a0dc14761a
feature: added the sess_set_get_cb_yield patch for OpenSSL 1.1.0c and beyond.
...
The patch is based on
https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/1588.patch ,
with some minor modifications.
Thanks Alessandro Ghedini for the ground work.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2018-01-05 14:41:47 -08:00
84734aa1f9
bugfix: fixed double free issues in the new init_cycle_pool_release patch for the nginx core.
2017-12-17 00:03:29 -08:00
f721f66b4e
feature: applied the init_cycle_pool_release patch to nginx 1.13.6+ cores to make it valgrind or asan clean.
2017-12-16 12:41:12 -08:00
a1109b8dd2
upgraded the nginx core to 1.13.6.
2017-10-26 09:33:38 -07:00
94766f7a41
patches: ensure "server" header in HTTP/2 response shows "openresty" when server_tokens are turned off.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-09-19 19:46:55 -07:00
4eae6e2415
upgraded the nginx core to 1.13.5.
2017-09-15 23:38:48 -07:00
3e2540f6a0
upgraded nginx core to 1.13.4.
2017-09-01 12:37:07 -07:00
4b594fdce6
feature: added nginx core patches needed by ngx_stream_lua_module's balancer_by_lua*.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-09-01 12:37:07 -07:00
1f2121b546
removed patches for the nginx 1.13.2 core.
2017-09-01 12:37:07 -07:00
6237430ef4
upgraded nginx core to 1.13.3.
2017-09-01 12:37:07 -07:00
967d1261cd
added more fixes.
2017-09-01 12:37:07 -07:00
1426d3283d
fixed the dtrace patch for nginx.
2017-09-01 12:37:07 -07:00
45a8fb27e4
fixed the upstream_timeout_fields patch for nginx.
2017-09-01 12:37:07 -07:00
3c114dbe46
fixed the log_escape_non_ascii patch for the nginx core.
2017-09-01 12:37:07 -07:00
20e70449f8
fixed the nginx server_header patch.
2017-09-01 12:37:07 -07:00
6614441908
upgraded the nginx core to 1.13.2 (some patches fail to apply though).
2017-09-01 12:37:07 -07:00
adcff66454
feature: applied a patch to the nginx core to make the nginx variable $proxy_add_x_forwarded_for accessible on Lua land.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-07-16 10:51:28 -07:00
19c6e1fb5c
bugfix: applied nginx's official security fix for an issue in the range filter (CVE-2017-7529).
2017-07-11 10:31:25 -07:00
3b74625ad3
feature: added the balancer_status_code patch to the nginx core to allow returning arbitrary HTTP status codes inside upstream balancers.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-06-28 10:48:48 -07:00
add30287e1
change: applied a patch to the nginx core to turn nginx to openresty in the builtin special response pages' footer.
...
Thanks Datong Sun for the patch.
2017-06-23 14:33:08 -07:00
6e74463f66
optimize: privileged agent: reduced the number of ngx_connection_t allocated inside the privileged worker to avoid excessive memory consumption when worker_connections is set very high.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-06-17 15:05:57 -07:00
4950ec7f62
feature: applied the delayed-posted-events patch to the nginx core for adding "delayed posted events" which run in the next event cycle with 0 delay.
...
this nginx core feature is needed by the ngx.sleep(0) feature in
ngx_lua, for example.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-05-14 22:29:31 -07:00
ec8acae28e
bugfix: applied the single_process_graceful_exit patch to the nginx core to fix the issue that nginx fails to perform graceful exit when master_process is turned off.
2017-05-14 10:43:57 -07:00
7a7576319e
feature: applied the intercept_error_log patch to the nginx core to provide 3rd-party modules a hook to intercept nginx error log data without touching files.
...
3rd-party modules can register a custom interception hook to ngx_http_core_main_conf_t.intercept_log_handler.
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-05-12 13:25:36 -07:00
79dc3c56aa
feature: applied a small patch to the nginx core to add support for the "privileged agent" process which is run by the same system account as the master.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2017-05-05 18:12:47 -07:00
b490cfeea4
feature: applied the safe_resolver_ipv6_option patch to the nginx core to avoid the 'ipv6=off' option to be parsed by nginx when it is not built with IPv6 support.
...
Signed-off-by: Yichun Zhang (agentzh) <agentzh@gmail.com>
2016-12-26 22:14:59 -08:00
381697b884
added the nginx core patch ssl_pending_session for nginx 1.9.15 as well.
