summaryrefslogtreecommitdiffhomepage
path: root/docs (follow)
AgeCommit message (Collapse)AuthorFilesLines
2021-05-07PHP: forced initialization of $_SERVER in fastcgi_finish_request().Valentin Bartenev1-0/+7
The "auto_globals_jit" PHP option postponed the initialization of the $_SERVER global variable until the script using it had been loaded (e. g. via the "include" expression). As a result, nxt_php_register_variables() could be called after fastcgi_finish_request() had finished the request and nulled ctx->req, which thus caused a segmentation fault.
2021-05-06Static: implemented MIME filteringOisin Canty1-0/+6
2021-04-29Static: support for openat2() features.Zhidao HONG1-0/+7
Support for chrooting, rejecting symlinks, and rejecting crossing mounting points on a per-request basis during static file serving.
2021-03-26Version bump.Valentin Bartenev1-0/+29
2021-03-25Added version 1.23.0 CHANGES.Valentin Bartenev1-1/+23
2021-03-25Fixed wording in docs/changes.xml for the 1.23.0 release.Artem Konev1-7/+9
2021-03-25Fixing shm buffer leakage when sending over the port queue.Max Romanov1-0/+7
When the shm buffer is sent over the port queue, it needs to be completed because it's sent over the port socket.
2021-03-24Added ability to configure multiple certificates on a listener.Andrey Suvorov1-0/+7
The certificate is selected by matching the arriving SNI to the common name and the alternatives names. If no certificate matches the name, the first bundle in the array is chosen.
2021-03-24Added build system support for a man page.Konstantin Pavlov1-0/+6
2021-03-24Added a missing .El directive in man page source.Artem Konev1-0/+1
2021-03-24Added a man page.Artem Konev1-0/+79
Reviewed at https://rb.nginx.com/r/165/
2021-03-24Certificates: fixed in name attributes processing.Valentin Bartenev1-0/+7
The idea is to put SAN after CN, but the previous version of the code incorrectly assumed that CN was always present, which caused writes outside the allocated object if there were no standard name attributes.
2021-03-24Certficates: fixed counting DNS SAN entries.Valentin Bartenev1-0/+7
Previously, entries of any type were counted during object allocation but only DNS type entries were actually processed. As a result, if some certificate entries had another type, returning information about the certificate caused uninitialized memory access.
2021-03-15Fixed building the PHP 5 module with ZTS, broken by dab8544b5440.Valentin Bartenev1-0/+7
This closes #525 issue on GitHub.
2021-03-15Ruby: fixed encodings initialization.Valentin Bartenev1-0/+6
The Ruby interpreter expects an explicit setlocale() call before initialization to pick up character encodings in the "Encoding" class from the environment. This closes #531 issue on GitHub.
2021-03-15Fixed certificates loading on startup with some filesystems.Valentin Bartenev1-0/+7
It appears that readdir() on Linux detects file types unreliably, always setting the "d_type" field to DT_UNKNOWN for some less common filesystems. As a result, all files were skipped and no certificate bundles were found when the state directory was located on such filesystems. Skipping "." and ".." instead of any non-regular files should be enough, as no other non-regular files normally appear in this directory. This closes #368 issue on GitHub.
2021-03-15Fixed TLS connection shutdown on errors.Valentin Bartenev1-0/+14
An immediate return statement on connection errors was mistakenly added to the beginning of nxt_openssl_conn_io_shutdown() in ecd3c5bbf7d8, breaking the TLS connection finalization procedure. As a result, a TLS connection was left unfinalized if it had been closed prematurely or a fatal protocol error had occurred, which caused memory and socket descriptor leakage. Moreover, in some cases (notably, on handshake errors in tests with kqueue on macOS) the read event was triggered later and nxt_h1p_conn_error() was called the second time; after the change in af93c866b4f0, the latter call crashed the router process in an attempt to remove a connection from the idle queue twice.
2021-03-02Closing app outgoing shared memory file descriptor.Max Romanov1-0/+6
This fixes file descriptor leakage in router. Shared memory file used to send data from router to application. These files are shared among all processes of same application and router keeps the opened file descriptor since 06017e6e3a5f commit.
2021-02-16Version bump.Valentin Bartenev1-0/+8
2021-02-04Added changelog for Python 3.9 module appeared for Fedora 33.Andrei Belov1-0/+13
2021-02-04Added version 1.22.0 CHANGES.Valentin Bartenev1-2/+2
2021-02-04Reordered changes for 1.22.0 by significance (subjective).Valentin Bartenev1-17/+17
2021-02-04Updated phrasing and corrected errors in docs/changes.xml.Artem Konev1-15/+16
2021-02-03Fixing shared app queue unmap size.Max Romanov1-0/+7
Shared app queue takes more memory than port memory. To unmap all memory pages correct size need to be specified for munmap() call. Otherwise 4 Mb memory leaked on each configured application removal. The issue was introduced in 1d84b9e4b459.
