|
[-]
[+]
|
Changed |
nginx-1.8.changes
|
|
|
|
[-]
[+]
|
Changed |
nginx-1.8.spec
^
|
|
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/CHANGES
^
|
| @@ -1,4 +1,51 @@
+Changes with nginx 1.8.1 26 Jan 2016
+
+ *) Security: invalid pointer dereference might occur during DNS server
+ response processing if the "resolver" directive was used, allowing an
+ attacker who is able to forge UDP packets from the DNS server to
+ cause segmentation fault in a worker process (CVE-2016-0742).
+
+ *) Security: use-after-free condition might occur during CNAME response
+ processing if the "resolver" directive was used, allowing an attacker
+ who is able to trigger name resolution to cause segmentation fault in
+ a worker process, or might have potential other impact
+ (CVE-2016-0746).
+
+ *) Security: CNAME resolution was insufficiently limited if the
+ "resolver" directive was used, allowing an attacker who is able to
+ trigger arbitrary name resolution to cause excessive resource
+ consumption in worker processes (CVE-2016-0747).
+
+ *) Bugfix: the "proxy_protocol" parameter of the "listen" directive did
+ not work if not specified in the first "listen" directive for a
+ listen socket.
+
+ *) Bugfix: nginx might fail to start on some old Linux variants; the bug
+ had appeared in 1.7.11.
+
+ *) Bugfix: a segmentation fault might occur in a worker process if the
+ "try_files" and "alias" directives were used inside a location given
+ by a regular expression; the bug had appeared in 1.7.1.
+
+ *) Bugfix: the "try_files" directive inside a nested location given by a
+ regular expression worked incorrectly if the "alias" directive was
+ used in the outer location.
+
+ *) Bugfix: "header already sent" alerts might appear in logs when using
+ cache; the bug had appeared in 1.7.5.
+
+ *) Bugfix: a segmentation fault might occur in a worker process if
+ different ssl_session_cache settings were used in different virtual
+ servers.
+
+ *) Bugfix: the "expires" directive might not work when using variables.
+
+ *) Bugfix: if nginx was built with the ngx_http_spdy_module it was
+ possible to use the SPDY protocol even if the "spdy" parameter of the
+ "listen" directive was not specified.
+
+
Changes with nginx 1.8.0 21 Apr 2015
*) 1.8.x stable branch.
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/CHANGES.ru
^
|
| @@ -1,4 +1,56 @@
+Изменения в nginx 1.8.1 26.01.2016
+
+ *) Безопасность: при использовании директивы resolver во время обработки
+ ответов DNS-сервера могло происходить разыменование некорректного
+ адреса, что позволяло атакующему, имеющему возможность подделывать
+ UDP-пакеты от DNS-сервера, вызвать segmentation fault в рабочем
+ процессе (CVE-2016-0742).
+
+ *) Безопасность: при использовании директивы resolver во время обработки
+ CNAME-записей могло произойти обращение к ранее освобождённой памяти,
+ что позволяло атакующему, имеющему возможность инициировать
+ преобразование произвольных имён в адреса, вызвать segmentation fault
+ в рабочем процессе, а также потенциально могло иметь другие
+ последствия (CVE-2016-0746).
+
+ *) Безопасность: при использовании директивы resolver во время обработки
+ CNAME-записей не во всех случаях проверялось ограничение на
+ максимальное количество записей в цепочке, что позволяло атакующему,
+ имеющему возможность инициировать преобразование произвольных имён в
+ адреса, вызвать чрезмерное потребление ресурсов рабочими процессами
+ (CVE-2016-0747).
+
+ *) Исправление: параметр proxy_protocol директивы listen не работал,
+ если не был указан в первой директиве listen для данного
+ listen-сокета.
+
+ *) Исправление: nginx мог не запускаться на некоторых старых версиях
+ Linux; ошибка появилась в 1.7.11.
+
+ *) Исправление: при совместном использовании директив try_files и alias
+ внутри location'а, заданного регулярным выражением, в рабочем
+ процессе мог произойти segmentation fault; ошибка появилась в 1.7.1.
