2093:b82e9e5bf520 | 13-May-2022 |
Zhidao HONG |
Ruby: added stream IO "close" required by Rack specification.
This closes #654 issue on Github. |
2090:e6102bb58d1d | 11-May-2022 |
Sergey Kandaurov |
Using SSL_OP_IGNORE_UNEXPECTED_EOF.
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send close_notify before closing the connection. Previously, it was to return SSL_ERROR_SY
Using SSL_OP_IGNORE_UNEXPECTED_EOF.
A new behaviour was introduced in OpenSSL 1.1.1e, when a peer does not send close_notify before closing the connection. Previously, it was to return SSL_ERROR_SYSCALL with errno 0, known since at least OpenSSL 0.9.7, and is handled gracefully in unitd. Now it returns SSL_ERROR_SSL with a distinct reason SSL_R_UNEXPECTED_EOF_WHILE_READING ("unexpected eof while reading"). This leads to critical errors seen in nginx within various routines such as SSL_do_handshake(), SSL_read(), SSL_shutdown(). The behaviour was restored in OpenSSL 1.1.1f, but presents in OpenSSL 3.0 by default.
Use of the SSL_OP_IGNORE_UNEXPECTED_EOF option added in OpenSSL 3.0 allows setting a compatible behaviour to return SSL_ERROR_ZERO_RETURN: https://git.openssl.org/?p=openssl.git;a=commitdiff;h=09b90e0
See for additional details: https://github.com/openssl/openssl/issues/11381
show more ...
|
2089:dcec02b45917 | 11-May-2022 |
Sergey Kandaurov |
Using OPENSSL_SUPPRESS_DEPRECATED.
The macro is used to suppress deprecation warnings with OpenSSL 3.0.
Unlike OPENSSL_API_COMPAT, it works well with OpenSSL built with no-deprecated. In particular
Using OPENSSL_SUPPRESS_DEPRECATED.
The macro is used to suppress deprecation warnings with OpenSSL 3.0.
Unlike OPENSSL_API_COMPAT, it works well with OpenSSL built with no-deprecated. In particular, it doesn't unhide various macros in OpenSSL includes, which are meant to be hidden under OPENSSL_NO_DEPRECATED.
show more ...
|
2087:ce43da300a31 | 09-Mar-2022 |
Zhidao HONG |
Ruby: added the Rack environment parameter "SCRIPT_NAME". |
2084:7d479274f334 | 30-Apr-2022 |
Alejandro Colomar |
Fixed #define style.
We had a mix of styles for declaring function-like macros:
Style A: #define \ foo() \ do { \ ...
Fixed #define style.
We had a mix of styles for declaring function-like macros:
Style A: #define \ foo() \ do { \ ... \ } while (0)
Style B: #define foo() \ do { \ ... \ } while (0)
We had a similar number of occurences of each style:
$ grep -rnI '^\w*(.*\\' | wc -l 244 $ grep -rn 'define.*(.*)' | wc -l 239
(Those regexes aren't perfect, but a very decent approximation.)
Real examples:
$ find src -type f | xargs sed -n '/^nxt_double_is_zero/,/^$/p' nxt_double_is_zero(f) \ (fabs(f) <= FLT_EPSILON)
$ find src -type f | xargs sed -n '/define nxt_http_field_set/,/^$/p' #define nxt_http_field_set(_field, _name, _value) \ do { \ (_field)->name_length = nxt_length(_name); \ (_field)->value_length = nxt_length(_value); \ (_field)->name = (u_char *) _name; \ (_field)->value = (u_char *) _value; \ } while (0)
I'd like to standardize on a single style for them, and IMO, having the identifier in the same line as #define is a better option for the following reasons:
- Programmers are used to `#define foo() ...` (readability). - One less line of code. - The program for finding them is really simple (see below).
