Fijxu
/
nginx-quic
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
nginx-quic/src/http/ngx_http_request.c

3911 lines
96 KiB
C
Raw Normal View History

nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
2004-09-28 04:34:51 -04:00
/*
nginx-0.1.0-2004-09-29-20:00:49 import; remove years from copyright
2004-09-29 12:00:49 -04:00
* Copyright (C) Igor Sysoev
Copyright updated.
2012-01-18 12:07:43 -03:00
* Copyright (C) Nginx, Inc.
nginx-0.1.0-2004-09-28-12:34:51 import; set copyright and remove unused files
2004-09-28 04:34:51 -04:00
*/
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
#include <ngx_config.h>
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
#include <ngx_core.h>
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
#include <ngx_http.h>
nginx-0.0.1-2002-09-02-18:48:24 import
2002-09-02 10:48:24 -04:00
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
static void ngx_http_wait_request_handler(ngx_event_t *ev);
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
static ngx_http_request_t *ngx_http_alloc_request(ngx_connection_t *c);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
static void ngx_http_process_request_line(ngx_event_t *rev);
static void ngx_http_process_request_headers(ngx_event_t *rev);
static ssize_t ngx_http_read_request_header(ngx_http_request_t *r);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
static ngx_int_t ngx_http_alloc_large_header_buffer(ngx_http_request_t *r,
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ngx_uint_t request_line);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static ngx_int_t ngx_http_process_header_line(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
static ngx_int_t ngx_http_process_unique_header_line(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
static ngx_int_t ngx_http_process_host(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
static ngx_int_t ngx_http_process_connection(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);
test user agent in header callback
2008-05-13 05:18:58 -04:00
static ngx_int_t ngx_http_process_user_agent(ngx_http_request_t *r,
ngx_table_elt_t *h, ngx_uint_t offset);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
static ngx_int_t ngx_http_find_virtual_server(ngx_connection_t *c,
ngx_http_virtual_names_t *virtual_names, ngx_str_t *host,
ngx_http_request_t *r, ngx_http_core_srv_conf_t **cscfp);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static void ngx_http_request_handler(ngx_event_t *ev);
request reference counter
2009-08-26 12:04:05 -04:00
static void ngx_http_terminate_request(ngx_http_request_t *r, ngx_int_t rc);
static void ngx_http_terminate_handler(ngx_http_request_t *r);
static void ngx_http_finalize_connection(ngx_http_request_t *r);
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
static ngx_int_t ngx_http_set_write_handler(ngx_http_request_t *r);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static void ngx_http_writer(ngx_http_request_t *r);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
static void ngx_http_request_finalizer(ngx_http_request_t *r);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
static void ngx_http_set_keepalive(ngx_http_request_t *r);
static void ngx_http_keepalive_handler(ngx_event_t *ev);
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
static void ngx_http_set_lingering_close(ngx_connection_t *c);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
static void ngx_http_lingering_close_handler(ngx_event_t *ev);
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
static ngx_int_t ngx_http_post_action(ngx_http_request_t *r);
*) log_subrequest *) flush variables in access log
2008-09-27 11:08:02 -04:00
static void ngx_http_log_request(ngx_http_request_t *r);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
HTTP/3: make ngx_http_log_error() static again. This function was only referenced from ngx_http_v3_create_push_request() to initialize push connection log. Now the log handler is copied from the parent request connection. The change reduces diff to the default branch.
2021-09-17 10:32:23 -03:00
static u_char *ngx_http_log_error(ngx_log_t *log, u_char *buf, size_t len);
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
static u_char *ngx_http_log_error_handler(ngx_http_request_t *r,
ngx_http_request_t *sr, u_char *buf, size_t len);
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.1.44-RELEASE import *) Feature: the IMAP/POP3 proxy supports SSL. *) Feature: the "proxy_timeout" directive of the ngx_imap_proxy_module. *) Feature: the "userid_mark" directive. *) Feature: the $remote_user variable value is determined independently of authorization use.
2005-09-06 12:09:32 -04:00
#if (NGX_HTTP_SSL)
static void ngx_http_ssl_handshake(ngx_event_t *rev);
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
static void ngx_http_ssl_handshake_handler(ngx_connection_t *c);
nginx-0.1.44-RELEASE import *) Feature: the IMAP/POP3 proxy supports SSL. *) Feature: the "proxy_timeout" directive of the ngx_imap_proxy_module. *) Feature: the "userid_mark" directive. *) Feature: the $remote_user variable value is determined independently of authorization use.
2005-09-06 12:09:32 -04:00
#endif
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
static char *ngx_http_client_errors[] = {
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
/* NGX_HTTP_PARSE_INVALID_METHOD */
"client sent invalid method",
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
/* NGX_HTTP_PARSE_INVALID_REQUEST */
"client sent invalid request",
Don't pretend we support HTTP major versions >1 as HTTP/1.1.
2017-04-25 17:39:13 -03:00
/* NGX_HTTP_PARSE_INVALID_VERSION */
"client sent invalid version",
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
/* NGX_HTTP_PARSE_INVALID_09_METHOD */
"client sent invalid method in HTTP/0.9 request"
nginx-0.0.1-2002-08-29-20:59:54 import
2002-08-29 12:59:54 -04:00
};
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
ngx_http_header_t ngx_http_headers_in[] = {
fix $r->header_in() for "User-Agent", "Connection", and "Host" broken in r2005, r2006, and r2008.
2008-08-19 15:40:45 -04:00
{ ngx_string("Host"), offsetof(ngx_http_headers_in_t, host),
ngx_http_process_host },
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
fix $r->header_in() for "User-Agent", "Connection", and "Host" broken in r2005, r2006, and r2008.
2008-08-19 15:40:45 -04:00
{ ngx_string("Connection"), offsetof(ngx_http_headers_in_t, connection),
ngx_http_process_connection },
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
{ ngx_string("If-Modified-Since"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, if_modified_since),
If-Modified-Since should be unique header line
2007-08-29 11:32:49 -04:00
ngx_http_process_unique_header_line },
"If-Unmodified-Since" support
2010-12-06 08:11:05 -03:00
{ ngx_string("If-Unmodified-Since"),
offsetof(ngx_http_headers_in_t, if_unmodified_since),
ngx_http_process_unique_header_line },
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
Entity tags: basic support in not modified filter. This includes handling of ETag headers (if present in a response) with basic support for If-Match, If-None-Match conditionals in not modified filter. Note that the "r->headers_out.last_modified_time == -1" check in the not modified filter is left as is intentionally. It's to prevent handling of If-* headers in case of proxy without cache (much like currently done with If-Modified-Since).
2012-07-07 17:20:27 -04:00
{ ngx_string("If-Match"),
offsetof(ngx_http_headers_in_t, if_match),
ngx_http_process_unique_header_line },
{ ngx_string("If-None-Match"),
offsetof(ngx_http_headers_in_t, if_none_match),
ngx_http_process_unique_header_line },
fix $r->header_in() for "User-Agent", "Connection", and "Host" broken in r2005, r2006, and r2008.
2008-08-19 15:40:45 -04:00
{ ngx_string("User-Agent"), offsetof(ngx_http_headers_in_t, user_agent),
ngx_http_process_user_agent },
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
{ ngx_string("Referer"), offsetof(ngx_http_headers_in_t, referer),
ngx_http_process_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
{ ngx_string("Content-Length"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, content_length),
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
ngx_http_process_unique_header_line },
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
Dav: return 501 on PUT with ranges (ticket #948).
2016-05-16 13:37:23 -04:00
{ ngx_string("Content-Range"),
offsetof(ngx_http_headers_in_t, content_range),
ngx_http_process_unique_header_line },
nginx-0.1.14-RELEASE import *) Feature: the autoconfiguration directives: --http-client-body-temp-path=PATH, --http-proxy-temp-path=PATH, and --http-fastcgi-temp-path=PATH *) Change: the directory name for the temporary files with the client request body is specified by directive client_body_temp_path, by default it is <prefix>/client_body_temp. *) Feature: the ngx_http_fastcgi_module and the directives: fastcgi_pass, fastcgi_root, fastcgi_index, fastcgi_params, fastcgi_connect_timeout, fastcgi_send_timeout, fastcgi_read_timeout, fastcgi_send_lowat, fastcgi_header_buffer_size, fastcgi_buffers, fastcgi_busy_buffers_size, fastcgi_temp_path, fastcgi_max_temp_file_size, fastcgi_temp_file_write_size, fastcgi_next_upstream, and fastcgi_x_powered_by. *) Bugfix: the "[alert] zero size buf" error; the bug had appeared in 0.1.3. *) Change: the URI must be specified after the host name in the proxy_pass directive. *) Change: the %3F symbol in the URI was considered as the argument string start. *) Feature: the unix domain sockets support in the ngx_http_proxy_module. *) Feature: the ssl_engine and ssl_ciphers directives. Thanks to Sergey Skvortsov for SSL-accelerator.
2005-01-18 10:03:58 -03:00
{ ngx_string("Content-Type"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, content_type),
ngx_http_process_header_line },
{ ngx_string("Range"), offsetof(ngx_http_headers_in_t, range),
ngx_http_process_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
If-Range support
2007-11-09 12:41:35 -03:00
{ ngx_string("If-Range"),
offsetof(ngx_http_headers_in_t, if_range),
ngx_http_process_unique_header_line },
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
{ ngx_string("Transfer-Encoding"),
offsetof(ngx_http_headers_in_t, transfer_encoding),
Disabled multiple Transfer-Encoding headers. We anyway do not support more than one transfer encoding, so accepting requests with multiple Transfer-Encoding headers doesn't make sense. Further, we do not handle multiple headers, and ignore anything but the first header. Reported by Filippo Valsorda.
2020-02-20 10:19:29 -03:00
ngx_http_process_unique_header_line },
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
gRPC: special handling of the TE request header. According to the gRPC protocol specification, the "TE" header is used to detect incompatible proxies, and at least grpc-c server rejects requests without "TE: trailers". To preserve the logic, we have to pass "TE: trailers" to the backend if and only if the original request contains "trailers" in the "TE" header. Note that no other TE values are allowed in HTTP/2, so we have to remove anything else.
2018-03-17 17:04:25 -03:00
{ ngx_string("TE"),
offsetof(ngx_http_headers_in_t, te),
ngx_http_process_header_line },
the "Expect" header support
2008-06-26 09:00:39 -04:00
{ ngx_string("Expect"),
offsetof(ngx_http_headers_in_t, expect),
ngx_http_process_unique_header_line },
Proxy: support for connection upgrade (101 Switching Protocols). This allows to proxy WebSockets by using configuration like this: location /chat/ { proxy_pass http://backend; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } Connection upgrade is allowed as long as it was requested by a client via the Upgrade request header.
2013-02-18 10:50:52 -03:00
{ ngx_string("Upgrade"),
offsetof(ngx_http_headers_in_t, upgrade),
ngx_http_process_header_line },
Expose more headers with NGX_HTTP_HEADERS.
2018-02-15 11:51:26 -03:00
#if (NGX_HTTP_GZIP || NGX_HTTP_HEADERS)
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
{ ngx_string("Accept-Encoding"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, accept_encoding),
ngx_http_process_header_line },
{ ngx_string("Via"), offsetof(ngx_http_headers_in_t, via),
ngx_http_process_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
#endif
{ ngx_string("Authorization"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, authorization),
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
ngx_http_process_unique_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
{ ngx_string("Keep-Alive"), offsetof(ngx_http_headers_in_t, keep_alive),
ngx_http_process_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
Fixed compile-time conditionals used to detect if X-Forwarded-For support is needed.
2012-06-21 07:02:22 -04:00
#if (NGX_HTTP_X_FORWARDED_FOR)
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
{ ngx_string("X-Forwarded-For"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, x_forwarded_for),
All non-unique input headers are now linked lists. The ngx_http_process_multi_header_lines() function is removed, as it is exactly equivalent to ngx_http_process_header_line(). Similarly, ngx_http_variable_header() is used instead of ngx_http_variable_headers().
2022-05-30 14:25:35 -04:00
ngx_http_process_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
#endif
nginx-0.1.14-RELEASE import *) Feature: the autoconfiguration directives: --http-client-body-temp-path=PATH, --http-proxy-temp-path=PATH, and --http-fastcgi-temp-path=PATH *) Change: the directory name for the temporary files with the client request body is specified by directive client_body_temp_path, by default it is <prefix>/client_body_temp. *) Feature: the ngx_http_fastcgi_module and the directives: fastcgi_pass, fastcgi_root, fastcgi_index, fastcgi_params, fastcgi_connect_timeout, fastcgi_send_timeout, fastcgi_read_timeout, fastcgi_send_lowat, fastcgi_header_buffer_size, fastcgi_buffers, fastcgi_busy_buffers_size, fastcgi_temp_path, fastcgi_max_temp_file_size, fastcgi_temp_file_write_size, fastcgi_next_upstream, and fastcgi_x_powered_by. *) Bugfix: the "[alert] zero size buf" error; the bug had appeared in 0.1.3. *) Change: the URI must be specified after the host name in the proxy_pass directive. *) Change: the %3F symbol in the URI was considered as the argument string start. *) Feature: the unix domain sockets support in the ngx_http_proxy_module. *) Feature: the ssl_engine and ssl_ciphers directives. Thanks to Sergey Skvortsov for SSL-accelerator.
2005-01-18 10:03:58 -03:00
nginx-0.3.8-RELEASE import *) Security: nginx now checks URI got from a backend in "X-Accel-Redirect" header line or in SSI file for the "/../" paths and zeroes. *) Change: nginx now does not treat the empty user name in the "Authorization" header line as valid one. *) Feature: the "ssl_session_timeout" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Feature: the "auth_http_header" directive of the ngx_imap_auth_http_module. *) Feature: the "add_header" directive. *) Feature: the ngx_http_realip_module. *) Feature: the new variables to use in the "log_format" directive: $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri, $request_time, $request_length, $upstream_status, $upstream_response_time, $gzip_ratio, $uid_got, $uid_set, $connection, $pipe, and $msec. The parameters in the "%name" form will be canceled soon. *) Change: now the false variable values in the "if" directive are the empty string "" and string starting with "0". *) Bugfix: while using proxied or FastCGI-server nginx may leave connections and temporary files with client requests in open state. *) Bugfix: the worker processes did not flush the buffered logs on graceful exit. *) Bugfix: if the request URI was changes by the "rewrite" directive and the request was proxied in location given by regular expression, then the incorrect request was transferred to backend; the bug had appeared in 0.2.6. *) Bugfix: the "expires" directive did not remove the previous "Expires" header. *) Bugfix: nginx may stop to accept requests if the "rtsig" method and several worker processes were used. *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in SSI commands. *) Bugfix: if the response was ended just after the SSI command and gzipping was used, then the response did not transferred complete or did not transferred at all.
2005-11-09 14:25:55 -03:00
#if (NGX_HTTP_REALIP)
{ ngx_string("X-Real-IP"),
offsetof(ngx_http_headers_in_t, x_real_ip),
ngx_http_process_header_line },
#endif
nginx-0.1.19-RELEASE import *) Bugfix: now, if request contains the zero, then the 404 error is returned for the local requests. *) Bugfix: nginx could not be built on NetBSD 2.0. *) Bugfix: the timeout may occur while reading of the the client request body via SSL connections.
2005-02-16 10:40:36 -03:00
#if (NGX_HTTP_HEADERS)
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
{ ngx_string("Accept"), offsetof(ngx_http_headers_in_t, accept),
ngx_http_process_header_line },
nginx-0.1.19-RELEASE import *) Bugfix: now, if request contains the zero, then the 404 error is returned for the local requests. *) Bugfix: nginx could not be built on NetBSD 2.0. *) Bugfix: the timeout may occur while reading of the the client request body via SSL connections.
2005-02-16 10:40:36 -03:00
{ ngx_string("Accept-Language"),
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
offsetof(ngx_http_headers_in_t, accept_language),
ngx_http_process_header_line },
nginx-0.1.19-RELEASE import *) Bugfix: now, if request contains the zero, then the 404 error is returned for the local requests. *) Bugfix: nginx could not be built on NetBSD 2.0. *) Bugfix: the timeout may occur while reading of the the client request body via SSL connections.
2005-02-16 10:40:36 -03:00
#endif
nginx-0.3.40-RELEASE import *) Feature: the ngx_http_dav_module supports the MKCOL method. *) Feature: the "create_full_put_path" directive. *) Feature: the "$limit_rate" variable.
2006-04-19 11:30:56 -04:00
#if (NGX_HTTP_DAV)
{ ngx_string("Depth"), offsetof(ngx_http_headers_in_t, depth),
ngx_http_process_header_line },
{ ngx_string("Destination"), offsetof(ngx_http_headers_in_t, destination),
ngx_http_process_header_line },
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
the "Overwrite" header line
2007-01-18 18:11:23 -03:00
{ ngx_string("Overwrite"), offsetof(ngx_http_headers_in_t, overwrite),
ngx_http_process_header_line },
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
{ ngx_string("Date"), offsetof(ngx_http_headers_in_t, date),
ngx_http_process_header_line },
nginx-0.3.40-RELEASE import *) Feature: the ngx_http_dav_module supports the MKCOL method. *) Feature: the "create_full_put_path" directive. *) Feature: the "$limit_rate" variable.
2006-04-19 11:30:56 -04:00
#endif
Reworked multi headers to use linked lists. Multi headers are now using linked lists instead of arrays. Notably, the following fields were changed: r->headers_in.cookies (renamed to r->headers_in.cookie), r->headers_in.x_forwarded_for, r->headers_out.cache_control, r->headers_out.link, u->headers_in.cache_control u->headers_in.cookies (renamed to u->headers_in.set_cookie). The r->headers_in.cookies and u->headers_in.cookies fields were renamed to r->headers_in.cookie and u->headers_in.set_cookie to match header names. The ngx_http_parse_multi_header_lines() and ngx_http_parse_set_cookie_lines() functions were changed accordingly. With this change, multi headers are now essentially equivalent to normal headers, and following changes will further make them equivalent.
2022-05-30 14:25:33 -04:00
{ ngx_string("Cookie"), offsetof(ngx_http_headers_in_t, cookie),
All non-unique input headers are now linked lists. The ngx_http_process_multi_header_lines() function is removed, as it is exactly equivalent to ngx_http_process_header_line(). Similarly, ngx_http_variable_header() is used instead of ngx_http_variable_headers().
2022-05-30 14:25:35 -04:00
ngx_http_process_header_line },
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
{ ngx_null_string, 0, NULL }
};
nginx-0.0.1-2003-10-27-11:53:49 import
2003-10-27 05:53:49 -03:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
void
ngx_http_init_connection(ngx_connection_t *c)
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
{
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
ngx_uint_t i;
ngx_event_t *rev;
struct sockaddr_in *sin;
ngx_http_port_t *port;
ngx_http_in_addr_t *addr;
ngx_http_log_ctx_t *ctx;
ngx_http_connection_t *hc;
ngx_http_core_srv_conf_t *cscf;
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
#if (NGX_HAVE_INET6)
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
struct sockaddr_in6 *sin6;
ngx_http_in6_addr_t *addr6;
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
#endif
QUIC: added "quic" listen parameter. The parameter allows processing HTTP/0.9-2 over QUIC. Also, introduced ngx_http_quic_module and moved QUIC settings there
2020-07-21 16:09:22 -04:00
hc = ngx_pcalloc(c->pool, sizeof(ngx_http_connection_t));
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
if (hc == NULL) {
ngx_http_close_connection(c);
return;
}
c->data = hc;
/* find the server configuration for the address:port */
port = c->listening->servers;
if (port->naddrs > 1) {
/*
* there are several addresses on this port and one of them
* is an "*:port" wildcard so getsockname() in ngx_http_server_addr()
* is required to determine a server address
*/
if (ngx_connection_local_sockaddr(c, NULL, 0) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
switch (c->local_sockaddr->sa_family) {
#if (NGX_HAVE_INET6)
case AF_INET6:
sin6 = (struct sockaddr_in6 *) c->local_sockaddr;
addr6 = port->addrs;
/* the last address is "*" */
for (i = 0; i < port->naddrs - 1; i++) {
if (ngx_memcmp(&addr6[i].addr6, &sin6->sin6_addr, 16) == 0) {
break;
}
}
hc->addr_conf = &addr6[i].conf;
break;
#endif
default: /* AF_INET */
sin = (struct sockaddr_in *) c->local_sockaddr;
addr = port->addrs;
/* the last address is "*" */
for (i = 0; i < port->naddrs - 1; i++) {
if (addr[i].addr == sin->sin_addr.s_addr) {
break;
}
}
hc->addr_conf = &addr[i].conf;
break;
}
} else {
switch (c->local_sockaddr->sa_family) {
#if (NGX_HAVE_INET6)
case AF_INET6:
addr6 = port->addrs;
hc->addr_conf = &addr6[0].conf;
break;
#endif
default: /* AF_INET */
addr = port->addrs;
hc->addr_conf = &addr[0].conf;
break;
}
}
nginx-0.0.1-2002-10-04-21:58:04 import
2002-10-04 13:58:04 -04:00
SNI: reuse selected configuration for all requests in a connection. Previously, only the first request in a connection was assigned the configuration selected by SNI. All subsequent requests initially used the default server's configuration, ignoring SNI, which was wrong. Now all subsequent requests in a connection will initially use the configuration selected by SNI. This is done by storing a pointer to configuration in http connection object. It points to default server's configuration initially, but changed upon receipt of SNI. (The request's configuration can be further refined when parsing the request line and Host: header.) This change was not made specific to SNI as it also allows slightly faster access to configuration without the request object.
2013-02-27 14:12:48 -03:00
/* the default server configuration for the address:port */
hc->conf_ctx = hc->addr_conf->default_server->ctx;
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ctx = ngx_palloc(c->pool, sizeof(ngx_http_log_ctx_t));
if (ctx == NULL) {
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-01-30-10:28:09 import
2003-01-30 04:28:09 -03:00
}
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
log server address
2007-12-30 05:01:50 -03:00
ctx->connection = c;
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
ctx->request = NULL;
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
ctx->current_request = NULL;
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->connection = c->number;
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
c->log->handler = ngx_http_log_error;
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->data = ctx;
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
c->log->action = "waiting for request";
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
nginx-0.0.2-2004-02-10-19:23:38 import
2004-02-10 13:23:38 -03:00
c->log_error = NGX_ERROR_INFO;
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
rev = c->read;
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
rev->handler = ngx_http_wait_request_handler;
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
c->write->handler = ngx_http_empty_handler;
nginx-0.0.2-2004-02-09-10:46:43 import
2004-02-09 04:46:43 -03:00
The HTTP/2 implementation (RFC 7240, 7241). The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 14:13:06 -03:00
#if (NGX_HTTP_V2)
if (hc->addr_conf->http2) {
rev->handler = ngx_http_v2_init;
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
}
#endif
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
#if (NGX_HTTP_V3)
HTTP/3: "quic" parameter of "listen" directive. Now "listen" directve has a new "quic" parameter which enables QUIC protocol for the address. Further, to enable HTTP/3, a new directive "http3" is introduced. The hq-interop protocol is enabled by "http3_hq" as before. Now application protocol is chosen by ALPN. Previously used "http3" parameter of "listen" is deprecated.
2023-02-27 07:00:56 -03:00
if (hc->addr_conf->quic) {
HTTP/3: renamed functions. ngx_http_v3_init() is renamed ngx_http_v3_init_stream(). ngx_http_v3_reset_connection() is renamed to ngx_http_v3_reset_stream().
2022-08-22 06:09:03 -04:00
ngx_http_v3_init_stream(c);
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
return;
}
#endif
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
#if (NGX_HTTP_SSL)
{
ngx_http_ssl_srv_conf_t *sscf;
sscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_ssl_module);
if (sscf->enable || hc->addr_conf->ssl) {
hc->ssl = 1;
SSL: detect "listen ... ssl" without certificates (ticket #178). In mail and stream modules, no certificate provided is a fatal condition, much like with the "ssl" and "starttls" directives. In http, "listen ... ssl" can be used in a non-default server without certificates as long as there is a certificate in the default one, so missing certificate is only fatal for default servers.
2018-04-24 09:29:01 -03:00
c->log->action = "SSL handshaking";
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
rev->handler = ngx_http_ssl_handshake;
}
}
#endif
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
if (hc->addr_conf->proxy_protocol) {
hc->proxy_protocol = 1;
c->log->action = "reading PROXY protocol";
}
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
if (rev->ready) {
Removed the obsolete rtsig module.
2015-04-23 08:17:40 -03:00
/* the deferred accept(), iocp */
nginx-0.0.3-2004-03-31-19:26:46 import
2004-03-31 11:26:46 -04:00
nginx-0.3.27-RELEASE import *) Change: the "variables_hash_max_size" and "variables_hash_bucket_size" directives. *) Feature: the $body_bytes_sent variable can be used not only in the "log_format" directive. *) Feature: the $ssl_protocol and $ssl_cipher variables. *) Feature: the cache line size detection for widespread CPUs at start time. *) Feature: now the "accept_mutex" directive is supported using fcntl(2) on platforms different from i386, amd64, sparc64, and ppc. *) Feature: the "lock_file" directive and the --with-lock-path=PATH autoconfiguration directive. *) Bugfix: if the HTTPS protocol was used in the "proxy_pass" directive then the requests with the body was not transferred.
2006-02-08 12:33:12 -03:00
if (ngx_use_accept_mutex) {
nginx-0.3.3-RELEASE import *) Change: the "bl" and "af" parameters of the "listen" directive was renamed to the "backlog" and "accept_filter". *) Feature: the "rcvbuf" and "sndbuf" parameters of the "listen" directive. *) Change: the "$msec" log parameter does not require now the additional the gettimeofday() system call. *) Feature: the -t switch now tests the "listen" directives. *) Bugfix: if the invalid address was specified in the "listen" directive, then after the -HUP signal nginx left an open socket in the CLOSED state. *) Bugfix: the mime type may be incorrectly set to default value for index file with variable in the name; the bug had appeared in 0.3.0. *) Feature: the "timer_resolution" directive. *) Feature: the millisecond "$upstream_response_time" log parameter. *) Bugfix: a temporary file with client request body now is removed just after the response header was transferred to a client. *) Bugfix: OpenSSL 0.9.6 compatibility. *) Bugfix: the SSL certificate and key file paths could not be relative. *) Bugfix: the "ssl_prefer_server_ciphers" directive did not work in the ngx_imap_ssl_module. *) Bugfix: the "ssl_protocols" directive allowed to specify the single protocol only.
2005-10-19 09:33:58 -03:00
ngx_post_event(rev, &ngx_posted_events);
nginx-0.0.3-2004-03-31-19:26:46 import
2004-03-31 11:26:46 -04:00
return;
}
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
rev->handler(rev);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
return;
nginx-0.0.1-2003-01-27-00:08:14 import
2003-01-26 18:08:14 -03:00
}
nginx-0.0.1-2003-02-06-20:21:13 import
2003-02-06 14:21:13 -03:00
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
ngx_reusable_connection(c, 1);
nginx-0.0.1-2003-01-27-00:08:14 import
2003-01-26 18:08:14 -03:00
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
nginx-0.0.1-2003-10-10-19:10:50 import
2003-10-10 11:10:50 -04:00
ngx_http_close_connection(c);
return;
}
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
}
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
static void
ngx_http_wait_request_handler(ngx_event_t *rev)
{
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
u_char *p;
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
size_t size;
ssize_t n;
ngx_buf_t *b;
ngx_connection_t *c;
ngx_http_connection_t *hc;
ngx_http_core_srv_conf_t *cscf;
c = rev->data;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http wait request handler");
if (rev->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
ngx_http_close_connection(c);
return;
}
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
if (c->close) {
ngx_http_close_connection(c);
return;
}
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
hc = c->data;
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
size = cscf->client_header_buffer_size;
b = c->buffer;
if (b == NULL) {
b = ngx_create_temp_buf(c->pool, size);
if (b == NULL) {
ngx_http_close_connection(c);
return;
}
c->buffer = b;
} else if (b->start == NULL) {
b->start = ngx_palloc(c->pool, size);
if (b->start == NULL) {
ngx_http_close_connection(c);
return;
}
b->pos = b->start;
b->last = b->start;
b->end = b->last + size;
}
n = c->recv(c, b->last, size);
if (n == NGX_AGAIN) {
if (!rev->timer_set) {
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
ngx_add_timer(rev, cscf->client_header_timeout);
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
ngx_reusable_connection(c, 1);
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
}
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
/*
* We are trying to not hold c->buffer's memory for an idle connection.
*/
if (ngx_pfree(c->pool, b->start) == NGX_OK) {
b->start = NULL;
}
return;
}
if (n == NGX_ERROR) {
ngx_http_close_connection(c);
return;
}
if (n == 0) {
Fixed logging in ngx_http_wait_request_handler(). If c->recv() returns 0 there is no sense in using ngx_socket_errno for logging, its value meaningless. (The code in question was copied from ngx_http_keepalive_handler(), but ngx_socket_errno makes sense there as it's used as a part of ECONNRESET handling, and the c->recv() call is preceeded by the ngx_set_socket_errno(0) call.)
2013-03-12 10:38:04 -03:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
"client closed connection");
ngx_http_close_connection(c);
return;
}
b->last += n;
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
if (hc->proxy_protocol) {
hc->proxy_protocol = 0;
Core: renamed ngx_proxy_protocol_parse to ngx_proxy_protocol_read. The new name is consistent with the ngx_proxy_protocol_write function.
2015-06-16 07:45:19 -03:00
p = ngx_proxy_protocol_read(c, b->pos, b->last);
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
if (p == NULL) {
ngx_http_close_connection(c);
return;
}
b->pos = p;
if (b->pos == b->last) {
c->log->action = "waiting for request";
b->pos = b->start;
b->last = b->start;
ngx_post_event(rev, &ngx_posted_events);
return;
}
}
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
c->log->action = "reading client request line";
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
ngx_reusable_connection(c, 0);
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
c->data = ngx_http_create_request(c);
if (c->data == NULL) {
ngx_http_close_connection(c);
return;
}
rev->handler = ngx_http_process_request_line;
ngx_http_process_request_line(rev);
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
}
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
ngx_http_request_t *
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
ngx_http_create_request(ngx_connection_t *c)
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
{
ngx_http_request_t *r;
ngx_http_log_ctx_t *ctx;
ngx_http_core_loc_conf_t *clcf;
r = ngx_http_alloc_request(c);
if (r == NULL) {
return NULL;
}
c->requests++;
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
ngx_set_connection_log(c, clcf->error_log);
ctx = c->log->data;
ctx->request = r;
ctx->current_request = r;
#if (NGX_STAT_STUB)
(void) ngx_atomic_fetch_add(ngx_stat_reading, 1);
r->stat_reading = 1;
(void) ngx_atomic_fetch_add(ngx_stat_requests, 1);
#endif
return r;
}
static ngx_http_request_t *
ngx_http_alloc_request(ngx_connection_t *c)
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
{
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
ngx_pool_t *pool;
$request_time has millisecond precision
2007-04-21 03:50:19 -04:00
ngx_time_t *tp;
nginx-0.3.8-RELEASE import *) Security: nginx now checks URI got from a backend in "X-Accel-Redirect" header line or in SSI file for the "/../" paths and zeroes. *) Change: nginx now does not treat the empty user name in the "Authorization" header line as valid one. *) Feature: the "ssl_session_timeout" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Feature: the "auth_http_header" directive of the ngx_imap_auth_http_module. *) Feature: the "add_header" directive. *) Feature: the ngx_http_realip_module. *) Feature: the new variables to use in the "log_format" directive: $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri, $request_time, $request_length, $upstream_status, $upstream_response_time, $gzip_ratio, $uid_got, $uid_set, $connection, $pipe, and $msec. The parameters in the "%name" form will be canceled soon. *) Change: now the false variable values in the "if" directive are the empty string "" and string starting with "0". *) Bugfix: while using proxied or FastCGI-server nginx may leave connections and temporary files with client requests in open state. *) Bugfix: the worker processes did not flush the buffered logs on graceful exit. *) Bugfix: if the request URI was changes by the "rewrite" directive and the request was proxied in location given by regular expression, then the incorrect request was transferred to backend; the bug had appeared in 0.2.6. *) Bugfix: the "expires" directive did not remove the previous "Expires" header. *) Bugfix: nginx may stop to accept requests if the "rtsig" method and several worker processes were used. *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in SSI commands. *) Bugfix: if the response was ended just after the SSI command and gzipping was used, then the response did not transferred complete or did not transferred at all.
2005-11-09 14:25:55 -03:00
ngx_http_request_t *r;
ngx_http_connection_t *hc;
ngx_http_core_srv_conf_t *cscf;
ngx_http_core_main_conf_t *cmcf;
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
hc = c->data;
nginx-0.0.11-2004-09-21-09:38:28 import
2004-09-21 01:38:28 -04:00
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_core_module);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
pool = ngx_create_pool(cscf->request_pool_size, c->log);
if (pool == NULL) {
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
return NULL;
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
r = ngx_pcalloc(pool, sizeof(ngx_http_request_t));
if (r == NULL) {
ngx_destroy_pool(pool);
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
return NULL;
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
r->pool = pool;
nginx-0.0.11-2004-09-21-09:38:28 import
2004-09-21 01:38:28 -04:00
r->http_connection = hc;
nginx-0.0.7-2004-06-24-11:53:37 import
2004-06-24 03:53:37 -04:00
r->signature = NGX_HTTP_MODULE;
use ngx_http_server_addr()
2007-12-29 13:00:34 -03:00
r->connection = c;
SNI: reuse selected configuration for all requests in a connection. Previously, only the first request in a connection was assigned the configuration selected by SNI. All subsequent requests initially used the default server's configuration, ignoring SNI, which was wrong. Now all subsequent requests in a connection will initially use the configuration selected by SNI. This is done by storing a pointer to configuration in http connection object. It points to default server's configuration initially, but changed upon receipt of SNI. (The request's configuration can be further refined when parsing the request line and Host: header.) This change was not made specific to SNI as it also allows slightly faster access to configuration without the request object.