+
+ *) Исправление: директива try_files внутри вложенного location'а,
+ заданного регулярным выражением, работала неправильно, если во
+ внешнем location'е использовалась директива alias.
+
+ *) Исправление: при использовании кэша в логах могли появляться
+ сообщения "header already sent"; ошибка появилась в 1.7.5.
+
+ *) Исправление: при использовании различных настроек ssl_session_cache в
+ разных виртуальных серверах в рабочем процессе мог произойти
+ segmentation fault.
+
+ *) Исправление: директива expires могла не срабатывать при использовании
+ переменных.
+
+ *) Исправление: если nginx был собран с модулем ngx_http_spdy_module,
+ протокол SPDY мог быть использован клиентом, даже если не был указан
+ параметр spdy директивы listen.
+
+
Изменения в nginx 1.8.0 21.04.2015
*) Стабильная ветка 1.8.x.
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/core/nginx.h
^
|
| @@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1008000
-#define NGINX_VERSION "1.8.0"
+#define nginx_version 1008001
+#define NGINX_VERSION "1.8.1"
#define NGINX_VER "nginx/" NGINX_VERSION
#ifdef NGX_BUILD
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/core/ngx_parse.c
^
|
| @@ -188,7 +188,7 @@
break;
case 'm':
- if (*p == 's') {
+ if (p < last && *p == 's') {
if (is_sec || step >= st_msec) {
return NGX_ERROR;
}
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/core/ngx_resolver.c
^
|
| @@ -59,15 +59,15 @@
static void ngx_resolver_cleanup(void *data);
static void ngx_resolver_cleanup_tree(ngx_resolver_t *r, ngx_rbtree_t *tree);
static ngx_int_t ngx_resolve_name_locked(ngx_resolver_t *r,
- ngx_resolver_ctx_t *ctx);
+ ngx_resolver_ctx_t *ctx, ngx_str_t *name);
static void ngx_resolver_expire(ngx_resolver_t *r, ngx_rbtree_t *tree,
ngx_queue_t *queue);
static ngx_int_t ngx_resolver_send_query(ngx_resolver_t *r,
ngx_resolver_node_t *rn);
-static ngx_int_t ngx_resolver_create_name_query(ngx_resolver_node_t *rn,
- ngx_resolver_ctx_t *ctx);
-static ngx_int_t ngx_resolver_create_addr_query(ngx_resolver_node_t *rn,
- ngx_resolver_ctx_t *ctx);
+static ngx_int_t ngx_resolver_create_name_query(ngx_resolver_t *r,
+ ngx_resolver_node_t *rn, ngx_str_t *name);
+static ngx_int_t ngx_resolver_create_addr_query(ngx_resolver_t *r,
+ ngx_resolver_node_t *rn, ngx_addr_t *addr);
static void ngx_resolver_resend_handler(ngx_event_t *ev);
static time_t ngx_resolver_resend(ngx_resolver_t *r, ngx_rbtree_t *tree,
ngx_queue_t *queue);
@@ -375,7 +375,7 @@
/* lock name mutex */
- rc = ngx_resolve_name_locked(r, ctx);
+ rc = ngx_resolve_name_locked(r, ctx, &ctx->name);
if (rc == NGX_OK) {
return NGX_OK;
@@ -402,7 +402,6 @@
void
ngx_resolve_name_done(ngx_resolver_ctx_t *ctx)
{
- uint32_t hash;
ngx_resolver_t *r;
ngx_resolver_ctx_t *w, **p;
