     size_t                        size;
-    uintptr_t                    *code;
-    ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
-    ngx_keyval_t                 *src;
-    ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
     ngx_http_core_loc_conf_t     *clcf;
-    ngx_http_script_compile_t     sc;
-    ngx_http_script_copy_code_t  *copy;
 
     if (conf->upstream.store != 0) {
         ngx_conf_merge_value(conf->upstream.store,
@@ -2355,6 +2350,29 @@
     }
 #endif
 
+    if (ngx_http_fastcgi_merge_params(cf, conf, prev) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_fastcgi_merge_params(ngx_conf_t *cf,
+    ngx_http_fastcgi_loc_conf_t *conf, ngx_http_fastcgi_loc_conf_t *prev)
+{
+    u_char                       *p;
+    size_t                        size;
+    uintptr_t                    *code;
+    ngx_uint_t                    i;
+    ngx_array_t                   headers_names;
+    ngx_keyval_t                 *src;
+    ngx_hash_key_t               *hk;
+    ngx_hash_init_t               hash;
+    ngx_http_script_compile_t     sc;
+    ngx_http_script_copy_code_t  *copy;
+
     if (conf->params_source == NULL) {
         conf->flushes = prev->flushes;
         conf->params_len = prev->params_len;
@@ -2369,20 +2387,20 @@
             if ((conf->upstream.cache == NULL)
                 == (prev->upstream.cache == NULL))
             {
-                return NGX_CONF_OK;
+                return NGX_OK;
             }
 
             /* 6 is a number of ngx_http_fastcgi_cache_headers entries */
             conf->params_source = ngx_array_create(cf->pool, 6,
                                                    sizeof(ngx_keyval_t));
             if (conf->params_source == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
         }
 #else
 
         if (conf->params_source == NULL) {
-            return NGX_CONF_OK;
+            return NGX_OK;
         }
 
 #endif
@@ -2390,18 +2408,18 @@
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
     if (conf->params_len == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     conf->params = ngx_array_create(cf->pool, 512, 1);
     if (conf->params == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
         != NGX_OK)
     {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     src = conf->params_source->elts;
@@ -2421,7 +2439,7 @@
 
             s = ngx_array_push(conf->params_source);
             if (s == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             *s = *h;
@@ -2443,7 +2461,7 @@
         {
             hk = ngx_array_push(&headers_names);
             if (hk == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             hk->key.len = src[i].key.len - 5;
@@ -2459,7 +2477,7 @@
         copy = ngx_array_push_n(conf->params_len,
                                 sizeof(ngx_http_script_copy_code_t));
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
@@ -2468,11 +2486,11 @@
 
         size = (sizeof(ngx_http_script_copy_code_t)
                 + src[i].key.len + sizeof(uintptr_t) - 1)
-                & ~(sizeof(uintptr_t) - 1);
+               & ~(sizeof(uintptr_t) - 1);
 
         copy = ngx_array_push_n(conf->params, size);
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = ngx_http_script_copy_code;
@@ -2491,12 +2509,12 @@
         sc.values = &conf->params;
 
         if (ngx_http_script_compile(&sc) != NGX_OK) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -2504,7 +2522,7 @@
 
         code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -2512,12 +2530,11 @@
 
     code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
 
-
     conf->header_params = headers_names.nelts;
 
     hash.hash = &conf->headers_hash;
@@ -2528,12 +2545,7 @@
     hash.pool = cf->pool;
     hash.temp_pool = NULL;
 
-    if (ngx_hash_init(&hash, headers_names.elts, headers_names.nelts) != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    return NGX_CONF_OK;
+    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
 }
 
 

Modified: trunk/src/http/modules/ngx_http_scgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_scgi_module.c	2011-11-14 13:21:10 UTC (rev 4277)
+++ trunk/src/http/modules/ngx_http_scgi_module.c	2011-11-14 13:24:43 UTC (rev 4278)
@@ -43,6 +43,8 @@
 static void *ngx_http_scgi_create_loc_conf(ngx_conf_t *cf);
 static char *ngx_http_scgi_merge_loc_conf(ngx_conf_t *cf, void *parent,
     void *child);
+static ngx_int_t ngx_http_scgi_merge_params(ngx_conf_t *cf,
+    ngx_http_scgi_loc_conf_t *conf, ngx_http_scgi_loc_conf_t *prev);
 
 static char *ngx_http_scgi_pass(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
 static char *ngx_http_scgi_store(ngx_conf_t *cf, ngx_command_t *cmd,
@@ -1059,17 +1061,9 @@
     ngx_http_scgi_loc_conf_t *prev = parent;
     ngx_http_scgi_loc_conf_t *conf = child;
 
-    u_char                       *p;
     size_t                        size;
-    uintptr_t                    *code;
-    ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
-    ngx_keyval_t                 *src;
-    ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
     ngx_http_core_loc_conf_t     *clcf;
-    ngx_http_script_compile_t     sc;
-    ngx_http_script_copy_code_t  *copy;
 
     if (conf->upstream.store != 0) {
         ngx_conf_merge_value(conf->upstream.store, prev->upstream.store, 0);
@@ -1307,6 +1301,29 @@
         }
     }
 
+    if (ngx_http_scgi_merge_params(cf, conf, prev) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_scgi_merge_params(ngx_conf_t *cf, ngx_http_scgi_loc_conf_t *conf,
+    ngx_http_scgi_loc_conf_t *prev)
+{
+    u_char                       *p;
+    size_t                        size;
+    uintptr_t                    *code;
+    ngx_uint_t                    i;
+    ngx_array_t                   headers_names;
+    ngx_keyval_t                 *src;
+    ngx_hash_key_t               *hk;
+    ngx_hash_init_t               hash;
+    ngx_http_script_compile_t     sc;
+    ngx_http_script_copy_code_t  *copy;
+
     if (conf->params_source == NULL) {
         conf->flushes = prev->flushes;
         conf->params_len = prev->params_len;
@@ -1321,20 +1338,20 @@
             if ((conf->upstream.cache == NULL)
                 == (prev->upstream.cache == NULL))
             {
-                return NGX_CONF_OK;
+                return NGX_OK;
             }
 
             /* 6 is a number of ngx_http_scgi_cache_headers entries */
             conf->params_source = ngx_array_create(cf->pool, 6,
                                                    sizeof(ngx_keyval_t));
             if (conf->params_source == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
         }
 #else
 
         if (conf->params_source == NULL) {
-            return NGX_CONF_OK;
+            return NGX_OK;
         }
 
 #endif
@@ -1342,18 +1359,18 @@
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
     if (conf->params_len == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     conf->params = ngx_array_create(cf->pool, 512, 1);
     if (conf->params == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
         != NGX_OK)
     {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     src = conf->params_source->elts;
@@ -1373,7 +1390,7 @@
 
             s = ngx_array_push(conf->params_source);
             if (s == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             *s = *h;
@@ -1395,7 +1412,7 @@
         {
             hk = ngx_array_push(&headers_names);
             if (hk == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             hk->key.len = src[i].key.len - 5;
@@ -1411,7 +1428,7 @@
         copy = ngx_array_push_n(conf->params_len,
                                 sizeof(ngx_http_script_copy_code_t));
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
@@ -1424,7 +1441,7 @@
 
         copy = ngx_array_push_n(conf->params, size);
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = ngx_http_script_copy_code;
@@ -1443,12 +1460,12 @@
         sc.values = &conf->params;
 
         if (ngx_http_script_compile(&sc) != NGX_OK) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1456,7 +1473,7 @@
 
         code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1464,14 +1481,14 @@
 
     code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
 
     code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
@@ -1486,12 +1503,7 @@
     hash.pool = cf->pool;
     hash.temp_pool = NULL;
 
-    if (ngx_hash_init(&hash, headers_names.elts, headers_names.nelts) != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    return NGX_CONF_OK;
+    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
 }
 
 

Modified: trunk/src/http/modules/ngx_http_uwsgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_uwsgi_module.c	2011-11-14 13:21:10 UTC (rev 4277)
+++ trunk/src/http/modules/ngx_http_uwsgi_module.c	2011-11-14 13:24:43 UTC (rev 4278)
@@ -50,6 +50,8 @@
 static void *ngx_http_uwsgi_create_loc_conf(ngx_conf_t *cf);
 static char *ngx_http_uwsgi_merge_loc_conf(ngx_conf_t *cf, void *parent,
     void *child);
+static ngx_int_t ngx_http_uwsgi_merge_params(ngx_conf_t *cf,
+    ngx_http_uwsgi_loc_conf_t *conf, ngx_http_uwsgi_loc_conf_t *prev);
 
 static char *ngx_http_uwsgi_pass(ngx_conf_t *cf, ngx_command_t *cmd,
     void *conf);
@@ -1112,17 +1114,9 @@
     ngx_http_uwsgi_loc_conf_t *prev = parent;
     ngx_http_uwsgi_loc_conf_t *conf = child;
 
-    u_char                       *p;
     size_t                        size;
-    uintptr_t                    *code;
-    ngx_uint_t                    i;
-    ngx_array_t                   headers_names;
-    ngx_keyval_t                 *src;
-    ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
     ngx_http_core_loc_conf_t     *clcf;
-    ngx_http_script_compile_t     sc;
-    ngx_http_script_copy_code_t  *copy;
 
     if (conf->upstream.store != 0) {
         ngx_conf_merge_value(conf->upstream.store, prev->upstream.store, 0);
@@ -1365,6 +1359,29 @@
     ngx_conf_merge_uint_value(conf->modifier1, prev->modifier1, 0);
     ngx_conf_merge_uint_value(conf->modifier2, prev->modifier2, 0);
 
+    if (ngx_http_uwsgi_merge_params(cf, conf, prev) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_uwsgi_merge_params(ngx_conf_t *cf, ngx_http_uwsgi_loc_conf_t *conf,
+    ngx_http_uwsgi_loc_conf_t *prev)
+{
+    u_char                       *p;
+    size_t                        size;
+    uintptr_t                    *code;
+    ngx_uint_t                    i;
+    ngx_array_t                   headers_names;
+    ngx_keyval_t                 *src;
+    ngx_hash_key_t               *hk;
+    ngx_hash_init_t               hash;
+    ngx_http_script_compile_t     sc;
+    ngx_http_script_copy_code_t  *copy;
+
     if (conf->params_source == NULL) {
         conf->flushes = prev->flushes;
         conf->params_len = prev->params_len;
@@ -1379,20 +1396,20 @@
             if ((conf->upstream.cache == NULL)
                 == (prev->upstream.cache == NULL))
             {
-                return NGX_CONF_OK;
+                return NGX_OK;
             }
 
             /* 6 is a number of ngx_http_uwsgi_cache_headers entries */
             conf->params_source = ngx_array_create(cf->pool, 6,
                                                    sizeof(ngx_keyval_t));
             if (conf->params_source == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
         }
 #else
 
         if (conf->params_source == NULL) {
-            return NGX_CONF_OK;
+            return NGX_OK;
         }
 
 #endif
@@ -1400,18 +1417,18 @@
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
     if (conf->params_len == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     conf->params = ngx_array_create(cf->pool, 512, 1);
     if (conf->params == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     if (ngx_array_init(&headers_names, cf->temp_pool, 4, sizeof(ngx_hash_key_t))
         != NGX_OK)
     {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     src = conf->params_source->elts;
@@ -1431,7 +1448,7 @@
 
             s = ngx_array_push(conf->params_source);
             if (s == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             *s = *h;
@@ -1453,7 +1470,7 @@
         {
             hk = ngx_array_push(&headers_names);
             if (hk == NULL) {
-                return NGX_CONF_ERROR;
+                return NGX_ERROR;
             }
 
             hk->key.len = src[i].key.len - 5;
@@ -1469,7 +1486,7 @@
         copy = ngx_array_push_n(conf->params_len,
                                 sizeof(ngx_http_script_copy_code_t));
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = (ngx_http_script_code_pt) ngx_http_script_copy_len_code;
@@ -1482,7 +1499,7 @@
 
         copy = ngx_array_push_n(conf->params, size);
         if (copy == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         copy->code = ngx_http_script_copy_code;
@@ -1501,12 +1518,12 @@
         sc.values = &conf->params;
 
         if (ngx_http_script_compile(&sc) != NGX_OK) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1514,7 +1531,7 @@
 
         code = ngx_array_push_n(conf->params, sizeof(uintptr_t));
         if (code == NULL) {
-            return NGX_CONF_ERROR;
+            return NGX_ERROR;
         }
 
         *code = (uintptr_t) NULL;
@@ -1522,7 +1539,7 @@
 
     code = ngx_array_push_n(conf->params_len, sizeof(uintptr_t));
     if (code == NULL) {
-        return NGX_CONF_ERROR;
+        return NGX_ERROR;
     }
 
     *code = (uintptr_t) NULL;
@@ -1537,12 +1554,7 @@
     hash.pool = cf->pool;
     hash.temp_pool = NULL;
 
-    if (ngx_hash_init(&hash, headers_names.elts, headers_names.nelts) != NGX_OK)
-    {
-        return NGX_CONF_ERROR;
-    }
-
-    return NGX_CONF_OK;
+    return ngx_hash_init(&hash, headers_names.elts, headers_names.nelts);
 }
 
 


From mdounin at mdounin.ru  Mon Nov 14 13:26:18 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 14 Nov 2011 13:26:18 +0000
Subject: [nginx] svn commit:  r4279 - trunk/src/http/modules
Message-ID: <20111114132618.5943B3F9C22@mail.nginx.com>

Author: mdounin
Date: 2011-11-14 13:26:18 +0000 (Mon, 14 Nov 2011)
New Revision: 4279

Log:
Fixed fastcgi/scgi/uwsgi_param inheritance.

The following problems were fixed:

1. Directive fastcgi_cache affected headers sent to backends in unrelated
   servers / locations (see ticket #45).

2. If-Unmodified-Since, If-Match and If-Range headers were sent to backends
   if fastcgi_cache was used.

3. Cache-related headers were sent to backends if there were no fastcgi_param
   directives and fastcgi_cache was used at server level.


Modified:
   trunk/src/http/modules/ngx_http_fastcgi_module.c
   trunk/src/http/modules/ngx_http_scgi_module.c
   trunk/src/http/modules/ngx_http_uwsgi_module.c

Modified: trunk/src/http/modules/ngx_http_fastcgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_fastcgi_module.c	2011-11-14 13:24:43 UTC (rev 4278)
+++ trunk/src/http/modules/ngx_http_fastcgi_module.c	2011-11-14 13:26:18 UTC (rev 4279)
@@ -2365,8 +2365,11 @@
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
-    ngx_uint_t                    i;
+    ngx_uint_t                    i, nsrc;
     ngx_array_t                   headers_names;
+#if (NGX_HTTP_CACHE)
+    ngx_array_t                   params_merged;
+#endif
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -2374,36 +2377,32 @@
     ngx_http_script_copy_code_t  *copy;
 
     if (conf->params_source == NULL) {
-        conf->flushes = prev->flushes;
-        conf->params_len = prev->params_len;
-        conf->params = prev->params;
         conf->params_source = prev->params_source;
-        conf->headers_hash = prev->headers_hash;
 
+        if (prev->headers_hash.buckets
 #if (NGX_HTTP_CACHE)
+            && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
+#endif
+           )
+        {
+            conf->flushes = prev->flushes;
+            conf->params_len = prev->params_len;
+            conf->params = prev->params;
+            conf->headers_hash = prev->headers_hash;
+            conf->header_params = prev->header_params;
 
-        if (conf->params_source == NULL) {
-
-            if ((conf->upstream.cache == NULL)
-                == (prev->upstream.cache == NULL))
-            {
-                return NGX_OK;
-            }
-
-            /* 6 is a number of ngx_http_fastcgi_cache_headers entries */
-            conf->params_source = ngx_array_create(cf->pool, 6,
-                                                   sizeof(ngx_keyval_t));
-            if (conf->params_source == NULL) {
-                return NGX_ERROR;
-            }
-        }
-#else
-
-        if (conf->params_source == NULL) {
             return NGX_OK;
         }
+    }
 
+    if (conf->params_source == NULL
+#if (NGX_HTTP_CACHE)
+        && (conf->upstream.cache == NULL)
 #endif
+       )
+    {
+        conf->headers_hash.buckets = (void *) 1;
+        return NGX_OK;
     }
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
@@ -2422,39 +2421,68 @@
         return NGX_ERROR;
     }
 
-    src = conf->params_source->elts;
+    if (conf->params_source) {
+        src = conf->params_source->elts;
+        nsrc = conf->params_source->nelts;
 
+    } else {
+        src = NULL;
+        nsrc = 0;
+    }
+
 #if (NGX_HTTP_CACHE)
 
     if (conf->upstream.cache) {
         ngx_keyval_t  *h, *s;
 
-        for (h = ngx_http_fastcgi_cache_headers; h->key.len; h++) {
+        if (ngx_array_init(¶ms_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+            != NGX_OK)
+        {
+            return NGX_ERROR;
+        }
 
-            for (i = 0; i < conf->params_source->nelts; i++) {
+        for (i = 0; i < nsrc; i++) {
+
+            s = ngx_array_push(¶ms_merged);
+            if (s == NULL) {
+                return NGX_ERROR;
+            }
+
+            *s = src[i];
+        }
+
+        h = ngx_http_fastcgi_cache_headers;
+
+        while (h->key.len) {
+
+            src = params_merged.elts;
+            nsrc = params_merged.nelts;
+
+            for (i = 0; i < nsrc; i++) {
                 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                     goto next;
                 }
             }
 
-            s = ngx_array_push(conf->params_source);
+            s = ngx_array_push(¶ms_merged);
             if (s == NULL) {
                 return NGX_ERROR;
             }
 
             *s = *h;
 
-            src = conf->params_source->elts;
-
         next:
 
             h++;
         }
+
+        src = params_merged.elts;
+        nsrc = params_merged.nelts;
     }
 
 #endif
 
-    for (i = 0; i < conf->params_source->nelts; i++) {
+    for (i = 0; i < nsrc; i++) {
 
         if (src[i].key.len > sizeof("HTTP_") - 1
             && ngx_strncmp(src[i].key.data, "HTTP_", sizeof("HTTP_") - 1) == 0)

Modified: trunk/src/http/modules/ngx_http_scgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_scgi_module.c	2011-11-14 13:24:43 UTC (rev 4278)
+++ trunk/src/http/modules/ngx_http_scgi_module.c	2011-11-14 13:26:18 UTC (rev 4279)
@@ -1316,8 +1316,11 @@
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
-    ngx_uint_t                    i;
+    ngx_uint_t                    i, nsrc;
     ngx_array_t                   headers_names;
+#if (NGX_HTTP_CACHE)
+    ngx_array_t                   params_merged;
+#endif
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -1325,36 +1328,32 @@
     ngx_http_script_copy_code_t  *copy;
 
     if (conf->params_source == NULL) {
-        conf->flushes = prev->flushes;
-        conf->params_len = prev->params_len;
-        conf->params = prev->params;
         conf->params_source = prev->params_source;
-        conf->headers_hash = prev->headers_hash;
 
+        if (prev->headers_hash.buckets
 #if (NGX_HTTP_CACHE)
+            && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
+#endif
+           )
+        {
+            conf->flushes = prev->flushes;
+            conf->params_len = prev->params_len;
+            conf->params = prev->params;
+            conf->headers_hash = prev->headers_hash;
+            conf->header_params = prev->header_params;
 
-        if (conf->params_source == NULL) {
-
-            if ((conf->upstream.cache == NULL)
-                == (prev->upstream.cache == NULL))
-            {
-                return NGX_OK;
-            }
-
-            /* 6 is a number of ngx_http_scgi_cache_headers entries */
-            conf->params_source = ngx_array_create(cf->pool, 6,
-                                                   sizeof(ngx_keyval_t));
-            if (conf->params_source == NULL) {
-                return NGX_ERROR;
-            }
-        }
-#else
-
-        if (conf->params_source == NULL) {
             return NGX_OK;
         }
+    }
 
+    if (conf->params_source == NULL
+#if (NGX_HTTP_CACHE)
+        && (conf->upstream.cache == NULL)
 #endif
+       )
+    {
+        conf->headers_hash.buckets = (void *) 1;
+        return NGX_OK;
     }
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
@@ -1373,39 +1372,68 @@
         return NGX_ERROR;
     }
 
-    src = conf->params_source->elts;
+    if (conf->params_source) {
+        src = conf->params_source->elts;
+        nsrc = conf->params_source->nelts;
 
+    } else {
+        src = NULL;
+        nsrc = 0;
+    }
+
 #if (NGX_HTTP_CACHE)
 
     if (conf->upstream.cache) {
         ngx_keyval_t  *h, *s;
 
-        for (h = ngx_http_scgi_cache_headers; h->key.len; h++) {
+        if (ngx_array_init(¶ms_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+            != NGX_OK)
+        {
+            return NGX_ERROR;
+        }
 
-            for (i = 0; i < conf->params_source->nelts; i++) {
+        for (i = 0; i < nsrc; i++) {
+
+            s = ngx_array_push(¶ms_merged);
+            if (s == NULL) {
+                return NGX_ERROR;
+            }
+
+            *s = src[i];
+        }
+
+        h = ngx_http_scgi_cache_headers;
+
+        while (h->key.len) {
+
+            src = params_merged.elts;
+            nsrc = params_merged.nelts;
+
+            for (i = 0; i < nsrc; i++) {
                 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                     goto next;
                 }
             }
 
-            s = ngx_array_push(conf->params_source);
+            s = ngx_array_push(¶ms_merged);
             if (s == NULL) {
                 return NGX_ERROR;
             }
 
             *s = *h;
 
-            src = conf->params_source->elts;
-
         next:
 
             h++;
         }
+
+        src = params_merged.elts;
+        nsrc = params_merged.nelts;
     }
 
 #endif
 
-    for (i = 0; i < conf->params_source->nelts; i++) {
+    for (i = 0; i < nsrc; i++) {
 
         if (src[i].key.len > sizeof("HTTP_") - 1
             && ngx_strncmp(src[i].key.data, "HTTP_", sizeof("HTTP_") - 1) == 0)

Modified: trunk/src/http/modules/ngx_http_uwsgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_uwsgi_module.c	2011-11-14 13:24:43 UTC (rev 4278)
+++ trunk/src/http/modules/ngx_http_uwsgi_module.c	2011-11-14 13:26:18 UTC (rev 4279)
@@ -1374,8 +1374,11 @@
     u_char                       *p;
     size_t                        size;
     uintptr_t                    *code;
-    ngx_uint_t                    i;
+    ngx_uint_t                    i, nsrc;
     ngx_array_t                   headers_names;
+#if (NGX_HTTP_CACHE)
+    ngx_array_t                   params_merged;
+#endif
     ngx_keyval_t                 *src;
     ngx_hash_key_t               *hk;
     ngx_hash_init_t               hash;
@@ -1383,36 +1386,32 @@
     ngx_http_script_copy_code_t  *copy;
 
     if (conf->params_source == NULL) {
-        conf->flushes = prev->flushes;
-        conf->params_len = prev->params_len;
-        conf->params = prev->params;
         conf->params_source = prev->params_source;
-        conf->headers_hash = prev->headers_hash;
 
+        if (prev->headers_hash.buckets
 #if (NGX_HTTP_CACHE)
+            && ((conf->upstream.cache == NULL) == (prev->upstream.cache == NULL))
+#endif
+           )
+        {
+            conf->flushes = prev->flushes;
+            conf->params_len = prev->params_len;
+            conf->params = prev->params;
+            conf->headers_hash = prev->headers_hash;
+            conf->header_params = prev->header_params;
 
-        if (conf->params_source == NULL) {
-
-            if ((conf->upstream.cache == NULL)
-                == (prev->upstream.cache == NULL))
-            {
-                return NGX_OK;
-            }
-
-            /* 6 is a number of ngx_http_uwsgi_cache_headers entries */
-            conf->params_source = ngx_array_create(cf->pool, 6,
-                                                   sizeof(ngx_keyval_t));
-            if (conf->params_source == NULL) {
-                return NGX_ERROR;
-            }
-        }
-#else
-
-        if (conf->params_source == NULL) {
             return NGX_OK;
         }
+    }
 
+    if (conf->params_source == NULL
+#if (NGX_HTTP_CACHE)
+        && (conf->upstream.cache == NULL)
 #endif
+       )
+    {
+        conf->headers_hash.buckets = (void *) 1;
+        return NGX_OK;
     }
 
     conf->params_len = ngx_array_create(cf->pool, 64, 1);
@@ -1431,39 +1430,68 @@
         return NGX_ERROR;
     }
 
-    src = conf->params_source->elts;
+    if (conf->params_source) {
+        src = conf->params_source->elts;
+        nsrc = conf->params_source->nelts;
 
+    } else {
+        src = NULL;
+        nsrc = 0;
+    }
+
 #if (NGX_HTTP_CACHE)
 
     if (conf->upstream.cache) {
         ngx_keyval_t  *h, *s;
 
-        for (h = ngx_http_uwsgi_cache_headers; h->key.len; h++) {
+        if (ngx_array_init(¶ms_merged, cf->temp_pool, 4, sizeof(ngx_keyval_t))
+            != NGX_OK)
+        {
+            return NGX_ERROR;
+        }
 
-            for (i = 0; i < conf->params_source->nelts; i++) {
+        for (i = 0; i < nsrc; i++) {
+
+            s = ngx_array_push(¶ms_merged);
+            if (s == NULL) {
+                return NGX_ERROR;
+            }
+
+            *s = src[i];
+        }
+
+        h = ngx_http_uwsgi_cache_headers;
+
+        while (h->key.len) {
+
+            src = params_merged.elts;
+            nsrc = params_merged.nelts;
+
+            for (i = 0; i < nsrc; i++) {
                 if (ngx_strcasecmp(h->key.data, src[i].key.data) == 0) {
                     goto next;
                 }
             }
 
-            s = ngx_array_push(conf->params_source);
+            s = ngx_array_push(¶ms_merged);
             if (s == NULL) {
                 return NGX_ERROR;
             }
 
             *s = *h;
 
-            src = conf->params_source->elts;
-
         next:
 
             h++;
         }
+
+        src = params_merged.elts;
+        nsrc = params_merged.nelts;
     }
 
 #endif
 
-    for (i = 0; i < conf->params_source->nelts; i++) {
+    for (i = 0; i < nsrc; i++) {
 
         if (src[i].key.len > sizeof("HTTP_") - 1
             && ngx_strncmp(src[i].key.data, "HTTP_", sizeof("HTTP_") - 1) == 0)


From mdounin at mdounin.ru  Mon Nov 14 13:38:04 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 14 Nov 2011 13:38:04 +0000
Subject: [nginx] svn commit:  r4280 - trunk/src/core
Message-ID: <20111114133804.AD76A3F9C1B@mail.nginx.com>

Author: mdounin
Date: 2011-11-14 13:38:02 +0000 (Mon, 14 Nov 2011)
New Revision: 4280

Log:
Reverted incorrect change in internal md5 (part of r3928).


Modified:
   trunk/src/core/ngx_md5.c

Modified: trunk/src/core/ngx_md5.c
===================================================================
--- trunk/src/core/ngx_md5.c	2011-11-14 13:26:18 UTC (rev 4279)
+++ trunk/src/core/ngx_md5.c	2011-11-14 13:38:02 UTC (rev 4280)
@@ -47,7 +47,8 @@
             return;
         }
 
-        data = ngx_cpymem(&ctx->buffer[used], data, free);
+        ngx_memcpy(&ctx->buffer[used], data, free);
+        data = (u_char *) data + free;
         size -= free;
         (void) ngx_md5_body(ctx, ctx->buffer, 64);
     }


From vbart at nginx.com  Mon Nov 14 14:04:43 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Mon, 14 Nov 2011 14:04:43 +0000
Subject: [nginx] svn commit: r4281 - in trunk: auto src/http src/http/modules
Message-ID: 

Author: vbart
Date: 2011-11-14 14:04:42 +0000 (Mon, 14 Nov 2011)
New Revision: 4281

Added:
   trunk/src/http/modules/ngx_http_limit_conn_module.c
Removed:
   trunk/src/http/modules/ngx_http_limit_zone_module.c
Modified:
   trunk/auto/modules
   trunk/auto/options
   trunk/auto/sources
   trunk/auto/summary
   trunk/src/http/ngx_http_request.h
Log:
Renamed ngx_http_limit_zone_module to ngx_http_limit_conn_module.


Modified: trunk/auto/modules
===================================================================
--- trunk/auto/modules	2011-11-14 13:38:02 UTC (rev 4280)
+++ trunk/auto/modules	2011-11-14 14:04:42 UTC (rev 4281)
@@ -210,9 +210,9 @@
     HTTP_SRCS="$HTTP_SRCS $HTTP_ACCESS_SRCS"
 fi
 
-if [ $HTTP_LIMIT_ZONE = YES ]; then
-    HTTP_MODULES="$HTTP_MODULES $HTTP_LIMIT_ZONE_MODULE"
-    HTTP_SRCS="$HTTP_SRCS $HTTP_LIMIT_ZONE_SRCS"
+if [ $HTTP_LIMIT_CONN = YES ]; then
+    HTTP_MODULES="$HTTP_MODULES $HTTP_LIMIT_CONN_MODULE"
+    HTTP_SRCS="$HTTP_SRCS $HTTP_LIMIT_CONN_SRCS"
 fi
 
 if [ $HTTP_LIMIT_REQ = YES ]; then

Modified: trunk/auto/options
===================================================================
--- trunk/auto/options	2011-11-14 13:38:02 UTC (rev 4280)
+++ trunk/auto/options	2011-11-14 14:04:42 UTC (rev 4281)
@@ -85,7 +85,7 @@
 HTTP_SCGI=YES
 HTTP_PERL=NO
 HTTP_MEMCACHED=YES
-HTTP_LIMIT_ZONE=YES
+HTTP_LIMIT_CONN=YES
 HTTP_LIMIT_REQ=YES
 HTTP_EMPTY_GIF=YES
 HTTP_BROWSER=YES
@@ -143,6 +143,8 @@
 
 NGX_CPU_CACHE_LINE=
 
+NGX_POST_CONF_MSG=
+
 opt=
 
 for option
@@ -227,7 +229,13 @@
         --without-http_uwsgi_module)     HTTP_UWSGI=NO              ;;
         --without-http_scgi_module)      HTTP_SCGI=NO               ;;
         --without-http_memcached_module) HTTP_MEMCACHED=NO          ;;
-        --without-http_limit_zone_module) HTTP_LIMIT_ZONE=NO        ;;
+        --without-http_limit_zone_module)
+            HTTP_LIMIT_CONN=NO
+            NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
+$0: warning: the \"--without-http_limit_zone_module\" option is deprecated, \
+use the \"--without-http_limit_conn_module\" option instead"
+        ;;
+        --without-http_limit_conn_module) HTTP_LIMIT_CONN=NO        ;;
         --without-http_limit_req_module) HTTP_LIMIT_REQ=NO         ;;
         --without-http_empty_gif_module) HTTP_EMPTY_GIF=NO          ;;
         --without-http_browser_module)   HTTP_BROWSER=NO            ;;
@@ -364,7 +372,7 @@
   --without-http_uwsgi_module        disable ngx_http_uwsgi_module
   --without-http_scgi_module         disable ngx_http_scgi_module
   --without-http_memcached_module    disable ngx_http_memcached_module
-  --without-http_limit_zone_module   disable ngx_http_limit_zone_module
+  --without-http_limit_conn_module   disable ngx_http_limit_conn_module
   --without-http_limit_req_module    disable ngx_http_limit_req_module
   --without-http_empty_gif_module    disable ngx_http_empty_gif_module
   --without-http_browser_module      disable ngx_http_browser_module

Modified: trunk/auto/sources
===================================================================
--- trunk/auto/sources	2011-11-14 13:38:02 UTC (rev 4280)
+++ trunk/auto/sources	2011-11-14 14:04:42 UTC (rev 4281)
@@ -435,8 +435,8 @@
 HTTP_MEMCACHED_SRCS=src/http/modules/ngx_http_memcached_module.c
 
 
-HTTP_LIMIT_ZONE_MODULE=ngx_http_limit_zone_module
-HTTP_LIMIT_ZONE_SRCS=src/http/modules/ngx_http_limit_zone_module.c
+HTTP_LIMIT_CONN_MODULE=ngx_http_limit_conn_module
+HTTP_LIMIT_CONN_SRCS=src/http/modules/ngx_http_limit_conn_module.c
 
 
 HTTP_LIMIT_REQ_MODULE=ngx_http_limit_req_module

Modified: trunk/auto/summary
===================================================================
--- trunk/auto/summary	2011-11-14 13:38:02 UTC (rev 4280)
+++ trunk/auto/summary	2011-11-14 14:04:42 UTC (rev 4281)
@@ -111,3 +111,5 @@
 if [ $HTTP_SCGI = YES ]; then
     echo "  nginx http scgi temporary files: \"$NGX_HTTP_SCGI_TEMP_PATH\""
 fi
+
+echo "$NGX_POST_CONF_MSG"