2013-02-27 14:12:48 -03:00
r->main_conf = hc->conf_ctx->main_conf;
r->srv_conf = hc->conf_ctx->srv_conf;
r->loc_conf = hc->conf_ctx->loc_conf;
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
fix segfault if 400 or 414 errors are handled intricately
2009-07-24 15:20:29 -04:00
r->read_event_handler = ngx_http_block_reading;
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
r->header_in = hc->busy ? hc->busy->buf : c->buffer;
nginx-0.0.3-2004-03-23-09:01:52 import
2004-03-23 02:01:52 -04:00
nginx-0.0.10-2004-09-06-22:45:00 import
2004-09-06 14:45:00 -04:00
if (ngx_list_init(&r->headers_out.headers, r->pool, 20,
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
sizeof(ngx_table_elt_t))
small optimization: " == NGX_ERROR" > " != NGX_OK"
2009-02-24 07:42:23 -03:00
!= NGX_OK)
nginx-0.0.10-2004-09-05-23:54:02 import
2004-09-05 15:54:02 -04:00
{
fix "out of memory" case handling
2009-05-29 07:42:55 -04:00
ngx_destroy_pool(r->pool);
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
return NULL;
nginx-0.0.10-2004-09-05-23:54:02 import
2004-09-05 15:54:02 -04:00
}
Added support for trailers in HTTP responses. Example: ngx_table_elt_t *h; h = ngx_list_push(&r->headers_out.trailers); if (h == NULL) { return NGX_ERROR; } ngx_str_set(&h->key, "Fun"); ngx_str_set(&h->value, "with trailers"); h->hash = ngx_hash_key_lc(h->key.data, h->key.len); The code above adds "Fun: with trailers" trailer to the response. Modules that want to emit trailers must set r->expect_trailers = 1 in header filter, otherwise they might not be emitted for HTTP/1.1 responses that aren't already chunked. This change also adds $sent_trailer_* variables. Signed-off-by: Piotr Sikora <piotrsikora@google.com>
2017-03-24 07:37:34 -03:00
if (ngx_list_init(&r->headers_out.trailers, r->pool, 4,
sizeof(ngx_table_elt_t))
!= NGX_OK)
{
ngx_destroy_pool(r->pool);
return NULL;
}
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
r->ctx = ngx_pcalloc(r->pool, sizeof(void *) * ngx_http_max_module);
if (r->ctx == NULL) {
fix "out of memory" case handling
2009-05-29 07:42:55 -04:00
ngx_destroy_pool(r->pool);
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
return NULL;
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
}
nginx-0.0.1-2002-09-11-19:18:33 import
2002-09-11 11:18:33 -04:00
nginx-0.3.8-RELEASE import *) Security: nginx now checks URI got from a backend in "X-Accel-Redirect" header line or in SSI file for the "/../" paths and zeroes. *) Change: nginx now does not treat the empty user name in the "Authorization" header line as valid one. *) Feature: the "ssl_session_timeout" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Feature: the "auth_http_header" directive of the ngx_imap_auth_http_module. *) Feature: the "add_header" directive. *) Feature: the ngx_http_realip_module. *) Feature: the new variables to use in the "log_format" directive: $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri, $request_time, $request_length, $upstream_status, $upstream_response_time, $gzip_ratio, $uid_got, $uid_set, $connection, $pipe, and $msec. The parameters in the "%name" form will be canceled soon. *) Change: now the false variable values in the "if" directive are the empty string "" and string starting with "0". *) Bugfix: while using proxied or FastCGI-server nginx may leave connections and temporary files with client requests in open state. *) Bugfix: the worker processes did not flush the buffered logs on graceful exit. *) Bugfix: if the request URI was changes by the "rewrite" directive and the request was proxied in location given by regular expression, then the incorrect request was transferred to backend; the bug had appeared in 0.2.6. *) Bugfix: the "expires" directive did not remove the previous "Expires" header. *) Bugfix: nginx may stop to accept requests if the "rtsig" method and several worker processes were used. *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in SSI commands. *) Bugfix: if the response was ended just after the SSI command and gzipping was used, then the response did not transferred complete or did not transferred at all.
2005-11-09 14:25:55 -03:00
cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
r->variables = ngx_pcalloc(r->pool, cmcf->variables.nelts
* sizeof(ngx_http_variable_value_t));
if (r->variables == NULL) {
fix "out of memory" case handling
2009-05-29 07:42:55 -04:00
ngx_destroy_pool(r->pool);
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
return NULL;
nginx-0.3.8-RELEASE import *) Security: nginx now checks URI got from a backend in "X-Accel-Redirect" header line or in SSI file for the "/../" paths and zeroes. *) Change: nginx now does not treat the empty user name in the "Authorization" header line as valid one. *) Feature: the "ssl_session_timeout" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Feature: the "auth_http_header" directive of the ngx_imap_auth_http_module. *) Feature: the "add_header" directive. *) Feature: the ngx_http_realip_module. *) Feature: the new variables to use in the "log_format" directive: $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri, $request_time, $request_length, $upstream_status, $upstream_response_time, $gzip_ratio, $uid_got, $uid_set, $connection, $pipe, and $msec. The parameters in the "%name" form will be canceled soon. *) Change: now the false variable values in the "if" directive are the empty string "" and string starting with "0". *) Bugfix: while using proxied or FastCGI-server nginx may leave connections and temporary files with client requests in open state. *) Bugfix: the worker processes did not flush the buffered logs on graceful exit. *) Bugfix: if the request URI was changes by the "rewrite" directive and the request was proxied in location given by regular expression, then the incorrect request was transferred to backend; the bug had appeared in 0.2.6. *) Bugfix: the "expires" directive did not remove the previous "Expires" header. *) Bugfix: nginx may stop to accept requests if the "rtsig" method and several worker processes were used. *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in SSI commands. *) Bugfix: if the response was ended just after the SSI command and gzipping was used, then the response did not transferred complete or did not transferred at all.
2005-11-09 14:25:55 -03:00
}
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
#if (NGX_HTTP_SSL)
SSL: SSL_sendfile() support with kernel TLS. Requires OpenSSL 3.0 compiled with "enable-ktls" option. Further, KTLS needs to be enabled in kernel, and in OpenSSL, either via OpenSSL configuration file or with "ssl_conf_command Options KTLS;" in nginx configuration. On FreeBSD, kernel TLS is available starting with FreeBSD 13.0, and can be enabled with "sysctl kern.ipc.tls.enable=1" and "kldload ktls_ocf" to load a software backend, see man ktls(4) for details. On Linux, kernel TLS is available starting with kernel 4.13 (at least 5.2 is recommended), and needs kernel compiled with CONFIG_TLS=y (with CONFIG_TLS=m, which is used at least on Ubuntu 21.04 by default, the tls module needs to be loaded with "modprobe tls").
2021-10-21 12:44:07 -03:00
if (c->ssl && !c->ssl->sendfile) {
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
r->main_filter_need_in_memory = 1;
}
#endif
nginx-0.2.5-RELEASE import *) Change: the duplicate value of the ngx_http_geo_module variable now causes the warning and changes old value. *) Feature: the ngx_http_ssi_module supports the "set" command. *) Feature: the ngx_http_ssi_module supports the "file" parameter in the "include" command. *) Feature: the ngx_http_ssi_module supports the variable value substitutions in expressions of the "if" command.
2005-10-04 06:38:53 -04:00
r->main = r;
request reference counter
2009-08-26 12:04:05 -04:00
r->count = 1;
nginx-0.2.5-RELEASE import *) Change: the duplicate value of the ngx_http_geo_module variable now causes the warning and changes old value. *) Feature: the ngx_http_ssi_module supports the "set" command. *) Feature: the ngx_http_ssi_module supports the "file" parameter in the "include" command. *) Feature: the ngx_http_ssi_module supports the variable value substitutions in expressions of the "if" command.
2005-10-04 06:38:53 -04:00
$request_time has millisecond precision
2007-04-21 03:50:19 -04:00
tp = ngx_timeofday();
r->start_sec = tp->sec;
r->start_msec = tp->msec;
nginx-0.1.23-RELEASE import *) Feature: the ngx_http_ssi_filter_module and the ssi, ssi_silent_errors, and ssi_min_file_chunk directives. The 'echo var="HTTP_..." default=""' and 'echo var="REMOTE_ADDR"' commands are supported. *) Feature: the %request_time log parameter. *) Feature: if the request has no the "Host" header line, then the "proxy_preserve_host" directive set this header line to the first server name of the "server_name" directive. *) Bugfix: nginx could not be built on platforms different from i386, amd64, sparc, and ppc; the bug had appeared in 0.1.22. *) Bugfix: the ngx_http_autoindex_module now shows the information not about the symlink, but about file or directory it points to. *) Bugfix: the %apache_length parameter logged the negative length of the response header if the no response was transferred to a client.
2005-03-01 12:20:36 -03:00
nginx-0.3.37-RELEASE import *) Feature: the "limit_except" directive. *) Feature: the "if" directive supports the "!~", "!~*", "-f", and "!-f" operators. *) Feature: the ngx_http_perl_module supports the $r->request_body method. *) Bugfix: in the ngx_http_addition_filter_module.
2006-04-07 10:08:04 -04:00
r->method = NGX_HTTP_UNKNOWN;
Assume the HTTP/1.0 version by default. It is believed to be better than fallback to HTTP/0.9, because most of the clients at present time support HTTP/1.0. It allows nginx to return error response code for them in cases when it fail to parse request line, and therefore fail to detect client protocol version. Even if the client does not support HTTP/1.0, this assumption should not cause any harm, since from the HTTP/0.9 point of view it still a valid response.
2013-09-01 19:45:14 -04:00
r->http_version = NGX_HTTP_VERSION_10;
nginx-0.3.37-RELEASE import *) Feature: the "limit_except" directive. *) Feature: the "if" directive supports the "!~", "!~*", "-f", and "!-f" operators. *) Feature: the ngx_http_perl_module supports the $r->request_body method. *) Bugfix: in the ngx_http_addition_filter_module.
2006-04-07 10:08:04 -04:00
nginx-0.0.1-2003-04-25-18:43:13 import
2003-04-25 10:43:13 -04:00
r->headers_in.content_length_n = -1;
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
r->headers_in.keep_alive_n = -1;
r->headers_out.content_length_n = -1;
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
r->headers_out.last_modified_time = -1;
nginx-0.3.59-RELEASE import *) Feature: now is possible to do several redirection using the "error_page" directive. *) Bugfix: the "dav_access" directive did not support three parameters. *) Bugfix: the "error_page" directive did not changes the "Content-Type" header line after the "X-Accel-Redirect" was used; the bug had appeared in 0.3.58.
2006-08-16 09:09:33 -04:00
r->uri_changes = NGX_HTTP_MAX_URI_CHANGES + 1;
r->subrequests = NGX_HTTP_MAX_SUBREQUESTS + 1;
nginx-0.0.7-2004-06-24-20:07:04 import
2004-06-24 12:07:04 -04:00
r->http_state = NGX_HTTP_READING_REQUEST_STATE;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
r->log_handler = ngx_http_log_error_handler;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
return r;
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
}
#if (NGX_HTTP_SSL)
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
ngx_http_ssl_handshake(ngx_event_t *rev)
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
{
SSL: set TCP_NODELAY on SSL connections before handshake. With OpenSSL 1.1.0+, the workaround for handshake buffer size as introduced in a720f0b0e083 (ticket #413) no longer works, as OpenSSL no longer exposes handshake buffers, see https://github.com/openssl/openssl/commit/2e7dc7cd688. Moreover, it is no longer possible to adjust handshake buffers at all now. To avoid additional RTT if handshake uses more than 4k we now set TCP_NODELAY on SSL connections before handshake. While this still results in sub-optimal network utilization due to incomplete packets being sent, it seems to be better than nothing.
2017-05-29 09:34:29 -04:00
u_char *p, buf[NGX_PROXY_PROTOCOL_MAX_HEADER + 1];
size_t size;
ssize_t n;
ngx_err_t err;
ngx_int_t rc;
ngx_connection_t *c;
ngx_http_connection_t *hc;
ngx_http_ssl_srv_conf_t *sscf;
ngx_http_core_loc_conf_t *clcf;
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
ngx_http_core_srv_conf_t *cscf;
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
c = rev->data;
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
hc = c->data;
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0,
"http check ssl handshake");
if (rev->timedout) {
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
ngx_http_close_connection(c);
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
return;
}
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
if (c->close) {
ngx_http_close_connection(c);
return;
}
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
size = hc->proxy_protocol ? sizeof(buf) : 1;
n = recv(c->fd, (char *) buf, size, MSG_PEEK);
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
err = ngx_socket_errno;
add code missed in r1830
2008-01-08 17:51:06 -03:00
Fixed logging.
2016-03-30 20:33:57 -03:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, rev->log, 0, "http recv(): %z", n);
add code missed in r1830
2008-01-08 17:51:06 -03:00
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
if (n == -1) {
if (err == NGX_EAGAIN) {
SSL: reset ready flag if recv(MSG_PEEK) found no bytes in socket. Previously, connection hung after calling ngx_http_ssl_handshake() with rev->ready set and no bytes in socket to read. It's possible in at least the following cases: - when processing a connection with expired TCP_DEFER_ACCEPT on Linux - after parsing PROXY protocol header if it arrived in a separate TCP packet Thanks to James Hamlin.
2015-03-02 15:15:46 -03:00
rev->ready = 0;
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
if (!rev->timer_set) {
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx,
ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
ngx_reusable_connection(c, 1);
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
}
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
ngx_http_close_connection(c);
}
return;
add code missed in r1856
2008-01-09 05:21:57 -03:00
}
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
ngx_connection_error(c, err, "recv() failed");
ngx_http_close_connection(c);
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
return;
}
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
if (hc->proxy_protocol) {
hc->proxy_protocol = 0;
Core: renamed ngx_proxy_protocol_parse to ngx_proxy_protocol_read. The new name is consistent with the ngx_proxy_protocol_write function.
2015-06-16 07:45:19 -03:00
p = ngx_proxy_protocol_read(c, buf, buf + n);
Added server-side support for PROXY protocol v1 (ticket #355). Client address specified in the PROXY protocol header is now saved in the $proxy_protocol_addr variable and can be used in the realip module. This is currently not implemented for mail.
2014-03-17 10:41:24 -03:00
if (p == NULL) {
ngx_http_close_connection(c);
return;
}
size = p - buf;
if (c->recv(c, buf, size) != (ssize_t) size) {
ngx_http_close_connection(c);
return;
}
c->log->action = "SSL handshaking";
if (n == (ssize_t) size) {
ngx_post_event(rev, &ngx_posted_events);
return;
}
n = 1;
buf[0] = *p;
}
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
if (n == 1) {
fix recognition of SSLv2 Client Hello Packet large than 255 bytes
2010-07-05 09:35:20 -04:00
if (buf[0] & 0x80 /* SSLv2 */ || buf[0] == 0x16 /* SSLv3/TLSv1 */) {
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, rev->log, 0,
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
"https ssl handshake: 0x%02Xd", buf[0]);
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
SSL: set TCP_NODELAY on SSL connections before handshake. With OpenSSL 1.1.0+, the workaround for handshake buffer size as introduced in a720f0b0e083 (ticket #413) no longer works, as OpenSSL no longer exposes handshake buffers, see https://github.com/openssl/openssl/commit/2e7dc7cd688. Moreover, it is no longer possible to adjust handshake buffers at all now. To avoid additional RTT if handshake uses more than 4k we now set TCP_NODELAY on SSL connections before handshake. While this still results in sub-optimal network utilization due to incomplete packets being sent, it seems to be better than nothing.
2017-05-29 09:34:29 -04:00
clcf = ngx_http_get_module_loc_conf(hc->conf_ctx,
ngx_http_core_module);
if (clcf->tcp_nodelay && ngx_tcp_nodelay(c) != NGX_OK) {
ngx_http_close_connection(c);
return;
}
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
sscf = ngx_http_get_module_srv_conf(hc->conf_ctx,
ngx_http_ssl_module);
if (ngx_ssl_create_connection(&sscf->ssl, c, NGX_SSL_BUFFER)
!= NGX_OK)
{
ngx_http_close_connection(c);
return;
}
Disabled connection reuse while in SSL handshake. During SSL handshake, the connection could be reused in the OCSP stapling callback, if configured, which subsequently leads to a segmentation fault.
2020-02-27 13:03:21 -03:00
ngx_reusable_connection(c, 0);
nginx-0.0.7-2004-07-18-23:11:20 import
2004-07-18 15:11:20 -04:00
rc = ngx_ssl_handshake(c);
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
if (rc == NGX_AGAIN) {
fix socket leak if deferred accept was used
2008-01-04 06:32:12 -03:00
if (!rev->timer_set) {
Core: removed post_accept_timeout. Keeping post_accept_timeout in ngx_listening_t is no longer needed since we've switched to 1 second timeout for deferred accept in 5541:fdb67cfc957d. Further, using it in HTTP code can result in client_header_timeout being used from an incorrect server block, notably if address-specific virtual servers are used along with a wildcard listening socket, or if we've switched to a different server block based on SNI in SSL handshake.
2021-01-19 14:32:00 -03:00
cscf = ngx_http_get_module_srv_conf(hc->conf_ctx,
ngx_http_core_module);
ngx_add_timer(rev, cscf->client_header_timeout);
fix socket leak if deferred accept was used
2008-01-04 06:32:12 -03:00
}
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
c->ssl->handler = ngx_http_ssl_handshake_handler;
nginx-0.0.7-2004-07-18-23:11:20 import
2004-07-18 15:11:20 -04:00
return;
}
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
ngx_http_ssl_handshake_handler(c);
return;
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
}
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0, "plain http");
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
c->log->action = "waiting for request";
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
rev->handler = ngx_http_wait_request_handler;
ngx_http_wait_request_handler(rev);
*) listen ssl *) no default ssl_cetificate and ssl_cetificate_key
2008-09-01 10:19:01 -04:00
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
return;
}
ngx_log_error(NGX_LOG_INFO, c->log, 0, "client closed connection");
ngx_http_close_connection(c);
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
}
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
static void
ngx_http_ssl_handshake_handler(ngx_connection_t *c)
{
if (c->ssl->handshaked) {
/*
* The majority of browsers do not send the "close notify" alert.
* Among them are MSIE, old Mozilla, Netscape 4, Konqueror,
* and Links. And what is more, MSIE ignores the server's alert.
*
* Opera and recent Mozilla send the alert.
*/
c->ssl->no_wait_shutdown = 1;
The HTTP/2 implementation (RFC 7240, 7241). The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 14:13:06 -03:00
#if (NGX_HTTP_V2 \
HTTP/2: removed support for NPN. NPN was replaced with ALPN, published as RFC 7301 in July 2014. It used to negotiate SPDY (and, in transition, HTTP/2). NPN supported appeared in OpenSSL 1.0.1. It does not work with TLSv1.3 [1]. ALPN is supported since OpenSSL 1.0.2. The NPN support was dropped in Firefox 53 [2] and Chrome 51 [3]. [1] https://github.com/openssl/openssl/issues/3665. [2] https://bugzilla.mozilla.org/show_bug.cgi?id=1248198 [3] https://www.chromestatus.com/feature/5767920709795840
2021-10-15 04:02:15 -03:00
&& defined TLSEXT_TYPE_application_layer_protocol_negotiation)
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
{
SSL: only select HTTP/2 using NPN if "http2" is enabled. OpenSSL doesn't check if the negotiated protocol has been announced. As a result, the client might force using HTTP/2 even if it wasn't enabled in configuration.
2015-11-05 09:01:09 -03:00
unsigned int len;
const unsigned char *data;
ngx_http_connection_t *hc;
hc = c->data;
if (hc->addr_conf->http2) {
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
SSL: only select HTTP/2 using NPN if "http2" is enabled. OpenSSL doesn't check if the negotiated protocol has been announced. As a result, the client might force using HTTP/2 even if it wasn't enabled in configuration.
2015-11-05 09:01:09 -03:00
SSL_get0_alpn_selected(c->ssl->connection, &data, &len);
SSL: support ALPN (IETF's successor to NPN). Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-01-28 20:33:49 -03:00
SSL: only select HTTP/2 using NPN if "http2" is enabled. OpenSSL doesn't check if the negotiated protocol has been announced. As a result, the client might force using HTTP/2 even if it wasn't enabled in configuration.
2015-11-05 09:01:09 -03:00
if (len == 2 && data[0] == 'h' && data[1] == '2') {
ngx_http_v2_init(c->read);
return;
}
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
}
}
#endif
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
c->log->action = "waiting for request";
Fixed log->action after ssl handshake.
2012-04-16 10:05:20 -03:00
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
c->read->handler = ngx_http_wait_request_handler;
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
/* STUB: epoll edge */ c->write->handler = ngx_http_empty_handler;
Allow to reuse connections that wait their first request. This should improve behavior under deficiency of connections. Since SSL handshake usually takes significant amount of time, we exclude connections from reusable queue during this period to avoid premature flush of them.
2013-03-15 16:49:54 -03:00
ngx_reusable_connection(c, 1);
Create request object only after the first byte was received. Previously, we always created an object and logged 400 (Bad Request) in access log if a client closed connection without sending any data. Such a connection was counted as "reading". Since it's common for modern browsers to behave like this, it's no longer considered an error if a client closes connection without sending any data, and such a connection will be counted as "waiting". Now, we do not log 400 (Bad Request) and keep memory footprint as small as possible.
2013-03-07 14:21:50 -03:00
ngx_http_wait_request_handler(c->read);
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
return;
}
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
if (c->read->timedout) {
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
}
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
ngx_http_close_connection(c);
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
}
Style.
2019-02-25 10:41:08 -03:00
SNI support
2007-05-29 11:21:09 -04:00
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
int
ngx_http_ssl_servername(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg)
{
SSL: server name callback changed to return fatal errors. Notably this affects various allocation errors, and should generally improve things if an allocation error actually happens during a callback. Depending on the OpenSSL version, returning an error can result in either SSL_R_CALLBACK_FAILED or SSL_R_CLIENTHELLO_TLSEXT error from SSL_do_handshake(), so both errors were switched to the "info" level.
2019-03-03 10:48:06 -03:00
ngx_int_t rc;
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
ngx_str_t host;
const char *servername;
ngx_connection_t *c;
ngx_http_connection_t *hc;
ngx_http_ssl_srv_conf_t *sscf;
ngx_http_core_loc_conf_t *clcf;
ngx_http_core_srv_conf_t *cscf;
SNI support
2007-05-29 11:21:09 -04:00
c = ngx_ssl_get_connection(ssl_conn);
SSL: fixed segfault on renegotiation (ticket #1646). In e3ba4026c02d (1.15.4) nginx own renegotiation checks were disabled if SSL_OP_NO_RENEGOTIATION is available. But since SSL_OP_NO_RENEGOTIATION is only set on a connection, not in an SSL context, SSL_clear_option() removed it as long as a matching virtual server was found. This resulted in a segmentation fault similar to the one fixed in a6902a941279 (1.9.8), affecting nginx built with OpenSSL 1.1.0h or higher. To fix this, SSL_OP_NO_RENEGOTIATION is now explicitly set in ngx_http_ssl_servername() after adjusting options. Additionally, instead of c->ssl->renegotiation we now check c->ssl->handshaked, which seems to be a more correct flag to test, and will prevent the segmentation fault from happening even if SSL_OP_NO_RENEGOTIATION is not working.
2018-10-02 11:46:18 -03:00
if (c->ssl->handshaked) {
SSL: server name callback changed to return fatal errors. Notably this affects various allocation errors, and should generally improve things if an allocation error actually happens during a callback. Depending on the OpenSSL version, returning an error can result in either SSL_R_CALLBACK_FAILED or SSL_R_CLIENTHELLO_TLSEXT error from SSL_do_handshake(), so both errors were switched to the "info" level.
2019-03-03 10:48:06 -03:00
*ad = SSL_AD_NO_RENEGOTIATION;
return SSL_TLSEXT_ERR_ALERT_FATAL;
SSL: fixed possible segfault on renegotiation (ticket #845). Skip SSL_CTX_set_tlsext_servername_callback in case of renegotiation. Do nothing in SNI callback as in this case it will be supplied with request in c->data which isn't expected and doesn't work this way. This was broken by b40af2fd1c16 (1.9.6) with OpenSSL master branch and LibreSSL.
2015-12-08 10:59:43 -03:00
}
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
hc = c->data;
SSL: moved c->ssl->handshaked check in server name callback. Server name callback is always called by OpenSSL, even if server_name extension is not present in ClientHello. As such, checking c->ssl->handshaked before the SSL_get_servername() result should help to more effectively prevent renegotiation in OpenSSL 1.1.0 - 1.1.0g, where neither SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS nor SSL_OP_NO_RENEGOTIATION is available.
2019-03-05 10:34:19 -03:00
servername = SSL_get_servername(ssl_conn, TLSEXT_NAMETYPE_host_name);
if (servername == NULL) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
"SSL server name: null");
goto done;
SSL: moved c->ssl->handshaked check in server name callback. Server name callback is always called by OpenSSL, even if server_name extension is not present in ClientHello. As such, checking c->ssl->handshaked before the SSL_get_servername() result should help to more effectively prevent renegotiation in OpenSSL 1.1.0 - 1.1.0g, where neither SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS nor SSL_OP_NO_RENEGOTIATION is available.
2019-03-05 10:34:19 -03:00
}
SNI support
2007-05-29 11:21:09 -04:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
"SSL server name: \"%s\"", servername);
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
host.len = ngx_strlen(servername);
server_name "" support
2008-08-21 08:56:10 -04:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
if (host.len == 0) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto done;
server_name "" support
2008-08-21 08:56:10 -04:00
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
host.data = (u_char *) servername;
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
SSL: server name callback changed to return fatal errors. Notably this affects various allocation errors, and should generally improve things if an allocation error actually happens during a callback. Depending on the OpenSSL version, returning an error can result in either SSL_R_CALLBACK_FAILED or SSL_R_CLIENTHELLO_TLSEXT error from SSL_do_handshake(), so both errors were switched to the "info" level.
2019-03-03 10:48:06 -03:00
rc = ngx_http_validate_host(&host, c->pool, 1);
if (rc == NGX_ERROR) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto error;
SSL: server name callback changed to return fatal errors. Notably this affects various allocation errors, and should generally improve things if an allocation error actually happens during a callback. Depending on the OpenSSL version, returning an error can result in either SSL_R_CALLBACK_FAILED or SSL_R_CLIENTHELLO_TLSEXT error from SSL_do_handshake(), so both errors were switched to the "info" level.
2019-03-03 10:48:06 -03:00
}
if (rc == NGX_DECLINED) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto done;
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
}
SSL: server name callback changed to return fatal errors. Notably this affects various allocation errors, and should generally improve things if an allocation error actually happens during a callback. Depending on the OpenSSL version, returning an error can result in either SSL_R_CALLBACK_FAILED or SSL_R_CLIENTHELLO_TLSEXT error from SSL_do_handshake(), so both errors were switched to the "info" level.
2019-03-03 10:48:06 -03:00
rc = ngx_http_find_virtual_server(c, hc->addr_conf->virtual_names, &host,
NULL, &cscf);
if (rc == NGX_ERROR) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto error;
SSL: server name callback changed to return fatal errors. Notably this affects various allocation errors, and should generally improve things if an allocation error actually happens during a callback. Depending on the OpenSSL version, returning an error can result in either SSL_R_CALLBACK_FAILED or SSL_R_CLIENTHELLO_TLSEXT error from SSL_do_handshake(), so both errors were switched to the "info" level.
2019-03-03 10:48:06 -03:00
}
if (rc == NGX_DECLINED) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto done;
SNI support
2007-05-29 11:21:09 -04:00
}
SNI: avoid surplus lookup of virtual server if SNI was used.
2013-02-27 14:33:59 -03:00
hc->ssl_servername = ngx_palloc(c->pool, sizeof(ngx_str_t));
if (hc->ssl_servername == NULL) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto error;
SNI: avoid surplus lookup of virtual server if SNI was used.
2013-02-27 14:33:59 -03:00
}
*hc->ssl_servername = host;
SNI: reuse selected configuration for all requests in a connection. Previously, only the first request in a connection was assigned the configuration selected by SNI. All subsequent requests initially used the default server's configuration, ignoring SNI, which was wrong. Now all subsequent requests in a connection will initially use the configuration selected by SNI. This is done by storing a pointer to configuration in http connection object. It points to default server's configuration initially, but changed upon receipt of SNI. (The request's configuration can be further refined when parsing the request line and Host: header.) This change was not made specific to SNI as it also allows slightly faster access to configuration without the request object.
2013-02-27 14:12:48 -03:00
hc->conf_ctx = cscf->ctx;
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
clcf = ngx_http_get_module_loc_conf(hc->conf_ctx, ngx_http_core_module);
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
Core: the ngx_set_connection_log() macro. The http and stream versions of this macro were identical.
2015-04-25 16:44:02 -03:00
ngx_set_connection_log(c, clcf->error_log);
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
sscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_ssl_module);
SNI support
2007-05-29 11:21:09 -04:00
SSL: fixed ssl_buffer_size on SNI virtual hosts (ticket #1192). Previously, buffer size was not changed from the one saved during initial ngx_ssl_create_connection(), even if the buffer itself was not yet created. Fix is to change c->ssl->buffer_size in the SNI callback. Note that it should be also possible to update buffer size even in non-SNI virtual hosts as long as the buffer is not yet allocated. This looks like an overcomplication though.
2017-02-02 14:29:16 -03:00
c->ssl->buffer_size = sscf->buffer_size;
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
if (sscf->ssl.ctx) {
SSL: abort handshake on SSL_set_SSL_CTX() errors. In rare cases, such as memory allocation failure, SSL_set_SSL_CTX() returns NULL, which could mean that a different SSL configuration has not been set. Note that this new behaviour seemingly originated in OpenSSL-1.1.0 release.
2020-09-24 09:51:29 -03:00
if (SSL_set_SSL_CTX(ssl_conn, sscf->ssl.ctx) == NULL) {
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
goto error;
SSL: abort handshake on SSL_set_SSL_CTX() errors. In rare cases, such as memory allocation failure, SSL_set_SSL_CTX() returns NULL, which could mean that a different SSL configuration has not been set. Note that this new behaviour seemingly originated in OpenSSL-1.1.0 release.
2020-09-24 09:51:29 -03:00
}
SNI support
2007-05-29 11:21:09 -04:00
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
/*
* SSL_set_SSL_CTX() only changes certs as of 1.0.0d
* adjust other things we care about
*/
Better handling of various per-server ssl options with SNI. SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket.
2011-08-23 11:36:31 -03:00
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
SSL_set_verify(ssl_conn, SSL_CTX_get_verify_mode(sscf->ssl.ctx),
SSL_CTX_get_verify_callback(sscf->ssl.ctx));
Better handling of various per-server ssl options with SNI. SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket.
2011-08-23 11:36:31 -03:00
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
SSL_set_verify_depth(ssl_conn, SSL_CTX_get_verify_depth(sscf->ssl.ctx));
Better handling of various per-server ssl options with SNI. SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket.
2011-08-23 11:36:31 -03:00
SSL: fixed SSL_clear_options() usage with OpenSSL 1.1.0+. In OpenSSL 1.1.0 the SSL_CTRL_CLEAR_OPTIONS macro was removed, so conditional compilation test on it results in SSL_clear_options() and SSL_CTX_clear_options() not being used. Notably, this caused "ssl_prefer_server_ciphers off" to not work in SNI-based virtual servers if server preference was switched on in the default server. It looks like the only possible fix is to test OPENSSL_VERSION_NUMBER explicitly.
2018-07-16 10:47:20 -04:00
#if OPENSSL_VERSION_NUMBER >= 0x009080dfL
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
/* only in 0.9.8m+ */
SSL_clear_options(ssl_conn, SSL_get_options(ssl_conn) &
~SSL_CTX_get_options(sscf->ssl.ctx));
Better handling of various per-server ssl options with SNI. SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket.
2011-08-23 11:36:31 -03:00
#endif
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
SSL_set_options(ssl_conn, SSL_CTX_get_options(sscf->ssl.ctx));
SSL: fixed segfault on renegotiation (ticket #1646). In e3ba4026c02d (1.15.4) nginx own renegotiation checks were disabled if SSL_OP_NO_RENEGOTIATION is available. But since SSL_OP_NO_RENEGOTIATION is only set on a connection, not in an SSL context, SSL_clear_option() removed it as long as a matching virtual server was found. This resulted in a segmentation fault similar to the one fixed in a6902a941279 (1.9.8), affecting nginx built with OpenSSL 1.1.0h or higher. To fix this, SSL_OP_NO_RENEGOTIATION is now explicitly set in ngx_http_ssl_servername() after adjusting options. Additionally, instead of c->ssl->renegotiation we now check c->ssl->handshaked, which seems to be a more correct flag to test, and will prevent the segmentation fault from happening even if SSL_OP_NO_RENEGOTIATION is not working.
2018-10-02 11:46:18 -03:00
#ifdef SSL_OP_NO_RENEGOTIATION
SSL_set_options(ssl_conn, SSL_OP_NO_RENEGOTIATION);
QUIC: clear SSL_OP_ENABLE_MIDDLEBOX_COMPAT on SSL context switch. The SSL_OP_ENABLE_MIDDLEBOX_COMPAT option is provided by QuicTLS and enabled by default in the newly created SSL contexts. SSL_set_quic_method() is used to clear it, which is required for SSL handshake to work on QUIC connections. Switching context in the ngx_http_ssl_servername() SNI callback overrides SSL options from the new SSL context. This results in the option set again. Fix is to explicitly clear it when switching to another SSL context. Initially reported here (in Russian): http://mailman.nginx.org/pipermail/nginx-ru/2021-November/063989.html
2021-12-07 09:49:51 -03:00
#endif
#ifdef SSL_OP_ENABLE_MIDDLEBOX_COMPAT
QUIC: fixed e06283038ec8 mis-merge. The NGX_HTTP_QUIC macro was removed in 33226ac61076.
