summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorIgor Sysoev <igor@sysoev.ru>2012-01-16 16:04:03 +0000
committerJonathan Kolb <jon@b0g.us>2012-01-16 16:04:03 +0000
commitb61802612732d1211d92a3a4f449fb4cd1d80d18 (patch)
treeeef24b3adee50cc2f69ed303118cf0605e94b96d
parent009625684c294b0d8512d4dc70749d88b161de25 (diff)
downloadnginx-1.1.13.tar.gz
Changes with nginx 1.1.13 16 Jan 2012v1.1.13
*) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the "ssl_protocols" directive. *) Bugfix: the "limit_req" directive parameters were not inherited correctly; the bug had appeared in 1.1.12. *) Bugfix: the "proxy_redirect" directive incorrectly processed "Refresh" header if regular expression were used. *) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter did not return answer from cache if there were no live upstreams. *) Bugfix: the "worker_cpu_affinity" directive might not work. *) Bugfix: nginx could not be built on Solaris; the bug had appeared in 1.1.12. *) Bugfix: in the ngx_http_mp4_module. Maxim Dounin _______________________________________________ nginx-announce mailing list nginx-announce@nginx.org http://mailman.nginx.org/mailman/listinfo/nginx-announce
Diffstat
-rw-r--r--CHANGES26
-rw-r--r--CHANGES.ru26
-rw-r--r--LICENSE2
-rw-r--r--auto/cc/icc33
-rw-r--r--auto/lib/pcre/conf2
-rw-r--r--src/core/nginx.h4
-rw-r--r--src/core/ngx_hash.c2
-rw-r--r--src/core/ngx_log.h41
-rw-r--r--src/event/ngx_event_openssl.c32
-rw-r--r--src/event/ngx_event_openssl.h8
-rw-r--r--src/http/modules/ngx_http_fastcgi_module.c4
-rw-r--r--src/http/modules/ngx_http_limit_req_module.c2
-rw-r--r--src/http/modules/ngx_http_mp4_module.c8
-rw-r--r--src/http/modules/ngx_http_proxy_module.c38
-rw-r--r--src/http/modules/ngx_http_scgi_module.c4
-rw-r--r--src/http/modules/ngx_http_ssl_module.c5
-rw-r--r--src/http/modules/ngx_http_uwsgi_module.c4
-rw-r--r--src/http/modules/perl/nginx.pm2
-rw-r--r--src/mail/ngx_mail_ssl_module.c5
-rw-r--r--src/os/unix/ngx_process_cycle.c5
20 files changed, 174 insertions, 79 deletions
diff --git a/CHANGES b/CHANGES
index e9457a840..37af0bc26 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,8 +1,30 @@
+Changes with nginx 1.1.13 16 Jan 2012
+
+ *) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the
+ "ssl_protocols" directive.
+
+ *) Bugfix: the "limit_req" directive parameters were not inherited
+ correctly; the bug had appeared in 1.1.12.
+
+ *) Bugfix: the "proxy_redirect" directive incorrectly processed
+ "Refresh" header if regular expression were used.
+
+ *) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter
+ did not return answer from cache if there were no live upstreams.
+
+ *) Bugfix: the "worker_cpu_affinity" directive might not work.
+
+ *) Bugfix: nginx could not be built on Solaris; the bug had appeared in
+ 1.1.12.
+
+ *) Bugfix: in the ngx_http_mp4_module.
+
+
Changes with nginx 1.1.12 26 Dec 2011
*) Change: a "proxy_pass" directive without URI part now uses changed
- URI after redirection with the "error_page" directive;
+ URI after redirection with the "error_page" directive.
Thanks to Lanshun Zhou.
*) Feature: the "proxy/fastcgi/scgi/uwsgi_cache_lock",
@@ -28,7 +50,7 @@ Changes with nginx 1.1.12 26 Dec 2011
original request URI if variables were used.
*) Bugfix: a "proxy_pass" directive without URI part might use original
- request after redirection with the "try_files" directive;
+ request after redirection with the "try_files" directive.
Thanks to Lanshun Zhou.
