Datong Sun
93f785eed6
feature: added patches to the nginx core to make sure ngx_stream_ssl_preread_module will not skip the rest of the preread phase when SNI server name parsing was successful.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2018-01-14 22:40:09 -08:00
Datong Sun
30fa60ad5d
patches: updated 1.13.6 balancer_status_code.patch and added patch for 1.13.8 as well.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2018-01-09 17:52:04 -08:00
spacewander
ee6b26e347
feature: added the sess_set_get_cb_yield patch for OpenSSL 1.1.0d and beyond.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2018-01-05 23:38:32 -08:00
spacewander
a0dc14761a
feature: added the sess_set_get_cb_yield patch for OpenSSL 1.1.0c and beyond.
...
The patch is based on
https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/1588.patch ,
with some minor modifications.
Thanks Alessandro Ghedini for the ground work.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2018-01-05 14:41:47 -08:00
Yichun Zhang (agentzh)
84734aa1f9
bugfix: fixed double free issues in the new init_cycle_pool_release patch for the nginx core.
2017-12-17 00:03:29 -08:00
Yichun Zhang (agentzh)
f721f66b4e
feature: applied the init_cycle_pool_release patch to nginx 1.13.6+ cores to make it valgrind or asan clean.
2017-12-16 12:41:12 -08:00
Yichun Zhang (agentzh)
a1109b8dd2
upgraded the nginx core to 1.13.6.
2017-10-26 09:33:38 -07:00
Datong Sun
94766f7a41
patches: ensure "server" header in HTTP/2 response shows "openresty" when server_tokens are turned off.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-09-19 19:46:55 -07:00
Yichun Zhang (agentzh)
4eae6e2415
upgraded the nginx core to 1.13.5.
2017-09-15 23:38:48 -07:00
Yichun Zhang (agentzh)
3e2540f6a0
upgraded nginx core to 1.13.4.
2017-09-01 12:37:07 -07:00
Datong Sun
4b594fdce6
feature: added nginx core patches needed by ngx_stream_lua_module's balancer_by_lua*.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
1f2121b546
removed patches for the nginx 1.13.2 core.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
6237430ef4
upgraded nginx core to 1.13.3.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
967d1261cd
added more fixes.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
1426d3283d
fixed the dtrace patch for nginx.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
45a8fb27e4
fixed the upstream_timeout_fields patch for nginx.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
3c114dbe46
fixed the log_escape_non_ascii patch for the nginx core.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
20e70449f8
fixed the nginx server_header patch.
2017-09-01 12:37:07 -07:00
Yichun Zhang (agentzh)
6614441908
upgraded the nginx core to 1.13.2 (some patches fail to apply though).
2017-09-01 12:37:07 -07:00
spacewander
adcff66454
feature: applied a patch to the nginx core to make the nginx variable $proxy_add_x_forwarded_for accessible on Lua land.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-07-16 10:51:28 -07:00
Yichun Zhang (agentzh)
19c6e1fb5c
bugfix: applied nginx's official security fix for an issue in the range filter (CVE-2017-7529).
2017-07-11 10:31:25 -07:00
Datong Sun
3b74625ad3
feature: added the balancer_status_code patch to the nginx core to allow returning arbitrary HTTP status codes inside upstream balancers.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-06-28 10:48:48 -07:00
Yichun Zhang (agentzh)
add30287e1
change: applied a patch to the nginx core to turn nginx to openresty in the builtin special response pages' footer.
...
Thanks Datong Sun for the patch.
2017-06-23 14:33:08 -07:00
Datong Sun
6e74463f66
optimize: privileged agent: reduced the number of ngx_connection_t allocated inside the privileged worker to avoid excessive memory consumption when worker_connections is set very high.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-06-17 15:05:57 -07:00
Datong Sun
4950ec7f62
feature: applied the delayed-posted-events patch to the nginx core for adding "delayed posted events" which run in the next event cycle with 0 delay.
...
this nginx core feature is needed by the ngx.sleep(0) feature in
ngx_lua, for example.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-05-14 22:29:31 -07:00
Yichun Zhang (agentzh)
ec8acae28e
bugfix: applied the single_process_graceful_exit patch to the nginx core to fix the issue that nginx fails to perform graceful exit when master_process is turned off.