2021-12-09 05:15:25 -03:00
#if (NGX_HTTP_V3)
QUIC: clear SSL_OP_ENABLE_MIDDLEBOX_COMPAT on SSL context switch. The SSL_OP_ENABLE_MIDDLEBOX_COMPAT option is provided by QuicTLS and enabled by default in the newly created SSL contexts. SSL_set_quic_method() is used to clear it, which is required for SSL handshake to work on QUIC connections. Switching context in the ngx_http_ssl_servername() SNI callback overrides SSL options from the new SSL context. This results in the option set again. Fix is to explicitly clear it when switching to another SSL context. Initially reported here (in Russian): http://mailman.nginx.org/pipermail/nginx-ru/2021-November/063989.html
2021-12-07 09:49:51 -03:00
if (c->listening->quic) {
SSL_clear_options(ssl_conn, SSL_OP_ENABLE_MIDDLEBOX_COMPAT);
}
#endif
SSL: fixed segfault on renegotiation (ticket #1646). In e3ba4026c02d (1.15.4) nginx own renegotiation checks were disabled if SSL_OP_NO_RENEGOTIATION is available. But since SSL_OP_NO_RENEGOTIATION is only set on a connection, not in an SSL context, SSL_clear_option() removed it as long as a matching virtual server was found. This resulted in a segmentation fault similar to the one fixed in a6902a941279 (1.9.8), affecting nginx built with OpenSSL 1.1.0h or higher. To fix this, SSL_OP_NO_RENEGOTIATION is now explicitly set in ngx_http_ssl_servername() after adjusting options. Additionally, instead of c->ssl->renegotiation we now check c->ssl->handshaked, which seems to be a more correct flag to test, and will prevent the segmentation fault from happening even if SSL_OP_NO_RENEGOTIATION is not working.
2018-10-02 11:46:18 -03:00
#endif
Fixed segfault on ssl servers without cert with SNI (ticket #54). Non-default servers may not have ssl context created if there are no certificate defined. Make sure to check if ssl context present before using it.
2011-11-22 13:27:45 -03:00
}
Better handling of various per-server ssl options with SNI. SSL_set_SSL_CTX() doesn't touch values cached within ssl connection structure, it only changes certificates (at least as of now, OpenSSL 1.0.0d and earlier). As a result settings like ssl_verify_client, ssl_verify_depth, ssl_prefer_server_ciphers are only configurable on per-socket basis while with SNI it should be possible to specify them different for two servers listening on the same socket. Workaround is to explicitly re-apply settings we care about from context to ssl connection in servername callback. Note that SSL_clear_options() is only available in OpenSSL 0.9.8m+. I.e. with older versions it is not possible to clear ssl_prefer_server_ciphers option if it's set in default server for a socket.
2011-08-23 11:36:31 -03:00
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
done:
sscf = ngx_http_get_module_srv_conf(hc->conf_ctx, ngx_http_ssl_module);
if (sscf->reject_handshake) {
c->ssl->handshake_rejected = 1;
*ad = SSL_AD_UNRECOGNIZED_NAME;
return SSL_TLSEXT_ERR_ALERT_FATAL;
}
SNI support
2007-05-29 11:21:09 -04:00
return SSL_TLSEXT_ERR_OK;
SSL: ssl_reject_handshake directive (ticket #195). In some cases it might be needed to reject SSL handshake based on SNI server name provided, for example, to make sure an invalid certificate is not returned to clients trying to contact a name-based virtual server without SSL configured. Previously, a "ssl_ciphers aNULL;" was used for this. This workaround, however, is not compatible with TLSv1.3, in particular, when using BoringSSL, where it is not possible to configure TLSv1.3 ciphers at all. With this change, the ssl_reject_handshake directive is introduced, which instructs nginx to reject SSL handshakes with an "unrecognized_name" alert in a particular server block. For example, to reject handshake with names other than example.com, one can use the following configuration: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name example.com; ssl_certificate example.com.crt; ssl_certificate_key example.com.key; } The following configuration can be used to reject all SSL handshakes without SNI server name provided: server { listen 443 ssl; ssl_reject_handshake on; } server { listen 443 ssl; server_name ~^; ssl_certificate example.crt; ssl_certificate_key example.key; } Additionally, the ssl_reject_handshake directive makes configuring certificates for the default server block optional. If no certificates are configured in the default server for a given listening socket, certificates must be defined in all non-default server blocks with the listening socket in question.
2020-10-22 12:02:28 -03:00
error:
*ad = SSL_AD_INTERNAL_ERROR;
return SSL_TLSEXT_ERR_ALERT_FATAL;
SNI support
2007-05-29 11:21:09 -04:00
}
#endif
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
#ifdef SSL_R_CERT_CB_ERROR
int
ngx_http_ssl_certificate(ngx_ssl_conn_t *ssl_conn, void *arg)
{
ngx_str_t cert, key;
ngx_uint_t i, nelts;
ngx_connection_t *c;
ngx_http_request_t *r;
ngx_http_ssl_srv_conf_t *sscf;
ngx_http_complex_value_t *certs, *keys;
c = ngx_ssl_get_connection(ssl_conn);
if (c->ssl->handshaked) {
return 0;
}
r = ngx_http_alloc_request(c);
if (r == NULL) {
return 0;
}
r->logged = 1;
SSL: fixed possible segfault with dynamic certificates. A virtual server may have no SSL context if it does not have certificates defined, so we have to use config of the ngx_http_ssl_module from the SSL context in the certificate callback. To do so, it is now passed as the argument of the callback. The stream module doesn't really need any changes, but was modified as well to match http code.
2019-02-25 15:16:26 -03:00
sscf = arg;
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
nelts = sscf->certificate_values->nelts;
certs = sscf->certificate_values->elts;
keys = sscf->certificate_key_values->elts;
for (i = 0; i < nelts; i++) {
if (ngx_http_complex_value(r, &certs[i], &cert) != NGX_OK) {
goto failed;
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
"ssl cert: \"%s\"", cert.data);
if (ngx_http_complex_value(r, &keys[i], &key) != NGX_OK) {
goto failed;
}
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
"ssl key: \"%s\"", key.data);
SSL: passwords support for dynamic certificate loading. Passwords have to be copied to the configuration pool to be used at runtime. Also, to prevent blocking on stdin (with "daemon off;") an empty password list is provided. To make things simpler, password handling was modified to allow an empty array (with 0 elements and elts set to NULL) as an equivalent of an array with 1 empty password.
2019-02-25 10:42:23 -03:00
if (ngx_ssl_connection_certificate(c, r->pool, &cert, &key,
sscf->passwords)
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
!= NGX_OK)
{
goto failed;
}
}
ngx_http_free_request(r, 0);
Fixed log action when using SSL certificates with variables. When variables are used in ssl_certificate or ssl_certificate_key, a request is created in the certificate callback to evaluate the variables, and then freed. Freeing it, however, updates c->log->action to "closing request", resulting in confusing error messages like "client timed out ... while closing request" when a client times out during the SSL handshake. Fix is to restore c->log->action after calling ngx_http_free_request().
2021-05-24 11:23:42 -04:00
c->log->action = "SSL handshaking";
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
c->destroyed = 0;
return 1;
failed:
ngx_http_free_request(r, 0);
Fixed log action when using SSL certificates with variables. When variables are used in ssl_certificate or ssl_certificate_key, a request is created in the certificate callback to evaluate the variables, and then freed. Freeing it, however, updates c->log->action to "closing request", resulting in confusing error messages like "client timed out ... while closing request" when a client times out during the SSL handshake. Fix is to restore c->log->action after calling ngx_http_free_request().
2021-05-24 11:23:42 -04:00
c->log->action = "SSL handshaking";
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
c->destroyed = 0;
return 0;
}
#endif
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
#endif
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
ngx_http_process_request_line(ngx_event_t *rev)
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
{
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
ssize_t n;
ngx_int_t rc, rv;
ngx_str_t host;
ngx_connection_t *c;
ngx_http_request_t *r;
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.0.1-2003-05-19-20:39:14 import
2003-05-19 12:39:14 -04:00
c = rev->data;
r = c->data;
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
nginx-0.0.1-2003-12-09-18:08:11 import
2003-12-09 12:08:11 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0,
"http process request line");
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
if (rev->timedout) {
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
c->timedout = 1;
ngx_http_close_request(r, NGX_HTTP_REQUEST_TIME_OUT);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
return;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
}
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
rc = NGX_AGAIN;
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
for ( ;; ) {
nginx-0.0.1-2003-05-19-20:39:14 import
2003-05-19 12:39:14 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (rc == NGX_AGAIN) {
n = ngx_http_read_request_header(r);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (n == NGX_AGAIN || n == NGX_ERROR) {
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
nginx-0.0.1-2003-04-08-19:40:10 import
2003-04-08 11:40:10 -04:00
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
rc = ngx_http_parse_request_line(r, r->header_in);
nginx-0.0.1-2003-10-24-20:10:38 import
2003-10-24 13:10:38 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (rc == NGX_OK) {
nginx-0.0.1-2003-11-28-20:41:47 import
2003-11-28 14:41:47 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
/* the request line has been parsed successfully */
nginx-0.0.1-2003-11-28-20:41:47 import
2003-11-28 14:41:47 -03:00
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
r->request_line.len = r->request_end - r->request_start;
r->request_line.data = r->request_start;
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
r->request_length = r->header_in->pos - r->request_start;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http request line: \"%V\"", &r->request_line);
nginx-0.0.1-2003-03-04-09:33:48 import
2003-03-04 03:33:48 -03:00
HTTP/3: eliminated r->method_start. The field was introduced to ease parsing HTTP/3 requests. The change reduces diff to the default branch.
2020-11-25 14:57:43 -03:00
r->method_name.len = r->method_end - r->request_start + 1;
r->method_name.data = r->request_line.data;
if (r->http_protocol.data) {
r->http_protocol.len = r->request_end - r->http_protocol.data;
}
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
if (ngx_http_process_request_uri(r) != NGX_OK) {
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
skip URI trailing dots under Win32
2009-07-14 04:51:20 -04:00
}
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
Added r->schema. For HTTP/1, it keeps scheme from the absolute form of URI. For HTTP/2, the :scheme request pseudo-header field value.
2018-06-07 13:01:41 -04:00
if (r->schema_end) {
r->schema.len = r->schema_end - r->schema_start;
r->schema.data = r->schema_start;
}
Removed extraneous check while processing request line.
2018-06-07 12:53:43 -04:00
if (r->host_end) {
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
host.len = r->host_end - r->host_start;
host.data = r->host_start;
rc = ngx_http_validate_host(&host, r->pool, 0);
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
if (rc == NGX_DECLINED) {
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent invalid host in request line");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
if (rc == NGX_ERROR) {
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
}
Apply server configuration as soon as host is known. Previously, this was done only after the whole request header was parsed, and if an error occurred earlier then the request was processed in the default server (or server chosen by SNI), while r->headers_in.server might be set to the value from the Host: header or host from request line. r->headers_in.server is in turn used for $host variable and in HTTP redirects if "server_name_in_redirect" is disabled. Without the change, configurations that rely on this during error handling are potentially unsafe if SNI is used. This change also allows to use server specific settings of "underscores_in_headers", "ignore_invalid_headers", and "large_client_header_buffers" directives for HTTP requests and HTTPS requests without SNI.
2013-02-27 14:27:15 -03:00
if (ngx_http_set_virtual_server(r, &host) == NGX_ERROR) {
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
Apply server configuration as soon as host is known. Previously, this was done only after the whole request header was parsed, and if an error occurred earlier then the request was processed in the default server (or server chosen by SNI), while r->headers_in.server might be set to the value from the Host: header or host from request line. r->headers_in.server is in turn used for $host variable and in HTTP redirects if "server_name_in_redirect" is disabled. Without the change, configurations that rely on this during error handling are potentially unsafe if SNI is used. This change also allows to use server specific settings of "underscores_in_headers", "ignore_invalid_headers", and "large_client_header_buffers" directives for HTTP requests and HTTPS requests without SNI.
2013-02-27 14:27:15 -03:00
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
r->headers_in.server = host;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (r->http_version < NGX_HTTP_VERSION_10) {
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Apply server configuration as soon as host is known. Previously, this was done only after the whole request header was parsed, and if an error occurred earlier then the request was processed in the default server (or server chosen by SNI), while r->headers_in.server might be set to the value from the Host: header or host from request line. r->headers_in.server is in turn used for $host variable and in HTTP redirects if "server_name_in_redirect" is disabled. Without the change, configurations that rely on this during error handling are potentially unsafe if SNI is used. This change also allows to use server specific settings of "underscores_in_headers", "ignore_invalid_headers", and "large_client_header_buffers" directives for HTTP requests and HTTPS requests without SNI.
2013-02-27 14:27:15 -03:00
if (r->headers_in.server.len == 0
&& ngx_http_set_virtual_server(r, &r->headers_in.server)
== NGX_ERROR)
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
{
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
ngx_http_process_request(r);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
nginx-0.0.3-2004-03-23-09:01:52 import
2004-03-23 02:01:52 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (ngx_list_init(&r->headers_in.headers, r->pool, 20,
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
sizeof(ngx_table_elt_t))
small optimization: " == NGX_ERROR" > " != NGX_OK"
2009-02-24 07:42:23 -03:00
!= NGX_OK)
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
{
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
nginx-0.0.3-2004-03-23-09:01:52 import
2004-03-23 02:01:52 -04:00
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->action = "reading client request headers";
nginx-0.0.1-2002-08-29-20:59:54 import
2002-08-29 12:59:54 -04:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
rev->handler = ngx_http_process_request_headers;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
ngx_http_process_request_headers(rev);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
if (rc != NGX_AGAIN) {
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
/* there was error while a request line parsing */
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
ngx_http_client_errors[rc - NGX_HTTP_CLIENT_ERROR]);
Don't pretend we support HTTP major versions >1 as HTTP/1.1.
2017-04-25 17:39:13 -03:00
if (rc == NGX_HTTP_PARSE_INVALID_VERSION) {
ngx_http_finalize_request(r, NGX_HTTP_VERSION_NOT_SUPPORTED);
} else {
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
}
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
/* NGX_AGAIN: a request line parsing is still incomplete */
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
if (r->header_in->pos == r->header_in->end) {
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
rv = ngx_http_alloc_large_header_buffer(r, 1);
nginx-0.0.1-2003-05-19-20:39:14 import
2003-05-19 12:39:14 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (rv == NGX_ERROR) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (rv == NGX_DECLINED) {
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
r->request_line.len = r->header_in->end - r->request_start;
r->request_line.data = r->request_start;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent too long URI");
ngx_http_finalize_request(r, NGX_HTTP_REQUEST_URI_TOO_LARGE);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
}
}
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
}
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
ngx_http_run_posted_requests(c);
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
}
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
ngx_int_t
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
ngx_http_process_request_uri(ngx_http_request_t *r)
{
ngx_http_core_srv_conf_t *cscf;
if (r->args_start) {
r->uri.len = r->args_start - 1 - r->uri_start;
} else {
r->uri.len = r->uri_end - r->uri_start;
}
Fixed parsing of absolute URIs with empty path (ticket #2079). When the request line contains request-target in the absolute-URI form, it can contain path-empty instead of a single slash (see RFC 7230, RFC 3986). Previously, the ngx_http_parse_request_line() function only accepted empty path when there was no query string. With this change, non-empty query is also correctly handled. That is, request line "GET http://example.com?foo HTTP/1.1" is accepted and results in $uri "/" and $args "foo". Note that $request_uri remains "?foo", similarly to how spaces in URIs are handled. Providing "/?foo", similarly to how "/" is provided for "GET http://example.com HTTP/1.1", requires allocation.
2020-12-10 14:09:30 -03:00
if (r->complex_uri || r->quoted_uri || r->empty_path_in_uri) {
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
Fixed parsing of absolute URIs with empty path (ticket #2079). When the request line contains request-target in the absolute-URI form, it can contain path-empty instead of a single slash (see RFC 7230, RFC 3986). Previously, the ngx_http_parse_request_line() function only accepted empty path when there was no query string. With this change, non-empty query is also correctly handled. That is, request line "GET http://example.com?foo HTTP/1.1" is accepted and results in $uri "/" and $args "foo". Note that $request_uri remains "?foo", similarly to how spaces in URIs are handled. Providing "/?foo", similarly to how "/" is provided for "GET http://example.com HTTP/1.1", requires allocation.
2020-12-10 14:09:30 -03:00
if (r->empty_path_in_uri) {
r->uri.len++;
}
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
Removed extra allocation for r->uri. The ngx_http_parse_complex_uri() function cannot make URI longer and does not null-terminate URI, so there is no need to allocate an extra byte. This allocation appears to be a leftover from changes in 461:a88a3e4e158f (0.1.5), where null-termination of r->uri and many other strings was removed.
2020-12-10 14:09:39 -03:00
r->uri.data = ngx_pnalloc(r->pool, r->uri.len);
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
if (r->uri.data == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
if (ngx_http_parse_complex_uri(r, cscf->merge_slashes) != NGX_OK) {
Reset of r->uri.len on URI parsing errors. This ensures that debug logging and the $uri variable (if used in 400 Bad Request processing) will not try to access uninitialized memory. Found by Sergey Bobrov.
2014-07-18 12:02:11 -04:00
r->uri.len = 0;
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid request");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
} else {
r->uri.data = r->uri_start;
}
r->unparsed_uri.len = r->uri_end - r->uri_start;
r->unparsed_uri.data = r->uri_start;
Disabled spaces in URIs (ticket #196). From now on, requests with spaces in URIs are immediately rejected rather than allowed. Spaces were allowed in 31e9677b15a1 (0.8.41) to handle bad clients. It is believed that now this behaviour causes more harm than good.
2021-06-28 11:01:13 -04:00
r->valid_unparsed_uri = r->empty_path_in_uri ? 0 : 1;
URI processing code moved to a separate function. This allows to reuse it in the upcoming SPDY module.
2013-03-20 06:36:27 -03:00
if (r->uri_ext) {
if (r->args_start) {
r->exten.len = r->args_start - 1 - r->uri_ext;
} else {
r->exten.len = r->uri_end - r->uri_ext;
}
r->exten.data = r->uri_ext;
}
if (r->args_start && r->uri_end > r->args_start) {
r->args.len = r->uri_end - r->args_start;
r->args.data = r->args_start;
}
#if (NGX_WIN32)
{
u_char *p, *last;
p = r->uri.data;
last = r->uri.data + r->uri.len;
while (p < last) {
if (*p++ == ':') {
/*
* this check covers "::$data", "::$index_allocation" and
* ":$i30:$index_allocation"
*/
if (p < last && *p == '$') {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent unsafe win32 URI");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
}
}
p = r->uri.data + r->uri.len - 1;
while (p > r->uri.data) {
if (*p == ' ') {
p--;
continue;
}
if (*p == '.') {
p--;
continue;
}
break;
}
if (p != r->uri.data + r->uri.len - 1) {
r->uri.len = p + 1 - r->uri.data;
ngx_http_set_exten(r);
}
}
#endif
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http uri: \"%V\"", &r->uri);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http args: \"%V\"", &r->args);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http exten: \"%V\"", &r->exten);
return NGX_OK;
}
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
ngx_http_process_request_headers(ngx_event_t *rev)
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
{
use %*s instead of %V
2009-09-01 08:35:52 -04:00
u_char *p;
size_t len;
nginx-0.1.28-RELEASE import *) Bugfix: nginx hogs CPU while proxying the huge files. *) Bugfix: nginx could not be built by gcc 4.0 on Linux.
2005-04-08 11:18:55 -04:00
ssize_t n;
ngx_int_t rc, rv;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ngx_table_elt_t *h;
nginx-0.1.28-RELEASE import *) Bugfix: nginx hogs CPU while proxying the huge files. *) Bugfix: nginx could not be built by gcc 4.0 on Linux.
2005-04-08 11:18:55 -04:00
ngx_connection_t *c;
ngx_http_header_t *hh;
ngx_http_request_t *r;
nginx-0.1.30-RELEASE import *) Bugfix: the worker process may got caught in an endless loop if the SSI was used. *) Bugfix: the response encrypted by SSL may not transferred complete. *) Bugfix: if the length of the response part received at once from proxied or FastCGI server was equal to 500, then nginx returns the 500 response code; in proxy mode the the bug had appeared in 0.1.29 only. *) Bugfix: nginx did not consider the directives with 8 or 9 parameters as invalid. *) Feature: the "return" directive can return the 204 response code. *) Feature: the "ignore_invalid_headers" directive.
2005-05-14 14:42:03 -04:00
ngx_http_core_srv_conf_t *cscf;
nginx-0.1.28-RELEASE import *) Bugfix: nginx hogs CPU while proxying the huge files. *) Bugfix: nginx could not be built by gcc 4.0 on Linux.
2005-04-08 11:18:55 -04:00
ngx_http_core_main_conf_t *cmcf;
nginx-0.0.1-2003-05-19-20:39:14 import
2003-05-19 12:39:14 -04:00
c = rev->data;
r = c->data;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.0.1-2003-11-30-23:03:18 import
2003-11-30 17:03:18 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, rev->log, 0,
"http process request header line");
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
if (rev->timedout) {
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT, "client timed out");
c->timedout = 1;
ngx_http_close_request(r, NGX_HTTP_REQUEST_TIME_OUT);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
return;
}
nginx-0.1.28-RELEASE import *) Bugfix: nginx hogs CPU while proxying the huge files. *) Bugfix: nginx could not be built by gcc 4.0 on Linux.
2005-04-08 11:18:55 -04:00
cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
rc = NGX_AGAIN;
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
nginx-0.0.1-2002-08-29-20:59:54 import
2002-08-29 12:59:54 -04:00
for ( ;; ) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (rc == NGX_AGAIN) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
if (r->header_in->pos == r->header_in->end) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
rv = ngx_http_alloc_large_header_buffer(r, 0);
if (rv == NGX_ERROR) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
if (rv == NGX_DECLINED) {
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
p = r->header_name_start;
use %*s instead of %V
2009-09-01 08:35:52 -04:00
introduce 494 code "Request Header Too Large"
2011-01-20 07:37:58 -03:00
r->lingering_close = 1;
fix segfault if there is single large_client_header_buffers and a request line fills it completely
2009-11-03 15:12:20 -03:00
if (p == NULL) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent too large request");
introduce 494 code "Request Header Too Large"
2011-01-20 07:37:58 -03:00
ngx_http_finalize_request(r,
NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
fix segfault if there is single large_client_header_buffers and a request line fills it completely
2009-11-03 15:12:20 -03:00
}
len = r->header_in->end - p;
use %*s instead of %V
2009-09-01 08:35:52 -04:00
if (len > NGX_MAX_ERROR_STR - 300) {
len = NGX_MAX_ERROR_STR - 300;
nginx-0.1.40-RELEASE import *) Bugfix: if a client sent too long header line, then the request information did not logged in the error log. *) Bugfix: the "Set-Cookie" header line was not transferred when the "X-Accel-Redirect" was used; the bug had appeared in 0.1.39. *) Bugfix: the "Content-Disposition" header line was not transferred when the "X-Accel-Redirect" was used. *) Bugfix: the master process did not close the listen socket on the SIGQUIT signal. *) Bugfix: after on-line upgrade on Linux and Solaris the process name became shorter in the "ps" command.
2005-07-25 05:41:38 -04:00
}
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
Fixed possible buffer overrun in "too long header line" logging. Additionally, ellipsis now always added to make it clear that the header logged is incomplete. Reported by Daniil Bondarev.
2014-10-08 10:16:04 -03:00
"client sent too long header line: \"%*s...\"",
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
len, r->header_name_start);
introduce 494 code "Request Header Too Large"
2011-01-20 07:37:58 -03:00
ngx_http_finalize_request(r,
NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
n = ngx_http_read_request_header(r);
nginx-0.0.1-2002-08-29-20:59:54 import
2002-08-29 12:59:54 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (n == NGX_AGAIN || n == NGX_ERROR) {
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
}
Apply server configuration as soon as host is known. Previously, this was done only after the whole request header was parsed, and if an error occurred earlier then the request was processed in the default server (or server chosen by SNI), while r->headers_in.server might be set to the value from the Host: header or host from request line. r->headers_in.server is in turn used for $host variable and in HTTP redirects if "server_name_in_redirect" is disabled. Without the change, configurations that rely on this during error handling are potentially unsafe if SNI is used. This change also allows to use server specific settings of "underscores_in_headers", "ignore_invalid_headers", and "large_client_header_buffers" directives for HTTP requests and HTTPS requests without SNI.
2013-02-27 14:27:15 -03:00
/* the host header could change the server configuration context */
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
rc = ngx_http_parse_header_line(r, r->header_in,
cscf->underscores_in_headers);
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
if (rc == NGX_OK) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
r->request_length += r->header_in->pos - r->header_name_start;
Corrected $request_length calculation for pipelined requests.
2012-07-06 00:27:06 -04:00
nginx-0.1.30-RELEASE import *) Bugfix: the worker process may got caught in an endless loop if the SSI was used. *) Bugfix: the response encrypted by SSL may not transferred complete. *) Bugfix: if the length of the response part received at once from proxied or FastCGI server was equal to 500, then nginx returns the 500 response code; in proxy mode the the bug had appeared in 0.1.29 only. *) Bugfix: nginx did not consider the directives with 8 or 9 parameters as invalid. *) Feature: the "return" directive can return the 204 response code. *) Feature: the "ignore_invalid_headers" directive.
2005-05-14 14:42:03 -04:00
if (r->invalid_header && cscf->ignore_invalid_headers) {
nginx-0.1.26-RELEASE import *) Change: the invalid client header lines are now ignored and logged at the info level. *) Change: the server name is also logged in error log. *) Feature: the ngx_http_auth_basic_module module and the auth_basic and auth_basic_user_file directives.
2005-03-22 12:02:46 -04:00
/* there was error while a header line parsing */
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
"client sent invalid header line: \"%*s\"",
r->header_end - r->header_name_start,
r->header_name_start);
nginx-0.1.26-RELEASE import *) Change: the invalid client header lines are now ignored and logged at the info level. *) Change: the server name is also logged in error log. *) Feature: the ngx_http_auth_basic_module module and the auth_basic and auth_basic_user_file directives.
2005-03-22 12:02:46 -04:00
continue;
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
/* a header line has been parsed successfully */
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
h = ngx_list_push(&r->headers_in.headers);
if (h == NULL) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
}
nginx-0.1.28-RELEASE import *) Bugfix: nginx hogs CPU while proxying the huge files. *) Bugfix: nginx could not be built by gcc 4.0 on Linux.
2005-04-08 11:18:55 -04:00
h->hash = r->header_hash;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
h->key.len = r->header_name_end - r->header_name_start;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
h->key.data = r->header_name_start;
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
h->key.data[h->key.len] = '\0';
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
h->value.len = r->header_end - r->header_start;
h->value.data = r->header_start;
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
h->value.data[h->value.len] = '\0';
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
*) back out r2040 *) refactor ngx_palloc() *) introduce ngx_pnalloc() *) additional pool blocks have smaller header
2008-06-17 11:00:30 -04:00
h->lowcase_key = ngx_pnalloc(r->pool, h->key.len);
nginx-0.3.46-RELEASE import *) Feature: the "proxy_hide_header", "proxy_pass_header", "fastcgi_hide_header", and "fastcgi_pass_header" directives. *) Change: the "proxy_pass_x_powered_by", "fastcgi_x_powered_by", and "proxy_pass_server" directives were canceled. *) Feature: the "X-Accel-Buffering" response header line is supported in proxy mode. *) Bugfix: the reconfiguration bug and memory leaks in the ngx_http_perl_module.
2006-05-11 10:43:47 -04:00
if (h->lowcase_key == NULL) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.3.46-RELEASE import *) Feature: the "proxy_hide_header", "proxy_pass_header", "fastcgi_hide_header", and "fastcgi_pass_header" directives. *) Change: the "proxy_pass_x_powered_by", "fastcgi_x_powered_by", and "proxy_pass_server" directives were canceled. *) Feature: the "X-Accel-Buffering" response header line is supported in proxy mode. *) Bugfix: the reconfiguration bug and memory leaks in the ngx_http_perl_module.
2006-05-11 10:43:47 -04:00
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
nginx-0.3.46-RELEASE import *) Feature: the "proxy_hide_header", "proxy_pass_header", "fastcgi_hide_header", and "fastcgi_pass_header" directives. *) Change: the "proxy_pass_x_powered_by", "fastcgi_x_powered_by", and "proxy_pass_server" directives were canceled. *) Feature: the "X-Accel-Buffering" response header line is supported in proxy mode. *) Bugfix: the reconfiguration bug and memory leaks in the ngx_http_perl_module.
2006-05-11 10:43:47 -04:00
if (h->key.len == r->lowcase_index) {
ngx_memcpy(h->lowcase_key, r->lowcase_header, h->key.len);
} else {
ngx_strlow()
2008-08-04 06:07:00 -04:00
ngx_strlow(h->lowcase_key, h->key.data, h->key.len);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.3.46-RELEASE import *) Feature: the "proxy_hide_header", "proxy_pass_header", "fastcgi_hide_header", and "fastcgi_pass_header" directives. *) Change: the "proxy_pass_x_powered_by", "fastcgi_x_powered_by", and "proxy_pass_server" directives were canceled. *) Feature: the "X-Accel-Buffering" response header line is supported in proxy mode. *) Bugfix: the reconfiguration bug and memory leaks in the ngx_http_perl_module.
2006-05-11 10:43:47 -04:00
hh = ngx_hash_find(&cmcf->headers_in_hash, h->hash,
h->lowcase_key, h->key.len);
if (hh && hh->handler(r, h, hh->offset) != NGX_OK) {
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.3.46-RELEASE import *) Feature: the "proxy_hide_header", "proxy_pass_header", "fastcgi_hide_header", and "fastcgi_pass_header" directives. *) Change: the "proxy_pass_x_powered_by", "fastcgi_x_powered_by", and "proxy_pass_server" directives were canceled. *) Feature: the "X-Accel-Buffering" response header line is supported in proxy mode. *) Bugfix: the reconfiguration bug and memory leaks in the ngx_http_perl_module.
2006-05-11 10:43:47 -04:00
}
nginx-0.0.1-2003-12-14-23:10:27 import
2003-12-14 17:10:27 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
"http header: \"%V: %V\"",
&h->key, &h->value);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
continue;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
}
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
if (rc == NGX_HTTP_PARSE_HEADER_DONE) {
nginx-0.0.1-2002-09-02-18:48:24 import
2002-09-02 10:48:24 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
/* a whole header has been parsed successfully */
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
nginx-0.0.1-2003-12-14-23:10:27 import
2003-12-14 17:10:27 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http header done");
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
r->request_length += r->header_in->pos - r->header_name_start;
nginx-0.1.12-RELEASE import *) Feature: the %request_length log parameter. *) Bugfix: when using the /dev/poll, select and poll on the platforms, where these methods may do the false reports, there may be the long delay when the request was passed via the keep-alive connection. It may be at least on Solaris when using the /dev/poll. *) Bugfix: the send_lowat directive is ignored on Linux because Linux does not support the SO_SNDLOWAT option.
2004-12-06 11:45:08 -03:00
nginx-0.0.7-2004-06-24-20:07:04 import
2004-06-24 12:07:04 -04:00
r->http_state = NGX_HTTP_PROCESS_REQUEST_STATE;
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
rc = ngx_http_process_request_header(r);
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
if (rc != NGX_OK) {
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.1-2003-04-25-18:43:13 import
2003-04-25 10:43:13 -04:00
}
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
ngx_http_process_request(r);
nginx-0.1.43-RELEASE import *) Feature: the listen(2) backlog in the "listen" directive can be changed using the -HUP signal. *) Feature: the geo2nginx.pl script was added to contrib. *) Change: the FastCGI parameters with the empty values now are passed to a server. *) Bugfix: the segmentation fault occurred or the worker process may got caught in an endless loop if the proxied or FastCGI server sent the "Cache-Control" header line and the "expires" directive was used; in the proxied mode the the bug had appeared in 0.1.29.
2005-08-30 06:55:07 -04:00
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
}
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
if (rc == NGX_AGAIN) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
/* a header line parsing is still not complete */
nginx-0.0.1-2003-12-22-12:40:48 import
2003-12-22 06:40:48 -03:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
continue;
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
}
Fixed buffer over-read while logging invalid request headers. Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character. In this case the r->header_end pointer isn't properly initialized, but the log message in ngx_http_process_request_headers() hasn't been adjusted. It used the pointer in size calculation, which might result in up to 2k buffer over-read. Found with afl-fuzz.
2016-02-24 10:01:23 -03:00
/* rc == NGX_HTTP_PARSE_INVALID_HEADER */
nginx-0.0.1-2003-03-05-20:30:51 import
2003-03-05 14:30:51 -03:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
Improved logging of invalid headers. In 71edd9192f24 logging of invalid headers which were rejected with the NGX_HTTP_PARSE_INVALID_HEADER error was restricted to just the "client sent invalid header line" message, without any attempts to log the header itself. This patch returns logging of the header up to the invalid character and the character itself. The r->header_end pointer is now properly set in all cases to make logging possible. The same logging is also introduced when parsing headers from upstream servers.
2021-06-28 11:01:20 -04:00
"client sent invalid header line: \"%*s\\x%02xd...\"",
r->header_end - r->header_name_start,
r->header_name_start, *r->header_end);
Fixed buffer over-read while logging invalid request headers. Since 667aaf61a778 (1.1.17) the ngx_http_parse_header_line() function can return NGX_HTTP_PARSE_INVALID_HEADER when a header contains NUL character. In this case the r->header_end pointer isn't properly initialized, but the log message in ngx_http_process_request_headers() hasn't been adjusted. It used the pointer in size calculation, which might result in up to 2k buffer over-read. Found with afl-fuzz.
2016-02-24 10:01:23 -03:00
return 400 response
2007-08-27 16:52:40 -04:00
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
break;
nginx-0.0.1-2002-08-29-20:59:54 import
2002-08-29 12:59:54 -04:00
}
Fixed socket leak with "return 444" in error_page (ticket #274). Socket leak was observed in the following configuration: error_page 400 = /close; location = /close { return 444; } The problem is that "return 444" triggers termination of the request, and due to error_page termination thinks that it needs to use a posted request to clear stack. But at the early request processing where 400 errors are generated there are no ngx_http_run_posted_requests() calls, so the request is only terminated after an external event. Variants of the problem include "error_page 497" instead (ticket #695) and various other errors generated during early request processing (405, 414, 421, 494, 495, 496, 501, 505). The same problem can be also triggered with "return 499" and "return 408" as both codes trigger ngx_http_terminate_request(), much like "return 444". To fix this, the patch adds ngx_http_run_posted_requests() calls to ngx_http_process_request_line() and ngx_http_process_request_headers() functions, and to ngx_http_v2_run_request() and ngx_http_v2_push_stream() functions in HTTP/2. Since the ngx_http_process_request() function is now only called via other functions which call ngx_http_run_posted_requests(), the call there is no longer needed and was removed.