ngx_resolver_node_t *rn;
@@ -422,11 +421,9 @@
/* lock name mutex */
- if (ctx->state == NGX_AGAIN) {
-
- hash = ngx_crc32_short(ctx->name.data, ctx->name.len);
+ if (ctx->state == NGX_AGAIN || ctx->state == NGX_RESOLVE_TIMEDOUT) {
- rn = ngx_resolver_lookup_name(r, &ctx->name, hash);
+ rn = ctx->node;
if (rn) {
p = &rn->waiting;
@@ -467,23 +464,28 @@
static ngx_int_t
-ngx_resolve_name_locked(ngx_resolver_t *r, ngx_resolver_ctx_t *ctx)
+ngx_resolve_name_locked(ngx_resolver_t *r, ngx_resolver_ctx_t *ctx,
+ ngx_str_t *name)
{
uint32_t hash;
ngx_int_t rc;
+ ngx_str_t cname;
ngx_uint_t naddrs;
ngx_addr_t *addrs;
- ngx_resolver_ctx_t *next;
+ ngx_resolver_ctx_t *next, *last;
ngx_resolver_node_t *rn;
- ngx_strlow(ctx->name.data, ctx->name.data, ctx->name.len);
+ ngx_strlow(name->data, name->data, name->len);
- hash = ngx_crc32_short(ctx->name.data, ctx->name.len);
+ hash = ngx_crc32_short(name->data, name->len);
- rn = ngx_resolver_lookup_name(r, &ctx->name, hash);
+ rn = ngx_resolver_lookup_name(r, name, hash);
if (rn) {
+ /* ctx can be a list after NGX_RESOLVE_CNAME */
+ for (last = ctx; last->next; last = last->next);
+
if (rn->valid >= ngx_time()) {
ngx_log_debug0(NGX_LOG_DEBUG_CORE, r->log, 0, "resolve cached");
@@ -511,7 +513,7 @@
}
}
- ctx->next = rn->waiting;
+ last->next = rn->waiting;
rn->waiting = NULL;
/* unlock name mutex */
@@ -551,13 +553,13 @@
if (ctx->recursion++ < NGX_RESOLVER_MAX_RECURSION) {
- ctx->name.len = rn->cnlen;
- ctx->name.data = rn->u.cname;
+ cname.len = rn->cnlen;
+ cname.data = rn->u.cname;
- return ngx_resolve_name_locked(r, ctx);
+ return ngx_resolve_name_locked(r, ctx, &cname);
}
- ctx->next = rn->waiting;
+ last->next = rn->waiting;
rn->waiting = NULL;
/* unlock name mutex */
@@ -576,10 +578,29 @@
if (rn->waiting) {
- ctx->next = rn->waiting;
+ if (ctx->event == NULL) {
+ ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t));
+ if (ctx->event == NULL) {
+ return NGX_ERROR;
+ }
+
+ ctx->event->handler = ngx_resolver_timeout_handler;
+ ctx->event->data = ctx;
+ ctx->event->log = r->log;
+ ctx->ident = -1;
+
+ ngx_add_timer(ctx->event, ctx->timeout);
+ }
+
+ last->next = rn->waiting;
rn->waiting = ctx;
ctx->state = NGX_AGAIN;
+ do {
+ ctx->node = rn;
+ ctx = ctx->next;
+ } while (ctx);
+
return NGX_AGAIN;
}
@@ -618,14 +639,14 @@
return NGX_ERROR;
}
- rn->name = ngx_resolver_dup(r, ctx->name.data, ctx->name.len);
+ rn->name = ngx_resolver_dup(r, name->data, name->len);
if (rn->name == NULL) {
ngx_resolver_free(r, rn);
return NGX_ERROR;
}
rn->node.key = hash;
- rn->nlen = (u_short) ctx->name.len;
+ rn->nlen = (u_short) name->len;
rn->query = NULL;
#if (NGX_HAVE_INET6)
rn->query6 = NULL;
@@ -634,7 +655,7 @@
ngx_rbtree_insert(&r->name_rbtree, &rn->node);
}
- rc = ngx_resolver_create_name_query(rn, ctx);
