Commit Graph

860 Commits

Author SHA1 Message Date
80ba3892c6 bugfix: applied the patch for security advisory to NGINX cores < 1.14.1 and < 1.15.6 (CVE-2018-16843 CVE-2018-16844). 2019-08-14 11:39:47 -07:00
d5f48a8b75 bugfix: applied the patch for security advisory to NGINX cores < 1.14.1 and < 1.15.6 (CVE-2018-16845).
Signed-off-by: Thibault Charbonnier <thibaultcha@me.com>
2019-08-13 11:56:19 -07:00
cf7516fcbc optimize: added an NGINX core patch to ensure unused listening fds are closed when 'reuseport' is used.
When `reuseport` is enabled in the `listen` directive, Nginx will create
a listening fd for each worker process in the master process.

These fds will be inherited by the worker processes, but most of them
are unused. For example, considering we have 32 listening ip:port
configurations and 64 worker processes, each worker process will inherit
2048 (32 * 64) listening fds, but only 32 fds are used. By closing the
unused fds, this change could save up to 2016 (32 * 63) fds in a worker
process.

It doesn't affect the listening socket, since there is only one used fd
which associates to the socket with or without this change.

Co-authored-by: Thibault Charbonnier <thibaultcha@me.com>
2019-08-05 18:54:51 -07:00
a51fa56086 change: renamed the 'ssl_pending_session' patch to 'ssl_sess_cb_yield' for NGINX cores 1.17.1 and above.
Its naming is now aligned with the `ssl_cert_cb_yield` patch.

See 08e9e50 for details on why this renaming was reverted for the 1.15.8
version of this patch.
2019-07-11 11:38:57 -07:00
08e9e50782 Revert "feature: updated the NGINX patches for async SSL session fetching to support OpenSSL 1.1.1."
This reverts commit 9e834398de.

Support for OpenSSL 1.1.1 will come with the 1.17.1 series of NGINX
patches. Since no other 1.15.8.* releases are planned, we are reverting
the state of the 1.15.8 patches to that of the 1.15.8.1 release.
2019-07-02 11:55:50 -07:00
3b6d9a5318 upgraded LuaJIT to 2.1-20190626. 2019-06-26 14:19:28 -07:00
e6188369cd upgraded lua-resty-string to 0.12rc1. 2019-06-24 15:10:09 -07:00
fdf142aabe upgraded resty-cli to 0.25rc2. 2019-06-19 14:22:02 -07:00
9e834398de feature: updated the NGINX patches for async SSL session fetching to support OpenSSL 1.1.1.
The patch was also renamed from `ssl_pending_session.patch` to
`ssl_sess_cb_yield.patch` (similarly to the existing
`ssl_cert_cb_yield.patch` one).

