summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)AuthorFilesLines
2024-01-10Docs: replaced the slack community links with GitHub DiscussionsTaryn Musgrave2-2/+2
2023-12-14HTTP: added TSTR validation flag to the rewrite option.Zhidao HONG1-0/+1
This is to improve error messages for rewrite configuration. Take the configuration as an example: { "rewrite": "`${a + " } Previously, when applying it the user would see this error message: failed to apply previous configuration After this change, the user will see this improved error message: the previous configuration is invalid: "SyntaxError: Unexpected end of input in default:1" in the "rewrite" value.
2023-12-13Ruby: Prevent a possible integer underflowAndrew Clayton1-2/+8
Coverity picked up a potential issue with the previous commit d9f5f1fb7 ("Ruby: Handle response field arrays") in that a size_t could wrap around to SIZE_MAX - 1. This would happen if we were given an empty array of header values. Fixes: d9f5f1fb7 ("Ruby: Handle response field arrays") Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-12-08Ruby: Handle response field arraysAndrew Clayton1-3/+68
@xeron on GitHub reported an issue whereby with a Rails 7.1 application they were getting the following error 2023/10/22 20:57:28 [error] 56#56 [unit] #8: Ruby: Wrong header entry 'value' from application 2023/10/22 20:57:28 [error] 56#56 [unit] #8: Ruby: Failed to run ruby script After some back and forth debugging it turns out rack was trying to send back a header comprised of an array of values. E.g app = Proc.new do |env| ["200", { "Content-Type" => "text/plain", "X-Array-Header" => ["Item-1", "Item-2"], }, ["Hello World\n"]] end run app It seems this became a possibility in rack v3.0[0] So along with a header value type of T_STRING we need to also allow T_ARRAY. If we get a T_ARRAY we need to build up the header field using the given values. E.g "X-Array-Header" => ["Item-1", "", "Item-3", "Item-4"], becomes X-Array-Header: Item-1; ; Item-3; Item-4 [0]: <https://github.com/rack/rack/blob/main/UPGRADE-GUIDE.md?plain=1#L26> Reported-by: Ivan Larionov <xeron.oskom@gmail.com> Closes: <https://github.com/nginx/unit/issues/974> Link: <https://github.com/nginx/unit/pull/998> Tested-by: Timo Stark <t.stark@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-12-06.mailmap: Set correct address for DanielleAndrew Clayton1-0/+1
Due to GH making a mess of merge commits, it used Danielle's personal email address for the merge, it also used a generic GH address for the committer but we can't do anything about that. However we can fix the 'Author' email address. If for some reason you want to see the original names/addresses used you can generally pass --no-mailmap to git commands. Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-12-05Merge pull request #1017 from danielledeleo/ldflags-brewDani De Leo1-0/+14
Go: Use Homebrew include paths
2023-12-05Go: Use Homebrew include pathsDanielle De Leo1-0/+14
Fixes nginx/unit#967
2023-11-29Update third-party components for the Java module.Sergey A. Osokin3-13/+13
2023-11-21Fix port number in listener object for php hello world app.Chris Adams1-1/+1
Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-21Red Hat should always be spelled as two words.Andrew Clayton1-1/+1
Link: <https://www.redhat.com/en/about/brand/new-brand/details> Link: <https://www.redhat.com/en/about/brand/standards/trademarks> Cc: Artem Konev <artem.konev@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-20Fixed the MD5Encoder deprecation warning.Sergey A. Osokin1-2/+2
2023-11-17Tests: added more expected Ruby features.Andrei Zeliankou3-0/+27
2023-11-17Tests: Ruby input.rewind is no longer required.Andrei Zeliankou2-17/+0
For more information see: https://github.com/rack/rack/commit/42aff22f708123839ba706cbe659d108b47c40c7
2023-11-17Node.js: ServerResponse.flushHeaders() implemented.Andrei Zeliankou4-0/+22
This closes #1006 issue on GitHub. Reviewed-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-15PHP: Fix a possible file-pointer leak.Andrew Clayton1-0/+2
In nxt_php_execute() it is possible we could bail out before cleaning up the FILE * representing the PHP script to execute. At this point we only need to call fclose(3) on it. We could have possibly moved the opening of this file to later in the function, but it is probably good to bail out as early as possible if we can't open it. This was found by Coverity. Fixes: bebc03c72 ("PHP: Implement better error handling.") Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-14Fix comments for src/nxt_unit.h.Andrei Vasiliu1-19/+19