function grep_ngx_func() { if (($# != 1)); then >&2 echo "Usage: ${FUNCNAME[0]} <func>"; return 1; fi;
find src -type f \ | grep '\.[ch]$' \ | xargs grep -l "$1" \ | sort \ | xargs pcregrep -Mn "(?s)^\$[\w\s*]+?^$1\(.*?^}";
find src -type f \ | grep '\.[ch]$' \ | xargs grep -l "$1" \ | sort \ | xargs pcregrep -Mn "(?s)define $1\(.*?^$" \ | sed -E '1s/^[^:]+:[0-9]+:/&\n\n/'; }
$ grep_ngx_func Usage: grep_ngx_func <func>
$ grep_ngx_func nxt_http_field_set src/nxt_http.h:98:
#define nxt_http_field_set(_field, _name, _value) \ do { \ (_field)->name_length = nxt_length(_name); \ (_field)->value_length = nxt_length(_value); \ (_field)->name = (u_char *) _name; \ (_field)->value = (u_char *) _value; \ } while (0)
$ grep_ngx_func nxt_sprintf src/nxt_sprintf.c:56:
u_char * nxt_cdecl nxt_sprintf(u_char *buf, u_char *end, const char *fmt, ...) { u_char *p; va_list args;
va_start(args, fmt); p = nxt_vsprintf(buf, end, fmt, args); va_end(args);
return p; }
................ Scripted change: ................
$ find src -type f \ | grep '\.[ch]$' \ | xargs sed -i '/define *\\$/{N;s/ *\\\n/ /;s/ //}'
show more ...
|
2081:c68e6afffb84 | 05-Apr-2022 |
Alejandro Colomar |
Supporting variables in "location".
............ Description: ............
Before this commit, the encoded URI could be calculated at configuration time. Now, since variables can only be resolved
Supporting variables in "location".
............ Description: ............
Before this commit, the encoded URI could be calculated at configuration time. Now, since variables can only be resolved at request time, we have different situations:
- "location" contains no variables:
In this case, we still encode the URI in the conf structure, at configuration time, and then we just copy the resulting string to the ctx structure at request time.
- "location" contains variables:
In this case, we compile the var string at configure time, then when we resolve it at request time, and then we encode the string.
In both cases, as was being done before, if the string is empty, either before or after resolving variables, we skip the encoding.
........... Usefulness: ...........
An example of why this feature may be useful is redirecting HTTP to HTTPS with something like:
"action": { "return": 301, "location": "https://${host}${uri}" }
..... Bugs: .....
This feature conflicts with the relevant RFCs in the following:
'$' is used for Unit variables, but '$' is a reserved character in a URI, to be used as a sub-delimiter. However, it's almost never used as that, and in fact, other parts of Unit already conflict with '$' being a reserved character for use as a sub-delimiter, so this is at least consistent in that sense. VBart suggested an easy workaround if we ever need it: adding a variable '$sign' which resolves to a literal '$'.
...... Notes: ......
An empty string is handled as if "location" wasn't specified at all, so no Location header is sent.
This is incorrect, and the code is slightly misleading.
The Location header consists of a URI-reference[1], which might be a relative one, which itself might consist of an empty string[2].
[1]: <https://www.rfc-editor.org/rfc/rfc7231#section-7.1.2> [2]: <https://stackoverflow.com/a/43338457>
Now that we have variables, it's more likely that an empty Location header will be requested, and we should handle it correctly.
I think in a future commit we should modify the code to allow differentiating between an unset "location" and an empty one, which should be treated as any other "location" string.
................. Testing (manual): .................