2018-09-21 09:59:30 -03:00
ngx_http_run_posted_requests(c);
nginx-0.0.1-2002-09-02-18:48:24 import
2002-09-02 10:48:24 -04:00
}
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static ssize_t
ngx_http_read_request_header(ngx_http_request_t *r)
nginx-0.0.1-2002-09-02-18:48:24 import
2002-09-02 10:48:24 -04:00
{
nginx-0.0.1-2003-05-23-15:53:01 import
2003-05-23 07:53:01 -04:00
ssize_t n;
ngx_event_t *rev;
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
ngx_connection_t *c;
nginx-0.0.1-2003-05-23-15:53:01 import
2003-05-23 07:53:01 -04:00
ngx_http_core_srv_conf_t *cscf;
nginx-0.0.1-2002-12-02-19:09:40 import; resume after 2 months stall
2002-12-02 13:09:40 -03:00
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
c = r->connection;
rev = c->read;
nginx-0.0.1-2003-06-11-19:28:34 import
2003-06-11 11:28:34 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
n = r->header_in->last - r->header_in->pos;
nginx-0.0.1-2002-12-02-19:09:40 import; resume after 2 months stall
2002-12-02 13:09:40 -03:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (n > 0) {
return n;
}
nginx-0.0.1-2003-03-04-09:33:48 import
2003-03-04 03:33:48 -03:00
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
if (rev->ready) {
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
n = c->recv(c, r->header_in->last,
r->header_in->end - r->header_in->last);
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
} else {
n = NGX_AGAIN;
nginx-0.0.1-2003-11-18-19:49:00 import
2003-11-18 13:49:00 -03:00
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (n == NGX_AGAIN) {
axe old flag remained after ancient "post_accept_timeout" directive
2008-01-08 17:55:27 -03:00
if (!rev->timer_set) {
nginx-0.0.7-2004-07-16-21:11:43 import
2004-07-16 13:11:43 -04:00
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
nginx-0.0.1-2003-05-23-15:53:01 import
2003-05-23 07:53:01 -04:00
ngx_add_timer(rev, cscf->client_header_timeout);
nginx-0.0.1-2003-01-28-18:56:37 import
2003-01-28 12:56:37 -03:00
}
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
nginx-0.0.1-2003-10-10-19:10:50 import
2003-10-10 11:10:50 -04:00
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
return NGX_AGAIN;
nginx-0.0.1-2002-12-02-19:09:40 import; resume after 2 months stall
2002-12-02 13:09:40 -03:00
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (n == 0) {
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
Fixed grammar in error messages.
2012-04-12 16:35:41 -03:00
"client prematurely closed connection");
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.0.1-2002-09-02-18:48:24 import
2002-09-02 10:48:24 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (n == 0 || n == NGX_ERROR) {
use right status code
2007-01-08 15:22:06 -03:00
c->error = 1;
correct an error log message
2007-01-08 15:23:38 -03:00
c->log->action = "reading client request headers";
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
use right status code
2007-01-08 15:22:06 -03:00
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
return NGX_ERROR;
}
r->header_in->last += n;
return n;
nginx-0.0.1-2002-09-02-18:48:24 import
2002-09-02 10:48:24 -04:00
}
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static ngx_int_t
ngx_http_alloc_large_header_buffer(ngx_http_request_t *r,
ngx_uint_t request_line)
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
{
u_char *old, *new;
ngx_buf_t *b;
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
ngx_chain_t *cl;
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
ngx_http_connection_t *hc;
ngx_http_core_srv_conf_t *cscf;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http alloc large header buffer");
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (request_line && r->state == 0) {
/* the client fills up the buffer with "\r\n" */
r->header_in->pos = r->header_in->start;
r->header_in->last = r->header_in->start;
return NGX_OK;
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
old = request_line ? r->request_start : r->header_name_start;
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (r->state != 0
&& (size_t) (r->header_in->pos - old)
>= cscf->large_client_header_buffers.size)
{
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
return NGX_DECLINED;
}
hc = r->http_connection;
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
if (hc->free) {
cl = hc->free;
hc->free = cl->next;
b = cl->buf;
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
"http large header free: %p %uz",
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
b->pos, b->end - b->last);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
} else if (hc->nbusy < cscf->large_client_header_buffers.num) {
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
b = ngx_create_temp_buf(r->connection->pool,
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
cscf->large_client_header_buffers.size);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
if (b == NULL) {
return NGX_ERROR;
}
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
cl = ngx_alloc_chain_link(r->connection->pool);
if (cl == NULL) {
return NGX_ERROR;
}
cl->buf = b;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
"http large header alloc: %p %uz",
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
b->pos, b->end - b->last);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
} else {
return NGX_DECLINED;
}
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
cl->next = hc->busy;
hc->busy = cl;
hc->nbusy++;
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (r->state == 0) {
/*
* r->state == 0 means that a header line was parsed successfully
* and we do not need to copy incomplete header line and
* to relocate the parser header pointers
*/
r->header_in = b;
return NGX_OK;
}
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
Fixed logging.
2016-03-30 20:33:57 -03:00
"http large header copy: %uz", r->header_in->pos - old);
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
Added size check to ngx_http_alloc_large_header_buffer(). This ensures that copying won't write more than the buffer size even if the buffer comes from hc->free and it is smaller than the large client header buffer size in the virtual host configuration. This might happen if size of large client header buffers is different in name-based virtual hosts, similarly to the problem with number of buffers fixed in 6926:e662cbf1b932.
2020-08-05 22:02:22 -04:00
if (r->header_in->pos - old > b->end - b->start) {
ngx_log_error(NGX_LOG_ALERT, r->connection->log, 0,
"too large header to copy");
return NGX_ERROR;
}
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
new = b->start;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_memcpy(new, old, r->header_in->pos - old);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
b->pos = new + (r->header_in->pos - old);
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
b->last = new + (r->header_in->pos - old);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
if (request_line) {
r->request_start = new;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (r->request_end) {
r->request_end = new + (r->request_end - old);
}
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
r->method_end = new + (r->method_end - old);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
r->uri_start = new + (r->uri_start - old);
r->uri_end = new + (r->uri_end - old);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
if (r->schema_start) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
r->schema_start = new + (r->schema_start - old);
r->schema_end = new + (r->schema_end - old);
}
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
if (r->host_start) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
r->host_start = new + (r->host_start - old);
fix segfault when $host is used and *) request is "GET http://host" without CR or LF, or timed out *) request is "GET http://host" with a large blank space
2006-12-15 07:24:57 -03:00
if (r->host_end) {
r->host_end = new + (r->host_end - old);
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
if (r->port_start) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
r->port_start = new + (r->port_start - old);
r->port_end = new + (r->port_end - old);
}
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
if (r->uri_ext) {
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
r->uri_ext = new + (r->uri_ext - old);
}
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
if (r->args_start) {
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
r->args_start = new + (r->args_start - old);
}
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
if (r->http_protocol.data) {
copy protocol value when large request line is copied, this fixes error "fastcgi: the request record is too big"
2007-12-01 09:22:48 -03:00
r->http_protocol.data = new + (r->http_protocol.data - old);
}
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
} else {
Fixed client buffer reallocation for HTTP/3. Preserving pointers within the client buffer is not needed for HTTP/3 because all data is either allocated from pool or static. Unlike with HTTP/1, data typically cannot be referenced directly within the client buffer. Trying to preserve NULLs or external pointers lead to broken pointers. Also, reverted changes in ngx_http_alloc_large_header_buffer() not relevant for HTTP/3 to minimize diff to mainstream.
2020-05-19 09:20:33 -04:00
r->header_name_start = new;
r->header_name_end = new + (r->header_name_end - old);
r->header_start = new + (r->header_start - old);
r->header_end = new + (r->header_end - old);
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
r->header_in = b;
nginx-0.0.11-2004-09-22-20:18:21 import
2004-09-22 12:18:21 -04:00
return NGX_OK;
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static ngx_int_t
ngx_http_process_header_line(ngx_http_request_t *r, ngx_table_elt_t *h,
ngx_uint_t offset)
{
ngx_table_elt_t **ph;
ph = (ngx_table_elt_t **) ((char *) &r->headers_in + offset);
All non-unique input headers are now linked lists. The ngx_http_process_multi_header_lines() function is removed, as it is exactly equivalent to ngx_http_process_header_line(). Similarly, ngx_http_variable_header() is used instead of ngx_http_variable_headers().
2022-05-30 14:25:35 -04:00
while (*ph) { ph = &(*ph)->next; }
*ph = h;
h->next = NULL;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
return NGX_OK;
}
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
static ngx_int_t
ngx_http_process_unique_header_line(ngx_http_request_t *r, ngx_table_elt_t *h,
ngx_uint_t offset)
{
ngx_table_elt_t **ph;
ph = (ngx_table_elt_t **) ((char *) &r->headers_in + offset);
if (*ph == NULL) {
*ph = h;
Reworked multi headers to use linked lists. Multi headers are now using linked lists instead of arrays. Notably, the following fields were changed: r->headers_in.cookies (renamed to r->headers_in.cookie), r->headers_in.x_forwarded_for, r->headers_out.cache_control, r->headers_out.link, u->headers_in.cache_control u->headers_in.cookies (renamed to u->headers_in.set_cookie). The r->headers_in.cookies and u->headers_in.cookies fields were renamed to r->headers_in.cookie and u->headers_in.set_cookie to match header names. The ngx_http_parse_multi_header_lines() and ngx_http_parse_set_cookie_lines() functions were changed accordingly. With this change, multi headers are now essentially equivalent to normal headers, and following changes will further make them equivalent.
2022-05-30 14:25:33 -04:00
h->next = NULL;
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
return NGX_OK;
}
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
"client sent duplicate header line: \"%V: %V\", "
"previous value: \"%V: %V\"",
&h->key, &h->value, &(*ph)->key, &(*ph)->value);
nginx-0.1.36-RELEASE import *) Change: if the request header has duplicate the "Host", "Connection", "Content-Length", or "Authorization" lines, then nginx now returns the 400 error. *) Change: the "post_accept_timeout" directive was canceled. *) Feature: the "default", "af=", "bl=", "deferred", and "bind" parameters of the "listen" directive. *) Feature: the FreeBSD accept filters support. *) Feature: the Linux TCP_DEFER_ACCEPT support. *) Bugfix: the ngx_http_autoindex_module did not support the file names in UTF-8. *) Bugfix: the new log file can be rotated by the -USR1 signal only if the reconfiguration by the -HUP signal was made twice.
2005-06-15 14:33:41 -04:00
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
static ngx_int_t
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
ngx_http_process_host(ngx_http_request_t *r, ngx_table_elt_t *h,
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
ngx_uint_t offset)
{
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
ngx_int_t rc;
ngx_str_t host;
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
Disabled duplicate "Host" headers (ticket #1724). Duplicate "Host" headers were allowed in nginx 0.7.0 (revision b9de93d804ea) as a workaround for some broken Motorola phones which used to generate requests with two "Host" headers[1]. It is believed that this workaround is no longer relevant. [1] http://mailman.nginx.org/pipermail/nginx-ru/2008-May/017845.html
2020-02-20 10:51:07 -03:00
if (r->headers_in.host) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent duplicate host header: \"%V: %V\", "
"previous value: \"%V: %V\"",
&h->key, &h->value, &r->headers_in.host->key,
&r->headers_in.host->value);
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
Disabled duplicate "Host" headers (ticket #1724). Duplicate "Host" headers were allowed in nginx 0.7.0 (revision b9de93d804ea) as a workaround for some broken Motorola phones which used to generate requests with two "Host" headers[1]. It is believed that this workaround is no longer relevant. [1] http://mailman.nginx.org/pipermail/nginx-ru/2008-May/017845.html
2020-02-20 10:51:07 -03:00
r->headers_in.host = h;
Reworked multi headers to use linked lists. Multi headers are now using linked lists instead of arrays. Notably, the following fields were changed: r->headers_in.cookies (renamed to r->headers_in.cookie), r->headers_in.x_forwarded_for, r->headers_out.cache_control, r->headers_out.link, u->headers_in.cache_control u->headers_in.cookies (renamed to u->headers_in.set_cookie). The r->headers_in.cookies and u->headers_in.cookies fields were renamed to r->headers_in.cookie and u->headers_in.set_cookie to match header names. The ngx_http_parse_multi_header_lines() and ngx_http_parse_set_cookie_lines() functions were changed accordingly. With this change, multi headers are now essentially equivalent to normal headers, and following changes will further make them equivalent.
2022-05-30 14:25:33 -04:00
h->next = NULL;
Disabled duplicate "Host" headers (ticket #1724). Duplicate "Host" headers were allowed in nginx 0.7.0 (revision b9de93d804ea) as a workaround for some broken Motorola phones which used to generate requests with two "Host" headers[1]. It is believed that this workaround is no longer relevant. [1] http://mailman.nginx.org/pipermail/nginx-ru/2008-May/017845.html
2020-02-20 10:51:07 -03:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
host = h->value;
rc = ngx_http_validate_host(&host, r->pool, 0);
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
if (rc == NGX_DECLINED) {
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid host header");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
if (rc == NGX_ERROR) {
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
if (r->headers_in.server.len) {
return NGX_OK;
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
}
Apply server configuration as soon as host is known. Previously, this was done only after the whole request header was parsed, and if an error occurred earlier then the request was processed in the default server (or server chosen by SNI), while r->headers_in.server might be set to the value from the Host: header or host from request line. r->headers_in.server is in turn used for $host variable and in HTTP redirects if "server_name_in_redirect" is disabled. Without the change, configurations that rely on this during error handling are potentially unsafe if SNI is used. This change also allows to use server specific settings of "underscores_in_headers", "ignore_invalid_headers", and "large_client_header_buffers" directives for HTTP requests and HTTPS requests without SNI.
2013-02-27 14:27:15 -03:00
if (ngx_http_set_virtual_server(r, &host) == NGX_ERROR) {
return NGX_ERROR;
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
r->headers_in.server = host;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
return NGX_OK;
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static ngx_int_t
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
ngx_http_process_connection(ngx_http_request_t *r, ngx_table_elt_t *h,
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ngx_uint_t offset)
{
Perl: fixed $r->header_in("Connection"). Previously, the r->header_in->connection pointer was never set despite being present in ngx_http_headers_in, resulting in incorrect value returned by $r->header_in("Connection") in embedded perl.
2022-05-30 14:25:25 -04:00
if (ngx_http_process_header_line(r, h, offset) != NGX_OK) {
return NGX_ERROR;
}
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
if (ngx_strcasestrn(h->value.data, "close", 5 - 1)) {
r->headers_in.connection_type = NGX_HTTP_CONNECTION_CLOSE;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
} else if (ngx_strcasestrn(h->value.data, "keep-alive", 10 - 1)) {
r->headers_in.connection_type = NGX_HTTP_CONNECTION_KEEP_ALIVE;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
}
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
return NGX_OK;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
}
test user agent in header callback
2008-05-13 05:18:58 -04:00
static ngx_int_t
ngx_http_process_user_agent(ngx_http_request_t *r, ngx_table_elt_t *h,
ngx_uint_t offset)
{
gzip_disable msie6
2008-08-26 11:09:28 -04:00
u_char *user_agent, *msie;
test user agent in header callback
2008-05-13 05:18:58 -04:00
All non-unique input headers are now linked lists. The ngx_http_process_multi_header_lines() function is removed, as it is exactly equivalent to ngx_http_process_header_line(). Similarly, ngx_http_variable_header() is used instead of ngx_http_variable_headers().
2022-05-30 14:25:35 -04:00
if (ngx_http_process_header_line(r, h, offset) != NGX_OK) {
return NGX_ERROR;
test user agent in header callback
2008-05-13 05:18:58 -04:00
}
/* check some widespread browsers while the header is in CPU cache */
user_agent = h->value.data;
gzip_disable msie6
2008-08-26 11:09:28 -04:00
msie = ngx_strstrn(user_agent, "MSIE ", 5 - 1);
test user agent in header callback
2008-05-13 05:18:58 -04:00
gzip_disable msie6
2008-08-26 11:09:28 -04:00
if (msie && msie + 7 < user_agent + h->value.len) {
test user agent in header callback
2008-05-13 05:18:58 -04:00
r->headers_in.msie = 1;
gzip_disable msie6
2008-08-26 11:09:28 -04:00
if (msie[6] == '.') {
switch (msie[5]) {
case '4':
case '5':
r->headers_in.msie6 = 1;
do not disable gzip for MSIE 6.0 SV1 in "gzip_disable msie6"
2009-08-28 04:19:02 -04:00
break;
case '6':
if (ngx_strstrn(msie + 8, "SV1", 3 - 1) == NULL) {
r->headers_in.msie6 = 1;
}
break;
gzip_disable msie6
2008-08-26 11:09:28 -04:00
}
test user agent in header callback
2008-05-13 05:18:58 -04:00
}
#if 0
/* MSIE ignores the SSL "close notify" alert */
if (c->ssl) {
c->ssl->no_send_shutdown = 1;
}
#endif
}
if (ngx_strstrn(user_agent, "Opera", 5 - 1)) {
r->headers_in.opera = 1;
r->headers_in.msie = 0;
gzip_disable msie6
2008-08-26 11:09:28 -04:00
r->headers_in.msie6 = 0;
test user agent in header callback
2008-05-13 05:18:58 -04:00
}
if (!r->headers_in.msie && !r->headers_in.opera) {
if (ngx_strstrn(user_agent, "Gecko/", 6 - 1)) {
r->headers_in.gecko = 1;
r->chrome
2009-11-12 11:23:18 -03:00
} else if (ngx_strstrn(user_agent, "Chrome/", 7 - 1)) {
r->headers_in.chrome = 1;
Restricted keepalive_disable safari to OS X only. The problem doesn't affect non-Apple systems for sure, and many pretend to be Safari now. Prodded by Piotr Sikora.
2012-03-22 07:42:27 -03:00
} else if (ngx_strstrn(user_agent, "Safari/", 7 - 1)
&& ngx_strstrn(user_agent, "Mac OS X", 8 - 1))
{
disable keepalive for Safari: https://bugs.webkit.org/show_bug.cgi?id=5760
2010-02-01 09:01:01 -03:00
r->headers_in.safari = 1;
test user agent in header callback
2008-05-13 05:18:58 -04:00
} else if (ngx_strstrn(user_agent, "Konqueror", 9 - 1)) {
r->headers_in.konqueror = 1;
}
}
return NGX_OK;
}
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
ngx_int_t
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
ngx_http_process_request_header(ngx_http_request_t *r)
{
Apply server configuration as soon as host is known. Previously, this was done only after the whole request header was parsed, and if an error occurred earlier then the request was processed in the default server (or server chosen by SNI), while r->headers_in.server might be set to the value from the Host: header or host from request line. r->headers_in.server is in turn used for $host variable and in HTTP redirects if "server_name_in_redirect" is disabled. Without the change, configurations that rely on this during error handling are potentially unsafe if SNI is used. This change also allows to use server specific settings of "underscores_in_headers", "ignore_invalid_headers", and "large_client_header_buffers" directives for HTTP requests and HTTPS requests without SNI.
2013-02-27 14:27:15 -03:00
if (r->headers_in.server.len == 0
&& ngx_http_set_virtual_server(r, &r->headers_in.server)
== NGX_ERROR)
{
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
return NGX_ERROR;
}
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
if (r->headers_in.host == NULL && r->http_version > NGX_HTTP_VERSION_10) {
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent HTTP/1.1 request without \"Host\" header");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
}
if (r->headers_in.content_length) {
r->headers_in.content_length_n =
nginx-0.3.53-RELEASE import *) Change: the "add_header" directive adds the string to 204, 301, and 302 responses. *) Feature: the "server" directive in the "upstream" context supports the "weight" parameter. *) Feature: the "server_name" directive supports the "*" wildcard. *) Feature: nginx supports the request body size more than 2G. *) Bugfix: if a client was successfully authorized using "satisfy_any on", then anyway the message "access forbidden by rule" was written in the log. *) Bugfix: the "PUT" method may erroneously not create a file and return the 409 code. *) Bugfix: if the IMAP/POP3 backend returned an error, then nginx continued proxying anyway.
2006-07-07 12:33:19 -04:00
ngx_atoof(r->headers_in.content_length->value.data,
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
r->headers_in.content_length->value.len);
if (r->headers_in.content_length_n == NGX_ERROR) {
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent invalid \"Content-Length\" header");
Request body: chunked transfer encoding support.
2012-11-20 22:08:11 -03:00
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
return NGX_ERROR;
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
}
}
Request body: chunked transfer encoding support.
2012-11-20 22:08:11 -03:00
if (r->headers_in.transfer_encoding) {
Disabled HTTP/1.0 requests with Transfer-Encoding. The latest HTTP/1.1 draft describes Transfer-Encoding in HTTP/1.0 as having potentially faulty message framing as that could have been forwarded without handling of the chunked encoding, and forbids processing subsequest requests over that connection: https://github.com/httpwg/http-core/issues/879. While handling of such requests is permitted, the most secure approach seems to reject them.
2021-08-09 11:12:12 -04:00
if (r->http_version < NGX_HTTP_VERSION_11) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent HTTP/1.0 request with "
"\"Transfer-Encoding\" header");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
Request body: chunked transfer encoding support.
2012-11-20 22:08:11 -03:00
if (r->headers_in.transfer_encoding->value.len == 7
&& ngx_strncasecmp(r->headers_in.transfer_encoding->value.data,
(u_char *) "chunked", 7) == 0)
{
Disabled requests with both Content-Length and Transfer-Encoding. HTTP clients are not allowed to generate such requests since Transfer-Encoding introduction in RFC 2068, and they are not expected to appear in practice except in attempts to perform a request smuggling attack. While handling of such requests is strictly defined, the most secure approach seems to reject them.
2021-06-28 11:01:06 -04:00
if (r->headers_in.content_length) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent \"Content-Length\" and "
"\"Transfer-Encoding\" headers "
"at the same time");
ngx_http_finalize_request(r, NGX_HTTP_BAD_REQUEST);
return NGX_ERROR;
}
Request body: chunked transfer encoding support.
2012-11-20 22:08:11 -03:00
r->headers_in.chunked = 1;
Removed "Transfer-Encoding: identity" support. The "identity" transfer coding has been removed in RFC 7230. It is believed that it is not used in real life, and at the same time it provides a potential attack vector.
2020-02-20 10:19:34 -03:00
} else {
Request body: chunked transfer encoding support.
2012-11-20 22:08:11 -03:00
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent unknown \"Transfer-Encoding\": \"%V\"",
&r->headers_in.transfer_encoding->value);
ngx_http_finalize_request(r, NGX_HTTP_NOT_IMPLEMENTED);
return NGX_ERROR;
}
nginx-0.0.3-2004-03-30-10:27:36 import
2004-03-30 02:27:36 -04:00
}
there may be several "Connection" header lines and each may have several tokens
2007-09-09 14:28:49 -04:00
if (r->headers_in.connection_type == NGX_HTTP_CONNECTION_KEEP_ALIVE) {
if (r->headers_in.keep_alive) {
r->headers_in.keep_alive_n =
ngx_atotm(r->headers_in.keep_alive->value.data,
r->headers_in.keep_alive->value.len);
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
}
}
Added CONNECT method rejection. No valid CONNECT requests are expected to appear within nginx, since it is not a forward proxy. Further, request line parsing will reject proper CONNECT requests anyway, since we don't allow authority-form of request-target. On the other hand, RFC 7230 specifies separate message length rules for CONNECT which we don't support, so make sure to always reject CONNECTs to avoid potential abuse.
2021-06-28 11:01:04 -04:00
if (r->method == NGX_HTTP_CONNECT) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent CONNECT method");
ngx_http_finalize_request(r, NGX_HTTP_NOT_ALLOWED);
return NGX_ERROR;
}
Moved TRACE method rejection to a better place. Previously, TRACE requests were rejected before parsing Transfer-Encoding. This is not important since keepalive is not enabled at this point anyway, though rejecting such requests after properly parsing other headers is less likely to cause issues in case of further code changes.
2021-06-28 11:01:00 -04:00
if (r->method == NGX_HTTP_TRACE) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client sent TRACE method");
ngx_http_finalize_request(r, NGX_HTTP_NOT_ALLOWED);
return NGX_ERROR;
}
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
return NGX_OK;
}
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
void
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
ngx_http_process_request(ngx_http_request_t *r)
{
move condition declarations inside blocks where they are used
2007-12-10 09:09:51 -03:00
ngx_connection_t *c;
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
c = r->connection;
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
#if (NGX_HTTP_SSL)
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
if (r->http_connection->ssl) {
move condition declarations inside blocks where they are used
2007-12-10 09:09:51 -03:00
long rc;
fix memory leak when ssl_verify_client is on
2008-04-23 14:57:25 -04:00
X509 *cert;
SSL: client certificate validation with OCSP (ticket #1534). OCSP validation for client certificates is enabled by the "ssl_ocsp" directive. OCSP responder can be optionally specified by "ssl_ocsp_responder". When session is reused, peer chain is not available for validation. If the verified chain contains certificates from the peer chain not available at the server, validation will fail.
2020-05-22 10:30:12 -04:00
const char *s;
move condition declarations inside blocks where they are used
2007-12-10 09:09:51 -03:00
ngx_http_ssl_srv_conf_t *sscf;
SSL: do not treat SSL handshake as request. The request object will not be created until SSL handshake is complete. This simplifies adding another connection handler that does not need request object right after handshake (e.g., SPDY). There are also a few more intentional effects: - the "client_header_buffer_size" directive will be taken from the server configuration that was negotiated by SNI; - SSL handshake errors and timeouts are not logged into access log as bad requests; - ngx_ssl_create_connection() is not called until the first byte of ClientHello message was received. This also decreases memory consumption if plain HTTP request is sent to SSL socket.
2013-02-27 14:21:21 -03:00
if (c->ssl == NULL) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent plain HTTP request to HTTPS port");
ngx_http_finalize_request(r, NGX_HTTP_TO_HTTPS);
return;
}
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
*) $ssl_client_verify *) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 13:41:42 -04:00
if (sscf->verify) {
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
rc = SSL_get_verify_result(c->ssl->connection);
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
SSL: the "ssl_verify_client" directive parameter "optional_no_ca". This parameter allows to don't require certificate to be signed by a trusted CA, e.g. if CA certificate isn't known in advance, like in WebID protocol. Note that it doesn't add any security unless the certificate is actually checked to be trusted by some external means (e.g. by a backend). Patch by Mike Kazantsev, Eric O'Connor.
2012-10-03 12:24:08 -03:00
if (rc != X509_V_OK
&& (sscf->verify != 3 || !ngx_ssl_verify_error_optional(rc)))
{
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, 0,
nginx-0.3.57-RELEASE import *) Feature: the $ssl_client_serial variable. *) Bugfix: in the "!-e" operator of the "if" directive. Thanks to Andrian Budanstov. *) Bugfix: while a client certificate verification nginx did not send to a client the required certificates information. *) Bugfix: the $document_root variable did not support the variables in the "root" directive.
2006-08-09 15:59:45 -04:00
"client SSL certificate verify error: (%l:%s)",
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
rc, X509_verify_cert_error_string(rc));
invalidate SSL session if there is no valid client certificate
2008-03-10 11:47:07 -03:00
SSL: using default server context in session remove (closes #1464). This fixes segfault in configurations with multiple virtual servers sharing the same port, where a non-default virtual server block misses certificate.
2018-01-30 11:46:31 -03:00
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
invalidate SSL session if there is no valid client certificate
2008-03-10 11:47:07 -03:00
(SSL_get0_session(c->ssl->connection)));
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR);
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
return;
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
}
*) $ssl_client_verify *) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 13:41:42 -04:00
if (sscf->verify == 1) {
cert = SSL_get_peer_certificate(c->ssl->connection);
fix memory leak when ssl_verify_client is on
2008-04-23 14:57:25 -04:00
*) $ssl_client_verify *) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 13:41:42 -04:00
if (cert == NULL) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client sent no required SSL certificate");
invalidate SSL session if there is no valid client certificate
2008-03-10 11:47:07 -03:00
SSL: using default server context in session remove (closes #1464). This fixes segfault in configurations with multiple virtual servers sharing the same port, where a non-default virtual server block misses certificate.
2018-01-30 11:46:31 -03:00
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
invalidate SSL session if there is no valid client certificate
2008-03-10 11:47:07 -03:00
(SSL_get0_session(c->ssl->connection)));
*) $ssl_client_verify *) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 13:41:42 -04:00
ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
return;
}
fix memory leak when ssl_verify_client is on
2008-04-23 14:57:25 -04:00
*) $ssl_client_verify *) "ssl_verify_client ask" was changed to "ssl_verify_client optional"
2009-07-22 13:41:42 -04:00
X509_free(cert);
}
SSL: client certificate validation with OCSP (ticket #1534). OCSP validation for client certificates is enabled by the "ssl_ocsp" directive. OCSP responder can be optionally specified by "ssl_ocsp_responder". When session is reused, peer chain is not available for validation. If the verified chain contains certificates from the peer chain not available at the server, validation will fail.
2020-05-22 10:30:12 -04:00
if (ngx_ssl_ocsp_get_status(c, &s) != NGX_OK) {
ngx_log_error(NGX_LOG_INFO, c->log, 0,
"client SSL certificate verify error: %s", s);
ngx_ssl_remove_cached_session(c->ssl->session_ctx,
(SSL_get0_session(c->ssl->connection)));
ngx_http_finalize_request(r, NGX_HTTPS_CERT_ERROR);
return;
}
nginx-0.3.56-RELEASE import *) Feature: the "dav_access" directive. *) Feature: the "if" directive supports the "-d", "!-d", "-e", "!-e", "-x", and "!-x" operators. *) Bugfix: a segmentation fault occurred if a request returned a redirect and some sent to client header lines were logged in the access log.
2006-08-04 12:04:04 -04:00
}
}
#endif
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
if (c->read->timer_set) {
ngx_del_timer(c->read);
}
#if (NGX_STAT_STUB)
ignore ngx_atomic_fetch_add() result this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
2009-06-18 09:14:51 -04:00
(void) ngx_atomic_fetch_add(ngx_stat_reading, -1);
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
r->stat_reading = 0;
ignore ngx_atomic_fetch_add() result this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
2009-06-18 09:14:51 -04:00
(void) ngx_atomic_fetch_add(ngx_stat_writing, 1);
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
r->stat_writing = 1;
#endif
c->read->handler = ngx_http_request_handler;
c->write->handler = ngx_http_request_handler;
rename ngx_http_block_read() and ngx_http_test_read() to ..._reading()
2007-08-06 11:22:40 -04:00
r->read_event_handler = ngx_http_block_reading;
fix ssl_verify_client for HTTP/0.9
2007-06-04 16:40:03 -04:00
ngx_http_handler(r);
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
ngx_int_t
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
ngx_http_validate_host(ngx_str_t *host, ngx_pool_t *pool, ngx_uint_t alloc)
nginx-0.1.13-RELEASE import *) Feature: the server_names_hash and server_names_hash_threshold directives. *) Bugfix: the *.domain.tld names in the "server_name" directive did not work. *) Bugfix: the %request_length log parameter logged the incorrect length.
2004-12-21 09:30:30 -03:00
{
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
u_char *h, ch;
size_t i, dot_pos, host_len;
enum {
sw_usual = 0,
sw_literal,
sw_rest
} state;
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
dot_pos = host->len;
host_len = host->len;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
h = host->data;
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
state = sw_usual;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
for (i = 0; i < host->len; i++) {
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
ch = h[i];
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
switch (ch) {
case '.':
if (dot_pos == i - 1) {
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
return NGX_DECLINED;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
dot_pos = i;
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
case ':':
if (state == sw_usual) {
host_len = i;
state = sw_rest;
}
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
case '[':
if (i == 0) {
state = sw_literal;
}
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
case ']':
if (state == sw_literal) {
host_len = i + 1;
state = sw_rest;
}
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
default:
if (ngx_path_separator(ch)) {
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
return NGX_DECLINED;
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
}
Disabled control characters in the Host header. Control characters (0x00-0x1f, 0x7f) and space are not expected to appear in the Host header. Requests with such characters in the Host header are now unconditionally rejected.
2021-06-28 11:01:24 -04:00
if (ch <= 0x20 || ch == 0x7f) {
return NGX_DECLINED;
}
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
if (ch >= 'A' && ch <= 'Z') {
alloc = 1;
}
break;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
}
Added support for IP-literal in the Host header and request line (ticket #1). Additional parsing logic added to correctly handle RFC 3986 compliant IPv6 and IPvFuture characters enclosed in square brackets. The host validation was completely rewritten. The behavior for non IP literals was changed in a more proper and safer way: - Host part is now delimited either by the first colon or by the end of string if there's no colon. Previously the last colon was used as delimiter which allowed substitution of a port number in the $host variable. (e.g. Host: 127.0.0.1:9000:80) - Fixed stripping of the ending dot in the Host header when the host was also followed by a port number. (e.g. Host: nginx.com.:80) - Fixed upper case characters detection. Previously it was broken which led to wasting memory and CPU.
2011-11-28 06:15:33 -03:00
if (dot_pos == host_len - 1) {
host_len--;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
if (host_len == 0) {
return NGX_DECLINED;
}
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
if (alloc) {
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
host->data = ngx_pnalloc(pool, host_len);
if (host->data == NULL) {
return NGX_ERROR;
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
ngx_strlow(host->data, h, host_len);
$host is always in low case: *) move low case convertation from ngx_http_find_virtual_server() to ngx_http_validate_host() *) add in ngx_http_validate_host() capability to copy host name in the pool allocated memory
2009-09-24 09:15:50 -04:00
}
Changed interface of ngx_http_validate_host().