2017-05-14 10:43:57 -07:00
Yuansheng
7a7576319e
feature: applied the intercept_error_log patch to the nginx core to provide 3rd-party modules a hook to intercept nginx error log data without touching files.
...
3rd-party modules can register a custom interception hook to ngx_http_core_main_conf_t.intercept_log_handler.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-05-12 13:25:36 -07:00
Yuansheng
79dc3c56aa
feature: applied a small patch to the nginx core to add support for the "privileged agent" process which is run by the same system account as the master.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-05-05 18:12:47 -07:00
Thibault Charbonnier
b490cfeea4
feature: applied the safe_resolver_ipv6_option patch to the nginx core to avoid the 'ipv6=off' option to be parsed by nginx when it is not built with IPv6 support.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2016-12-26 22:14:59 -08:00
Yichun Zhang (agentzh)
381697b884
added the nginx core patch ssl_pending_session for nginx 1.9.15 as well.
2016-07-19 21:57:22 -07:00
Yichun Zhang (agentzh)
97901f3357
feature: applied the ssl_pending_session.patch to the nginx core to support the ssl_session_fetch_by_lua* and ssl_session_store_by_lua* in ngx_lua.
...
also added an openssl patch to support yieldable callback set by
SSL_CTX_sess_set_get_cb().
2016-07-19 19:26:29 -07:00
Yichun Zhang (agentzh)
09ca92f51f
upgraded the nginx core to 1.11.2.
2016-07-17 19:45:33 -07:00
Yichun Zhang (agentzh)
99f0618218
nginx-1.9.15-upstream_timeout_fields.patch: renamed HAVE_UPSTREAM_TIMEOUT_FIELDS to HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS.
2016-07-09 11:21:23 -07:00
Yichun Zhang (agentzh)
7c274e056e
feature: added the upstream_timeout_fields patch to the nginx core to allow per-request connect/send/read timeout settings for individual upstream requests and retries.
2016-07-01 12:17:53 -07:00
Yichun Zhang (agentzh)
c47aef193f
bugfix: applied the patch for nginx security advisory (CVE-2016-4450) to the nginx 1.9.15 core.
2016-05-31 15:45:49 -07:00
Yichun Zhang (agentzh)
d6a8907fc0
resolved conflicts while merging the branch 1.9.7.x into master.
2016-05-31 15:43:07 -07:00
Yichun Zhang (agentzh)
bf47ba9529
bugfix: applied the patch for nginx security advisory (CVE-2016-4450).
...
also bumped version to 1.9.7.5.
2016-05-31 13:19:28 -07:00
Yichun Zhang (agentzh)
741ff983e8
updated the dtrace patch for 1.9.15.
2016-05-02 15:54:55 -07:00
Yichun Zhang (agentzh)
a9cada5c27
updated dtrace patch.
2016-05-02 15:51:57 -07:00
Yichun Zhang (agentzh)
1b197fb27a
upgraded ngx_devel_kit to 0.3.0rc1; also fixed the no-pool patch for nginx 1.9.15.
2016-04-21 16:56:26 -07:00
Yichun Zhang (agentzh)
86be514b1c
upgraded the nginx core to 1.9.15.
2016-04-21 16:16:58 -07:00
Yichun Zhang (agentzh)
5f7f678876
upgraded the NGINX core to 1.9.11 and ngx_lua to 0.10.1rc0.
2016-02-10 18:21:04 -08:00
Yichun Zhang (agentzh)
8c6b0f77af
bugfix: applied nginx-1.9.7-resolver_security_fixes.patch by default.
2016-01-28 09:28:18 -08:00
Yichun Zhang (agentzh)
220b940e66
bugfix: the ./configure options --with-dtrace-probes and --with-stream did not work together.
2016-01-07 12:34:39 -08:00
Yichun Zhang (agentzh)
c0c2f883e9
feature: applied the ssl_cert_cb_yield patch to the NGINX core to allow yielding in OpenSSL's SSL_CTX_set_cert_cb() callbacks (needed by ngx_lua's ssl_certificate_by_lua*, for example).
2016-01-03 10:21:03 -08:00
Yichun Zhang (agentzh)
83eeb14f6c
upgraded the nginx core to 1.9.7.