2016-07-19 21:57:22 -07:00
97901f3357
feature: applied the ssl_pending_session.patch to the nginx core to support the ssl_session_fetch_by_lua* and ssl_session_store_by_lua* in ngx_lua.
...
also added an openssl patch to support yieldable callback set by
SSL_CTX_sess_set_get_cb().
2016-07-19 19:26:29 -07:00
09ca92f51f
upgraded the nginx core to 1.11.2.
2016-07-17 19:45:33 -07:00
99f0618218
nginx-1.9.15-upstream_timeout_fields.patch: renamed HAVE_UPSTREAM_TIMEOUT_FIELDS to HAVE_NGX_UPSTREAM_TIMEOUT_FIELDS.
2016-07-09 11:21:23 -07:00
7c274e056e
feature: added the upstream_timeout_fields patch to the nginx core to allow per-request connect/send/read timeout settings for individual upstream requests and retries.
2016-07-01 12:17:53 -07:00
c47aef193f
bugfix: applied the patch for nginx security advisory (CVE-2016-4450) to the nginx 1.9.15 core.
2016-05-31 15:45:49 -07:00
d6a8907fc0
resolved conflicts while merging the branch 1.9.7.x into master.
2016-05-31 15:43:07 -07:00
bf47ba9529
bugfix: applied the patch for nginx security advisory (CVE-2016-4450).
...
also bumped version to 1.9.7.5.
2016-05-31 13:19:28 -07:00
741ff983e8
updated the dtrace patch for 1.9.15.
2016-05-02 15:54:55 -07:00
a9cada5c27
updated dtrace patch.
2016-05-02 15:51:57 -07:00
1b197fb27a
upgraded ngx_devel_kit to 0.3.0rc1; also fixed the no-pool patch for nginx 1.9.15.
2016-04-21 16:56:26 -07:00
86be514b1c
upgraded the nginx core to 1.9.15.
2016-04-21 16:16:58 -07:00
5f7f678876
upgraded the NGINX core to 1.9.11 and ngx_lua to 0.10.1rc0.
2016-02-10 18:21:04 -08:00
8c6b0f77af
bugfix: applied nginx-1.9.7-resolver_security_fixes.patch by default.
2016-01-28 09:28:18 -08:00
220b940e66
bugfix: the ./configure options --with-dtrace-probes and --with-stream did not work together.
2016-01-07 12:34:39 -08:00
c0c2f883e9
feature: applied the ssl_cert_cb_yield patch to the NGINX core to allow yielding in OpenSSL's SSL_CTX_set_cert_cb() callbacks (needed by ngx_lua's ssl_certificate_by_lua*, for example).
2016-01-03 10:21:03 -08:00
83eeb14f6c
upgraded the nginx core to 1.9.7.
2015-11-24 22:37:40 +08:00
1f4045ef2c
More MSYS/MinGW love.
...
* upgraded ngx_lua to 0.9.18rc1 to support Win32 LuaJIT DLL.
* upgraded lua-redis-parser to 0.11rc1 for better Win32 support.
* upgraded lua-rds-parser to 0.06rc2 for better Win32 support.
* upgraded ngx_rds_csv to 0.07rc1 for better Win32 support.
* upgraded lua-resty-cli to 0.04rc1 for better Win32 support.
* upgraded lua-resty-core to 0.1.2.
* applied a patch to LuaJIT to add "!/lualib/" to the default Lua
package search paths.
* upgraded lua-cjson to 2.1.0.3rc2 for better Win32 support and
a suppressed gcc warning.
* use OpenResty's nginx tarballs extracted directly from the official nginx
code repos, because we need the win32 support which is excluded in the
official nginx release tarballs. Our nginx release tarballs are
generated by the util/package-nginx.sh script.
* added the util/package-win32.sh script to generate the Win32 OpenResty
binary distribution file.
* applied a patch to always enable C compiler feature tests in nginx's
own build system because the MinGW gcc compiler on Win32 is also
powerful enough to support advanced features like variadic macros.
* added document README-win32.
* util/dist-check: do a partial uninstallation before installing
anything new.
* added util/build-win32.sh to build OpenResty on Win32 using the
MinGW/MSYS toolchain.
* ./configure: added support for building on Win32 using the MinGW/MSYS
toolchain.
2015-11-02 15:41:50 +08:00
f84e035e45
upgraded the nginx core to 1.9.3.
2015-07-16 11:45:34 +08:00
4907d14700
fixed a compilation error when both the dtrace static probes and --with-threads are specified.
2015-07-08 20:53:55 +08:00
ce65738299
upgraded the nginx core to 1.9.2.
