9e834398de
feature: updated the NGINX patches for async SSL session fetching to support OpenSSL 1.1.1.
...
The patch was also renamed from `ssl_pending_session.patch` to
`ssl_sess_cb_yield.patch` (similarly to the existing
`ssl_cert_cb_yield.patch` one).
Signed-off-by: Thibault Charbonnier <thibaultcha@me.com >
2019-06-04 16:40:22 -07:00
bf2e5697e1
bugfix: win32/win64: the error log buffer size was merely 2048 bytes (now updated to 4096 bytes).
...
applied the win32_max_err_str patch for the nginx core.
2019-05-08 14:46:56 -07:00
ed32897702
bugfix: added an openssl patch to fix the parallel build regression in openssl 1.1.0j.
2019-03-02 01:41:24 -08:00
2879e59e7b
feature: updated the socket_cloexec patches to support the ngx.pipe API.
...
Signed-off-by: Thibault Charbonnier <thibaultcha@me.com >
2019-01-29 17:45:47 -08:00
8c8d51663e
upgraded the nginx core 1.15.8.
2019-01-18 14:33:32 -08:00
b91001a87e
upgraded the nginx core to 1.15.6.
2018-11-13 11:42:43 -08:00
f58e6eb013
upgraded the nginx core to 1.15.5.
2018-10-29 16:05:53 -07:00
a245ff1644
fixed the patch file name to be more consistent with other patches.
2018-09-17 20:21:09 -07:00
17384566bb
bugfix: nginx did not destroy the cycle memory pool before the daemon process exits.
...
This is to make the nginx ASAN or Valgrind clean in daemon mode. It is
also meaningful when we have more sophisticated cleanup work needed in
the configuration initialization phase and handlers like init_by_lua*.
2018-09-17 20:12:17 -07:00
f0e621b0c4
bugfix: nginx patch: do not build resolver parsing feature under Windows.
...
bugfix: nginx patch: moved the include of resolv.h to after ngx_config.h to avoid compilation failures on FreeBSD.
bugfix: patch: updated safe_resolver_ipv6_option.patch with new offsets to avoid confusing patch while applying.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-04-20 17:55:54 -07:00
ff89bf3ea1
resolv.conf: fixed a bug that when a newline character is present at the end of the resolv.conf file, the parser incorrectly included such newline in the parsed address.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-03-30 12:21:19 -07:00
a4f399b3ac
feature: added the socket_cloexec patch to ensure most of the nginx connections could be closed before child process terminates.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-03-27 13:46:01 -07:00
3d8b33f0e8
feature: added a patch for the nginx core to add the "local=/path/to/resolv.conf" option to the standard "resolver" config directive.
...
This can enable the use of system-level nameserver configurations of
/etc/resolv.conf, for example, in nginx's own nonblocking DNS resolver.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-03-16 16:19:19 -07:00
93f785eed6
feature: added patches to the nginx core to make sure ngx_stream_ssl_preread_module will not skip the rest of the preread phase when SNI server name parsing was successful.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-01-14 22:40:09 -08:00
30fa60ad5d
patches: updated 1.13.6 balancer_status_code.patch and added patch for 1.13.8 as well.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-01-09 17:52:04 -08:00
ee6b26e347
feature: added the sess_set_get_cb_yield patch for OpenSSL 1.1.0d and beyond.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-01-05 23:38:32 -08:00
a0dc14761a
feature: added the sess_set_get_cb_yield patch for OpenSSL 1.1.0c and beyond.
...
The patch is based on
https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/1588.patch ,
with some minor modifications.
Thanks Alessandro Ghedini for the ground work.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2018-01-05 14:41:47 -08:00
84734aa1f9
bugfix: fixed double free issues in the new init_cycle_pool_release patch for the nginx core.
2017-12-17 00:03:29 -08:00
f721f66b4e
feature: applied the init_cycle_pool_release patch to nginx 1.13.6+ cores to make it valgrind or asan clean.
2017-12-16 12:41:12 -08:00
a1109b8dd2
upgraded the nginx core to 1.13.6.
2017-10-26 09:33:38 -07:00
94766f7a41
patches: ensure "server" header in HTTP/2 response shows "openresty" when server_tokens are turned off.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-09-19 19:46:55 -07:00
4eae6e2415
upgraded the nginx core to 1.13.5.
2017-09-15 23:38:48 -07:00
3e2540f6a0
upgraded nginx core to 1.13.4.
