Unit 1.33.0 released
Andrew Clayton
andrew at digital-domain.net
Wed Sep 18 14:36:17 UTC 2024
Hi, NGINX Unit community,
We are pleased to announce the release of NGINX Unit 1.33.0
This release is comprised of 240 non-merge commits from 20 people of
which 6 are external contributors.
A shout out to our external contributors
) Alejandro Colomar
) Arjun
) Costas Drongos
) Gourav
) Remi Collet
) Robbie McKinstry
With a special mention to Arjun for his fuzzing work.
This release can be found at
<https://github.com/nginx/unit/releases/tag/1.33.0>
Packages can be found from the Unit website
<https://unit.nginx.org/installation/#official-packages>
Website announcement can be found at
<https://unit.nginx.org/news/2024/unit-1.33.0-released>
Unit 1.33.0 includes new configuration options (see below), experimental
chunked request body support, disabled by default, a new Rust based CLI
tool (unitctl, see: tools/unitctl/README.md) and much more!
New configuration options
=========================
This release introduces three new configuration options.
1) listen_threads
This can be set under '/settings/listen_threads' and controls the
number of threads the router process creates to handle client
connections. The default is to create the same number of threads as
there are available runnable CPUs.
2) backlog
This can be set under '/listeners/<address:port>/backlog'
This setting is per-listener and sets the backlog parameter as passed to
the listen(2) system-call, which essentially defines the maximum length
of the queue of pending connections for the socket in question.
This is analogous to the 'backlog' parameter of the 'listen' directive
in nginx.
3) factory
This can be set under '/applications/<app>/factory'
This setting is specific to Python applications and allows the
enablement of Python 'application factories'.
This is a boolean value and if set to 'true', Unit treats 'callable' as
a factory.
The default is 'false'.
NOTE: Unit does *not* support passing arguments to factories.
Changes
=======
* On Linux we now default to a listen(2) backlog of -1, which means we
use the OS's default, which is 4096 from Linux 5.4 on-wards and 128
prior. The previous default was 511.
As noted above, you are now able to set this in the configuration, but
keep in mind that any value you set there will be limited to the OS's
sysctl setting, net.core.somaxconn (which you can increase if
required).
* Under systemd Unit once again runs in 'forking' mode. This allows the
per-application logging feature to work out the box.
* Unit can now accept chunked requests rather than returning '411
Length Required' as previously. This feature is experimental and can
be enabled via the '/settings/chunked_transform' configuration option
by setting it to true.
* The Python language module now supports 'Application Factories'
(thanks to Gourav).
Developers
==========
Some simple changes have been made to the build system.
* Prettified make output by default with GNU make.
Instead of getting the normal compiler command for each target being
built you now get a much simpler line like
CC build/src/nxt_cgroup.o
You can get the old *verbose* output by passing V=1 to make, e.g.
$ make V=1
* Make variables
You can now control some aspects of the build process by passing
variables to make (like the above), currently supported variables are:
) D=1 Enables debug builds (-O0) (default: 0)
) E=0 Disables -Werror (default: 1)
) V=1 Enables verbose output (default: 0)
) EXTRA_CFLAGS= Add extra compiler options
* GCC & Clang
We removed support for a bunch of esoteric compilers, including for
some systems which Unit has likely never ever run on!.
That leaves GCC and Clang as the currently supported compilers for
building Unit.
* -std=gnu11
Last but not least, Unit has come forth into the 21st century and we
now build with -std=gnu11 (C11 + GNU extensions). While previously we
didn't explicitly set the -std= option, due to supporting CentOS 7
(which is now EOL) we were effectively limited to -std=gnu89/90.
This brings us one step closer to modernising Unit's code base.
========================================================================
Changes with Unit 1.33.0 17 Sep 2024
*) Feature: make the number of router threads configurable.
*) Feature: make the listen(2) backlog configurable.
*) Feature: add Python application factory support.
*) Feature: add experimental chunked request body support. (Disabled
by default).
*) Feature: add fuzzing via oss-fuzz.
*) Feature: add "if" option to the "match" object.
*) Feature: show list of loaded language modules in the /status
endpoint.
*) Feature: Unit ships with a new Rust based CLI application
"unitctl".
*) Feature: the wasm-wasi-component language module now inherits the
processes environment.
*) Change: under systemd unit runs in forking mode (once again).
*) Change: if building with njs, version 0.8.3 or later is now
required.