2015-07-03 20:04:13 +08:00
99ca550104
use Maxim Dounin's version of the upstream_filter_finalize patch.
2015-02-15 14:10:11 -08:00
6be51e769a
bugfix: applied the upstream_filter_finalize patch to the nginx core to fix corrupted $upstream_response_time values when filter_finalize and error_page are both used. thanks Daniel Bento for the report.
2015-02-12 17:20:22 -08:00
6142b6936f
upgraded the nginx core to 1.7.10.
2015-02-11 14:49:26 -08:00
6b052c8fca
bugfix: ngx_http_redis failed to compile when the ngx_gzip module was disabled. thanks anod221 for the report in #79 .
2015-01-29 14:53:48 -08:00
fab852190b
fixed the context line numbers in ngx_http_redis-0.3.7-variables_in_redis_pass.patch.
2015-01-29 12:49:20 -08:00
5cb6e4f591
Revert "bugfix: applied the patch to fix a new regression in nginx 1.7.7's ngx_gzip and ngx_gunzip modules that could lead to request hang when the downstream is slow to write to."
...
This reverts commit b6d3a5cf7b
2014-11-15 11:49:06 -08:00
b6d3a5cf7b
bugfix: applied the patch to fix a new regression in nginx 1.7.7's ngx_gzip and ngx_gunzip modules that could lead to request hang when the downstream is slow to write to.
2014-10-31 18:18:38 -07:00
46a5fd3bba
upgraded the nginx core to 1.7.7.
2014-10-29 21:27:14 -07:00
445ca90f06
bugfix: applied a patch to the nginx core to fix the memory invalid reads when exceeding the pre-configured limits in an ngx_hash_t hash table. also upgraded ngx_lua to 0.9.13rc1.
2014-10-06 23:45:48 -07:00
dde4c94fd0
bugfix: applied a patch to the nginx core to fix a memory invalid read regression introduced in nginx 1.7.5+'s resolver.
2014-09-30 16:05:19 -07:00
8dae181c24
upgraded the nginx core to 1.7.5.
2014-09-20 16:16:31 -07:00
e225c37731
upgraded the nginx core to 1.7.4.
2014-08-07 19:18:57 -07:00
cd89141e48
updated the proxy_ssl_handshake_timer patch to the upstream version as per Jared Feng's request.
2014-07-28 13:08:39 -07:00
43ae08a6c4
bugfix: applied a patch to fix a bug in the standard ngx_geoip module where its nginx variables like $geoip_latitude might randomly take empty values when they should take perfect values. see http://mailman.nginx.org/pipermail/nginx-devel/2014-July/005642.html
2014-07-25 15:03:42 -07:00
f26ae39115
bugfix: applied a patch to the nginx core to ensure the ssl handshake procedure in ngx_proxy is always protected by a timer for timeout errors. see http://mailman.nginx.org/pipermail/nginx-devel/2014-July/005627.html
2014-07-22 17:10:22 -07:00
cc4a307f0e
upgraded the nginx core to 1.7.3.
2014-07-13 20:35:52 -07:00
b824a3cb59
upgraded the nginx core to 1.7.2.
2014-06-17 16:57:10 -07:00
39407386ea
removed the cve-2013-2070 patch which is useless for nginx 1.7.0.
2014-05-22 13:32:19 -07:00
e37973502e
bugfix: updated the dtrace patch because systemtap 2.5 no longer accepts the -xnolib option in its dtrace utility.
2014-05-18 15:46:20 -07:00
52e622a26c
bugfix: our "prev_slab" field of ngx_slab_page_t could get out of sync in the slab_defrag patch for nginx. thanks Shuxin Yang for the catch.
2014-05-09 15:15:44 -07:00
20e69718ce
fixed a bug in slab_defrag.patch for the nginx core that we may incorrectly access the padding area between the end of pool->pages and pool->start. thanks Shuxin Yang for the catch.
2014-05-07 13:11:06 -07:00
05334f1b5b
updated the slab_defrag patch (for nginx) with better comments. thanks Shuxin for the suggestions.
2014-05-06 16:25:56 -07:00
91549c16b4
updated the slab_defrag patch (for nginx) a bit.
2014-05-06 14:24:24 -07:00
1dbd0b24d2
apply the slab_defrag patch to the nginx core by default.
2014-05-06 13:16:59 -07:00
9c3a123035
upgraded nginx core to 1.7.0.
2014-05-03 12:59:19 -07:00
b0f1e786c1
upgraded the nginx core to 1.5.12.
2014-04-03 17:36:53 -07:00
37ba2b1015
backported the patch to the nginx core for the latest SPDY security vulnerability (CVE-2014-0133).