2015-11-24 22:37:40 +08:00
Yichun Zhang (agentzh)
1f4045ef2c
More MSYS/MinGW love.
...
* upgraded ngx_lua to 0.9.18rc1 to support Win32 LuaJIT DLL.
* upgraded lua-redis-parser to 0.11rc1 for better Win32 support.
* upgraded lua-rds-parser to 0.06rc2 for better Win32 support.
* upgraded ngx_rds_csv to 0.07rc1 for better Win32 support.
* upgraded lua-resty-cli to 0.04rc1 for better Win32 support.
* upgraded lua-resty-core to 0.1.2.
* applied a patch to LuaJIT to add "!/lualib/" to the default Lua
package search paths.
* upgraded lua-cjson to 2.1.0.3rc2 for better Win32 support and
a suppressed gcc warning.
* use OpenResty's nginx tarballs extracted directly from the official nginx
code repos, because we need the win32 support which is excluded in the
official nginx release tarballs. Our nginx release tarballs are
generated by the util/package-nginx.sh script.
* added the util/package-win32.sh script to generate the Win32 OpenResty
binary distribution file.
* applied a patch to always enable C compiler feature tests in nginx's
own build system because the MinGW gcc compiler on Win32 is also
powerful enough to support advanced features like variadic macros.
* added document README-win32.
* util/dist-check: do a partial uninstallation before installing
anything new.
* added util/build-win32.sh to build OpenResty on Win32 using the
MinGW/MSYS toolchain.
* ./configure: added support for building on Win32 using the MinGW/MSYS
toolchain.
2015-11-02 15:41:50 +08:00
Yichun Zhang (agentzh)
f84e035e45
upgraded the nginx core to 1.9.3.
2015-07-16 11:45:34 +08:00
Yichun Zhang (agentzh)
4907d14700
fixed a compilation error when both the dtrace static probes and --with-threads are specified.
2015-07-08 20:53:55 +08:00
Yichun Zhang (agentzh)
ce65738299
upgraded the nginx core to 1.9.2.
2015-07-03 20:04:13 +08:00
Yichun Zhang (agentzh)
99ca550104
use Maxim Dounin's version of the upstream_filter_finalize patch.
2015-02-15 14:10:11 -08:00
Yichun Zhang (agentzh)
6be51e769a
bugfix: applied the upstream_filter_finalize patch to the nginx core to fix corrupted $upstream_response_time values when filter_finalize and error_page are both used. thanks Daniel Bento for the report.
2015-02-12 17:20:22 -08:00
Yichun Zhang (agentzh)
6142b6936f
upgraded the nginx core to 1.7.10.
2015-02-11 14:49:26 -08:00
Yichun Zhang (agentzh)
6b052c8fca
bugfix: ngx_http_redis failed to compile when the ngx_gzip module was disabled. thanks anod221 for the report in #79 .
2015-01-29 14:53:48 -08:00
Yichun Zhang (agentzh)
fab852190b
fixed the context line numbers in ngx_http_redis-0.3.7-variables_in_redis_pass.patch.
2015-01-29 12:49:20 -08:00
Yichun Zhang (agentzh)
5cb6e4f591
Revert "bugfix: applied the patch to fix a new regression in nginx 1.7.7's ngx_gzip and ngx_gunzip modules that could lead to request hang when the downstream is slow to write to."
...
This reverts commit b6d3a5cf7b
.
2014-11-15 11:49:06 -08:00
Yichun Zhang (agentzh)
b6d3a5cf7b
bugfix: applied the patch to fix a new regression in nginx 1.7.7's ngx_gzip and ngx_gunzip modules that could lead to request hang when the downstream is slow to write to.
2014-10-31 18:18:38 -07:00
Yichun Zhang (agentzh)
46a5fd3bba
upgraded the nginx core to 1.7.7.
2014-10-29 21:27:14 -07:00
Yichun Zhang (agentzh)
445ca90f06
bugfix: applied a patch to the nginx core to fix the memory invalid reads when exceeding the pre-configured limits in an ngx_hash_t hash table. also upgraded ngx_lua to 0.9.13rc1.