*) Change: Unit now builds with -std=gnu11 (C11 with GNU
extensions).
*) Change: Unit now creates the full directory path for the PID file
and control socket.
*) Change: build system improvements, including pretty printing the
make output and enabling various make variables to
influence the build process (see: make help).
*) Change: better detection of available runnable CPUs on Linux.
*) Change: default listen(2) backlog on Linux now defaults to Kernel
default.
*) Bugfix: don't modify REQUEST_URI.
*) Bugfix: fix a crash when interrupting a download via a proxy.
*) Bugfix: wasm-wasi-component application process hangs after
receiving restart signal from the control endpoint.
*) Bugfix: njs variables accessed with a JS template literal should
not be cacheable.
*) Bugfix: properly handle deleting arrays of certificates.
*) Bugfix: don't create the $runstatedir directory which triggered
an Alpine packaging error.
------------------------------------------------------------------------
Changes since 1.32.0 are as follows:
Alejandro Colomar (12):
Build with -std=gnu11 (C11 with GNU extensions)
fs: Rename nxt_fs_mkdir_parent() => nxt_fs_mkdir_dirname()
fs: Rename nxt_fs_mkdir_all() => nxt_fs_mkdir_p()
fs: Use branchless code in nxt_fs_mkdir_p()
fs: Use a temporary variable in nxt_fs_mkdir_p()
fs: Accept relative paths in nxt_fs_mkdir_p()
fs: Accept path names of length 1 in nxt_fs_mkdir_p()
fs: Invert logic to reduce indentation in nxt_fs_mkdir_dirname()
fs: Correctly handle "/" in nxt_fs_mkdir_dirname()
fs: Make the full directory path for the pid file and the control socket
auto: Don't install $runstatedir
Use octal instead of mode macros
Andrei Zeliankou (22):
Version bump
Router: match when pattern and tested string are both zero length
NJS: avoiding arithmetic ops with NULL pointer in r->args
Fixed undefined behaviour in left shift of int value
Avoiding arithmetic ops with NULL pointer in nxt_http_arguments_parse
Avoiding arithmetic ops with NULL pointer in nxt_port_mmap_get
Initialize port_impl only when it is needed
Avoiding arithmetic ops with NULL pointer in nxt_unit_mmap_get
NJS: loader should be registered using njs_vm_set_module_loader()
Tests: NJS cacheable variables with access log
njs (lowercase) is more preferred way to mention
Docs: njs (lowercase) is more preferred way to mention
Tests: added $request_uri tests with proxy
Tests: compatibility with OpenSSL 3.2.0
Tests: error report corrected for unknown variables in "response_headers"
tests: REQUEST_URI variable test with rewrite
Tests: explicitly specify 'f' prefix to format string before printing
Tests: print unit.log on unsuccessful unmount
Tests: chunked request body
contrib: updated njs to 0.8.5
tests: Fix `/status' endpoint tests for new 'modules' section
Tests: initial "wasm-wasi-component" test
Andrew Clayton (86):
Configuration: Fix check in nxt_conf_json_parse_value()
Remove unused nxt_vector_t API
Var: Remove a dead assignment in nxt_var_interpreter()
Avoid potential NULL pointer dereference in nxt_router_temp_conf()
Add GitHub workflow for wasm-wasi-component
Remove support for Microsoft's Visual C++ compiler
Remove support for Intel's icc compiler
Remove support for IBM's XL C compiler
Remove support for Sun's Sun Studio/SunPro C compiler
Remove -W from compiler flags
Expand the comment about -Wstrict-overflow on GCC
Disable strict-aliasing in clang by default
Compile with -fno-strict-overflow
Add initial infrastructure for pretty printing make output
Hook up make pretty printing to the Unit core and tests
Pretty print the Java language module compiler output
Pretty print the Perl language module compiler output
Pretty print the PHP language module compiler output
Pretty print the Python language module compiler output
Pretty print the Ruby language module compiler output
Pretty print the wasm language module compiler output
Enable optional 'debuggable' builds
Allow to disable -Werror at 'make' time
Add a help target to the root Makefile
Add an EXTRA_CFLAGS make variable
Fix the security-alert email link in the README
Add a repostatus badge to the README
Add a GitHub workflow status badge for our CI to the README