Copied: trunk/src/http/modules/ngx_http_limit_conn_module.c (from rev 4274, trunk/src/http/modules/ngx_http_limit_zone_module.c)
===================================================================
--- trunk/src/http/modules/ngx_http_limit_conn_module.c	                        (rev 0)
+++ trunk/src/http/modules/ngx_http_limit_conn_module.c	2011-11-14 14:04:42 UTC (rev 4281)
@@ -0,0 +1,751 @@
+
+/*
+ * Copyright (C) Igor Sysoev
+ */
+
+
+#include 
+#include 
+#include 
+
+
+typedef struct {
+    u_char              color;
+    u_char              len;
+    u_short             conn;
+    u_char              data[1];
+} ngx_http_limit_conn_node_t;
+
+
+typedef struct {
+    ngx_shm_zone_t     *shm_zone;
+    ngx_rbtree_node_t  *node;
+} ngx_http_limit_conn_cleanup_t;
+
+
+typedef struct {
+    ngx_rbtree_t       *rbtree;
+    ngx_int_t           index;
+    ngx_str_t           var;
+} ngx_http_limit_conn_ctx_t;
+
+
+typedef struct {
+    ngx_shm_zone_t     *shm_zone;
+    ngx_uint_t          conn;
+} ngx_http_limit_conn_limit_t;
+
+
+typedef struct {
+    ngx_array_t         limits;
+    ngx_uint_t          log_level;
+} ngx_http_limit_conn_conf_t;
+
+
+static ngx_rbtree_node_t *ngx_http_limit_conn_lookup(ngx_rbtree_t *rbtree,
+    ngx_http_variable_value_t *vv, uint32_t hash);
+static void ngx_http_limit_conn_cleanup(void *data);
+static ngx_inline void ngx_http_limit_conn_cleanup_all(ngx_pool_t *pool);
+
+static void *ngx_http_limit_conn_create_conf(ngx_conf_t *cf);
+static char *ngx_http_limit_conn_merge_conf(ngx_conf_t *cf, void *parent,
+    void *child);
+static char *ngx_http_limit_conn_zone(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+static char *ngx_http_limit_zone(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+static char *ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+static ngx_int_t ngx_http_limit_conn_init(ngx_conf_t *cf);
+
+
+static ngx_conf_deprecated_t  ngx_conf_deprecated_limit_zone = {
+    ngx_conf_deprecated, "limit_zone", "limit_conn_zone"
+};
+
+
+static ngx_conf_enum_t  ngx_http_limit_conn_log_levels[] = {
+    { ngx_string("info"), NGX_LOG_INFO },
+    { ngx_string("notice"), NGX_LOG_NOTICE },
+    { ngx_string("warn"), NGX_LOG_WARN },
+    { ngx_string("error"), NGX_LOG_ERR },
+    { ngx_null_string, 0 }
+};
+
+
+static ngx_command_t  ngx_http_limit_conn_commands[] = {
+
+    { ngx_string("limit_conn_zone"),
+      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE2,
+      ngx_http_limit_conn_zone,
+      0,
+      0,
+      NULL },
+
+    { ngx_string("limit_zone"),
+      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE3,
+      ngx_http_limit_zone,
+      0,
+      0,
+      NULL },
+
+    { ngx_string("limit_conn"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2,
+      ngx_http_limit_conn,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      0,
+      NULL },
+
+    { ngx_string("limit_conn_log_level"),
+      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+      ngx_conf_set_enum_slot,
+      NGX_HTTP_LOC_CONF_OFFSET,
+      offsetof(ngx_http_limit_conn_conf_t, log_level),
+      &ngx_http_limit_conn_log_levels },
+
+      ngx_null_command
+};
+
+
+static ngx_http_module_t  ngx_http_limit_conn_module_ctx = {
+    NULL,                                  /* preconfiguration */
+    ngx_http_limit_conn_init,              /* postconfiguration */
+
+    NULL,                                  /* create main configuration */
+    NULL,                                  /* init main configuration */
+
+    NULL,                                  /* create server configuration */
+    NULL,                                  /* merge server configuration */
+
+    ngx_http_limit_conn_create_conf,       /* create location configration */
+    ngx_http_limit_conn_merge_conf         /* merge location configration */
+};
+
+
+ngx_module_t  ngx_http_limit_conn_module = {
+    NGX_MODULE_V1,
+    &ngx_http_limit_conn_module_ctx,       /* module context */
+    ngx_http_limit_conn_commands,          /* module directives */
+    NGX_HTTP_MODULE,                       /* module type */
+    NULL,                                  /* init master */
+    NULL,                                  /* init module */
+    NULL,                                  /* init process */
+    NULL,                                  /* init thread */
+    NULL,                                  /* exit thread */
+    NULL,                                  /* exit process */
+    NULL,                                  /* exit master */
+    NGX_MODULE_V1_PADDING
+};
+
+
+static ngx_int_t
+ngx_http_limit_conn_handler(ngx_http_request_t *r)
+{
+    size_t                          len, n;
+    uint32_t                        hash;
+    ngx_uint_t                      i;
+    ngx_slab_pool_t                *shpool;
+    ngx_rbtree_node_t              *node;
+    ngx_pool_cleanup_t             *cln;
+    ngx_http_variable_value_t      *vv;
+    ngx_http_limit_conn_ctx_t      *ctx;
+    ngx_http_limit_conn_node_t     *lc;
+    ngx_http_limit_conn_conf_t     *lccf;
+    ngx_http_limit_conn_limit_t    *limits;
+    ngx_http_limit_conn_cleanup_t  *lccln;
+
+    if (r->main->limit_conn_set) {
+        return NGX_DECLINED;
+    }
+
+    r->main->limit_conn_set = 1;
+
+    lccf = ngx_http_get_module_loc_conf(r, ngx_http_limit_conn_module);
+    limits = lccf->limits.elts;
+
+    for (i = 0; i < lccf->limits.nelts; i++) {
+        ctx = limits[i].shm_zone->data;
+
+        vv = ngx_http_get_indexed_variable(r, ctx->index);
+
+        if (vv == NULL || vv->not_found) {
+            continue;
+        }
+
+        len = vv->len;
+
+        if (len == 0) {
+            continue;
+        }
+
+        if (len > 255) {
+            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+                          "the value of the \"%V\" variable "
+                          "is more than 255 bytes: \"%v\"",
+                          &ctx->var, vv);
+            continue;
+        }
+
+        hash = ngx_crc32_short(vv->data, len);
+
+        shpool = (ngx_slab_pool_t *) limits[i].shm_zone->shm.addr;
+
+        ngx_shmtx_lock(&shpool->mutex);
+
+        node = ngx_http_limit_conn_lookup(ctx->rbtree, vv, hash);
+
+        if (node == NULL) {
+
+            n = offsetof(ngx_rbtree_node_t, color)
+                + offsetof(ngx_http_limit_conn_node_t, data)
+                + len;
+
+            node = ngx_slab_alloc_locked(shpool, n);
+
+            if (node == NULL) {
+                ngx_shmtx_unlock(&shpool->mutex);
+                ngx_http_limit_conn_cleanup_all(r->pool);
+                return NGX_HTTP_SERVICE_UNAVAILABLE;
+            }
+
+            lc = (ngx_http_limit_conn_node_t *) &node->color;
+
+            node->key = hash;
+            lc->len = (u_char) len;
+            lc->conn = 1;
+            ngx_memcpy(lc->data, vv->data, len);
+
+            ngx_rbtree_insert(ctx->rbtree, node);
+
+        } else {
+
+            lc = (ngx_http_limit_conn_node_t *) &node->color;
+
+            if ((ngx_uint_t) lc->conn >= limits[i].conn) {
+
+                ngx_shmtx_unlock(&shpool->mutex);
+
+                ngx_log_error(lccf->log_level, r->connection->log, 0,
+                              "limiting connections by zone \"%V\"",
+                              &limits[i].shm_zone->shm.name);
+
+                ngx_http_limit_conn_cleanup_all(r->pool);
+                return NGX_HTTP_SERVICE_UNAVAILABLE;
+            }
+
+            lc->conn++;
+        }
+
+        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+                       "limit zone: %08XD %d", node->key, lc->conn);
+
+        ngx_shmtx_unlock(&shpool->mutex);
+
+        cln = ngx_pool_cleanup_add(r->pool,
+                                   sizeof(ngx_http_limit_conn_cleanup_t));
+        if (cln == NULL) {
+            return NGX_HTTP_INTERNAL_SERVER_ERROR;
+        }
+
+        cln->handler = ngx_http_limit_conn_cleanup;
+        lccln = cln->data;
+
+        lccln->shm_zone = limits[i].shm_zone;
+        lccln->node = node;
+    }
+
+    return NGX_DECLINED;
+}
+
+
+static void
+ngx_http_limit_conn_rbtree_insert_value(ngx_rbtree_node_t *temp,
+    ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel)
+{
+    ngx_rbtree_node_t           **p;
+    ngx_http_limit_conn_node_t   *lcn, *lcnt;
+
+    for ( ;; ) {
+
+        if (node->key < temp->key) {
+
+            p = &temp->left;
+
+        } else if (node->key > temp->key) {
+
+            p = &temp->right;
+
+        } else { /* node->key == temp->key */
+
+            lcn = (ngx_http_limit_conn_node_t *) &node->color;
+            lcnt = (ngx_http_limit_conn_node_t *) &temp->color;
+
+            p = (ngx_memn2cmp(lcn->data, lcnt->data, lcn->len, lcnt->len) < 0)
+                ? &temp->left : &temp->right;
+        }
+
+        if (*p == sentinel) {
+            break;
+        }
+
+        temp = *p;
+    }
+
+    *p = node;
+    node->parent = temp;
+    node->left = sentinel;
+    node->right = sentinel;
+    ngx_rbt_red(node);
+}
+
+
+static ngx_rbtree_node_t *
+ngx_http_limit_conn_lookup(ngx_rbtree_t *rbtree, ngx_http_variable_value_t *vv,
+    uint32_t hash)
+{
+    ngx_int_t                    rc;
+    ngx_rbtree_node_t           *node, *sentinel;
+    ngx_http_limit_conn_node_t  *lcn;
+
+    node = rbtree->root;
+    sentinel = rbtree->sentinel;
+
+    while (node != sentinel) {
+
+        if (hash < node->key) {
+            node = node->left;
+            continue;
+        }
+
+        if (hash > node->key) {
+            node = node->right;
+            continue;
+        }
+
+        /* hash == node->key */
+
+        do {
+            lcn = (ngx_http_limit_conn_node_t *) &node->color;
+
+            rc = ngx_memn2cmp(vv->data, lcn->data,
+                              (size_t) vv->len, (size_t) lcn->len);
+            if (rc == 0) {
+                return node;
+            }
+
+            node = (rc < 0) ? node->left : node->right;
+
+        } while (node != sentinel && hash == node->key);
+
+        break;
+    }
+
+    return NULL;
+}
+
+
+static void
+ngx_http_limit_conn_cleanup(void *data)
+{
+    ngx_http_limit_conn_cleanup_t  *lccln = data;
+
+    ngx_slab_pool_t             *shpool;
+    ngx_rbtree_node_t           *node;
+    ngx_http_limit_conn_ctx_t   *ctx;
+    ngx_http_limit_conn_node_t  *lc;
+
+    ctx = lccln->shm_zone->data;
+    shpool = (ngx_slab_pool_t *) lccln->shm_zone->shm.addr;
+    node = lccln->node;
+    lc = (ngx_http_limit_conn_node_t *) &node->color;
+
+    ngx_shmtx_lock(&shpool->mutex);
+
+    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, lccln->shm_zone->shm.log, 0,
+                   "limit zone cleanup: %08XD %d", node->key, lc->conn);
+
+    lc->conn--;
+
+    if (lc->conn == 0) {
+        ngx_rbtree_delete(ctx->rbtree, node);
+        ngx_slab_free_locked(shpool, node);
+    }
+
+    ngx_shmtx_unlock(&shpool->mutex);
+}
+
+
+static ngx_inline void
+ngx_http_limit_conn_cleanup_all(ngx_pool_t *pool)
+{
+    ngx_pool_cleanup_t  *cln;
+
+    cln = pool->cleanup;
+
+    while (cln && cln->handler == ngx_http_limit_conn_cleanup) {
+        ngx_http_limit_conn_cleanup(cln->data);
+        cln = cln->next;
+    }
+
+    pool->cleanup = cln;
+}
+
+
+static ngx_int_t
+ngx_http_limit_conn_init_zone(ngx_shm_zone_t *shm_zone, void *data)
+{
+    ngx_http_limit_conn_ctx_t  *octx = data;
+
+    size_t                      len;
+    ngx_slab_pool_t            *shpool;
+    ngx_rbtree_node_t          *sentinel;
+    ngx_http_limit_conn_ctx_t  *ctx;
+
+    ctx = shm_zone->data;
+
+    if (octx) {
+        if (ngx_strcmp(ctx->var.data, octx->var.data) != 0) {
+            ngx_log_error(NGX_LOG_EMERG, shm_zone->shm.log, 0,
+                          "limit_conn_zone \"%V\" uses the \"%V\" variable "
+                          "while previously it used the \"%V\" variable",
+                          &shm_zone->shm.name, &ctx->var, &octx->var);
+            return NGX_ERROR;
+        }
+
+        ctx->rbtree = octx->rbtree;
+
+        return NGX_OK;
+    }
+
+    shpool = (ngx_slab_pool_t *) shm_zone->shm.addr;
+
+    if (shm_zone->shm.exists) {
+        ctx->rbtree = shpool->data;
+
+        return NGX_OK;
+    }
+
+    ctx->rbtree = ngx_slab_alloc(shpool, sizeof(ngx_rbtree_t));
+    if (ctx->rbtree == NULL) {
+        return NGX_ERROR;
+    }
+
+    shpool->data = ctx->rbtree;
+
+    sentinel = ngx_slab_alloc(shpool, sizeof(ngx_rbtree_node_t));
+    if (sentinel == NULL) {
+        return NGX_ERROR;
+    }
+
+    ngx_rbtree_init(ctx->rbtree, sentinel,
+                    ngx_http_limit_conn_rbtree_insert_value);
+
+    len = sizeof(" in limit_conn_zone \"\"") + shm_zone->shm.name.len;
+
+    shpool->log_ctx = ngx_slab_alloc(shpool, len);
+    if (shpool->log_ctx == NULL) {
+        return NGX_ERROR;
+    }
+
+    ngx_sprintf(shpool->log_ctx, " in limit_conn_zone \"%V\"%Z",
+                &shm_zone->shm.name);
+
+    return NGX_OK;
+}
+
+
+static void *
+ngx_http_limit_conn_create_conf(ngx_conf_t *cf)
+{
+    ngx_http_limit_conn_conf_t  *conf;
+
+    conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_conn_conf_t));
+    if (conf == NULL) {
+        return NULL;
+    }
+
+    /*
+     * set by ngx_pcalloc():
+     *
+     *     conf->limits.elts = NULL;
+     */
+
+    conf->log_level = NGX_CONF_UNSET_UINT;
+
+    return conf;
+}
+
+
+static char *
+ngx_http_limit_conn_merge_conf(ngx_conf_t *cf, void *parent, void *child)
+{
+    ngx_http_limit_conn_conf_t *prev = parent;
+    ngx_http_limit_conn_conf_t *conf = child;
+
+    if (conf->limits.elts == NULL) {
+        *conf = *prev;
+    }
+
+    ngx_conf_merge_uint_value(conf->log_level, prev->log_level, NGX_LOG_ERR);
+
+    return NGX_CONF_OK;
+}
+
+
+static char *
+ngx_http_limit_conn_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    u_char                     *p;
+    ssize_t                     size;
+    ngx_str_t                  *value, name, s;
+    ngx_uint_t                  i;
+    ngx_shm_zone_t             *shm_zone;
+    ngx_http_limit_conn_ctx_t  *ctx;
+
+    value = cf->args->elts;
+
+    ctx = NULL;
+    size = 0;
+    name.len = 0;
+
+    for (i = 1; i < cf->args->nelts; i++) {
+
+        if (ngx_strncmp(value[i].data, "zone=", 5) == 0) {
+
+            name.data = value[i].data + 5;
+
+            p = (u_char *) ngx_strchr(name.data, ':');
+
+            if (p == NULL) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "invalid zone size \"%V\"", &value[i]);
+                return NGX_CONF_ERROR;
+            }
+
+            name.len = p - name.data;
+
+            s.data = p + 1;
+            s.len = value[i].data + value[i].len - s.data;
+
+            size = ngx_parse_size(&s);
+
+            if (size == NGX_ERROR) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "invalid zone size \"%V\"", &value[i]);
+                return NGX_CONF_ERROR;
+            }
+
+            if (size < (ssize_t) (8 * ngx_pagesize)) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "zone \"%V\" is too small", &value[i]);
+                return NGX_CONF_ERROR;
+            }
+
+            continue;
+        }
+
+        if (value[i].data[0] == '$') {
+
+            value[i].len--;
+            value[i].data++;
+
+            ctx = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_conn_ctx_t));
+            if (ctx == NULL) {
+                return NGX_CONF_ERROR;
+            }
+
+            ctx->index = ngx_http_get_variable_index(cf, &value[i]);
+            if (ctx->index == NGX_ERROR) {
+                return NGX_CONF_ERROR;
+            }
+
+            ctx->var = value[i];
+
+            continue;
+        }
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid parameter \"%V\"", &value[i]);
+        return NGX_CONF_ERROR;
+    }
+
+    if (name.len == 0) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "\"%V\" must have \"zone\" parameter",
+                           &cmd->name);
+        return NGX_CONF_ERROR;
+    }
+
+    if (ctx == NULL) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "no variable is defined for %V \"%V\"",
+                           &cmd->name, &name);
+        return NGX_CONF_ERROR;
+    }
+
+    shm_zone = ngx_shared_memory_add(cf, &name, size,
+                                     &ngx_http_limit_conn_module);
+    if (shm_zone == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    if (shm_zone->data) {
+        ctx = shm_zone->data;
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "%V \"%V\" is already bound to variable \"%V\"",
+                           &cmd->name, &name, &ctx->var);
+        return NGX_CONF_ERROR;
+    }
+
+    shm_zone->init = ngx_http_limit_conn_init_zone;
+    shm_zone->data = ctx;
+
+    return NGX_CONF_OK;
+}
+
+
+static char *
+ngx_http_limit_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ssize_t                     n;
+    ngx_str_t                  *value;
+    ngx_shm_zone_t             *shm_zone;
+    ngx_http_limit_conn_ctx_t  *ctx;
+
+    ngx_conf_deprecated(cf, &ngx_conf_deprecated_limit_zone, NULL);
+
+    value = cf->args->elts;
+
+    if (value[2].data[0] != '$') {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid variable name \"%V\"", &value[2]);
+        return NGX_CONF_ERROR;
+    }
+
+    value[2].len--;
+    value[2].data++;
+
+    ctx = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_conn_ctx_t));
+    if (ctx == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    ctx->index = ngx_http_get_variable_index(cf, &value[2]);
+    if (ctx->index == NGX_ERROR) {
+        return NGX_CONF_ERROR;
+    }
+
+    ctx->var = value[2];
+
+    n = ngx_parse_size(&value[3]);
+
+    if (n == NGX_ERROR) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid size of limit_zone \"%V\"", &value[3]);
+        return NGX_CONF_ERROR;
+    }
+
+    if (n < (ngx_int_t) (8 * ngx_pagesize)) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "limit_zone \"%V\" is too small", &value[1]);
+        return NGX_CONF_ERROR;
+    }
+
+
+    shm_zone = ngx_shared_memory_add(cf, &value[1], n,
+                                     &ngx_http_limit_conn_module);
+    if (shm_zone == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    if (shm_zone->data) {
+        ctx = shm_zone->data;
+
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                        "limit_zone \"%V\" is already bound to variable \"%V\"",
+                        &value[1], &ctx->var);
+        return NGX_CONF_ERROR;
+    }
+
+    shm_zone->init = ngx_http_limit_conn_init_zone;
+    shm_zone->data = ctx;
+
+    return NGX_CONF_OK;
+}
+
+
+static char *
+ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_shm_zone_t               *shm_zone;
+    ngx_http_limit_conn_conf_t   *lccf = conf;
+    ngx_http_limit_conn_limit_t  *limit, *limits;
+
+    ngx_str_t  *value;
+    ngx_int_t   n;
+    ngx_uint_t  i;
+
+    value = cf->args->elts;
+
+    shm_zone = ngx_shared_memory_add(cf, &value[1], 0,
+                                     &ngx_http_limit_conn_module);
+    if (shm_zone == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    limits = lccf->limits.elts;
+
+    if (limits == NULL) {
+        if (ngx_array_init(&lccf->limits, cf->pool, 1,
+                           sizeof(ngx_http_limit_conn_limit_t))
+            != NGX_OK)
+        {
+            return NGX_CONF_ERROR;
+        }
+    }
+
+    for (i = 0; i < lccf->limits.nelts; i++) {
+        if (shm_zone == limits[i].shm_zone) {
+            return "is duplicate";
+        }
+    }
+
+    n = ngx_atoi(value[2].data, value[2].len);
+    if (n <= 0) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid number of connections \"%V\"", &value[2]);
+        return NGX_CONF_ERROR;
+    }
+
+    if (n > 65535) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "connection limit must be less 65536");
+        return NGX_CONF_ERROR;
+    }
+
+    limit = ngx_array_push(&lccf->limits);
+    limit->conn = n;
+    limit->shm_zone = shm_zone;
+
+    return NGX_CONF_OK;
+}
+
+
+static ngx_int_t
+ngx_http_limit_conn_init(ngx_conf_t *cf)
+{
+    ngx_http_handler_pt        *h;
+    ngx_http_core_main_conf_t  *cmcf;
+
+    cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
+
+    h = ngx_array_push(&cmcf->phases[NGX_HTTP_PREACCESS_PHASE].handlers);
+    if (h == NULL) {
+        return NGX_ERROR;
+    }
+
+    *h = ngx_http_limit_conn_handler;
+
+    return NGX_OK;
+}

Deleted: trunk/src/http/modules/ngx_http_limit_zone_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-14 13:38:02 UTC (rev 4280)
+++ trunk/src/http/modules/ngx_http_limit_zone_module.c	2011-11-14 14:04:42 UTC (rev 4281)
@@ -1,751 +0,0 @@
-
-/*
- * Copyright (C) Igor Sysoev
- */
-
-
-#include 
-#include 
-#include 
-
-
-typedef struct {
-    u_char              color;
-    u_char              len;
-    u_short             conn;
-    u_char              data[1];
-} ngx_http_limit_zone_node_t;
-
-
-typedef struct {
-    ngx_shm_zone_t     *shm_zone;
-    ngx_rbtree_node_t  *node;
-} ngx_http_limit_zone_cleanup_t;
-
-
-typedef struct {
-    ngx_rbtree_t       *rbtree;
-    ngx_int_t           index;
-    ngx_str_t           var;
-} ngx_http_limit_zone_ctx_t;
-
-
-typedef struct {
-    ngx_shm_zone_t     *shm_zone;
-    ngx_uint_t          conn;
-} ngx_http_limit_zone_limit_t;
-
-
-typedef struct {
-    ngx_array_t         limits;
-    ngx_uint_t          log_level;
-} ngx_http_limit_zone_conf_t;
-
-
-static ngx_rbtree_node_t *ngx_http_limit_zone_lookup(ngx_rbtree_t *rbtree,
-    ngx_http_variable_value_t *vv, uint32_t hash);
-static void ngx_http_limit_zone_cleanup(void *data);
-static ngx_inline void ngx_http_limit_zone_cleanup_all(ngx_pool_t *pool);
-
-static void *ngx_http_limit_zone_create_conf(ngx_conf_t *cf);
-static char *ngx_http_limit_zone_merge_conf(ngx_conf_t *cf, void *parent,
-    void *child);
-static char *ngx_http_limit_conn_zone(ngx_conf_t *cf, ngx_command_t *cmd,
-    void *conf);
-static char *ngx_http_limit_zone(ngx_conf_t *cf, ngx_command_t *cmd,
-    void *conf);
-static char *ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd,
-    void *conf);
-static ngx_int_t ngx_http_limit_zone_init(ngx_conf_t *cf);
-
-
-static ngx_conf_deprecated_t  ngx_conf_deprecated_limit_zone = {
-    ngx_conf_deprecated, "limit_zone", "limit_conn_zone"
-};
-
-
-static ngx_conf_enum_t  ngx_http_limit_conn_log_levels[] = {
-    { ngx_string("info"), NGX_LOG_INFO },
-    { ngx_string("notice"), NGX_LOG_NOTICE },
-    { ngx_string("warn"), NGX_LOG_WARN },
-    { ngx_string("error"), NGX_LOG_ERR },
-    { ngx_null_string, 0 }
-};
-
-
-static ngx_command_t  ngx_http_limit_zone_commands[] = {
-
-    { ngx_string("limit_conn_zone"),
-      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE2,
-      ngx_http_limit_conn_zone,
-      0,
-      0,
-      NULL },
-
-    { ngx_string("limit_zone"),
-      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE3,
-      ngx_http_limit_zone,
-      0,
-      0,
-      NULL },
-
-    { ngx_string("limit_conn"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE2,
-      ngx_http_limit_conn,
-      NGX_HTTP_LOC_CONF_OFFSET,
-      0,
-      NULL },
-
-    { ngx_string("limit_conn_log_level"),
-      NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
-      ngx_conf_set_enum_slot,
-      NGX_HTTP_LOC_CONF_OFFSET,
-      offsetof(ngx_http_limit_zone_conf_t, log_level),
-      &ngx_http_limit_conn_log_levels },
-
-      ngx_null_command
-};
-
-
-static ngx_http_module_t  ngx_http_limit_zone_module_ctx = {
-    NULL,                                  /* preconfiguration */
-    ngx_http_limit_zone_init,              /* postconfiguration */
-
-    NULL,                                  /* create main configuration */
-    NULL,                                  /* init main configuration */
-
-    NULL,                                  /* create server configuration */
-    NULL,                                  /* merge server configuration */
-
-    ngx_http_limit_zone_create_conf,       /* create location configration */
-    ngx_http_limit_zone_merge_conf         /* merge location configration */
-};
-
-
-ngx_module_t  ngx_http_limit_zone_module = {
-    NGX_MODULE_V1,
-    &ngx_http_limit_zone_module_ctx,       /* module context */
-    ngx_http_limit_zone_commands,          /* module directives */
-    NGX_HTTP_MODULE,                       /* module type */
-    NULL,                                  /* init master */
-    NULL,                                  /* init module */
-    NULL,                                  /* init process */
-    NULL,                                  /* init thread */
-    NULL,                                  /* exit thread */
-    NULL,                                  /* exit process */
-    NULL,                                  /* exit master */
-    NGX_MODULE_V1_PADDING
-};
-
-
-static ngx_int_t
-ngx_http_limit_zone_handler(ngx_http_request_t *r)
-{
-    size_t                          len, n;
-    uint32_t                        hash;
-    ngx_uint_t                      i;
-    ngx_slab_pool_t                *shpool;
-    ngx_rbtree_node_t              *node;
-    ngx_pool_cleanup_t             *cln;
-    ngx_http_variable_value_t      *vv;
-    ngx_http_limit_zone_ctx_t      *ctx;
-    ngx_http_limit_zone_node_t     *lz;
-    ngx_http_limit_zone_conf_t     *lzcf;
-    ngx_http_limit_zone_limit_t    *limits;
-    ngx_http_limit_zone_cleanup_t  *lzcln;
-
-    if (r->main->limit_zone_set) {
-        return NGX_DECLINED;
-    }
-
-    lzcf = ngx_http_get_module_loc_conf(r, ngx_http_limit_zone_module);
-    limits = lzcf->limits.elts;
-
-    r->main->limit_zone_set = 1;
-
-    for (i = 0; i < lzcf->limits.nelts; i++) {
-        ctx = limits[i].shm_zone->data;
-
-        vv = ngx_http_get_indexed_variable(r, ctx->index);
-
-        if (vv == NULL || vv->not_found) {
-            continue;
-        }
-
-        len = vv->len;
-
-        if (len == 0) {
-            continue;
-        }
-
-        if (len > 255) {
-            ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
-                          "the value of the \"%V\" variable "
-                          "is more than 255 bytes: \"%v\"",
-                          &ctx->var, vv);
-            continue;
-        }
-
-        hash = ngx_crc32_short(vv->data, len);
-
-        shpool = (ngx_slab_pool_t *) limits[i].shm_zone->shm.addr;
-
-        ngx_shmtx_lock(&shpool->mutex);
-
-        node = ngx_http_limit_zone_lookup(ctx->rbtree, vv, hash);
-
-        if (node == NULL) {
-
-            n = offsetof(ngx_rbtree_node_t, color)
-                + offsetof(ngx_http_limit_zone_node_t, data)
-                + len;
-
-            node = ngx_slab_alloc_locked(shpool, n);
-
-            if (node == NULL) {
-                ngx_shmtx_unlock(&shpool->mutex);
-                ngx_http_limit_zone_cleanup_all(r->pool);
-                return NGX_HTTP_SERVICE_UNAVAILABLE;
-            }
-
-            lz = (ngx_http_limit_zone_node_t *) &node->color;
-
-            node->key = hash;
-            lz->len = (u_char) len;
-            lz->conn = 1;
-            ngx_memcpy(lz->data, vv->data, len);
-
-            ngx_rbtree_insert(ctx->rbtree, node);
-
-        } else {
-
-            lz = (ngx_http_limit_zone_node_t *) &node->color;
-
-            if ((ngx_uint_t) lz->conn >= limits[i].conn) {
-
-                ngx_shmtx_unlock(&shpool->mutex);
-
-                ngx_log_error(lzcf->log_level, r->connection->log, 0,
-                              "limiting connections by zone \"%V\"",
-                              &limits[i].shm_zone->shm.name);
-
-                ngx_http_limit_zone_cleanup_all(r->pool);
-                return NGX_HTTP_SERVICE_UNAVAILABLE;
-            }
-
-            lz->conn++;
-        }
-
-        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
-                       "limit zone: %08XD %d", node->key, lz->conn);
-
-        ngx_shmtx_unlock(&shpool->mutex);
-
-        cln = ngx_pool_cleanup_add(r->pool,
-                                   sizeof(ngx_http_limit_zone_cleanup_t));
-        if (cln == NULL) {
-            return NGX_HTTP_INTERNAL_SERVER_ERROR;
-        }
-
-        cln->handler = ngx_http_limit_zone_cleanup;
-        lzcln = cln->data;
-
-        lzcln->shm_zone = limits[i].shm_zone;
-        lzcln->node = node;
-    }
-
-    return NGX_DECLINED;
-}
-
-
-static void
-ngx_http_limit_zone_rbtree_insert_value(ngx_rbtree_node_t *temp,
-    ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel)
-{
-    ngx_rbtree_node_t           **p;
-    ngx_http_limit_zone_node_t   *lzn, *lznt;
-
-    for ( ;; ) {
-
-        if (node->key < temp->key) {
-
-            p = &temp->left;
-
-        } else if (node->key > temp->key) {
-
-            p = &temp->right;
-
-        } else { /* node->key == temp->key */
-
-            lzn = (ngx_http_limit_zone_node_t *) &node->color;
-            lznt = (ngx_http_limit_zone_node_t *) &temp->color;
-
-            p = (ngx_memn2cmp(lzn->data, lznt->data, lzn->len, lznt->len) < 0)
-                ? &temp->left : &temp->right;
-        }
-
-        if (*p == sentinel) {
-            break;
-        }
-
-        temp = *p;
-    }
-
-    *p = node;
-    node->parent = temp;
-    node->left = sentinel;
-    node->right = sentinel;
-    ngx_rbt_red(node);
-}
-
-
-static ngx_rbtree_node_t *
-ngx_http_limit_zone_lookup(ngx_rbtree_t *rbtree, ngx_http_variable_value_t *vv,
-    uint32_t hash)
-{
-    ngx_int_t                    rc;
-    ngx_rbtree_node_t           *node, *sentinel;
-    ngx_http_limit_zone_node_t  *lzn;
-
-    node = rbtree->root;
-    sentinel = rbtree->sentinel;
-
-    while (node != sentinel) {
-
-        if (hash < node->key) {
-            node = node->left;
-            continue;
-        }
-
-        if (hash > node->key) {
-            node = node->right;
-            continue;
-        }
-
-        /* hash == node->key */
-
-        do {
-            lzn = (ngx_http_limit_zone_node_t *) &node->color;
-
-            rc = ngx_memn2cmp(vv->data, lzn->data,
-                              (size_t) vv->len, (size_t) lzn->len);
-            if (rc == 0) {
-                return node;
-            }
-
-            node = (rc < 0) ? node->left : node->right;
-
-        } while (node != sentinel && hash == node->key);
-
-        break;
-    }
-
-    return NULL;
-}
-
-
-static void
-ngx_http_limit_zone_cleanup(void *data)
-{
-    ngx_http_limit_zone_cleanup_t  *lzcln = data;
-
-    ngx_slab_pool_t             *shpool;
-    ngx_rbtree_node_t           *node;
-    ngx_http_limit_zone_ctx_t   *ctx;
-    ngx_http_limit_zone_node_t  *lz;
-
-    ctx = lzcln->shm_zone->data;
-    shpool = (ngx_slab_pool_t *) lzcln->shm_zone->shm.addr;
-    node = lzcln->node;
-    lz = (ngx_http_limit_zone_node_t *) &node->color;
-
-    ngx_shmtx_lock(&shpool->mutex);
-
-    ngx_log_debug2(NGX_LOG_DEBUG_HTTP, lzcln->shm_zone->shm.log, 0,
-                   "limit zone cleanup: %08XD %d", node->key, lz->conn);
-
-    lz->conn--;
-
-    if (lz->conn == 0) {
-        ngx_rbtree_delete(ctx->rbtree, node);
-        ngx_slab_free_locked(shpool, node);
-    }
-
-    ngx_shmtx_unlock(&shpool->mutex);
-}
-
-
-static ngx_inline void
-ngx_http_limit_zone_cleanup_all(ngx_pool_t *pool)
-{
-    ngx_pool_cleanup_t  *cln;
-
-    cln = pool->cleanup;
-
-    while (cln && cln->handler == ngx_http_limit_zone_cleanup) {
-        ngx_http_limit_zone_cleanup(cln->data);
-        cln = cln->next;
-    }
-
-    pool->cleanup = cln;
-}
-
-
-static ngx_int_t
-ngx_http_limit_zone_init_zone(ngx_shm_zone_t *shm_zone, void *data)
-{
-    ngx_http_limit_zone_ctx_t  *octx = data;
-
-    size_t                      len;
-    ngx_slab_pool_t            *shpool;
-    ngx_rbtree_node_t          *sentinel;
-    ngx_http_limit_zone_ctx_t  *ctx;
-
-    ctx = shm_zone->data;
-
-    if (octx) {
-        if (ngx_strcmp(ctx->var.data, octx->var.data) != 0) {
-            ngx_log_error(NGX_LOG_EMERG, shm_zone->shm.log, 0,
-                          "limit_conn_zone \"%V\" uses the \"%V\" variable "
-                          "while previously it used the \"%V\" variable",
-                          &shm_zone->shm.name, &ctx->var, &octx->var);
-            return NGX_ERROR;
-        }
-
-        ctx->rbtree = octx->rbtree;
-
-        return NGX_OK;
-    }
-
-    shpool = (ngx_slab_pool_t *) shm_zone->shm.addr;
-
-    if (shm_zone->shm.exists) {
-        ctx->rbtree = shpool->data;
-
-        return NGX_OK;
-    }
-
-    ctx->rbtree = ngx_slab_alloc(shpool, sizeof(ngx_rbtree_t));
-    if (ctx->rbtree == NULL) {
-        return NGX_ERROR;
-    }
-
-    shpool->data = ctx->rbtree;
-
-    sentinel = ngx_slab_alloc(shpool, sizeof(ngx_rbtree_node_t));
-    if (sentinel == NULL) {
-        return NGX_ERROR;
-    }
-
-    ngx_rbtree_init(ctx->rbtree, sentinel,
-                    ngx_http_limit_zone_rbtree_insert_value);
-
-    len = sizeof(" in limit_conn_zone \"\"") + shm_zone->shm.name.len;
-
-    shpool->log_ctx = ngx_slab_alloc(shpool, len);
-    if (shpool->log_ctx == NULL) {
-        return NGX_ERROR;
-    }
-
-    ngx_sprintf(shpool->log_ctx, " in limit_conn_zone \"%V\"%Z",
-                &shm_zone->shm.name);
-
-    return NGX_OK;
-}
-
-
-static void *
-ngx_http_limit_zone_create_conf(ngx_conf_t *cf)
-{
-    ngx_http_limit_zone_conf_t  *conf;
-
-    conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_zone_conf_t));
-    if (conf == NULL) {
-        return NULL;
-    }
-
-    /*
-     * set by ngx_pcalloc():
-     *
-     *     conf->limits.elts = NULL;
-     */
-
-    conf->log_level = NGX_CONF_UNSET_UINT;
-
-    return conf;
-}
-
-
-static char *
-ngx_http_limit_zone_merge_conf(ngx_conf_t *cf, void *parent, void *child)
-{
-    ngx_http_limit_zone_conf_t *prev = parent;
-    ngx_http_limit_zone_conf_t *conf = child;
-
-    if (conf->limits.elts == NULL) {
-        *conf = *prev;
-    }
-
-    ngx_conf_merge_uint_value(conf->log_level, prev->log_level, NGX_LOG_ERR);
-
-    return NGX_CONF_OK;
-}
-
-
-static char *
-ngx_http_limit_conn_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
-{
-    u_char                     *p;
-    ssize_t                     size;
-    ngx_str_t                  *value, name, s;
-    ngx_uint_t                  i;
-    ngx_shm_zone_t             *shm_zone;
-    ngx_http_limit_zone_ctx_t  *ctx;
-
-    value = cf->args->elts;
-
-    ctx = NULL;
-    size = 0;
-    name.len = 0;
-
-    for (i = 1; i < cf->args->nelts; i++) {
-
-        if (ngx_strncmp(value[i].data, "zone=", 5) == 0) {
-
-            name.data = value[i].data + 5;
-
-            p = (u_char *) ngx_strchr(name.data, ':');
-
-            if (p == NULL) {
-                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                                   "invalid zone size \"%V\"", &value[i]);
-                return NGX_CONF_ERROR;
-            }
-
-            name.len = p - name.data;
-
-            s.data = p + 1;
-            s.len = value[i].data + value[i].len - s.data;
-
-            size = ngx_parse_size(&s);
-
-            if (size == NGX_ERROR) {
-                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                                   "invalid zone size \"%V\"", &value[i]);
-                return NGX_CONF_ERROR;
-            }
-
-            if (size < (ssize_t) (8 * ngx_pagesize)) {
-                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                                   "zone \"%V\" is too small", &value[i]);
-                return NGX_CONF_ERROR;
-            }
-
-            continue;
-        }
-
-        if (value[i].data[0] == '$') {
-
-            value[i].len--;
-            value[i].data++;
-
-            ctx = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_zone_ctx_t));
-            if (ctx == NULL) {
-                return NGX_CONF_ERROR;
-            }
-
-            ctx->index = ngx_http_get_variable_index(cf, &value[i]);
-            if (ctx->index == NGX_ERROR) {
-                return NGX_CONF_ERROR;
-            }
-
-            ctx->var = value[i];
-
-            continue;
-        }
-
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "invalid parameter \"%V\"", &value[i]);
-        return NGX_CONF_ERROR;
-    }
-
-    if (name.len == 0) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "\"%V\" must have \"zone\" parameter",
-                           &cmd->name);
-        return NGX_CONF_ERROR;
-    }
-
-    if (ctx == NULL) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "no variable is defined for %V \"%V\"",
-                           &cmd->name, &name);
-        return NGX_CONF_ERROR;
-    }
-
-    shm_zone = ngx_shared_memory_add(cf, &name, size,
-                                     &ngx_http_limit_zone_module);
-    if (shm_zone == NULL) {
-        return NGX_CONF_ERROR;
-    }
-
-    if (shm_zone->data) {
-        ctx = shm_zone->data;
-
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "%V \"%V\" is already bound to variable \"%V\"",
-                           &cmd->name, &name, &ctx->var);
-        return NGX_CONF_ERROR;
-    }
-
-    shm_zone->init = ngx_http_limit_zone_init_zone;
-    shm_zone->data = ctx;
-
-    return NGX_CONF_OK;
-}
-
-
-static char *
-ngx_http_limit_zone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
-{
-    ssize_t                     n;
-    ngx_str_t                  *value;
-    ngx_shm_zone_t             *shm_zone;
-    ngx_http_limit_zone_ctx_t  *ctx;
-
-    ngx_conf_deprecated(cf, &ngx_conf_deprecated_limit_zone, NULL);
-
-    value = cf->args->elts;
-
-    if (value[2].data[0] != '$') {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "invalid variable name \"%V\"", &value[2]);
-        return NGX_CONF_ERROR;
-    }
-
-    value[2].len--;
-    value[2].data++;
-
-    ctx = ngx_pcalloc(cf->pool, sizeof(ngx_http_limit_zone_ctx_t));
-    if (ctx == NULL) {
-        return NGX_CONF_ERROR;
-    }
-
-    ctx->index = ngx_http_get_variable_index(cf, &value[2]);
-    if (ctx->index == NGX_ERROR) {
-        return NGX_CONF_ERROR;
-    }
-
-    ctx->var = value[2];
-
-    n = ngx_parse_size(&value[3]);
-
-    if (n == NGX_ERROR) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "invalid size of limit_zone \"%V\"", &value[3]);
-        return NGX_CONF_ERROR;
-    }
-
-    if (n < (ngx_int_t) (8 * ngx_pagesize)) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "limit_zone \"%V\" is too small", &value[1]);
-        return NGX_CONF_ERROR;
-    }
-
-
-    shm_zone = ngx_shared_memory_add(cf, &value[1], n,
-                                     &ngx_http_limit_zone_module);
-    if (shm_zone == NULL) {
-        return NGX_CONF_ERROR;
-    }
-
-    if (shm_zone->data) {
-        ctx = shm_zone->data;
-
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                        "limit_zone \"%V\" is already bound to variable \"%V\"",
-                        &value[1], &ctx->var);
-        return NGX_CONF_ERROR;
-    }
-
-    shm_zone->init = ngx_http_limit_zone_init_zone;
-    shm_zone->data = ctx;
-
-    return NGX_CONF_OK;
-}
-
-
-static char *
-ngx_http_limit_conn(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
-{
-    ngx_shm_zone_t               *shm_zone;
-    ngx_http_limit_zone_conf_t   *lzcf = conf;
-    ngx_http_limit_zone_limit_t  *limit, *limits;
-
-    ngx_str_t  *value;
-    ngx_int_t   n;
-    ngx_uint_t  i;
-
-    value = cf->args->elts;
-
-    shm_zone = ngx_shared_memory_add(cf, &value[1], 0,
-                                     &ngx_http_limit_zone_module);
-    if (shm_zone == NULL) {
-        return NGX_CONF_ERROR;
-    }
-
-    limits = lzcf->limits.elts;
-
-    if (limits == NULL) {
-        if (ngx_array_init(&lzcf->limits, cf->pool, 1,
-                           sizeof(ngx_http_limit_zone_limit_t))
-            != NGX_OK)
-        {
-            return NGX_CONF_ERROR;
-        }
-    }
-
-    for (i = 0; i < lzcf->limits.nelts; i++) {
-        if (shm_zone == limits[i].shm_zone) {
-            return "is duplicate";
-        }
-    }
-
-    n = ngx_atoi(value[2].data, value[2].len);
-    if (n <= 0) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "invalid number of connections \"%V\"", &value[2]);
-        return NGX_CONF_ERROR;
-    }
-
-    if (n > 65535) {
-        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                           "connection limit must be less 65536");
-        return NGX_CONF_ERROR;
-    }
-
-    limit = ngx_array_push(&lzcf->limits);
-    limit->conn = n;
-    limit->shm_zone = shm_zone;
-
-    return NGX_CONF_OK;
-}
-
-
-static ngx_int_t
-ngx_http_limit_zone_init(ngx_conf_t *cf)
-{
-    ngx_http_handler_pt        *h;
-    ngx_http_core_main_conf_t  *cmcf;
-
-    cmcf = ngx_http_conf_get_module_main_conf(cf, ngx_http_core_module);
-
-    h = ngx_array_push(&cmcf->phases[NGX_HTTP_PREACCESS_PHASE].handlers);
-    if (h == NULL) {
-        return NGX_ERROR;
-    }
-
-    *h = ngx_http_limit_zone_handler;
-
-    return NGX_OK;
-}