2014-10-06 23:45:48 -07:00
Yichun Zhang (agentzh)
dde4c94fd0
bugfix: applied a patch to the nginx core to fix a memory invalid read regression introduced in nginx 1.7.5+'s resolver.
2014-09-30 16:05:19 -07:00
Yichun Zhang (agentzh)
8dae181c24
upgraded the nginx core to 1.7.5.
2014-09-20 16:16:31 -07:00
Yichun Zhang (agentzh)
e225c37731
upgraded the nginx core to 1.7.4.
2014-08-07 19:18:57 -07:00
Yichun Zhang (agentzh)
cd89141e48
updated the proxy_ssl_handshake_timer patch to the upstream version as per Jared Feng's request.
2014-07-28 13:08:39 -07:00
Yichun Zhang (agentzh)
43ae08a6c4
bugfix: applied a patch to fix a bug in the standard ngx_geoip module where its nginx variables like $geoip_latitude might randomly take empty values when they should take perfect values. see http://mailman.nginx.org/pipermail/nginx-devel/2014-July/005642.html
2014-07-25 15:03:42 -07:00
Yichun Zhang (agentzh)
f26ae39115
bugfix: applied a patch to the nginx core to ensure the ssl handshake procedure in ngx_proxy is always protected by a timer for timeout errors. see http://mailman.nginx.org/pipermail/nginx-devel/2014-July/005627.html
2014-07-22 17:10:22 -07:00
Yichun Zhang (agentzh)
cc4a307f0e
upgraded the nginx core to 1.7.3.
2014-07-13 20:35:52 -07:00
Yichun Zhang (agentzh)
b824a3cb59
upgraded the nginx core to 1.7.2.
2014-06-17 16:57:10 -07:00
Yichun Zhang (agentzh)
39407386ea
removed the cve-2013-2070 patch which is useless for nginx 1.7.0.
2014-05-22 13:32:19 -07:00
Yichun Zhang (agentzh)
e37973502e
bugfix: updated the dtrace patch because systemtap 2.5 no longer accepts the -xnolib option in its dtrace utility.
2014-05-18 15:46:20 -07:00
Yichun Zhang (agentzh)
52e622a26c
bugfix: our "prev_slab" field of ngx_slab_page_t could get out of sync in the slab_defrag patch for nginx. thanks Shuxin Yang for the catch.
2014-05-09 15:15:44 -07:00
Yichun Zhang (agentzh)
20e69718ce
fixed a bug in slab_defrag.patch for the nginx core that we may incorrectly access the padding area between the end of pool->pages and pool->start. thanks Shuxin Yang for the catch.
2014-05-07 13:11:06 -07:00
Yichun Zhang (agentzh)
05334f1b5b
updated the slab_defrag patch (for nginx) with better comments. thanks Shuxin for the suggestions.
2014-05-06 16:25:56 -07:00
Yichun Zhang (agentzh)
91549c16b4
updated the slab_defrag patch (for nginx) a bit.
2014-05-06 14:24:24 -07:00
Yichun Zhang (agentzh)
1dbd0b24d2
apply the slab_defrag patch to the nginx core by default.
2014-05-06 13:16:59 -07:00
Yichun Zhang (agentzh)
9c3a123035
upgraded nginx core to 1.7.0.
2014-05-03 12:59:19 -07:00
Yichun Zhang (agentzh)
b0f1e786c1
upgraded the nginx core to 1.5.12.
2014-04-03 17:36:53 -07:00
Yichun Zhang (agentzh)
37ba2b1015
backported the patch to the nginx core for the latest SPDY security vulnerability (CVE-2014-0133).
2014-03-19 17:38:31 -07:00
Yichun Zhang (agentzh)
d21cc33749
nginx: disabled the -Werror option for clang too. thanks Hamish Forbes for the report.
2014-03-13 20:58:54 -07:00
Yichun Zhang (agentzh)
e36d505d80
upgraded the patches for nginx 1.5.11.
2014-03-08 15:02:35 -08:00
Yichun Zhang (agentzh)
227e4e0da2
upgraded nginx core to 1.5.9.
2014-01-27 22:11:50 -08:00
Yichun Zhang (agentzh)
676150c81b
bugfix: setting $args might not make ngx_proxy (and others) honour the change. applied the setting_args_invalidates_uri patch to fix this issue. thanks rvsw for the report.