*) Bugfix: in the ngx_http_scgi_module.
diff --git a/CHANGES.ru b/CHANGES.ru
index 750fc81c1..cbfe0fc0c 100644
--- a/CHANGES.ru
+++ b/CHANGES.ru
@@ -1,9 +1,31 @@
+Изменения в nginx 1.1.13 16.01.2012
+
+ *) Добавление: параметры TLSv1.1 и TLSv1.2 в директиве ssl_protocols.
+
+ *) Исправление: параметры директивы limit_req наследовались некорректно;
+ ошибка появилась в 1.1.12.
+
+ *) Исправление: директива proxy_redirect некорректно обрабатывала
+ заголовк Refresh при использовании регулярных выражений.
+
+ *) Исправление: директива proxy_cache_use_stale с параметром error не
+ возвращала ответ из кэша, если все бекенды были признаны
+ неработающими.
+
+ *) Исправление: директива worker_cpu_affinity могла не работать.
+
+ *) Исправление: nginx не собирался на Solaris; ошибка появилась в
+ 1.1.12.
+
+ *) Исправление: в модуле ngx_http_mp4_module.
+
+
Изменения в nginx 1.1.12 26.12.2011
*) Изменение: после перенаправления запроса с помощью директивы
error_page директива proxy_pass без URI теперь использует изменённый
- URI;
+ URI.
Спасибо Lanshun Zhou.
*) Добавление: директивы proxy/fastcgi/scgi/uwsgi_cache_lock,
@@ -30,7 +52,7 @@
*) Исправление: после перенаправления запроса с помощью директивы
try_files директива proxy_pass без URI могла использовать URI
- исходного запроса;
+ исходного запроса.
Спасибо Lanshun Zhou.
*) Исправление: в модуле ngx_http_scgi_module.
diff --git a/LICENSE b/LICENSE
index bf31fba7a..520e9bae9 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,5 +1,5 @@
/*
- * Copyright (C) 2002-2011 Igor Sysoev
+ * Copyright (C) 2002-2012 Igor Sysoev
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
diff --git a/auto/cc/icc b/auto/cc/icc
index 91dd95ecf..77cf180df 100644
--- a/auto/cc/icc
+++ b/auto/cc/icc
@@ -2,7 +2,7 @@
# Copyright (C) Igor Sysoev
-# Intel C++ compiler 7.1, 8.0, 8.1, 9.0
+# Intel C++ compiler 7.1, 8.0, 8.1, 9.0, 11.1
NGX_ICC_VER=`$CC -V 2>&1 | grep 'Version' 2>&1 \
| sed -e 's/^.* Version \([^ ]*\) *Build.*$/\1/'`
@@ -15,32 +15,7 @@ have=NGX_COMPILER value="\"Intel C Compiler $NGX_ICC_VER\"" . auto/define
# optimizations
CFLAGS="$CFLAGS -O"
-# inline the functions declared with __inline
-#CFLAGS="$CFLAGS -Ob1"
-# inline any function, at the compiler's discretion
-CFLAGS="$CFLAGS -Ob2"
-# multi-file IP optimizations
-case "$NGX_ICC_VER" in
- 9.*)
- IPO="-ipo"
- ;;
-
- # 8.1.38 under FreeBSD can not link -ipo
- 8.1)
- IPO="-ip"
- ;;
-
- *)
- IPO="-ipo -ipo_obj"
- ;;
-esac
-
-# single-file IP optimizations
-#IPO="-ip"
-
-CFLAGS="$CFLAGS $IPO"
-CORE_LINK="$CORE_LINK $IPO"
CORE_LINK="$CORE_LINK -opt_report_file=$NGX_OBJS/opt_report_file"
@@ -64,15 +39,15 @@ esac
CFLAGS="$CFLAGS $CPU_OPT"
if [ ".$PCRE_OPT" = "." ]; then
- PCRE_OPT="-O $IPO $CPU_OPT"
+ PCRE_OPT="-O $CPU_OPT"
fi
if [ ".$MD5_OPT" = "." ]; then
- MD5_OPT="-O $IPO $CPU_OPT"
+ MD5_OPT="-O $CPU_OPT"
fi
if [ ".$ZLIB_OPT" = "." ]; then
- ZLIB_OPT="-O $IPO $CPU_OPT"
+ ZLIB_OPT="-O $CPU_OPT"
fi
diff --git a/auto/lib/pcre/conf b/auto/lib/pcre/conf
index e90d02307..fd98ee9f5 100644
--- a/auto/lib/pcre/conf
+++ b/auto/lib/pcre/conf