+ rc = ngx_resolver_create_name_query(r, rn, name);
if (rc == NGX_ERROR) {
goto failed;
@@ -647,8 +668,14 @@
ngx_resolver_free(r, rn->name);
ngx_resolver_free(r, rn);
- ctx->state = NGX_RESOLVE_NXDOMAIN;
- ctx->handler(ctx);
+ do {
+ ctx->state = NGX_RESOLVE_NXDOMAIN;
+ next = ctx->next;
+
+ ctx->handler(ctx);
+
+ ctx = next;
+ } while (ctx);
return NGX_OK;
}
@@ -669,9 +696,9 @@
}
ctx->event->handler = ngx_resolver_timeout_handler;
- ctx->event->data = rn;
+ ctx->event->data = ctx;
ctx->event->log = r->log;
- rn->ident = -1;
+ ctx->ident = -1;
ngx_add_timer(ctx->event, ctx->timeout);
}
@@ -692,6 +719,11 @@
ctx->state = NGX_AGAIN;
+ do {
+ ctx->node = rn;
+ ctx = ctx->next;
+ } while (ctx);
+
return NGX_AGAIN;
failed:
@@ -799,9 +831,22 @@
if (rn->waiting) {
+ ctx->event = ngx_resolver_calloc(r, sizeof(ngx_event_t));
+ if (ctx->event == NULL) {
+ return NGX_ERROR;
+ }
+
+ ctx->event->handler = ngx_resolver_timeout_handler;
+ ctx->event->data = ctx;
+ ctx->event->log = r->log;
+ ctx->ident = -1;
+
+ ngx_add_timer(ctx->event, ctx->timeout);
+
ctx->next = rn->waiting;
rn->waiting = ctx;
ctx->state = NGX_AGAIN;
+ ctx->node = rn;
/* unlock addr mutex */
@@ -843,7 +888,7 @@
ngx_rbtree_insert(tree, &rn->node);
}
- if (ngx_resolver_create_addr_query(rn, ctx) != NGX_OK) {
+ if (ngx_resolver_create_addr_query(r, rn, &ctx->addr) != NGX_OK) {
goto failed;
}
@@ -862,9 +907,9 @@
}
ctx->event->handler = ngx_resolver_timeout_handler;
- ctx->event->data = rn;
+ ctx->event->data = ctx;
ctx->event->log = r->log;
- rn->ident = -1;
+ ctx->ident = -1;
ngx_add_timer(ctx->event, ctx->timeout);
@@ -887,6 +932,7 @@
/* unlock addr mutex */
ctx->state = NGX_AGAIN;
+ ctx->node = rn;
return NGX_OK;
@@ -917,17 +963,11 @@
void
ngx_resolve_addr_done(ngx_resolver_ctx_t *ctx)
{
- in_addr_t addr;
ngx_queue_t *expire_queue;
ngx_rbtree_t *tree;
ngx_resolver_t *r;
ngx_resolver_ctx_t *w, **p;
- struct sockaddr_in *sin;
ngx_resolver_node_t *rn;
-#if (NGX_HAVE_INET6)
- uint32_t hash;
- struct sockaddr_in6 *sin6;
-#endif
r = ctx->resolver;
@@ -954,23 +994,9 @@
/* lock addr mutex */
- if (ctx->state == NGX_AGAIN) {
-
- switch (ctx->addr.sockaddr->sa_family) {
-
-#if (NGX_HAVE_INET6)
- case AF_INET6:
- sin6 = (struct sockaddr_in6 *) ctx->addr.sockaddr;
- hash = ngx_crc32_short(sin6->sin6_addr.s6_addr, 16);
- rn = ngx_resolver_lookup_addr6(r, &sin6->sin6_addr, hash);
- break;
-#endif
+ if (ctx->state == NGX_AGAIN || ctx->state == NGX_RESOLVE_TIMEDOUT) {
- default: /* AF_INET */
- sin = (struct sockaddr_in *) ctx->addr.sockaddr;
- addr = ntohl(sin->sin_addr.s_addr);
- rn = ngx_resolver_lookup_addr(r, addr);
- }
+ rn = ctx->node;
if (rn) {
p = &rn->waiting;
@@ -1292,7 +1318,7 @@
times = 0;
for (q = ngx_queue_head(&r->name_resend_queue);