2021-01-28Fixed changelog style.Valentin Bartenev1-1/+1
2021-01-28Router: fixing crash after WebSocket processing.Max Romanov1-0/+7
After WebSocket processing, the application port was released with incorrect reason ("got request"), unnecessarily decrementing the active request counter. The assertion was triggered only on application removal; a test was added for this case.
2020-12-29Node.js: ServerRequest and ServerResponse compliance to Stream API.Max Romanov1-0/+7
ServerRequest now inherit stream Readable object. ServerResponse provides 'writable' property. Thanks to Wu Jian Ping (@wujjpp). This closes #274, closes #317 issues and closes #502 PR on GitHub.
2020-12-24Version bump for unit modules.Andrei Belov1-0/+22
This is required in order to build Debian packages from current tip without making manual interventions. Moving forward, this should be a part of every version bump commit.
2020-12-23Static: fixing request memory pool leakage in router.Max Romanov1-0/+7
When a static file larger than NXT_HTTP_STATIC_BUF_SIZE (128K) is served, two buffers are allocated and chained; each retains the whole request memory pool. Starting from 41331471eee7, the completion handler was called once for a linked buffer chain, but the second buffer got lost. This patch improves the completion handler's treatment of static buffers to handle all linked buffers.
2020-12-22Python: multiple values in the "path" option.Valentin Bartenev1-0/+6
2020-12-18Libunit: fixed shared memory waiting.Max Romanov1-0/+7
The nxt_unit_ctx_port_recv() function may return the NXT_UNIT_AGAIN code, in which case an attempt to reread the message should be made. The issue was reproduced in load testing with response sizes 16k and up. In the rare case of a NXT_UNIT_AGAIN result, a buffer of size -1 was processed, which triggered a 'message too small' alert; after that, the app process was terminated.
2020-12-18Limiting app queue notifications count in socket.Max Romanov1-0/+7
Under high load, a queue synchonization issue may occur, starting from the steady state when an app queue message is dequeued immediately after it has been enqueued. In this state, the router always puts the first message in the queue and is forced to notify the app about a new message in an empty queue using a socket pair. On the other hand, the application dequeues and processes the message without reading the notification from the socket, so the socket buffer overflows with notifications. The issue was reproduced during Unit load tests. After a socket buffer overflow, the router is unable to notify the app about a new first message. When another message is enqueued, a notification is not required, so the queue grows without being read by the app. As a result, request processing stops. This patch changes the notification algorithm by counting the notifications in the pipe instead of getting the number of messages in the queue.
2020-12-17Router: fixed crash in OOSM processing.Max Romanov1-0/+6
Multithreaded application may create different shared memory segments in different threads. The segments then passed to different router threads. Because of this multithreading, the order of adding incoming segments is not determined and there can be situation when some of the incoming segments are not initialized yet. This patch simply adds check for NULL to skip non-initialized segments. Crash reproduced during load tests with high number of simultaneous connections (1024 and more).
2020-12-15Added a changelog for 5e6c2b8fb3fe.Tiago Natel de Moura1-0/+7
2020-12-07Ruby: fixed crash on thread start.Max Romanov1-0/+6
Ruby threads need to be created with GVL; otherwise, an attempt to access locked resources may occur, causing a crash. The issue was occasionally reproduced on Ubuntu 18.04 with Ruby 2.5.1 while running test_ruby_application_threads.
2020-12-08Docs: special handling for empty "date" and "time" XML attributes.Andrei Belov4-21/+84
2020-12-08PHP: populating PHP_AUTH_* server variables.Valentin Bartenev1-0/+7
This closes #498 issue on GitHub.
2020-12-07HTTP: fixed status line format for unknown status codes.Valentin Bartenev1-0/+6
According to Section #3.1.2 of RFC 7230, after the status code there must be a space even if the reason phrase is empty. Also, only 3 digits allowed. This closes #507 issue on GitHub.
2020-11-24Version bump.Valentin Bartenev1-0/+7
2020-11-19Added version 1.21.0 CHANGES.Valentin Bartenev1-0/+164
2020-10-08Updated 1.20.0 CHANGES to include pytest migration.1.20.0Valentin Bartenev1-0/+6
2020-10-08Added version 1.20.0 CHANGES.Valentin Bartenev1-0/+121
2020-08-13Added version 1.19.0 CHANGES.Valentin Bartenev1-0/+118
2020-05-28Added version 1.18.0 CHANGES.Valentin Bartenev1-0/+47
2020-04-16Added version 1.17.0 CHANGES.Valentin Bartenev1-0/+86
2020-03-12Added version 1.16.0 CHANGES.Valentin Bartenev1-0/+78
2020-02-06Added version 1.15.0 CHANGES.Valentin Bartenev1-0/+53
2019-12-26Added version 1.14.0 CHANGES.Valentin Bartenev1-0/+59
2019-12-24Removed unused variables from "docs/Makefile".Valentin Bartenev1-3/+1
They actually have been broken since 00d8049418cf, where NXT_VERSION was removed from nxt_main.h. Also, shebang is added.
2019-11-21Packages: added Ubuntu 19.10 "eoan" support.Andrei Belov2-0/+27