@@ -165,7 +165,7 @@ else
PCRE=YES
fi
- if [ $PCRE == YES ]; then
+ if [ $PCRE = YES ]; then
ngx_feature="PCRE JIT support"
ngx_feature_name="NGX_HAVE_PCRE_JIT"
ngx_feature_test="int jit = 0;
diff --git a/src/core/nginx.h b/src/core/nginx.h
index a781b5ef9..a67b6c2aa 100644
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@@ -8,8 +8,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1001011
-#define NGINX_VERSION "1.1.12"
+#define nginx_version 1001013
+#define NGINX_VERSION "1.1.13"
#define NGINX_VER "nginx/" NGINX_VERSION
#define NGINX_VAR "NGINX"
diff --git a/src/core/ngx_hash.c b/src/core/ngx_hash.c
index 0c7285202..74d89b8b9 100644
--- a/src/core/ngx_hash.c
+++ b/src/core/ngx_hash.c
@@ -277,7 +277,7 @@ ngx_hash_init(ngx_hash_init_t *hinit, ngx_hash_key_t *names, ngx_uint_t nelts)
start = nelts / (bucket_size / (2 * sizeof(void *)));
start = start ? start : 1;
- if (hinit->max_size > 10000 && hinit->max_size / nelts < 100) {
+ if (hinit->max_size > 10000 && nelts && hinit->max_size / nelts < 100) {
start = hinit->max_size - 1000;
}
diff --git a/src/core/ngx_log.h b/src/core/ngx_log.h
index a55ef449c..9e00e30ee 100644
--- a/src/core/ngx_log.h
+++ b/src/core/ngx_log.h
@@ -121,15 +121,38 @@ void ngx_cdecl ngx_log_debug_core(ngx_log_t *log, ngx_err_t err,
#if (NGX_HAVE_VARIADIC_MACROS)
-#define ngx_log_debug0 ngx_log_debug
-#define ngx_log_debug1 ngx_log_debug
-#define ngx_log_debug2 ngx_log_debug
-#define ngx_log_debug3 ngx_log_debug
-#define ngx_log_debug4 ngx_log_debug
-#define ngx_log_debug5 ngx_log_debug
-#define ngx_log_debug6 ngx_log_debug
-#define ngx_log_debug7 ngx_log_debug
-#define ngx_log_debug8 ngx_log_debug
+#define ngx_log_debug0(level, log, err, fmt) \
+ ngx_log_debug(level, log, err, fmt)
+
+#define ngx_log_debug1(level, log, err, fmt, arg1) \
+ ngx_log_debug(level, log, err, fmt, arg1)
+
+#define ngx_log_debug2(level, log, err, fmt, arg1, arg2) \
+ ngx_log_debug(level, log, err, fmt, arg1, arg2)
+
+#define ngx_log_debug3(level, log, err, fmt, arg1, arg2, arg3) \
+ ngx_log_debug(level, log, err, fmt, arg1, arg2, arg3)
+
+#define ngx_log_debug4(level, log, err, fmt, arg1, arg2, arg3, arg4) \
+ ngx_log_debug(level, log, err, fmt, arg1, arg2, arg3, arg4)
+
+#define ngx_log_debug5(level, log, err, fmt, arg1, arg2, arg3, arg4, arg5) \
+ ngx_log_debug(level, log, err, fmt, arg1, arg2, arg3, arg4, arg5)
+
+#define ngx_log_debug6(level, log, err, fmt, \
+ arg1, arg2, arg3, arg4, arg5, arg6) \
+ ngx_log_debug(level, log, err, fmt, \
+ arg1, arg2, arg3, arg4, arg5, arg6)
+
+#define ngx_log_debug7(level, log, err, fmt, \
+ arg1, arg2, arg3, arg4, arg5, arg6, arg7) \
+ ngx_log_debug(level, log, err, fmt, \
+ arg1, arg2, arg3, arg4, arg5, arg6, arg7)
+
+#define ngx_log_debug8(level, log, err, fmt, \
+ arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8) \
+ ngx_log_debug(level, log, err, fmt, \
+ arg1, arg2, arg3, arg4, arg5, arg6, arg7, arg8)
#else /* NO VARIADIC MACROS */
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 82936906f..43d34a622 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -78,18 +78,6 @@ ngx_module_t ngx_openssl_module = {
