summaryrefslogtreecommitdiffhomepage
AgeCommit message (Collapse)AuthorFilesLines
2020-02-04Removing duplicate macro definitions.Max Romanov1-4/+0
This issue was introduced in 2c7f79bf0a1f.
2020-02-03Initializing local buffer ctx_impl field for correct release.Max Romanov1-0/+1
Uninitialized ctx_impl field may cause crash in application process. To reproduce the issue, need to trigger shared memory buffer send error on application side. In our case, send error caused by router process crash. This issue was introduced in 2c7f79bf0a1f.
2020-02-03Fixed req_app_link reference counting on cancellation.Max Romanov1-16/+7
Re-scheduled req_app_link structures should have use_count exactly equal to the number of references from the application and port list. However, there's one extra usage decrement that occurs after the req_app_link is created because the use_count is initialised as 1. This patch removes all excess instances of the usage decrement that caused preliminary req_app_link release and router process crash. To reproduce the issue need to cause request rescheduling between 2 app processes. This issue was introduced in 61e9f23a566d.
2020-02-03Storing pointer to next buffer in chain before free the buffer.Max Romanov1-2/+3
This is required to avoid dereference of freed memory. Found by Coverity (CID 353372).
2020-02-03Added missing stream argument to error message.Max Romanov1-1/+2
Found by Coverity (CID 353386).
2020-02-03Freeing memory allocated for engine structure in case of error.Max Romanov1-1/+1
Found by Coverity (CID 353389).
2020-01-23Tests: check for php extension.Tiago Natel de Moura2-1/+14
2020-01-28PHP: added check for the ".php" extension.Valentin Bartenev1-4/+11
A check for the ".php" extension is added to prevent execution of files with arbitrary extensions in cases where "index" and "script" options aren't used.
2020-01-28Go: adding main configure CFLAGS and LDFLAGS to module build flags.Max Romanov1-1/+10
This makes ASAN buildbot workers to work out-of-the-box.
2020-01-28Fixed missing IPv6 checking in route-addr and an unused variable.Axel Duch1-2/+6
This closes #363 issue on Github. Thanks to to 洪志道 (Hong Zhi Dao).
2020-01-28Node.js: suppress compilation warning.Max Romanov1-1/+1
2020-01-28Java: fixing configure errors reporting.Max Romanov1-3/+7
2020-01-28Java: introducing SHA512 sum validation for external JARs.Max Romanov4-1/+76
2020-01-28Java: fixing maven repository URL.Max Romanov1-1/+1
It is required to use https scheme and different host to download packages from maven repository.
2020-01-28Packages: added curl dependency to fetch Java archives.Max Romanov2-2/+2
2020-01-28Ruby: changing callback functions prototype for v2.7.Max Romanov2-11/+13
This closes #371 issue on GitHub.
2020-01-27Version bump.Valentin Bartenev1-2/+2
2020-01-27Updated copyright notice.Valentin Bartenev2-8/+18
2019-12-26Added tag 1.14.0 for changeset 6e28966ed1f2Valentin Bartenev1-0/+1
2019-12-26Generated Dockerfiles for Unit 1.14.0.1.14.0Valentin Bartenev8-8/+8
2019-12-26Added version 1.14.0 CHANGES.Valentin Bartenev2-0/+75
2019-12-25Go: changing import name for "unit.nginx.org/go".Max Romanov14-15/+15
This patch includes packaging changes - update unit-go installation directory.
2019-12-16Using the 64-bit Linux capability mode when available.Tiago Natel de Moura1-1/+11
For backward compatibility, the Linux capabilities macros exposes v1 semantics (32-bit) by default. We probe the version at runtime (because of pre-compiled binaries) but the kernel syscall API is conservative and it doesn't return a 64-bit capability version if the input version is v1. This patch suppress the kernel > 5.0 dmesg log below: capability: warning: 'unitd' uses 32-bit capabilities (legacy support in use)
2019-12-24Tests: routing by listener address.Axel Duch1-0/+58
2019-12-24Router: introducing routing on listener address.Axel Duch2-4/+36
2019-12-24Tests: routing by client address configuration.Axel Duch1-0/+353
2019-12-24Router: introducing routing on client address.Axel Duch6-4/+734
2019-12-24Go: introducing SHM_ACK observer.Max Romanov3-11/+77
Each request processed in a separate goroutine. In case of OOSM state, during response write, request goroutine blocks on channel which waits event from main thread about SHM_ACK message from router.