2017-09-01 12:37:07 -07:00
4b594fdce6
feature: added nginx core patches needed by ngx_stream_lua_module's balancer_by_lua*.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-09-01 12:37:07 -07:00
1f2121b546
removed patches for the nginx 1.13.2 core.
2017-09-01 12:37:07 -07:00
6237430ef4
upgraded nginx core to 1.13.3.
2017-09-01 12:37:07 -07:00
967d1261cd
added more fixes.
2017-09-01 12:37:07 -07:00
1426d3283d
fixed the dtrace patch for nginx.
2017-09-01 12:37:07 -07:00
45a8fb27e4
fixed the upstream_timeout_fields patch for nginx.
2017-09-01 12:37:07 -07:00
3c114dbe46
fixed the log_escape_non_ascii patch for the nginx core.
2017-09-01 12:37:07 -07:00
20e70449f8
fixed the nginx server_header patch.
2017-09-01 12:37:07 -07:00
6614441908
upgraded the nginx core to 1.13.2 (some patches fail to apply though).
2017-09-01 12:37:07 -07:00
adcff66454
feature: applied a patch to the nginx core to make the nginx variable $proxy_add_x_forwarded_for accessible on Lua land.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-07-16 10:51:28 -07:00
19c6e1fb5c
bugfix: applied nginx's official security fix for an issue in the range filter (CVE-2017-7529).
2017-07-11 10:31:25 -07:00
3b74625ad3
feature: added the balancer_status_code patch to the nginx core to allow returning arbitrary HTTP status codes inside upstream balancers.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-06-28 10:48:48 -07:00
add30287e1
change: applied a patch to the nginx core to turn nginx to openresty in the builtin special response pages' footer.
...
Thanks Datong Sun for the patch.
2017-06-23 14:33:08 -07:00
6e74463f66
optimize: privileged agent: reduced the number of ngx_connection_t allocated inside the privileged worker to avoid excessive memory consumption when worker_connections is set very high.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-06-17 15:05:57 -07:00
4950ec7f62
feature: applied the delayed-posted-events patch to the nginx core for adding "delayed posted events" which run in the next event cycle with 0 delay.
...
this nginx core feature is needed by the ngx.sleep(0) feature in
ngx_lua, for example.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-05-14 22:29:31 -07:00
ec8acae28e
bugfix: applied the single_process_graceful_exit patch to the nginx core to fix the issue that nginx fails to perform graceful exit when master_process is turned off.
2017-05-14 10:43:57 -07:00
7a7576319e
feature: applied the intercept_error_log patch to the nginx core to provide 3rd-party modules a hook to intercept nginx error log data without touching files.
...
3rd-party modules can register a custom interception hook to ngx_http_core_main_conf_t.intercept_log_handler.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-05-12 13:25:36 -07:00
79dc3c56aa
feature: applied a small patch to the nginx core to add support for the "privileged agent" process which is run by the same system account as the master.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2017-05-05 18:12:47 -07:00
b490cfeea4
feature: applied the safe_resolver_ipv6_option patch to the nginx core to avoid the 'ipv6=off' option to be parsed by nginx when it is not built with IPv6 support.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com >
2016-12-26 22:14:59 -08:00
381697b884
added the nginx core patch ssl_pending_session for nginx 1.9.15 as well.
2016-07-19 21:57:22 -07:00
97901f3357
feature: applied the ssl_pending_session.patch to the nginx core to support the ssl_session_fetch_by_lua* and ssl_session_store_by_lua* in ngx_lua.
...
also added an openssl patch to support yieldable callback set by
SSL_CTX_sess_set_get_cb().
2016-07-19 19:26:29 -07:00
09ca92f51f
upgraded the nginx core to 1.11.2.
2016-07-17 19:45:33 -07:00
99f0618218
nginx-1.9.15-upstream_timeout_fields.patch: renamed HAVE_UPSTREAM_TIMEOUT_FIELDS to HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS.
2016-07-09 11:21:23 -07:00
7c274e056e
feature: added the upstream_timeout_fields patch to the nginx core to allow per-request connect/send/read timeout settings for individual upstream requests and retries.
2016-07-01 12:17:53 -07:00
c47aef193f
bugfix: applied the patch for nginx security advisory (CVE-2016-4450) to the nginx 1.9.15 core.
2016-05-31 15:45:49 -07:00
d6a8907fc0
resolved conflicts while merging the branch 1.9.7.x into master.
2016-05-31 15:43:07 -07:00
bf47ba9529
bugfix: applied the patch for nginx security advisory (CVE-2016-4450).
...
also bumped version to 1.9.7.5.
2016-05-31 13:19:28 -07:00