2014-01-23 12:06:48 -08:00
Yichun Zhang (agentzh)
c9d9e4a8dd
updated the resolve-names-with-a-trailing-dot patch according to the feedback from Piotr Sikora and Ruslan Ermilov.
2014-01-10 12:06:37 -08:00
Yichun Zhang (agentzh)
9a3e9dbffd
bugfix: nginx's builtin resolver did not accept domain names with a trailing dot.
2014-01-08 11:50:58 -08:00
Yichun Zhang (agentzh)
1eb135cc6a
upraded the nginx core to 1.5.8.
2013-12-18 13:44:42 -08:00
Yichun Zhang (agentzh)
4bab759ea3
optimize: shortened the server string "ngx_openresty" to "openresty".
2013-12-15 16:28:50 -08:00
Yichun Zhang (agentzh)
8cec47f755
upgraded the nginx core to 1.5.7.
2013-12-15 13:21:56 -08:00
Yichun Zhang (agentzh)
0528788543
feature: added new configure option --with-pcre-conf-opt=OPTIONS to the nginx core to allow custom PCRE ./configure build options. thanks Lance Li for the original patch in #39 .
2013-12-10 10:19:00 -08:00
Yichun Zhang (agentzh)
2fb9ed5c1d
updated the larger_max_error_str patch to allow NGX_MAX_ERROR_STR to be redefined from the outside.
2013-12-05 20:36:53 -08:00
Yichun Zhang (agentzh)
1728ca8c66
feature: applied the larger_max_error_str patch to the nginx core to allow error log messages up to 4096 bytes.
2013-12-05 20:33:30 -08:00
Yichun Zhang (agentzh)
633abb71bf
upgraded the patch "variables_in_redis_pass" to ngx_http_redis 0.3.7.
2013-12-03 12:06:31 -08:00
Yichun Zhang (agentzh)
8b86c72ea2
applied the official patch patch.2013.space.txt for the Nginx core to fix the security issue CVE-2013-4547.
2013-11-20 21:05:36 -08:00
Yichun Zhang (agentzh)
b694456ef3
bugfix: applied the cache_manager_exit patch to the nginx core to fix an issue when the cache manager process is shutting down.
2013-11-04 13:08:57 -08:00
Yichun Zhang (agentzh)
68d1241d12
updated the gzip_flush_bug patch to fix the issue in the ngx_gunzip module. thanks Maxim Dounin for the catch.
2013-10-28 15:30:52 -07:00
Yichun Zhang (agentzh)
f35f66a487
feature: added patch nginx-1.4.3-proxy_host_port_vars to make $proxy_host and $proxy_port accessible for dynamic languages like Lua and Perl.
2013-10-27 15:37:11 -07:00
Yichun Zhang (agentzh)
aac5d5e49e
updated nginx-1.4.3-gzip_flush_bug.patch according to Maxim Dounin's feedback.
2013-10-27 15:00:06 -07:00
Yichun Zhang (agentzh)
8bc4bf391a
updated the gzip_flush_bug patch according to the feedback from Maxim Dounin.
2013-10-26 17:24:51 -07:00
Yichun Zhang (agentzh)
1df484be52
bugfix: applied the cache_lock_hang_in_subreq patch to the nginx core to fix the request hang when using proxy_cache_lock in subrequests and the cache lock timeout happens.
2013-10-26 14:54:50 -07:00
Yichun Zhang (agentzh)
4308a5ca45
bugfix: applied the gzip_flush_bug.patch to the nginx core. see also http://mailman.nginx.org/pipermail/nginx-devel/2013-October/004429.html
2013-10-25 17:31:39 -07:00
Yichun Zhang (agentzh)
274b1b6778
bugfix: backported Maxim Dounin's patch to fix an issue in the ngx_gzip module: it did not clear r->connection->buffered when the pending data was already flushed out. this could hang ngx_lua's ngx.flush(true) call, for example.
2013-10-19 20:49:06 -07:00
Yichun Zhang (agentzh)
35e053cb6c
upgraded the nginx core to 1.4.3.
2013-10-17 16:15:42 -07:00