Rebuild wasm-wasi-component when any of its dependencies change
Wasm-wc: Fix application restarts
Fix some trailing whitespace and long lines in the README
configuration: Constify numerous pointers
Constify a bunch of static local variables
php: Constify some local static variables
configuration: Constify more pointers
Tighten up some string arrays
Add a GitHub workflow to check for whitespace issues
auto/wasm: No need to explicitly set -fno-strict-aliasing now
Convert 0-sized arrays to true flexible array members
auto, perl: Fix building the Perl language module with clang
.mailmap: Add an entry for Ava's GitHub address
Add GitHub workflows for extra coverage
tstr: Constify the 'str' parameter to nxt_tstr_compile()
wasm: Add a missing 'const' qualifier in nxt_wasm_setup()
ci: Be more specific when to run the main Unit checks
ci: Limit when to run checks on pull-requests
fuzzing: Add a .gitattributes file
perl: Constify some local static variables
test/clone: Constify some local static variables
python: Constify some local static variables
auto: Fix some indentation in auto/modules/wasm-wasi-component
auto, wasm-wc: Copy the .so into build/lib/unit/modules/
status: Constify a bunch of local variables
status: Use a variable to represent the status member index
Flow the language module name into nxt_app_lang_module_t
status: Show list of loaded language modules
Fix a comment typo for 'Memory-only buffers' in src/nxt_buf.h
status: Add a missing check for potential NULL
Add a basic .editorconfig file
CONTRIBUTING.md: Re-flow text
CONTRIBUTING.md: Update the 'Git Style Guide' section
README: Update number of supported languages
auto: Add a check for Linux's sched_getaffinity(2)
lib: Better available cpu count determination on Linux
router: Make the number of router threads configurable
socket: Use a default listen backlog of -1 on Linux
conf, router: Make the listen(2) backlog configurable
ci/unitctl: Update paths
docs/openapi: Fix brokenness
docs/openapi: Add new config options
Remove .hgtags
Remove .hgignore files
tests: Fix `/status' endpoint to cater for lists
test/wasm-wc: Target wasm32-wasip1
test/wasm-wc: Rename test_wasm_component.py
ci: Enable the wasm-wasi-component tests
ci: Fix wasmtime paths in ci.yml
ci: Trigger ci.yml for changes under pkg/contrib
tests: Fix routing tests in the no njs case
tests: Suppress cargo-component output
python: Don't decrement a reference to a borrowed object
unitctl: Don't track unit-openapi/.openapi-generator/
pkg/docker: Update dockerfiles for 1.33.0
tools/unitctl: Update for version 1.33.0
docs/changes.xml: Add 1.33.0 changelog entries
Add 1.33.0 CHANGES
Arjun (15):
http: fix use-of-uninitialized-value bug
fuzzing: add fuzzing infrastructure in build system
fuzzing: add fuzzing targets
fuzzing: add a fuzzing seed corpus and dictionary
fuzzing: add a basic README
tstr, conf: Ensure error strings are nul-terminated
fuzzing: added cifuzz workflow
fuzzing: fix harness bugs
fuzzing: update directory path in README and build-fuzz.sh
fuzzing: code cleanup
fuzzing: fixed harness bug
fuzzing: updated JSON target
fuzzing: added new basic targets
fuzzing: fixed harness bug
socket: Prevent buffer under-read in nxt_inet_addr()
Ava Hahn (24):
Add additional information to the README
Elaborate on docker image differences
tools: Add unitctl CLI
tools/unitctl: Initial Docker Procedures
tools/unitctl: API Plumbing for docker deployments
tools/unitctl: Add Docker deployment functionality
tools/unitctl: Add new functionality to README.md and fmt code
tools/unitctl: temporarily ignore issues with autogenerated readme
tools/unitctl: Readme fixes
tools/unitctl: Improve quality of life on osx
tools/unitctl: Update host_path() to account for OSX special behaviour
tools/unitctl: clean up control socket impls
tools/unitctl: enable passing IP addresses to the 'instances new' command
trigger unitctl CI on version tags of existing format
ci: Add unit testing to unitctl CI workflow
ci: tweak unitctl github release
tools/unitctl: implement application subcommand
tools/unitctl: unitctl export
tools/unitctl: Enable Multi Socket Support
tools/unitctl: update readme
tools/unitctl: update readme
tools/unitctl: make application directory configurable