Modified: trunk/src/http/ngx_http_request.h
===================================================================
--- trunk/src/http/ngx_http_request.h	2011-11-14 13:38:02 UTC (rev 4280)
+++ trunk/src/http/ngx_http_request.h	2011-11-14 14:04:42 UTC (rev 4281)
@@ -480,7 +480,7 @@
      * ngx_http_limit_zone_module and ngx_http_limit_req_module
      * we use the single bits in the request structure
      */
-    unsigned                          limit_zone_set:1;
+    unsigned                          limit_conn_set:1;
     unsigned                          limit_req_set:1;
 
 #if 0


From vbart at nginx.com  Mon Nov 14 14:16:51 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Mon, 14 Nov 2011 14:16:51 +0000
Subject: [nginx] svn commit:  r4282 - trunk/conf
Message-ID: 

Author: vbart
Date: 2011-11-14 14:16:51 +0000 (Mon, 14 Nov 2011)
New Revision: 4282

Modified:
   trunk/conf/mime.types
Log:
Added image/webp and video/webm MIME types.


Modified: trunk/conf/mime.types
===================================================================
--- trunk/conf/mime.types	2011-11-14 14:04:42 UTC (rev 4281)
+++ trunk/conf/mime.types	2011-11-14 14:16:51 UTC (rev 4282)
@@ -22,6 +22,7 @@
     image/x-jng                           jng;
     image/x-ms-bmp                        bmp;
     image/svg+xml                         svg;
+    image/webp                            webp;
 
     application/java-archive              jar war ear;
     application/mac-binhex40              hqx;
@@ -69,6 +70,7 @@
     video/mp4                             mp4;
     video/mpeg                            mpeg mpg;
     video/quicktime                       mov;
+    video/webm                            webm;
     video/x-flv                           flv;
     video/x-m4v                           m4v;
     video/x-mng                           mng;


From igor at sysoev.ru  Mon Nov 14 14:42:48 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 14:42:48 +0000
Subject: [nginx] svn commit:  r4283 - trunk/src/http/modules
Message-ID: 

Author: is
Date: 2011-11-14 14:42:48 +0000 (Mon, 14 Nov 2011)
New Revision: 4283

Modified:
   trunk/src/http/modules/ngx_http_mp4_module.c
Log:
Fix of "Content-Length" header of MP4 response if start argument was used.

Patch by Piotr Sikora.


Modified: trunk/src/http/modules/ngx_http_mp4_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_mp4_module.c	2011-11-14 14:16:51 UTC (rev 4282)
+++ trunk/src/http/modules/ngx_http_mp4_module.c	2011-11-14 14:42:48 UTC (rev 4283)
@@ -1066,7 +1066,6 @@
 
     atom_data_size = mp4->mdat_data.buf->file_last - start_offset;
     mp4->mdat_data.buf->file_pos = start_offset;
-    mp4->content_length += atom_data_size;
 
     ngx_log_debug2(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0,
                    "mdat new offset @%O:%O", start_offset, atom_data_size);
@@ -1083,6 +1082,8 @@
         atom_header_size = sizeof(ngx_mp4_atom_header_t);
     }
 
+    mp4->content_length += atom_header_size + atom_data_size;
+
     ngx_mp4_set_32value(atom_header, atom_size);
     ngx_mp4_set_atom_name(atom_header, 'm', 'd', 'a', 't');
 


From igor at sysoev.ru  Mon Nov 14 14:59:01 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 14:59:01 +0000
Subject: [nginx] svn commit:  r4284 - in trunk/src: core os/unix os/win32
Message-ID: 

Author: is
Date: 2011-11-14 14:59:00 +0000 (Mon, 14 Nov 2011)
New Revision: 4284

Modified:
   trunk/src/core/nginx.c
   trunk/src/core/ngx_log.h
   trunk/src/os/unix/ngx_files.h
   trunk/src/os/win32/ngx_files.h
Log:
Introduction of simple ngx_write_stderr() instead of ngx_log_stderr()
for output of ./configure options, etc., since ngx_log_stderr() output
length is limited by 2048 characters defined as NGX_MAX_ERROR_STR.


Modified: trunk/src/core/nginx.c
===================================================================
--- trunk/src/core/nginx.c	2011-11-14 14:42:48 UTC (rev 4283)
+++ trunk/src/core/nginx.c	2011-11-14 14:59:00 UTC (rev 4284)
@@ -214,47 +214,49 @@
     }
 
     if (ngx_show_version) {
-        ngx_log_stderr(0, "nginx version: " NGINX_VER);
+        ngx_write_stderr("nginx version: " NGINX_VER NGX_LINEFEED);
 
         if (ngx_show_help) {
-            ngx_log_stderr(0,
+            ngx_write_stderr(
                 "Usage: nginx [-?hvVtq] [-s signal] [-c filename] "
-                             "[-p prefix] [-g directives]" CRLF CRLF
-                "Options:" CRLF
-                "  -?,-h         : this help" CRLF
-                "  -v            : show version and exit" CRLF
+                             "[-p prefix] [-g directives]" NGX_LINEFEED
+                             NGX_LINEFEED
+                "Options:" NGX_LINEFEED
+                "  -?,-h         : this help" NGX_LINEFEED
+                "  -v            : show version and exit" NGX_LINEFEED
                 "  -V            : show version and configure options then exit"
-                                   CRLF
-                "  -t            : test configuration and exit" CRLF
+                                   NGX_LINEFEED
+                "  -t            : test configuration and exit" NGX_LINEFEED
                 "  -q            : suppress non-error messages "
-                                   "during configuration testing" CRLF
+                                   "during configuration testing" NGX_LINEFEED
                 "  -s signal     : send signal to a master process: "
-                                   "stop, quit, reopen, reload" CRLF
+                                   "stop, quit, reopen, reload" NGX_LINEFEED
 #ifdef NGX_PREFIX
                 "  -p prefix     : set prefix path (default: "
-                                   NGX_PREFIX ")" CRLF
+                                   NGX_PREFIX ")" NGX_LINEFEED
 #else
-                "  -p prefix     : set prefix path (default: NONE)" CRLF
+                "  -p prefix     : set prefix path (default: NONE)" NGX_LINEFEED
 #endif
                 "  -c filename   : set configuration file (default: "
-                                   NGX_CONF_PATH ")" CRLF
+                                   NGX_CONF_PATH ")" NGX_LINEFEED
                 "  -g directives : set global directives out of configuration "
-                                   "file" CRLF
+                                   "file" NGX_LINEFEED NGX_LINEFEED
                 );
         }
 
         if (ngx_show_configure) {
+            ngx_write_stderr(
 #ifdef NGX_COMPILER
-            ngx_log_stderr(0, "built by " NGX_COMPILER);
+                "built by " NGX_COMPILER NGX_LINEFEED
 #endif
 #if (NGX_SSL)
 #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
-            ngx_log_stderr(0, "TLS SNI support enabled");
+                "TLS SNI support enabled" NGX_LINEFEED
 #else
-            ngx_log_stderr(0, "TLS SNI support disabled");
+                "TLS SNI support disabled" NGX_LINEFEED
 #endif
 #endif
-            ngx_log_stderr(0, "configure arguments:" NGX_CONFIGURE);
+                "configure arguments:" NGX_CONFIGURE NGX_LINEFEED);
         }
 
         if (!ngx_test_config) {

Modified: trunk/src/core/ngx_log.h
===================================================================
--- trunk/src/core/ngx_log.h	2011-11-14 14:42:48 UTC (rev 4283)
+++ trunk/src/core/ngx_log.h	2011-11-14 14:59:00 UTC (rev 4284)
@@ -203,6 +203,22 @@
 u_char *ngx_log_errno(u_char *buf, u_char *last, ngx_err_t err);
 
 
+/*
+ * ngx_write_stderr() cannot be implemented as macro, since
+ * MSVC does not allow to use #ifdef inside macro parameters.
+ *
+ * ngx_write_fd() is used instead of ngx_write_console(), since
+ * CharToOemBuff() inside ngx_write_console() cannot be used with
+ * read only buffer as destination and CharToOemBuff() is not needed
+ * for ngx_write_stderr() anyway.
+ */
+static ngx_inline void
+ngx_write_stderr(char *text)
+{
+    (void) ngx_write_fd(ngx_stderr, text, strlen(text));
+}
+
+
 extern ngx_module_t  ngx_errlog_module;
 extern ngx_uint_t    ngx_use_stderr;
 

Modified: trunk/src/os/unix/ngx_files.h
===================================================================
--- trunk/src/os/unix/ngx_files.h	2011-11-14 14:42:48 UTC (rev 4283)
+++ trunk/src/os/unix/ngx_files.h	2011-11-14 14:59:00 UTC (rev 4284)
@@ -128,6 +128,7 @@
 
 #define ngx_linefeed(p)          *p++ = LF;
 #define NGX_LINEFEED_SIZE        1
+#define NGX_LINEFEED             "\x0a"
 
 
 #define ngx_rename_file(o, n)    rename((const char *) o, (const char *) n)

Modified: trunk/src/os/win32/ngx_files.h
===================================================================
--- trunk/src/os/win32/ngx_files.h	2011-11-14 14:42:48 UTC (rev 4283)
+++ trunk/src/os/win32/ngx_files.h	2011-11-14 14:59:00 UTC (rev 4284)
@@ -115,6 +115,7 @@
 
 #define ngx_linefeed(p)             *p++ = CR; *p++ = LF;
 #define NGX_LINEFEED_SIZE           2
+#define NGX_LINEFEED                CRLF
 
 
 #define ngx_delete_file(name)       DeleteFile((const char *) name)


From igor at sysoev.ru  Mon Nov 14 15:37:55 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 15:37:55 +0000
Subject: [nginx] svn commit:  r4285 - trunk/docs/xml/nginx
Message-ID: 

Author: is
Date: 2011-11-14 15:37:54 +0000 (Mon, 14 Nov 2011)
New Revision: 4285

Modified:
   trunk/docs/xml/nginx/changes.xml
Log:
nginx-1.1.8-RELEASE


Modified: trunk/docs/xml/nginx/changes.xml
===================================================================
--- trunk/docs/xml/nginx/changes.xml	2011-11-14 14:59:00 UTC (rev 4284)
+++ trunk/docs/xml/nginx/changes.xml	2011-11-14 15:37:54 UTC (rev 4285)
@@ -9,6 +9,101 @@
 nginx changelog
 
 
+
+
+
+
+?????? ngx_http_limit_zone_module ???????????? ? ngx_http_limit_conn_module.
+
+
+the ngx_http_limit_zone_module was renamed to the ngx_http_limit_conn_module.
+          
+
+
+
+
+????????? limit_zone ???????? ?????????? limit_conn_zone ? ????? ???????????.
+
+
+the "limit_zone" directive was superseded by the "limit_conn_zone" directive
+with a new syntax.
+
+
+
+
+
+????????? ??????????? ?? ?????????? limit_conn ?? ????? ??????.
+
+
+support for multiple "limit_conn" limits on the same level.
+
+
+
+
+
+????????? image_filter_sharpen.
+
+
+the "image_filter_sharpen" directive.
+
+
+
+
+
+? ??????? ???????? ??? ????????? segmentation fault,
+???? resolver ??????? ??????? DNS-?????.

+??????? Ben Hawkes.
+
+
+a segmentation fault might occur in a worker process
+if resolver got a big DNS response.

+Thanks to Ben Hawkes.
+
+
+
+
+
+? ?????????? ????? ??? ???????????,
+???? ?????????????? ?????????? ?????????? MD5;
+?????? ????????? ? 1.0.4.
+
+
+in cache key calculation
+if internal MD5 implementation was used;
+the bug had appeared in 1.0.4.
+
+
+
+
+
+?????? "If-Modified-Since", "If-Range" ? ?? ???????? ? ????????? ???????
+??????? ????? ???????????? ??????? ??? ???????????; ??? ?? ???????????? ???
+??????????? ???????????, ???? ??????????? ???? ???????? ? ?????? ?????
+????????????.
+
+
+the "If-Modified-Since", "If-Range", etc. client request header lines
+might be passed to backend while caching; or not passed without caching
+if caching was enabled in another part of the configuration.
+
+
+
+
+
+?????? ngx_http_mp4_module ??????? ???????? ?????? "Content-Length"
+? ????????? ??????, ????????????? ???????? start.

+??????? Piotr Sikora.
+
+
+the module ngx_http_mp4_module sent incorrect "Content-Length" response
+header line if the "start" argument was used.

+Thanks to Piotr Sikora.
+
+
+
+
+
+
 
 
 


From igor at sysoev.ru  Mon Nov 14 15:38:03 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 15:38:03 +0000
Subject: [nginx] svn commit:  r4286 - tags
Message-ID: 

Author: is
Date: 2011-11-14 15:38:02 +0000 (Mon, 14 Nov 2011)
New Revision: 4286

Added:
   tags/release-1.1.8/
Log:
release-1.1.8 tag



From igor at sysoev.ru  Mon Nov 14 15:53:37 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 15:53:37 +0000
Subject: [nginx] svn commit: r4287 - in branches/stable-1.0/src: core
	http/modules/perl
Message-ID: 

Author: is
Date: 2011-11-14 15:53:35 +0000 (Mon, 14 Nov 2011)
New Revision: 4287

Modified:
   branches/stable-1.0/src/core/nginx.h
   branches/stable-1.0/src/http/modules/perl/nginx.pm
Log:
Version bump.


Modified: branches/stable-1.0/src/core/nginx.h
===================================================================
--- branches/stable-1.0/src/core/nginx.h	2011-11-14 15:38:02 UTC (rev 4286)
+++ branches/stable-1.0/src/core/nginx.h	2011-11-14 15:53:35 UTC (rev 4287)
@@ -8,8 +8,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1000009
-#define NGINX_VERSION      "1.0.9"
+#define nginx_version      1000010
+#define NGINX_VERSION      "1.0.10"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

Modified: branches/stable-1.0/src/http/modules/perl/nginx.pm
===================================================================
--- branches/stable-1.0/src/http/modules/perl/nginx.pm	2011-11-14 15:38:02 UTC (rev 4286)
+++ branches/stable-1.0/src/http/modules/perl/nginx.pm	2011-11-14 15:53:35 UTC (rev 4287)
@@ -48,7 +48,7 @@
     HTTP_INSUFFICIENT_STORAGE
 );
 
-our $VERSION = '1.0.9';
+our $VERSION = '1.0.10';
 
 require XSLoader;
 XSLoader::load('nginx', $VERSION);


From igor at sysoev.ru  Mon Nov 14 16:12:26 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 16:12:26 +0000
Subject: [nginx] svn commit:  r4288 - in branches/stable-1.0: . src/core
Message-ID: 

Author: is
Date: 2011-11-14 16:12:25 +0000 (Mon, 14 Nov 2011)
New Revision: 4288

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/core/ngx_resolver.c
Log:
Merge of r4268:

Fixed compression pointer processing in DNS response greater than 255 bytes.

Thanks to Ben Hawkes.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237,4268

Modified: branches/stable-1.0/src/core/ngx_resolver.c
===================================================================
--- branches/stable-1.0/src/core/ngx_resolver.c	2011-11-14 15:53:35 UTC (rev 4287)
+++ branches/stable-1.0/src/core/ngx_resolver.c	2011-11-14 16:12:25 UTC (rev 4288)
@@ -1922,7 +1922,13 @@
     n = *src++;
 
     for ( ;; ) {
-        if (n != 0xc0) {
+        if (n & 0xc0) {
+            n = ((n & 0x3f) << 8) + *src;
+            src = &buf[n];
+
+            n = *src++;
+
+        } else {
             ngx_memcpy(dst, src, n);
             dst += n;
             src += n;
@@ -1932,12 +1938,6 @@
             if (n != 0) {
                 *dst++ = '.';
             }
-
-        } else {
-            n = ((n & 0x3f) << 8) + *src;
-            src = &buf[n];
-
-            n = *src++;
         }
 
         if (n == 0) {


From igor at sysoev.ru  Mon Nov 14 16:13:16 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 16:13:16 +0000
Subject: [nginx] svn commit:  r4289 - in branches/stable-1.0: . src/core
Message-ID: 

Author: is
Date: 2011-11-14 16:13:15 +0000 (Mon, 14 Nov 2011)
New Revision: 4289

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/core/ngx_md5.c
Log:
Merge of r4280:

Reverted incorrect change in internal md5 (part of r3928).



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237,4268
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237,4268,4280

Modified: branches/stable-1.0/src/core/ngx_md5.c
===================================================================
--- branches/stable-1.0/src/core/ngx_md5.c	2011-11-14 16:12:25 UTC (rev 4288)
+++ branches/stable-1.0/src/core/ngx_md5.c	2011-11-14 16:13:15 UTC (rev 4289)
@@ -47,7 +47,8 @@
             return;
         }
 
-        data = ngx_cpymem(&ctx->buffer[used], data, free);
+        ngx_memcpy(&ctx->buffer[used], data, free);
+        data = (u_char *) data + free;
         size -= free;
         (void) ngx_md5_body(ctx, ctx->buffer, 64);
     }


From orz at loli.my  Mon Nov 14 16:13:21 2011
From: orz at loli.my (=?UTF-8?B?44OT44Oq44OT44Oq4oWk?=)
Date: Tue, 15 Nov 2011 00:13:21 +0800
Subject: nginx crash
In-Reply-To: <20111113235455.GO95664@mdounin.ru>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
Message-ID: 

Hello,

first I haven't use proxy_http_version 1.1;

and all of those server are only running on http proxy, and the crash
happen on static file only, it will contain Content-Length headers.

I will try to change proxy_http_version to 1.1 to test, thanks for your advices.

2011/11/14 Maxim Dounin :
> Hello!
>
> On Sun, Nov 13, 2011 at 11:16:56PM +0000, Ant?nio P. P. Almeida wrote:
>
>>
>> On 12 Nov 2011 14h07 WET, magicbearmo at gmail.com wrote:
>>
>> > happen on a of main upstream server dead.
>> >
>> > Here is the config
>> >
>> > proxy_cache_path /dev/shm/cdn_cache_comment levels=1:2
>> > keys_zone=cache_comment_mem:32m max_size=128m; limit_req_zone
>> > $binary_remote_addr zone=limit_comment:16m rate=50r/s;
>> >
>> > upstream backend_comment {
>> > ? ? server 10.0.0.1 weight=10 fail_timeout=30s;
>> > ? ? server 10.0.0.2 backup weight=5 fail_timeout=30s;
>> > ? ? keepalive 30;
>> ? ? ? ? ^^^^^^^^^^^^^
>> I believe you have to use:
>>
>> proxy_http_version 1.1;
>>
>> in the location that invoke this upstream for getting keep alive to
>> the backends. AFAIK this is undocumented and would be nice if Maxim
>> can shed some light on this issue.
>
> Keepalive connections are possible with HTTP/1.0 as well. ?There
> are some problems with them though:
>
> 1. There is no standard which defines keepalive connections in
> HTTP/1.0. ?It works with major web servers (including nginx), but
> may not work with others.
>
> 2. In HTTP/1.0 connection can't be kept alive if response
> Content-Length isn't known (as response end is signalled by
> connection close).
>
> Due to the above reasons I would recommend using HTTP/1.1 to keep
> backend connections alive. ?But it doesn't mean they aren't
> possible (and I'm quite sure MagicBear's config works as expected).
>
> The required thing is
>
> ? ?proxy_set_header Connection "";
>
> in case of HTTP/1.1, or
>
> ? ?proxy_set_header Connection "keep-alive";
>
> in case of HTTP/1.0.
>
> (Well, "Connection: keep-alive" will work in HTTP/1.1 case as
> well, actually. ?But an empty string is enough.)
>
>> Ditto for:
>>
>> fastcgi_keep_conn on;
>>
>> in the case of FCGI upstreams.
>
> The fastcgi_keep_conn directive is required to keep connections
> alive with fastcgi upstreams. ?It instructs nginx to claim
> responsibility of closing connection with appropriate flag in
> fastcgi protocol. ?Without this directive connection will be
> closed by fastcgi application (upstream) and it won't be possible
> to keep it alive.
>
> Maxim Dounin
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel


From igor at sysoev.ru  Mon Nov 14 16:14:12 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Mon, 14 Nov 2011 16:14:12 +0000
Subject: [nginx] svn commit: r4290 - in branches/stable-1.0: . src/http/modules
Message-ID: 

Author: is
Date: 2011-11-14 16:14:11 +0000 (Mon, 14 Nov 2011)
New Revision: 4290

Modified:
   branches/stable-1.0/
   branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c
Log:
Merge of r4283:

Fix of "Content-Length" header of MP4 response if start argument was used.

Patch by Piotr Sikora.



Property changes on: branches/stable-1.0
___________________________________________________________________
Modified: svn:mergeinfo
   - /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237,4268,4280
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237,4268,4280,4283

Modified: branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c
===================================================================
--- branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c	2011-11-14 16:13:15 UTC (rev 4289)
+++ branches/stable-1.0/src/http/modules/ngx_http_mp4_module.c	2011-11-14 16:14:11 UTC (rev 4290)
@@ -1066,7 +1066,6 @@
 
     atom_data_size = mp4->mdat_data.buf->file_last - start_offset;
     mp4->mdat_data.buf->file_pos = start_offset;
-    mp4->content_length += atom_data_size;
 
     ngx_log_debug2(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0,
                    "mdat new offset @%O:%O", start_offset, atom_data_size);
@@ -1083,6 +1082,8 @@
         atom_header_size = sizeof(ngx_mp4_atom_header_t);
     }
 
+    mp4->content_length += atom_header_size + atom_data_size;
+
     ngx_mp4_set_32value(atom_header, atom_size);
     ngx_mp4_set_atom_name(atom_header, 'm', 'd', 'a', 't');
 


From mdounin at mdounin.ru  Mon Nov 14 16:50:39 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 14 Nov 2011 20:50:39 +0400
Subject: nginx crash
In-Reply-To: 
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
Message-ID: <20111114165039.GV95664@mdounin.ru>

Hello!

On Tue, Nov 15, 2011 at 12:13:21AM +0800, ????? wrote:

> Hello,
> 
> first I haven't use proxy_http_version 1.1;
> 
> and all of those server are only running on http proxy, and the crash
> happen on static file only, it will contain Content-Length headers.
> 
> I will try to change proxy_http_version to 1.1 to test, thanks for your advices.

It's completely unrelated to the crash.

Maxim Dounin

> 
> 2011/11/14 Maxim Dounin :
> > Hello!
> >
> > On Sun, Nov 13, 2011 at 11:16:56PM +0000, Ant?nio P. P. Almeida wrote:
> >
> >>
> >> On 12 Nov 2011 14h07 WET, magicbearmo at gmail.com wrote:
> >>
> >> > happen on a of main upstream server dead.
> >> >
> >> > Here is the config
> >> >
> >> > proxy_cache_path /dev/shm/cdn_cache_comment levels=1:2
> >> > keys_zone=cache_comment_mem:32m max_size=128m; limit_req_zone
> >> > $binary_remote_addr zone=limit_comment:16m rate=50r/s;
> >> >
> >> > upstream backend_comment {
> >> > ? ? server 10.0.0.1 weight=10 fail_timeout=30s;
> >> > ? ? server 10.0.0.2 backup weight=5 fail_timeout=30s;
> >> > ? ? keepalive 30;
> >> ? ? ? ? ^^^^^^^^^^^^^
> >> I believe you have to use:
> >>
> >> proxy_http_version 1.1;
> >>
> >> in the location that invoke this upstream for getting keep alive to
> >> the backends. AFAIK this is undocumented and would be nice if Maxim
> >> can shed some light on this issue.
> >
> > Keepalive connections are possible with HTTP/1.0 as well. ?There
> > are some problems with them though:
> >
> > 1. There is no standard which defines keepalive connections in
> > HTTP/1.0. ?It works with major web servers (including nginx), but
> > may not work with others.
> >
> > 2. In HTTP/1.0 connection can't be kept alive if response
> > Content-Length isn't known (as response end is signalled by
> > connection close).
> >
> > Due to the above reasons I would recommend using HTTP/1.1 to keep
> > backend connections alive. ?But it doesn't mean they aren't
> > possible (and I'm quite sure MagicBear's config works as expected).
> >
> > The required thing is
> >
> > ? ?proxy_set_header Connection "";
> >
> > in case of HTTP/1.1, or
> >
> > ? ?proxy_set_header Connection "keep-alive";
> >
> > in case of HTTP/1.0.
> >
> > (Well, "Connection: keep-alive" will work in HTTP/1.1 case as
> > well, actually. ?But an empty string is enough.)
> >
> >> Ditto for:
> >>
> >> fastcgi_keep_conn on;
> >>
> >> in the case of FCGI upstreams.
> >
> > The fastcgi_keep_conn directive is required to keep connections
> > alive with fastcgi upstreams. ?It instructs nginx to claim
> > responsibility of closing connection with appropriate flag in
> > fastcgi protocol. ?Without this directive connection will be
> > closed by fastcgi application (upstream) and it won't be possible
> > to keep it alive.
> >
> > Maxim Dounin
> >
> > _______________________________________________
> > nginx-devel mailing list
> > nginx-devel at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx-devel
> 
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel


From magicbearmo at gmail.com  Mon Nov 14 16:57:02 2011
From: magicbearmo at gmail.com (MagicBear)
Date: Tue, 15 Nov 2011 00:57:02 +0800
Subject: nginx crash
In-Reply-To: <20111114165039.GV95664@mdounin.ru>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
Message-ID: 

Hello,

I think is also not relative to crash, when I increase the zone key
size, crash hasn't happen again (but my upstream are also up), so I
still unknown where has the crash happen.
Just I had update all of my server to 1.1.8, I want to test for your
config because some of my server has running dynamic page, and they
aren't return the Content-Length.