{ "listeners": { "*:80": { "pass": "routes/str" }, "*:81": { "pass": "routes/empty" }, "*:82": { "pass": "routes/var" }, "*:83": { "pass": "routes/enc-str" }, "*:84": { "pass": "routes/enc-var" } }, "routes": { "str": [ { "action": { "return": 301, "location": "foo" } } ], "empty": [ { "action": { "return": 301, "location": "" } } ], "var": [ { "action": { "return": 301, "location": "$host" } } ], "enc-str": [ { "action": { "return": 301, "location": "f%23o#o" } } ], "enc-var": [ { "action": { "return": 301, "location": "f%23o${host}#o" } } ] } }
$ curl --dump-header - localhost:80 HTTP/1.1 301 Moved Permanently Location: foo Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:06 GMT Content-Length: 0
$ curl --dump-header - localhost:81 HTTP/1.1 301 Moved Permanently Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:08 GMT Content-Length: 0
$ curl --dump-header - localhost:82 HTTP/1.1 301 Moved Permanently Location: localhost Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:15 GMT Content-Length: 0
$ curl --dump-header - -H "Host: bar" localhost:82 HTTP/1.1 301 Moved Permanently Location: bar Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:23 GMT Content-Length: 0
$ curl --dump-header - -H "Host: " localhost:82 HTTP/1.1 301 Moved Permanently Server: Unit/1.27.0 Date: Thu, 07 Apr 2022 23:30:29 GMT Content-Length: 0
$ curl --dump-header - localhost:83 HTTP/1.1 301 Moved Permanently Location: f%23o#o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:22:23 GMT Content-Length: 0
$ curl --dump-header - -H "Host: " localhost:84 HTTP/1.1 301 Moved Permanently Location: f%23o#o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:22:44 GMT Content-Length: 0
$ curl --dump-header - -H "Host: alx" localhost:84 HTTP/1.1 301 Moved Permanently Location: f%23oalx#o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:22:52 GMT Content-Length: 0
$ curl --dump-header - -H "Host: a#l%23x" localhost:84 HTTP/1.1 301 Moved Permanently Location: f%2523oa#l%2523x%23o Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:23:09 GMT Content-Length: 0
$ curl --dump-header - -H "Host: b##ar" localhost:82 HTTP/1.1 301 Moved Permanently Location: b#%23ar Server: Unit/1.27.0 Date: Sat, 09 Apr 2022 11:25:01 GMT Content-Length: 0
show more ...
|
2079:0dcffa83cac2 | 11-Mar-2022 |
Alejandro Colomar |
Added NXT_MAYBE_UNUSED for __attribute__((__unused__)).
When testing some configurations of compilers and OSes, I noticed that clang(1) 13 on Debian caused a function to be compiled but unused, and
Added NXT_MAYBE_UNUSED for __attribute__((__unused__)).
When testing some configurations of compilers and OSes, I noticed that clang(1) 13 on Debian caused a function to be compiled but unused, and the compiler triggered a compile error.
To avoid that error, use __attribute__((__unused__)). Let's call our wrapper NXT_MAYBE_UNUSED, since it describes itself more precisely than the GCC attribute name. It's also the name that C2x (likely C23) has given to the standard attribute, which is [[maybe_unused]], so it's also likely to be more readable because of that name being in ISO C.
show more ...
|
2078:0996dd223cdd | 18-Dec-2021 |
Alejandro Colomar |
Fixed indentation.
Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9, or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them.
Found with:
$ find src -type f | xargs g
Fixed indentation.
Some lines (incorrectly) had an indentation of 3 or 5, or 7 or 9, or 11 or 13, or 15 or 17 spaces instead of 4, 8, 12, or 16. Fix them.
Found with:
$ find src -type f | xargs grep -n '^ [^ ]'; $ find src -type f | xargs grep -n '^ [^ *]'; $ find src -type f | xargs grep -n '^ [^ ]'; $ find src -type f | xargs grep -n '^ [^ *]'; $ find src -type f | xargs grep -n '^ [^ +]'; $ find src -type f | xargs grep -n '^ [^ *+]'; $ find src -type f | xargs grep -n '^ [^ +]'; $ find src -type f | xargs grep -n '^ [^ *+]';
show more ...
|
2077:624e51cfe97a | 18-Dec-2021 |
Alejandro Colomar |
Removed special cases for non-NXT_CONF_VALUE_ARRAY.