This fixes some typos and grammatical errors in the comments of src/nxt_unit.h Link: <https://github.com/nginx/unit/pull/889> [ Adjust summary and write commit message as this just contains the fixes from the PR and not actual changes - Andrew ] Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-10Define nxt_cpu_pause for ARM64.David CARLIER1-0/+4
The isb instruction fits for spin loops where it allows to save cpu power. Reviewed-by: Andrew Clayton <a.clayton@nginx.com> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-09Python: Fix header field values character encoding.Andrew Clayton1-2/+28
On GitHub, @RomainMou reported an issue whereby HTTP header field values where being incorrectly reported as non-ascii by the Python .isacii() method. For example, using the following test application def application(environ, start_response): t = environ['HTTP_ASCIITEST'] t = "'" + t + "'" + " (" + str(len(t)) + ")" if t.isascii(): t = t + " [ascii]" else: t = t + " [non-ascii]" resp = t + "\n\n" start_response("200 OK", [("Content-Type", "text/plain")]) return (bytes(resp, 'latin1')) You would see the following $ curl -H "ASCIITEST: $" http://localhost:8080/ '$' (1) [non-ascii] '$' has an ASCII code of 0x24 (36). The initial idea was to adjust the second parameter to the PyUnicode_New() call from 255 to 127. This unfortunately had the opposite effect. $ curl -H "ASCIITEST: $" http://localhost:8080/ '$' (1) [ascii] Good. However... $ curl -H "ASCIITEST: £" http://localhost:8080/ '£' (2) [ascii] Not good. Let's take a closer look at this. '£' is not in basic ASCII, but is in extended ASCII with a value of 0xA3 (163). Its UTF-8 encoding is 0xC2 0xA3, hence the length of 2 bytes above. $ strace -s 256 -e sendto,recvfrom curl -H "ASCIITEST: £" http://localhost:8080/ sendto(5, "GET / HTTP/1.1\r\nHost: localhost:8080\r\nUser-Agent: curl/8.0.1\r\nAccept: */*\r\nASCIITEST: \302\243\r\n\r\n", 92, MSG_NOSIGNAL, NULL, 0) = 92 recvfrom(5, "HTTP/1.1 200 OK\r\nContent-Type: text/plain\r\nServer: Unit/1.30.0\r\nDate: Mon, 22 May 2023 12:44:11 GMT\r\nTransfer-Encoding: chunked\r\n\r\n12\r\n'\302\243' (2) [ascii]\n\n\r\n0\r\n\r\n", 102400, 0, NULL, NULL) = 160 '£' (2) [ascii] So we can see curl sent it UTF-8 encoded '\302\243\' which is C octal escaped UTF-8 for 0xC2 0xA3, and we got the same back. But it should not be marked as ASCII. When doing PyUnicode_New(size, 127) it sets the buffer as ASCII. So we need to use another function and that function would appear to be PyUnicode_DecodeCharmap() Which creates an Unicode object with the correct ascii/non-ascii properties based on the character encoding. With this function we now get $ curl -H "ASCIITEST: $" http://localhost:8080/ '$' (1) [ascii] $ curl -H "ASCIITEST: £" http://localhost:8080/ '£' (2) [non-ascii] and for good measure $ curl -H "ASCIITEST: $ £" http://localhost:8080/ '$ £' (4) [non-ascii] $ curl -H "ASCIITEST: $" -H "ASCIITEST: £" http://localhost:8080/ '$, £' (5) [non-ascii] PyUnicode_DecodeCharmap() does require having the full string upfront so we need to build up the potentially comma separated header field values string before invoking this function. I did not want to touch the Python 2.7 code (which may or may not even be affected by this) so kept these changes completely isolated from that, hence a slight duplication with the for () loop. Python 2.7 was sunset on January 1st 2020[0], so this code will hopefully just disappear soon anyway. I also purposefully didn't touch other code that may well have similar issues (such as the HTTP header field names) if we ever get issue reports about them, we'll deal with them then. [0]: <https://www.python.org/doc/sunset-python-2/> Link: <https://docs.python.org/3/c-api/unicode.html> Closes: <https://github.com/nginx/unit/issues/868> Reported-by: RomainMou <https://github.com/RomainMou> Tested-by: RomainMou <https://github.com/RomainMou> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-08Python: Do nxt_unit_sptr_get() earlier in nxt_python_field_value().Andrew Clayton1-1/+2
This is a preparatory patch for fixing an issue with the encoding of http header field values. This patch simply moves the nxt_unit_sptr_get() to the top of the function where we will need it in the next commit. Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-11-08Tests: 8XXX used as default port range.Andrei Zeliankou101-412/+412
After the launch of the project, the testing infrastructure was shared with nginx project in some cases. To avoid port overlap, a decision was made to shift the port range for Unit tests. This problem was resolved a long time ago and is no longer relevant, so it is now safe to use port 8XXX range as the default, as it is more appropriate for testing purposes.