2011/11/15 Maxim Dounin :
> Hello!
>
> On Tue, Nov 15, 2011 at 12:13:21AM +0800, ????? wrote:
>
>> Hello,
>>
>> first I haven't use proxy_http_version 1.1;
>>
>> and all of those server are only running on http proxy, and the crash
>> happen on static file only, it will contain Content-Length headers.
>>
>> I will try to change proxy_http_version to 1.1 to test, thanks for your advices.
>
> It's completely unrelated to the crash.
>
> Maxim Dounin
>
>>
>> 2011/11/14 Maxim Dounin :
>> > Hello!
>> >
>> > On Sun, Nov 13, 2011 at 11:16:56PM +0000, Ant?nio P. P. Almeida wrote:
>> >
>> >>
>> >> On 12 Nov 2011 14h07 WET, magicbearmo at gmail.com wrote:
>> >>
>> >> > happen on a of main upstream server dead.
>> >> >
>> >> > Here is the config
>> >> >
>> >> > proxy_cache_path /dev/shm/cdn_cache_comment levels=1:2
>> >> > keys_zone=cache_comment_mem:32m max_size=128m; limit_req_zone
>> >> > $binary_remote_addr zone=limit_comment:16m rate=50r/s;
>> >> >
>> >> > upstream backend_comment {
>> >> > ? ? server 10.0.0.1 weight=10 fail_timeout=30s;
>> >> > ? ? server 10.0.0.2 backup weight=5 fail_timeout=30s;
>> >> > ? ? keepalive 30;
>> >> ? ? ? ? ^^^^^^^^^^^^^
>> >> I believe you have to use:
>> >>
>> >> proxy_http_version 1.1;
>> >>
>> >> in the location that invoke this upstream for getting keep alive to
>> >> the backends. AFAIK this is undocumented and would be nice if Maxim
>> >> can shed some light on this issue.
>> >
>> > Keepalive connections are possible with HTTP/1.0 as well. ?There
>> > are some problems with them though:
>> >
>> > 1. There is no standard which defines keepalive connections in
>> > HTTP/1.0. ?It works with major web servers (including nginx), but
>> > may not work with others.
>> >
>> > 2. In HTTP/1.0 connection can't be kept alive if response
>> > Content-Length isn't known (as response end is signalled by
>> > connection close).
>> >
>> > Due to the above reasons I would recommend using HTTP/1.1 to keep
>> > backend connections alive. ?But it doesn't mean they aren't
>> > possible (and I'm quite sure MagicBear's config works as expected).
>> >
>> > The required thing is
>> >
>> > ? ?proxy_set_header Connection "";
>> >
>> > in case of HTTP/1.1, or
>> >
>> > ? ?proxy_set_header Connection "keep-alive";
>> >
>> > in case of HTTP/1.0.
>> >
>> > (Well, "Connection: keep-alive" will work in HTTP/1.1 case as
>> > well, actually. ?But an empty string is enough.)
>> >
>> >> Ditto for:
>> >>
>> >> fastcgi_keep_conn on;
>> >>
>> >> in the case of FCGI upstreams.
>> >
>> > The fastcgi_keep_conn directive is required to keep connections
>> > alive with fastcgi upstreams. ?It instructs nginx to claim
>> > responsibility of closing connection with appropriate flag in
>> > fastcgi protocol. ?Without this directive connection will be
>> > closed by fastcgi application (upstream) and it won't be possible
>> > to keep it alive.
>> >
>> > Maxim Dounin
>> >
>> > _______________________________________________
>> > nginx-devel mailing list
>> > nginx-devel at nginx.org
>> > http://mailman.nginx.org/mailman/listinfo/nginx-devel
>>
>> _______________________________________________
>> nginx-devel mailing list
>> nginx-devel at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel



-- 
MagicBear


From timmacfarlane at gmail.com  Mon Nov 14 20:13:39 2011
From: timmacfarlane at gmail.com (Tim Macfarlane)
Date: Mon, 14 Nov 2011 20:13:39 +0000
Subject: Akamai G2O module
Message-ID: 

Hi all,

I've recently written a module to authenticate requests from Akamai's edge server network, based on their G2O, or edge-origin authentication scheme.

https://github.com/refractalize/nginx_mod_akamai_g2o

The module is finished, however, this being my first nginx module and the fact that I don't spend a lot of time writing in C leads me to ask for a second opinion - how am I doing? Any advice greatly appreciated.

In particular, the module relies on OpenSSL's HMAC and Base64 support. I couldn't find any support for these in nginx core. For now the module simply does not compile without openssl installed. Is this bad?

Tim.

From igor at sysoev.ru  Tue Nov 15 08:24:03 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue, 15 Nov 2011 08:24:03 +0000
Subject: [nginx] svn commit:  r4291 - branches/stable-1.0/docs/xml/nginx
Message-ID: 

Author: is
Date: 2011-11-15 08:24:03 +0000 (Tue, 15 Nov 2011)
New Revision: 4291

Modified:
   branches/stable-1.0/docs/xml/nginx/changes.xml
Log:
nginx-1.0.10-RELEASE


Modified: branches/stable-1.0/docs/xml/nginx/changes.xml
===================================================================
--- branches/stable-1.0/docs/xml/nginx/changes.xml	2011-11-14 16:14:11 UTC (rev 4290)
+++ branches/stable-1.0/docs/xml/nginx/changes.xml	2011-11-15 08:24:03 UTC (rev 4291)
@@ -9,6 +9,50 @@
 nginx changelog
 
 
+
+
+
+
+? ??????? ???????? ??? ????????? segmentation fault,
+???? resolver ??????? ??????? DNS-?????.

+??????? Ben Hawkes.
+
+
+a segmentation fault might occur in a worker process
+if resolver got a big DNS response.

+Thanks to Ben Hawkes.
+
+
+
+
+
+? ?????????? ????? ??? ???????????,
+???? ?????????????? ?????????? ?????????? MD5;
+?????? ????????? ? 1.0.4.
+
+
+in cache key calculation
+if internal MD5 implementation was used;
+the bug had appeared in 1.0.4.
+
+
+
+
+
+?????? ngx_http_mp4_module ??????? ???????? ?????? "Content-Length"
+? ????????? ??????, ????????????? ???????? start.

+??????? Piotr Sikora.
+
+
+the module ngx_http_mp4_module sent incorrect "Content-Length" response
+header line if the "start" argument was used.

+Thanks to Piotr Sikora.
+
+
+
+
+
+
 
 
 


From igor at sysoev.ru  Tue Nov 15 08:24:10 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Tue, 15 Nov 2011 08:24:10 +0000
Subject: [nginx] svn commit:  r4292 - in tags: . release-1.0.10
Message-ID: 

Author: is
Date: 2011-11-15 08:24:10 +0000 (Tue, 15 Nov 2011)
New Revision: 4292

Added:
   tags/release-1.0.10/
Log:
release-1.0.10 tag



Property changes on: tags/release-1.0.10
___________________________________________________________________
Added: svn:ignore
   + access.log
client_body_temp
fastcgi_temp
proxy_temp
GNUmakefile
Makefile
makefile
nginx
nginx.conf
nginx-*.tar.gz
objs*
tmp

Added: svn:mergeinfo
   + /trunk:3960-3974,3977-3987,3991-3996,3998,4003-4007,4009-4013,4015-4018,4020,4023,4025-4027,4034-4065,4073,4077,4086-4090,4094-4102,4106-4108,4113-4114,4129-4137,4143,4147-4152,4154-4158,4177,4179,4182-4184,4186-4187,4189-4205,4207,4209-4210,4212,4219-4220,4229-4230,4232,4235-4237,4268,4280,4283


From zzz at zzz.org.ua  Tue Nov 15 18:53:22 2011
From: zzz at zzz.org.ua (Alexandr Gomoliako)
Date: Tue, 15 Nov 2011 20:53:22 +0200
Subject: embedded perl, patch
In-Reply-To: 
References: 
	<20111027190132.GA90209@nginx.com>
	
	<20111028051734.GA3978@nginx.com>
	
Message-ID: 

Hi.

Just in case someone is actually interested in embedded perl
I've managed to implement an asynchronous API.
It's not release-ready yet, but won't have any new features.
Documentation doesn't cover everything yet either.

There is SSL, timer, resolver, asynchronous connections,
access handler, content handler, both support delayed
responses, init_worker handler, exit_worker handler and
a few other things.

Here it is:
    https://github.com/zzzcpan/nginx-perl


From mdounin at mdounin.ru  Tue Nov 15 20:33:38 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Tue, 15 Nov 2011 20:33:38 +0000
Subject: [nginx] svn commit:  r4293 - in trunk/src: core http/modules/perl
Message-ID: <20111115203338.D13093F9C1B@mail.nginx.com>

Author: mdounin
Date: 2011-11-15 20:33:37 +0000 (Tue, 15 Nov 2011)
New Revision: 4293

Log:
Version bump.


Modified:
   trunk/src/core/nginx.h
   trunk/src/http/modules/perl/nginx.pm

Modified: trunk/src/core/nginx.h
===================================================================
--- trunk/src/core/nginx.h	2011-11-15 08:24:10 UTC (rev 4292)
+++ trunk/src/core/nginx.h	2011-11-15 20:33:37 UTC (rev 4293)
@@ -8,8 +8,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1001008
-#define NGINX_VERSION      "1.1.8"
+#define nginx_version      1001009
+#define NGINX_VERSION      "1.1.9"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

Modified: trunk/src/http/modules/perl/nginx.pm
===================================================================
--- trunk/src/http/modules/perl/nginx.pm	2011-11-15 08:24:10 UTC (rev 4292)
+++ trunk/src/http/modules/perl/nginx.pm	2011-11-15 20:33:37 UTC (rev 4293)
@@ -48,7 +48,7 @@
     HTTP_INSUFFICIENT_STORAGE
 );
 
-our $VERSION = '1.1.8';
+our $VERSION = '1.1.9';
 
 require XSLoader;
 XSLoader::load('nginx', $VERSION);


From mdounin at mdounin.ru  Tue Nov 15 20:35:41 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Tue, 15 Nov 2011 20:35:41 +0000
Subject: [nginx] svn commit:  r4294 - trunk/src/core
Message-ID: <20111115203541.57B8B3F9C21@mail.nginx.com>

Author: mdounin
Date: 2011-11-15 20:35:41 +0000 (Tue, 15 Nov 2011)
New Revision: 4294

Log:
Fixed handling of SIGWINCH/NOACCEPT signal.

After first upgrade it was ignored since r4020 (1.1.1, 1.0.9) as
ngx_daemonized wasn't set.


Modified:
   trunk/src/core/nginx.c

Modified: trunk/src/core/nginx.c
===================================================================
--- trunk/src/core/nginx.c	2011-11-15 20:33:37 UTC (rev 4293)
+++ trunk/src/core/nginx.c	2011-11-15 20:35:41 UTC (rev 4294)
@@ -374,6 +374,10 @@
         ngx_daemonized = 1;
     }
 
+    if (ngx_inherited) {
+        ngx_daemonized = 1;
+    }
+
 #endif
 
     if (ngx_create_pidfile(&ccf->pid, cycle->log) != NGX_OK) {


From vbart at nginx.com  Wed Nov 16 12:51:27 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Wed, 16 Nov 2011 12:51:27 +0000
Subject: [nginx] svn commit:  r4295 - trunk/src/http/modules
Message-ID: 

Author: vbart
Date: 2011-11-16 12:51:27 +0000 (Wed, 16 Nov 2011)
New Revision: 4295

Modified:
   trunk/src/http/modules/ngx_http_scgi_module.c
Log:
Fixed incorrect counting the length of headers in a SCGI request.


Modified: trunk/src/http/modules/ngx_http_scgi_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_scgi_module.c	2011-11-15 20:35:41 UTC (rev 4294)
+++ trunk/src/http/modules/ngx_http_scgi_module.c	2011-11-16 12:51:27 UTC (rev 4295)
@@ -558,8 +558,10 @@
 
             while (*(uintptr_t *) le.ip) {
                 lcode = *(ngx_http_script_len_code_pt *) le.ip;
-                len += lcode(&le) + 1;
+                len += lcode(&le);
             }
+            len++;
+
             le.ip += sizeof(uintptr_t);
         }
     }


From ru at nginx.com  Wed Nov 16 13:11:40 2011
From: ru at nginx.com (ru at nginx.com)
Date: Wed, 16 Nov 2011 13:11:40 +0000
Subject: [nginx] svn commit:  r4296 - trunk/src/core
Message-ID: <20111116131140.E62C83F9C34@mail.nginx.com>

Author: ru
Date: 2011-11-16 13:11:39 +0000 (Wed, 16 Nov 2011)
New Revision: 4296

Log:
Now nginx uses TTL of a DNS response when calculating cache validity.

Previously it used a hardcoded value of 300 seconds.  Also added the
"valid=" parameter to the "resolver" directive that can be used to
override the cache validity time.

Patch by Kirill A. Korinskiy with minor changes.


Modified:
   trunk/src/core/ngx_resolver.c

Modified: trunk/src/core/ngx_resolver.c
===================================================================
--- trunk/src/core/ngx_resolver.c	2011-11-16 12:51:27 UTC (rev 4295)
+++ trunk/src/core/ngx_resolver.c	2011-11-16 13:11:39 UTC (rev 4296)
@@ -93,6 +93,7 @@
 ngx_resolver_t *
 ngx_resolver_create(ngx_conf_t *cf, ngx_str_t *names, ngx_uint_t n)
 {
+    ngx_str_t              s;
     ngx_url_t              u;
     ngx_uint_t             i;
     ngx_resolver_t        *r;
@@ -146,12 +147,27 @@
 
     r->resend_timeout = 5;
     r->expire = 30;
-    r->valid = 300;
+    r->valid = 0;
 
     r->log = &cf->cycle->new_log;
     r->log_level = NGX_LOG_ERR;
 
     for (i = 0; i < n; i++) {
+        if (ngx_strncmp(names[i].data, "valid=", 6) == 0) {
+            s.len = names[i].len - 6;
+            s.data = names[i].data + 6;
+
+            r->valid = ngx_parse_time(&s, 1);
+
+            if (r->valid == NGX_ERROR) {
+                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                                   "invalid parameter: %V", &names[i]);
+                return NULL;
+            }
+
+            continue;
+        }
+
         ngx_memzero(&u, sizeof(ngx_url_t));
 
         u.host = names[i];
@@ -1149,6 +1165,7 @@
     char                 *err;
     u_char               *cname;
     size_t                len;
+    int32_t               ttl;
     uint32_t              hash;
     in_addr_t             addr, *addrs;
     ngx_str_t             name;
@@ -1258,7 +1275,13 @@
 
         qtype = (an->type_hi << 8) + an->type_lo;
         len = (an->len_hi << 8) + an->len_lo;
+        ttl = (an->ttl[0] << 24) + (an->ttl[1] << 16)
+            + (an->ttl[2] << 8) + (an->ttl[3]);
 
+        if (ttl < 0) {
+            ttl = 0;
+        }
+
         if (qtype == NGX_RESOLVE_A) {
 
             i += sizeof(ngx_resolver_an_t);
@@ -1287,8 +1310,9 @@
         }
     }
 
-    ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0,
-                   "resolver naddrs:%ui cname:%p", naddrs, cname);
+    ngx_log_debug3(NGX_LOG_DEBUG_CORE, r->log, 0,
+                   "resolver naddrs:%ui cname:%p ttl:%d",
+                   naddrs, cname, ttl);
 
     if (naddrs) {
 
@@ -1357,7 +1381,7 @@
 
         ngx_queue_remove(&rn->queue);
 
-        rn->valid = ngx_time() + r->valid;
+        rn->valid = ngx_time() + (r->valid ? r->valid : ttl);
         rn->expire = ngx_time() + r->expire;
 
         ngx_queue_insert_head(&r->name_expire_queue, &rn->queue);
@@ -1399,7 +1423,8 @@
 
         rn->cnlen = (u_short) name.len;
         rn->u.cname = name.data;
-        rn->valid = ngx_time() + r->valid;
+
+        rn->valid = ngx_time() + (r->valid ? r->valid : ttl);
         rn->expire = ngx_time() + r->expire;
 
         ngx_queue_insert_head(&r->name_expire_queue, &rn->queue);
@@ -1450,6 +1475,7 @@
     char                 *err;
     size_t                len;
     in_addr_t             addr;
+    int32_t               ttl;
     ngx_int_t             digit;
     ngx_str_t             name;
     ngx_uint_t            i, mask, qident;
@@ -1545,7 +1571,13 @@
     an = (ngx_resolver_an_t *) &buf[i + 2];
 
     len = (an->len_hi << 8) + an->len_lo;
+    ttl = (an->ttl[0] << 24) + (an->ttl[1] << 16)
+        + (an->ttl[2] << 8) + (an->ttl[3]);
 
+    if (ttl < 0) {
+        ttl = 0;
+    }
+
     ngx_log_debug3(NGX_LOG_DEBUG_CORE, r->log, 0,
                   "resolver qt:%ui cl:%ui len:%uz",
                   (an->type_hi << 8) + an->type_lo,
@@ -1581,7 +1613,7 @@
 
     ngx_queue_remove(&rn->queue);
 
-    rn->valid = ngx_time() + r->valid;
+    rn->valid = ngx_time() + (r->valid ? r->valid : ttl);
     rn->expire = ngx_time() + r->expire;
 
     ngx_queue_insert_head(&r->addr_expire_queue, &rn->queue);


From ru at nginx.com  Wed Nov 16 13:27:34 2011
From: ru at nginx.com (ru at nginx.com)
Date: Wed, 16 Nov 2011 13:27:34 +0000
Subject: [nginx] svn commit:  r4297 - trunk/src/core
Message-ID: <20111116132734.108533F9C52@mail.nginx.com>

Author: ru
Date: 2011-11-16 13:27:33 +0000 (Wed, 16 Nov 2011)
New Revision: 4297

Log:
Silenced a warning for some compilers.


Modified:
   trunk/src/core/ngx_resolver.c

Modified: trunk/src/core/ngx_resolver.c
===================================================================
--- trunk/src/core/ngx_resolver.c	2011-11-16 13:11:39 UTC (rev 4296)
+++ trunk/src/core/ngx_resolver.c	2011-11-16 13:27:33 UTC (rev 4297)
@@ -1236,6 +1236,7 @@
     addrs = NULL;
     cname = NULL;
     qtype = 0;
+    ttl = 0;
 
     for (a = 0; a < nan; a++) {
 


From piotr.sikora at frickle.com  Thu Nov 17 20:56:09 2011
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Thu, 17 Nov 2011 21:56:09 +0100
Subject: [PATCH] Use specification-compliant FLV header
Message-ID: <20111117205608.GA27979@fr2.local>

An embedded and charset-unspecified text was scrubbed...
Name: not available
URL: 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ngx_flv_header.patch
URL: 

From drafting at samizdat.cc  Thu Nov 17 21:29:09 2011
From: drafting at samizdat.cc (Samizdat Drafting Co.)
Date: Thu, 17 Nov 2011 16:29:09 -0500
Subject: a digest authentication module
In-Reply-To: 
References: 
	
Message-ID: 

On Sat, Nov 5, 2011 at 8:50 PM, Alexandr Gomoliako  wrote:

>> i'm also a little confused as to how the module should schedule a
>> recurring node-expiration callback that purges stale entries from the
>> rbtree. at the moment the purge function is called at the top of every
>> request, which feels like the wrongest possible way to do it. i've
>> seen mention of the cleanup hook attached to the request's pool. is
>> this a more appropriate place to run or are there other problems
>> associated with that?
>
> Well, it's up to you to decide. But since entries are completely unrelated
> to the request you should probably move expiration somewhere else.

very true. i've switched over to creating a timer at module init-time
that schedules itself every few seconds and calls the expiration
routine as needed. it seems to be working, but i'm wondering if i've
introduced a memory leak in the process.

the relevant portion of the code is excerpted at https://gist.github.com/1374529

i didn't see a way to create a recurring timer and instead the event
handler calls ngx_add_timer() every time it is triggered (each time
re-using the same ngx_event_t pointer i set up initially).

do i also need to be calling ngx_event_del_timer to clean up after
myself, or does the ngx_event_expire_timers get called by nginx itself
and handle this potential leak?

or more simply, is there a way to create a timer that fires every n
seconds and doesn't need to be re-added each time it fires? i
experimented with setting the "oneshot" field to 0 but apparently it's
not quite that simple...

thanks again,
christian


From zzz at zzz.org.ua  Thu Nov 17 21:59:15 2011
From: zzz at zzz.org.ua (Alexandr Gomoliako)
Date: Thu, 17 Nov 2011 23:59:15 +0200
Subject: a digest authentication module
In-Reply-To: 
References: 
	
	
Message-ID: 

On Thu, Nov 17, 2011 at 11:29 PM, Samizdat Drafting Co.
 wrote:
> the relevant portion of the code is excerpted at https://gist.github.com/1374529
>
> i didn't see a way to create a recurring timer and instead the event
> handler calls ngx_add_timer() every time it is triggered (each time
> re-using the same ngx_event_t pointer i set up initially).
>
> do i also need to be calling ngx_event_del_timer to clean up after
> myself, or does the ngx_event_expire_timers get called by nginx itself
> and handle this potential leak?

Just check for it first, it's easier this way, one less thing to remeber:

    if (ev->timer_set) {
        ngx_del_timer(ev);
    }
    ...
    ngx_add_timer(ev, timeout * 1000);

> or more simply, is there a way to create a timer that fires every n
> seconds and doesn't need to be re-added each time it fires? i

No. You need to reschedule every time.


From mdounin at mdounin.ru  Fri Nov 18 02:24:11 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 18 Nov 2011 05:24:11 +0300
Subject: [PATCH 0 of 2] unlock mutexes on process crash
Message-ID: 

Hello!

The following patches restore accept mutex unlock on abnormal process
termination (broken in 1.0.2 with introduction of POSIX semaphores support
in locks) and introduce unlocking of shared memory zone's locks.

Maxim Dounin


From mdounin at mdounin.ru  Fri Nov 18 02:24:12 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 18 Nov 2011 05:24:12 +0300
Subject: [PATCH 1 of 2] Added shmtx interface to forcibly unlock mutexes
In-Reply-To: 
References: 
Message-ID: <98907592714e29982979.1321579452@vm-bsd.mdounin.ru>

# HG changeset patch
# User Maxim Dounin 
# Date 1321467405 -10800
# Node ID 98907592714e29982979010e310cd482d414b53f
# Parent  5a6ac21a44d49b71dfed08e362ea7a53e54d4f24
Added shmtx interface to forcibly unlock mutexes.

It is currently used from master process on abnormal worker termination to
unlock accept mutex (unlocking of accept mutex was broken in 1.0.2).  It is
expected to be used in the future to unlock other mutexes as well.

Shared mutex code was rewritten to make this possible in a safe way, i.e.
with a check if lock was actually held by the exited process.  We again use
pid to lock mutex, and use separate atomic variable for a count of processes
waiting in sem_wait().

diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c
--- a/src/core/ngx_cycle.c
+++ b/src/core/ngx_cycle.c
@@ -952,7 +952,7 @@ ngx_init_zone_pool(ngx_cycle_t *cycle, n
 
 #endif
 
-    if (ngx_shmtx_create(&sp->mutex, (void *) &sp->lock, file) != NGX_OK) {
+    if (ngx_shmtx_create(&sp->mutex, &sp->lock, file) != NGX_OK) {
         return NGX_ERROR;
     }
 
diff --git a/src/core/ngx_shmtx.c b/src/core/ngx_shmtx.c
--- a/src/core/ngx_shmtx.c
+++ b/src/core/ngx_shmtx.c
@@ -12,9 +12,9 @@
 
 
 ngx_int_t
-ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name)
+ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr, u_char *name)
 {
-    mtx->lock = addr;
+    mtx->lock = &addr->lock;
 
     if (mtx->spin == (ngx_uint_t) -1) {
         return NGX_OK;
@@ -24,6 +24,8 @@ ngx_shmtx_create(ngx_shmtx_t *mtx, void 
 
 #if (NGX_HAVE_POSIX_SEM)
 
+    mtx->wait = &addr->wait;
+
     if (sem_init(&mtx->sem, 1, 0) == -1) {
         ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
                       "sem_init() failed");
@@ -56,12 +58,7 @@ ngx_shmtx_destory(ngx_shmtx_t *mtx)
 ngx_uint_t
 ngx_shmtx_trylock(ngx_shmtx_t *mtx)
 {
-    ngx_atomic_uint_t  val;
-
-    val = *mtx->lock;
-
-    return ((val & 0x80000000) == 0
-            && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000));
+    return (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid));
 }
 
 
@@ -69,17 +66,12 @@ void
 ngx_shmtx_lock(ngx_shmtx_t *mtx)
 {
     ngx_uint_t         i, n;
-    ngx_atomic_uint_t  val;
 
     ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx lock");
 
     for ( ;; ) {
 
-        val = *mtx->lock;
-
-        if ((val & 0x80000000) == 0
-            && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000))
-        {
+        if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
             return;
         }
 
@@ -91,10 +83,8 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
                     ngx_cpu_pause();
                 }
 
-                val = *mtx->lock;
-
-                if ((val & 0x80000000) == 0
-                    && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000))
+                if (*mtx->lock == 0
+                    && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid))
                 {
                     return;
                 }
@@ -104,24 +94,24 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
 #if (NGX_HAVE_POSIX_SEM)
 
         if (mtx->semaphore) {
-            val = *mtx->lock;
+            ngx_atomic_fetch_add(mtx->wait, 1);
 
-            if ((val & 0x80000000)
-                && ngx_atomic_cmp_set(mtx->lock, val, val + 1))
-            {
-                ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
-                               "shmtx wait %XA", val);
+            if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
+                return;
+            }
 
-                while (sem_wait(&mtx->sem) == -1) {
-                    ngx_err_t  err;
+            ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                           "shmtx wait %XA", *mtx->wait);
 
-                    err = ngx_errno;
+            while (sem_wait(&mtx->sem) == -1) {
+                ngx_err_t  err;
 
-                    if (err != NGX_EINTR) {
-                        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err,
-                                   "sem_wait() failed while waiting on shmtx");
-                        break;
-                    }
+                err = ngx_errno;
+
+                if (err != NGX_EINTR) {
+                    ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err,
+                                  "sem_wait() failed while waiting on shmtx");
+                    break;
                 }
 
                 ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
@@ -141,31 +131,39 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
 void
 ngx_shmtx_unlock(ngx_shmtx_t *mtx)
 {
-    ngx_atomic_uint_t  val, old, wait;
+#if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_uint_t  wait;
+#endif
 
     if (mtx->spin != (ngx_uint_t) -1) {
         ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx unlock");
     }
 
+    if (!ngx_atomic_cmp_set(mtx->lock, ngx_pid, 0)) {
+        return;
+    }
+
+#if (NGX_HAVE_POSIX_SEM)
+
+    if (!mtx->semaphore) {
+        return;
+    }
+
     for ( ;; ) {
 
-        old = *mtx->lock;
-        wait = old & 0x7fffffff;
-        val = wait ? wait - 1 : 0;
+        wait = *mtx->wait;
 
-        if (ngx_atomic_cmp_set(mtx->lock, old, val)) {
+        if (wait == 0) {
+            return;
+        }
+
+        if (ngx_atomic_cmp_set(mtx->wait, wait, wait - 1)) {
             break;
         }
     }
 
-#if (NGX_HAVE_POSIX_SEM)
-
-    if (wait == 0 || !mtx->semaphore) {
-        return;
-    }
-
     ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
-                   "shmtx wake %XA", old);
+                   "shmtx wake %XA", wait);
 
     if (sem_post(&mtx->sem) == -1) {
         ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
@@ -176,11 +174,58 @@ ngx_shmtx_unlock(ngx_shmtx_t *mtx)
 }
 
 
+ngx_uint_t
+ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
+{
+#if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_uint_t  wait;
+#endif
+
+    ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                   "shmtx forced unlock");
+
+    if (!ngx_atomic_cmp_set(mtx->lock, pid, 0)) {
+        return 0;
+    }
+
+#if (NGX_HAVE_POSIX_SEM)
+
+    if (!mtx->semaphore) {
+        return 1;
+    }
+
+    for ( ;; ) {
+
+        wait = *mtx->wait;
+
+        if (wait == 0) {
+            return 1;
+        }
+
+        if (ngx_atomic_cmp_set(mtx->wait, wait, wait - 1)) {
+            break;
+        }
+    }
+
+    ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                   "shmtx wake %XA", wait);
+
+    if (sem_post(&mtx->sem) == -1) {
+        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
+                      "sem_post() failed while wake shmtx");
+    }
+
+#endif
+
+    return 1;
+}
+
+
 #else
 
 
 ngx_int_t
-ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name)
+ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr, u_char *name)
 {
     if (mtx->name) {
 
@@ -280,4 +325,11 @@ ngx_shmtx_unlock(ngx_shmtx_t *mtx)
     ngx_log_abort(err, ngx_unlock_fd_n " %s failed", mtx->name);
 }
 
+
+void
+ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
+{
+    /* void */
+}
+
 #endif
diff --git a/src/core/ngx_shmtx.h b/src/core/ngx_shmtx.h
--- a/src/core/ngx_shmtx.h
+++ b/src/core/ngx_shmtx.h
@@ -13,9 +13,18 @@
 
 
 typedef struct {
+    ngx_atomic_t   lock;
+#if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_t   wait;
+#endif
+} ngx_shmtx_sh_t;
+
+
+typedef struct {
 #if (NGX_HAVE_ATOMIC_OPS)
     ngx_atomic_t  *lock;
 #if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_t  *wait;
     ngx_uint_t     semaphore;
     sem_t          sem;
 #endif
@@ -27,11 +36,13 @@ typedef struct {
 } ngx_shmtx_t;
 
 
-ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name);
+ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr,
+    u_char *name);
 void ngx_shmtx_destory(ngx_shmtx_t *mtx);
 ngx_uint_t ngx_shmtx_trylock(ngx_shmtx_t *mtx);
 void ngx_shmtx_lock(ngx_shmtx_t *mtx);
 void ngx_shmtx_unlock(ngx_shmtx_t *mtx);
+ngx_uint_t ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid);
 
 
 #endif /* _NGX_SHMTX_H_INCLUDED_ */
diff --git a/src/core/ngx_slab.h b/src/core/ngx_slab.h
--- a/src/core/ngx_slab.h
+++ b/src/core/ngx_slab.h
@@ -22,7 +22,7 @@ struct ngx_slab_page_s {
 
 
 typedef struct {
-    ngx_atomic_t      lock;
+    ngx_shmtx_sh_t    lock;
 
     size_t            min_size;
     size_t            min_shift;
diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c
--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
@@ -521,7 +521,8 @@ ngx_event_module_init(ngx_cycle_t *cycle
     ngx_accept_mutex_ptr = (ngx_atomic_t *) shared;
     ngx_accept_mutex.spin = (ngx_uint_t) -1;
 
-    if (ngx_shmtx_create(&ngx_accept_mutex, shared, cycle->lock_file.data)
+    if (ngx_shmtx_create(&ngx_accept_mutex, (ngx_shmtx_sh_t *) shared,
+                         cycle->lock_file.data)
         != NGX_OK)
     {
         return NGX_ERROR;
diff --git a/src/os/unix/ngx_process.c b/src/os/unix/ngx_process.c
--- a/src/os/unix/ngx_process.c
+++ b/src/os/unix/ngx_process.c
@@ -504,7 +504,7 @@ ngx_process_get_status(void)
              * held it
              */
 
-            ngx_atomic_cmp_set(ngx_accept_mutex_ptr, pid, 0);
+            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
         }
 
 


From mdounin at mdounin.ru  Fri Nov 18 02:24:13 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 18 Nov 2011 05:24:13 +0300
Subject: [PATCH 2 of 2] Unlock of shared memory zones on process crash
In-Reply-To: 
References: 
Message-ID: 

# HG changeset patch
# User Maxim Dounin 
# Date 1321579276 -10800
# Node ID e32c7ec2800b43ad5fe4bf98bc69fda4abdadf39
# Parent  98907592714e29982979010e310cd482d414b53f
Unlock of shared memory zones on process crash.

