[ANN] OpenResty 1.9.15.1 released

Yichun Zhang (agentzh) agentzh at gmail.com
Sat Jun 4 05:39:46 UTC 2016


Hi folks,

I am happy to announce the new formal release, 1.9.15.1, of the
OpenResty web platform based on NGINX and LuaJIT:

    https://openresty.org/en/download.html

Both the (portable) source code distribution and the Win32 binary
distribution are provided on this Download page.

The highlights of this release are:

1. New NGINX 1.9.15 core.

2. LuaJIT now supports (almost) the full 2GB address space for its
GC-managed memory per VM instance on x86_64 (as compared to the
previous 1GB memory limit on x86_64).

3. the new restydoc command-line utility. Ensure you have added
<prefix>/bin to your PATH
environment, as in

    export PATH=/usr/local/openresty/bin:$PATH

assuming your are using the default OpenResty prefix
(/usr/local/openresty). Then you can try the following commands from
your terminal:

    restydoc -s listen

    restydoc -s content_by_lua

    restydoc resty.lrucache

    restydoc -s ngx.re.match ngx_lua

    restydoc ngx_proxy

    restydoc ngx_stream_proxy

    restydoc -s '$request_uri'

Hopefully you'll have fun with this tool :)

Special thanks go to all our developers and contributors!

Complete list of changes since the last (formal) release, 1.9.7.5:

 *   upgraded the Nginx core to 1.9.15.

     *   see the changes here: http://nginx.org/en/CHANGES

 *   bugfix: applied the patch for nginx security advisory
     (CVE-2016-4450) to the nginx 1.9.15 core.

 *   feature: added restydoc documentation indexes for the official
     nginx core and most of the official openresty components.

 *   upgraded ngx_lua to 0.10.5.

     *   bugfix: use of ssl_certificate_by_lua* in the "http {}"
         scope could lead to process crashes. thanks Andreas Lubbe
         for the report.

     *   bugfix: ngx.print("") did not trigger response header
         sending.

     *   feature: linux x64: now we try limiting the growth of the
         data segment of the nginx processes to preserve as much
         lowest address space for LuaJIT as possible. thanks Shuxin
         Yang for the help.

     *   bugfix: init_worker_by_lua* did not honor "http {}"
         top-level configurations like lua_ssl_verify_depth and
         lua_ssl_trusted_certificate. thanks Vladimir Shaykovskiy for
         the report.

     *   bugfix: ngx.exit() could not be used in the context of
         balancer_by_lua* when lua-resty-core was used.

     *   bugfix: *_by_lua_block: fixed Lua long bracket parsing at
         buffer boundaries. thanks Maxim Ivanov and Tom Thorogood for
         the report.

     *   bugfix: ngx.req.append_body() might enter infinite loops
         when ngx.req.init_body() has not specified a buffer size and
         the request header "Content-Length" is 0 (or
         client_body_buffer_size is configured to 0). thanks Hai for
         the report and Dejiang Zhu for the patch.

     *   bugfix: ngx.re.match: the 5th argument hid the 4th one.
         thanks iorichina for the report and rako9000 for the
         original patch.

     *   bugfix: ngx.worker.id() should return "nil" in non-worker
         processes like nginx's cache managers. thanks Weixie Cui for
         the patch.

     *   bugfix: fixed a memory leak in cert_pem_to_der(), caught by
         valgrind.

     *   bugfix: ignore unexpected closing long-brackets in
         *_by_lua_block directives. thanks Thibault Charbonnier for
         the patch.

     *   bugfix: changing peers in balancer_by_lua* might lead to
         stale values of $upstream_addr.

     *   bugfix: clear errors in ngx.ssl and ngx.ocsp functions to
         avoid flooding nginx error logs. thanks Hamish for the
         original patch.

     *   bugfix: tcpsock:sslhandshake() did not correctly check
         argument count. thanks Ilya Shipitsin for the report.

     *   bugfix: tcpsock:sslhandshake() accepts up to 5 arguments now
         (including the object itself).

     *   bugfix: assignment to ngx.status might not affect subsequent
         ngx.status reads when error_page had already taken place.
         thanks wangwei4514 for the report.

     *   refactor: refactored the implementation of the ngx.semaphore
         API. thanks Weixie Cui for the patch.

