Revision tags: 1.23.0-1 |
|
1837:ad6aad2450c2 | 25-Mar-2021 |
Andrei Belov |
Merged with the default branch. |
Revision tags: 1.23.0 |
|
1834:84a836199eb9 | 25-Mar-2021 |
Valentin Bartenev |
Added version 1.23.0 CHANGES. |
1833:73fb05c86003 | 25-Mar-2021 |
Artem Konev |
Fixed wording in docs/changes.xml for the 1.23.0 release. |
1832:7618b95f9cd2 | 25-Mar-2021 |
Max Romanov |
Fixing shm buffer leakage when sending over the port queue.
When the shm buffer is sent over the port queue, it needs to be completed because it's sent over the port socket. |
1828:c548e46fe516 | 24-Mar-2021 |
Andrey Suvorov |
Added ability to configure multiple certificates on a listener.
The certificate is selected by matching the arriving SNI to the common name and the alternatives names. If no certificate matches the
Added ability to configure multiple certificates on a listener.
The certificate is selected by matching the arriving SNI to the common name and the alternatives names. If no certificate matches the name, the first bundle in the array is chosen.
show more ...
|
1825:8d0b26746b02 | 24-Mar-2021 |
Konstantin Pavlov |
Added build system support for a man page. |
1824:e4a48cdb5d07 | 24-Mar-2021 |
Artem Konev |
Added a missing .El directive in man page source. |
1823:4425e79082a6 | 24-Mar-2021 |
Artem Konev |
Added a man page.
Reviewed at https://rb.nginx.com/r/165/ |
1822:7b103bd6308e | 24-Mar-2021 |
Valentin Bartenev |
Certificates: fixed in name attributes processing.
The idea is to put SAN after CN, but the previous version of the code incorrectly assumed that CN was always present, which caused writes outside t
Certificates: fixed in name attributes processing.
The idea is to put SAN after CN, but the previous version of the code incorrectly assumed that CN was always present, which caused writes outside the allocated object if there were no standard name attributes.
show more ...
|
1820:e969cea13cc3 | 24-Mar-2021 |
Valentin Bartenev |
Certficates: fixed counting DNS SAN entries.
Previously, entries of any type were counted during object allocation but only DNS type entries were actually processed. As a result, if some certificat
Certficates: fixed counting DNS SAN entries.
Previously, entries of any type were counted during object allocation but only DNS type entries were actually processed. As a result, if some certificate entries had another type, returning information about the certificate caused uninitialized memory access.
show more ...
|
1815:d0ee0d19a7a6 | 15-Mar-2021 |
Valentin Bartenev |
Fixed building the PHP 5 module with ZTS, broken by dab8544b5440.
This closes #525 issue on GitHub. |
1814:05a8e3eb6244 | 15-Mar-2021 |
Valentin Bartenev |
Ruby: fixed encodings initialization.
The Ruby interpreter expects an explicit setlocale() call before initialization to pick up character encodings in the "Encoding" class from the environment.
Th
Ruby: fixed encodings initialization.
The Ruby interpreter expects an explicit setlocale() call before initialization to pick up character encodings in the "Encoding" class from the environment.
This closes #531 issue on GitHub.
show more ...
|
1813:10aaca1e582e | 15-Mar-2021 |
Valentin Bartenev |
Fixed certificates loading on startup with some filesystems.
It appears that readdir() on Linux detects file types unreliably, always setting the "d_type" field to DT_UNKNOWN for some less common fi
Fixed certificates loading on startup with some filesystems.
It appears that readdir() on Linux detects file types unreliably, always setting the "d_type" field to DT_UNKNOWN for some less common filesystems. As a result, all files were skipped and no certificate bundles were found when the state directory was located on such filesystems.
Skipping "." and ".." instead of any non-regular files should be enough, as no other non-regular files normally appear in this directory.
This closes #368 issue on GitHub.
show more ...
|
1812:71adb995a9af | 15-Mar-2021 |
Valentin Bartenev |
Fixed TLS connection shutdown on errors.
An immediate return statement on connection errors was mistakenly added to the beginning of nxt_openssl_conn_io_shutdown() in ecd3c5bbf7d8, breaking the TLS
Fixed TLS connection shutdown on errors.
An immediate return statement on connection errors was mistakenly added to the beginning of nxt_openssl_conn_io_shutdown() in ecd3c5bbf7d8, breaking the TLS connection finalization procedure. As a result, a TLS connection was left unfinalized if it had been closed prematurely or a fatal protocol error had occurred, which caused memory and socket descriptor leakage.
Moreover, in some cases (notably, on handshake errors in tests with kqueue on macOS) the read event was triggered later and nxt_h1p_conn_error() was called the second time; after the change in af93c866b4f0, the latter call crashed the router process in an attempt to remove a connection from the idle queue twice.
show more ...
|
1811:cac57293c5c5 | 02-Mar-2021 |
Max Romanov |
Closing app outgoing shared memory file descriptor.
This fixes file descriptor leakage in router. Shared memory file used to send data from router to application. These files are shared among all
Closing app outgoing shared memory file descriptor.
This fixes file descriptor leakage in router. Shared memory file used to send data from router to application. These files are shared among all processes of same application and router keeps the opened file descriptor since 06017e6e3a5f commit.
show more ...
|
1806:e26d14bc48da | 16-Feb-2021 |
Valentin Bartenev |
Version bump. |
Revision tags: 1.22.0-1 |
|
1799:86b359acc93f | 04-Feb-2021 |
Andrei Belov |
Merged with the default branch. |
1798:5aefae8d0b4a | 04-Feb-2021 |
Andrei Belov |
Added changelog for Python 3.9 module appeared for Fedora 33. |
1796:cb5ecfe53292 | 04-Feb-2021 |
Andrei Belov |
Merged with the default branch. |
Revision tags: 1.22.0 |
|
1793:893028bce837 | 04-Feb-2021 |
Valentin Bartenev |
Added version 1.22.0 CHANGES. |
1792:dad5dafcdd57 | 04-Feb-2021 |
Valentin Bartenev |
Reordered changes for 1.22.0 by significance (subjective). |
1790:5c0ad77e1977 | 04-Feb-2021 |
Artem Konev |
Updated phrasing and corrected errors in docs/changes.xml. |
1789:959b19fff9cf | 03-Feb-2021 |
Max Romanov |
Fixing shared app queue unmap size.
Shared app queue takes more memory than port memory. To unmap all memory pages correct size need to be specified for munmap() call. Otherwise 4 Mb memory leaked
Fixing shared app queue unmap size.
Shared app queue takes more memory than port memory. To unmap all memory pages correct size need to be specified for munmap() call. Otherwise 4 Mb memory leaked on each configured application removal.
The issue was introduced in 1d84b9e4b459.
show more ...
|
1782:da182aeaaf85 | 28-Jan-2021 |
Valentin Bartenev |
Fixed changelog style. |
1780:73699f41c956 | 28-Jan-2021 |
Max Romanov |
Router: fixing crash after WebSocket processing.
After WebSocket processing, the application port was released with incorrect reason ("got request"), unnecessarily decrementing the active request co
Router: fixing crash after WebSocket processing.
After WebSocket processing, the application port was released with incorrect reason ("got request"), unnecessarily decrementing the active request counter.
The assertion was triggered only on application removal; a test was added for this case.
show more ...
|