If process exited abnormally while holding lock on some shared memory zone -
unlock it.  It may be not safe thing to do (as crash with lock held may
result in corrupted shared memory structure, and other processes will
subsequently crash while trying to access shared data), therefore complain
loudly if unlock succeeds.

diff --git a/src/os/unix/ngx_process.c b/src/os/unix/ngx_process.c
--- a/src/os/unix/ngx_process.c
+++ b/src/os/unix/ngx_process.c
@@ -445,12 +445,15 @@ ngx_signal_handler(int signo)
 static void
 ngx_process_get_status(void)
 {
-    int              status;
-    char            *process;
-    ngx_pid_t        pid;
-    ngx_err_t        err;
-    ngx_int_t        i;
-    ngx_uint_t       one;
+    int               status;
+    char             *process;
+    ngx_pid_t         pid;
+    ngx_err_t         err;
+    ngx_int_t         i;
+    ngx_uint_t        n, one;
+    ngx_shm_zone_t   *shm_zone;
+    ngx_list_part_t  *part;
+    ngx_slab_pool_t  *sp;
 
     one = 0;
 
@@ -497,17 +500,6 @@ ngx_process_get_status(void)
         }
 
 
-        if (ngx_accept_mutex_ptr) {
-
-            /*
-             * unlock the accept mutex if the abnormally exited process
-             * held it
-             */
-
-            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
-        }
-
-
         one = 1;
         process = "unknown process";
 
@@ -545,6 +537,46 @@ ngx_process_get_status(void)
                           process, pid, WEXITSTATUS(status));
             ngx_processes[i].respawn = 0;
         }
+
+
+        if (ngx_accept_mutex_ptr) {
+
+            /*
+             * unlock the accept mutex if the abnormally exited process
+             * held it
+             */
+
+            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
+        }
+
+
+        /*
+         * unlock shared memory mutexes if held by the abnormally exited
+         * process
+         */
+
+        part = (ngx_list_part_t *) &ngx_cycle->shared_memory.part;
+        shm_zone = part->elts;
+
+        for (n = 0; /* void */ ; n++) {
+
+            if (n >= part->nelts) {
+                if (part->next == NULL) {
+                    break;
+                }
+                part = part->next;
+                shm_zone = part->elts;
+                n = 0;
+            }
+
+            sp = (ngx_slab_pool_t *) shm_zone[n].shm.addr;
+
+            if (ngx_shmtx_force_unlock(&sp->mutex, pid)) {
+                ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0,
+                              "shared memory zone \"%V\" was locked by %P",
+                              &shm_zone[n].shm.name, pid);
+            }
+        }
     }
 }
 


From mdounin at mdounin.ru  Fri Nov 18 02:04:13 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 18 Nov 2011 06:04:13 +0400
Subject: [PATCH] Use specification-compliant FLV header
In-Reply-To: <20111117205608.GA27979@fr2.local>
References: <20111117205608.GA27979@fr2.local>
Message-ID: <20111118020413.GW95664@mdounin.ru>

Hello!

On Thu, Nov 17, 2011 at 09:56:09PM +0100, Piotr Sikora wrote:

> Hey,
> according to the Flash Video (FLV) specification [1] E.2 & E.3, [2],
> the correct format of the FLV header and the beginning of the stream is:
> 
>    FLV\x01(\x01|\x04|\x05)\x00\x00\x00\x09\x00\x00\x00\x00
> 
> with 5th byte denoting presence of video (\x01), audio (\x04)
> or both (\x05).
> 
> However, nginx is currently using:
> 
>    FLV\x01\x01\x00\x00\x00\x09\x00\x00\x00\x09
> 
> and while denoting presence of only video tags (\x01) isn't strictly
> incorrect, denoting presence of both audio and video (\x05) would match
> "real world" usage much closer.
> 
> The real problem is \x00\x00\x00\x09 in the beginning of the stream
> (denoting size of the previous tag), which is plainly wrong, because
> according to the specification it should be always \x00\x00\x00\x00.
> 
> I'm aware of the fact that virtually all other pseudo-streaming modules
> are using the same incorrect header, but that doesn't mean that nginx
> must use it as well. Attached patch fixes this.
> 
> [1] http://www.adobe.com/devnet/f4v.html
> [2] http://osflash.org/flv#flv_format
> 
> Best regards,
> Piotr Sikora < piotr.sikora at frickle.com >
> 

> --- src/http/modules/ngx_http_flv_module.c.orig	Thu Nov 17 17:53:11 2011
> +++ src/http/modules/ngx_http_flv_module.c	Thu Nov 17 17:53:29 2011
> @@ -23,7 +23,7 @@
>  };
>  
>  
> -static u_char  ngx_flv_header[] = "FLV\x1\x1\0\0\0\x9\0\0\0\x9";
> +static u_char  ngx_flv_header[] = "FLV\x1\x5\0\0\0\x9\0\0\0\0";
>  
>  
>  static ngx_http_module_t  ngx_http_flv_module_ctx = {

The patch looks perfectly correct for me from specification point of 
view, thanks.

What about real world interoperability?  I.e. is it possible 
it will break something?  Was it tested to work properly with 
flv players?

(It looks like youtube uses this header, so I suppose it's safe.  
But I would like to see some testing results.)

Maxim Dounin


From piotr.sikora at frickle.com  Fri Nov 18 03:24:56 2011
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Fri, 18 Nov 2011 04:24:56 +0100
Subject: [PATCH] Use specification-compliant FLV header
In-Reply-To: <20111118020413.GW95664@mdounin.ru>
References: <20111117205608.GA27979@fr2.local>
	<20111118020413.GW95664@mdounin.ru>
Message-ID: <9984CDD93E004BB7A78100864D8C2A94@Desktop>

Hey,

> What about real world interoperability?  I.e. is it possible
> it will break something?  Was it tested to work properly with
> flv players?

Well, there is always the possibility that it could break some broken 
players, but flowplayer & JW Player have no issues with it.

> (It looks like youtube uses this header, so I suppose it's safe.
> But I would like to see some testing results.)

All .flv files I've checked use this header.

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >


From mdounin at mdounin.ru  Fri Nov 18 14:41:02 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Fri, 18 Nov 2011 14:41:02 +0000
Subject: [nginx] svn commit:  r4298 - trunk/src/http/modules
Message-ID: <20111118144102.6F8113F9C1B@mail.nginx.com>

Author: mdounin
Date: 2011-11-18 14:41:01 +0000 (Fri, 18 Nov 2011)
New Revision: 4298

Log:
Fixed flv header to match specification.

Used "\x5" in 5th byte to claim presence of both audio and video.  Used
previous tag size 0 in the beginning of the flv body (bytes 10 .. 13) as
required by specification (see http://www.adobe.com/devnet/f4v.html).

Patch by Piotr Sikora.


Modified:
   trunk/src/http/modules/ngx_http_flv_module.c

Modified: trunk/src/http/modules/ngx_http_flv_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_flv_module.c	2011-11-16 13:27:33 UTC (rev 4297)
+++ trunk/src/http/modules/ngx_http_flv_module.c	2011-11-18 14:41:01 UTC (rev 4298)
@@ -23,7 +23,7 @@
 };
 
 
-static u_char  ngx_flv_header[] = "FLV\x1\x1\0\0\0\x9\0\0\0\x9";
+static u_char  ngx_flv_header[] = "FLV\x1\x5\0\0\0\x9\0\0\0\0";
 
 
 static ngx_http_module_t  ngx_http_flv_module_ctx = {


From mdounin at mdounin.ru  Fri Nov 18 14:41:45 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 18 Nov 2011 18:41:45 +0400
Subject: [PATCH] Use specification-compliant FLV header
In-Reply-To: <9984CDD93E004BB7A78100864D8C2A94@Desktop>
References: <20111117205608.GA27979@fr2.local>
	<20111118020413.GW95664@mdounin.ru>
	<9984CDD93E004BB7A78100864D8C2A94@Desktop>
Message-ID: <20111118144145.GF95664@mdounin.ru>

Hello!

On Fri, Nov 18, 2011 at 04:24:56AM +0100, Piotr Sikora wrote:

> Hey,
> 
> >What about real world interoperability?  I.e. is it possible
> >it will break something?  Was it tested to work properly with
> >flv players?
> 
> Well, there is always the possibility that it could break some
> broken players, but flowplayer & JW Player have no issues with it.

Committed, thanks!

Maxim Dounin


From mdounin at mdounin.ru  Fri Nov 18 15:09:09 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Fri, 18 Nov 2011 15:09:09 +0000
Subject: [nginx] svn commit:  r4299 - trunk/src/http
Message-ID: <20111118150910.228FD3F9C52@mail.nginx.com>

Author: mdounin
Date: 2011-11-18 15:09:08 +0000 (Fri, 18 Nov 2011)
New Revision: 4299

Log:
Upstream: don't cache unfinished responses.

Check if received data length match Content-Length header (if present),
don't cache response if no match found.  This prevents caching of corrupted
response in case of premature connection close by upstream.


Modified:
   trunk/src/http/ngx_http_upstream.c

Modified: trunk/src/http/ngx_http_upstream.c
===================================================================
--- trunk/src/http/ngx_http_upstream.c	2011-11-18 14:41:01 UTC (rev 4298)
+++ trunk/src/http/ngx_http_upstream.c	2011-11-18 15:09:08 UTC (rev 4299)
@@ -2696,10 +2696,18 @@
 
             } else if (p->upstream_eof) {
 
-                /* TODO: check length & update cache */
+                tf = u->pipe->temp_file;
 
-                ngx_http_file_cache_update(r, u->pipe->temp_file);
+                if (u->headers_in.content_length_n == -1
+                    || u->headers_in.content_length_n
+                       == tf->offset - (off_t) r->cache->body_start)
+                {
+                    ngx_http_file_cache_update(r, tf);
 
+                } else {
+                    ngx_http_file_cache_free(r->cache, tf);
+                }
+
             } else if (p->upstream_error) {
                 ngx_http_file_cache_free(r->cache, u->pipe->temp_file);
             }


From maxim at nginx.com  Fri Nov 18 18:42:00 2011
From: maxim at nginx.com (maxim at nginx.com)
Date: Fri, 18 Nov 2011 18:42:00 +0000
Subject: [nginx] svn commit:  r4300 - trunk/src/os/unix
Message-ID: <20111118184201.0BF623F9C36@mail.nginx.com>

Author: maxim
Date: 2011-11-18 18:42:00 +0000 (Fri, 18 Nov 2011)
New Revision: 4300

Log:
FreeBSD 10-current has recently gotten POSIX_FADV_* macros.
A fix for the broken build applied.

Patch from Igor Sysoev.


Modified:
   trunk/src/os/unix/ngx_files.c

Modified: trunk/src/os/unix/ngx_files.c
===================================================================
--- trunk/src/os/unix/ngx_files.c	2011-11-18 15:09:08 UTC (rev 4299)
+++ trunk/src/os/unix/ngx_files.c	2011-11-18 18:42:00 UTC (rev 4300)
@@ -464,7 +464,7 @@
 }
 
 
-#if (NGX_HAVE_POSIX_FADVISE)
+#if (NGX_HAVE_POSIX_FADVISE) && !(NGX_HAVE_F_READAHEAD)
 
 ngx_int_t
 ngx_read_ahead(ngx_fd_t fd, size_t n)


From ru at nginx.com  Mon Nov 21 07:31:59 2011
From: ru at nginx.com (ru at nginx.com)
Date: Mon, 21 Nov 2011 07:31:59 +0000
Subject: [nginx] svn commit:  r4301 - trunk/src/http
Message-ID: <20111121073159.BDDDA3F9C22@mail.nginx.com>

Author: ru
Date: 2011-11-21 07:31:59 +0000 (Mon, 21 Nov 2011)
New Revision: 4301

Log:
Fixed "keepalive_disable".

Patch by Alexander Usov.


Modified:
   trunk/src/http/ngx_http_core_module.c

Modified: trunk/src/http/ngx_http_core_module.c
===================================================================
--- trunk/src/http/ngx_http_core_module.c	2011-11-18 18:42:00 UTC (rev 4300)
+++ trunk/src/http/ngx_http_core_module.c	2011-11-21 07:31:59 UTC (rev 4301)
@@ -3267,12 +3267,12 @@
      *     clcf->auto_redirect = 0;
      *     clcf->alias = 0;
      *     clcf->gzip_proxied = 0;
+     *     clcf->keepalive_disable = 0;
      */
 
     clcf->client_max_body_size = NGX_CONF_UNSET;
     clcf->client_body_buffer_size = NGX_CONF_UNSET_SIZE;
     clcf->client_body_timeout = NGX_CONF_UNSET_MSEC;
-    clcf->keepalive_disable = NGX_CONF_UNSET_UINT;
     clcf->satisfy = NGX_CONF_UNSET_UINT;
     clcf->if_modified_since = NGX_CONF_UNSET_UINT;
     clcf->max_ranges = NGX_CONF_UNSET_UINT;


From maxim at nginx.com  Mon Nov 21 09:20:51 2011
From: maxim at nginx.com (maxim at nginx.com)
Date: Mon, 21 Nov 2011 09:20:51 +0000
Subject: [nginx] svn commit:  r4302 - trunk/conf
Message-ID: <20111121092051.42BFC3F9C22@mail.nginx.com>

Author: maxim
Date: 2011-11-21 09:20:50 +0000 (Mon, 21 Nov 2011)
New Revision: 4302

Log:
svgz extension for compressed SVG added (close #56).


Modified:
   trunk/conf/mime.types

Modified: trunk/conf/mime.types
===================================================================
--- trunk/conf/mime.types	2011-11-21 07:31:59 UTC (rev 4301)
+++ trunk/conf/mime.types	2011-11-21 09:20:50 UTC (rev 4302)
@@ -21,7 +21,7 @@
     image/x-icon                          ico;
     image/x-jng                           jng;
     image/x-ms-bmp                        bmp;
-    image/svg+xml                         svg;
+    image/svg+xml                         svg svgz;
     image/webp                            webp;
 
     application/java-archive              jar war ear;


From mdounin at mdounin.ru  Mon Nov 21 09:56:58 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 21 Nov 2011 12:56:58 +0300
Subject: [PATCH] Fixed segfault on ssl servers without cert with SNI (ticket
	#54)
Message-ID: 

# HG changeset patch
# User Maxim Dounin 
# Date 1321865816 -10800
# Node ID ddf09f8d580e502c4c665e89fecf705acc13e32e
# Parent  dec8d0f5d34bb7c2a2e1ac8d8347d113ebb47d5a
Fixed segfault on ssl servers without cert with SNI (ticket #54).

Non-default servers may not have ssl context created if there are no
certificate defined.  Make sure to check if ssl context present before
using it.

diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -671,25 +671,27 @@ ngx_http_ssl_servername(ngx_ssl_conn_t *
 
     sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
 
-    SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
-
-    /*
-     * SSL_set_SSL_CTX() only changes certs as of 1.0.0d
-     * adjust other things we care about
-     */
-
-    SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
-                   SSL_CTX_get_verify_callback(sscf->ssl.ctx));
-
-    SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
+    if (sscf->ssl.ctx) {
+        SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
+
+        /*
+         * SSL_set_SSL_CTX() only changes certs as of 1.0.0d
+         * adjust other things we care about
+         */
+
+        SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
+                       SSL_CTX_get_verify_callback(sscf->ssl.ctx));
+
+        SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
 
 #ifdef SSL_CTRL_CLEAR_OPTIONS
-    /* only in 0.9.8m+ */
-    SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
-                                ~SSL_CTX_get_options(sscf->ssl.ctx));
+        /* only in 0.9.8m+ */
+        SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
+                                    ~SSL_CTX_get_options(sscf->ssl.ctx));
 #endif
 
-    SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
+        SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
+    }
 
     return SSL_TLSEXT_ERR_OK;
 }


From maxim at nginx.com  Mon Nov 21 11:51:42 2011
From: maxim at nginx.com (maxim at nginx.com)
Date: Mon, 21 Nov 2011 11:51:42 +0000
Subject: [nginx] svn commit:  r4303 - trunk/auto
Message-ID: <20111121115142.6817A3F9C51@mail.nginx.com>

Author: maxim
Date: 2011-11-21 11:51:41 +0000 (Mon, 21 Nov 2011)
New Revision: 4303

Log:
o AIX 7 defines sys_nerr in errno.h, therefore  included
in the sys_nerr test.

o When sys_nerr and _sys_nerr are missed on a particular platform
and our euristic for a maximum errno detection applied always
print the maximum errno number we reached instead of printing void.[*]

* patch from Maxim Dounin

This commit makes possible to build nginx on AIX 7.1.


Modified:
   trunk/auto/unix

Modified: trunk/auto/unix
===================================================================
--- trunk/auto/unix	2011-11-21 09:20:50 UTC (rev 4302)
+++ trunk/auto/unix	2011-11-21 11:51:41 UTC (rev 4303)
@@ -496,7 +496,8 @@
 ngx_feature="sys_nerr"
 ngx_feature_name="NGX_SYS_NERR"
 ngx_feature_run=value
-ngx_feature_incs='#include '
+ngx_feature_incs='#include 
+                  #include '
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test='printf("%d", sys_nerr);'
@@ -538,10 +539,10 @@
                               || p == NULL
                               || strncmp(p, "Unknown error", 13) == 0)
                           {
-                              printf("%d", n);
-                              return 0;
+                              break;
                           }
-                     }'
+                      }
+                      printf("%d", n);'
     . auto/feature
 fi
 


From ru at nginx.com  Tue Nov 22 13:26:45 2011
From: ru at nginx.com (ru at nginx.com)
Date: Tue, 22 Nov 2011 13:26:45 +0000
Subject: [nginx] svn commit:  r4304 - trunk/auto
Message-ID: <20111122132645.8B20F3F9C51@mail.nginx.com>

Author: ru
Date: 2011-11-22 13:26:44 +0000 (Tue, 22 Nov 2011)
New Revision: 4304

Log:
Made it possible to build/install from the SVN checkout.


Modified:
   trunk/auto/install

Modified: trunk/auto/install
===================================================================
--- trunk/auto/install	2011-11-21 11:51:41 UTC (rev 4303)
+++ trunk/auto/install	2011-11-22 13:26:44 UTC (rev 4304)
@@ -72,16 +72,28 @@
 esac
 
 
+if test -e man/nginx.8 ; then
+    NGX_MAN=man/nginx.8
+else
+    NGX_MAN=docs/man/nginx.8
+fi
+
+if test -d html ; then
+    NGX_HTML=html
+else
+    NGX_HTML=docs/html
+fi
+
 cat << END                                                    >> $NGX_MAKEFILE
 
 manpage:	$NGX_OBJS/nginx.8
 
-$NGX_OBJS/nginx.8:	man/nginx.8 $NGX_AUTO_CONFIG_H
+$NGX_OBJS/nginx.8:	$NGX_MAN $NGX_AUTO_CONFIG_H
 	sed -e "s|%%PREFIX%%|$NGX_PREFIX|" \\
 		-e "s|%%PID_PATH%%|$NGX_PID_PATH|" \\
 		-e "s|%%CONF_PATH%%|$NGX_CONF_PATH|" \\
 		-e "s|%%ERROR_LOG_PATH%%|${NGX_ERROR_LOG_PATH:-stderr}|" \\
-		< man/nginx.8 > $NGX_OBJS/nginx.8
+		< $NGX_MAN > \$@
 
 install:	$NGX_OBJS${ngx_dirsep}nginx${ngx_binext} \
 		$NGX_INSTALL_PERL_MODULES
@@ -135,7 +147,7 @@
 		mkdir -p '\$(DESTDIR)`dirname "$NGX_HTTP_LOG_PATH"`'
 
 	test -d '\$(DESTDIR)$NGX_PREFIX/html' \
-		|| cp -r html '\$(DESTDIR)$NGX_PREFIX'
+		|| cp -R $NGX_HTML '\$(DESTDIR)$NGX_PREFIX'
 END
 
 


From mdounin at mdounin.ru  Tue Nov 22 16:27:46 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Tue, 22 Nov 2011 16:27:46 +0000
Subject: [nginx] svn commit:  r4305 - trunk/src/http
Message-ID: <20111122162746.0D3AC3F9C3B@mail.nginx.com>

Author: mdounin
Date: 2011-11-22 16:27:45 +0000 (Tue, 22 Nov 2011)
New Revision: 4305

Log:
Fixed segfault on ssl servers without cert with SNI (ticket #54).

Non-default servers may not have ssl context created if there are no
certificate defined.  Make sure to check if ssl context present before
using it.


Modified:
   trunk/src/http/ngx_http_request.c

Modified: trunk/src/http/ngx_http_request.c
===================================================================
--- trunk/src/http/ngx_http_request.c	2011-11-22 13:26:44 UTC (rev 4304)
+++ trunk/src/http/ngx_http_request.c	2011-11-22 16:27:45 UTC (rev 4305)
@@ -671,25 +671,27 @@
 
     sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
 
-    SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
+    if (sscf->ssl.ctx) {
+        SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx);
 
-    /*
-     * SSL_set_SSL_CTX() only changes certs as of 1.0.0d
-     * adjust other things we care about
-     */
+        /*
+         * SSL_set_SSL_CTX() only changes certs as of 1.0.0d
+         * adjust other things we care about
+         */
 
-    SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
-                   SSL_CTX_get_verify_callback(sscf->ssl.ctx));
+        SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
+                       SSL_CTX_get_verify_callback(sscf->ssl.ctx));
 
-    SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
+        SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
 
 #ifdef SSL_CTRL_CLEAR_OPTIONS
-    /* only in 0.9.8m+ */
-    SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
-                                ~SSL_CTX_get_options(sscf->ssl.ctx));
+        /* only in 0.9.8m+ */
+        SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
+                                    ~SSL_CTX_get_options(sscf->ssl.ctx));
 #endif
 
-    SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
+        SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
+    }
 
     return SSL_TLSEXT_ERR_OK;
 }


From mdounin at mdounin.ru  Tue Nov 22 16:52:49 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 22 Nov 2011 20:52:49 +0400
Subject: [PATCH] Check stale write events in ngx_epoll_module
In-Reply-To: 
References: 
	<20111107175158.GU95664@mdounin.ru>
	
Message-ID: <20111122165249.GK95664@mdounin.ru>

Hello!

On Tue, Nov 08, 2011 at 08:40:29AM +0800, agentzh wrote:

> On Tue, Nov 8, 2011 at 1:51 AM, Maxim Dounin  wrote:
> >
> > Patch looks fine for me. ?Could you please provide some details
> > about user-visible effects observed if the problem occurs?
> >
> 
> We've noticed this when using the ngx_postgres module to connect to a
> PostgreSQL database via libpq over a no-so-good network.
> 
> The libpq library's documentation requires a write event to occur
> before calling PQconnectPoll when PGRES_POLLING_WRITING was last
> returned. So when a stale write event triggers the PQconnectPoll call,
> libpq will simply complain about it and return an error. This is a
> limitation in libpq to do non-blocking I/O and we have to work around
> on the Nginx side.

Committed, thanks.

Maxim Dounin


From mdounin at mdounin.ru  Tue Nov 22 17:02:22 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Tue, 22 Nov 2011 17:02:22 +0000
Subject: [nginx] svn commit:  r4306 - trunk/src/event/modules
Message-ID: <20111122170222.24FAF3F9C29@mail.nginx.com>

Author: mdounin
Date: 2011-11-22 17:02:21 +0000 (Tue, 22 Nov 2011)
New Revision: 4306

Log:
Protection from stale write events in epoll.

Stale write event may happen if epoll_wait() reported both read and write
events, and processing of the read event closed descriptor.

Patch by Yichun Zhang (agentzh).


Modified:
   trunk/src/event/modules/ngx_epoll_module.c

Modified: trunk/src/event/modules/ngx_epoll_module.c
===================================================================
--- trunk/src/event/modules/ngx_epoll_module.c	2011-11-22 16:27:45 UTC (rev 4305)
+++ trunk/src/event/modules/ngx_epoll_module.c	2011-11-22 17:02:21 UTC (rev 4306)
@@ -681,6 +681,18 @@
 
         wev = c->write;
 
+        if (c->fd == -1 || wev->instance != instance) {
+
+            /*
+             * the stale event from a file descriptor
+             * that was just closed in this iteration
+             */
+
+            ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                           "epoll: stale event %p", c);
+            continue;
+        }
+
         if ((revents & EPOLLOUT) && wev->active) {
 
             if (flags & NGX_POST_THREAD_EVENTS) {


From appa at perusio.net  Wed Nov 23 04:01:29 2011
From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida)
Date: Wed, 23 Nov 2011 04:01:29 +0000
Subject: nginx crash
In-Reply-To: 
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
Message-ID: <87r50zo5ba.wl%appa@perusio.net>

On 14 Nov 2011 16h57 WET, magicbearmo at gmail.com wrote:

> Hello,
>
> I think is also not relative to crash, when I increase the zone key
> size, crash hasn't happen again (but my upstream are also up), so I
> still unknown where has the crash happen.
> Just I had update all of my server to 1.1.8, I want to test for your
> config because some of my server has running dynamic page, and they
> aren't return the Content-Length.

I'm having a similar issue. The php-fpm workers stop responding and
since the FCGI cache lifetime is 15s I get a bunch of SEGVs on the
cache manager.

I'm increasing the cache keys zone size from 5M to 10M. I know you
guys at nginx.com are busy people, but please look into this issue. Is
really making Nginx sensitive to failings in apps. Which it shouldn't
be since there's a clear separation between app and server. That's
IMHO one big selling point, among many others of course.

Thanks,
--- appa


From igor at sysoev.ru  Wed Nov 23 07:22:16 2011
From: igor at sysoev.ru (igor at sysoev.ru)
Date: Wed, 23 Nov 2011 07:22:16 +0000
Subject: [nginx] svn commit:  r4307 - trunk/src/http/modules
Message-ID: 

Author: is
Date: 2011-11-23 07:22:15 +0000 (Wed, 23 Nov 2011)
New Revision: 4307

Modified:
   trunk/src/http/modules/ngx_http_mp4_module.c
Log:
Fix of mp4 module seeking.


Modified: trunk/src/http/modules/ngx_http_mp4_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_mp4_module.c	2011-11-22 17:02:21 UTC (rev 4306)
+++ trunk/src/http/modules/ngx_http_mp4_module.c	2011-11-23 07:22:15 UTC (rev 4307)
@@ -1899,7 +1899,7 @@
         ngx_log_debug2(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0,
                        "count:%uD, duration:%uD", count, duration);
 
-        if (start_time < count * duration) {
+        if (start_time < (uint64_t) count * duration) {
             start_sample += (ngx_uint_t) (start_time / duration);
             count -= start_sample;
             ngx_mp4_set_32value(entry->count, count);


From ru at nginx.com  Wed Nov 23 10:16:30 2011
From: ru at nginx.com (ru at nginx.com)
Date: Wed, 23 Nov 2011 10:16:30 +0000
Subject: [nginx] svn commit:  r4308 - trunk/src/http/modules
Message-ID: <20111123101630.997293F9C1D@mail.nginx.com>

Author: ru
Date: 2011-11-23 10:16:30 +0000 (Wed, 23 Nov 2011)
New Revision: 4308

Log:
Cosmetics.


Modified:
   trunk/src/http/modules/ngx_http_image_filter_module.c

Modified: trunk/src/http/modules/ngx_http_image_filter_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_image_filter_module.c	2011-11-23 07:22:15 UTC (rev 4307)
+++ trunk/src/http/modules/ngx_http_image_filter_module.c	2011-11-23 10:16:30 UTC (rev 4308)
@@ -115,7 +115,7 @@
 static ngx_command_t  ngx_http_image_filter_commands[] = {
 
     { ngx_string("image_filter"),
-      NGX_HTTP_LOC_CONF|NGX_CONF_TAKE13|NGX_CONF_TAKE2,
+      NGX_HTTP_LOC_CONF|NGX_CONF_TAKE123,
       ngx_http_image_filter,
       NGX_HTTP_LOC_CONF_OFFSET,
       0,
@@ -1405,7 +1405,7 @@
 
         if (n <= 0) {
             ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                               "invalid parameter \"%V\"", &value[1]);
+                               "invalid value \"%V\"", &value[1]);
             return NGX_CONF_ERROR;
         }
 
@@ -1452,7 +1452,7 @@
 
         if (n < 0) {
             ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
-                               "invalid parameter \"%V\"", &value[1]);
+                               "invalid value \"%V\"", &value[1]);
             return NGX_CONF_ERROR;
         }
 


From ru at nginx.com  Wed Nov 23 10:22:44 2011
From: ru at nginx.com (ru at nginx.com)
Date: Wed, 23 Nov 2011 10:22:44 +0000
Subject: [nginx] svn commit:  r4309 - trunk/src/http/modules
Message-ID: <20111123102244.DDB853F9C21@mail.nginx.com>

Author: ru
Date: 2011-11-23 10:22:44 +0000 (Wed, 23 Nov 2011)
New Revision: 4309

Log:
Fixed "rotate" to always work when combined with "resize/crop".


Modified:
   trunk/src/http/modules/ngx_http_image_filter_module.c

Modified: trunk/src/http/modules/ngx_http_image_filter_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_image_filter_module.c	2011-11-23 10:16:30 UTC (rev 4308)
+++ trunk/src/http/modules/ngx_http_image_filter_module.c	2011-11-23 10:22:44 UTC (rev 4309)
@@ -1262,7 +1262,11 @@
     } else if (cf->args->nelts == 3) {
 
         if (ngx_strcmp(value[i].data, "rotate") == 0) {
-            imcf->filter = NGX_HTTP_IMAGE_ROTATE;
+            if (imcf->filter != NGX_HTTP_IMAGE_RESIZE
+                && imcf->filter != NGX_HTTP_IMAGE_CROP)
+            {
+                imcf->filter = NGX_HTTP_IMAGE_ROTATE;
+            }
 
             ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
 


From mdounin at mdounin.ru  Wed Nov 23 12:29:36 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 23 Nov 2011 16:29:36 +0400
Subject: nginx crash
In-Reply-To: <87r50zo5ba.wl%appa@perusio.net>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
Message-ID: <20111123122936.GP95664@mdounin.ru>

Hello!

On Wed, Nov 23, 2011 at 04:01:29AM +0000, Ant?nio P. P. Almeida wrote:

> On 14 Nov 2011 16h57 WET, magicbearmo at gmail.com wrote:
> 
> > Hello,
> >
> > I think is also not relative to crash, when I increase the zone key
> > size, crash hasn't happen again (but my upstream are also up), so I
> > still unknown where has the crash happen.
> > Just I had update all of my server to 1.1.8, I want to test for your
> > config because some of my server has running dynamic page, and they
> > aren't return the Content-Length.
> 
> I'm having a similar issue. The php-fpm workers stop responding and
> since the FCGI cache lifetime is 15s I get a bunch of SEGVs on the
> cache manager.

By "lifetime" you mean "fastcgi_cache_path ... inactive=15s"?

If yes, than you may want to change your configuration: this isn't 
going to work well as nginx uses "inactive" as a guard against 
stale cache entry locks (left by crashed workers, if any).  It 
was never expected to be lower than time required to fetch 
a resource from an upstream, and setting it to lower expected to 
cause problems.

If no, you may want to provide more details.  (Ideally I would 
like to see full debug log showing the crash, the "ignore long 
locked inactive cache entry" alert and some time before it, but I 
understand it would be hard to obtain unless you are able to 
reproduce the problem at will.)

> I'm increasing the cache keys zone size from 5M to 10M. I know you
> guys at nginx.com are busy people, but please look into this issue. Is
> really making Nginx sensitive to failings in apps. Which it shouldn't
> be since there's a clear separation between app and server. That's
> IMHO one big selling point, among many others of course.

Recently posted patch series[1] addresses major part of the 
problem: it resolves deadlock after such crashes.  It would be 
fine to resolve the crash itself too, but I wasn't yet able to 
trace the problem cause (unless it's caused by too low inactive 
time, which is mostly a configuration problem, see above).

[1] http://mailman.nginx.org/pipermail/nginx-devel/2011-November/001471.html

Maxim Dounin


From andrew at nginx.com  Wed Nov 23 12:30:44 2011
From: andrew at nginx.com (Andrew Alexeev)
Date: Wed, 23 Nov 2011 16:30:44 +0400
Subject: nginx crash
In-Reply-To: <87r50zo5ba.wl%appa@perusio.net>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
Message-ID: 

Antonio,

On Nov 23, 2011, at 8:01 AM, Ant?nio P. P. Almeida wrote:

> On 14 Nov 2011 16h57 WET, magicbearmo at gmail.com wrote:
> 
>> Hello,
>> 
>> I think is also not relative to crash, when I increase the zone key
>> size, crash hasn't happen again (but my upstream are also up), so I
>> still unknown where has the crash happen.
>> Just I had update all of my server to 1.1.8, I want to test for your
>> config because some of my server has running dynamic page, and they
>> aren't return the Content-Length.
> 
> I'm having a similar issue. The php-fpm workers stop responding and
> since the FCGI cache lifetime is 15s I get a bunch of SEGVs on the
> cache manager.

Can you also provide more debug information, please?
http://wiki.nginx.org/Debugging

> I'm increasing the cache keys zone size from 5M to 10M. I know you
> guys at nginx.com are busy people, but please look into this issue. Is
> really making Nginx sensitive to failings in apps. Which it shouldn't
> be since there's a clear separation between app and server. That's
> IMHO one big selling point, among many others of course.
> 
> Thanks,
> --- appa
> 
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
> 


From mdounin at mdounin.ru  Wed Nov 23 13:02:19 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 23 Nov 2011 16:02:19 +0300
Subject: [PATCH 0 of 2] unlock mutexes on process crash (updated)
Message-ID: 

Hello!

The following patches restore accept mutex unlock on abnormal process
termination (broken in 1.0.2 with introduction of POSIX semaphores support
in locks) and introduce unlocking of shared memory zone's locks.

This is updated patch series to address some off-list comments from Igor.
Changes include:

- the %uA used insead of %XA to log number of waiting processes;

- separate function used for wakeup after shared mutex unlock (reduces code
  duplication, improves code readability);

- separate function used for unlock after process crash (improves code
  readability).

Maxim Dounin


From mdounin at mdounin.ru  Wed Nov 23 13:02:20 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 23 Nov 2011 16:02:20 +0300
Subject: [PATCH 1 of 2] Added shmtx interface to forcibly unlock mutexes
In-Reply-To: 
References: 
Message-ID: <7bedc6b7d2f34da90c6f.1322049740@vm-bsd.mdounin.ru>

# HG changeset patch
# User Maxim Dounin 
# Date 1321467405 -10800
# Node ID 7bedc6b7d2f34da90c6f564b7e6118c584cd826e
# Parent  db820db0915f6df3f8950664d544d3f45b7b968c
Added shmtx interface to forcibly unlock mutexes.