- q != ngx_queue_sentinel(&r->name_resend_queue) || times++ < 100;
+ q != ngx_queue_sentinel(&r->name_resend_queue) && times++ < 100;
q = ngx_queue_next(q))
{
rn = ngx_queue_data(q, ngx_resolver_node_t, queue);
@@ -1955,20 +1981,39 @@
ngx_queue_insert_head(&r->name_expire_queue, &rn->queue);
+ ngx_resolver_free(r, rn->query);
+ rn->query = NULL;
+#if (NGX_HAVE_INET6)
+ rn->query6 = NULL;
+#endif
+
ctx = rn->waiting;
rn->waiting = NULL;
if (ctx) {
- ctx->name = name;
- (void) ngx_resolve_name_locked(r, ctx);
- }
+ if (ctx->recursion++ >= NGX_RESOLVER_MAX_RECURSION) {
- ngx_resolver_free(r, rn->query);
- rn->query = NULL;
-#if (NGX_HAVE_INET6)
- rn->query6 = NULL;
-#endif
+ /* unlock name mutex */
+
+ do {
+ ctx->state = NGX_RESOLVE_NXDOMAIN;
+ next = ctx->next;
+
+ ctx->handler(ctx);
+
+ ctx = next;
+ } while (ctx);
+
+ return;
+ }
+
+ for (next = ctx; next; next = next->next) {
+ next->node = NULL;
+ }
+
+ (void) ngx_resolve_name_locked(r, ctx, &name);
+ }
/* unlock name mutex */
@@ -2476,27 +2521,23 @@
static ngx_int_t
-ngx_resolver_create_name_query(ngx_resolver_node_t *rn, ngx_resolver_ctx_t *ctx)
+ngx_resolver_create_name_query(ngx_resolver_t *r, ngx_resolver_node_t *rn,
+ ngx_str_t *name)
{
u_char *p, *s;
size_t len, nlen;
ngx_uint_t ident;
-#if (NGX_HAVE_INET6)
- ngx_resolver_t *r;
-#endif
ngx_resolver_qs_t *qs;
ngx_resolver_hdr_t *query;
- nlen = ctx->name.len ? (1 + ctx->name.len + 1) : 1;
+ nlen = name->len ? (1 + name->len + 1) : 1;
len = sizeof(ngx_resolver_hdr_t) + nlen + sizeof(ngx_resolver_qs_t);
#if (NGX_HAVE_INET6)
- r = ctx->resolver;
-
- p = ngx_resolver_alloc(ctx->resolver, r->ipv6 ? len * 2 : len);
+ p = ngx_resolver_alloc(r, r->ipv6 ? len * 2 : len);
#else
- p = ngx_resolver_alloc(ctx->resolver, len);
+ p = ngx_resolver_alloc(r, len);
#endif
if (p == NULL) {
return NGX_ERROR;
@@ -2515,8 +2556,8 @@
ident = ngx_random();
- ngx_log_debug2(NGX_LOG_DEBUG_CORE, ctx->resolver->log, 0,
- "resolve: \"%V\" A %i", &ctx->name, ident & 0xffff);
+ ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0,
+ "resolve: \"%V\" A %i", name, ident & 0xffff);
query->ident_hi = (u_char) ((ident >> 8) & 0xff);
query->ident_lo = (u_char) (ident & 0xff);
@@ -2546,11 +2587,11 @@
p--;
*p-- = '\0';
- if (ctx->name.len == 0) {
+ if (name->len == 0) {
return NGX_DECLINED;
}
- for (s = ctx->name.data + ctx->name.len - 1; s >= ctx->name.data; s--) {
+ for (s = name->data + name->len - 1; s >= name->data; s--) {
if (*s != '.') {
*p = *s;
len++;
@@ -2586,8 +2627,8 @@
ident = ngx_random();
- ngx_log_debug2(NGX_LOG_DEBUG_CORE, ctx->resolver->log, 0,
- "resolve: \"%V\" AAAA %i", &ctx->name, ident & 0xffff);
+ ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0,
+ "resolve: \"%V\" AAAA %i", name, ident & 0xffff);