2023-11-08Var: simplified length calculation for $status variable.Andrei Zeliankou1-3/+2
2023-11-08Var: $request_id variable.Andrei Zeliankou3-0/+59
This variable contains a string that is formed using random data and can be used as a unique request identifier. This closes #714 issue on GitHub.
2023-11-02Removed trailing 0 from debug message in nxt_credential_get().Zhidao HONG1-2/+5
2023-10-26Version bump.Andrei Zeliankou2-2/+32
2023-10-25.mailmap: updated address for Alex.Alejandro Colomar1-2/+3
Signed-off-by: Alejandro Colomar <alx@kernel.org> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-10-19Unit 1.31.1 release.Andrei Zeliankou1-0/+1
2023-10-17Generated Dockerfiles for Unit 1.31.1.1.31.1Andrei Zeliankou12-24/+24
2023-10-19Added version 1.31.1 CHANGES.Andrei Zeliankou2-2/+29
2023-10-19Edited changes.xml for the 1.31.1 release.Andrei Zeliankou1-0/+58
2023-10-19Prepearing for 1.31.1 release.Andrei Zeliankou3-6/+6
2023-10-18Tools: unitc remote mode edit fix.Liam Crilly1-2/+2
Previously, the edit method created a temporary file that was then sent to curl(1) as --data-binary @filename.tmp. This did not work with remote instances because the temporary file is not on the remote host. The edit method now passes the configuration to curl(1) using stdin, the same way as for all other configuration changes.
2023-10-17Update third-party components for the Java module.Sergey A. Osokin3-11/+11
2023-10-13contrib: updated njs to 0.8.1.Konstantin Pavlov2-2/+2
2023-09-26Node.js: provide reasonable default paths for macOS.Konstantin Pavlov1-3/+22
2023-10-16Tools: unitc Docker mode.Liam Crilly2-21/+43
Introduces a new remote host scheme docker:// that specifies a local container ID. By default, the control socket is assumed to be in the default location, as per the Docker Official Images for Unit. If not, the path to the control socket can be appended to the container ID.
2023-10-11Tests: added PHP test with rewrite and query string.Andrei Zeliankou1-0/+30
This test reproduces https://github.com/nginx/unit/issues/964.
2023-10-11Rewrite and response headers mentioned in OpenAPI.Andrei Zeliankou1-1/+41
2023-10-10Wasm: Re-add a removed 'const' qualifier in nxt_rt_wasmtime.c.Andrew Clayton2-2/+2
This was inadvertently removed in 76086d6d ("Wasm: Allow to set the HTTP response status.") Fixes: 76086d6d ("Wasm: Allow to set the HTTP response status.") Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-10-10Update third-party components for the Java module.Sergey A. Osokin3-15/+15
2023-10-10Tools: unitc YAML mode.Liam Crilly2-7/+55
Added --format option to manage configuration in other formats. Initially, YAML is the only supported conversion format. JSON/YAML conversion is performed with yq(1). Suggested by: Torstein Krause Johansen <https://github.com/skybert> Closes: #958 <https://github.com/nginx/unit/issues/958>
2023-10-10Refactored nxt_vsprintf().Zhidao HONG1-9/+8
2023-10-06Update third-party components for the Java module.Sergey A. Osokin3-17/+17
2023-10-05HTTP: Fix URL with query string rewrite.Andrew Clayton1-0/+1
On Github, @rlandgrebe reported an issue when trying to rewrite URLs that contained query strings. With the PHP language module we were in fact segfaulting (SIGSEGV) in libphp [93960.462952] unitd[20940]: segfault at 7f307cef6476 ip 00007f2f81a94577 sp 00007fff28a777d0 error 4 in libphp-8.2.so[7f2f818df000+2fd000] likely on CPU 0 (core 0, socket 0) #0 0x00007f2abd494577 in php_default_treat_data (arg=1, str=0x0, destArray=<optimized out>) at /usr/src/debug/php-8.2.10-1.fc38.x86_64/main/php_variables.c:488 488 if (c_var && *c_var) { (gdb) p c_var $1 = 0x7f2bb8880676 <error: Cannot access memory at address 0x7f2bb8880676> This was when trying to get the query string which somehow is pointing off into the woods. This gdb debug session when doing rewrite basically shows the core of the issue (gdb) x /64bs req->fields ... 