It is currently used from master process on abnormal worker termination to
unlock accept mutex (unlocking of accept mutex was broken in 1.0.2).  It is
expected to be used in the future to unlock other mutexes as well.

Shared mutex code was rewritten to make this possible in a safe way, i.e.
with a check if lock was actually held by the exited process.  We again use
pid to lock mutex, and use separate atomic variable for a count of processes
waiting in sem_wait().

diff --git a/src/core/ngx_cycle.c b/src/core/ngx_cycle.c
--- a/src/core/ngx_cycle.c
+++ b/src/core/ngx_cycle.c
@@ -952,7 +952,7 @@ ngx_init_zone_pool(ngx_cycle_t *cycle, n
 
 #endif
 
-    if (ngx_shmtx_create(&sp->mutex, (void *) &sp->lock, file) != NGX_OK) {
+    if (ngx_shmtx_create(&sp->mutex, &sp->lock, file) != NGX_OK) {
         return NGX_ERROR;
     }
 
diff --git a/src/core/ngx_shmtx.c b/src/core/ngx_shmtx.c
--- a/src/core/ngx_shmtx.c
+++ b/src/core/ngx_shmtx.c
@@ -11,10 +11,13 @@
 #if (NGX_HAVE_ATOMIC_OPS)
 
 
+static void ngx_shmtx_wakeup(ngx_shmtx_t *mtx);
+
+
 ngx_int_t
-ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name)
+ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr, u_char *name)
 {
-    mtx->lock = addr;
+    mtx->lock = &addr->lock;
 
     if (mtx->spin == (ngx_uint_t) -1) {
         return NGX_OK;
@@ -24,6 +27,8 @@ ngx_shmtx_create(ngx_shmtx_t *mtx, void 
 
 #if (NGX_HAVE_POSIX_SEM)
 
+    mtx->wait = &addr->wait;
+
     if (sem_init(&mtx->sem, 1, 0) == -1) {
         ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
                       "sem_init() failed");
@@ -56,12 +61,7 @@ ngx_shmtx_destory(ngx_shmtx_t *mtx)
 ngx_uint_t
 ngx_shmtx_trylock(ngx_shmtx_t *mtx)
 {
-    ngx_atomic_uint_t  val;
-
-    val = *mtx->lock;
-
-    return ((val & 0x80000000) == 0
-            && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000));
+    return (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid));
 }
 
 
@@ -69,17 +69,12 @@ void
 ngx_shmtx_lock(ngx_shmtx_t *mtx)
 {
     ngx_uint_t         i, n;
-    ngx_atomic_uint_t  val;
 
     ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx lock");
 
     for ( ;; ) {
 
-        val = *mtx->lock;
-
-        if ((val & 0x80000000) == 0
-            && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000))
-        {
+        if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
             return;
         }
 
@@ -91,10 +86,8 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
                     ngx_cpu_pause();
                 }
 
-                val = *mtx->lock;
-
-                if ((val & 0x80000000) == 0
-                    && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000))
+                if (*mtx->lock == 0
+                    && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid))
                 {
                     return;
                 }
@@ -104,24 +97,24 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
 #if (NGX_HAVE_POSIX_SEM)
 
         if (mtx->semaphore) {
-            val = *mtx->lock;
+            ngx_atomic_fetch_add(mtx->wait, 1);
 
-            if ((val & 0x80000000)
-                && ngx_atomic_cmp_set(mtx->lock, val, val + 1))
-            {
-                ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
-                               "shmtx wait %XA", val);
+            if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
+                return;
+            }
 
-                while (sem_wait(&mtx->sem) == -1) {
-                    ngx_err_t  err;
+            ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                           "shmtx wait %uA", *mtx->wait);
 
-                    err = ngx_errno;
+            while (sem_wait(&mtx->sem) == -1) {
+                ngx_err_t  err;
 
-                    if (err != NGX_EINTR) {
-                        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err,
-                                   "sem_wait() failed while waiting on shmtx");
-                        break;
-                    }
+                err = ngx_errno;
+
+                if (err != NGX_EINTR) {
+                    ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err,
+                                  "sem_wait() failed while waiting on shmtx");
+                    break;
                 }
 
                 ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
@@ -141,31 +134,59 @@ ngx_shmtx_lock(ngx_shmtx_t *mtx)
 void
 ngx_shmtx_unlock(ngx_shmtx_t *mtx)
 {
-    ngx_atomic_uint_t  val, old, wait;
-
     if (mtx->spin != (ngx_uint_t) -1) {
         ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx unlock");
     }
 
+    if (!ngx_atomic_cmp_set(mtx->lock, ngx_pid, 0)) {
+        return;
+    }
+
+    ngx_shmtx_wakeup(mtx);
+}
+
+
+ngx_uint_t
+ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
+{
+    ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                   "shmtx forced unlock");
+
+    if (!ngx_atomic_cmp_set(mtx->lock, pid, 0)) {
+        return 0;
+    }
+
+    ngx_shmtx_wakeup(mtx);
+
+    return 1;
+}
+
+
+static void
+ngx_shmtx_wakeup(ngx_shmtx_t *mtx)
+{
+#if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_uint_t  wait;
+
+    if (!mtx->semaphore) {
+        return;
+    }
+
     for ( ;; ) {
 
-        old = *mtx->lock;
-        wait = old & 0x7fffffff;
-        val = wait ? wait - 1 : 0;
+        wait = *mtx->wait;
 
-        if (ngx_atomic_cmp_set(mtx->lock, old, val)) {
+        if (wait == 0) {
+            return;
+        }
+
+        if (ngx_atomic_cmp_set(mtx->wait, wait, wait - 1)) {
             break;
         }
     }
 
-#if (NGX_HAVE_POSIX_SEM)
-
-    if (wait == 0 || !mtx->semaphore) {
-        return;
-    }
-
     ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
-                   "shmtx wake %XA", old);
+                   "shmtx wake %uA", wait);
 
     if (sem_post(&mtx->sem) == -1) {
         ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
@@ -180,7 +201,7 @@ ngx_shmtx_unlock(ngx_shmtx_t *mtx)
 
 
 ngx_int_t
-ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name)
+ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr, u_char *name)
 {
     if (mtx->name) {
 
@@ -280,4 +301,11 @@ ngx_shmtx_unlock(ngx_shmtx_t *mtx)
     ngx_log_abort(err, ngx_unlock_fd_n " %s failed", mtx->name);
 }
 
+
+void
+ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
+{
+    /* void */
+}
+
 #endif
diff --git a/src/core/ngx_shmtx.h b/src/core/ngx_shmtx.h
--- a/src/core/ngx_shmtx.h
+++ b/src/core/ngx_shmtx.h
@@ -13,9 +13,18 @@
 
 
 typedef struct {
+    ngx_atomic_t   lock;
+#if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_t   wait;
+#endif
+} ngx_shmtx_sh_t;
+
+
+typedef struct {
 #if (NGX_HAVE_ATOMIC_OPS)
     ngx_atomic_t  *lock;
 #if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_t  *wait;
     ngx_uint_t     semaphore;
     sem_t          sem;
 #endif
@@ -27,11 +36,13 @@ typedef struct {
 } ngx_shmtx_t;
 
 
-ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name);
+ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr,
+    u_char *name);
 void ngx_shmtx_destory(ngx_shmtx_t *mtx);
 ngx_uint_t ngx_shmtx_trylock(ngx_shmtx_t *mtx);
 void ngx_shmtx_lock(ngx_shmtx_t *mtx);
 void ngx_shmtx_unlock(ngx_shmtx_t *mtx);
+ngx_uint_t ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid);
 
 
 #endif /* _NGX_SHMTX_H_INCLUDED_ */
diff --git a/src/core/ngx_slab.h b/src/core/ngx_slab.h
--- a/src/core/ngx_slab.h
+++ b/src/core/ngx_slab.h
@@ -22,7 +22,7 @@ struct ngx_slab_page_s {
 
 
 typedef struct {
-    ngx_atomic_t      lock;
+    ngx_shmtx_sh_t    lock;
 
     size_t            min_size;
     size_t            min_shift;
diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c
--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
@@ -521,7 +521,8 @@ ngx_event_module_init(ngx_cycle_t *cycle
     ngx_accept_mutex_ptr = (ngx_atomic_t *) shared;
     ngx_accept_mutex.spin = (ngx_uint_t) -1;
 
-    if (ngx_shmtx_create(&ngx_accept_mutex, shared, cycle->lock_file.data)
+    if (ngx_shmtx_create(&ngx_accept_mutex, (ngx_shmtx_sh_t *) shared,
+                         cycle->lock_file.data)
         != NGX_OK)
     {
         return NGX_ERROR;
diff --git a/src/os/unix/ngx_process.c b/src/os/unix/ngx_process.c
--- a/src/os/unix/ngx_process.c
+++ b/src/os/unix/ngx_process.c
@@ -504,7 +504,7 @@ ngx_process_get_status(void)
              * held it
              */
 
-            ngx_atomic_cmp_set(ngx_accept_mutex_ptr, pid, 0);
+            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
         }
 
 


From mdounin at mdounin.ru  Wed Nov 23 13:02:21 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 23 Nov 2011 16:02:21 +0300
Subject: [PATCH 2 of 2] Unlock of shared memory zones on process crash
In-Reply-To: 
References: 
Message-ID: <8b41c4af392f85aa8d41.1322049741@vm-bsd.mdounin.ru>

# HG changeset patch
# User Maxim Dounin 
# Date 1322049622 -10800
# Node ID 8b41c4af392f85aa8d412989c2f766f986d9de8b
# Parent  7bedc6b7d2f34da90c6f564b7e6118c584cd826e
Unlock of shared memory zones on process crash.

If process exited abnormally while holding lock on some shared memory zone -
unlock it.  It may be not safe thing to do (as crash with lock held may
result in corrupted shared memory structure, and other processes will
subsequently crash while trying to access shared data), therefore complain
loudly if unlock succeeds.

diff --git a/src/os/unix/ngx_process.c b/src/os/unix/ngx_process.c
--- a/src/os/unix/ngx_process.c
+++ b/src/os/unix/ngx_process.c
@@ -22,6 +22,7 @@ typedef struct {
 static void ngx_execute_proc(ngx_cycle_t *cycle, void *data);
 static void ngx_signal_handler(int signo);
 static void ngx_process_get_status(void);
+static void ngx_unlock_mutexes(ngx_pid_t pid);
 
 
 int              ngx_argc;
@@ -497,17 +498,6 @@ ngx_process_get_status(void)
         }
 
 
-        if (ngx_accept_mutex_ptr) {
-
-            /*
-             * unlock the accept mutex if the abnormally exited process
-             * held it
-             */
-
-            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
-        }
-
-
         one = 1;
         process = "unknown process";
 
@@ -545,6 +535,55 @@ ngx_process_get_status(void)
                           process, pid, WEXITSTATUS(status));
             ngx_processes[i].respawn = 0;
         }
+
+        ngx_unlock_mutexes(pid);
+    }
+}
+
+
+static void
+ngx_unlock_mutexes(ngx_pid_t pid)
+{ 
+    ngx_uint_t        i;
+    ngx_shm_zone_t   *shm_zone;
+    ngx_list_part_t  *part;
+    ngx_slab_pool_t  *sp;
+
+    /*
+     * unlock the accept mutex if the abnormally exited process
+     * held it
+     */
+
+    if (ngx_accept_mutex_ptr) {
+        ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
+    }
+
+    /*
+     * unlock shared memory mutexes if held by the abnormally exited
+     * process
+     */
+
+    part = (ngx_list_part_t *) &ngx_cycle->shared_memory.part;
+    shm_zone = part->elts;
+
+    for (i = 0; /* void */ ; i++) {
+
+        if (i >= part->nelts) {
+            if (part->next == NULL) {
+                break;
+            }
+            part = part->next;
+            shm_zone = part->elts;
+            i = 0;
+        }
+
+        sp = (ngx_slab_pool_t *) shm_zone[i].shm.addr;
+
+        if (ngx_shmtx_force_unlock(&sp->mutex, pid)) {
+            ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0,
+                          "shared memory zone \"%V\" was locked by %P",
+                          &shm_zone[i].shm.name, pid);
+        }
     }
 }
 


From mdounin at mdounin.ru  Wed Nov 23 13:55:39 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Wed, 23 Nov 2011 13:55:39 +0000
Subject: [nginx] svn commit:  r4310 - in trunk/src: core event os/unix
Message-ID: <20111123135539.BF9FF3F9D4F@mail.nginx.com>

Author: mdounin
Date: 2011-11-23 13:55:38 +0000 (Wed, 23 Nov 2011)
New Revision: 4310

Log:
Added shmtx interface to forcibly unlock mutexes.

It is currently used from master process on abnormal worker termination to
unlock accept mutex (unlocking of accept mutex was broken in 1.0.2).  It is
expected to be used in the future to unlock other mutexes as well.

Shared mutex code was rewritten to make this possible in a safe way, i.e.
with a check if lock was actually held by the exited process.  We again use
pid to lock mutex, and use separate atomic variable for a count of processes
waiting in sem_wait().


Modified:
   trunk/src/core/ngx_cycle.c
   trunk/src/core/ngx_shmtx.c
   trunk/src/core/ngx_shmtx.h
   trunk/src/core/ngx_slab.h
   trunk/src/event/ngx_event.c
   trunk/src/os/unix/ngx_process.c

Modified: trunk/src/core/ngx_cycle.c
===================================================================
--- trunk/src/core/ngx_cycle.c	2011-11-23 10:22:44 UTC (rev 4309)
+++ trunk/src/core/ngx_cycle.c	2011-11-23 13:55:38 UTC (rev 4310)
@@ -952,7 +952,7 @@
 
 #endif
 
-    if (ngx_shmtx_create(&sp->mutex, (void *) &sp->lock, file) != NGX_OK) {
+    if (ngx_shmtx_create(&sp->mutex, &sp->lock, file) != NGX_OK) {
         return NGX_ERROR;
     }
 

Modified: trunk/src/core/ngx_shmtx.c
===================================================================
--- trunk/src/core/ngx_shmtx.c	2011-11-23 10:22:44 UTC (rev 4309)
+++ trunk/src/core/ngx_shmtx.c	2011-11-23 13:55:38 UTC (rev 4310)
@@ -11,10 +11,13 @@
 #if (NGX_HAVE_ATOMIC_OPS)
 
 
+static void ngx_shmtx_wakeup(ngx_shmtx_t *mtx);
+
+
 ngx_int_t
-ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name)
+ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr, u_char *name)
 {
-    mtx->lock = addr;
+    mtx->lock = &addr->lock;
 
     if (mtx->spin == (ngx_uint_t) -1) {
         return NGX_OK;
@@ -24,6 +27,8 @@
 
 #if (NGX_HAVE_POSIX_SEM)
 
+    mtx->wait = &addr->wait;
+
     if (sem_init(&mtx->sem, 1, 0) == -1) {
         ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
                       "sem_init() failed");
@@ -56,12 +61,7 @@
 ngx_uint_t
 ngx_shmtx_trylock(ngx_shmtx_t *mtx)
 {
-    ngx_atomic_uint_t  val;
-
-    val = *mtx->lock;
-
-    return ((val & 0x80000000) == 0
-            && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000));
+    return (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid));
 }
 
 
@@ -69,17 +69,12 @@
 ngx_shmtx_lock(ngx_shmtx_t *mtx)
 {
     ngx_uint_t         i, n;
-    ngx_atomic_uint_t  val;
 
     ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx lock");
 
     for ( ;; ) {
 
-        val = *mtx->lock;
-
-        if ((val & 0x80000000) == 0
-            && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000))
-        {
+        if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
             return;
         }
 
@@ -91,10 +86,8 @@
                     ngx_cpu_pause();
                 }
 
-                val = *mtx->lock;
-
-                if ((val & 0x80000000) == 0
-                    && ngx_atomic_cmp_set(mtx->lock, val, val | 0x80000000))
+                if (*mtx->lock == 0
+                    && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid))
                 {
                     return;
                 }
@@ -104,24 +97,24 @@
 #if (NGX_HAVE_POSIX_SEM)
 
         if (mtx->semaphore) {
-            val = *mtx->lock;
+            ngx_atomic_fetch_add(mtx->wait, 1);
 
-            if ((val & 0x80000000)
-                && ngx_atomic_cmp_set(mtx->lock, val, val + 1))
-            {
-                ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
-                               "shmtx wait %XA", val);
+            if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
+                return;
+            }
 
-                while (sem_wait(&mtx->sem) == -1) {
-                    ngx_err_t  err;
+            ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                           "shmtx wait %uA", *mtx->wait);
 
-                    err = ngx_errno;
+            while (sem_wait(&mtx->sem) == -1) {
+                ngx_err_t  err;
 
-                    if (err != NGX_EINTR) {
-                        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err,
-                                   "sem_wait() failed while waiting on shmtx");
-                        break;
-                    }
+                err = ngx_errno;
+
+                if (err != NGX_EINTR) {
+                    ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err,
+                                  "sem_wait() failed while waiting on shmtx");
+                    break;
                 }
 
                 ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
@@ -141,31 +134,56 @@
 void
 ngx_shmtx_unlock(ngx_shmtx_t *mtx)
 {
-    ngx_atomic_uint_t  val, old, wait;
-
     if (mtx->spin != (ngx_uint_t) -1) {
         ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0, "shmtx unlock");
     }
 
-    for ( ;; ) {
+    if (ngx_atomic_cmp_set(mtx->lock, ngx_pid, 0)) {
+        ngx_shmtx_wakeup(mtx);
+    }
+}
 
-        old = *mtx->lock;
-        wait = old & 0x7fffffff;
-        val = wait ? wait - 1 : 0;
 
-        if (ngx_atomic_cmp_set(mtx->lock, old, val)) {
-            break;
-        }
+ngx_uint_t
+ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
+{
+    ngx_log_debug0(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
+                   "shmtx forced unlock");
+
+    if (ngx_atomic_cmp_set(mtx->lock, pid, 0)) {
+        ngx_shmtx_wakeup(mtx);
+        return 1;
     }
 
+    return 0;
+}
+
+
+static void
+ngx_shmtx_wakeup(ngx_shmtx_t *mtx)
+{
 #if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_uint_t  wait;
 
-    if (wait == 0 || !mtx->semaphore) {
+    if (!mtx->semaphore) {
         return;
     }
 
+    for ( ;; ) {
+
+        wait = *mtx->wait;
+
+        if (wait == 0) {
+            return;
+        }
+
+        if (ngx_atomic_cmp_set(mtx->wait, wait, wait - 1)) {
+            break;
+        }
+    }
+
     ngx_log_debug1(NGX_LOG_DEBUG_CORE, ngx_cycle->log, 0,
-                   "shmtx wake %XA", old);
+                   "shmtx wake %uA", wait);
 
     if (sem_post(&mtx->sem) == -1) {
         ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_errno,
@@ -180,7 +198,7 @@
 
 
 ngx_int_t
-ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name)
+ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr, u_char *name)
 {
     if (mtx->name) {
 
@@ -280,4 +298,11 @@
     ngx_log_abort(err, ngx_unlock_fd_n " %s failed", mtx->name);
 }
 
+
+void
+ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
+{
+    /* void */
+}
+
 #endif

Modified: trunk/src/core/ngx_shmtx.h
===================================================================
--- trunk/src/core/ngx_shmtx.h	2011-11-23 10:22:44 UTC (rev 4309)
+++ trunk/src/core/ngx_shmtx.h	2011-11-23 13:55:38 UTC (rev 4310)
@@ -13,9 +13,18 @@
 
 
 typedef struct {
+    ngx_atomic_t   lock;
+#if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_t   wait;
+#endif
+} ngx_shmtx_sh_t;
+
+
+typedef struct {
 #if (NGX_HAVE_ATOMIC_OPS)
     ngx_atomic_t  *lock;
 #if (NGX_HAVE_POSIX_SEM)
+    ngx_atomic_t  *wait;
     ngx_uint_t     semaphore;
     sem_t          sem;
 #endif
@@ -27,11 +36,13 @@
 } ngx_shmtx_t;
 
 
-ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, void *addr, u_char *name);
+ngx_int_t ngx_shmtx_create(ngx_shmtx_t *mtx, ngx_shmtx_sh_t *addr,
+    u_char *name);
 void ngx_shmtx_destory(ngx_shmtx_t *mtx);
 ngx_uint_t ngx_shmtx_trylock(ngx_shmtx_t *mtx);
 void ngx_shmtx_lock(ngx_shmtx_t *mtx);
 void ngx_shmtx_unlock(ngx_shmtx_t *mtx);
+ngx_uint_t ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid);
 
 
 #endif /* _NGX_SHMTX_H_INCLUDED_ */

Modified: trunk/src/core/ngx_slab.h
===================================================================
--- trunk/src/core/ngx_slab.h	2011-11-23 10:22:44 UTC (rev 4309)
+++ trunk/src/core/ngx_slab.h	2011-11-23 13:55:38 UTC (rev 4310)
@@ -22,7 +22,7 @@
 
 
 typedef struct {
-    ngx_atomic_t      lock;
+    ngx_shmtx_sh_t    lock;
 
     size_t            min_size;
     size_t            min_shift;

Modified: trunk/src/event/ngx_event.c
===================================================================
--- trunk/src/event/ngx_event.c	2011-11-23 10:22:44 UTC (rev 4309)
+++ trunk/src/event/ngx_event.c	2011-11-23 13:55:38 UTC (rev 4310)
@@ -521,7 +521,8 @@
     ngx_accept_mutex_ptr = (ngx_atomic_t *) shared;
     ngx_accept_mutex.spin = (ngx_uint_t) -1;
 
-    if (ngx_shmtx_create(&ngx_accept_mutex, shared, cycle->lock_file.data)
+    if (ngx_shmtx_create(&ngx_accept_mutex, (ngx_shmtx_sh_t *) shared,
+                         cycle->lock_file.data)
         != NGX_OK)
     {
         return NGX_ERROR;

Modified: trunk/src/os/unix/ngx_process.c
===================================================================
--- trunk/src/os/unix/ngx_process.c	2011-11-23 10:22:44 UTC (rev 4309)
+++ trunk/src/os/unix/ngx_process.c	2011-11-23 13:55:38 UTC (rev 4310)
@@ -504,7 +504,7 @@
              * held it
              */
 
-            ngx_atomic_cmp_set(ngx_accept_mutex_ptr, pid, 0);
+            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
         }
 
 


From ne at vbart.ru  Wed Nov 23 14:01:26 2011
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Wed, 23 Nov 2011 18:01:26 +0400
Subject: Akamai G2O module
In-Reply-To: 
References: 
Message-ID: <201111231801.26842.ne@vbart.ru>


Hi Tim,

You can do all checks in a module configuration file. For example, look at the 
"config" file of the lua module:
https://github.com/chaoslawful/lua-nginx-module

Also, feel free to add your module to the wiki:
http://wiki.nginx.org/3rdPartyModules

wbr, Valentin V. Bartenev


On Tuesday 15 November 2011 00:13:39 Tim Macfarlane wrote:
> Hi all,
> 
> I've recently written a module to authenticate requests from Akamai's edge
> server network, based on their G2O, or edge-origin authentication scheme.
> 
> https://github.com/refractalize/nginx_mod_akamai_g2o
> 
> The module is finished, however, this being my first nginx module and the
> fact that I don't spend a lot of time writing in C leads me to ask for a
> second opinion - how am I doing? Any advice greatly appreciated.
> 
> In particular, the module relies on OpenSSL's HMAC and Base64 support. I
> couldn't find any support for these in nginx core. For now the module
> simply does not compile without openssl installed. Is this bad?


From mdounin at mdounin.ru  Wed Nov 23 14:07:07 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Wed, 23 Nov 2011 14:07:07 +0000
Subject: [nginx] svn commit:  r4311 - trunk/src/core
Message-ID: <20111123140707.3CDEF3F9C5B@mail.nginx.com>

Author: mdounin
Date: 2011-11-23 14:07:06 +0000 (Wed, 23 Nov 2011)
New Revision: 4311

Log:
Fixed build without atomic operations.


Modified:
   trunk/src/core/ngx_shmtx.c

Modified: trunk/src/core/ngx_shmtx.c
===================================================================
--- trunk/src/core/ngx_shmtx.c	2011-11-23 13:55:38 UTC (rev 4310)
+++ trunk/src/core/ngx_shmtx.c	2011-11-23 14:07:06 UTC (rev 4311)
@@ -299,10 +299,10 @@
 }
 
 
-void
+ngx_uint_t
 ngx_shmtx_force_unlock(ngx_shmtx_t *mtx, ngx_pid_t pid)
 {
-    /* void */
+    return 0;
 }
 
 #endif


From mdounin at mdounin.ru  Wed Nov 23 14:09:20 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Wed, 23 Nov 2011 14:09:20 +0000
Subject: [nginx] svn commit:  r4312 - trunk/src/os/unix
Message-ID: <20111123140920.8FF193F9C21@mail.nginx.com>

Author: mdounin
Date: 2011-11-23 14:09:19 +0000 (Wed, 23 Nov 2011)
New Revision: 4312

Log:
Unlock of shared memory zones on process crash.

If process exited abnormally while holding lock on some shared memory zone -
unlock it.  It may be not safe thing to do (as crash with lock held may
result in corrupted shared memory structure, and other processes will
subsequently crash while trying to access shared data), therefore complain
loudly if unlock succeeds.


Modified:
   trunk/src/os/unix/ngx_process.c

Modified: trunk/src/os/unix/ngx_process.c
===================================================================
--- trunk/src/os/unix/ngx_process.c	2011-11-23 14:07:06 UTC (rev 4311)
+++ trunk/src/os/unix/ngx_process.c	2011-11-23 14:09:19 UTC (rev 4312)
@@ -22,6 +22,7 @@
 static void ngx_execute_proc(ngx_cycle_t *cycle, void *data);
 static void ngx_signal_handler(int signo);
 static void ngx_process_get_status(void);
+static void ngx_unlock_mutexes(ngx_pid_t pid);
 
 
 int              ngx_argc;
@@ -497,17 +498,6 @@
         }
 
 
-        if (ngx_accept_mutex_ptr) {
-
-            /*
-             * unlock the accept mutex if the abnormally exited process
-             * held it
-             */
-
-            ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
-        }
-
-
         one = 1;
         process = "unknown process";
 
@@ -545,10 +535,59 @@
                           process, pid, WEXITSTATUS(status));
             ngx_processes[i].respawn = 0;
         }
+
+        ngx_unlock_mutexes(pid);
     }
 }
 
 
+static void
+ngx_unlock_mutexes(ngx_pid_t pid)
+{ 
+    ngx_uint_t        i;
+    ngx_shm_zone_t   *shm_zone;
+    ngx_list_part_t  *part;
+    ngx_slab_pool_t  *sp;
+
+    /*
+     * unlock the accept mutex if the abnormally exited process
+     * held it
+     */
+
+    if (ngx_accept_mutex_ptr) {
+        ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
+    }
+
+    /*
+     * unlock shared memory mutexes if held by the abnormally exited
+     * process
+     */
+
+    part = (ngx_list_part_t *) &ngx_cycle->shared_memory.part;
+    shm_zone = part->elts;
+
+    for (i = 0; /* void */ ; i++) {
+
+        if (i >= part->nelts) {
+            if (part->next == NULL) {
+                break;
+            }
+            part = part->next;
+            shm_zone = part->elts;
+            i = 0;
+        }
+
+        sp = (ngx_slab_pool_t *) shm_zone[i].shm.addr;
+
+        if (ngx_shmtx_force_unlock(&sp->mutex, pid)) {
+            ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0,
+                          "shared memory zone \"%V\" was locked by %P",
+                          &shm_zone[i].shm.name, pid);
+        }
+    }
+}
+
+
 void
 ngx_debug_point(void)
 {


From faskiri.devel at gmail.com  Wed Nov 23 16:34:06 2011
From: faskiri.devel at gmail.com (Fasih)
Date: Wed, 23 Nov 2011 22:04:06 +0530
Subject: Bug in request.headers_out initialization?
Message-ID: 

Hi

I have a plugin that uses request.headers_out.headers, I use the
lowcase_key of the element for something. However, recently while debugging
a crash I noticed that the lowcase_key isnt always initialized
[e.g.  src/http/modules/ngx_http_userid_filter_module.c:424,
set_cookie->lowcase_key isnt set(nor initialized)] I would have taken that
as a bug but noticed that there are other places
[src/http/modules/ngx_http_headers_filter_module.c] where lowcase_key isnt
initialized. However, in all the three instances, header.hash is
initialized to 1.

So, the question is:
1. Does hash = 1 necessarily imply that lowcase_key isnt initialized?
2. Should lowcase_key have been initialized and this is a bug [in which
case I can walk through the code and submit a patch]
3. Why is this done?

Best regards
+Fasih
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From igor at sysoev.ru  Wed Nov 23 16:40:55 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Wed, 23 Nov 2011 20:40:55 +0400
Subject: Bug in request.headers_out initialization?
In-Reply-To: 
References: 
Message-ID: <20111123164055.GF49193@nginx.com>

On Wed, Nov 23, 2011 at 10:04:06PM +0530, Fasih wrote:
> Hi
> 
> I have a plugin that uses request.headers_out.headers, I use the
> lowcase_key of the element for something. However, recently while debugging
> a crash I noticed that the lowcase_key isnt always initialized
> [e.g.  src/http/modules/ngx_http_userid_filter_module.c:424,
> set_cookie->lowcase_key isnt set(nor initialized)] I would have taken that
> as a bug but noticed that there are other places
> [src/http/modules/ngx_http_headers_filter_module.c] where lowcase_key isnt
> initialized. However, in all the three instances, header.hash is
> initialized to 1.
> 
> So, the question is:
> 1. Does hash = 1 necessarily imply that lowcase_key isnt initialized?
> 2. Should lowcase_key have been initialized and this is a bug [in which
> case I can walk through the code and submit a patch]
> 3. Why is this done?

lowcase_key is used in r->headers_in only to find them in headers_in_hash.


-- 
Igor Sysoev


From fasihullah.askiri at gmail.com  Wed Nov 23 16:46:56 2011
From: fasihullah.askiri at gmail.com (Fasihullah Askiri)
Date: Wed, 23 Nov 2011 22:16:56 +0530
Subject: Bug in request.headers_out initialization?
In-Reply-To: <20111123164055.GF49193@nginx.com>
References: 
	<20111123164055.GF49193@nginx.com>
Message-ID: 

Thanks for the prompt reply.

That makes it a lot clearer, is hash = 1 used to indicate that the
lowcase_key isnt initialized (meaning you shouldnt try to look it up the
headers_in_hash) or any other value like 0 is also used?
I basically need the lowcase headers, I am just reusing the key, am I good
with just checking for 1 or should I do something else? [I want to use the
available value instead of re-evaluating]

Thanks again...

On Wed, Nov 23, 2011 at 10:10 PM, Igor Sysoev  wrote:

> On Wed, Nov 23, 2011 at 10:04:06PM +0530, Fasih wrote:
> > Hi
> >
> > I have a plugin that uses request.headers_out.headers, I use the
> > lowcase_key of the element for something. However, recently while
> debugging
> > a crash I noticed that the lowcase_key isnt always initialized
> > [e.g.  src/http/modules/ngx_http_userid_filter_module.c:424,
> > set_cookie->lowcase_key isnt set(nor initialized)] I would have taken
> that
> > as a bug but noticed that there are other places
> > [src/http/modules/ngx_http_headers_filter_module.c] where lowcase_key
> isnt
> > initialized. However, in all the three instances, header.hash is
> > initialized to 1.
> >
> > So, the question is:
> > 1. Does hash = 1 necessarily imply that lowcase_key isnt initialized?
> > 2. Should lowcase_key have been initialized and this is a bug [in which
> > case I can walk through the code and submit a patch]
> > 3. Why is this done?
>
> lowcase_key is used in r->headers_in only to find them in headers_in_hash.
>
>
> --
> Igor Sysoev
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>



-- 
+Fasih

*Wisdom doesn't automatically come with old age. Nothing does - except
wrinkles. It's true, some wines improve with age. But only if the grapes
were good in the first place*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From igor at sysoev.ru  Wed Nov 23 16:50:48 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Wed, 23 Nov 2011 20:50:48 +0400
Subject: Bug in request.headers_out initialization?
In-Reply-To: 
References: 
	<20111123164055.GF49193@nginx.com>
	
Message-ID: <20111123165048.GH49193@nginx.com>

On Wed, Nov 23, 2011 at 10:16:56PM +0530, Fasihullah Askiri wrote:
> Thanks for the prompt reply.
> 
> That makes it a lot clearer, is hash = 1 used to indicate that the
> lowcase_key isnt initialized (meaning you shouldnt try to look it up the
> headers_in_hash) or any other value like 0 is also used?

> I basically need the lowcase headers, I am just reusing the key, am I good
> with just checking for 1 or should I do something else? [I want to use the
> available value instead of re-evaluating]

No, zero/non-zero hash is used in src/http/ngx_http_header_filter_module.c
to skip/pass headers to a client.


-- 
Igor Sysoev


From fasihullah.askiri at gmail.com  Wed Nov 23 17:02:27 2011
From: fasihullah.askiri at gmail.com (Fasihullah Askiri)
Date: Wed, 23 Nov 2011 22:32:27 +0530
Subject: Bug in request.headers_out initialization?
In-Reply-To: <20111123165048.GH49193@nginx.com>
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
Message-ID: 

Sorry, I am not sure I understood you correctly. It is used in headers_in
for look up into headers_in_hash OK. But what about headers_out?

ngx_http_proxy_process_header parses the upstream response headers
using ngx_http_parse_header_line, thereby setting hash/lowcase_key. This
function sets headers_out which I use. The question I have is, is it safe
to use the headers_out.....lowcase_key, should I check for
headers_out.headers.part.elt[it].hash before I can use lowcase_key or
should I check for something else?