     *   doc: typo fixes from Christos Trochalakis.

 *   upgraded lua-resty-core to 0.1.6.

     *   feature: implemented ngx.worker.id() and ngx.worker.count()
         with FFI. thanks Yuansheng Wang for the patch.

     *   bugfix: Lua's tail-call optimization might unexpectedly make
         ngx.semaphore objects get garbage-collected prematurely even
         when there're still waiters. this could happen when
         lua_check_client_abort is enabled. thanks Dejiang Zhu for
         the patch.

     *   doc: ngx.semaphore: documented the "timeout" argument of
         "wait()" in more detail.

     *   doc: typo fixes from Alessandro Ghedini.

     *   doc: formatting fixes from ms2008.

 *   upgraded lua-resty-redis to 0.24.

     *   bugfix: added a "tostring()" call to avoid the "attempt to
         concatenate local 'prefix' (a nil value)" error in Lua
         function "_read_reply()".

     *   optimize: we now alway call "tostring()" upon args in Redis
         query methods.

     *   optimize: reduced Lua string concatenations in redis query
         composition.

 *   upgraded lua-resty-dns to 0.16.

     *   bugfix: when the "AD" and "CD" bits are set in the DNS
         responses as per RFC 2065, they would erroneously be treated
         as a part of the error code ("RCODE"). thanks Celebi Lui for
         the report and patch.

 *   upgraded lua-resty-memcached to 0.14.

     *   optimize: reduced table.concat() calls while constructing
         memcached requests, which can lead to fewer Lua string
         creation operations.

     *   bugfix: "get()" did not return server error responses.
         thanks Lorenz Bauer for the report.

     *   bugfix: "gets()" did not return server error responses.
         thanks Lorenz Bauer for the report.

     *   bugfix: "get()": simplified the error messages so that the
         caller can check the error more easily.

     *   feature: "set_timeout()" now returns the result of the
         operation. thanks Guanlan Dai for the report.

 *   upgraded lua-resty-mysql to 0.16.

     *   bugfix: "close()": we did not send the "COM_QUIT" packet to
         the MySQL server. thanks Andreas Fischer for the report.

     *   bugfix: fixed the Lua exception "attempt to concatenate
         field 'state' (a nil value)". thanks heyuanlong for the
         report.

     *   doc: typo fixes from Boris Nagaev.

 *   upgraded resty-cli to 0.12.

     *   feature: "resty": multiple "-e" options, along with the file
         argument, are supported.

     *   feature: added new command-line utility, restydoc, for
         viewing OpenResty/Nginx documentation on the terminal
         (inspired by Perl's "perldoc" utility) via "groff" (used by
         "man" as well).

     *   feature: added new command-line utility, md2pod.pl, for
         converting GitHub-flavored Markdown source to Perl's POD
         format.

     *   feature: added new command-line utility, restydoc-index, for
         generating the documentation indexes by scanning Markdown
         and POD document files in user-specified directories, which
         can be used by the restydoc tool.

     *   feature: added new command-line utility, nginx-xml2pod, for
         converting NGINX's official XML-formatted documentation to
         Perl's POD format.

     *   bugfix: "resty": the "--valgrind" command-line option was
         broken.

 *   upgraded lua-cjson to 2.1.0.4.

     *   feature: added the "cjson.as_array" metamethod to enforce
         empty array encoding. thanks Thibault Charbonnier for the
         patch.

     *   bugfix: fixed the 16 decimal number encoding assertion.
         thanks Thibault Charbonnier for the patch.

     *   doc: added proper documentation for OpenResty's fork of
         lua-cjson. thanks Thibault Charbonnier for the patch.

 *   upgraded LuaJIT to v2.1-20160517:
     https://github.com/openresty/luajit2/tags

     *   imported Mike Pall's latest changes:

         *   Rollback due to "HREFK" + load fwd must restore
             guardemit state.

         *   Always merge snapshots without instructions inbetween.

         *   FFI: Parse "#line NN" and "#NN".

         *   MIPS: Switch to dual-number mode. Fix soft-float
             interpreter.

         *   PS4: Switch default build to amalgamated and "LJ_GC64"
             mode.

         *   MIPS: Add soft-float support to JIT compiler backend.

         *   Don't allocate unused 2nd result register in JIT
             compiler backend.