Signed-off-by: Thibault Charbonnier <thibaultcha@me.com>
2019-06-04 16:40:22 -07:00
bbef48d25b upgraded LuaJIT to 2.1-20190530. 2019-05-30 09:56:53 -07:00
45997fc5fe upgraded resty-cli to 0.25rc1. 2019-05-30 09:54:32 -07:00
bf2e5697e1 bugfix: win32/win64: the error log buffer size was merely 2048 bytes (now updated to 4096 bytes).
applied the win32_max_err_str patch for the nginx core.
2019-05-08 14:46:56 -07:00
a32ca0dbbe upgraded LuaJIT to 2.1-20190507. 2019-05-07 18:28:30 -07:00
62d31e53de bumped ngx_http_lua to 0.10.15, ngx_stream_lua to 0.0.7, and lua-resty-core to 0.1.17. 2019-05-02 14:14:00 -07:00
8954793847 bumped resty-cli to v0.24rc1. 2019-04-11 14:19:45 -04:00
0b5ebedd47 bumped ngx_http_lua to 0.10.15rc1, ngx_stream_lua to 0.0.7rc1, and lua-resty-core to 0.1.17rc1. 2019-04-09 14:15:23 -07:00
7e897a8b2b upgraded LuaJIT to 2.1-20190329. 2019-03-29 15:23:37 -07:00
99d72856a7 upgraded LuaJIT to 2.1-20190302. 2019-03-02 17:42:36 -08:00
ed32897702 bugfix: added an openssl patch to fix the parallel build regression in openssl 1.1.0j. 2019-03-02 01:41:24 -08:00
88e214aad2 bumped LuaJIT to 2.1-20190228. 2019-02-28 11:59:57 -08:00
ec8f1b0753 bumped lua-resty-upstream-healthcheck to 0.06. 2019-02-28 10:44:31 -08:00
191ca1fdec bumped resty-cli to 0.23. 2019-02-25 08:37:10 -08:00
76cd3954e3 upgraded resty-cli to 0.23rc2. 2019-02-24 23:23:13 -08:00
f238a7542a bumped ngx_lua, ngx_stream_lua, and lua-resty-core to formal releases. 2019-02-23 21:57:57 -08:00
95cfc25189 bumped resty-cli, lua-cjson, lua-resty-redis, lua-resty-limit-traffic, lua-resty-websocket, lua-resty-lock, and lua-resty-lrucache to formal release tags. 2019-02-23 21:44:17 -08:00
0b956ca748 upgraded ngx_stream_lua to v0.0.6rc6. 2019-02-23 00:10:13 -08:00
7630d23428 bumped ngx_lua to 0.10.14rc7 and lua-resty-shell to 0.02. 2019-02-22 18:27:35 -08:00
60589ee251 upgraded LuaJIT to 2.1-20190221. 2019-02-22 18:17:59 -08:00
892a001f4a upgraded ngx_lua to 0.10.14rc6. 2019-02-04 20:08:43 -08:00
2e7e51e649 feature: bundled the lua-resty-signal and lua-resty-shell libraries. 2019-02-02 20:35:53 -08:00
7639fe0dba upgraded ngx_stream_lua to 0.0.6rc5. 2019-02-01 16:02:58 -08:00
00a89c4b2d upgraded ngx_lua to 0.10.14rc5. 2019-01-31 15:17:41 -08:00
0964e437bd upgraded LuaJIT to 2.1-20190131. 2019-01-31 00:51:40 -08:00
4dc7d668cc upgraded LuaJIT to v2.1-20190130. 2019-01-30 16:37:13 -08:00
c3b7c3b1b9 upgraded ngx_lua to 0.10.14rc4, ngx_stream_lua to 0.0.6rc4, and lua-resty-core to 0.1.16rc4. 2019-01-30 16:04:34 -08:00
7b290a582f feature: bundled the lua-tablepool library. 2019-01-29 09:48:06 -08:00
b5d0128311 upgraded lua-cjson to 2.1.0.7rc2. 2019-01-25 15:04:22 -08:00
97e580a851 upgraded LuaJIT+ to v2.1-20190115. 2019-01-15 12:30:49 -08:00
e70dfd0fac upgraded resty-cli to 0.22rc7. 2018-12-31 17:34:18 -08:00
8cf0d9b097 upgraded resty-cli to 0.22rc6. 2018-12-31 11:57:23 -08:00
e2cb54c1ba upgraded resty-cli to 0.22rc5. 2018-12-31 11:45:56 -08:00
c441759ce3 make sure we also remove .tar.bz2 files. thanks Zexuan Luo for the patch. 2018-12-09 13:30:35 -08:00
03f09b5c25 upgraded ngx_lua to 0.10.14rc3, ngx_stream_lua to 0.0.6rc3, and lua-resty-core to 0.1.16rc3. 2018-11-13 11:43:40 -08:00
71b9f46595 upgraded ngx_lua to 0.10.14rc2. 2018-11-01 21:09:35 -07:00
4bfd198f28 upgraded ngx_stream_lua to 0.0.6rc2. 2018-11-01 20:47:10 -07:00
5d48d9fea2 upgraded lua-resty-core to 0.1.16rc2. 2018-10-29 19:44:44 -07:00
6ee19af247 upgraded lua-resty-limit-traffic to 0.06rc1. 2018-10-29 14:58:03 -07:00
716f518749 upgraded ngx_coolkit to 0.2 (no code changes). 2018-10-29 14:52:55 -07:00
b7244e79a3 upgraded ngx_devel_kit to 0.3.1rc1. 2018-10-29 14:51:53 -07:00
94955589ef upgraded lua-resty-mysql to 0.21. 2018-10-29 14:50:14 -07:00