Thank you for your patience and time.
+Fasih
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From igor at sysoev.ru  Wed Nov 23 17:08:02 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Wed, 23 Nov 2011 21:08:02 +0400
Subject: Bug in request.headers_out initialization?
In-Reply-To: 
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
	
Message-ID: <20111123170802.GI49193@nginx.com>

On Wed, Nov 23, 2011 at 10:32:27PM +0530, Fasihullah Askiri wrote:
> Sorry, I am not sure I understood you correctly. It is used in headers_in
> for look up into headers_in_hash OK. But what about headers_out?

"lowcase_key" in headers_out may be not set if these headers are not
proxied/fastcgied/etc.

> ngx_http_proxy_process_header parses the upstream response headers
> using ngx_http_parse_header_line, thereby setting hash/lowcase_key. This
> function sets headers_out which I use. The question I have is, is it safe
> to use the headers_out.....lowcase_key, should I check for
> headers_out.headers.part.elt[it].hash before I can use lowcase_key or
> should I check for something else?

"hash" does not mean that "lowcase_key" is set.
If nginx needs to find headers using hash, it sets "lowcase_key" and
calculates "hash".

Besides nginx uses "hash" only in header output filter.


-- 
Igor Sysoev


From faskiri.devel at gmail.com  Wed Nov 23 17:28:41 2011
From: faskiri.devel at gmail.com (Fasih)
Date: Wed, 23 Nov 2011 22:58:41 +0530
Subject: Bug in request.headers_out initialization?
In-Reply-To: <20111123170802.GI49193@nginx.com>
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
	
	<20111123170802.GI49193@nginx.com>
Message-ID: 

On Wed, Nov 23, 2011 at 10:38 PM, Igor Sysoev  wrote:

> On Wed, Nov 23, 2011 at 10:32:27PM +0530, Fasihullah Askiri wrote:
> > Sorry, I am not sure I understood you correctly. It is used in headers_in
> > for look up into headers_in_hash OK. But what about headers_out?
>
> "lowcase_key" in headers_out may be not set if these headers are not
> proxied/fastcgied/etc.
>
> > ngx_http_proxy_process_header parses the upstream response headers
> > using ngx_http_parse_header_line, thereby setting hash/lowcase_key. This
> > function sets headers_out which I use. The question I have is, is it safe
> > to use the headers_out.....lowcase_key, should I check for
> > headers_out.headers.part.elt[it].hash before I can use lowcase_key or
> > should I check for something else?
>
> "hash" does not mean that "lowcase_key" is set.
> If nginx needs to find headers using hash, it sets "lowcase_key" and
> calculates "hash".
>
So, if header "xyz-header" is not expected to be found in a hash,  nginx
would not calculate the lowcase_key, but will it also set
headers_out.header.elt.hash to some value to signal that it has not
calculated the lowcase_key?


> Besides nginx uses "hash" only in header output filter.
>
Understood, but the problem is because I am trying to reuse that variable
probably for something that it was intended to be used, just wanted to find
out how to use it if at all I can use it.


Thanks again for your patience..
+Fasih
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From igor at sysoev.ru  Wed Nov 23 18:50:08 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Wed, 23 Nov 2011 22:50:08 +0400
Subject: Bug in request.headers_out initialization?
In-Reply-To: 
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
	
	<20111123170802.GI49193@nginx.com>
	
Message-ID: <20111123185008.GA54397@nginx.com>

On Wed, Nov 23, 2011 at 10:58:41PM +0530, Fasih wrote:
> On Wed, Nov 23, 2011 at 10:38 PM, Igor Sysoev  wrote:
> 
> > On Wed, Nov 23, 2011 at 10:32:27PM +0530, Fasihullah Askiri wrote:
> > > Sorry, I am not sure I understood you correctly. It is used in headers_in
> > > for look up into headers_in_hash OK. But what about headers_out?
> >
> > "lowcase_key" in headers_out may be not set if these headers are not
> > proxied/fastcgied/etc.
> >
> > > ngx_http_proxy_process_header parses the upstream response headers
> > > using ngx_http_parse_header_line, thereby setting hash/lowcase_key. This
> > > function sets headers_out which I use. The question I have is, is it safe
> > > to use the headers_out.....lowcase_key, should I check for
> > > headers_out.headers.part.elt[it].hash before I can use lowcase_key or
> > > should I check for something else?
> >
> > "hash" does not mean that "lowcase_key" is set.
> > If nginx needs to find headers using hash, it sets "lowcase_key" and
> > calculates "hash".
> >
> So, if header "xyz-header" is not expected to be found in a hash,  nginx
> would not calculate the lowcase_key, but will it also set
> headers_out.header.elt.hash to some value to signal that it has not
> calculated the lowcase_key?

No, "hash" is not a flag for "lowcase_key".

"hash" is used as a hash value of "lowcase_key" for lookup in header hashes.
And "hash" is used as flag only for header output filter.

> > Besides nginx uses "hash" only in header output filter.
> >
> Understood, but the problem is because I am trying to reuse that variable
> probably for something that it was intended to be used, just wanted to find
> out how to use it if at all I can use it.

nginx does not calculate "hash" and does not provide "lowcase_key" for
headers_out, since it does not use it.


-- 
Igor Sysoev


From pasik at iki.fi  Wed Nov 23 19:39:05 2011
From: pasik at iki.fi (Pasi =?iso-8859-1?Q?K=E4rkk=E4inen?=)
Date: Wed, 23 Nov 2011 21:39:05 +0200
Subject: Disable buffering/caching of HTTP PUT upload requests in nginx proxy
Message-ID: <20111123193905.GY12984@reaktio.net>

Hello,

During the upcoming days I'm going to try to implement a feature in nginx proxy
that allows disabling local disk buffering/caching of HTTP PUT upload requests,
e.g. allow directly stream the uploads to the backend server.

Right now I'm having problems because nginx proxy stores all the uploads temporarily
to the nginx server local disk, and thus fills up the disk when big files are being uploaded.

If someone has comments/ideas/suggestions about this, feel free to write to me.

I'm currently in the process of getting familiar with nginx code
and the request 'flow' inside nginx.

I'll let you know how it goes :)

on nginx@ list Alexandr wrote that he had implemented something similar,
by simply hijacking connection of the request. 
Is there a patch available somewhere? 

Thanks,

-- Pasi


From appa at perusio.net  Wed Nov 23 20:21:35 2011
From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida)
Date: Wed, 23 Nov 2011 20:21:35 +0000
Subject: nginx crash
In-Reply-To: <20111123122936.GP95664@mdounin.ru>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
	<20111123122936.GP95664@mdounin.ru>
Message-ID: <87lir6oai8.wl%appa@perusio.net>

On 23 Nov 2011 12h29 WET, mdounin at mdounin.ru wrote:

> Hello!
>

>>
>> I'm having a similar issue. The php-fpm workers stop responding and
>> since the FCGI cache lifetime is 15s I get a bunch of SEGVs on the
>> cache manager.
>
> By "lifetime" you mean "fastcgi_cache_path ... inactive=15s"?

Nope. I mean this:

fastcgi_cache_path /var/cache/nginx/microcache levels=1:2 keys_zone=microcache:10M max_size=1G inactive=2h loader_threshold=2592000000 loader_sleep=1 loader_files=100000;

## For 200 and 301 make the cache valid for 30s.
fastcgi_cache_valid 200 301 30s;

Sorry it's 30s not 15.

> If yes, than you may want to change your configuration: this isn't 
> going to work well as nginx uses "inactive" as a guard against 
> stale cache entry locks (left by crashed workers, if any).  It 
> was never expected to be lower than time required to fetch 
> a resource from an upstream, and setting it to lower expected to 
> cause problems.
>
> If no, you may want to provide more details.  (Ideally I would 
> like to see full debug log showing the crash, the "ignore long 
> locked inactive cache entry" alert and some time before it, but I 
> understand it would be hard to obtain unless you are able to 
> reproduce the problem at will.)

I'll try to debug it, but it's not reproducible at will.

> Recently posted patch series[1] addresses major part of the 
> problem: it resolves deadlock after such crashes.  It would be 
> fine to resolve the crash itself too, but I wasn't yet able to 
> trace the problem cause (unless it's caused by too low inactive 
> time, which is mostly a configuration problem, see above).

Are you guys planning a new dev release or perhaps it's better for me
to apply the patches and rebuild me debian package, since it will take
a few days for a new dev release that incorporates those patches?

Thanks,
--- appa


From mdounin at mdounin.ru  Wed Nov 23 21:52:49 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 24 Nov 2011 01:52:49 +0400
Subject: nginx crash
In-Reply-To: <87lir6oai8.wl%appa@perusio.net>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
	<20111123122936.GP95664@mdounin.ru>
	<87lir6oai8.wl%appa@perusio.net>
Message-ID: <20111123215248.GZ95664@mdounin.ru>

Hello!

On Wed, Nov 23, 2011 at 08:21:35PM +0000, Ant?nio P. P. Almeida wrote:

> On 23 Nov 2011 12h29 WET, mdounin at mdounin.ru wrote:
> 
> > Hello!
> >
> 
> >>
> >> I'm having a similar issue. The php-fpm workers stop responding and
> >> since the FCGI cache lifetime is 15s I get a bunch of SEGVs on the
> >> cache manager.
> >
> > By "lifetime" you mean "fastcgi_cache_path ... inactive=15s"?
> 
> Nope. I mean this:
> 
> fastcgi_cache_path /var/cache/nginx/microcache levels=1:2 keys_zone=microcache:10M max_size=1G inactive=2h loader_threshold=2592000000 loader_sleep=1 loader_files=100000;
> 
> ## For 200 and 301 make the cache valid for 30s.
> fastcgi_cache_valid 200 301 30s;
> 
> Sorry it's 30s not 15.

OK, this looks sane.  Cache valid time shouldn't be related to the 
problem (it may be, but likely indirectly).

> > If yes, than you may want to change your configuration: this isn't 
> > going to work well as nginx uses "inactive" as a guard against 
> > stale cache entry locks (left by crashed workers, if any).  It 
> > was never expected to be lower than time required to fetch 
> > a resource from an upstream, and setting it to lower expected to 
> > cause problems.
> >
> > If no, you may want to provide more details.  (Ideally I would 
> > like to see full debug log showing the crash, the "ignore long 
> > locked inactive cache entry" alert and some time before it, but I 
> > understand it would be hard to obtain unless you are able to 
> > reproduce the problem at will.)
> 
> I'll try to debug it, but it's not reproducible at will.

Could you please provide some more details about use pattern?  
E.g. how many requests per second?  How many unique cache keys per 
second?

With 10M cache zone it should be able to hold about 80k cache 
nodes.  How long it will take to consume them all?

It may be also good idea to show bracktraces from crashes you've 
observed.

> > Recently posted patch series[1] addresses major part of the 
> > problem: it resolves deadlock after such crashes.  It would be 
> > fine to resolve the crash itself too, but I wasn't yet able to 
> > trace the problem cause (unless it's caused by too low inactive 
> > time, which is mostly a configuration problem, see above).
> 
> Are you guys planning a new dev release or perhaps it's better for me
> to apply the patches and rebuild me debian package, since it will take
> a few days for a new dev release that incorporates those patches?

Next dev release is expected somewhere on next week.

Maxim Dounin


From faskiri.devel at gmail.com  Thu Nov 24 05:06:11 2011
From: faskiri.devel at gmail.com (Fasih)
Date: Thu, 24 Nov 2011 10:36:11 +0530
Subject: Bug in request.headers_out initialization?
In-Reply-To: <20111123185008.GA54397@nginx.com>
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
	
	<20111123170802.GI49193@nginx.com>
	
	<20111123185008.GA54397@nginx.com>
Message-ID: 

Hi Igor

Really thankful for your patience with me. I think I now understood what
you are saying :).

To summarize, header.hash == 0 is used as a flag
in ngx_http_header_filter_module.c:http_header_filter to test whether to
send the header downstream or not. Setting it to 1(or anything non-zero) is
to ensure that the header is sent downstream.

Since headers_out is not used by nginx core to do hash lookups, it doesnt
calculate hash or lowcase_key, however modules like proxy or fastcgi use
the hash value for their own benefit in which case they ensure that the
hash/lowcase_key is initialized.

I hope I got it right this time.

Thanks again for your time and patience.

+Fasih

On Thu, Nov 24, 2011 at 12:20 AM, Igor Sysoev  wrote:

> On Wed, Nov 23, 2011 at 10:58:41PM +0530, Fasih wrote:
> > On Wed, Nov 23, 2011 at 10:38 PM, Igor Sysoev  wrote:
> >
> > > On Wed, Nov 23, 2011 at 10:32:27PM +0530, Fasihullah Askiri wrote:
> > > > Sorry, I am not sure I understood you correctly. It is used in
> headers_in
> > > > for look up into headers_in_hash OK. But what about headers_out?
> > >
> > > "lowcase_key" in headers_out may be not set if these headers are not
> > > proxied/fastcgied/etc.
> > >
> > > > ngx_http_proxy_process_header parses the upstream response headers
> > > > using ngx_http_parse_header_line, thereby setting hash/lowcase_key.
> This
> > > > function sets headers_out which I use. The question I have is, is it
> safe
> > > > to use the headers_out.....lowcase_key, should I check for
> > > > headers_out.headers.part.elt[it].hash before I can use lowcase_key or
> > > > should I check for something else?
> > >
> > > "hash" does not mean that "lowcase_key" is set.
> > > If nginx needs to find headers using hash, it sets "lowcase_key" and
> > > calculates "hash".
> > >
> > So, if header "xyz-header" is not expected to be found in a hash,  nginx
> > would not calculate the lowcase_key, but will it also set
> > headers_out.header.elt.hash to some value to signal that it has not
> > calculated the lowcase_key?
>
> No, "hash" is not a flag for "lowcase_key".
>
> "hash" is used as a hash value of "lowcase_key" for lookup in header
> hashes.
> And "hash" is used as flag only for header output filter.
>
> > > Besides nginx uses "hash" only in header output filter.
> > >
> > Understood, but the problem is because I am trying to reuse that variable
> > probably for something that it was intended to be used, just wanted to
> find
> > out how to use it if at all I can use it.
>
> nginx does not calculate "hash" and does not provide "lowcase_key" for
> headers_out, since it does not use it.
>
>
> --
> Igor Sysoev
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From igor at sysoev.ru  Thu Nov 24 08:18:54 2011
From: igor at sysoev.ru (Igor Sysoev)
Date: Thu, 24 Nov 2011 12:18:54 +0400
Subject: Bug in request.headers_out initialization?
In-Reply-To: 
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
	
	<20111123170802.GI49193@nginx.com>
	
	<20111123185008.GA54397@nginx.com>
	
Message-ID: <20111124081854.GE70072@nginx.com>

On Thu, Nov 24, 2011 at 10:36:11AM +0530, Fasih wrote:
> Hi Igor
> 
> Really thankful for your patience with me. I think I now understood what
> you are saying :).
> 
> To summarize, header.hash == 0 is used as a flag
> in ngx_http_header_filter_module.c:http_header_filter to test whether to
> send the header downstream or not. Setting it to 1(or anything non-zero) is
> to ensure that the header is sent downstream.
> 
> Since headers_out is not used by nginx core to do hash lookups, it doesnt
> calculate hash or lowcase_key, however modules like proxy or fastcgi use
> the hash value for their own benefit in which case they ensure that the
> hash/lowcase_key is initialized.
> 
> I hope I got it right this time.

Yes. Sorry, I could not explain it from the very start.


-- 
Igor Sysoev


From appa at perusio.net  Thu Nov 24 08:30:55 2011
From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida)
Date: Thu, 24 Nov 2011 08:30:55 +0000
Subject: nginx crash
In-Reply-To: <20111123215248.GZ95664@mdounin.ru>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
	<20111123122936.GP95664@mdounin.ru>
	<87lir6oai8.wl%appa@perusio.net>
	<20111123215248.GZ95664@mdounin.ru>
Message-ID: <87d3chorb4.wl%appa@perusio.net>

On 23 Nov 2011 21h52 WET, mdounin at mdounin.ru wrote:

Hello Maxim,

I just created a new package with the two patches related to unlocking
mutexes in shared memory zones you kindly provided.

I'm wandering if this could also have something to do with a couple of
3rd party modules I'm using. Here's my nginx -V:

nginx -V
nginx version: nginx/1.1.8
built by gcc 4.6.1 (Debian 4.6.1-15) 
TLS SNI support enabled
configure arguments: --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-client-body-temp-path=/var/lib/nginx/body
--http-fastcgi-temp-path=/var/lib/nginx/fastcgi
--http-log-path=/var/log/nginx/access.log
--http-proxy-temp-path=/var/lib/nginx/proxy
--lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid
--with-debug --without-mail_pop3_module --without-mail_imap_module
--without-mail_smtp_module --without-http_scgi_module
--without-http_uwsgi_module --with-http_flv_module
--with-http_geoip_module --with-http_gzip_static_module
--with-http_realip_module --with-http_stub_status_module
--with-http_ssl_module --with-http_sub_module --with-ipv6
--with-file-aio --with-http_secure_link_module --with-http_mp4_module
--add-module=/home/appa/C/nginx/nginx-1.1.8/modules/nginx-upstream-fair
--add-module=/home/appa/C/nginx/nginx-1.1.8/modules/nginx-upload-progress
--add-module=/home/appa/C/nginx/nginx-1.1.8/modules/ngx_http_auth_request_module
--add-module=/home/appa/C/nginx/nginx-1.1.8/modules/nginx-sticky-module

Let's see if it solves the problem. If the problem resurfaces I'll
provide a backtrace.

Thanks,
--- appa


From faskiri.devel at gmail.com  Thu Nov 24 09:54:15 2011
From: faskiri.devel at gmail.com (Fasih)
Date: Thu, 24 Nov 2011 15:24:15 +0530
Subject: Bug in request.headers_out initialization?
In-Reply-To: <20111124081854.GE70072@nginx.com>
References: 
	<20111123164055.GF49193@nginx.com>
	
	<20111123165048.GH49193@nginx.com>
	
	<20111123170802.GI49193@nginx.com>
	
	<20111123185008.GA54397@nginx.com>
	
	<20111124081854.GE70072@nginx.com>
Message-ID: 

No problem at all, helped me understand the software a little more :)

On Thu, Nov 24, 2011 at 1:48 PM, Igor Sysoev  wrote:

> On Thu, Nov 24, 2011 at 10:36:11AM +0530, Fasih wrote:
> > Hi Igor
> >
> > Really thankful for your patience with me. I think I now understood what
> > you are saying :).
> >
> > To summarize, header.hash == 0 is used as a flag
> > in ngx_http_header_filter_module.c:http_header_filter to test whether to
> > send the header downstream or not. Setting it to 1(or anything non-zero)
> is
> > to ensure that the header is sent downstream.
> >
> > Since headers_out is not used by nginx core to do hash lookups, it doesnt
> > calculate hash or lowcase_key, however modules like proxy or fastcgi use
> > the hash value for their own benefit in which case they ensure that the
> > hash/lowcase_key is initialized.
> >
> > I hope I got it right this time.
>
> Yes. Sorry, I could not explain it from the very start.
>
>
> --
> Igor Sysoev
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From ikaraszi at adverticum.com  Thu Nov 24 16:26:36 2011
From: ikaraszi at adverticum.com (KARASZI Istvan)
Date: Thu, 24 Nov 2011 17:26:36 +0100
Subject: [patch] log request only when they reached a size
Message-ID: 

Dear list!

I think I sent my previous mail to a bad location, so I'm resending it from nginx list to nginx-devel.


I would like to send a patch for http_log_module which I made for version nginx-1.0.10.

My company is in adserving business and it is important for us to log the big requests with the access_log feature. But we were unable to do that with nginx, because logging all the requests would produce too much I/O load on our servers.

So I made a patch for http_log_module to accept a `size` parameter which is optional (the last parameter after the `buffer`). If this `size` is provided nginx logs only the big enough requests with access_log (checks for `body_bytes_sent`).

I hope you find it useful and you will include this in the upstream.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-log.patch
Type: application/octet-stream
Size: 2557 bytes
Desc: not available
URL: 
-------------- next part --------------


Thank you!
-- 
KARASZI Istvan
http://adverticum.com/

From ikaraszi at adverticum.com  Thu Nov 24 17:07:42 2011
From: ikaraszi at adverticum.com (KARASZI Istvan)
Date: Thu, 24 Nov 2011 18:07:42 +0100
Subject: [patch] log request only when they reached a size
In-Reply-To: 
References: 
Message-ID: <3967A4C0-1DD5-43D5-A666-17DADA75107A@adverticum.com>

On Nov 24, 2011, at 5:26 PM, KARASZI Istvan wrote:
> I would like to send a patch for http_log_module which I made for version nginx-1.0.10.
unfortunately I sent the wrong patch, here is the tuned one:

-------------- next part --------------
A non-text attachment was scrubbed...
Name: http_log_module-size.patch
Type: application/octet-stream
Size: 2868 bytes
Desc: not available
URL: 
-------------- next part --------------


sorry!
-- 
KARASZI Istvan
http://adverticum.com/


From mdounin at mdounin.ru  Fri Nov 25 12:26:26 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 25 Nov 2011 16:26:26 +0400
Subject: [patch] log request only when they reached a size
In-Reply-To: 
References: 
Message-ID: <20111125122626.GO95664@mdounin.ru>

Hello!

On Thu, Nov 24, 2011 at 05:26:36PM +0100, KARASZI Istvan wrote:

> Dear list!
> 
> I think I sent my previous mail to a bad location, so I'm 
> resending it from nginx list to nginx-devel.
> 
> 
> I would like to send a patch for http_log_module which I made 
> for version nginx-1.0.10.
> 
> My company is in adserving business and it is important for us 
> to log the big requests with the access_log feature. But we were 
> unable to do that with nginx, because logging all the requests 
> would produce too much I/O load on our servers.
> 
> So I made a patch for http_log_module to accept a `size` 
> parameter which is optional (the last parameter after the 
> `buffer`). If this `size` is provided nginx logs only the big 
> enough requests with access_log (checks for `body_bytes_sent`).
> 
> I hope you find it useful and you will include this in the 
> upstream.

The patch looks mostly fine, though I don't think it's good idea 
to include it as is.  We probably need more generic filtering 
machinery, something like

    access_log ... if=;

Maxim Dounin


From mdounin at mdounin.ru  Fri Nov 25 16:36:04 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Fri, 25 Nov 2011 16:36:04 +0000
Subject: [nginx] svn commit:  r4313 - trunk/src/core
Message-ID: <20111125163604.792A53F9C94@mail.nginx.com>

Author: mdounin
Date: 2011-11-25 16:36:02 +0000 (Fri, 25 Nov 2011)
New Revision: 4313

Log:
Added escaping of double quotes in ngx_escape_html().

Patch by Zaur Abasmirzoev.


Modified:
   trunk/src/core/ngx_string.c

Modified: trunk/src/core/ngx_string.c
===================================================================
--- trunk/src/core/ngx_string.c	2011-11-23 14:09:19 UTC (rev 4312)
+++ trunk/src/core/ngx_string.c	2011-11-25 16:36:02 UTC (rev 4313)
@@ -1657,6 +1657,10 @@
                 len += sizeof("&") - 2;
                 break;
 
+            case '"':
+                len += sizeof(""") - 2;
+                break;
+
             default:
                 break;
             }
@@ -1684,6 +1688,11 @@
             *dst++ = ';';
             break;
 
+        case '"':
+            *dst++ = '&'; *dst++ = 'q'; *dst++ = 'u'; *dst++ = 'o';
+            *dst++ = 't'; *dst++ = ';';
+            break;
+
         default:
             *dst++ = ch;
             break;


From magicbearmo at gmail.com  Sat Nov 26 14:07:48 2011
From: magicbearmo at gmail.com (MagicBear)
Date: Sat, 26 Nov 2011 22:07:48 +0800
Subject: nginx crash
In-Reply-To: <87d3chorb4.wl%appa@perusio.net>
References: 
	
	<87r51blijb.wl%appa@perusio.net>
	<20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
	<20111123122936.GP95664@mdounin.ru>
	<87lir6oai8.wl%appa@perusio.net>
	<20111123215248.GZ95664@mdounin.ru>
	<87d3chorb4.wl%appa@perusio.net>
Message-ID: 

Here is the crash bt.

GNU gdb (Ubuntu/Linaro 7.3-0ubuntu2) 7.3-2011.08
Copyright (C) 2011 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
For bug reporting instructions, please see:
...
Reading symbols from /usr/sbin/nginx...done.
[New LWP 31365]

warning: Can't read pathname for load map: Input/output error.
[Thread debugging using libthread_db enabled]
Core was generated by `nginx:'.
Program terminated with signal 11, Segmentation fault.
#0  ngx_rbtree_min (sentinel=, node=0x0) at
src/core/ngx_rbtree.h:75
75	    while (node->left != sentinel) {
(gdb) bt
#0  ngx_rbtree_min (sentinel=, node=0x0) at
src/core/ngx_rbtree.h:75
#1  ngx_rbtree_delete (tree=0x7f463a38c000, node=0x7f463a38f000) at
src/core/ngx_rbtree.c:178
#2  0x0000000000451a24 in ngx_http_file_cache_free (c=0x2509a70,
tf=0x250a3a8) at src/http/ngx_http_file_cache.c:956
#3  0x0000000000447759 in ngx_http_upstream_process_request
(r=0x24ab650) at src/http/ngx_http_upstream.c:2738
#4  0x000000000044783b in ngx_http_upstream_process_upstream
(r=0x24ab650, u=0x24db4c0) at src/http/ngx_http_upstream.c:2677
#5  0x000000000044792c in ngx_http_upstream_handler (ev=) at src/http/ngx_http_upstream.c:935
#6  0x0000000000425979 in ngx_event_expire_timers () at
src/event/ngx_event_timer.c:149
#7  0x00000000004255b0 in ngx_process_events_and_timers
(cycle=0x2465bf0) at src/event/ngx_event.c:261
#8  0x000000000042b2f7 in ngx_worker_process_cycle (cycle=0x2465bf0,
data=) at src/os/unix/ngx_process_cycle.c:801
#9  0x0000000000429cf2 in ngx_spawn_process (cycle=0x2465bf0,
proc=0x42b226 , data=0x0,
    name=0x47ecc9 "worker process", respawn=-4) at src/os/unix/ngx_process.c:196
#10 0x000000000042a9a6 in ngx_start_worker_processes (cycle=0x2465bf0,
n=4, type=-4) at src/os/unix/ngx_process_cycle.c:360
#11 0x000000000042bfc0 in ngx_master_process_cycle (cycle=0x2465bf0)
at src/os/unix/ngx_process_cycle.c:249
#12 0x00000000004119ff in main (argc=, argv=) at src/core/nginx.c:405
(gdb) bt full
#0  ngx_rbtree_min (sentinel=, node=0x0) at
src/core/ngx_rbtree.h:75
No locals.
#1  ngx_rbtree_delete (tree=0x7f463a38c000, node=0x7f463a38f000) at
src/core/ngx_rbtree.c:178
        red = 
        root = 0x7f463a38c000
        sentinel = 0x7f463a38c018
        subst = 
        temp = 
        w = 
#2  0x0000000000451a24 in ngx_http_file_cache_free (c=0x2509a70,
tf=0x250a3a8) at src/http/ngx_http_file_cache.c:956
        cache = 0x27b2180
        fcn = 0x7f463a38f000
#3  0x0000000000447759 in ngx_http_upstream_process_request
(r=0x24ab650) at src/http/ngx_http_upstream.c:2738
        del = 
        tf = 
        p = 0x2509970
        u = 0x24db4c0
#4  0x000000000044783b in ngx_http_upstream_process_upstream
(r=0x24ab650, u=0x24db4c0) at src/http/ngx_http_upstream.c:2677
        c = 
#5  0x000000000044792c in ngx_http_upstream_handler (ev=) at src/http/ngx_http_upstream.c:935
        c = 0x7f4605082ed0
        r = 
        ctx = 
        u = 
#6  0x0000000000425979 in ngx_event_expire_timers () at
src/event/ngx_event_timer.c:149
        ev = 0x7f4604ee3838
        root = 0x7f4604ed52d8
---Type  to continue, or q  to quit---
        sentinel = 0x6a9960
#7  0x00000000004255b0 in ngx_process_events_and_timers
(cycle=0x2465bf0) at src/event/ngx_event.c:261
        flags = 3
        timer = 
        delta = 2
#8  0x000000000042b2f7 in ngx_worker_process_cycle (cycle=0x2465bf0,
data=) at src/os/unix/ngx_process_cycle.c:801
        i = 
        c = 
#9  0x0000000000429cf2 in ngx_spawn_process (cycle=0x2465bf0,
proc=0x42b226 , data=0x0,
    name=0x47ecc9 "worker process", respawn=-4) at src/os/unix/ngx_process.c:196
        on = 1
        pid = 0
        s = 3
#10 0x000000000042a9a6 in ngx_start_worker_processes (cycle=0x2465bf0,
n=4, type=-4) at src/os/unix/ngx_process_cycle.c:360
        i = 
        ch = {command = 1, pid = 31364, slot = 2, fd = 15}
#11 0x000000000042bfc0 in ngx_master_process_cycle (cycle=0x2465bf0)
at src/os/unix/ngx_process_cycle.c:249
        title = 
        p = 
        size = 
        i = 
        n = 
        sigio = 0
        set = {__val = {0 }}
        itv = {it_interval = {tv_sec = 0, tv_usec = 0}, it_value =
{tv_sec = 0, tv_usec = 6}}
        live = 1
        delay = 0
---Type  to continue, or q  to quit---
        ls = 
        ccf = 0x2466c90
#12 0x00000000004119ff in main (argc=, argv=) at src/core/nginx.c:405
        i = 
        log = 0x6a7720
        cycle = 0x2465bf0
        init_cycle = {conf_ctx = 0x0, pool = 0x24650d0, log =
0x6a7720, new_log = {log_level = 0, file = 0x0, connection = 0,
            handler = 0, data = 0x0, action = 0x0}, files = 0x0,
free_connections = 0x0, free_connection_n = 0,
          reusable_connections_queue = {prev = 0x0, next = 0x0},
listening = {elts = 0x0, nelts = 0, size = 0, nalloc = 0,
            pool = 0x0}, pathes = {elts = 0x0, nelts = 0, size = 0,
nalloc = 0, pool = 0x0}, open_files = {last = 0x0, part = {
              elts = 0x0, nelts = 0, next = 0x0}, size = 0, nalloc =
0, pool = 0x0}, shared_memory = {last = 0x0, part = {
              elts = 0x0, nelts = 0, next = 0x0}, size = 0, nalloc =
0, pool = 0x0}, connection_n = 0, files_n = 0,
          connections = 0x0, read_events = 0x0, write_events = 0x0,
old_cycle = 0x0, conf_file = {len = 21,
            data = 0x47b39f "/etc/nginx/nginx.conf"}, conf_param =
{len = 0, data = 0x0}, conf_prefix = {len = 11,
            data = 0x47b39f "/etc/nginx/nginx.conf"}, prefix = {len =
17, data = 0x47b38d "/usr/local/nginx/"}, lock_file = {
            len = 0, data = 0x0}, hostname = {len = 0, data = 0x0}}
        ccf = 
(gdb)





I have increase the key size to 128M, the problem has disappear for 2
weeks, but just has happen again.


2011/11/24 Ant?nio P. P. Almeida :
> On 23 Nov 2011 21h52 WET, mdounin at mdounin.ru wrote:
>
> Hello Maxim,
>
> I just created a new package with the two patches related to unlocking
> mutexes in shared memory zones you kindly provided.
>
> I'm wandering if this could also have something to do with a couple of
> 3rd party modules I'm using. Here's my nginx -V:
>
> nginx -V
> nginx version: nginx/1.1.8
> built by gcc 4.6.1 (Debian 4.6.1-15)
> TLS SNI support enabled
> configure arguments: --conf-path=/etc/nginx/nginx.conf
> --error-log-path=/var/log/nginx/error.log
> --http-client-body-temp-path=/var/lib/nginx/body
> --http-fastcgi-temp-path=/var/lib/nginx/fastcgi
> --http-log-path=/var/log/nginx/access.log
> --http-proxy-temp-path=/var/lib/nginx/proxy
> --lock-path=/var/lock/nginx.lock --pid-path=/var/run/nginx.pid
> --with-debug --without-mail_pop3_module --without-mail_imap_module
> --without-mail_smtp_module --without-http_scgi_module
> --without-http_uwsgi_module --with-http_flv_module
> --with-http_geoip_module --with-http_gzip_static_module
> --with-http_realip_module --with-http_stub_status_module
> --with-http_ssl_module --with-http_sub_module --with-ipv6
> --with-file-aio --with-http_secure_link_module --with-http_mp4_module
> --add-module=/home/appa/C/nginx/nginx-1.1.8/modules/nginx-upstream-fair
> --add-module=/home/appa/C/nginx/nginx-1.1.8/modules/nginx-upload-progress
> --add-module=/home/appa/C/nginx/nginx-1.1.8/modules/ngx_http_auth_request_module
> --add-module=/home/appa/C/nginx/nginx-1.1.8/modules/nginx-sticky-module
>
> Let's see if it solves the problem. If the problem resurfaces I'll
> provide a backtrace.
>
> Thanks,
> --- appa
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>



-- 
MagicBear


From ikaraszi at adverticum.com  Sat Nov 26 15:49:21 2011
From: ikaraszi at adverticum.com (KARASZI Istvan)
Date: Sat, 26 Nov 2011 16:49:21 +0100
Subject: [patch] log request only when they reached a size
In-Reply-To: 
References: 
Message-ID: <5A78A0FD-06F6-4434-BED4-7724ACA45C90@adverticum.com>

> The patch looks mostly fine, though I don't think it's good idea 
> to include it as is.  We probably need more generic filtering 
> machinery, something like
> 
>    access_log ... if=;
yes, you're right, it would be better to have conditions like this, but my C experience is not enough to implement this.

Maxim, are you planning to implement this kind of functionality in the (close :) future?

-- 
KARASZI Istvan
http://adverticum.com/


From nicolas at viennot.com  Sat Nov 26 21:12:03 2011
From: nicolas at viennot.com (Nicolas Viennot)
Date: Sat, 26 Nov 2011 16:12:03 -0500
Subject: ngx_http_upstream_check_broken_connection() is broken
Message-ID: 

It goes like this:

static void ngx_http_upstream_check_broken_connection(...) {
     ...
    n = recv(c->fd, buf, 1, MSG_PEEK);
     ...
}

Checking for closed connection with recv(..., MSG_PEEK) is broken.