query->ident_hi = (u_char) ((ident >> 8) & 0xff);
query->ident_lo = (u_char) (ident & 0xff);
@@ -2604,11 +2645,12 @@
static ngx_int_t
-ngx_resolver_create_addr_query(ngx_resolver_node_t *rn, ngx_resolver_ctx_t *ctx)
+ngx_resolver_create_addr_query(ngx_resolver_t *r, ngx_resolver_node_t *rn,
+ ngx_addr_t *addr)
{
u_char *p, *d;
size_t len;
- in_addr_t addr;
+ in_addr_t inaddr;
ngx_int_t n;
ngx_uint_t ident;
ngx_resolver_hdr_t *query;
@@ -2617,7 +2659,7 @@
struct sockaddr_in6 *sin6;
#endif
- switch (ctx->addr.sockaddr->sa_family) {
+ switch (addr->sockaddr->sa_family) {
#if (NGX_HAVE_INET6)
case AF_INET6:
@@ -2634,7 +2676,7 @@
+ sizeof(ngx_resolver_qs_t);
}
- p = ngx_resolver_alloc(ctx->resolver, len);
+ p = ngx_resolver_alloc(r, len);
if (p == NULL) {
return NGX_ERROR;
}
@@ -2658,11 +2700,11 @@
p += sizeof(ngx_resolver_hdr_t);
- switch (ctx->addr.sockaddr->sa_family) {
+ switch (addr->sockaddr->sa_family) {
#if (NGX_HAVE_INET6)
case AF_INET6:
- sin6 = (struct sockaddr_in6 *) ctx->addr.sockaddr;
+ sin6 = (struct sockaddr_in6 *) addr->sockaddr;
for (n = 15; n >= 0; n--) {
p = ngx_sprintf(p, "\1%xd\1%xd",
@@ -2677,11 +2719,11 @@
default: /* AF_INET */
- sin = (struct sockaddr_in *) ctx->addr.sockaddr;
- addr = ntohl(sin->sin_addr.s_addr);
+ sin = (struct sockaddr_in *) addr->sockaddr;
+ inaddr = ntohl(sin->sin_addr.s_addr);
for (n = 0; n < 32; n += 8) {
- d = ngx_sprintf(&p[1], "%ud", (addr >> n) & 0xff);
+ d = ngx_sprintf(&p[1], "%ud", (inaddr >> n) & 0xff);
*p = (u_char) (d - &p[1]);
p = d;
}
@@ -2795,21 +2837,13 @@
static void
ngx_resolver_timeout_handler(ngx_event_t *ev)
{
- ngx_resolver_ctx_t *ctx, *next;
- ngx_resolver_node_t *rn;
+ ngx_resolver_ctx_t *ctx;
- rn = ev->data;
- ctx = rn->waiting;
- rn->waiting = NULL;
+ ctx = ev->data;
- do {
- ctx->state = NGX_RESOLVE_TIMEDOUT;
- next = ctx->next;
-
- ctx->handler(ctx);
+ ctx->state = NGX_RESOLVE_TIMEDOUT;
- ctx = next;
- } while (ctx);
+ ctx->handler(ctx);
}
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/core/ngx_resolver.h
^
|
| @@ -51,15 +51,11 @@
typedef struct {
- /* PTR: resolved name, A: name to resolve */
- u_char *name;
-
+ ngx_rbtree_node_t node;
ngx_queue_t queue;
- /* event ident must be after 3 pointers as in ngx_connection_t */
- ngx_int_t ident;
-
- ngx_rbtree_node_t node;
+ /* PTR: resolved name, A: name to resolve */
+ u_char *name;
#if (NGX_HAVE_INET6)
/* PTR: IPv6 address to resolve (IPv4 address is in rbtree node key) */
@@ -147,6 +143,9 @@
ngx_resolver_t *resolver;
ngx_udp_connection_t *udp_connection;
+ /* event ident must be after 3 pointers as in ngx_connection_t */
+ ngx_int_t ident;
+
ngx_int_t state;
ngx_str_t name;
@@ -162,6 +161,8 @@
ngx_uint_t quick; /* unsigned quick:1; */
ngx_uint_t recursion;
ngx_event_t *event;