2013-02-27 14:03:14 -03:00
host->len = host_len;
return NGX_OK;
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
ngx_int_t
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
ngx_http_set_virtual_server(ngx_http_request_t *r, ngx_str_t *host)
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
{
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
ngx_int_t rc;
ngx_http_connection_t *hc;
nginx-0.3.18-RELEASE import *) Feature: the "server_names" directive supports the ".domain.tld" names. *) Feature: the "server_names" directive uses the hash for the "*.domain.tld" names and more effective hash for usual names. *) Change: the "server_names_hash_max_size" and "server_names_hash_bucket_size" directives. *) Change: the "server_names_hash" and "server_names_hash_threshold" directives were canceled. *) Feature: the "valid_referers" directive uses the hash site names. *) Change: now the "valid_referers" directive checks the site names only without the URI part. *) Bugfix: some ".domain.tld" names incorrectly processed by the ngx_http_map_module. *) Bugfix: segmentation fault was occurred if configuration file did not exist; the bug had appeared in 0.3.12. *) Bugfix: on 64-bit platforms segmentation fault may occurred on start; the bug had appeared in 0.3.16.
2005-12-26 14:07:48 -03:00
ngx_http_core_loc_conf_t *clcf;
ngx_http_core_srv_conf_t *cscf;
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
Fixed false compiler warning. Newer gcc versions (4.7+) report possible use of uninitialized variable if nginx is being compiled with -O3.
2014-01-31 07:18:52 -03:00
#if (NGX_SUPPRESS_WARN)
cscf = NULL;
#endif
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
hc = r->http_connection;
Fixed build with --with-mail_ssl_module. If nginx was compiled without --with-http_ssl_module, but with some other module which uses OpenSSL (e.g. --with-mail_ssl_module), insufficient preprocessor check resulted in build failure. The problem was introduced by e0a3714a36f8 (1.3.14). Reported by Roman Arutyunyan.
2013-05-11 10:49:30 -04:00
#if (NGX_HTTP_SSL && defined SSL_CTRL_SET_TLSEXT_HOSTNAME)
SNI: avoid surplus lookup of virtual server if SNI was used.
2013-02-27 14:33:59 -03:00
if (hc->ssl_servername) {
if (hc->ssl_servername->len == host->len
&& ngx_strncmp(hc->ssl_servername->data,
host->data, host->len) == 0)
{
#if (NGX_PCRE)
if (hc->ssl_servername_regex
&& ngx_http_regex_exec(r, hc->ssl_servername_regex,
hc->ssl_servername) != NGX_OK)
{
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
#endif
return NGX_OK;
}
}
#endif
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
rc = ngx_http_find_virtual_server(r->connection,
hc->addr_conf->virtual_names,
host, r, &cscf);
if (rc == NGX_ERROR) {
ngx_http_close_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
}
Fixed build with --with-mail_ssl_module. If nginx was compiled without --with-http_ssl_module, but with some other module which uses OpenSSL (e.g. --with-mail_ssl_module), insufficient preprocessor check resulted in build failure. The problem was introduced by e0a3714a36f8 (1.3.14). Reported by Roman Arutyunyan.
2013-05-11 10:49:30 -04:00
#if (NGX_HTTP_SSL && defined SSL_CTRL_SET_TLSEXT_HOSTNAME)
SNI: reset to default server if requested host was not found. Not only this is consistent with a case without SNI, but this also prevents abusing configurations that assume that the $host variable is limited to one of the configured names for a server. An example of potentially unsafe configuration: server { listen 443 ssl default_server; ... } server { listen 443; server_name example.com; location / { proxy_pass http://$host; } } Note: it is possible to negotiate "example.com" by SNI, and to request arbitrary host name that does not exist in the configuration above.
2013-02-27 14:38:54 -03:00
if (hc->ssl_servername) {
SNI: added restriction on requesting host other than negotiated. According to RFC 6066, client is not supposed to request a different server name at the application layer. Server implementations that rely upon these names being equal must validate that a client did not send a different name in HTTP request. Current versions of Apache HTTP server always return 400 "Bad Request" in such cases. There exist implementations however (e.g., SPDY) that rely on being able to request different host names in one connection. Given this, we only reject requests with differing host names if verification of client certificates is enabled in a corresponding server configuration. An example of configuration that might not work as expected: server { listen 433 ssl default; return 404; } server { listen 433 ssl; server_name example.org; ssl_client_certificate org.cert; ssl_verify_client on; } server { listen 433 ssl; server_name example.com; ssl_client_certificate com.cert; ssl_verify_client on; } Previously, a client was able to request example.com by presenting a certificate for example.org, and vice versa.
2013-02-27 14:41:34 -03:00
ngx_http_ssl_srv_conf_t *sscf;
SNI: reset to default server if requested host was not found. Not only this is consistent with a case without SNI, but this also prevents abusing configurations that assume that the $host variable is limited to one of the configured names for a server. An example of potentially unsafe configuration: server { listen 443 ssl default_server; ... } server { listen 443; server_name example.com; location / { proxy_pass http://$host; } } Note: it is possible to negotiate "example.com" by SNI, and to request arbitrary host name that does not exist in the configuration above.
2013-02-27 14:38:54 -03:00
if (rc == NGX_DECLINED) {
cscf = hc->addr_conf->default_server;
rc = NGX_OK;
}
SNI: added restriction on requesting host other than negotiated. According to RFC 6066, client is not supposed to request a different server name at the application layer. Server implementations that rely upon these names being equal must validate that a client did not send a different name in HTTP request. Current versions of Apache HTTP server always return 400 "Bad Request" in such cases. There exist implementations however (e.g., SPDY) that rely on being able to request different host names in one connection. Given this, we only reject requests with differing host names if verification of client certificates is enabled in a corresponding server configuration. An example of configuration that might not work as expected: server { listen 433 ssl default; return 404; } server { listen 433 ssl; server_name example.org; ssl_client_certificate org.cert; ssl_verify_client on; } server { listen 433 ssl; server_name example.com; ssl_client_certificate com.cert; ssl_verify_client on; } Previously, a client was able to request example.com by presenting a certificate for example.org, and vice versa.
2013-02-27 14:41:34 -03:00
sscf = ngx_http_get_module_srv_conf(cscf->ctx, ngx_http_ssl_module);
if (sscf->verify) {
ngx_log_error(NGX_LOG_INFO, r->connection->log, 0,
"client attempted to request the server name "
Fixed an error log message.
2016-06-07 10:44:20 -04:00
"different from the one that was negotiated");
HTTP/2: the "421 Misdirected Request" response (closes #848). Since 4fbef397c753 nginx rejects with the 400 error any attempts of requesting different host over the same connection, if the relevant virtual server requires verification of a client certificate. While requesting hosts other than negotiated isn't something legal in HTTP/1.x, the HTTP/2 specification explicitly permits such requests for connection reuse and has introduced a special response code 421. According to RFC 7540 Section 9.1.2 this code can be sent by a server that is not configured to produce responses for the combination of scheme and authority that are included in the request URI. And the client may retry the request over a different connection. Now this code is used for requests that aren't authorized in current connection. After receiving the 421 response a client will be able to open a new connection, provide the required certificate and retry the request. Unfortunately, not all clients currently are able to handle it well. Notably Chrome just shows an error, while at least the latest version of Firefox retries the request over a new connection.
2016-05-20 11:41:17 -04:00
ngx_http_finalize_request(r, NGX_HTTP_MISDIRECTED_REQUEST);
SNI: added restriction on requesting host other than negotiated. According to RFC 6066, client is not supposed to request a different server name at the application layer. Server implementations that rely upon these names being equal must validate that a client did not send a different name in HTTP request. Current versions of Apache HTTP server always return 400 "Bad Request" in such cases. There exist implementations however (e.g., SPDY) that rely on being able to request different host names in one connection. Given this, we only reject requests with differing host names if verification of client certificates is enabled in a corresponding server configuration. An example of configuration that might not work as expected: server { listen 433 ssl default; return 404; } server { listen 433 ssl; server_name example.org; ssl_client_certificate org.cert; ssl_verify_client on; } server { listen 433 ssl; server_name example.com; ssl_client_certificate com.cert; ssl_verify_client on; } Previously, a client was able to request example.com by presenting a certificate for example.org, and vice versa.
2013-02-27 14:41:34 -03:00
return NGX_ERROR;
}
SNI: reset to default server if requested host was not found. Not only this is consistent with a case without SNI, but this also prevents abusing configurations that assume that the $host variable is limited to one of the configured names for a server. An example of potentially unsafe configuration: server { listen 443 ssl default_server; ... } server { listen 443; server_name example.com; location / { proxy_pass http://$host; } } Note: it is possible to negotiate "example.com" by SNI, and to request arbitrary host name that does not exist in the configuration above.
2013-02-27 14:38:54 -03:00
}
#endif
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
if (rc == NGX_DECLINED) {
return NGX_OK;
}
r->srv_conf = cscf->ctx->srv_conf;
r->loc_conf = cscf->ctx->loc_conf;
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
Core: the ngx_set_connection_log() macro. The http and stream versions of this macro were identical.
2015-04-25 16:44:02 -03:00
ngx_set_connection_log(r->connection, clcf->error_log);
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
return NGX_OK;
}
static ngx_int_t
ngx_http_find_virtual_server(ngx_connection_t *c,
ngx_http_virtual_names_t *virtual_names, ngx_str_t *host,
ngx_http_request_t *r, ngx_http_core_srv_conf_t **cscfp)
{
ngx_http_core_srv_conf_t *cscf;
nginx-0.1.13-RELEASE import *) Feature: the server_names_hash and server_names_hash_threshold directives. *) Bugfix: the *.domain.tld names in the "server_name" directive did not work. *) Bugfix: the %request_length log parameter logged the incorrect length.
2004-12-21 09:30:30 -03:00
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
if (virtual_names == NULL) {
*) host in request line has priority *) allow several Host headers *) validate host
2008-05-15 10:44:47 -04:00
return NGX_DECLINED;
}
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
cscf = ngx_hash_find_combined(&virtual_names->names,
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
ngx_hash_key(host->data, host->len),
host->data, host->len);
nginx-0.1.13-RELEASE import *) Feature: the server_names_hash and server_names_hash_threshold directives. *) Bugfix: the *.domain.tld names in the "server_name" directive did not work. *) Bugfix: the %request_length log parameter logged the incorrect length.
2004-12-21 09:30:30 -03:00
the "www.example.*" wildcard hash support
2007-06-11 15:49:22 -04:00
if (cscf) {
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
*cscfp = cscf;
return NGX_OK;
nginx-0.1.13-RELEASE import *) Feature: the server_names_hash and server_names_hash_threshold directives. *) Bugfix: the *.domain.tld names in the "server_name" directive did not work. *) Bugfix: the %request_length log parameter logged the incorrect length.
2004-12-21 09:30:30 -03:00
}
regex in server_name
2007-08-12 15:48:12 -04:00
#if (NGX_PCRE)
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
if (host->len && virtual_names->nregex) {
move condition declarations inside blocks where they are used
2007-12-10 09:09:51 -03:00
ngx_int_t n;
ngx_uint_t i;
ngx_http_server_name_t *sn;
regex in server_name
2007-08-12 15:48:12 -04:00
The default server lookup is now done only once per connection. Previously, it was done for every request in a connection.
2013-02-27 13:53:01 -03:00
sn = virtual_names->regex;
regex in server_name
2007-08-12 15:48:12 -04:00
Fixed build with --with-mail_ssl_module. If nginx was compiled without --with-http_ssl_module, but with some other module which uses OpenSSL (e.g. --with-mail_ssl_module), insufficient preprocessor check resulted in build failure. The problem was introduced by e0a3714a36f8 (1.3.14). Reported by Roman Arutyunyan.
2013-05-11 10:49:30 -04:00
#if (NGX_HTTP_SSL && defined SSL_CTRL_SET_TLSEXT_HOSTNAME)
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
if (r == NULL) {
SNI: avoid surplus lookup of virtual server if SNI was used.
2013-02-27 14:33:59 -03:00
ngx_http_connection_t *hc;
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
for (i = 0; i < virtual_names->nregex; i++) {
regex in server_name
2007-08-12 15:48:12 -04:00
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
n = ngx_regex_exec(sn[i].regex->regex, host, NULL, 0);
captures support in server_name
2009-03-06 09:50:20 -03:00
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
if (n == NGX_REGEX_NO_MATCHED) {
continue;
}
if (n >= 0) {
SNI: avoid surplus lookup of virtual server if SNI was used.
2013-02-27 14:33:59 -03:00
hc = c->data;
hc->ssl_servername_regex = sn[i].regex;
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
*cscfp = sn[i].server;
return NGX_OK;
}
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
ngx_regex_exec_n " failed: %i "
"on \"%V\" using \"%V\"",
n, host, &sn[i].regex->name);
return NGX_ERROR;
captures support in server_name
2009-03-06 09:50:20 -03:00
}
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
return NGX_DECLINED;
}
Fixed build with --with-mail_ssl_module. If nginx was compiled without --with-http_ssl_module, but with some other module which uses OpenSSL (e.g. --with-mail_ssl_module), insufficient preprocessor check resulted in build failure. The problem was introduced by e0a3714a36f8 (1.3.14). Reported by Roman Arutyunyan.
2013-05-11 10:49:30 -04:00
#endif /* NGX_HTTP_SSL && defined SSL_CTRL_SET_TLSEXT_HOSTNAME */
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
for (i = 0; i < virtual_names->nregex; i++) {
n = ngx_http_regex_exec(r, sn[i].regex, host);
regex named captures
2009-11-16 09:19:02 -03:00
if (n == NGX_DECLINED) {
regex in server_name
2007-08-12 15:48:12 -04:00
continue;
}
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
if (n == NGX_OK) {
*cscfp = sn[i].server;
return NGX_OK;
}
regex named captures
2009-11-16 09:19:02 -03:00
return NGX_ERROR;
regex in server_name
2007-08-12 15:48:12 -04:00
}
}
SNI: ignore captures in server_name regexes when matching by SNI. This change helps to decouple ngx_http_ssl_servername() from the request object. Note: now we close connection in case of error during server name lookup for request. Previously, we did so only for HTTP/0.9 requests.
2013-02-27 14:06:52 -03:00
#endif /* NGX_PCRE */
regex in server_name
2007-08-12 15:48:12 -04:00
ngx_http_find_virtual_server() should return NGX_DECLINED if virtual server not found.
2012-07-30 07:42:03 -04:00
return NGX_DECLINED;
nginx-0.1.13-RELEASE import *) Feature: the server_names_hash and server_names_hash_threshold directives. *) Bugfix: the *.domain.tld names in the "server_name" directive did not work. *) Bugfix: the %request_length log parameter logged the incorrect length.
2004-12-21 09:30:30 -03:00
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static void
ngx_http_request_handler(ngx_event_t *ev)
{
ngx_connection_t *c;
ngx_http_request_t *r;
c = ev->data;
r = c->data;
Upstream: improved subrequest logging. To ensure proper logging make sure to set current_request in all event handlers, including resolve, ssl handshake, cache lock wait timer and aio read handlers. A macro ngx_http_set_log_request() introduced to simplify this.
2014-12-01 23:54:54 -03:00
ngx_http_set_log_request(c->log, r);
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http run request: \"%V?%V\"", &r->uri, &r->args);
Fixed worker_shutdown_timeout in various cases. The ngx_http_upstream_process_upgraded() did not handle c->close request, and upgraded connections do not use the write filter. As a result, worker_shutdown_timeout did not affect upgraded connections (ticket #1419). Fix is to handle c->close in the ngx_http_request_handler() function, thus covering most of the possible cases in http handling. Additionally, mail proxying did not handle neither c->close nor c->error, and thus worker_shutdown_timeout did not work for mail connections. Fix is to add c->close handling to ngx_mail_proxy_handler(). Also, added explicit handling of c->close to stream proxy, ngx_stream_proxy_process_connection(). This improves worker_shutdown_timeout handling in stream, it will no longer wait for some data being transferred in a connection before closing it, and will also provide appropriate logging at the "info" level.
2017-11-20 10:31:07 -03:00
if (c->close) {
r->main->count++;
ngx_http_terminate_request(r, 0);
ngx_http_run_posted_requests(c);
return;
}
Moved handling of wev->delayed to the connection event handler. With post_action or subrequests, it is possible that the timer set for wev->delayed will expire while the active subrequest write event handler is not ready to handle this. This results in request hangs as observed with limit_rate / sendfile_max_chunk and post_action (ticket #776) or subrequests (ticket #1228). Moving the handling to the connection event handler fixes the hangs observed, and also slightly simplifies the code.
2017-04-02 08:32:29 -03:00
if (ev->delayed && ev->timedout) {
ev->delayed = 0;
ev->timedout = 0;
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
if (ev->write) {
r->write_event_handler(r);
} else {
r->read_event_handler(r);
}
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
ngx_http_run_posted_requests(c);
}
void
ngx_http_run_posted_requests(ngx_connection_t *c)
{
ngx_http_request_t *r;
ngx_http_posted_request_t *pr;
for ( ;; ) {
if (c->destroyed) {
return;
}
r = c->data;
pr = r->main->posted_requests;
if (pr == NULL) {
return;
}
r->main->posted_requests = pr->next;
r = pr->request;
Upstream: improved subrequest logging. To ensure proper logging make sure to set current_request in all event handlers, including resolve, ssl handshake, cache lock wait timer and aio read handlers. A macro ngx_http_set_log_request() introduced to simplify this.
2014-12-01 23:54:54 -03:00
ngx_http_set_log_request(c->log, r);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http posted request: \"%V?%V\"", &r->uri, &r->args);
r->write_event_handler(r);
}
}
ngx_int_t
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
ngx_http_post_request(ngx_http_request_t *r, ngx_http_posted_request_t *pr)
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
{
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
ngx_http_posted_request_t **p;
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (pr == NULL) {
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
pr = ngx_palloc(r->pool, sizeof(ngx_http_posted_request_t));
if (pr == NULL) {
return NGX_ERROR;
}
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
}
pr->request = r;
pr->next = NULL;
for (p = &r->main->posted_requests; *p; p = &(*p)->next) { /* void */ }
*p = pr;
return NGX_OK;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
}
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
void
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ngx_http_finalize_request(ngx_http_request_t *r, ngx_int_t rc)
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
{
optimize r->connection in ngx_http_finalize_request()
2007-08-27 11:53:00 -04:00
ngx_connection_t *c;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ngx_http_request_t *pr;
nginx-0.0.1-2003-12-14-23:10:27 import
2003-12-14 17:10:27 -03:00
ngx_http_core_loc_conf_t *clcf;
request reference counter
2009-08-26 12:04:05 -04:00
c = r->connection;
ngx_log_debug5(NGX_LOG_DEBUG_HTTP, c->log, 0,
Fixed logging.
2016-03-30 20:33:57 -03:00
"http finalize request: %i, \"%V?%V\" a:%d, c:%d",
request reference counter
2009-08-26 12:04:05 -04:00
rc, &r->uri, &r->args, r == c->data, r->main->count);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
if (rc == NGX_DONE) {
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_finalize_connection(r);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
return;
}
handle big responses for "size" and "test" image_filters
2009-05-08 10:25:51 -04:00
if (rc == NGX_OK && r->filter_finalize) {
c->error = 1;
}
nginx-0.4.0-RELEASE import *) Change in internal API: the HTTP modules initialization was moved from the init module phase to the HTTP postconfiguration phase. *) Change: now the request body is not read beforehand for the ngx_http_perl_module: it's required to start the reading using the $r->has_request_body method. *) Feature: the ngx_http_perl_module supports the DECLINED return code. *) Feature: the ngx_http_dav_module supports the incoming "Date" header line for the PUT method. *) Feature: the "ssi" directive is available inside the "if" block. *) Bugfix: a segmentation fault occurred if there was an "index" directive with variables and the first index name was without variables; the bug had appeared in 0.1.29.
2006-08-30 06:39:17 -04:00
if (rc == NGX_DECLINED) {
r->content_handler = NULL;
r->write_event_handler = ngx_http_core_run_phases;
ngx_http_core_run_phases(r);
return;
}
<!--#include virtual=... set=... -->
2006-10-13 11:20:10 -04:00
if (r != r->main && r->post_subrequest) {
rc = r->post_subrequest->handler(r, r->post_subrequest->data, rc);
nginx-0.3.55-RELEASE import *) Feature: the "stub" parameter in the "include" SSI command. *) Feature: the "block" SSI command. *) Feature: the unicode2nginx script was added to contrib. *) Bugfix: if a "root" was specified by variable only, then the root was relative to a server prefix. *) Bugfix: if the request contained "//" or "/./" and escaped symbols after them, then the proxied request was sent unescaped. *) Bugfix: the $r->headers_in("Cookie") of the ngx_http_perl_module now returns all "Cookie" header lines. *) Bugfix: a segmentation fault occurred if "client_body_in_file_only on" was used and nginx switched to a next upstream. *) Bugfix: on some condition while reconfiguration character codes inside the "charset_map" may be treated invalid; the bug had appeared in 0.3.50.
2006-07-28 11:16:17 -04:00
}
call post_action for 499
2007-12-27 10:13:34 -03:00
if (rc == NGX_ERROR
|| rc == NGX_HTTP_REQUEST_TIME_OUT
|| rc == NGX_HTTP_CLIENT_CLOSED_REQUEST
|| c->error)
{
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
if (ngx_http_post_action(r) == NGX_OK) {
return;
}
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_terminate_request(r, rc);
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
return;
}
nginx-0.3.40-RELEASE import *) Feature: the ngx_http_dav_module supports the MKCOL method. *) Feature: the "create_full_put_path" directive. *) Feature: the "$limit_rate" variable.
2006-04-19 11:30:56 -04:00
if (rc >= NGX_HTTP_SPECIAL_RESPONSE
|| rc == NGX_HTTP_CREATED
|| rc == NGX_HTTP_NO_CONTENT)
{
nginx-0.3.15-RELEASE import *) Feature: the new 444 code of the "return" directive to close connection. *) Feature: the "so_keepalive" directive in IMAP/POP3 proxy. *) Bugfix: if there are unclosed connection nginx now calls abort() only on gracefull quit and active "debug_points" directive.
2005-12-07 11:51:31 -03:00
if (rc == NGX_HTTP_CLOSE) {
Allow resetting connections closed by "return 444" (ticket #905). If reset_timedout_connection is on, TCP connections closed by "return 444" will be reset instead of a normal close.
2018-07-12 05:50:20 -04:00
c->timedout = 1;
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_terminate_request(r, rc);
nginx-0.3.15-RELEASE import *) Feature: the new 444 code of the "return" directive to close connection. *) Feature: the "so_keepalive" directive in IMAP/POP3 proxy. *) Bugfix: if there are unclosed connection nginx now calls abort() only on gracefull quit and active "debug_points" directive.
2005-12-07 11:51:31 -03:00
return;
}
nginx-0.3.20-RELEASE import *) Bugfix: in SSI handling. *) Bugfix: the ngx_http_memcached_module did not support the keys in the "/usr?args" form.
2006-01-11 12:26:57 -03:00
if (r == r->main) {
optimize r->connection in ngx_http_finalize_request()
2007-08-27 11:53:00 -04:00
if (c->read->timer_set) {
ngx_del_timer(c->read);
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
}
optimize r->connection in ngx_http_finalize_request()
2007-08-27 11:53:00 -04:00
if (c->write->timer_set) {
ngx_del_timer(c->write);
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
}
}
set request handlers, this fixes complex proxied 400 handler with SSI includes
2008-09-15 12:44:37 -04:00
c->read->handler = ngx_http_request_handler;
c->write->handler = ngx_http_request_handler;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ngx_http_finalize_request(r, ngx_http_special_response_handler(r, rc));
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
return;
}
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (r != r->main) {
refactor log_subrequest
2008-09-29 09:18:41 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (r->buffered || r->postponed) {
refactor log_subrequest
2008-09-29 09:18:41 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (ngx_http_set_write_handler(r) != NGX_OK) {
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_terminate_request(r, 0);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
}
refactor log_subrequest
2008-09-29 09:18:41 -04:00
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
return;
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
pr = r->parent;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
Simplified subrequest finalization. Now it looks similar to what it was before background subrequests were introduced in 9552758a786e.
2020-02-28 13:54:13 -03:00
if (r == c->data || r->background) {
request reference counter
2009-08-26 12:04:05 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (!r->logged) {
Simplified subrequest finalization. Now it looks similar to what it was before background subrequests were introduced in 9552758a786e.
2020-02-28 13:54:13 -03:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (clcf->log_subrequest) {
ngx_http_log_request(r);
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
r->logged = 1;
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
} else {
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
"subrequest: \"%V?%V\" logged again",
&r->uri, &r->args);
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
r->done = 1;
nginx-0.1.38-RELEASE import *) Feature: the "limit_rate" directive is supported in in proxy and FastCGI mode. *) Feature: the "X-Accel-Limit-Rate" response header line is supported in proxy and FastCGI mode. *) Feature: the "break" directive. *) Feature: the "log_not_found" directive. *) Bugfix: the response status code was not changed when request was redirected by the ""X-Accel-Redirect" header line. *) Bugfix: the variables set by the "set" directive could not be used in SSI. *) Bugfix: the segmentation fault may occurred if the SSI page has more than one remote subrequest. *) Bugfix: nginx treated the backend response as invalid if the status line in the header was transferred in two packets; the bug had appeared in 0.1.29. *) Feature: the "ssi_types" directive. *) Feature: the "autoindex_exact_size" directive. *) Bugfix: the ngx_http_autoindex_module did not support the long file names in UTF-8. *) Feature: the IMAP/POP3 proxy.
2005-07-08 10:34:20 -04:00
Simplified subrequest finalization. Now it looks similar to what it was before background subrequests were introduced in 9552758a786e.
2020-02-28 13:54:13 -03:00
if (r->background) {
ngx_http_finalize_connection(r);
return;
}
r->main->count--;
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (pr->postponed && pr->postponed->request == r) {
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
pr->postponed = pr->postponed->next;
nginx-0.3.20-RELEASE import *) Bugfix: in SSI handling. *) Bugfix: the ngx_http_memcached_module did not support the keys in the "/usr?args" form.
2006-01-11 12:26:57 -03:00
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
c->data = pr;
nginx-0.3.44-RELEASE import *) Feature: the "wait" parameter in the "include" SSI command. *) Feature: the Ukrainian and Byelorussian characters were added to koi-win conversion table. *) Bugfix: in the SSI.
2006-05-04 11:32:46 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
} else {
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
Removed surplus condition.
2012-04-27 07:48:42 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http finalize non-active request: \"%V?%V\"",
&r->uri, &r->args);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
r->write_event_handler = ngx_http_request_finalizer;
nginx-0.3.20-RELEASE import *) Bugfix: in SSI handling. *) Bugfix: the ngx_http_memcached_module did not support the keys in the "/usr?args" form.
2006-01-11 12:26:57 -03:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (r->waited) {
r->done = 1;
nginx-0.3.44-RELEASE import *) Feature: the "wait" parameter in the "include" SSI command. *) Feature: the Ukrainian and Byelorussian characters were added to koi-win conversion table. *) Bugfix: in the SSI.
2006-05-04 11:32:46 -04:00
}
*) log_subrequest *) flush variables in access log
2008-09-27 11:08:02 -04:00
}
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
if (ngx_http_post_request(pr, NULL) != NGX_OK) {
request reference counter
2009-08-26 12:04:05 -04:00
r->main->count++;
ngx_http_terminate_request(r, 0);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
return;
}
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http wake parent request: \"%V?%V\"",
&pr->uri, &pr->args);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
return;
}
nginx-0.0.1-2003-10-27-11:53:49 import
2003-10-27 05:53:49 -03:00
Fixed background requests with asynchronous operations. If the main request was finalized while a background request performed an asynchronous operation, the main request ended up in ngx_http_writer() and was not finalized until a network event or a timeout. For example, cache background update with aio enabled made nginx unable to process further client requests or close the connection, keeping it open until client closes it. Now regular finalization of the main request is not suspended because of an asynchronous operation in another request. If a background request was terminated while an asynchronous operation was in progress, background request's write event handler was changed to ngx_http_request_finalizer() and never called again. Now, whenever a request is terminated while an asynchronous operation is in progress, connection error flag is set to make further finalizations of any request with this connection lead to termination. These issues appeared in 1aeaae6e9446 (not yet released).
2017-05-29 16:33:38 -04:00
if (r->buffered || c->buffered || r->postponed) {
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (ngx_http_set_write_handler(r) != NGX_OK) {
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_terminate_request(r, 0);
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
}
nginx-0.0.1-2003-10-10-19:10:50 import
2003-10-10 11:10:50 -04:00
return;
nginx-0.1.38-RELEASE import *) Feature: the "limit_rate" directive is supported in in proxy and FastCGI mode. *) Feature: the "X-Accel-Limit-Rate" response header line is supported in proxy and FastCGI mode. *) Feature: the "break" directive. *) Feature: the "log_not_found" directive. *) Bugfix: the response status code was not changed when request was redirected by the ""X-Accel-Redirect" header line. *) Bugfix: the variables set by the "set" directive could not be used in SSI. *) Bugfix: the segmentation fault may occurred if the SSI page has more than one remote subrequest. *) Bugfix: nginx treated the backend response as invalid if the status line in the header was transferred in two packets; the bug had appeared in 0.1.29. *) Feature: the "ssi_types" directive. *) Feature: the "autoindex_exact_size" directive. *) Bugfix: the ngx_http_autoindex_module did not support the long file names in UTF-8. *) Feature: the IMAP/POP3 proxy.
2005-07-08 10:34:20 -04:00
}
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (r != c->data) {
ngx_log_error(NGX_LOG_ALERT, c->log, 0,
"http finalize non-active request: \"%V?%V\"",
&r->uri, &r->args);
nginx-0.0.1-2003-10-10-19:10:50 import
2003-10-10 11:10:50 -04:00
return;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
}
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
r->done = 1;
Background subrequests for cache updates. Previously, cache background update might not work as expected, making client wait for it to complete before receiving the final part of a stale response. This could happen if the response could not be sent to the client socket in one filter chain call. Now background cache update is done in a background subrequest. This type of subrequest does not block any other subrequests or the main request.
2017-05-25 08:57:59 -04:00
r->read_event_handler = ngx_http_block_reading;
Fix segfault when while discarding body a write event handler is called, runs ngx_http_core_run_phases(), and starts a request processing again. The write event has clear type and remained in a keepalive connection. The bug was introduced in r3050.
2010-01-28 05:33:24 -03:00
r->write_event_handler = ngx_http_request_empty_handler;
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
nginx-0.3.36-RELEASE import *) Feature: the ngx_http_addition_filter_module. *) Feature: the "proxy_pass" and "fastcgi_pass" directives may be used inside the "if" block. *) Feature: the "proxy_ignore_client_abort" and "fastcgi_ignore_client_abort" directives. *) Feature: the "$request_completion" variable. *) Feature: the ngx_http_perl_module supports the $r->request_method and $r->remote_addr. *) Feature: the ngx_http_ssi_module supports the "elif" command. *) Bugfix: the "\/" string in the expression of the "if" command of the ngx_http_ssi_module was treated incorrectly. *) Bugfix: in the regular expressions in the "if" command of the ngx_http_ssi_module. *) Bugfix: if the relative path was specified in the "client_body_temp_path", "proxy_temp_path", "fastcgi_temp_path", and "perl_modules" directives, then the directory was used relatively to a current path but not to a server prefix.
2006-04-05 09:40:54 -04:00
if (!r->post_action) {
r->request_complete = 1;
}
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
if (ngx_http_post_action(r) == NGX_OK) {
nginx-0.3.10-RELEASE import *) Change: the "valid_referers" directive and the "$invalid_referer" variable were moved to the new ngx_http_referer_module from the ngx_http_rewrite_module. *) Change: the "$apache_bytes_sent" variable name was changed to "$body_bytes_sent". *) Feature: the "$sent_http_..." variables. *) Feature: the "if" directive supports the "=" and "!=" operations. *) Feature: the "proxy_pass" directive supports the HTTPS protocol. *) Feature: the "proxy_set_body" directive. *) Feature: the "post_action" directive. *) Feature: the ngx_http_empty_gif_module. *) Feature: the "worker_cpu_affinity" directive for Linux. *) Bugfix: the "rewrite" directive did not unescape URI part in redirect, now it is unescaped except the %00-%25 and %7F-%FF characters. *) Bugfix: nginx could not be built by the icc 9.0 compiler. *) Bugfix: if the SSI was enabled for zero size static file, then the chunked response was encoded incorrectly.
2005-11-15 10:30:52 -03:00
return;
}
optimize r->connection in ngx_http_finalize_request()
2007-08-27 11:53:00 -04:00
if (c->read->timer_set) {
ngx_del_timer(c->read);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
optimize r->connection in ngx_http_finalize_request()
2007-08-27 11:53:00 -04:00
if (c->write->timer_set) {
c->write->delayed = 0;
ngx_del_timer(c->write);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_finalize_connection(r);
}
static void
ngx_http_terminate_request(ngx_http_request_t *r, ngx_int_t rc)
{
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
ngx_http_cleanup_t *cln;
ngx_http_request_t *mr;
ngx_http_ephemeral_t *e;
request reference counter
2009-08-26 12:04:05 -04:00
mr = r->main;
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
"http terminate request count:%d", mr->count);
request reference counter
2009-08-26 12:04:05 -04:00
log 499 instead 0, the bug was introduced in r3050
2009-09-30 08:05:08 -04:00
if (rc > 0 && (mr->headers_out.status == 0 || mr->connection->sent == 0)) {
mr->headers_out.status = rc;
}
request reference counter
2009-08-26 12:04:05 -04:00
cln = mr->cleanup;
mr->cleanup = NULL;
while (cln) {
if (cln->handler) {
cln->handler(cln->data);
}
cln = cln->next;
}
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http terminate cleanup count:%d blk:%d",
mr->count, mr->blocked);
request reference counter
2009-08-26 12:04:05 -04:00
if (mr->write_event_handler) {
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
if (mr->blocked) {
Fixed background requests with asynchronous operations. If the main request was finalized while a background request performed an asynchronous operation, the main request ended up in ngx_http_writer() and was not finalized until a network event or a timeout. For example, cache background update with aio enabled made nginx unable to process further client requests or close the connection, keeping it open until client closes it. Now regular finalization of the main request is not suspended because of an asynchronous operation in another request. If a background request was terminated while an asynchronous operation was in progress, background request's write event handler was changed to ngx_http_request_finalizer() and never called again. Now, whenever a request is terminated while an asynchronous operation is in progress, connection error flag is set to make further finalizations of any request with this connection lead to termination. These issues appeared in 1aeaae6e9446 (not yet released).