SSL closes are not detected, thus sockets stay in CLOSE_WAIT state forever
-- nice DoS).
The alternative is to use stunnel with the X-Forwarded-For patch, but
that's way too messy.

In ngx_http_upstream_check_broken_connection(), there seems to be a
different path for kqueue.
What about modifying the poll/epoll behavior to detect disconnections for
other event modules ?
In ngx_epoll_add_connection(), we can add the EPOLLHUP event, and mark the
connection
as disconnected when processing HUP events instead of using the buggy
MSG_PEEK hack.

What do you think ?

Nico.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 

From mdounin at mdounin.ru  Sun Nov 27 16:13:40 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sun, 27 Nov 2011 20:13:40 +0400
Subject: ngx_http_upstream_check_broken_connection() is broken
In-Reply-To: 
References: 
Message-ID: <20111127161339.GH67687@mdounin.ru>

Hello!

On Sat, Nov 26, 2011 at 04:12:03PM -0500, Nicolas Viennot wrote:

> It goes like this:
> 
> static void ngx_http_upstream_check_broken_connection(...) {
>      ...
>     n = recv(c->fd, buf, 1, MSG_PEEK);
>      ...
> }
> 
> Checking for closed connection with recv(..., MSG_PEEK) is broken.
> 
> SSL closes are not detected, thus sockets stay in CLOSE_WAIT state forever
> -- nice DoS).
> The alternative is to use stunnel with the X-Forwarded-For patch, but
> that's way too messy.
> 
> In ngx_http_upstream_check_broken_connection(), there seems to be a
> different path for kqueue.
> What about modifying the poll/epoll behavior to detect disconnections for
> other event modules ?
> In ngx_epoll_add_connection(), we can add the EPOLLHUP event, and mark the
> connection
> as disconnected when processing HUP events instead of using the buggy
> MSG_PEEK hack.
> 
> What do you think ?

You've already got answer in nginx@ list:

http://mailman.nginx.org/pipermail/nginx/2011-November/030630.html

It makes a little sense to repeat the same question again.

Maxim Dounin


From vbart at nginx.com  Mon Nov 28 09:15:33 2011
From: vbart at nginx.com (vbart at nginx.com)
Date: Mon, 28 Nov 2011 09:15:33 +0000
Subject: [nginx] svn commit:  r4314 - trunk/src/http
Message-ID: 

Author: vbart
Date: 2011-11-28 09:15:33 +0000 (Mon, 28 Nov 2011)
New Revision: 4314

Modified:
   trunk/src/http/ngx_http_parse.c
   trunk/src/http/ngx_http_request.c
Log:
Added support for IP-literal in host header and request line (ticket #1).

Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and
IPvFuture characters enclosed in square brackets.

The host validation was completely rewritten. The behavior for non IP literals
was changed in a more proper and safer way:

 - Host part is now delimited either by the first colon or by the end of string
   if there's no colon. Previously the last colon was used as delimiter which
   allowed substitution of a port number in the $host variable.
   (e.g. Host: 127.0.0.1:9000:80)

 - Fixed stripping off the ending dot in the Host header when the host was also
   followed by a port number.
   (e.g. Host: nginx.com.:80)

 - Fixed upper case characters detection. Previously it was broken which led to
   wasting memory and CPU.



Modified: trunk/src/http/ngx_http_parse.c
===================================================================
--- trunk/src/http/ngx_http_parse.c	2011-11-25 16:36:02 UTC (rev 4313)
+++ trunk/src/http/ngx_http_parse.c	2011-11-28 09:15:33 UTC (rev 4314)
@@ -110,7 +110,10 @@
         sw_schema,
         sw_schema_slash,
         sw_schema_slash_slash,
+        sw_host_start,
         sw_host,
+        sw_host_end,
+        sw_host_ip_literal,
         sw_port,
         sw_host_http_09,
         sw_after_slash_in_uri,
@@ -323,14 +326,26 @@
         case sw_schema_slash_slash:
             switch (ch) {
             case '/':
-                r->host_start = p + 1;
-                state = sw_host;
+                state = sw_host_start;
                 break;
             default:
                 return NGX_HTTP_PARSE_INVALID_REQUEST;
             }
             break;
 
+        case sw_host_start:
+
+            r->host_start = p;
+
+            if (ch == '[') {
+                state = sw_host_ip_literal;
+                break;
+            }
+
+            state = sw_host;
+
+            /* fall through */
+
         case sw_host:
 
             c = (u_char) (ch | 0x20);
@@ -342,6 +357,10 @@
                 break;
             }
 
+            /* fall through */
+
+        case sw_host_end:
+
             r->host_end = p;
 
             switch (ch) {
@@ -366,6 +385,47 @@
             }
             break;
 
+        case sw_host_ip_literal:
+
+            if (ch >= '0' && ch <= '9') {
+                break;
+            }
+
+            c = (u_char) (ch | 0x20);
+            if (c >= 'a' && c <= 'z') {
+                break;
+            }
+
+            switch (ch) {
+            case ':':
+                break;
+            case ']':
+                state = sw_host_end;
+                break;
+            case '-':
+            case '.':
+            case '_':
+            case '~':
+                /* unreserved */
+                break;
+            case '!':
+            case '$':
+            case '&':
+            case '\'':
+            case '(':
+            case ')':
+            case '*':
+            case '+':
+            case ',':
+            case ';':
+            case '=':
+                /* sub-delims */
+                break;
+            default:
+                return NGX_HTTP_PARSE_INVALID_REQUEST;
+            }
+            break;
+
         case sw_port:
             if (ch >= '0' && ch <= '9') {
                 break;

Modified: trunk/src/http/ngx_http_request.c
===================================================================
--- trunk/src/http/ngx_http_request.c	2011-11-25 16:36:02 UTC (rev 4313)
+++ trunk/src/http/ngx_http_request.c	2011-11-28 09:15:33 UTC (rev 4314)
@@ -1674,56 +1674,85 @@
 ngx_http_validate_host(ngx_http_request_t *r, u_char **host, size_t len,
     ngx_uint_t alloc)
 {
-    u_char      *h, ch;
-    size_t       i, last;
-    ngx_uint_t   dot;
+    u_char  *h, ch;
+    size_t   i, dot_pos, host_len;
 
-    last = len;
+    enum {
+        sw_usual = 0,
+        sw_literal,
+        sw_rest
+    } state;
+
+    dot_pos = len;
+    host_len = len;
+
     h = *host;
-    dot = 0;
 
+    state = sw_usual;
+
     for (i = 0; i < len; i++) {
         ch = h[i];
 
-        if (ch == '.') {
-            if (dot) {
+        switch (ch) {
+
+        case '.':
+            if (dot_pos == i - 1) {
                 return 0;
             }
+            dot_pos = i;
+            break;
 
-            dot = 1;
-            continue;
-        }
+        case ':':
+            if (state == sw_usual) {
+                host_len = i;
+                state = sw_rest;
+            }
+            break;
 
-        dot = 0;
+        case '[':
+            if (i == 0) {
+                state = sw_literal;
+            }
+            break;
 
-        if (ch == ':') {
-            last = i;
-            continue;
-        }
+        case ']':
+            if (state == sw_literal) {
+                host_len = i + 1;
+                state = sw_rest;
+            }
+            break;
 
-        if (ngx_path_separator(ch) || ch == '\0') {
+        case '\0':
             return 0;
-        }
 
-        if (ch >= 'A' || ch < 'Z') {
-            alloc = 1;
+        default:
+
+            if (ngx_path_separator(ch)) {
+                return 0;
+            }
+
+            if (ch >= 'A' && ch <= 'Z') {
+                alloc = 1;
+            }
+
+            break;
         }
     }
 
-    if (dot) {
-        last--;
+    if (dot_pos == host_len - 1) {
+        host_len--;
     }
 
     if (alloc) {
-        *host = ngx_pnalloc(r->pool, last) ;
+        *host = ngx_pnalloc(r->pool, host_len);
         if (*host == NULL) {
             return -1;
         }
 
-        ngx_strlow(*host, h, last);
+        ngx_strlow(*host, h, host_len);
     }
 
-    return last;
+    return host_len;
 }
 
 


From mdounin at mdounin.ru  Mon Nov 28 10:00:48 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 28 Nov 2011 10:00:48 +0000
Subject: [nginx] svn commit:  r4315 - trunk/src/http/modules
Message-ID: <20111128100048.30D8B3F9CDF@mail.nginx.com>

Author: mdounin
Date: 2011-11-28 10:00:47 +0000 (Mon, 28 Nov 2011)
New Revision: 4315

Log:
Allowed add_header for proxied 206 replies.

It was working for nginx's own 206 replies as they are seen as 200 in the
headers filter module (range filter goes later in the headers filter chain),
but not for proxied replies.


Modified:
   trunk/src/http/modules/ngx_http_headers_filter_module.c

Modified: trunk/src/http/modules/ngx_http_headers_filter_module.c
===================================================================
--- trunk/src/http/modules/ngx_http_headers_filter_module.c	2011-11-28 09:15:33 UTC (rev 4314)
+++ trunk/src/http/modules/ngx_http_headers_filter_module.c	2011-11-28 10:00:47 UTC (rev 4315)
@@ -145,6 +145,7 @@
         || r != r->main
         || (r->headers_out.status != NGX_HTTP_OK
             && r->headers_out.status != NGX_HTTP_NO_CONTENT
+            && r->headers_out.status != NGX_HTTP_PARTIAL_CONTENT
             && r->headers_out.status != NGX_HTTP_MOVED_PERMANENTLY
             && r->headers_out.status != NGX_HTTP_MOVED_TEMPORARILY
             && r->headers_out.status != NGX_HTTP_NOT_MODIFIED))


From mdounin at mdounin.ru  Mon Nov 28 11:01:42 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 28 Nov 2011 11:01:42 +0000
Subject: [nginx] svn commit:  r4316 - in trunk/src: core os/unix
Message-ID: <20111128110142.9D2033F9CDB@mail.nginx.com>

Author: mdounin
Date: 2011-11-28 11:01:42 +0000 (Mon, 28 Nov 2011)
New Revision: 4316

Log:
Added (void) as we intentionally ignore returned values.

Requested by Igor Sysoev.


Modified:
   trunk/src/core/ngx_shmtx.c
   trunk/src/os/unix/ngx_process.c

Modified: trunk/src/core/ngx_shmtx.c
===================================================================
--- trunk/src/core/ngx_shmtx.c	2011-11-28 10:00:47 UTC (rev 4315)
+++ trunk/src/core/ngx_shmtx.c	2011-11-28 11:01:42 UTC (rev 4316)
@@ -97,7 +97,7 @@
 #if (NGX_HAVE_POSIX_SEM)
 
         if (mtx->semaphore) {
-            ngx_atomic_fetch_add(mtx->wait, 1);
+            (void) ngx_atomic_fetch_add(mtx->wait, 1);
 
             if (*mtx->lock == 0 && ngx_atomic_cmp_set(mtx->lock, 0, ngx_pid)) {
                 return;

Modified: trunk/src/os/unix/ngx_process.c
===================================================================
--- trunk/src/os/unix/ngx_process.c	2011-11-28 10:00:47 UTC (rev 4315)
+++ trunk/src/os/unix/ngx_process.c	2011-11-28 11:01:42 UTC (rev 4316)
@@ -555,7 +555,7 @@
      */
 
     if (ngx_accept_mutex_ptr) {
-        ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
+        (void) ngx_shmtx_force_unlock(&ngx_accept_mutex, pid);
     }
 
     /*


From usirsiwal at verivue.com  Mon Nov 28 13:34:51 2011
From: usirsiwal at verivue.com (Sirsiwal, Umesh)
Date: Mon, 28 Nov 2011 08:34:51 -0500
Subject: A Body filter after postpone filter
Message-ID: 

Hello,
I am trying to develop a filter that encrypts payload. For our application, SSL is not required. Because of the actual payload can be assembled using multiple asynchronous upstream calls, the filter must be applied between after postpone filter. It can be before or after gzip filter because we really don't use gzip filter. Based on my reading so far, there does not seem to be any way to achieve it without patching auto/modules file. 

Is my understanding correct or is there a cleaner way to achieve it?

-Umesh


From brian at akins.org  Mon Nov 28 14:00:21 2011
From: brian at akins.org (Brian Akins)
Date: Mon, 28 Nov 2011 09:00:21 -0500
Subject: A Body filter after postpone filter
In-Reply-To: 
References: 
Message-ID: 


On Nov 28, 2011, at 8:34 AM, Sirsiwal, Umesh wrote:

> 
> Is my understanding correct or is there a cleaner way to achieve it?


This is horrible, but how I did it in config:

ngx_addon_name=ngx_http_filter_cache_module
NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_http_filter_cache_module.c"
HTTP_FILTER_MODULES=`echo $HTTP_FILTER_MODULES | sed "s/$HTTP_GZIP_FILTER_MODULE/ngx_http_filter_cache_module $HTTP_GZIP_FILTER_MODULE/"`



From mdounin at mdounin.ru  Mon Nov 28 15:02:38 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 28 Nov 2011 15:02:38 +0000
Subject: [nginx] svn commit:  r4317 - trunk/docs/xml/nginx
Message-ID: <20111128150239.358E13F9C68@mail.nginx.com>

Author: mdounin
Date: 2011-11-28 15:02:38 +0000 (Mon, 28 Nov 2011)
New Revision: 4317

Log:
nginx-1.1.9-RELEASE


Modified:
   trunk/docs/xml/nginx/changes.xml

Modified: trunk/docs/xml/nginx/changes.xml
===================================================================
--- trunk/docs/xml/nginx/changes.xml	2011-11-28 11:01:42 UTC (rev 4316)
+++ trunk/docs/xml/nginx/changes.xml	2011-11-28 15:02:38 UTC (rev 4317)
@@ -9,6 +9,172 @@
 nginx changelog
 
 
+
+
+
+
+?????? ??????? ??????? ???????????? ??? ?????? SSI-???????? echo.

+??????? ????? ????????????.
+
+
+now double quotes are encoded in an "echo" SSI-command output.

+Thanks to Zaur Abasmirzoev.
+
+
+
+
+
+???????? valid ? ????????? resolver.  ?? ????????? ??????
+???????????? TTL, ???????????? DNS-????????.

+??????? ??????? ??????????.
+
+
+the "valid" parameter of the "resolver" directive.  By default TTL
+returned by a DNS server is used.

+Thanks to Kirill A. Korinskiy.
+
+
+
+
+
+nginx ??? ????????? ????????, ???? ??????? ??????? ?????????? ????????.
+
+
+nginx might hang after a worker process abnormal termination.
+
+
+
+
+
+? ??????? ???????? ??? ????????? segmentation fault,
+???? ?????????????? SNI;
+?????? ????????? ? 1.1.2.
+
+
+a segmentation fault might occur in a worker process
+if SNI was used;
+the bug had appeared in 1.1.2.
+
+
+
+
+
+? ????????? keepalive_disable;
+?????? ????????? ? 1.1.8.

+??????? ?????????? ?????.
+
+
+in the "keepalive_disable" directive;
+the bug had appeared in 1.1.8.

+Thanks to Alexander Usov.
+
+
+
+
+
+?????? SIGWINCH ?????????? ???????? ????? ??????? ?????????? ????????????
+?????;
+?????? ????????? ? 1.1.1.
+
+
+SIGWINCH signal did not work after first binary upgrade;
+the bug had appeared in 1.1.1.
+
+
+
+
+
+?????? ?????? ????????, ????? ??????? ?? ????????????? ?????????
+Content-Length, ?? ?????????.
+
+
+backend responses with length not matching "Content-Length" header line
+are no longer cached.
+
+
+
+
+
+? ????????? scgi_param ??? ????????????? ????????? ??????????.
+
+
+in the "scgi_param" directive, if complex parameters were used.
+
+
+
+
+
+? ?????? epoll.

+??????? Yichun Zhang.
+
+
+in the "epoll" event method.

+Thanks to Yichun Zhang.
+
+
+
+
+
+? ?????? ngx_http_flv_module.

+??????? Piotr Sikora.
+
+
+in the ngx_http_flv_module.

+Thanks to Piotr Sikora.
+
+
+
+
+
+? ?????? ngx_http_mp4_module.
+
+
+in the ngx_http_mp4_module.
+
+
+
+
+
+?????? nginx ???????? IPv6-?????? ? ?????? ??????? ? ? ????????? Host.
+
+
+IPv6 addresses are now handled properly in a request line and in a "Host"
+request header line.
+
+
+
+
+
+????????? add_header ? expires ?? ???????? ??? ??????? ? ????? 206,
+???? ?????? ?????????????.
+
+
+"add_header" and "expires" directives did not work if a request was proxied
+and response status code was 206.
+
+
+
+
+
+nginx ?? ????????? ?? FreeBSD 10.
+
+
+nginx could not be built on FreeBSD 10.
+
+
+
+
+
+nginx ?? ????????? ?? AIX.
+
+
+nginx could not be built on AIX.
+
+
+
+
+
+
 
 
 


From mdounin at mdounin.ru  Mon Nov 28 15:15:14 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Mon, 28 Nov 2011 15:15:14 +0000
Subject: [nginx] svn commit:  r4318 - tags
Message-ID: <20111128151514.8762A3F9D06@mail.nginx.com>

Author: mdounin
Date: 2011-11-28 15:15:14 +0000 (Mon, 28 Nov 2011)
New Revision: 4318

Log:
release-1.1.9 tag


Added:
   tags/release-1.1.9/


From usirsiwal at verivue.com  Mon Nov 28 16:46:03 2011
From: usirsiwal at verivue.com (Umesh Sirsiwal)
Date: Mon, 28 Nov 2011 11:46:03 -0500
Subject: A Body filter after postpone filter
In-Reply-To: 
References: 
	
Message-ID: <4ED3BACB.8090408@verivue.com>

Ugly but works. Thanks! -Umesh

On 11/28/2011 09:00 AM, Brian Akins wrote:
> On Nov 28, 2011, at 8:34 AM, Sirsiwal, Umesh wrote:
>
>> Is my understanding correct or is there a cleaner way to achieve it?
>
> This is horrible, but how I did it in config:
>
> ngx_addon_name=ngx_http_filter_cache_module
> NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_http_filter_cache_module.c"
> HTTP_FILTER_MODULES=`echo $HTTP_FILTER_MODULES | sed "s/$HTTP_GZIP_FILTER_MODULE/ngx_http_filter_cache_module $HTTP_GZIP_FILTER_MODULE/"`
>
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel


From piotr.sikora at frickle.com  Mon Nov 28 16:58:27 2011
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Mon, 28 Nov 2011 17:58:27 +0100
Subject: A Body filter after postpone filter
In-Reply-To: 
References: 
Message-ID: <4AC1D0E0B59D4B07A256319E2D99B80A@Desktop>

Hey,
just use something like:

HTTP_POSTPONE_FILTER_MODULE="your_filter_module 
$HTTP_POSTPONE_FILTER_MODULE"

in your config.

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >


From usirsiwal at verivue.com  Mon Nov 28 17:11:14 2011
From: usirsiwal at verivue.com (Umesh Sirsiwal)
Date: Mon, 28 Nov 2011 12:11:14 -0500
Subject: A Body filter after postpone filter
In-Reply-To: <4AC1D0E0B59D4B07A256319E2D99B80A@Desktop>
References: 
	<4AC1D0E0B59D4B07A256319E2D99B80A@Desktop>
Message-ID: <4ED3C0B2.6000008@verivue.com>

Thanks, but this does not seem to work.

Looking at auto/modules, module specific config file is evaluated after 
$HTTP_POSTPONE_FILTER_MODULE has already been used to for HTTP_MODULES 
variable. Hence the need for the sed script to edit HTTP_FILTER_MODULE 
variable.

-Umesh

On 11/28/2011 11:58 AM, Piotr Sikora wrote:
> Hey,
> just use something like:
>
> HTTP_POSTPONE_FILTER_MODULE="your_filter_module
> $HTTP_POSTPONE_FILTER_MODULE"
>
> in your config.
>
> Best regards,
> Piotr Sikora<  piotr.sikora at frickle.com>
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel


From mdounin at mdounin.ru  Mon Nov 28 19:15:23 2011
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 28 Nov 2011 23:15:23 +0400
Subject: nginx crash
In-Reply-To: 
References: <20111113235455.GO95664@mdounin.ru>
	
	<20111114165039.GV95664@mdounin.ru>
	
	<87r50zo5ba.wl%appa@perusio.net>
	<20111123122936.GP95664@mdounin.ru>
	<87lir6oai8.wl%appa@perusio.net>
	<20111123215248.GZ95664@mdounin.ru>
	<87d3chorb4.wl%appa@perusio.net>
	
Message-ID: <20111128191522.GV67687@mdounin.ru>

Hello!

On Sat, Nov 26, 2011 at 10:07:48PM +0800, MagicBear wrote:

> Here is the crash bt.

[...]

> warning: Can't read pathname for load map: Input/output error.
> [Thread debugging using libthread_db enabled]
> Core was generated by `nginx:'.
> Program terminated with signal 11, Segmentation fault.
> #0  ngx_rbtree_min (sentinel=, node=0x0) at
> src/core/ngx_rbtree.h:75
> 75	    while (node->left != sentinel) {
> (gdb) bt
> #0  ngx_rbtree_min (sentinel=, node=0x0) at
> src/core/ngx_rbtree.h:75
> #1  ngx_rbtree_delete (tree=0x7f463a38c000, node=0x7f463a38f000) at
> src/core/ngx_rbtree.c:178
> #2  0x0000000000451a24 in ngx_http_file_cache_free (c=0x2509a70,
> tf=0x250a3a8) at src/http/ngx_http_file_cache.c:956
> #3  0x0000000000447759 in ngx_http_upstream_process_request
> (r=0x24ab650) at src/http/ngx_http_upstream.c:2738
> #4  0x000000000044783b in ngx_http_upstream_process_upstream
> (r=0x24ab650, u=0x24db4c0) at src/http/ngx_http_upstream.c:2677
> #5  0x000000000044792c in ngx_http_upstream_handler (ev= out>) at src/http/ngx_http_upstream.c:935
> #6  0x0000000000425979 in ngx_event_expire_timers () at
> src/event/ngx_event_timer.c:149
> #7  0x00000000004255b0 in ngx_process_events_and_timers
> (cycle=0x2465bf0) at src/event/ngx_event.c:261

[...]

> I have increase the key size to 128M, the problem has disappear for 2
> weeks, but just has happen again.

Unfortunately, backtrace isn't really usefull here.  Bad thing 
happens before this - when a cache manager decides to cleanup 
long locked cache entry, while it's still required.

Could you please add $request_time and $upstream_response_time to 
logs and provide some stats about maximum values (note there may 
be many times in $upstream_response_time for a single request, sum 
of them all is intresting)?

After looking into code again I tend to think that it should work 
as intended, just default inactive= value isn't enough in your case.  
Bumping it to something like "5h" may also help, i.e.

    proxy_cache_path ... inactive=5h;

Maxim Dounin


From piotr.sikora at frickle.com  Tue Nov 29 00:47:35 2011
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Tue, 29 Nov 2011 01:47:35 +0100
Subject: A Body filter after postpone filter
In-Reply-To: <4ED3C0B2.6000008@verivue.com>
References: 
	<4AC1D0E0B59D4B07A256319E2D99B80A@Desktop>
	<4ED3C0B2.6000008@verivue.com>
Message-ID: <02905E35E5514F26B6A606BF9A43758D@Desktop>

Hey,

> Thanks, but this does not seem to work.

Sorry, you're right, I've used similar trick to modify the order of filters 
in the beginning of the chain (not modified -> headers), but it appears that 
modifying the end of the chain isn't as easy.

I should have checked it before sending.

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >


From mdounin at mdounin.ru  Tue Nov 29 17:25:31 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Tue, 29 Nov 2011 17:25:31 +0000
Subject: [nginx] svn commit:  r4319 - in trunk/src: core http/modules/perl
Message-ID: <20111129172531.946B23F9C23@mail.nginx.com>

Author: mdounin
Date: 2011-11-29 17:25:31 +0000 (Tue, 29 Nov 2011)
New Revision: 4319

Log:
Version bump.


Modified:
   trunk/src/core/nginx.h
   trunk/src/http/modules/perl/nginx.pm

Modified: trunk/src/core/nginx.h
===================================================================
--- trunk/src/core/nginx.h	2011-11-28 15:15:14 UTC (rev 4318)
+++ trunk/src/core/nginx.h	2011-11-29 17:25:31 UTC (rev 4319)
@@ -8,8 +8,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version      1001009
-#define NGINX_VERSION      "1.1.9"
+#define nginx_version      1001010
+#define NGINX_VERSION      "1.1.10"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"

Modified: trunk/src/http/modules/perl/nginx.pm
===================================================================
--- trunk/src/http/modules/perl/nginx.pm	2011-11-28 15:15:14 UTC (rev 4318)
+++ trunk/src/http/modules/perl/nginx.pm	2011-11-29 17:25:31 UTC (rev 4319)
@@ -48,7 +48,7 @@
     HTTP_INSUFFICIENT_STORAGE
 );
 
-our $VERSION = '1.1.9';
+our $VERSION = '1.1.10';
 
 require XSLoader;
 XSLoader::load('nginx', $VERSION);


From mdounin at mdounin.ru  Tue Nov 29 17:27:13 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Tue, 29 Nov 2011 17:27:13 +0000
Subject: [nginx] svn commit:  r4320 - trunk/src/event/modules
Message-ID: <20111129172714.019903F9C23@mail.nginx.com>

Author: mdounin
Date: 2011-11-29 17:27:13 +0000 (Tue, 29 Nov 2011)
New Revision: 4320

Log:
Fixed AIO on Linux, broken in r4306.

Events from eventfd do not have c->write set, and the stale event
check added in r4306 causes null pointer dereference.


Modified:
   trunk/src/event/modules/ngx_epoll_module.c

Modified: trunk/src/event/modules/ngx_epoll_module.c
===================================================================
--- trunk/src/event/modules/ngx_epoll_module.c	2011-11-29 17:25:31 UTC (rev 4319)
+++ trunk/src/event/modules/ngx_epoll_module.c	2011-11-29 17:27:13 UTC (rev 4320)
@@ -681,19 +681,19 @@
 
         wev = c->write;
 
-        if (c->fd == -1 || wev->instance != instance) {
+        if ((revents & EPOLLOUT) && wev->active) {
 
-            /*
-             * the stale event from a file descriptor
-             * that was just closed in this iteration
-             */
+            if (c->fd == -1 || wev->instance != instance) {
 
-            ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
-                           "epoll: stale event %p", c);
-            continue;
-        }
+                /*
+                 * the stale event from a file descriptor
+                 * that was just closed in this iteration
+                 */
 
-        if ((revents & EPOLLOUT) && wev->active) {
+                ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
+                               "epoll: stale event %p", c);
+                continue;
+            }
 
             if (flags & NGX_POST_THREAD_EVENTS) {
                 wev->posted_ready = 1;


From wandenberg at gmail.com  Tue Nov 29 20:32:04 2011
From: wandenberg at gmail.com (Wandenberg Peixoto)
Date: Tue, 29 Nov 2011 18:32:04 -0200
Subject: Nginx cache grouped by keys
In-Reply-To: 
References: 
Message-ID: 

Hi,

I work for a company which uses a lot the proxy module and the proxy cache
feature.
We always have problems on clearing the cache because it has to be done url
by url.

Thinking in a way to solve this I made the patch in attachment
(nginx_cache_with_groups.patch, for nginx 1.0.10 and
0001-adding-parameter-to-purge-cache-by-groups.patch, for ngx_cache_purge
1.4).

Basically it changes the (fastcgi|proxy|scgi|uwsgi)_cache_key directives
adding an optional value named "group key".
This value accept any variable available on nginx configuration file (query
parameters, headers,...) just like the key value.

When using this value a directory is created using the same structure of
levels to store all files which have the same group key.
Doing this we can purge the cache using a specific file, like is done
today, or all files from a group. (I change the cache_purge_module to make
this possible too)

I will give an example to be clear.
Imagine the configuration attached (nginx.conf) and that "html/static"
folder has some files like test.css, test1.html and test2.html.
With that configuration the extension file will be used as the group key
and the uri as cache key.

When we execute the following commands the corresponded files are created:
command: curl -v 'http://localhost:8090/test1.html'
file:
./e/53/a/fc35fdc70d5fc69d269883a822c7a53e/1/3d/9/bcccd499fbe303221add1b6e57d693d1
-> where fc35fdc70d5fc69d269883a822c7a53e is from group key and
bcccd499fbe303221add1b6e57d693d1 from file key

command: curl -v 'http://localhost:8090/test2.html'
file:
./e/53/a/fc35fdc70d5fc69d269883a822c7a53e/4/86/6/558156b89af1ccd4844556ab699d6864
-> where fc35fdc70d5fc69d269883a822c7a53e is from group key and
558156b89af1ccd4844556ab699d6864 from file key

command: curl -v 'http://localhost:8090/test.css'
file:
./a/66/2/c7a628cba22e28eb17b5f5c6ae2a266a/a/f0/d/9a96e0fe2f89d77e756fa45ae882df0a
-> where c7a628cba22e28eb17b5f5c6ae2a266a is from group key and
9a96e0fe2f89d77e756fa45ae882df0a from file key

Now we can purge the cache from css file doing
curl -v 'localhost:8090/purge/test.css' -H 'X-Group-Clean:0'

Or purge all html files doing
curl -v 'localhost:8090/purge/_.html' -H 'X-Group-Clean:1' (the underline
in _.html is only to do a match on location)

The Group key can be as general or as specific like we want/need.

The default value for directive group_clean_cache_purge is 0, and the value
used to it must be a text which converted to a number (ngx_atoi) results in
a zero, purge only the selected file, or non zero, purge all files from
selected group.


Another example of use is we have a service to resize images, and the
desired size is passed through the uri like
http://localhost/480x360/1361234.jpg or http://localhost/x240/1361234.jpg

With that patch we can group all resized images using the image id
(1361234, in the example) as the group key and than purge all cached files
at once.

I hope this patch can be applied in future versions of Nginx and made
available to everyone.

Regards,
Wandenberg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-adding-parameter-to-purge-cache-by-groups.patch
Type: text/x-diff
Size: 24274 bytes
Desc: not available
URL: 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx_cache_with_groups.patch
Type: text/x-diff
Size: 19133 bytes
Desc: not available
URL: 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx.conf
Type: application/octet-stream
Size: 1298 bytes
Desc: not available
URL: 

From ru at nginx.com  Wed Nov 30 07:36:10 2011
From: ru at nginx.com (ru at nginx.com)
Date: Wed, 30 Nov 2011 07:36:10 +0000
Subject: [nginx] svn commit:  r4321 - trunk/misc
Message-ID: <20111130073610.56C963F9C36@mail.nginx.com>

Author: ru
Date: 2011-11-30 07:36:09 +0000 (Wed, 30 Nov 2011)
New Revision: 4321

Log:
Compute the repository root from the checkout.


Modified:
   trunk/misc/GNUmakefile

Modified: trunk/misc/GNUmakefile
===================================================================
--- trunk/misc/GNUmakefile	2011-11-29 17:27:13 UTC (rev 4320)
+++ trunk/misc/GNUmakefile	2011-11-30 07:36:09 UTC (rev 4321)
@@ -3,7 +3,7 @@
 			| sed -e 's/^.*\"\(.*\)\"/\1/')
 NGINX =		nginx-$(VER)
 TEMP =		tmp
-REPO =		svn://svn.nginx.com
+REPO =		$(shell svn info | sed -n 's/^Repository Root: //p')
 
 OBJS =		objs.msvc8
 OPENSSL =	openssl-1.0.0d
@@ -46,7 +46,7 @@
 	svn ci -F $(TEMP)/message
 
 	echo "release-$(VER) tag" > $(TEMP)/message
-	svn copy $(REPO)/nginx/trunk $(REPO)/nginx/tags/release-$(VER)  \
+	svn copy $(REPO)/trunk $(REPO)/tags/release-$(VER)		\
 		-F $(TEMP)/message
 
 	svn up


From mdounin at mdounin.ru  Wed Nov 30 10:00:50 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Wed, 30 Nov 2011 10:00:50 +0000
Subject: [nginx] svn commit:  r4322 - trunk/docs/xml/nginx
Message-ID: <20111130100050.CF76E3F9C34@mail.nginx.com>

Author: mdounin
Date: 2011-11-30 10:00:50 +0000 (Wed, 30 Nov 2011)
New Revision: 4322

Log:
nginx-1.1.10-RELEASE


Modified:
   trunk/docs/xml/nginx/changes.xml

Modified: trunk/docs/xml/nginx/changes.xml
===================================================================
--- trunk/docs/xml/nginx/changes.xml	2011-11-30 07:36:09 UTC (rev 4321)
+++ trunk/docs/xml/nginx/changes.xml	2011-11-30 10:00:50 UTC (rev 4322)
@@ -9,6 +9,22 @@
 nginx changelog
 
 
+
+
+
+
+??? ????????????? AIO ?? Linux ? ??????? ???????? ?????????? segmentation fault;
+?????? ????????? ? 1.1.9.
+
+
+a segmentation fault occured in a worker process if AIO was used on Linux;
+the bug had appeared in 1.1.9.
+
+
+
+
+
+
 
 
 


From mdounin at mdounin.ru  Wed Nov 30 10:01:12 2011
From: mdounin at mdounin.ru (mdounin at mdounin.ru)
Date: Wed, 30 Nov 2011 10:01:12 +0000
Subject: [nginx] svn commit:  r4323 - tags
Message-ID: <20111130100112.113AD3F9C36@mail.nginx.com>

Author: mdounin
Date: 2011-11-30 10:01:11 +0000 (Wed, 30 Nov 2011)
New Revision: 4323

Log:
release-1.1.10 tag


Added:
   tags/release-1.1.10/