2019-12-24Node.js: implementing output message drain using SHM_ACK feature.Max Romanov3-26/+188
ServerResponse.write() method tries to write data buffer using libunit and stores buffers to write in a Server-wide output queue, which is processed in response to SHM_ACK message from router. As a side effect 'drain' event implemented and socket.writable flag reflect current state.
2019-12-24Introducing port messages to notify about out of shared memory.Max Romanov6-68/+567
- OOSM (out of shared memory). Sent by application process to router when application reaches the limit of allocated shared memory and needs more. - SHM_ACK. Sent by router to application when the application's shared memory is released and the OOSM flag is enabled for the segment. This implements blocking mode (the library waits for SHM_ACK in case of out of shared memory condition and retries allocating the required memory amount) and non-blocking mode (the library notifies the application that it's out of shared memory and returns control to the application module that sets up the output queue and puts SHM_ACK in the main message loop).
2019-12-24Adding "limits/shm" configuration validation and parsing.Max Romanov11-11/+67
2019-12-24Renaming nxt_unit_mmap_buf_remove to nxt_unit_mmap_buf_unlink.Max Romanov1-7/+7
The function unchains the buffer from the buffer's linked list.
2019-12-24Introducing write tail reference to avoid buffer chain iteration.Max Romanov2-4/+17
2019-12-24Using non-shared memory buffers for small messages.Max Romanov1-101/+203
Current shared memory buffer implementation uses fixed-size memory blocks, allocating at least 16384 bytes. When application sends data in a large number of small chunks, it makes sense to buffer them or use plain memory buffers to improve performance and reduce memory footprint. This patch introduces minimum size limit (1024 bytes) for shared memory buffers.
2019-12-24Go: moving source files to the root of the project.Max Romanov14-3/+6
This patch includes packaging changes related to files move.
2019-12-24Go: installing go module for tests into build directory.Max Romanov2-2/+2
2019-12-24Packages: making unit-go architecture independent.Max Romanov19-457/+17
To support Go modules, the unit-go module should be platform independent. All platform-dependent logic is moved to libunit, so the unit-dev package should be installed before building unit-go.
2019-12-24Go: linking against libunit.Max Romanov2-12/+30
2019-12-24Removed unused variables from "docs/Makefile".Valentin Bartenev1-3/+1
They actually have been broken since 00d8049418cf, where NXT_VERSION was removed from nxt_main.h. Also, shebang is added.
2019-12-23Python: pre-creation of objects for string constants.Valentin Bartenev1-38/+156
This is an optimization to avoid creating them at runtime on each request.
2019-12-10Packages: added Python 3 support on Amazon Linux 2 (LTS).Andrei Belov3-4/+5
2019-12-09Java: fixing racing condition in external JAR download.Max Romanov1-3/+6
Temporary file name with configure process PID used to download JAR from external repository. Then file renamed using command 'mv'. The issue reproduced in clean environment when 2 or more concurrent builds started.
2019-12-09Tests: routing tests refactored.Andrei Zeliankou2-1774/+331
2019-12-06Tests: added privileged credential tests.Tiago Natel1-44/+150
2019-12-06Isolation: allowed the use of credentials with unpriv userns.Tiago Natel13-135/+1170
The setuid/setgid syscalls requires root capabilities but if the kernel supports unprivileged user namespace then the child process has the full set of capabilities in the new namespace, then we can allow setting "user" and "group" in such cases (this is a common security use case). Tests were added to ensure user gets meaningful error messages for uid/gid mapping misconfigurations.
2019-12-06Moved credential-related code to nxt_credential.c.Tiago Natel9-353/+378
This is required to avoid include cycles, as some nxt_clone_* functions depend on the credential structures, but nxt_process depends on clone structures.
2019-11-11Tests: added tests for setting user and group.Tiago Natel2-0/+95
2019-11-11Tests: added support for testing "user" and "group".Tiago Natel8-15/+34
2019-11-26Refactor of process init.Tiago Natel8-149/+249
Introduces the functions nxt_process_init_create() and nxt_process_init_creds_set().
2019-12-02Packages: added Python 3 support on RHEL/CentOS 7.Andrei Belov3-2/+12