2017-05-29 16:33:38 -04:00
r->connection->error = 1;
r->write_event_handler = ngx_http_request_finalizer;
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
return;
}
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
e = ngx_http_ephemeral(mr);
style fix
2009-08-28 03:50:45 -04:00
mr->posted_requests = NULL;
mr->write_event_handler = ngx_http_terminate_handler;
*) ngx_http_ephemeral *) use preallocated terminal_posted_request
2009-08-30 05:47:11 -04:00
(void) ngx_http_post_request(mr, &e->terminal_posted_request);
request reference counter
2009-08-26 12:04:05 -04:00
return;
}
ngx_http_close_request(mr, rc);
}
static void
ngx_http_terminate_handler(ngx_http_request_t *r)
{
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
"http terminate handler count:%d", r->count);
request reference counter
2009-08-26 12:04:05 -04:00
r->count = 1;
ngx_http_close_request(r, 0);
}
static void
ngx_http_finalize_connection(ngx_http_request_t *r)
{
ngx_http_core_loc_conf_t *clcf;
The HTTP/2 implementation (RFC 7240, 7241). The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 14:13:06 -03:00
#if (NGX_HTTP_V2)
if (r->stream) {
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
ngx_http_close_request(r, 0);
return;
}
#endif
HTTP/3: merged ngx_http_quic_module into ngx_http_v3_module.
2021-12-06 07:02:36 -03:00
#if (NGX_HTTP_V3)
QUIC: renamed c->qs to c->quic.
2020-11-10 16:40:00 -03:00
if (r->connection->quic) {
HTTP/3: drop the unwanted remainder of the request. As per HTTP/3 draft 29, section 4.1: When the server does not need to receive the remainder of the request, it MAY abort reading the request stream, send a complete response, and cleanly close the sending part of the stream.
2020-08-25 05:45:21 -04:00
ngx_http_close_request(r, 0);
return;
}
#endif
add lingering timeout if a response is short and a request body is being discarded, the bug was introduced in r3050
2009-10-19 11:08:09 -03:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
request reference counter
2009-08-26 12:04:05 -04:00
if (r->main->count != 1) {
add lingering timeout if a response is short and a request body is being discarded, the bug was introduced in r3050
2009-10-19 11:08:09 -03:00
restore discard body handler after ngx_http_set_writer() set it to ngx_http_test_reading(), the bug was introduced in r3050
2009-10-19 13:12:13 -03:00
if (r->discard_body) {
r->read_event_handler = ngx_http_discarded_request_body_handler;
always set timer in discard body handler, this fixes the cases when request for static file is redirected by error_page to an SSI page patch by Maxim Dounin
2011-08-01 09:52:54 -04:00
ngx_add_timer(r->connection->read, clcf->lingering_timeout);
restore discard body handler after ngx_http_set_writer() set it to ngx_http_test_reading(), the bug was introduced in r3050
2009-10-19 13:12:13 -03:00
if (r->lingering_time == 0) {
r->lingering_time = ngx_time()
add lingering timeout if a response is short and a request body is being discarded, the bug was introduced in r3050
2009-10-19 11:08:09 -03:00
+ (time_t) (clcf->lingering_time / 1000);
restore discard body handler after ngx_http_set_writer() set it to ngx_http_test_reading(), the bug was introduced in r3050
2009-10-19 13:12:13 -03:00
}
add lingering timeout if a response is short and a request body is being discarded, the bug was introduced in r3050
2009-10-19 11:08:09 -03:00
}
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_close_request(r, 0);
return;
}
Background subrequests for cache updates. Previously, cache background update might not work as expected, making client wait for it to complete before receiving the final part of a stale response. This could happen if the response could not be sent to the client socket in one filter chain call. Now background cache update is done in a background subrequest. This type of subrequest does not block any other subrequests or the main request.
2017-05-25 08:57:59 -04:00
r = r->main;
Cancel keepalive and lingering close on EOF better (ticket #2145). Unlike in 75e908236701, which added the logic to ngx_http_finalize_request(), this change moves it to a more generic routine ngx_http_finalize_connection() to cover cases when a request is finalized with NGX_DONE. In particular, this fixes unwanted connection transition into the keepalive state after receiving EOF while discarding request body. With edge-triggered event methods that means the connection will last for extra seconds as set in the keepalive_timeout directive.
2021-03-24 08:03:33 -03:00
if (r->connection->read->eof) {
ngx_http_close_request(r, 0);
return;
}
Request body: unbuffered reading. The r->request_body_no_buffering flag was introduced. It instructs client request body reading code to avoid reading the whole body, and to call post_handler early instead. The caller should use the ngx_http_read_unbuffered_request_body() function to read remaining parts of the body. Upstream module is now able to use this mode, if configured with the proxy_request_buffering directive.
2015-03-23 15:09:19 -03:00
if (r->reading_body) {
r->keepalive = 0;
r->lingering_close = 1;
}
nginx-0.0.1-2004-01-16-09:15:48 import
2004-01-16 03:15:48 -03:00
if (!ngx_terminate
nginx-0.0.3-2004-04-26-00:13:21 import
2004-04-25 16:13:21 -04:00
&& !ngx_exiting
style fix
2008-05-21 13:39:51 -04:00
&& r->keepalive
nginx-0.0.1-2004-01-16-09:15:48 import
2004-01-16 03:15:48 -03:00
&& clcf->keepalive_timeout > 0)
{
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_set_keepalive(r);
nginx-0.0.1-2004-01-16-09:15:48 import
2004-01-16 03:15:48 -03:00
return;
lingering_close "off|on|always" patch by Maxim Dounin
2011-08-01 09:26:55 -04:00
}
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
lingering_close "off|on|always" patch by Maxim Dounin
2011-08-01 09:26:55 -04:00
if (clcf->lingering_close == NGX_HTTP_LINGERING_ALWAYS
|| (clcf->lingering_close == NGX_HTTP_LINGERING_ON
&& (r->lingering_close
|| r->header_in->pos < r->header_in->last
|| r->connection->read->ready)))
enable lingering close for pipelined requests patch by Maxim Dounin
2011-08-01 07:08:57 -04:00
{
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
ngx_http_set_lingering_close(r->connection);
nginx-0.0.1-2004-01-16-09:15:48 import
2004-01-16 03:15:48 -03:00
return;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
}
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
nginx-0.0.1-2004-01-16-09:15:48 import
2004-01-16 03:15:48 -03:00
ngx_http_close_request(r, 0);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
static ngx_int_t
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ngx_http_set_write_handler(ngx_http_request_t *r)
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
{
ngx_event_t *wev;
nginx-0.0.1-2003-05-19-20:39:14 import
2003-05-19 12:39:14 -04:00
ngx_http_core_loc_conf_t *clcf;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
nginx-0.0.7-2004-06-25-18:42:03 import
2004-06-25 10:42:03 -04:00
r->http_state = NGX_HTTP_WRITING_REQUEST_STATE;
allow discarding body while a long response transfer
2009-10-19 13:13:38 -03:00
r->read_event_handler = r->discard_body ?
ngx_http_discarded_request_body_handler:
ngx_http_test_reading;
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
r->write_event_handler = ngx_http_writer;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
wev = r->connection->write;
nginx-0.0.7-2004-06-21-19:59:32 import
2004-06-21 11:59:32 -04:00
if (wev->ready && wev->delayed) {
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
return NGX_OK;
nginx-0.0.1-2003-04-17-21:59:35 import
2003-04-17 13:59:35 -04:00
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
nginx-0.0.7-2004-06-21-19:59:32 import
2004-06-21 11:59:32 -04:00
if (!wev->delayed) {
nginx-0.0.7-2004-06-20-23:54:15 import
2004-06-20 15:54:15 -04:00
ngx_add_timer(wev, clcf->send_timeout);
}
nginx-0.0.1-2003-02-06-20:21:13 import
2003-02-06 14:21:13 -03:00
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
nginx-0.0.1-2003-10-10-19:10:50 import
2003-10-10 11:10:50 -04:00
ngx_http_close_request(r, 0);
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
return NGX_ERROR;
nginx-0.0.1-2003-10-10-19:10:50 import
2003-10-10 11:10:50 -04:00
}
nginx-0.1.37-RELEASE import *) Change: now the "\n" is added to the end of the "nginx.pid" file. *) Bugfix: the responses may be transferred not completely, if many parts or the big parts were included by SSI. *) Bugfix: if all backends had returned the 404 reponse and the "http_404" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives was used, then nginx started to request all backends again.
2005-06-23 09:41:06 -04:00
return NGX_OK;
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
static void
ngx_http_writer(ngx_http_request_t *r)
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
{
Fixed type.
2017-04-03 03:29:40 -03:00
ngx_int_t rc;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ngx_event_t *wev;
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
ngx_connection_t *c;
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
ngx_http_core_loc_conf_t *clcf;
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
c = r->connection;
wev = c->write;
nginx-0.0.1-2003-11-19-19:26:41 import
2003-11-19 13:26:41 -03:00
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, wev->log, 0,
"http writer handler: \"%V?%V\"", &r->uri, &r->args);
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
clcf = ngx_http_get_module_loc_conf(r->main, ngx_http_core_module);
nginx-0.0.1-2003-10-27-11:53:49 import
2003-10-27 05:53:49 -03:00
if (wev->timedout) {
Moved handling of wev->delayed to the connection event handler. With post_action or subrequests, it is possible that the timer set for wev->delayed will expire while the active subrequest write event handler is not ready to handle this. This results in request hangs as observed with limit_rate / sendfile_max_chunk and post_action (ticket #776) or subrequests (ticket #1228). Moving the handling to the connection event handler fixes the hangs observed, and also slightly simplifies the code.
2017-04-02 08:32:29 -03:00
ngx_log_error(NGX_LOG_INFO, c->log, NGX_ETIMEDOUT,
"client timed out");
c->timedout = 1;
nginx-0.0.7-2004-06-20-23:54:15 import
2004-06-20 15:54:15 -04:00
Moved handling of wev->delayed to the connection event handler. With post_action or subrequests, it is possible that the timer set for wev->delayed will expire while the active subrequest write event handler is not ready to handle this. This results in request hangs as observed with limit_rate / sendfile_max_chunk and post_action (ticket #776) or subrequests (ticket #1228). Moving the handling to the connection event handler fixes the hangs observed, and also slightly simplifies the code.
2017-04-02 08:32:29 -03:00
ngx_http_finalize_request(r, NGX_HTTP_REQUEST_TIME_OUT);
return;
Fix for socket leak with "aio sendfile" and "limit_rate". Second aio post happened when timer set by limit_rate expired while we have aio request in flight, resulting in "second aio post" alert and socket leak. The patch adds actual protection from aio calls with r->aio already set to aio sendfile code in ngx_http_copy_filter(). This should fix other cases as well, e.g. when sending buffered to disk upstream replies while still talking to upstream. The ngx_http_writer() is also fixed to handle the above case (though it's mostly optimization now). Reported by Oleksandr V. Typlyns'kyi.
2011-10-11 15:00:23 -03:00
}
nginx-0.0.7-2004-06-21-19:59:32 import
2004-06-21 11:59:32 -04:00
Fix for socket leak with "aio sendfile" and "limit_rate". Second aio post happened when timer set by limit_rate expired while we have aio request in flight, resulting in "second aio post" alert and socket leak. The patch adds actual protection from aio calls with r->aio already set to aio sendfile code in ngx_http_copy_filter(). This should fix other cases as well, e.g. when sending buffered to disk upstream replies while still talking to upstream. The ngx_http_writer() is also fixed to handle the above case (though it's mostly optimization now). Reported by Oleksandr V. Typlyns'kyi.
2011-10-11 15:00:23 -03:00
if (wev->delayed || r->aio) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, wev->log, 0,
"http writer delayed");
nginx-0.0.7-2004-06-21-19:59:32 import
2004-06-21 11:59:32 -04:00
Moved handling of wev->delayed to the connection event handler. With post_action or subrequests, it is possible that the timer set for wev->delayed will expire while the active subrequest write event handler is not ready to handle this. This results in request hangs as observed with limit_rate / sendfile_max_chunk and post_action (ticket #776) or subrequests (ticket #1228). Moving the handling to the connection event handler fixes the hangs observed, and also slightly simplifies the code.
2017-04-02 08:32:29 -03:00
if (!wev->delayed) {
ngx_add_timer(wev, clcf->send_timeout);
}
Fix for socket leak with "aio sendfile" and "limit_rate". Second aio post happened when timer set by limit_rate expired while we have aio request in flight, resulting in "second aio post" alert and socket leak. The patch adds actual protection from aio calls with r->aio already set to aio sendfile code in ngx_http_copy_filter(). This should fix other cases as well, e.g. when sending buffered to disk upstream replies while still talking to upstream. The ngx_http_writer() is also fixed to handle the above case (though it's mostly optimization now). Reported by Oleksandr V. Typlyns'kyi.
2011-10-11 15:00:23 -03:00
if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
ngx_http_close_request(r, 0);
nginx-0.0.7-2004-06-20-23:54:15 import
2004-06-20 15:54:15 -04:00
}
Fix for socket leak with "aio sendfile" and "limit_rate". Second aio post happened when timer set by limit_rate expired while we have aio request in flight, resulting in "second aio post" alert and socket leak. The patch adds actual protection from aio calls with r->aio already set to aio sendfile code in ngx_http_copy_filter(). This should fix other cases as well, e.g. when sending buffered to disk upstream replies while still talking to upstream. The ngx_http_writer() is also fixed to handle the above case (though it's mostly optimization now). Reported by Oleksandr V. Typlyns'kyi.
2011-10-11 15:00:23 -03:00
return;
nginx-0.0.1-2003-10-27-11:53:49 import
2003-10-27 05:53:49 -03:00
}
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
rc = ngx_http_output_filter(r, NULL);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
ngx_log_debug3(NGX_LOG_DEBUG_HTTP, c->log, 0,
Fixed type.
2017-04-03 03:29:40 -03:00
"http writer output filter: %i, \"%V?%V\"",
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
rc, &r->uri, &r->args);
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
fix socket leak introduced in r2378
2009-05-25 05:56:01 -04:00
if (rc == NGX_ERROR) {
ngx_http_finalize_request(r, rc);
return;
}
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
if (r->buffered || r->postponed || (r == r->main && c->buffered)) {
Fix for connection drops with AIO. Connections serving content with AIO to fast clients were dropped with "client timed out" messages after send_timeout from response start.
2011-10-11 14:58:51 -03:00
if (!wev->delayed) {
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
ngx_add_timer(wev, clcf->send_timeout);
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
}
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_write_event(wev, clcf->send_lowat) != NGX_OK) {
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
ngx_http_close_request(r, 0);
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
}
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
return;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, wev->log, 0,
"http writer done: \"%V?%V\"", &r->uri, &r->args);
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
fix two previous commits: an early parallel body discarding completion disables incomplete ngx_http_writer()
2009-10-20 08:48:28 -03:00
r->write_event_handler = ngx_http_request_empty_handler;
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
ngx_http_finalize_request(r, rc);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
}
*) refactor subrequest handling, now they run as separate posted requests *) now $upstream_addr, $upstream_status, $upstream_response_time can be used with log_subrequest
2008-12-08 11:23:20 -03:00
static void
ngx_http_request_finalizer(ngx_http_request_t *r)
{
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"http finalizer done: \"%V?%V\"", &r->uri, &r->args);
ngx_http_finalize_request(r, 0);
}
rename ngx_http_block_read() and ngx_http_test_read() to ..._reading()
2007-08-06 11:22:40 -04:00
void
ngx_http_block_reading(ngx_http_request_t *r)
proxy_ignore_client_abort, fastcgi_ignore_client_abort, and so on were broken by r1111
2007-07-10 16:53:45 -04:00
{
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
rename ngx_http_block_read() and ngx_http_test_read() to ..._reading()
2007-08-06 11:22:40 -04:00
"http reading blocked");
proxy_ignore_client_abort, fastcgi_ignore_client_abort, and so on were broken by r1111
2007-07-10 16:53:45 -04:00
/* aio does not call this handler */
if ((ngx_event_flags & NGX_USE_LEVEL_EVENT)
&& r->connection->read->active)
{
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_del_event(r->connection->read, NGX_READ_EVENT, 0) != NGX_OK) {
proxy_ignore_client_abort, fastcgi_ignore_client_abort, and so on were broken by r1111
2007-07-10 16:53:45 -04:00
ngx_http_close_request(r, 0);
}
}
}
ngx_http_limit_req_module
2008-11-10 12:22:33 -03:00
void
rename ngx_http_block_read() and ngx_http_test_read() to ..._reading()
2007-08-06 11:22:40 -04:00
ngx_http_test_reading(ngx_http_request_t *r)
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
{
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
int n;
char buf[1];
ngx_err_t err;
ngx_event_t *rev;
ngx_connection_t *c;
c = r->connection;
rev = c->read;
rename ngx_http_block_read() and ngx_http_test_read() to ..._reading()
2007-08-06 11:22:40 -04:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http test reading");
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
The HTTP/2 implementation (RFC 7240, 7241). The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 14:13:06 -03:00
#if (NGX_HTTP_V2)
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
The HTTP/2 implementation (RFC 7240, 7241). The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 14:13:06 -03:00
if (r->stream) {
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
if (c->error) {
err = 0;
goto closed;
}
return;
}
#endif
HTTP/3: merged ngx_http_quic_module into ngx_http_v3_module.
2021-12-06 07:02:36 -03:00
#if (NGX_HTTP_V3)
QUIC: fixed ngx_http_test_reading() for QUIC streams. Previously this function generated an error trying to figure out if client shut down the write end of the connection. The reason for this error was that a QUIC stream has no socket descriptor. However checking for eof is not the right thing to do for an HTTP/3 QUIC stream since HTTP/3 clients are expected to shut down the write end of the stream after sending the request. Now the function handles QUIC streams separately. It checks if c->read->error is set. The error flags for c->read and c->write are now set for all streams when closing the QUIC connection instead of setting the pending_eof flag.
2020-08-11 03:41:39 -04:00
QUIC: renamed c->qs to c->quic.
2020-11-10 16:40:00 -03:00
if (c->quic) {
HTTP/3: simplified code.
2022-01-12 05:57:06 -03:00
if (rev->error) {
HTTP/3: set c->error on read error in ngx_http_test_reading(). Similar to other error/eof cases.
2022-01-12 05:57:46 -03:00
c->error = 1;
QUIC: fixed ngx_http_test_reading() for QUIC streams. Previously this function generated an error trying to figure out if client shut down the write end of the connection. The reason for this error was that a QUIC stream has no socket descriptor. However checking for eof is not the right thing to do for an HTTP/3 QUIC stream since HTTP/3 clients are expected to shut down the write end of the stream after sending the request. Now the function handles QUIC streams separately. It checks if c->read->error is set. The error flags for c->read and c->write are now set for all streams when closing the QUIC connection instead of setting the pending_eof flag.
2020-08-11 03:41:39 -04:00
err = 0;
goto closed;
}
return;
}
#endif
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
#if (NGX_HAVE_KQUEUE)
if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) {
if (!rev->pending_eof) {
return;
}
rev->eof = 1;
c->error = 1;
err = rev->kq_errno;
goto closed;
}
Use EPOLLRDHUP in ngx_http_test_reading() (ticket #320). This allows to detect client connection close with pending data when the ngx_http_test_reading() request event handler is set.
2013-09-16 11:33:39 -03:00
#endif
#if (NGX_HAVE_EPOLLRDHUP)
Improved EPOLLRDHUP handling. When it's known that the kernel supports EPOLLRDHUP, there is no need in additional recv() call to get EOF or error when the flag is absent in the event generated by the kernel. A special runtime test is done at startup to detect if EPOLLRDHUP is actually supported by the kernel because epoll_ctl() silently ignores unknown flags. With this knowledge it's now possible to drop the "ready" flag for partial read. Previously, the "ready" flag was kept until the recv() returned EOF or error. In particular, this change allows the lingering close heuristics (which relies on the "ready" flag state) to actually work on Linux, and not wait for more data in most cases. The "available" flag is now used in the read event with the semantics similar to the corresponding counter in kqueue.
2016-05-13 11:19:23 -03:00
if ((ngx_event_flags & NGX_USE_EPOLL_EVENT) && ngx_use_epoll_rdhup) {
Use EPOLLRDHUP in ngx_http_test_reading() (ticket #320). This allows to detect client connection close with pending data when the ngx_http_test_reading() request event handler is set.
2013-09-16 11:33:39 -03:00
socklen_t len;
Improved EPOLLRDHUP handling. When it's known that the kernel supports EPOLLRDHUP, there is no need in additional recv() call to get EOF or error when the flag is absent in the event generated by the kernel. A special runtime test is done at startup to detect if EPOLLRDHUP is actually supported by the kernel because epoll_ctl() silently ignores unknown flags. With this knowledge it's now possible to drop the "ready" flag for partial read. Previously, the "ready" flag was kept until the recv() returned EOF or error. In particular, this change allows the lingering close heuristics (which relies on the "ready" flag state) to actually work on Linux, and not wait for more data in most cases. The "available" flag is now used in the read event with the semantics similar to the corresponding counter in kqueue.
2016-05-13 11:19:23 -03:00
if (!rev->pending_eof) {
return;
}
Use EPOLLRDHUP in ngx_http_test_reading() (ticket #320). This allows to detect client connection close with pending data when the ngx_http_test_reading() request event handler is set.
2013-09-16 11:33:39 -03:00
rev->eof = 1;
c->error = 1;
err = 0;
len = sizeof(ngx_err_t);
/*
* BSDs and Linux return 0 and set a pending error in err
* Solaris returns -1 and sets errno
*/
if (getsockopt(c->fd, SOL_SOCKET, SO_ERROR, (void *) &err, &len)
== -1)
{
Use ngx_socket_errno where appropriate. Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
2014-02-03 19:17:17 -03:00
err = ngx_socket_errno;
Use EPOLLRDHUP in ngx_http_test_reading() (ticket #320). This allows to detect client connection close with pending data when the ngx_http_test_reading() request event handler is set.
2013-09-16 11:33:39 -03:00
}
goto closed;
}
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
#endif
n = recv(c->fd, buf, 1, MSG_PEEK);
if (n == 0) {
rev->eof = 1;
c->error = 1;
err = 0;
goto closed;
} else if (n == -1) {
err = ngx_socket_errno;
if (err != NGX_EAGAIN) {
rev->eof = 1;
c->error = 1;
goto closed;
}
}
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
nginx-0.0.1-2003-02-06-20:21:13 import
2003-02-06 14:21:13 -03:00
/* aio does not call this handler */
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
if ((ngx_event_flags & NGX_USE_LEVEL_EVENT) && rev->active) {
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_del_event(rev, NGX_READ_EVENT, 0) != NGX_OK) {
nginx-0.0.1-2003-05-15-19:42:53 import
2003-05-15 11:42:53 -04:00
ngx_http_close_request(r, 0);
}
nginx-0.0.1-2003-02-06-20:21:13 import
2003-02-06 14:21:13 -03:00
}
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
return;
closed:
if (err) {
rev->error = 1;
}
SSL: disabled sending shutdown after ngx_http_test_reading(). Sending shutdown when ngx_http_test_reading() detects the connection is closed can result in "SSL_shutdown() failed (SSL: ... bad write retry)" critical log messages if there are blocked writes. Fix is to avoid sending shutdown via the c->ssl->no_send_shutdown flag, similarly to how it is done in ngx_http_keepalive_handler() for kqueue when pending EOF is detected. Reported by Jan Prachař (http://mailman.nginx.org/pipermail/nginx-devel/2018-December/011702.html).
2020-08-10 11:52:34 -04:00
#if (NGX_HTTP_SSL)
if (c->ssl) {
c->ssl->no_send_shutdown = 1;
}
#endif
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
ngx_log_error(NGX_LOG_INFO, c->log, err,
Fixed grammar in error messages.
2012-04-12 16:35:41 -03:00
"client prematurely closed connection");
if client closes a connection prematurely, then epoll (at least in Linux 2.6.18) sends EPOLLERR|EPOLLHUP|EPOLLIN only and writer does not know about the error
2007-01-19 05:10:06 -03:00
Fixed ngx_http_test_reading() to finalize request properly. Previous code called ngx_http_finalize_request() with rc = 0. This is ok if a response status was already set, but resulted in "000" being logged if it wasn't. In particular this happened with limit_req if a connection was prematurely closed during limit_req delay.
2013-06-14 12:56:07 -04:00
ngx_http_finalize_request(r, NGX_HTTP_CLIENT_CLOSED_REQUEST);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
nginx-0.0.1-2003-05-15-19:42:53 import
2003-05-15 11:42:53 -04:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
ngx_http_set_keepalive(ngx_http_request_t *r)
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
{
nginx-0.1.1-RELEASE import *) Feature: the gzip_types directive. *) Feature: the tcp_nodelay directive. *) Feature: the send_lowat directive is working not only on OSes that support kqueue NOTE_LOWAT, but also on OSes that support SO_SNDLOWAT. *) Feature: the setproctitle() emulation for Linux and Solaris. *) Bugfix: the "Location" header rewrite bug fixed while the proxying. *) Bugfix: the ngx_http_chunked_module module may get caught in an endless loop. *) Bugfix: the /dev/poll module bugs fixed. *) Bugfix: the responses were corrupted when the temporary files were used while the proxying. *) Bugfix: the unescaped requests were passed to the backend. *) Bugfix: while the build configuration on Linux 2.4 the --with-poll_module parameter was required.
2004-10-11 12:07:03 -03:00
int tcp_nodelay;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
ngx_buf_t *b, *f;
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
ngx_chain_t *cl, *ln;
nginx-0.0.1-2003-05-23-15:53:01 import
2003-05-23 07:53:01 -04:00
ngx_event_t *rev, *wev;
ngx_connection_t *c;
nginx-0.0.11-2004-09-21-09:38:28 import
2004-09-21 01:38:28 -04:00
ngx_http_connection_t *hc;
nginx-0.0.1-2003-05-23-15:53:01 import
2003-05-23 07:53:01 -04:00
ngx_http_core_loc_conf_t *clcf;
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
c = r->connection;
nginx-0.0.1-2003-03-05-09:37:42 import
2003-03-05 03:37:42 -03:00
rev = c->read;
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
discard request body before going to keep-alive state and use lingering timeouts
2007-08-07 06:53:27 -04:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
nginx-0.0.1-2004-01-26-11:52:49 import
2004-01-26 05:52:49 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "set http keepalive handler");
nginx-0.0.1-2003-05-22-19:23:47 import
2003-05-22 11:23:47 -04:00
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->action = "closing request";
nginx-0.0.11-2004-09-21-09:38:28 import
2004-09-21 01:38:28 -04:00
hc = r->http_connection;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
b = r->header_in;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
if (b->pos < b->last) {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
/* the pipelined request */
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
if (b != c->buffer) {
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
/*
* If the large header buffers were allocated while the previous
* request processing then we do not use c->buffer for
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
* the pipelined request (see ngx_http_create_request()).
nginx-0.3.10-RELEASE import *) Change: the "valid_referers" directive and the "$invalid_referer" variable were moved to the new ngx_http_referer_module from the ngx_http_rewrite_module. *) Change: the "$apache_bytes_sent" variable name was changed to "$body_bytes_sent". *) Feature: the "$sent_http_..." variables. *) Feature: the "if" directive supports the "=" and "!=" operations. *) Feature: the "proxy_pass" directive supports the HTTPS protocol. *) Feature: the "proxy_set_body" directive. *) Feature: the "post_action" directive. *) Feature: the ngx_http_empty_gif_module. *) Feature: the "worker_cpu_affinity" directive for Linux. *) Bugfix: the "rewrite" directive did not unescape URI part in redirect, now it is unescaped except the %00-%25 and %7F-%FF characters. *) Bugfix: nginx could not be built by the icc 9.0 compiler. *) Bugfix: if the SSI was enabled for zero size static file, then the chunked response was encoded incorrectly.
2005-11-15 10:30:52 -03:00
*
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
* Now we would move the large header buffers to the free list.
*/
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
for (cl = hc->busy; cl; /* void */) {
ln = cl;
cl = cl->next;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
if (ln->buf == b) {
ngx_free_chain(c->pool, ln);
continue;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
f = ln->buf;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
f->pos = f->start;
f->last = f->start;
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
ln->next = hc->free;
hc->free = ln;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
cl = ngx_alloc_chain_link(c->pool);
if (cl == NULL) {
ngx_http_close_request(r, 0);
return;
}
cl->buf = b;
Fixed CPU hog while freeing hc->busy after e662cbf1b932 (1.11.11). Reported by Richard Stanway, http://mailman.nginx.org/pipermail/nginx/2017-March/053296.html.
2017-03-24 10:26:12 -03:00
cl->next = NULL;
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
hc->busy = cl;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
hc->nbusy = 1;
}
}
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
/* guard against recursive call from ngx_http_finalize_connection() */
clear r->keepalive to disable preventively calling ngx_http_set_keepalive() while request cleanup
2009-10-02 07:30:47 -04:00
r->keepalive = 0;
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_free_request(r, 0);
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
nginx-0.0.11-2004-09-21-09:38:28 import
2004-09-21 01:38:28 -04:00
c->data = hc;
nginx-0.0.1-2003-03-11-23:38:13 import
2003-03-11 16:38:13 -04:00
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-03-11-23:38:13 import
2003-03-11 16:38:13 -04:00
}
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
nginx-0.0.2-2004-02-12-23:57:10 import
2004-02-12 17:57:10 -03:00
wev = c->write;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
wev->handler = ngx_http_empty_handler;
nginx-0.0.1-2003-03-05-09:37:42 import
2003-03-05 03:37:42 -03:00
nginx-0.0.3-2004-05-28-19:49:23 import; rename ngx_hunk_t to ngx_buf_t
2004-05-28 11:49:23 -04:00
if (b->pos < b->last) {
nginx-0.0.1-2003-03-05-09:37:42 import
2003-03-05 03:37:42 -03:00
nginx-0.0.1-2004-01-26-11:52:49 import
2004-01-26 05:52:49 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "pipelined request");
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->action = "reading client pipelined request line";
nginx-0.3.5-RELEASE import *) Bugfix: the segmentation fault may occurred if the IMAP/POP3 login was changed by authorization server; the bug had appeared in 0.2.2. *) Bugfix: the accept mutex did not work and all connections were handled by one process; the bug had appeared in 0.3.3. *) Bugfix: the timeout did not work if the "rtsig" method and the "timer_resolution" directive were used.
2005-10-21 16:12:18 -03:00
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
r = ngx_http_create_request(c);
if (r == NULL) {
ngx_http_close_connection(c);
return;
}
r->pipeline = 1;
c->data = r;
c->sent = 0;
c->destroyed = 0;
Use "client_header_timeout" for all requests in a connection. Previously, only the first request in a connection used timeout value from the "client_header_timeout" directive while reading header. All subsequent requests used "keepalive_timeout" for that. It happened because timeout of the read event was set to the value of "keepalive_timeout" in ngx_http_set_keepalive(), but was not removed when the next request arrived.
2013-03-07 14:41:40 -03:00
if (rev->timer_set) {
ngx_del_timer(rev);
}
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
rev->handler = ngx_http_process_request_line;
avoid recursive loop
2008-05-19 06:24:22 -04:00
ngx_post_event(rev, &ngx_posted_events);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
return;
nginx-0.0.1-2003-03-05-09:37:42 import
2003-03-05 03:37:42 -03:00
}
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
/*
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
* To keep a memory footprint as small as possible for an idle keepalive
* connection we try to free c->buffer's memory if it was allocated outside
* the c->pool. The large header buffers are always allocated outside the
* c->pool and are freed too.
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
*/
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
b = c->buffer;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
if (ngx_pfree(c->pool, b->start) == NGX_OK) {
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
/*
* the special note for ngx_http_keepalive_handler() that
* c->buffer's memory was freed
*/
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
b->pos = NULL;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
} else {
b->pos = b->start;
b->last = b->start;
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "hc free: %p",
hc->free);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
if (hc->free) {
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
for (cl = hc->free; cl; /* void */) {
ln = cl;
cl = cl->next;
ngx_pfree(c->pool, ln->buf->start);
ngx_free_chain(c->pool, ln);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
hc->free = NULL;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
}
Fixed logging.
2016-03-30 20:33:57 -03:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0, "hc busy: %p %i",
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
hc->busy, hc->nbusy);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
if (hc->busy) {
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
for (cl = hc->busy; cl; /* void */) {
ln = cl;
cl = cl->next;
ngx_pfree(c->pool, ln->buf->start);
ngx_free_chain(c->pool, ln);
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
Converted hc->busy/hc->free to use chain links. Most notably, this fixes possible buffer overflows if number of large client header buffers in a virtual server is different from the one in the default server. Reported by Daniil Bondarev.