+
+ ngx_resolver_node_t *node;
};
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/event/modules/ngx_epoll_module.c
^
|
| @@ -329,7 +329,7 @@
#if (NGX_HAVE_EVENTFD)
if (ngx_epoll_notify_init(cycle->log) != NGX_OK) {
- return NGX_ERROR;
+ ngx_epoll_module_ctx.actions.notify = NULL;
}
#endif
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/event/ngx_event_openssl.c
^
|
| @@ -1038,6 +1038,8 @@
sc->buffer = ((flags & NGX_SSL_BUFFER) != 0);
sc->buffer_size = ssl->buffer_size;
+ sc->session_ctx = ssl->ctx;
+
sc->connection = SSL_new(ssl->ctx);
if (sc->connection == NULL) {
@@ -2303,7 +2305,7 @@
c = ngx_ssl_get_connection(ssl_conn);
- ssl_ctx = SSL_get_SSL_CTX(ssl_conn);
+ ssl_ctx = c->ssl->session_ctx;
shm_zone = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_session_cache_index);
cache = shm_zone->data;
@@ -2441,21 +2443,17 @@
ngx_ssl_sess_id_t *sess_id;
ngx_ssl_session_cache_t *cache;
u_char buf[NGX_SSL_MAX_SESSION_SIZE];
-#if (NGX_DEBUG)
ngx_connection_t *c;
-#endif
hash = ngx_crc32_short(id, (size_t) len);
*copy = 0;
-#if (NGX_DEBUG)
c = ngx_ssl_get_connection(ssl_conn);
ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0,
"ssl get session: %08XD:%d", hash, len);
-#endif
- shm_zone = SSL_CTX_get_ex_data(SSL_get_SSL_CTX(ssl_conn),
+ shm_zone = SSL_CTX_get_ex_data(c->ssl->session_ctx,
ngx_ssl_session_cache_index);
cache = shm_zone->data;
@@ -2834,13 +2832,14 @@
SSL_CTX *ssl_ctx;
ngx_uint_t i;
ngx_array_t *keys;
+ ngx_connection_t *c;
ngx_ssl_session_ticket_key_t *key;
#if (NGX_DEBUG)
u_char buf[32];
- ngx_connection_t *c;
#endif
- ssl_ctx = SSL_get_SSL_CTX(ssl_conn);
+ c = ngx_ssl_get_connection(ssl_conn);
+ ssl_ctx = c->ssl->session_ctx;
keys = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_session_ticket_keys_index);
if (keys == NULL) {
@@ -2849,10 +2848,6 @@
key = keys->elts;
-#if (NGX_DEBUG)
- c = ngx_ssl_get_connection(ssl_conn);
-#endif
-
if (enc == 1) {
/* encrypt session ticket */
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/event/ngx_event_openssl.h
^
|
| @@ -46,6 +46,7 @@
typedef struct {
ngx_ssl_conn_t *connection;
+ SSL_CTX *session_ctx;
ngx_int_t last;
ngx_buf_t *buf;
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/http/ngx_http.c
^
|
| @@ -1220,7 +1220,7 @@
{
u_char *p;
size_t len, off;
- ngx_uint_t i, default_server;
+ ngx_uint_t i, default_server, proxy_protocol;
struct sockaddr *sa;
ngx_http_conf_addr_t *addr;
#if (NGX_HAVE_UNIX_DOMAIN)
@@ -1281,6 +1281,8 @@
/* preserve default_server bit during listen options overwriting */
default_server = addr[i].opt.default_server;
+ proxy_protocol = lsopt->proxy_protocol || addr[i].opt.proxy_protocol;
+
#if (NGX_HTTP_SSL)
ssl = lsopt->ssl || addr[i].opt.ssl;
#endif
@@ -1314,6 +1316,7 @@
}