The previous commit added more generic APIs for handling NXT_CONF_VALUE_ARRAY and non-NXT_CONF_VALUE_ARRAY together. Modify calling code to remove
Removed special cases for non-NXT_CONF_VALUE_ARRAY.
The previous commit added more generic APIs for handling NXT_CONF_VALUE_ARRAY and non-NXT_CONF_VALUE_ARRAY together. Modify calling code to remove special cases for arrays and non-arrays, taking special care that the path for non arrays is logically equivalent to the previous special cased code. Use the now-generic array code only.
show more ...
|
2076:1be3131609fd | 18-Dec-2021 |
Alejandro Colomar |
Added new array APIs that also work with non-arrays.
Similar to how C pointers to variables can always be considered as pointers to the first element of an array of size 1 (see the following code fo
Added new array APIs that also work with non-arrays.
Similar to how C pointers to variables can always be considered as pointers to the first element of an array of size 1 (see the following code for an example of how they are equivalent), treating non-NXT_CONF_VALUE_ARRAY as if they were NXT_CONF_VALUE_ARRAYs of size 1 allows for simpler and more generic code.
void foo(ptrdiff_t sz, int arr[sz]) { for (ptrdiff_t i = 0; i < sz; i++) arr[i] = 0; }
void bar(void) { int x; int y[1];
foo(1, &x); foo(1, y); }
nxt_conf_array_elements_count_or_1(): Similar to nxt_conf_array_elements_count(). Return a size of 1 when input is non-array, instead of causing undefined behavior. That value (1) makes sense because it will be used as the limiter of a loop that loops over the array and calls nxt_conf_get_array_element_or_itself(), which will return a correct element for such loops.
nxt_conf_get_array_element_or_itself(): Similar to nxt_conf_get_array_element(). Return the input pointer unmodified (i.e., a pointer to the unique element of a hypothetical array), instead of returning NULL, which wasn't very useful.
nxt_conf_array_qsort(): Since it's a no-op for non-arrays, this API can be reused.
show more ...
|
2075:ee1dcaaee932 | 19-Dec-2021 |
Alejandro Colomar |
Added 'const' for read-only function parameter.
That parameter is not being modified in the function. Make it 'const' to allow passing 'static const' variables. |
2072:9697718d7022 | 22-Feb-2022 |
Zhidao HONG |
Workaround for the warning in nxt_realloc() on GCC 12.
This closes #639 issue on Github. |
2069:a74adcc53b78 | 14-Feb-2022 |
Zhidao HONG |
Certificates: fixed crash when reallocating chain. |
2068:e7eded7e5de9 | 09-Feb-2022 |
Max Romanov |
Python: fixing debug message field type.
Introduced in the 78864c9d5ba8 commit.
Sorry about that. |
2067:78864c9d5ba8 | 07-Feb-2022 |
Max Romanov |
Python: fixing incorrect function object dereference.
The __call__ method can be native and not be a PyFunction type. A type check is thus required before accessing op_code and other fields.
Repro
Python: fixing incorrect function object dereference.
The __call__ method can be native and not be a PyFunction type. A type check is thus required before accessing op_code and other fields.
Reproduced on Ubuntu 21.04, Python 3.9.4 and Falcon framework: here, the App.__call__ method is compiled with Cython, so accessing op_code->co_flags is invalid; accidentally, the COROUTINE bit is set which forces the Python module into the ASGI mode.
The workaround is explicit protocol specification.
Note: it is impossible to specify the legacy mode for ASGI.
show more ...
|
2061:572f002532de | 27-Dec-2021 |
Max Romanov |
Java: fixing multiple SCI initializations.
- Ignoring Tomcat WebSocket container initialization. - Renaming application class loader to UnitClassLoader to avoid development environment enablement in
Java: fixing multiple SCI initializations.