0x7f7eaaaa8090: "GET" 0x7f7eaaaa8094: "HTTP/1.1" 0x7f7eaaaa809d: "::1" 0x7f7eaaaa80a1: "::1" 0x7f7eaaaa80a5: "8080" 0x7f7eaaaa80aa: "localhost" 0x7f7eaaaa80b4: "/test?q=a" 0x7f7eaaaa80be: "/test" ... (gdb) p target_pos $4 = (void *) 0x7f7eaaaa80b4 (gdb) p query_pos $6 = (void *) 0x7f7eaaaa6af6 (gdb) p r->args->start $8 = (u_char *) 0x7f7ea4002b02 "q=a HTTP/1.1\r\nHost: localhost:8080\r\nUser-Agent: curl/8.0.1\r\nAccept: */*\r\n\r\n" (gdb) p r->target.start $9 = (u_char *) 0x7f7ea40040c0 "/test?q=a" That last address, 0x7f7ea40040c0, looks out of wack, it should be smaller than r->args->start. That results in a calculation in nxt_router_prepare_msg() if (r->args->start != NULL) { query_pos = nxt_pointer_to(target_pos, r->args->start - r->target.start); nxt_unit_sptr_set(&req->query, query_pos); } else { that goes negative that then is stored in req->query.offset which is a uint32_t and so wraps backwards from UINT_MAX to give us an offset of a little under 4GiB, hence the above invalid memory access. All this happens due to in nxt_http_rewrite() if we have a URL with a query string, we create a new memory allocation to store the transformed URL and query string. We set r->target to point to this new allocation, but we also need to point r->args->start to the start of the query string in this new allocation. Reported-by: René Landgrebe <https://github.com/rlandgrebe> Tested-by: René Landgrebe <https://github.com/rlandgrebe> Tested-by: Liam Crilly <liam.crilly@nginx.com> Fixes: 14d6d97b ("HTTP: added basic URI rewrite.") Closes: <https://github.com/nginx/unit/issues/964> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-10-04Docker: fix HTML escaping.Liam Crilly1-1/+1
2023-10-04Proxy mentioned in OpenAPI.Andrei Zeliankou1-0/+15
2023-10-03Tools: unitc quiet mode fix for macOS.Liam Crilly1-1/+1
head -c 0 does not work on macOS (invalid byte count) but tail(1) is happy to accept zero bytes, and does not have a performance penalty.
2023-10-02Tests: added Java test with multiple headers.Andrei Zeliankou1-0/+17
This test reproduce https://github.com/nginx/unit/issues/923.
2023-10-02Added routes array to the default configuration.Liam Crilly1-2/+3
The default configuration previously contained just a listeners and applications object. Since routes is now a principle configuration object, and a recommended way of configurating Unit, it is now included in the default configuration. This change benefits new users because it explicitly introduces the three principle configuration objects which leads more intuitively to the documentation. Experienced users may choose to ignore or delete routes. routes is defined as an array instead of an object because this change is designed to assist new users, where the simpler form of routes is easier to understand.
2023-09-28Java: fixed the calculation related to the response buffer.Zhidao HONG2-4/+6
We need to take into account the size of the nxt_unit_response_t structure itself when calculating where to start appending data to in memory. Closes: <https://github.com/nginx/unit/issues/923> Reported-by: Alejandro Colomar <alx@kernel.org> Reviewed-by: Andrew Clayton <a.clayton@nginx.org> Signed-off-by: Andrew Clayton <a.clayton@nginx.com>
2023-09-26Node.js: ServerRequest.destroy() implemented.Andrei Zeliankou1-0/+9
This closes #871 issue on GitHub.