2017-03-07 12:49:31 -03:00
hc->busy = NULL;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
hc->nbusy = 0;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
}
create ssl buffer on demand and free it before keep-alive
2007-12-26 18:07:30 -03:00
#if (NGX_HTTP_SSL)
if (c->ssl) {
ngx_ssl_free_buffer(c);
}
#endif
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
rev->handler = ngx_http_keepalive_handler;
nginx-0.0.1-2003-03-05-09:37:42 import
2003-03-05 03:37:42 -03:00
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
if (wev->active && (ngx_event_flags & NGX_USE_LEVEL_EVENT)) {
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_del_event(wev, NGX_WRITE_EVENT, 0) != NGX_OK) {
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-03-05-09:37:42 import
2003-03-05 03:37:42 -03:00
}
}
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->action = "keepalive";
nginx-0.0.1-2003-06-04-21:28:33 import
2003-06-04 13:28:33 -04:00
nginx-0.0.3-2004-06-01-10:04:46 import
2004-06-01 02:04:46 -04:00
if (c->tcp_nopush == NGX_TCP_NOPUSH_SET) {
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
if (ngx_tcp_push(c->fd) == -1) {
nginx-0.0.3-2004-04-28-10:14:50 import
2004-04-28 02:14:50 -04:00
ngx_connection_error(c, ngx_socket_errno, ngx_tcp_push_n " failed");
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-06-04-21:28:33 import
2003-06-04 13:28:33 -04:00
}
nginx-0.1.1-RELEASE import *) Feature: the gzip_types directive. *) Feature: the tcp_nodelay directive. *) Feature: the send_lowat directive is working not only on OSes that support kqueue NOTE_LOWAT, but also on OSes that support SO_SNDLOWAT. *) Feature: the setproctitle() emulation for Linux and Solaris. *) Bugfix: the "Location" header rewrite bug fixed while the proxying. *) Bugfix: the ngx_http_chunked_module module may get caught in an endless loop. *) Bugfix: the /dev/poll module bugs fixed. *) Bugfix: the responses were corrupted when the temporary files were used while the proxying. *) Bugfix: the unescaped requests were passed to the backend. *) Bugfix: while the build configuration on Linux 2.4 the --with-poll_module parameter was required.
2004-10-11 12:07:03 -03:00
nginx-0.0.3-2004-06-01-10:04:46 import
2004-06-01 02:04:46 -04:00
c->tcp_nopush = NGX_TCP_NOPUSH_UNSET;
nginx-0.1.11-RELEASE import *) Feature: the worker_priority directive. *) Change: both tcp_nopush and tcp_nodelay directives affect the transferred response. *) Bugfix: nginx did not call initgroups(). Thanks to Andrew Sitnikov and Andrei Nigmatulin. *) Change: now the ngx_http_autoindex_module shows the file size in the bytes. *) Bugfix: the ngx_http_autoindex_module returned the 500 error if the broken symlink was in a directory. *) Bugfix: the files bigger than 4G could not be transferred using sendfile. *) Bugfix: if the backend was resolved to several backends and there was an error while the response waiting then process may got caught in an endless loop. *) Bugfix: the worker process may exit with the "unknown cycle" message when the /dev/poll method was used. *) Bugfix: "close() channel failed" errors. *) Bugfix: the autodetection of the "nobody" and "nogroup" groups. *) Bugfix: the send_lowat directive did not work on Linux. *) Bugfix: the segmentation fault occurred if there was no events section in configuration. *) Bugfix: nginx could not be built on OpenBSD. *) Bugfix: the double slashes in "://" in the URI were converted to ":/".
2004-12-02 15:40:46 -03:00
tcp_nodelay = ngx_tcp_nodelay_and_tcp_nopush ? 1 : 0;
nginx-0.1.1-RELEASE import *) Feature: the gzip_types directive. *) Feature: the tcp_nodelay directive. *) Feature: the send_lowat directive is working not only on OSes that support kqueue NOTE_LOWAT, but also on OSes that support SO_SNDLOWAT. *) Feature: the setproctitle() emulation for Linux and Solaris. *) Bugfix: the "Location" header rewrite bug fixed while the proxying. *) Bugfix: the ngx_http_chunked_module module may get caught in an endless loop. *) Bugfix: the /dev/poll module bugs fixed. *) Bugfix: the responses were corrupted when the temporary files were used while the proxying. *) Bugfix: the unescaped requests were passed to the backend. *) Bugfix: while the build configuration on Linux 2.4 the --with-poll_module parameter was required.
2004-10-11 12:07:03 -03:00
} else {
nginx-0.1.11-RELEASE import *) Feature: the worker_priority directive. *) Change: both tcp_nopush and tcp_nodelay directives affect the transferred response. *) Bugfix: nginx did not call initgroups(). Thanks to Andrew Sitnikov and Andrei Nigmatulin. *) Change: now the ngx_http_autoindex_module shows the file size in the bytes. *) Bugfix: the ngx_http_autoindex_module returned the 500 error if the broken symlink was in a directory. *) Bugfix: the files bigger than 4G could not be transferred using sendfile. *) Bugfix: if the backend was resolved to several backends and there was an error while the response waiting then process may got caught in an endless loop. *) Bugfix: the worker process may exit with the "unknown cycle" message when the /dev/poll method was used. *) Bugfix: "close() channel failed" errors. *) Bugfix: the autodetection of the "nobody" and "nogroup" groups. *) Bugfix: the send_lowat directive did not work on Linux. *) Bugfix: the segmentation fault occurred if there was no events section in configuration. *) Bugfix: nginx could not be built on OpenBSD. *) Bugfix: the double slashes in "://" in the URI were converted to ":/".
2004-12-02 15:40:46 -03:00
tcp_nodelay = 1;
}
nginx-0.1.1-RELEASE import *) Feature: the gzip_types directive. *) Feature: the tcp_nodelay directive. *) Feature: the send_lowat directive is working not only on OSes that support kqueue NOTE_LOWAT, but also on OSes that support SO_SNDLOWAT. *) Feature: the setproctitle() emulation for Linux and Solaris. *) Bugfix: the "Location" header rewrite bug fixed while the proxying. *) Bugfix: the ngx_http_chunked_module module may get caught in an endless loop. *) Bugfix: the /dev/poll module bugs fixed. *) Bugfix: the responses were corrupted when the temporary files were used while the proxying. *) Bugfix: the unescaped requests were passed to the backend. *) Bugfix: while the build configuration on Linux 2.4 the --with-poll_module parameter was required.
2004-10-11 12:07:03 -03:00
Introduced ngx_tcp_nodelay().
2017-05-26 15:52:48 -04:00
if (tcp_nodelay && clcf->tcp_nodelay && ngx_tcp_nodelay(c) != NGX_OK) {
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-06-04-21:28:33 import
2003-06-04 13:28:33 -04:00
}
nginx-0.0.1-2003-03-04-09:33:48 import
2003-03-04 03:33:48 -03:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
#if 0
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
/* if ngx_http_request_t was freed then we need some other place */
nginx-0.0.7-2004-06-24-11:53:37 import
2004-06-24 03:53:37 -04:00
r->http_state = NGX_HTTP_KEEPALIVE_STATE;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
#endif
nginx-0.0.7-2004-06-24-11:53:37 import
2004-06-24 03:53:37 -04:00
close keep-alive connections in the shuting down processes
2007-03-19 09:20:15 -04:00
c->idle = 1;
reuse keepalive connections if there are no free worker connections patch by Maxim Dounin
2011-04-04 09:26:53 -03:00
ngx_reusable_connection(c, 1);
close keep-alive connections in the shuting down processes
2007-03-19 09:20:15 -04:00
Use "client_header_timeout" for all requests in a connection. Previously, only the first request in a connection used timeout value from the "client_header_timeout" directive while reading header. All subsequent requests used "keepalive_timeout" for that. It happened because timeout of the read event was set to the value of "keepalive_timeout" in ngx_http_set_keepalive(), but was not removed when the next request arrived.
2013-03-07 14:41:40 -03:00
ngx_add_timer(rev, clcf->keepalive_timeout);
nginx-0.0.1-2003-10-29-11:30:44 import
2003-10-29 05:30:44 -03:00
if (rev->ready) {
avoid recursive loop
2008-05-19 06:24:22 -04:00
ngx_post_event(rev, &ngx_posted_events);
nginx-0.0.1-2003-03-11-23:38:13 import
2003-03-11 16:38:13 -04:00
}
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
}
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
ngx_http_keepalive_handler(ngx_event_t *rev)
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
{
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
size_t size;
ssize_t n;
ngx_buf_t *b;
ngx_connection_t *c;
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.0.7-2004-07-16-10:33:35 import
2004-07-16 02:33:35 -04:00
c = rev->data;
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.0.1-2004-01-26-11:52:49 import
2004-01-26 05:52:49 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http keepalive handler");
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
close keep-alive connections in the shuting down processes
2007-03-19 09:20:15 -04:00
if (rev->timedout || c->close) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-03-12-20:32:22 import
2003-03-12 13:32:22 -04:00
}
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.1.9-RELEASE import *) Bugfix: the proxied request was sent without arguments if the request contains "//", "/./", "/../" or "%XX". *) Bugfix: the large compressed responses may be transferred not completely. *) Bugfix: the files bigger than 2G was not transferred on Linux that does not support sendfile64(). *) Bugfix: while the build configuration on Linux the --with-poll_module parameter was required; the bug had appeared in 0.1.8.
2004-11-25 13:17:31 -03:00
#if (NGX_HAVE_KQUEUE)
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
if (ngx_event_flags & NGX_USE_KQUEUE_EVENT) {
nginx-0.3.15-RELEASE import *) Feature: the new 444 code of the "return" directive to close connection. *) Feature: the "so_keepalive" directive in IMAP/POP3 proxy. *) Bugfix: if there are unclosed connection nginx now calls abort() only on gracefull quit and active "debug_points" directive.
2005-12-07 11:51:31 -03:00
if (rev->pending_eof) {
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->handler = NULL;
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, rev->kq_errno,
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
"kevent() reported that client %V closed "
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
"keepalive connection", &c->addr_text);
nginx-0.1.11-RELEASE import *) Feature: the worker_priority directive. *) Change: both tcp_nopush and tcp_nodelay directives affect the transferred response. *) Bugfix: nginx did not call initgroups(). Thanks to Andrew Sitnikov and Andrei Nigmatulin. *) Change: now the ngx_http_autoindex_module shows the file size in the bytes. *) Bugfix: the ngx_http_autoindex_module returned the 500 error if the broken symlink was in a directory. *) Bugfix: the files bigger than 4G could not be transferred using sendfile. *) Bugfix: if the backend was resolved to several backends and there was an error while the response waiting then process may got caught in an endless loop. *) Bugfix: the worker process may exit with the "unknown cycle" message when the /dev/poll method was used. *) Bugfix: "close() channel failed" errors. *) Bugfix: the autodetection of the "nobody" and "nogroup" groups. *) Bugfix: the send_lowat directive did not work on Linux. *) Bugfix: the segmentation fault occurred if there was no events section in configuration. *) Bugfix: nginx could not be built on OpenBSD. *) Bugfix: the double slashes in "://" in the URI were converted to ":/".
2004-12-02 15:40:46 -03:00
#if (NGX_HTTP_SSL)
if (c->ssl) {
nginx-0.2.2-RELEASE import *) Feature: the "config errmsg" command of the ngx_http_ssi_module. *) Change: the ngx_http_geo_module variables can be overridden by the "set" directive. *) Feature: the "ssl_protocols" and "ssl_prefer_server_ciphers" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Bugfix: the ngx_http_autoindex_module did not show correctly the long file names; *) Bugfix: the ngx_http_autoindex_module now do not show the files starting by dot. *) Bugfix: if the SSL handshake failed then another connection may be closed too. Thanks to Rob Mueller. *) Bugfix: the export versions of MSIE 5.x could not connect via HTTPS.
2005-09-30 10:41:25 -04:00
c->ssl->no_send_shutdown = 1;
nginx-0.1.11-RELEASE import *) Feature: the worker_priority directive. *) Change: both tcp_nopush and tcp_nodelay directives affect the transferred response. *) Bugfix: nginx did not call initgroups(). Thanks to Andrew Sitnikov and Andrei Nigmatulin. *) Change: now the ngx_http_autoindex_module shows the file size in the bytes. *) Bugfix: the ngx_http_autoindex_module returned the 500 error if the broken symlink was in a directory. *) Bugfix: the files bigger than 4G could not be transferred using sendfile. *) Bugfix: if the backend was resolved to several backends and there was an error while the response waiting then process may got caught in an endless loop. *) Bugfix: the worker process may exit with the "unknown cycle" message when the /dev/poll method was used. *) Bugfix: "close() channel failed" errors. *) Bugfix: the autodetection of the "nobody" and "nogroup" groups. *) Bugfix: the send_lowat directive did not work on Linux. *) Bugfix: the segmentation fault occurred if there was no events section in configuration. *) Bugfix: nginx could not be built on OpenBSD. *) Bugfix: the double slashes in "://" in the URI were converted to ":/".
2004-12-02 15:40:46 -03:00
}
#endif
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_http_close_connection(c);
return;
}
}
#endif
b = c->buffer;
size = b->end - b->start;
if (b->pos == NULL) {
nginx-0.1.2-RELEASE import *) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS options in configure. *) Feature: the server_name directive supports *.domain.tld. *) Bugfix: the portability improvements. *) Bugfix: if configuration file was set in command line, the reconfiguration was impossible; the bug had appeared in 0.1.1. *) Bugfix: proxy module may get caught in an endless loop when sendfile is not used. *) Bugfix: with sendfile the response was not recoded according to the charset module directives; the bug had appeared in 0.1.1. *) Bugfix: very seldom bug in the kqueue processing. *) Bugfix: the gzip module compressed the proxied responses that was already compressed.
2004-10-21 12:34:38 -03:00
/*
* The c->buffer's memory was freed by ngx_http_set_keepalive().
* However, the c->buffer->start and c->buffer->end were not changed
* to keep the buffer size.
*/
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
b->pos = ngx_palloc(c->pool, size);
if (b->pos == NULL) {
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
ngx_http_close_connection(c);
return;
}
b->start = b->pos;
b->last = b->pos;
b->end = b->pos + size;
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
/*
* MSIE closes a keepalive connection with RST flag
* so we ignore ECONNRESET here.
*/
nginx-0.0.1-2003-03-11-23:38:13 import
2003-03-11 16:38:13 -04:00
nginx-0.0.2-2004-02-10-19:23:38 import
2004-02-10 13:23:38 -03:00
c->log_error = NGX_ERROR_IGNORE_ECONNRESET;
nginx-0.0.1-2003-03-11-23:38:13 import
2003-03-11 16:38:13 -04:00
ngx_set_socket_errno(0);
nginx-0.0.7-2004-07-18-23:11:20 import
2004-07-18 15:11:20 -04:00
nginx-0.0.12-2004-09-23-20:39:34 import
2004-09-23 12:39:34 -04:00
n = c->recv(c, b->last, size);
nginx-0.0.2-2004-02-10-19:23:38 import
2004-02-10 13:23:38 -03:00
c->log_error = NGX_ERROR_INFO;
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (n == NGX_AGAIN) {
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
nginx-0.1.12-RELEASE import *) Feature: the %request_length log parameter. *) Bugfix: when using the /dev/poll, select and poll on the platforms, where these methods may do the false reports, there may be the long delay when the request was passed via the keep-alive connection. It may be at least on Solaris when using the /dev/poll. *) Bugfix: the send_lowat directive is ignored on Linux because Linux does not support the SO_SNDLOWAT option.
2004-12-06 11:45:08 -03:00
ngx_http_close_connection(c);
Fixed potential segfault in ngx_http_keepalive_handler(). In case of error in the read event handling we close a connection by calling ngx_http_close_connection(), that also destroys connection pool. Thereafter, an attempt to free a buffer (added in r4892) that was allocated from the pool could cause SIGSEGV and is meaningless as well (the buffer already freed with the pool).
2013-02-23 10:23:48 -03:00
return;
nginx-0.1.12-RELEASE import *) Feature: the %request_length log parameter. *) Bugfix: when using the /dev/poll, select and poll on the platforms, where these methods may do the false reports, there may be the long delay when the request was passed via the keep-alive connection. It may be at least on Solaris when using the /dev/poll. *) Bugfix: the send_lowat directive is ignored on Linux because Linux does not support the SO_SNDLOWAT option.
2004-12-06 11:45:08 -03:00
}
ngx_http_keepalive_handler() is now trying to not keep c->buffer's memory for idle connections. This behaviour is consistent with the ngx_http_set_keepalive() function and it should decrease memory usage in some cases (especially if epoll/rtsig is used).
2012-10-23 11:36:18 -03:00
/*
* Like ngx_http_set_keepalive() we are trying to not hold
* c->buffer's memory for a keepalive connection.
*/
if (ngx_pfree(c->pool, b->start) == NGX_OK) {
/*
* the special note that c->buffer's memory was freed
*/
b->pos = NULL;
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
return;
}
if (n == NGX_ERROR) {
ngx_http_close_connection(c);
return;
nginx-0.0.1-2003-03-12-20:32:22 import
2003-03-12 13:32:22 -04:00
}
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->handler = NULL;
nginx-0.0.1-2002-09-16-19:01:44 import
2002-09-16 11:01:44 -04:00
nginx-0.0.1-2002-12-15-09:25:09 import
2002-12-15 03:25:09 -03:00
if (n == 0) {
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
ngx_log_error(NGX_LOG_INFO, c->log, ngx_socket_errno,
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
"client %V closed keepalive connection", &c->addr_text);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_close_connection(c);
return;
nginx-0.0.1-2002-09-12-18:42:29 import
2002-09-12 10:42:29 -04:00
}
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
b->last += n;
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
c->log->handler = ngx_http_log_error;
c->log->action = "reading client request line";
nginx-0.0.1-2002-09-16-19:01:44 import
2002-09-16 11:01:44 -04:00
close keep-alive connections in the shuting down processes
2007-03-19 09:20:15 -04:00
c->idle = 0;
reuse keepalive connections if there are no free worker connections patch by Maxim Dounin
2011-04-04 09:26:53 -03:00
ngx_reusable_connection(c, 0);
close keep-alive connections in the shuting down processes
2007-03-19 09:20:15 -04:00
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
c->data = ngx_http_create_request(c);
if (c->data == NULL) {
ngx_http_close_connection(c);
return;
}
c->sent = 0;
c->destroyed = 0;
Use "client_header_timeout" for all requests in a connection. Previously, only the first request in a connection used timeout value from the "client_header_timeout" directive while reading header. All subsequent requests used "keepalive_timeout" for that. It happened because timeout of the read event was set to the value of "keepalive_timeout" in ngx_http_set_keepalive(), but was not removed when the next request arrived.
2013-03-07 14:41:40 -03:00
ngx_del_timer(rev);
Refactored ngx_http_init_request(). Now it can be used as the request object factory with minimal impact on the connection object. Therefore it was renamed to ngx_http_create_request().
2013-03-07 15:14:27 -03:00
rev->handler = ngx_http_process_request_line;
ngx_http_process_request_line(rev);
nginx-0.0.1-2002-09-16-19:01:44 import
2002-09-16 11:01:44 -04:00
}
nginx-0.0.1-2002-12-10-21:05:12 import
2002-12-10 15:05:12 -03:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
ngx_http_set_lingering_close(ngx_connection_t *c)
nginx-0.3.10-RELEASE import *) Change: the "valid_referers" directive and the "$invalid_referer" variable were moved to the new ngx_http_referer_module from the ngx_http_rewrite_module. *) Change: the "$apache_bytes_sent" variable name was changed to "$body_bytes_sent". *) Feature: the "$sent_http_..." variables. *) Feature: the "if" directive supports the "=" and "!=" operations. *) Feature: the "proxy_pass" directive supports the HTTPS protocol. *) Feature: the "proxy_set_body" directive. *) Feature: the "post_action" directive. *) Feature: the ngx_http_empty_gif_module. *) Feature: the "worker_cpu_affinity" directive for Linux. *) Bugfix: the "rewrite" directive did not unescape URI part in redirect, now it is unescaped except the %00-%25 and %7F-%FF characters. *) Bugfix: nginx could not be built by the icc 9.0 compiler. *) Bugfix: if the SSI was enabled for zero size static file, then the chunked response was encoded incorrectly.
2005-11-15 10:30:52 -03:00
{
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
ngx_event_t *rev, *wev;
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
ngx_http_request_t *r;
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
ngx_http_core_loc_conf_t *clcf;
nginx-0.0.1-2003-01-09-08:36:00 import
2003-01-09 02:36:00 -03:00
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
r = c->data;
nginx-0.0.1-2003-01-27-00:08:14 import
2003-01-26 18:08:14 -03:00
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
nginx-0.0.1-2003-01-09-08:36:00 import
2003-01-09 02:36:00 -03:00
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
if (r->lingering_time == 0) {
r->lingering_time = ngx_time() + (time_t) (clcf->lingering_time / 1000);
}
#if (NGX_HTTP_SSL)
if (c->ssl) {
ngx_int_t rc;
Fixed SSL logging with lingering close. Recent fixes to SSL shutdown with lingering close (554c6ae25ffc, 1.19.5) broke logging of SSL variables. To make sure logging of SSL variables works properly, avoid freeing c->ssl when doing an SSL shutdown before lingering close. Reported by Reinis Rozitis (http://mailman.nginx.org/pipermail/nginx/2021-May/060670.html).
2021-06-01 10:37:51 -04:00
c->ssl->shutdown_without_free = 1;
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
rc = ngx_ssl_shutdown(c);
if (rc == NGX_ERROR) {
ngx_http_close_request(r, 0);
return;
}
if (rc == NGX_AGAIN) {
c->ssl->handler = ngx_http_set_lingering_close;
return;
}
}
#endif
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
rev = c->read;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
rev->handler = ngx_http_lingering_close_handler;
nginx-0.0.1-2002-09-16-19:01:44 import
2002-09-16 11:01:44 -04:00
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
ngx_http_close_request(r, 0);
return;
nginx-0.0.1-2003-01-27-00:08:14 import
2003-01-26 18:08:14 -03:00
}
nginx-0.0.1-2003-10-12-20:49:16 import
2003-10-12 13:49:16 -03:00
wev = c->write;
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
wev->handler = ngx_http_empty_handler;
nginx-0.0.1-2002-09-16-19:01:44 import
2002-09-16 11:01:44 -04:00
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
if (wev->active && (ngx_event_flags & NGX_USE_LEVEL_EVENT)) {
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_del_event(wev, NGX_WRITE_EVENT, 0) != NGX_OK) {
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
ngx_http_close_request(r, 0);
return;
nginx-0.0.1-2002-12-24-10:09:57 import
2002-12-24 04:09:57 -03:00
}
nginx-0.0.1-2003-03-11-23:38:13 import
2003-03-11 16:38:13 -04:00
}
HTTP/3: removed HTTP/3-specific code. The ngx_http_set_lingering_close() function is not called for HTTP/3. The change reduces diff to the default branch.
2020-12-21 14:35:13 -03:00
if (ngx_shutdown_socket(c->fd, NGX_WRITE_SHUTDOWN) == -1) {
ngx_connection_error(c, ngx_socket_errno,
ngx_shutdown_socket_n " failed");
ngx_http_close_request(r, 0);
return;
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
}
Reuse of connections in lingering close. This is particularly important in HTTP/2, where keepalive connections are closed with lingering. Before the patch, reusing a keepalive HTTP/2 connection resulted in the connection waiting for lingering close to remain in the reusable connections queue, preventing ngx_drain_connections() from closing additional connections. The patch fixes it by marking the connection reusable again, and so moving it in the reusable connections queue. Further, it makes actually possible to reuse such connections if needed.
2021-02-11 15:52:09 -03:00
c->close = 0;
ngx_reusable_connection(c, 1);
SSL: fixed non-working SSL shutdown on lingering close. When doing lingering close, the socket was first shut down for writing, so SSL shutdown initiated after lingering close was not able to send the close_notify alerts (ticket #2056). The fix is to call ngx_ssl_shutdown() before shutting down the socket.
2020-11-06 17:44:54 -03:00
ngx_add_timer(rev, clcf->lingering_timeout);
nginx-0.0.1-2003-10-29-11:30:44 import
2003-10-29 05:30:44 -03:00
if (rev->ready) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_lingering_close_handler(rev);
nginx-0.0.1-2003-02-11-10:14:40 import
2003-02-11 04:14:40 -03:00
}
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
}
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
static void
ngx_http_lingering_close_handler(ngx_event_t *rev)
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
{
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
ssize_t n;
ngx_msec_t timer;
ngx_connection_t *c;
ngx_http_request_t *r;
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
ngx_http_core_loc_conf_t *clcf;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
u_char buffer[NGX_HTTP_LINGERING_BUFFER_SIZE];
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
c = rev->data;
r = c->data;
nginx-0.0.1-2003-01-30-10:28:09 import
2003-01-30 04:28:09 -03:00
nginx-0.0.1-2004-01-26-11:52:49 import
2004-01-26 05:52:49 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http lingering close handler");
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
Reuse of connections in lingering close. This is particularly important in HTTP/2, where keepalive connections are closed with lingering. Before the patch, reusing a keepalive HTTP/2 connection resulted in the connection waiting for lingering close to remain in the reusable connections queue, preventing ngx_drain_connections() from closing additional connections. The patch fixes it by marking the connection reusable again, and so moving it in the reusable connections queue. Further, it makes actually possible to reuse such connections if needed.
2021-02-11 15:52:09 -03:00
if (rev->timedout || c->close) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_close_request(r, 0);
return;
nginx-0.0.1-2002-12-24-10:09:57 import
2002-12-24 04:09:57 -03:00
}
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
Fixed lingering_time check. There are two significant changes in this patch: 1) The <= 0 comparison is done with a signed type. This fixes the case of ngx_time() being larger than r->lingering_time. 2) Calculation of r->lingering_time - ngx_time() is now always done in the ngx_msec_t type. This ensures the calculation is correct even if time_t is unsigned and differs in size from ngx_msec_t. Thanks to Lanshun Zhou.
2013-05-13 09:39:45 -04:00
timer = (ngx_msec_t) r->lingering_time - (ngx_msec_t) ngx_time();
if ((ngx_msec_int_t) timer <= 0) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_close_request(r, 0);
return;
nginx-0.0.1-2002-12-24-10:09:57 import
2002-12-24 04:09:57 -03:00
}
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
do {
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
n = c->recv(c, buffer, NGX_HTTP_LINGERING_BUFFER_SIZE);
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
Fixed logging.
2016-03-30 20:33:57 -03:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0, "lingering read: %z", n);
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
Lingering close changed to handle NGX_AGAIN. The "do { c->recv() } while (c->read->ready)" form used in the ngx_http_lingering_close_handler() is not really correct, as for example with SSL c->read->ready may be still set when returning NGX_AGAIN due to SSL_ERROR_WANT_WRITE. Therefore the above might be an infinite loop. This doesn't really matter in lingering close, as we shutdown write side of the socket anyway and also disable renegotiation (and even without shutdown and with renegotiation it requires using very large certificate chain and tuning socket buffers to trigger SSL_ERROR_WANT_WRITE). But for the sake of correctness added an NGX_AGAIN check.
2018-09-10 12:57:13 -03:00
if (n == NGX_AGAIN) {
break;
}
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
if (n == NGX_ERROR || n == 0) {
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
ngx_http_close_request(r, 0);
return;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
}
} while (rev->ready);
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
use "!= NGX_OK" instead of "== NGX_ERROR"
2008-12-09 14:27:48 -03:00
if (ngx_handle_read_event(rev, 0) != NGX_OK) {
nginx-0.1.13-RELEASE import *) Feature: the server_names_hash and server_names_hash_threshold directives. *) Bugfix: the *.domain.tld names in the "server_name" directive did not work. *) Bugfix: the %request_length log parameter logged the incorrect length.
2004-12-21 09:30:30 -03:00
ngx_http_close_request(r, 0);
nginx-0.1.12-RELEASE import *) Feature: the %request_length log parameter. *) Bugfix: when using the /dev/poll, select and poll on the platforms, where these methods may do the false reports, there may be the long delay when the request was passed via the keep-alive connection. It may be at least on Solaris when using the /dev/poll. *) Bugfix: the send_lowat directive is ignored on Linux because Linux does not support the SO_SNDLOWAT option.
2004-12-06 11:45:08 -03:00
return;
}
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
nginx-0.0.1-2002-09-16-19:01:44 import
2002-09-16 11:01:44 -04:00
timer *= 1000;
nginx-0.0.11-2004-09-23-10:32:00 import
2004-09-23 02:32:00 -04:00
nginx-0.0.1-2003-05-27-16:18:54 import
2003-05-27 08:18:54 -04:00
if (timer > clcf->lingering_timeout) {
timer = clcf->lingering_timeout;
nginx-0.0.1-2002-12-24-10:09:57 import
2002-12-24 04:09:57 -03:00
}
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
ngx_add_timer(rev, timer);
nginx-0.0.1-2002-09-13-18:47:42 import
2002-09-13 10:47:42 -04:00
}
nginx-0.0.1-2002-08-20-18:48:28 import
2002-08-20 10:48:28 -04:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
void
ngx_http_empty_handler(ngx_event_t *wev)
nginx-0.0.1-2003-05-22-19:23:47 import
2003-05-22 11:23:47 -04:00
{
nginx-0.0.1-2004-01-26-11:52:49 import
2004-01-26 05:52:49 -03:00
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, wev->log, 0, "http empty handler");
nginx-0.0.1-2003-05-22-19:23:47 import
2003-05-22 11:23:47 -04:00
return;
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
void
ngx_http_request_empty_handler(ngx_http_request_t *r)
{
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
"http request empty handler");
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
return;
}
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ngx_int_t
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
ngx_http_send_special(ngx_http_request_t *r, ngx_uint_t flags)
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
{
nginx-0.0.3-2004-05-28-19:49:23 import; rename ngx_hunk_t to ngx_buf_t
2004-05-28 11:49:23 -04:00
ngx_buf_t *b;
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
ngx_chain_t out;
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
b = ngx_calloc_buf(r->pool);
if (b == NULL) {
nginx-0.0.3-2004-05-28-19:49:23 import; rename ngx_hunk_t to ngx_buf_t
2004-05-28 11:49:23 -04:00
return NGX_ERROR;
}
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
if (flags & NGX_HTTP_LAST) {
fix ngx_http_send_special() for subrequests handled by perl
2009-07-09 09:32:51 -04:00
if (r == r->main && !r->post_action) {
b->last_buf = 1;
} else {
fix r2972, it caused "zero size buf" alert.
2009-07-22 09:06:27 -04:00
b->sync = 1;
fix ngx_http_send_special() for subrequests handled by perl
2009-07-09 09:32:51 -04:00
b->last_in_chain = 1;
}
nginx-0.3.12-RELEASE import *) Security: if nginx was built with the ngx_http_realip_module and the "satisfy_any on" directive was used, then access and authorization directives did not work. The ngx_http_realip_module was not built and is not built by default. *) Change: the "$time_gmt" variable name was changed to "$time_local". *) Change: the "proxy_header_buffer_size" and "fastcgi_header_buffer_size" directives was renamed to the "proxy_buffer_size" and "fastcgi_buffer_size" directives. *) Feature: the ngx_http_memcached_module. *) Feature: the "proxy_buffering" directive. *) Bugfix: the changes in accept mutex handling when the "rtsig" method was used; the bug had appeared in 0.3.0. *) Bugfix: if the client sent the "Transfer-Encoding: chunked" header line, then nginx returns the 411 error. *) Bugfix: if the "auth_basic" directive was inherited from the http level, then the realm in the "WWW-Authenticate" header line was without the "Basic realm" text. *) Bugfix: if the "combined" format was explicitly specified in the "access_log" directive, then the empty lines was written to the log; the bug had appeared in 0.3.8. *) Bugfix: nginx did not run on the sparc platform under any OS except Solaris. *) Bugfix: now it is not necessary to place space between the quoted string and closing bracket in the "if" directive.
2005-11-26 07:11:11 -03:00
}
if (flags & NGX_HTTP_FLUSH) {
b->flush = 1;
}
nginx-0.0.3-2004-05-28-19:49:23 import; rename ngx_hunk_t to ngx_buf_t
2004-05-28 11:49:23 -04:00
out.buf = b;
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
out.next = NULL;
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
nginx-0.0.1-2003-10-21-20:49:56 import
2003-10-21 13:49:56 -03:00
return ngx_http_output_filter(r, &out);
nginx-0.0.1-2003-10-09-11:00:45 import
2003-10-09 03:00:45 -04:00
}
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
static ngx_int_t
ngx_http_post_action(ngx_http_request_t *r)
{
ngx_http_core_loc_conf_t *clcf;
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
if (clcf->post_action.data == NULL) {
return NGX_DECLINED;
}
Core: protection from cycles with named locations and post_action. Now redirects to named locations are counted against normal uri changes limit, and post_action respects this limit as well. As a result at least the following (bad) configurations no longer trigger infinite cycles: 1. Post action which recursively triggers post action: location / { post_action /index.html; } 2. Post action pointing to nonexistent named location: location / { post_action @nonexistent; } 3. Recursive error page for 500 (Internal Server Error) pointing to a nonexistent named location: location / { recursive_error_pages on; error_page 500 @nonexistent; return 500; }
2012-02-13 12:35:48 -03:00
if (r->post_action && r->uri_changes == 0) {
return NGX_DECLINED;
}
nginx-0.3.33-RELEASE import *) Feature: the "http_503" parameter of the "proxy_next_upstream" or "fastcgi_next_upstream" directives. *) Bugfix: ngx_http_perl_module did not work with inlined in the configuration code, if it was not started with the "sub" word. *) Bugfix: in the "post_action" directive.
2006-03-15 05:53:04 -04:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
"post action: \"%V\"", &clcf->post_action);
fix request counter for post_action, the bug was introduced in r3050
2009-09-21 14:34:22 -04:00
r->main->count--;
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
r->http_version = NGX_HTTP_VERSION_9;
r->header_only = 1;
nginx-0.3.36-RELEASE import *) Feature: the ngx_http_addition_filter_module. *) Feature: the "proxy_pass" and "fastcgi_pass" directives may be used inside the "if" block. *) Feature: the "proxy_ignore_client_abort" and "fastcgi_ignore_client_abort" directives. *) Feature: the "$request_completion" variable. *) Feature: the ngx_http_perl_module supports the $r->request_method and $r->remote_addr. *) Feature: the ngx_http_ssi_module supports the "elif" command. *) Bugfix: the "\/" string in the expression of the "if" command of the ngx_http_ssi_module was treated incorrectly. *) Bugfix: in the regular expressions in the "if" command of the ngx_http_ssi_module. *) Bugfix: if the relative path was specified in the "client_body_temp_path", "proxy_temp_path", "fastcgi_temp_path", and "perl_modules" directives, then the directory was used relatively to a current path but not to a server prefix.