- Ignoring Tomcat WebSocket container initialization. - Renaming application class loader to UnitClassLoader to avoid development environment enablement in Spring Boot.
This closes #609 issue on GitHub.
show more ...
|
2060:a1991578c62e | 27-Dec-2021 |
Max Romanov |
Perl: creating input and error streams if closed.
Application handler can do anything with a stream object (including close it). Once the stream is closed, Unit creates a new stream.
This closes #6
Perl: creating input and error streams if closed.
Application handler can do anything with a stream object (including close it). Once the stream is closed, Unit creates a new stream.
This closes #616 issue on GitHub.
show more ...
|
2052:1f74b13eb7ca | 02-Dec-2021 |
Zhidao HONG |
Fixed debug message broken in 45b25ffb2e8c. |
2050:d1298cc3f385 | 03-Dec-2021 |
Valentin Bartenev |
Merged with the 1.26 branch. |
Revision tags: 1.26.1-1, 1.26.1 |
|
2040:fb55252dea26 | 01-Dec-2021 |
Max Romanov |
Fixing prototype process crash.
A prototype stores linked application processes structures. When an application process terminates, it's removed from the list. To avoid double removal, the pointer
Fixing prototype process crash.
A prototype stores linked application processes structures. When an application process terminates, it's removed from the list. To avoid double removal, the pointer to the next element should be set to NULL.
The issue was introduced in c8790d2a89bb.
show more ...
|
2039:65e44d07a9ec | 01-Dec-2021 |
Valentin Bartenev |
Logging of the daemon version on startup. |
2035:1a36920f220a | 25-Nov-2021 |
Valentin Bartenev |
PHP: fixed crash when calling module functions in OPcache preload.
In PHP, custom fastcgi_finish_request() and overloaded chdir() functions can be invoked by an OPcache preloading script (it runs wh
PHP: fixed crash when calling module functions in OPcache preload.
In PHP, custom fastcgi_finish_request() and overloaded chdir() functions can be invoked by an OPcache preloading script (it runs when php_module_startup() is called in the app process setup handler). In this case, there was no runtime context set so trying to access it caused a segmentation fault.
This closes #602 issue on GitHub.
show more ...
|
2033:87f86cfc2002 | 25-Nov-2021 |
Max Romanov |
Fixing access_log structure reference counting.
The reference to the access_log structure is stored in the current nxt_router_conf_t and the global nxt_router_t. When the reference is copied, the r
Fixing access_log structure reference counting.
The reference to the access_log structure is stored in the current nxt_router_conf_t and the global nxt_router_t. When the reference is copied, the reference counter should be adjusted accordingly.
This closes #593 issue on GitHub.
show more ...
|
2032:bf6ed9c98507 | 24-Nov-2021 |
Max Romanov |
Fixing zombie process appearance and hang up on shutdown.
After the c8790d2a89bb commit, the SIGCHLD handler may return before processing all awaiting PIDs. To avoid zombie processes and ensure suc
Fixing zombie process appearance and hang up on shutdown.
After the c8790d2a89bb commit, the SIGCHLD handler may return before processing all awaiting PIDs. To avoid zombie processes and ensure successful main process termination, waitpid() must be called until an error is returned.
This closes #600 issue on GitHub.
show more ...
|
2031:e8518399bc10 | 24-Nov-2021 |
Max Romanov |
Fixing alerts on router restart.
Splitting the process type connectivity matrix to 'keep ports' and 'send ports'; the 'keep ports' matrix is used to clean up unnecessary ports after forking a new pr
Fixing alerts on router restart.
Splitting the process type connectivity matrix to 'keep ports' and 'send ports'; the 'keep ports' matrix is used to clean up unnecessary ports after forking a new process, and the 'send ports' matrix determines which process types expect to get created process ports.
Unfortunately, the original single connectivity matrix no longer works because of an application stop delay caused by prototypes. Existing applications should not get the new router port at the moment.
show more ...
|