addr[i].opt.default_server = default_server;
+ addr[i].opt.proxy_protocol = proxy_protocol;
#if (NGX_HTTP_SSL)
addr[i].opt.ssl = ssl;
#endif
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/http/ngx_http_core_module.c
^
|
| @@ -1272,7 +1272,9 @@
*e.pos = '\0';
- if (alias && ngx_strncmp(name, clcf->name.data, alias) == 0) {
+ if (alias && alias != NGX_MAX_SIZE_T_VALUE
+ && ngx_strncmp(name, r->uri.data, alias) == 0)
+ {
ngx_memmove(name, name + alias, len - alias);
path.len -= alias;
}
@@ -1355,6 +1357,8 @@
}
} else {
+ name = r->uri.data;
+
r->uri.len = alias + path.len;
r->uri.data = ngx_pnalloc(r->pool, r->uri.len);
if (r->uri.data == NULL) {
@@ -1362,8 +1366,8 @@
return NGX_OK;
}
- p = ngx_copy(r->uri.data, clcf->name.data, alias);
- ngx_memcpy(p, name, path.len);
+ p = ngx_copy(r->uri.data, name, alias);
+ ngx_memcpy(p, path.data, path.len);
}
ngx_http_set_exten(r);
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/http/ngx_http_request.c
^
|
| @@ -770,24 +770,32 @@
{
unsigned int len;
const unsigned char *data;
+ ngx_http_connection_t *hc;
static const ngx_str_t spdy = ngx_string(NGX_SPDY_NPN_NEGOTIATED);
+ hc = c->data;
+
+ if (hc->addr_conf->spdy) {
+
#ifdef TLSEXT_TYPE_application_layer_protocol_negotiation
- SSL_get0_alpn_selected(c->ssl->connection, &data, &len);
+ SSL_get0_alpn_selected(c->ssl->connection, &data, &len);
#ifdef TLSEXT_TYPE_next_proto_neg
- if (len == 0) {
- SSL_get0_next_proto_negotiated(c->ssl->connection, &data, &len);
- }
+ if (len == 0) {
+ SSL_get0_next_proto_negotiated(c->ssl->connection, &data, &len);
+ }
#endif
#else /* TLSEXT_TYPE_next_proto_neg */
- SSL_get0_next_proto_negotiated(c->ssl->connection, &data, &len);
+ SSL_get0_next_proto_negotiated(c->ssl->connection, &data, &len);
#endif
- if (len == spdy.len && ngx_strncmp(data, spdy.data, spdy.len) == 0) {
- ngx_http_spdy_init(c->read);
- return;
+ if (len == spdy.len
+ && ngx_strncmp(data, spdy.data, spdy.len) == 0)
+ {
+ ngx_http_spdy_init(c->read);
+ return;
+ }
}
}
#endif
|
|
[-]
[+]
|
Changed |
nginx-1.8.1.tar.bz2/src/http/ngx_http_upstream.c
^
|
| @@ -530,15 +530,24 @@
r->write_event_handler = ngx_http_request_empty_handler;
- if (rc == NGX_DONE) {
- return;
- }
-
if (rc == NGX_ERROR) {
ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return;
}
+ if (rc == NGX_OK) {
+ rc = ngx_http_upstream_cache_send(r, u);
+
+ if (rc == NGX_DONE) {
+ return;
+ }
+
+ if (rc == NGX_HTTP_UPSTREAM_INVALID_HEADER) {
+ rc = NGX_DECLINED;
+ r->cached = 0;
+ }
+ }
+
if (rc != NGX_DECLINED) {
ngx_http_finalize_request(r, rc);
return;
@@ -833,13 +842,7 @@
case NGX_OK:
- rc = ngx_http_upstream_cache_send(r, u);
-
- if (rc != NGX_HTTP_UPSTREAM_INVALID_HEADER) {
- return rc;
- }
-
- break;
+ return NGX_OK;
case NGX_HTTP_CACHE_STALE:
|