2006-04-05 09:40:54 -04:00
r->post_action = 1;
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
rename ngx_http_block_read() and ngx_http_test_read() to ..._reading()
2007-08-06 11:22:40 -04:00
r->read_event_handler = ngx_http_block_reading;
fix post_action for disconnected client
2006-12-11 05:31:54 -03:00
named locations in post_action
2008-02-15 09:46:40 -03:00
if (clcf->post_action.data[0] == '/') {
ngx_http_internal_redirect(r, &clcf->post_action, NULL);
} else {
ngx_http_named_location(r, &clcf->post_action);
}
nginx-0.3.28-RELEASE import *) Feature: the "restrict_host_names" directive was canceled. *) Feature: the --with-cpu-opt=ppc64 configuration parameter. *) Bugfix: on some condition the proxied connection with a client was terminated prematurely. Thanks to Vladimir Shutoff. *) Bugfix: the "X-Accel-Limit-Rate" header line was not taken into account if the request was redirected using the "X-Accel-Redirect" header line. *) Bugfix: the "post_action" directive ran only after a successful completion of a request. *) Bugfix: the proxied response body generated by the "post_action" directive was transferred to a client.
2006-02-16 12:26:46 -03:00
return NGX_OK;
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
void
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_close_request(ngx_http_request_t *r, ngx_int_t rc)
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
{
nginx-0.3.41-RELEASE import *) Feature: the -v switch. *) Bugfix: the segmentation fault may occurred if the SSI page has remote subrequests. *) Bugfix: in FastCGI handling. *) Bugfix: if the perl modules path was not set using --with-perl_modules_path=PATH or the "perl_modules", then the segmentation fault was occurred.
2006-04-21 08:06:44 -04:00
ngx_connection_t *c;
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
request reference counter
2009-08-26 12:04:05 -04:00
r = r->main;
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
c = r->connection;
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
ngx_log_debug2(NGX_LOG_DEBUG_HTTP, c->log, 0,
"http request count:%d blk:%d", r->count, r->blocked);
request reference counter
2009-08-26 12:04:05 -04:00
if (r->count == 0) {
ngx_log_error(NGX_LOG_ALERT, c->log, 0, "http request count is zero");
}
r->count--;
FreeBSD and Linux AIO support
2009-08-28 04:12:35 -04:00
if (r->count || r->blocked) {
request reference counter
2009-08-26 12:04:05 -04:00
return;
}
The HTTP/2 implementation (RFC 7240, 7241). The SPDY support is removed, as it's incompatible with the new module.
2015-09-11 14:13:06 -03:00
#if (NGX_HTTP_V2)
if (r->stream) {
ngx_http_v2_close_stream(r->stream, rc);
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
return;
}
#endif
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_free_request(r, rc);
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
ngx_http_close_connection(c);
}
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
void
request reference counter
2009-08-26 12:04:05 -04:00
ngx_http_free_request(ngx_http_request_t *r, ngx_int_t rc)
nginx-0.3.6-RELEASE import *) Change: now the IMAP/POP3 proxy do not send the empty login to authorization server. *) Feature: the "log_format" supports the variables in the $name form. *) Bugfix: if at least in one server was no the "listen" directive, then nginx did not listen on the 80 port; the bug had appeared in 0.3.3. *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the the 80 port was always used.
2005-10-24 12:09:41 -03:00
{
*) log_subrequest *) flush variables in access log
2008-09-27 11:08:02 -04:00
ngx_log_t *log;
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
ngx_pool_t *pool;
*) log_subrequest *) flush variables in access log
2008-09-27 11:08:02 -04:00
struct linger linger;
ngx_http_cleanup_t *cln;
ngx_http_log_ctx_t *ctx;
ngx_http_core_loc_conf_t *clcf;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.0.1-2003-11-30-23:03:18 import
2003-11-30 17:03:18 -03:00
log = r->connection->log;
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, log, 0, "http close request");
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
if (r->pool == NULL) {
nginx-0.1.40-RELEASE import *) Bugfix: if a client sent too long header line, then the request information did not logged in the error log. *) Bugfix: the "Set-Cookie" header line was not transferred when the "X-Accel-Redirect" was used; the bug had appeared in 0.1.39. *) Bugfix: the "Content-Disposition" header line was not transferred when the "X-Accel-Redirect" was used. *) Bugfix: the master process did not close the listen socket on the SIGQUIT signal. *) Bugfix: after on-line upgrade on Linux and Solaris the process name became shorter in the "ps" command.
2005-07-25 05:41:38 -04:00
ngx_log_error(NGX_LOG_ALERT, log, 0, "http request already closed");
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
return;
}
Request cleanup code unified, no functional changes. Additionally, detaching a cleanup chain from a request is a bit more resilent to various bugs if any.
2013-09-04 13:17:00 -04:00
cln = r->cleanup;
r->cleanup = NULL;
while (cln) {
nginx-0.3.41-RELEASE import *) Feature: the -v switch. *) Bugfix: the segmentation fault may occurred if the SSI page has remote subrequests. *) Bugfix: in FastCGI handling. *) Bugfix: if the perl modules path was not set using --with-perl_modules_path=PATH or the "perl_modules", then the segmentation fault was occurred.
2006-04-21 08:06:44 -04:00
if (cln->handler) {
cln->handler(cln->data);
}
Request cleanup code unified, no functional changes. Additionally, detaching a cleanup chain from a request is a bit more resilent to various bugs if any.
2013-09-04 13:17:00 -04:00
cln = cln->next;
nginx-0.3.41-RELEASE import *) Feature: the -v switch. *) Bugfix: the segmentation fault may occurred if the SSI page has remote subrequests. *) Bugfix: in FastCGI handling. *) Bugfix: if the perl modules path was not set using --with-perl_modules_path=PATH or the "perl_modules", then the segmentation fault was occurred.
2006-04-21 08:06:44 -04:00
}
nginx-0.0.10-2004-09-15-20:00:43 import
2004-09-15 12:00:43 -04:00
#if (NGX_STAT_STUB)
nginx-0.3.5-RELEASE import *) Bugfix: the segmentation fault may occurred if the IMAP/POP3 login was changed by authorization server; the bug had appeared in 0.2.2. *) Bugfix: the accept mutex did not work and all connections were handled by one process; the bug had appeared in 0.3.3. *) Bugfix: the timeout did not work if the "rtsig" method and the "timer_resolution" directive were used.
2005-10-21 16:12:18 -03:00
nginx-0.0.10-2004-09-15-20:00:43 import
2004-09-15 12:00:43 -04:00
if (r->stat_reading) {
ignore ngx_atomic_fetch_add() result this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
2009-06-18 09:14:51 -04:00
(void) ngx_atomic_fetch_add(ngx_stat_reading, -1);
nginx-0.0.10-2004-09-15-20:00:43 import
2004-09-15 12:00:43 -04:00
}
if (r->stat_writing) {
ignore ngx_atomic_fetch_add() result this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
2009-06-18 09:14:51 -04:00
(void) ngx_atomic_fetch_add(ngx_stat_writing, -1);
nginx-0.0.10-2004-09-15-20:00:43 import
2004-09-15 12:00:43 -04:00
}
nginx-0.3.5-RELEASE import *) Bugfix: the segmentation fault may occurred if the IMAP/POP3 login was changed by authorization server; the bug had appeared in 0.2.2. *) Bugfix: the accept mutex did not work and all connections were handled by one process; the bug had appeared in 0.3.3. *) Bugfix: the timeout did not work if the "rtsig" method and the "timer_resolution" directive were used.
2005-10-21 16:12:18 -03:00
nginx-0.0.10-2004-09-15-20:00:43 import
2004-09-15 12:00:43 -04:00
#endif
request reference counter
2009-08-26 12:04:05 -04:00
if (rc > 0 && (r->headers_out.status == 0 || r->connection->sent == 0)) {
r->headers_out.status = rc;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
if (!r->logged) {
log->action = "logging request";
fix error message
2008-06-30 11:32:57 -04:00
SSL: variables support in ssl_certificate and ssl_certificate_key. To evaluate variables, a request is created in the certificate callback, and then freed. To do this without side effects on the stub_status counters and connection state, an additional function was introduced, ngx_http_alloc_request(). Only works with OpenSSL 1.0.2+, since there is no SSL_CTX_set_cert_cb() in older versions.
2019-02-25 10:42:05 -03:00
ngx_http_log_request(r);
}
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
fix error message
2008-06-30 11:32:57 -04:00
log->action = "closing request";
HTTP/3: allowed QUIC stream connection reuse. A QUIC stream connection is treated as reusable until first bytes of request arrive, which is also when the request object is now allocated. A connection closed as a result of draining, is reset with the error code H3_REQUEST_REJECTED. Such behavior is allowed by quic-http-34: Once a request stream has been opened, the request MAY be cancelled by either endpoint. Clients cancel requests if the response is no longer of interest; servers cancel requests if they are unable to or choose not to respond. When the server cancels a request without performing any application processing, the request is considered "rejected." The server SHOULD abort its response stream with the error code H3_REQUEST_REJECTED. The client can treat requests rejected by the server as though they had never been sent at all, thereby allowing them to be retried later.
2021-10-18 09:47:06 -03:00
if (r->connection->timedout
HTTP/3: merged ngx_http_quic_module into ngx_http_v3_module.
2021-12-06 07:02:36 -03:00
#if (NGX_HTTP_V3)
HTTP/3: allowed QUIC stream connection reuse. A QUIC stream connection is treated as reusable until first bytes of request arrive, which is also when the request object is now allocated. A connection closed as a result of draining, is reset with the error code H3_REQUEST_REJECTED. Such behavior is allowed by quic-http-34: Once a request stream has been opened, the request MAY be cancelled by either endpoint. Clients cancel requests if the response is no longer of interest; servers cancel requests if they are unable to or choose not to respond. When the server cancels a request without performing any application processing, the request is considered "rejected." The server SHOULD abort its response stream with the error code H3_REQUEST_REJECTED. The client can treat requests rejected by the server as though they had never been sent at all, thereby allowing them to be retried later.
2021-10-18 09:47:06 -03:00
&& r->connection->quic == NULL
#endif
)
{
nginx-0.0.3-2004-06-06-23:49:18 import
2004-06-06 15:49:18 -04:00
clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
if (clcf->reset_timedout_connection) {
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
linger.l_onoff = 1;
linger.l_linger = 0;
nginx-0.0.3-2004-06-06-23:49:18 import
2004-06-06 15:49:18 -04:00
if (setsockopt(r->connection->fd, SOL_SOCKET, SO_LINGER,
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
(const void *) &linger, sizeof(struct linger)) == -1)
nginx-0.0.3-2004-06-06-23:49:18 import
2004-06-06 15:49:18 -04:00
{
ngx_log_error(NGX_LOG_ALERT, log, ngx_socket_errno,
"setsockopt(SO_LINGER) failed");
}
}
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
/* the various request strings were allocated from r->pool */
nginx-0.0.1-2003-11-30-23:03:18 import
2003-11-30 17:03:18 -03:00
ctx = log->data;
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
ctx->request = NULL;
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
nginx-0.0.7-2004-06-24-11:53:37 import
2004-06-24 03:53:37 -04:00
r->request_line.len = 0;
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
r->connection->destroyed = 1;
Allocate request object from its own pool. Previously, it was allocated from a connection pool and was selectively freed for an idle keepalive connection. The goal is to put coupled things in one chunk of memory, and to simplify handling of request objects.
2013-03-01 11:55:42 -03:00
/*
* Setting r->pool to NULL will increase probability to catch double close
* of request since the request object is allocated from its own pool.
*/
pool = r->pool;
r->pool = NULL;
ngx_destroy_pool(pool);
nginx-0.0.1-2003-05-13-20:02:32 import
2003-05-13 12:02:32 -04:00
}
*) log_subrequest *) flush variables in access log
2008-09-27 11:08:02 -04:00
static void
ngx_http_log_request(ngx_http_request_t *r)
{
ngx_uint_t i, n;
ngx_http_handler_pt *log_handler;
ngx_http_core_main_conf_t *cmcf;
cmcf = ngx_http_get_module_main_conf(r, ngx_http_core_module);
log_handler = cmcf->phases[NGX_HTTP_LOG_PHASE].handlers.elts;
n = cmcf->phases[NGX_HTTP_LOG_PHASE].handlers.nelts;
for (i = 0; i < n; i++) {
log_handler[i](r);
}
}
Preliminary experimental support for SPDY draft 2.
2013-03-20 07:36:57 -03:00
void
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ngx_http_close_connection(ngx_connection_t *c)
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
{
nginx-0.1.14-RELEASE import *) Feature: the autoconfiguration directives: --http-client-body-temp-path=PATH, --http-proxy-temp-path=PATH, and --http-fastcgi-temp-path=PATH *) Change: the directory name for the temporary files with the client request body is specified by directive client_body_temp_path, by default it is <prefix>/client_body_temp. *) Feature: the ngx_http_fastcgi_module and the directives: fastcgi_pass, fastcgi_root, fastcgi_index, fastcgi_params, fastcgi_connect_timeout, fastcgi_send_timeout, fastcgi_read_timeout, fastcgi_send_lowat, fastcgi_header_buffer_size, fastcgi_buffers, fastcgi_busy_buffers_size, fastcgi_temp_path, fastcgi_max_temp_file_size, fastcgi_temp_file_write_size, fastcgi_next_upstream, and fastcgi_x_powered_by. *) Bugfix: the "[alert] zero size buf" error; the bug had appeared in 0.1.3. *) Change: the URI must be specified after the host name in the proxy_pass directive. *) Change: the %3F symbol in the URI was considered as the argument string start. *) Feature: the unix domain sockets support in the ngx_http_proxy_module. *) Feature: the ssl_engine and ssl_ciphers directives. Thanks to Sergey Skvortsov for SSL-accelerator.
2005-01-18 10:03:58 -03:00
ngx_pool_t *pool;
nginx-0.0.1-2004-01-26-11:52:49 import
2004-01-26 05:52:49 -03:00
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, c->log, 0,
nginx-0.0.2-2004-02-11-20:08:49 import
2004-02-11 14:08:49 -03:00
"close http connection: %d", c->fd);
nginx-0.0.1-2003-05-12-19:52:24 import
2003-05-12 11:52:24 -04:00
nginx-0.1.44-RELEASE import *) Feature: the IMAP/POP3 proxy supports SSL. *) Feature: the "proxy_timeout" directive of the ngx_imap_proxy_module. *) Feature: the "userid_mark" directive. *) Feature: the $remote_user variable value is determined independently of authorization use.
2005-09-06 12:09:32 -04:00
#if (NGX_HTTP_SSL)
nginx-0.1.1-RELEASE import *) Feature: the gzip_types directive. *) Feature: the tcp_nodelay directive. *) Feature: the send_lowat directive is working not only on OSes that support kqueue NOTE_LOWAT, but also on OSes that support SO_SNDLOWAT. *) Feature: the setproctitle() emulation for Linux and Solaris. *) Bugfix: the "Location" header rewrite bug fixed while the proxying. *) Bugfix: the ngx_http_chunked_module module may get caught in an endless loop. *) Bugfix: the /dev/poll module bugs fixed. *) Bugfix: the responses were corrupted when the temporary files were used while the proxying. *) Bugfix: the unescaped requests were passed to the backend. *) Bugfix: while the build configuration on Linux 2.4 the --with-poll_module parameter was required.
2004-10-11 12:07:03 -03:00
if (c->ssl) {
if (ngx_ssl_shutdown(c) == NGX_AGAIN) {
nginx-0.3.10-RELEASE import *) Change: the "valid_referers" directive and the "$invalid_referer" variable were moved to the new ngx_http_referer_module from the ngx_http_rewrite_module. *) Change: the "$apache_bytes_sent" variable name was changed to "$body_bytes_sent". *) Feature: the "$sent_http_..." variables. *) Feature: the "if" directive supports the "=" and "!=" operations. *) Feature: the "proxy_pass" directive supports the HTTPS protocol. *) Feature: the "proxy_set_body" directive. *) Feature: the "post_action" directive. *) Feature: the ngx_http_empty_gif_module. *) Feature: the "worker_cpu_affinity" directive for Linux. *) Bugfix: the "rewrite" directive did not unescape URI part in redirect, now it is unescaped except the %00-%25 and %7F-%FF characters. *) Bugfix: nginx could not be built by the icc 9.0 compiler. *) Bugfix: if the SSI was enabled for zero size static file, then the chunked response was encoded incorrectly.
2005-11-15 10:30:52 -03:00
c->ssl->handler = ngx_http_close_connection;
nginx-0.1.1-RELEASE import *) Feature: the gzip_types directive. *) Feature: the tcp_nodelay directive. *) Feature: the send_lowat directive is working not only on OSes that support kqueue NOTE_LOWAT, but also on OSes that support SO_SNDLOWAT. *) Feature: the setproctitle() emulation for Linux and Solaris. *) Bugfix: the "Location" header rewrite bug fixed while the proxying. *) Bugfix: the ngx_http_chunked_module module may get caught in an endless loop. *) Bugfix: the /dev/poll module bugs fixed. *) Bugfix: the responses were corrupted when the temporary files were used while the proxying. *) Bugfix: the unescaped requests were passed to the backend. *) Bugfix: while the build configuration on Linux 2.4 the --with-poll_module parameter was required.
2004-10-11 12:07:03 -03:00
return;
}
}
#endif
HTTP/3: allowed QUIC stream connection reuse. A QUIC stream connection is treated as reusable until first bytes of request arrive, which is also when the request object is now allocated. A connection closed as a result of draining, is reset with the error code H3_REQUEST_REJECTED. Such behavior is allowed by quic-http-34: Once a request stream has been opened, the request MAY be cancelled by either endpoint. Clients cancel requests if the response is no longer of interest; servers cancel requests if they are unable to or choose not to respond. When the server cancels a request without performing any application processing, the request is considered "rejected." The server SHOULD abort its response stream with the error code H3_REQUEST_REJECTED. The client can treat requests rejected by the server as though they had never been sent at all, thereby allowing them to be retried later.
2021-10-18 09:47:06 -03:00
#if (NGX_HTTP_V3)
HTTP/3: merged ngx_http_quic_module into ngx_http_v3_module.
2021-12-06 07:02:36 -03:00
if (c->quic) {
HTTP/3: renamed functions. ngx_http_v3_init() is renamed ngx_http_v3_init_stream(). ngx_http_v3_reset_connection() is renamed to ngx_http_v3_reset_stream().
2022-08-22 06:09:03 -04:00
ngx_http_v3_reset_stream(c);
HTTP/3: allowed QUIC stream connection reuse. A QUIC stream connection is treated as reusable until first bytes of request arrive, which is also when the request object is now allocated. A connection closed as a result of draining, is reset with the error code H3_REQUEST_REJECTED. Such behavior is allowed by quic-http-34: Once a request stream has been opened, the request MAY be cancelled by either endpoint. Clients cancel requests if the response is no longer of interest; servers cancel requests if they are unable to or choose not to respond. When the server cancels a request without performing any application processing, the request is considered "rejected." The server SHOULD abort its response stream with the error code H3_REQUEST_REJECTED. The client can treat requests rejected by the server as though they had never been sent at all, thereby allowing them to be retried later.
2021-10-18 09:47:06 -03:00
}
#endif
nginx-0.0.10-2004-09-14-23:39:54 import
2004-09-14 15:39:54 -04:00
#if (NGX_STAT_STUB)
ignore ngx_atomic_fetch_add() result this fixes building at least by gcc 4.2.1 on Mac OS X 10.6
2009-06-18 09:14:51 -04:00
(void) ngx_atomic_fetch_add(ngx_stat_active, -1);
nginx-0.0.10-2004-09-14-23:39:54 import
2004-09-14 15:39:54 -04:00
#endif
nginx-0.3.13-RELEASE import *) Feature: the IMAP/POP3 proxy supports STARTTLS and STLS. *) Bugfix: the IMAP/POP3 proxy did not work with the select, poll, and /dev/poll methods. *) Bugfix: in SSI handling. *) Bugfix: now Solaris sendfilev() is not used to transfer the client request body to FastCGI-server via the unix domain socket. *) Bugfix: the "auth_basic" directive did not disable the authorization; the bug had appeared in 0.3.11.
2005-12-05 10:18:09 -03:00
c->destroyed = 1;
nginx-0.1.14-RELEASE import *) Feature: the autoconfiguration directives: --http-client-body-temp-path=PATH, --http-proxy-temp-path=PATH, and --http-fastcgi-temp-path=PATH *) Change: the directory name for the temporary files with the client request body is specified by directive client_body_temp_path, by default it is <prefix>/client_body_temp. *) Feature: the ngx_http_fastcgi_module and the directives: fastcgi_pass, fastcgi_root, fastcgi_index, fastcgi_params, fastcgi_connect_timeout, fastcgi_send_timeout, fastcgi_read_timeout, fastcgi_send_lowat, fastcgi_header_buffer_size, fastcgi_buffers, fastcgi_busy_buffers_size, fastcgi_temp_path, fastcgi_max_temp_file_size, fastcgi_temp_file_write_size, fastcgi_next_upstream, and fastcgi_x_powered_by. *) Bugfix: the "[alert] zero size buf" error; the bug had appeared in 0.1.3. *) Change: the URI must be specified after the host name in the proxy_pass directive. *) Change: the %3F symbol in the URI was considered as the argument string start. *) Feature: the unix domain sockets support in the ngx_http_proxy_module. *) Feature: the ssl_engine and ssl_ciphers directives. Thanks to Sergey Skvortsov for SSL-accelerator.
2005-01-18 10:03:58 -03:00
pool = c->pool;
nginx-0.0.10-2004-09-07-19:29:22 import
2004-09-07 11:29:22 -04:00
ngx_close_connection(c);
nginx-0.1.14-RELEASE import *) Feature: the autoconfiguration directives: --http-client-body-temp-path=PATH, --http-proxy-temp-path=PATH, and --http-fastcgi-temp-path=PATH *) Change: the directory name for the temporary files with the client request body is specified by directive client_body_temp_path, by default it is <prefix>/client_body_temp. *) Feature: the ngx_http_fastcgi_module and the directives: fastcgi_pass, fastcgi_root, fastcgi_index, fastcgi_params, fastcgi_connect_timeout, fastcgi_send_timeout, fastcgi_read_timeout, fastcgi_send_lowat, fastcgi_header_buffer_size, fastcgi_buffers, fastcgi_busy_buffers_size, fastcgi_temp_path, fastcgi_max_temp_file_size, fastcgi_temp_file_write_size, fastcgi_next_upstream, and fastcgi_x_powered_by. *) Bugfix: the "[alert] zero size buf" error; the bug had appeared in 0.1.3. *) Change: the URI must be specified after the host name in the proxy_pass directive. *) Change: the %3F symbol in the URI was considered as the argument string start. *) Feature: the unix domain sockets support in the ngx_http_proxy_module. *) Feature: the ssl_engine and ssl_ciphers directives. Thanks to Sergey Skvortsov for SSL-accelerator.
2005-01-18 10:03:58 -03:00
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ngx_destroy_pool(pool);
nginx-0.0.1-2002-10-04-21:58:04 import
2002-10-04 13:58:04 -04:00
}
HTTP/3: make ngx_http_log_error() static again. This function was only referenced from ngx_http_v3_create_push_request() to initialize push connection log. Now the log handler is copied from the parent request connection. The change reduces diff to the default branch.
2021-09-17 10:32:23 -03:00
static u_char *
nginx-0.1.25-RELEASE import *) Bugfix: nginx did run on Linux parisc. *) Feature: nginx now does not start under FreeBSD if the sysctl kern.ipc.somaxconn value is too big. *) Bugfix: if a request was internally redirected by the ngx_http_index_module module to the ngx_http_proxy_module or ngx_http_fastcgi_module modules, then the index file was not closed after request completion. *) Feature: the "proxy_pass" can be used in location with regular expression. *) Feature: the ngx_http_rewrite_filter_module module supports the condition like "if ($HTTP_USER_AGENT ~ MSIE)". *) Bugfix: nginx started too slow if the large number of addresses and text values were used in the "geo" directive. *) Change: a variable name must be declared as "$name" in the "geo" directive. The previous variant without "$" is still supported, but will be removed soon. *) Feature: the "%{VARIABLE}v" logging parameter. *) Feature: the "set $name value" directive. *) Bugfix: gcc 4.0 compatibility. *) Feature: the --with-openssl-opt=OPTIONS autoconfiguration directive.
2005-03-19 08:38:37 -04:00
ngx_http_log_error(ngx_log_t *log, u_char *buf, size_t len)
nginx-0.0.1-2002-08-26-19:18:19 import
2002-08-26 11:18:19 -04:00
{
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
u_char *p;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
ngx_http_request_t *r;
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
ngx_http_log_ctx_t *ctx;
nginx-0.0.1-2003-06-02-19:24:30 import
2003-06-02 11:24:30 -04:00
nginx-0.1.16-RELEASE import *) Bugfix: if the response were transferred by chunks, then on the HEAD request the final chunk was issued. *) Bugfix: the "Connection: keep-alive" header were issued, even if the keepalive_timeout directive forbade the keep-alive use. *) Bugfix: the errors in the ngx_http_fastcgi_module caused the segmentation faults. *) Bugfix: the compressed response encrypted by SSL may not transferred complete. *) Bugfix: the TCP-specific TCP_NODELAY, TCP_NOPSUH, and TCP_CORK options, are not used for the unix domain sockets. *) Feature: the rewrite directive supports the arguments rewriting. *) Bugfix: the response code 400 was returned for the POST request with the "Content-Length: 0" header; the bug had appeared in 0.1.14.
2005-01-25 09:27:35 -03:00
if (log->action) {
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
p = ngx_snprintf(buf, len, " while %s", log->action);
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
len -= p - buf;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
buf = p;
nginx-0.0.1-2003-03-20-19:09:44 import
2003-03-20 12:09:44 -04:00
}
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
ctx = log->data;
log server address
2007-12-30 05:01:50 -03:00
p = ngx_snprintf(buf, len, ", client: %V", &ctx->connection->addr_text);
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
len -= p - buf;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
r = ctx->request;
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
if (r) {
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
return r->log_handler(r, ctx->current_request, p, len);
log server address
2007-12-30 05:01:50 -03:00
} else {
p = ngx_snprintf(p, len, ", server: %V",
&ctx->connection->listening->addr_text);
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
}
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
return p;
}
static u_char *
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
ngx_http_log_error_handler(ngx_http_request_t *r, ngx_http_request_t *sr,
u_char *buf, size_t len)
nginx-0.1.29-RELEASE import *) Feature: the ngx_http_ssi_module supports "include virtual" command. *) Feature: the ngx_http_ssi_module supports the condition command like 'if expr="$NAME"' and "else" and "endif" commands. Only one nested level is supported. *) Feature: the ngx_http_ssi_module supports the DATE_LOCAL and DATE_GMT variables and "config timefmt" command. *) Feature: the "ssi_ignore_recycled_buffers" directive. *) Bugfix: the "echo" command did not show the default value for the empty QUERY_STRING variable. *) Change: the ngx_http_proxy_module was rewritten. *) Feature: the "proxy_redirect", "proxy_pass_request_headers", "proxy_pass_request_body", and "proxy_method" directives. *) Feature: the "proxy_set_header" directive. The "proxy_x_var" was canceled and must be replaced with the proxy_set_header directive. *) Change: the "proxy_preserve_host" is canceled and must be replaced with the "proxy_set_header Host $host" and the "proxy_redirect off" directives, the "proxy_set_header Host $host:$proxy_port" directive and the appropriate proxy_redirect directives. *) Change: the "proxy_set_x_real_ip" is canceled and must be replaced with the "proxy_set_header X-Real-IP $remote_addr" directive. *) Change: the "proxy_add_x_forwarded_for" is canceled and must be replaced with the "proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for" directive. *) Change: the "proxy_set_x_url" is canceled and must be replaced with the "proxy_set_header X-URL http://$host:$server_port$request_uri" directive. *) Feature: the "fastcgi_param" directive. *) Change: the "fastcgi_root", "fastcgi_set_var" and "fastcgi_params" directive are canceled and must be replaced with the fastcgi_param directives. *) Feature: the "index" directive can use the variables. *) Feature: the "index" directive can be used at http and server levels. *) Change: the last index only in the "index" directive can be absolute. *) Feature: the "rewrite" directive can use the variables. *) Feature: the "internal" directive. *) Feature: the CONTENT_LENGTH, CONTENT_TYPE, REMOTE_PORT, SERVER_ADDR, SERVER_PORT, SERVER_PROTOCOL, DOCUMENT_ROOT, SERVER_NAME, REQUEST_METHOD, REQUEST_URI, and REMOTE_USER variables. *) Change: nginx now passes the invalid lines in a client request headers or a backend response header. *) Bugfix: if the backend did not transfer response for a long time and the "send_timeout" was less than "proxy_read_timeout", then nginx returned the 408 response. *) Bugfix: the segmentation fault was occurred if the backend sent an invalid line in response header; the bug had appeared in 0.1.26. *) Bugfix: the segmentation fault may occurred in FastCGI fault tolerance configuration. *) Bugfix: the "expires" directive did not remove the previous "Expires" and "Cache-Control" headers. *) Bugfix: nginx did not take into account trailing dot in "Host" header line. *) Bugfix: the ngx_http_auth_module did not work under Linux. *) Bugfix: the rewrite directive worked incorrectly, if the arguments were in a request. *) Bugfix: nginx could not be built on MacOS X.
2005-05-12 10:58:06 -04:00
{
axe useless r->server_name
2007-12-30 05:15:27 -03:00
char *uri_separator;
u_char *p;
ngx_http_upstream_t *u;
ngx_http_core_srv_conf_t *cscf;
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
axe useless r->server_name
2007-12-30 05:15:27 -03:00
cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
p = ngx_snprintf(buf, len, ", server: %V", &cscf->server_name);
len -= p - buf;
buf = p;
nginx-0.1.26-RELEASE import *) Change: the invalid client header lines are now ignored and logged at the info level. *) Change: the server name is also logged in error log. *) Feature: the ngx_http_auth_basic_module module and the auth_basic and auth_basic_user_file directives.
2005-03-22 12:02:46 -04:00
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
if (r->request_line.data == NULL && r->request_start) {
for (p = r->request_start; p < r->header_in->last; p++) {
log entire request line instead of URI only
2007-11-27 09:22:01 -03:00
if (*p == CR || *p == LF) {
break;
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
}
}
HTTP/3: refactored request parser. The change reduces diff to the default branch for src/http/ngx_http_request.c and src/http/ngx_http_parse.c.
2021-01-22 10:34:06 -03:00
r->request_line.len = p - r->request_start;
r->request_line.data = r->request_start;
log entire request line instead of URI only
2007-11-27 09:22:01 -03:00
}
if (r->request_line.len) {
p = ngx_snprintf(buf, len, ", request: \"%V\"", &r->request_line);
len -= p - buf;
buf = p;
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
}
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
if (r != sr) {
p = ngx_snprintf(buf, len, ", subrequest: \"%V\"", &sr->uri);
len -= p - buf;
buf = p;
}
u = sr->upstream;
upstream choice modules
2006-12-04 13:46:13 -03:00
if (u && u->peer.name) {
uri_separator = "";
#if (NGX_HAVE_UNIX_DOMAIN)
if (u->peer.sockaddr && u->peer.sockaddr->sa_family == AF_UNIX) {
uri_separator = ":";
}
#endif
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
p = ngx_snprintf(buf, len, ", upstream: \"%V%V%s%V\"",
proxy_pass variables support
2007-11-27 10:34:13 -03:00
&u->schema, u->peer.name,
upstream choice modules
2006-12-04 13:46:13 -03:00
uri_separator, &u->uri);
nginx-0.3.54-RELEASE import *) Feature: nginx now logs the subrequest information to the error log. *) Feature: the "proxy_next_upstream", "fastcgi_next_upstream", and "memcached_next_upstream" directives support the "off" parameter. *) Feature: the "debug_connection" directive supports the CIDR address form. *) Bugfix: if a response of proxied server or FastCGI server was converted from UTF-8 or back, then it may be transferred incomplete. *) Bugfix: the $upstream_response_time variable had the time of the first request to a backend only. *) Bugfix: nginx could not be built on amd64 platform; the bug had appeared in 0.3.53.
2006-07-11 09:20:19 -04:00
len -= p - buf;
buf = p;
}
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
if (r->headers_in.host) {
p = ngx_snprintf(buf, len, ", host: \"%V\"",
&r->headers_in.host->value);
len -= p - buf;
buf = p;
}
if (r->headers_in.referer) {
p = ngx_snprintf(buf, len, ", referrer: \"%V\"",
&r->headers_in.referer->value);
buf = p;
}
nginx-0.1.5-RELEASE import *) Bugfix: on Solaris and Linux there may be too many "recvmsg() returned not enough data" alerts. *) Bugfix: there were the "writev() failed (22: Invalid argument)" errors on Solaris in proxy mode without sendfile. On other platforms that do not support sendfile at all the process got caught in an endless loop. *) Bugfix: segmentation fault on Solaris in proxy mode and using sendfile. *) Bugfix: segmentation fault on Solaris. *) Bugfix: on-line upgrade did not work on Linux. *) Bugfix: the ngx_http_autoindex_module module did not escape the spaces, the quotes, and the percent signs in the directory listing. *) Change: the decrease of the copy operations. *) Feature: the userid_p3p directive.
2004-11-11 11:07:14 -03:00
nginx-0.1.27-RELEASE import *) Feature: the "blocked" parameter of the "valid_referers" directive. *) Change: the errors while handling the request header now logged at "info" level. The server name and the "Host" and "Referer" header lines also logged. *) Change: the "Host" header line is also logged in error log. *) Feature: the proxy_pass_unparsed_uri directive. The special handling of the "://" symbols in URI, appeared in 0.1.11 version, now is canceled. *) Bugfix: nginx could not be built on FreeBSD and Linux, if the --without-ngx_http_auth_basic_module configuration parameter was used.
2005-03-28 10:43:02 -04:00
return buf;
nginx-0.0.1-2002-08-06-20:39:45 import The first code that uses "ngx_" prefix, the previous one used "gx_" prefix. At that point the code is not yet usable. The first draft ideas are dated back to 23.10.2001.
2002-08-06 12:39:45 -04:00
}