2014-03-19 17:38:31 -07:00
d21cc33749
nginx: disabled the -Werror option for clang too. thanks Hamish Forbes for the report.
2014-03-13 20:58:54 -07:00
e36d505d80
upgraded the patches for nginx 1.5.11.
2014-03-08 15:02:35 -08:00
227e4e0da2
upgraded nginx core to 1.5.9.
2014-01-27 22:11:50 -08:00
676150c81b
bugfix: setting $args might not make ngx_proxy (and others) honour the change. applied the setting_args_invalidates_uri patch to fix this issue. thanks rvsw for the report.
2014-01-23 12:06:48 -08:00
c9d9e4a8dd
updated the resolve-names-with-a-trailing-dot patch according to the feedback from Piotr Sikora and Ruslan Ermilov.
2014-01-10 12:06:37 -08:00
9a3e9dbffd
bugfix: nginx's builtin resolver did not accept domain names with a trailing dot.
2014-01-08 11:50:58 -08:00
1eb135cc6a
upraded the nginx core to 1.5.8.
2013-12-18 13:44:42 -08:00
4bab759ea3
optimize: shortened the server string "ngx_openresty" to "openresty".
2013-12-15 16:28:50 -08:00
8cec47f755
upgraded the nginx core to 1.5.7.
2013-12-15 13:21:56 -08:00
0528788543
feature: added new configure option --with-pcre-conf-opt=OPTIONS to the nginx core to allow custom PCRE ./configure build options. thanks Lance Li for the original patch in #39 .
2013-12-10 10:19:00 -08:00
2fb9ed5c1d
updated the larger_max_error_str patch to allow NGX_MAX_ERROR_STR to be redefined from the outside.
2013-12-05 20:36:53 -08:00
1728ca8c66
feature: applied the larger_max_error_str patch to the nginx core to allow error log messages up to 4096 bytes.
2013-12-05 20:33:30 -08:00
633abb71bf
upgraded the patch "variables_in_redis_pass" to ngx_http_redis 0.3.7.
2013-12-03 12:06:31 -08:00
8b86c72ea2
applied the official patch patch.2013.space.txt for the Nginx core to fix the security issue CVE-2013-4547.
2013-11-20 21:05:36 -08:00
b694456ef3
bugfix: applied the cache_manager_exit patch to the nginx core to fix an issue when the cache manager process is shutting down.
2013-11-04 13:08:57 -08:00
68d1241d12
updated the gzip_flush_bug patch to fix the issue in the ngx_gunzip module. thanks Maxim Dounin for the catch.
2013-10-28 15:30:52 -07:00
f35f66a487
feature: added patch nginx-1.4.3-proxy_host_port_vars to make $proxy_host and $proxy_port accessible for dynamic languages like Lua and Perl.
2013-10-27 15:37:11 -07:00
aac5d5e49e
updated nginx-1.4.3-gzip_flush_bug.patch according to Maxim Dounin's feedback.
2013-10-27 15:00:06 -07:00
8bc4bf391a
updated the gzip_flush_bug patch according to the feedback from Maxim Dounin.
2013-10-26 17:24:51 -07:00
1df484be52
bugfix: applied the cache_lock_hang_in_subreq patch to the nginx core to fix the request hang when using proxy_cache_lock in subrequests and the cache lock timeout happens.
2013-10-26 14:54:50 -07:00
4308a5ca45
bugfix: applied the gzip_flush_bug.patch to the nginx core. see also http://mailman.nginx.org/pipermail/nginx-devel/2013-October/004429.html
2013-10-25 17:31:39 -07:00
274b1b6778
bugfix: backported Maxim Dounin's patch to fix an issue in the ngx_gzip module: it did not clear r->connection->buffered when the pending data was already flushed out. this could hang ngx_lua's ngx.flush(true) call, for example.
2013-10-19 20:49:06 -07:00
35e053cb6c
upgraded the nginx core to 1.4.3.
2013-10-17 16:15:42 -07:00
221130defc
updated patches for nginx 1.5.4.
2013-08-30 16:02:05 -07:00
921fd6d675
checked in the patches for nginx 1.5.3; also applied the unix_socket_accept_over_read patch the nginx cores older than 1.5.3.
2013-08-30 12:41:13 -07:00
3d547529fd
upgraded the nginx core to 1.4.2.
2013-08-06 22:29:52 -07:00
spacewander
Yichun Zhang (agentzh)
Datong Sun
Yuansheng
Thibault Charbonnier