wasm-wc: bump wasmtime to v24
tools/unitctl: change reload to restart
Costas Drongos (1):
Docker: Bump containers to bookworm
Dan Callahan (1):
ci: Fix tags on ad hoc unitctl releases
Danielle De Leo (1):
Add unitctl quickstart to README.md
Dylan Arbour (4):
Test with root access in GitHub workflows
.mailmap: Map Dylan's 2nd GitHub address
Add dependabot.yml
Add unitctl build and release CI
Gabor Javorszky (13):
tests: Change request_uri tests for changed behaviour
tools/unitctl: Replace matching image name to matching command
tools/unitctl: Replace format! with .to_string()
tools/unitctl: remove (default) from option text
tools/unitctl: make json-pretty default output fmt
tools/unitctl: reword freeform message for output
tools/unitctl: whitespace fixes
tools/unitctl: rename app -> apps, fix readme
docs: remove security.txt file
docs: add SECURITY.md
tools/unitctl: rename UNIT -> Unit
tools/unitctl: add export subcommand to readme
tools/unitctl: adjust readme for socket addresses
Gourav (2):
python: Support application factories
tests: Add tests for python application factories
Jon Torre (2):
docs/openapi: Update the /status endpoint URL
docs/openapi: Add entries for the new /status/modules endpoint
Konstantin Pavlov (22):
Wasm-wc: use more common uname switch to get operating system name
Packaging: added missing build dependencies to Makefiles
Packaging: fix build-depends detection on debian-based systems
contrib: be quiet on unpack
contrib: updated njs to 0.8.4
Packages: moved systemd service to forking on rpm-based distros
Docker: bump node and perl versions
Docker: updated Rust and rustup versions
Packages: clean up EOL debian-based distributions
Packages: added Ubuntu 24.04 "noble" support
Packages: don't redefine FORTIFY_SOURCE on Ubuntu
Packages: remove support for EOL Fedora versions (35-38)
Packages: removed CentOS 6 leftover
Packages: removed CentOS 7 due to EOL
contrib: make sha512sum check compatible with FreeBSD 14+
Packaging: fix build-depends on multiarch debian systems
Docker: bump Go versions
Docker: update Rust version
Docker: introduce "slim" python images
Docker: leave artifacts when build targets succeed
Added .gitignore for pkg/contrib/tarballs
Packages: bump wasmtime to 24.0.0 and wasi-sysroot to 24.0.
Liam Crilly (2):
Tools: improved error handling for unitc
tools/unitc: Redirect stderr for curl feature test
Mike Jang (1):
Add a GitHub discussions badge to the README
Remi Collet (1):
pkg/rpm: Remove deprecated rpm spec file items
Robbie McKinstry (1):
wasm-wc: Enable environment inheritance
Sergey A. Osokin (2):
java: Update third-party components
java: Update third-party components
Taryn Musgrave (1):
tools: Add unitctl section to the README
Zhidao HONG (22):
Var: Fix cacheable issue for njs variable access
HTTP: Added variable validation to the response_headers option
HTTP: Introduce quoted target marker in HTTP parsing
HTTP: Rewrote url target section in nxt_h1p_peer_header_send()
Fixes: 64934e59f ("HTTP: Introduce quoted target marker in HTTP parsing") Reviewed-by: Andrew Clayton <a.clayton at nginx.com>
http: Use consistent target in nxt_h1p_peer_header_send()
http: Ensure REQUEST_URI immutability
http: Move chunked buffer pos pointer while parsing
http: Refactored nxt_h1p_request_body_read()
http: Support chunked request bodies
Fix certificate deletion for array type certificates
var: Restrict nxt_tstr_query() to only support synchronous operation
http: Refactor return action
http: Refactor route pass query
http: Refactor static action
http: Refactor access log write
var: Remove unused functions and structure fields
http: Refactor out nxt_tstr_cond_t from the access log module
http: Get rid of nxt_http_request_access_log()
http: Add "if" option to the "match" object
tests: "if" option in http route match
http: Fix router process crash whilst using proxy
dependabot[bot] (5):
Wasm-wc: Bump the mio crate from 0.8.10 to 0.8.11
Wasm-wc: Bump the h2 crate from 0.4.2 to 0.4.4
wasm-wc: Bump the rustls crate from 0.21.10 to 0.21.11
ci: cifuzz: Bump github/codeql-action from 2 to 3
build(deps): bump openssl from 0.10.64 to 0.10.66 in /tools/unitctl
More information about the unit
mailing list