         *   Use internal implementation for converting FP numbers to
             strings.

         *   MIPS soft-float: Fix code generation for HREF.

         *   ARM: Fix build problem with external frame unwinding.

         *   Fix display of "NULL" (light)userdata in "-jdump".

         *   x64/LJ_GC64: Fix JIT glue code in interpreter.

         *   x86: Detect "BMI2" instruction support.

         *   x86: Generate "BMI2" shifts and rotates, if available.

         *   MIPS: Fix use of ffgccheck delay slots in interpreter.

         *   Windows/x64/LJ_GC64: Fix "math.frexp()" and
             "math.modf()".

         *   Cygwin: Allow cross-builds to non-Cygwin targets.

         *   Fix recording of "select(n, ...)" with off-trace
             varargs.

         *   x86: Improve disassembly of BMI2 instructions.

         *   x64/LJ_GC64: Fix "BC_UCLO" check for fast-path.

         *   MIPS: Fix "BC_ISNEXT" fallback path.

         *   Rewrite memory block allocator.

             Use a mix of linear probing and pseudo-random probing.
             Workaround for 1GB "MAP_32BIT" limit on Linux/x64. Now
             2GB with "!LJ_GC64". Enforce 128TB "LJ_GC64" limit for >
             47 bit memory layouts (ARM64).

         *   x86/x64: Search for exit jumps with instruction length
             decoder.

         *   Fix handling of non-numeric strings in arithmetic
             coercions.

         *   Fix GCC 6 -Wmisleading-indentation warnings.

         *   Constrain value range of "lj_ir_kptr()" to unsigned 32
             bit pointers.

 *   upgraded ngx_srcache to 0.31.

     *   bugfix: this module should not depend on builtin modules
         like ngx_http_ssi and ngx_http_addition to pull in the
         ngx_http_postpone module to function properly. thanks
         Dejiang Zhu for the original patch.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure". thanks Hiroaki Nakamura for the
         original patch.

     *   bugfix: fixed errors and warnings with C compilers without
         variadic macro support.

     *   doc: clarified what "0s" means for the default expiration
         time. thanks matlloyd for the patch.

     *   doc: documented the memcached maximum key length and the
         set_md5 directive. thanks Jérémy Lal for the patch.

 *   upgraded ngx_form_input to 0.12.

     *   bugfix: avoided use of C global variables in configuration
         phase since it might cause problems in failed HUP reloads.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure".

 *   upgraded ngx_devel_kit to 0.3.0.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure". thanks Andrei Belov for the patch.

     *   bugfix: compiler errors: comparison between signed and
         unsigned integer expressions. thanks Xiaochen Wang for the
         patch.

     *   doc: added the new section "Modules using NDK".

 *   upgraded ngx_encrypted_session to 0.05.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure".

 *   upgraded ngx_headers_more to 0.30.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure". thanks Sjir Bagmeijer for the
         original patch.

 *   upgraded ngx_echo to 0.59.

     *   feature: added support for nginx 1.9.11+ when no nginx
         builtin modules pull in the ngx_http_postpone module.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure".

     *   bugfix: fixed warnings with C compilers without variadic
         macro support.

 *   upgraded ngx_memc to 0.17.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure".

     *   bugfix: fixed errors and warnings with C compilers without
         variadic macro support.

 *   upgraded ngx_redis2 to 0.13.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure".

     *   bugfix: fixed errors and warnings with C compilers without
         variadic macro support.

 *   upgraded ngx_iconv to 0.14.

     *   feature: this module can now be compiled as a dynamic module
         with NGINX 1.9.11+ via the "--with-dynamic-module=PATH"
         option of "./configure".

The HTML version of the change log with lots of helpful hyper-links
can be browsed here:

    https://openresty.org/en/changelog-1009015.html

OpenResty (aka. ngx_openresty) is a full-fledged web platform
by bundling the standard Nginx core, Lua/LuaJIT, lots of
3rd-party Nginx modules and Lua libraries, as well as most of their external
dependencies. See OpenResty's homepage for details:

    https://openresty.org/

We have run extensive testing on our Amazon EC2 test cluster and
ensured that all the components (including the Nginx core) play well
together. The latest test report can always be found here:

    https://qa.openresty.org/

Enjoy!
-agentzh



More information about the nginx mailing list