| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
No functional changes.
|
|
Previously, entries of any type were counted during object allocation
but only DNS type entries were actually processed. As a result,
if some certificate entries had another type, returning information
about the certificate caused uninitialized memory access.
|
|
Test case: "send a text message split into two fragments, then a continuation
frame with FIN = false where there is nothing to continue, then an unfragmented
text message, all sent in one chop".
The test case investigates immediate connection closing since there is no
message to continue.
The mirror server may send a response for the first frame before the test
сontinuation frame is received by the router. In this case, the test will
receive a text frame before the close frame.
|
|
This is a workaround for an issue in OpenSSL 1.1.1, where the /dev/random and
/dev/urandom files remain open after all listening sockets were removed:
- https://github.com/openssl/openssl/issues/7419
|
|
It feels to be causing more harm than good, because syslog() can be blocking,
which is even more critical under resource exhaustion conditions when some
alerts are expected.
|
|
|
|
This closes #525 issue on GitHub.
|
|
The Ruby interpreter expects an explicit setlocale() call before initialization
to pick up character encodings in the "Encoding" class from the environment.
This closes #531 issue on GitHub.
|
|
It appears that readdir() on Linux detects file types unreliably, always setting
the "d_type" field to DT_UNKNOWN for some less common filesystems. As a result,
all files were skipped and no certificate bundles were found when the state
directory was located on such filesystems.
Skipping "." and ".." instead of any non-regular files should be enough, as no
other non-regular files normally appear in this directory.
This closes #368 issue on GitHub.
|
|
An immediate return statement on connection errors was mistakenly added to the
beginning of nxt_openssl_conn_io_shutdown() in ecd3c5bbf7d8, breaking the TLS
connection finalization procedure. As a result, a TLS connection was left
unfinalized if it had been closed prematurely or a fatal protocol error had
occurred, which caused memory and socket descriptor leakage.
Moreover, in some cases (notably, on handshake errors in tests with kqueue on
macOS) the read event was triggered later and nxt_h1p_conn_error() was called
the second time; after the change in af93c866b4f0, the latter call crashed the
router process in an attempt to remove a connection from the idle queue twice.
|
|
This fixes file descriptor leakage in router. Shared memory file used to
send data from router to application. These files are shared among all
processes of same application and router keeps the opened file descriptor since
06017e6e3a5f commit.
|
|
pthread_t on Solaris is an integer type with size not equal to pointer size.
To avoid warnings, type casts to and from pointer needs to be done via
uintptr_t type.
This change originally proposed by Juraj Lutter <juraj@lutter.sk>.
|
|
Instead of PTHREAD_STACK_MIN define, NetBSD requires to get minimum stack
size using sysctl(_SC_THREAD_STACK_MIN).
This change originally proposed by Juraj Lutter <juraj@lutter.sk>.
|
|
|
|
|
|
|
|
|
|
|
|
Now Unit do not restart after each test by default.
|
|
|
|
It is needed for docker-entrypoint scripts to work.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Shared app queue takes more memory than port memory. To unmap all memory pages
correct size need to be specified for munmap() call. Otherwise 4 Mb memory
leaked on each configured application removal.
The issue was introduced in 1d84b9e4b459.
|
|
For listen socket request reply port can be NULL if Router crashes immediately
after issuing the request.
Found by Coverity (CID 366310).
|
|
This patch is required to remove fragmented messages functionality.
|
|
Automatic synchronisation is now set up, so manual pushes to AWS ECR are
discouraged.
|
|
This closes #467 issue on GitHub.
|
|
|
|
Language versions are bumped to:
- python 3.9
- ruby 2.7
- go 1.15
- node 15
- perl 5.32
Removed images:
- python 2.7 due to EOL
- full/latest due to incompatibility with the new scheme
|
|
|
|
|
|
After WebSocket processing, the application port was released with incorrect
reason ("got request"), unnecessarily decrementing the active request counter.
The assertion was triggered only on application removal; a test was added
for this case.
|
|
The controller process awaits the response from the router for every
configration change request. This patch adds error reporting for various error
conditions which may happen because of file descriptors or memory shortage.
Lack of a response lead to the controller awaiting the response, thus being
unable to process other client reconfiguration requests that also became stuck.
|
|
|
|
Each application in router process required fd for a request queue shared
memory. When the number of file descripts close to the limit, and port sockets
successfully opened, router needs to properly handle the errors.
This patch closes port sockets before destroying port structure to avoid
file descriptors leakage and assertion in debug build.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Since wait_for_record() was introduced there is no need
to stop Unit before parsing unit.log.
|
|
Running `test_respawn_` test cases on a machine with Unit
daemon in background would fail tests because `ps ax` was
used without filtering out other unit instances.
This patch also prevents from tests killing other Unit
processes not related to tests.
|
|
The mount points are unmounted in the main process after it
detects the app process died. By testing the `tmpfs: true`
first, it happens that main could start the `tmpfs: false`
test case before main cleans the old process mount points.
|