};
-static long ngx_ssl_protocols[] = {
- SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1,
- SSL_OP_NO_SSLv3|SSL_OP_NO_TLSv1,
- SSL_OP_NO_SSLv2|SSL_OP_NO_TLSv1,
- SSL_OP_NO_TLSv1,
- SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3,
- SSL_OP_NO_SSLv3,
- SSL_OP_NO_SSLv2,
- 0,
-};
-
-
int ngx_ssl_connection_index;
int ngx_ssl_server_conf_index;
int ngx_ssl_session_cache_index;
@@ -171,9 +159,25 @@ ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data)
SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_DH_USE);
- if (ngx_ssl_protocols[protocols >> 1] != 0) {
- SSL_CTX_set_options(ssl->ctx, ngx_ssl_protocols[protocols >> 1]);
+ if (!(protocols & NGX_SSL_SSLv2)) {
+ SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_SSLv2);
+ }
+ if (!(protocols & NGX_SSL_SSLv3)) {
+ SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_SSLv3);
+ }
+ if (!(protocols & NGX_SSL_TLSv1)) {
+ SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1);
}
+#ifdef SSL_OP_NO_TLSv1_1
+ if (!(protocols & NGX_SSL_TLSv1_1)) {
+ SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_1);
+ }
+#endif
+#ifdef SSL_OP_NO_TLSv1_2
+ if (!(protocols & NGX_SSL_TLSv1_2)) {
+ SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_TLSv1_2);
+ }
+#endif
#ifdef SSL_OP_NO_COMPRESSION
SSL_CTX_set_options(ssl->ctx, SSL_OP_NO_COMPRESSION);
diff --git a/src/event/ngx_event_openssl.h b/src/event/ngx_event_openssl.h
index 33cab7b3c..0b5b7c8de 100644
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@@ -81,9 +81,11 @@ typedef struct {
-#define NGX_SSL_SSLv2 2
-#define NGX_SSL_SSLv3 4
-#define NGX_SSL_TLSv1 8
+#define NGX_SSL_SSLv2 0x0002
+#define NGX_SSL_SSLv3 0x0004
+#define NGX_SSL_TLSv1 0x0008
+#define NGX_SSL_TLSv1_1 0x0010
+#define NGX_SSL_TLSv1_2 0x0020
#define NGX_SSL_BUFFER 1
diff --git a/src/http/modules/ngx_http_fastcgi_module.c b/src/http/modules/ngx_http_fastcgi_module.c
index f976b7aea..4a62f7197 100644
--- a/src/http/modules/ngx_http_fastcgi_module.c
+++ b/src/http/modules/ngx_http_fastcgi_module.c
@@ -2314,6 +2314,10 @@ ngx_http_fastcgi_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
|NGX_HTTP_UPSTREAM_FT_OFF;
}
+ if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_ERROR) {
+ conf->upstream.cache_use_stale |= NGX_HTTP_UPSTREAM_FT_NOLIVE;
+ }
+
if (conf->upstream.cache_methods == 0) {
conf->upstream.cache_methods = prev->upstream.cache_methods;
}
diff --git a/src/http/modules/ngx_http_limit_req_module.c b/src/http/modules/ngx_http_limit_req_module.c
index 865f7666d..779b397c2 100644
--- a/src/http/modules/ngx_http_limit_req_module.c
+++ b/src/http/modules/ngx_http_limit_req_module.c
@@ -570,6 +570,8 @@ ngx_http_limit_req_merge_conf(ngx_conf_t *cf, void *parent, void *child)
if (conf->shm_zone == NULL) {
conf->shm_zone = prev->shm_zone;
+ conf->burst = prev->burst;
+ conf->nodelay = prev->nodelay;
}
ngx_conf_merge_uint_value(conf->limit_log_level, prev->limit_log_level,
diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c
index 7bfb3db66..6de7c8fea 100644
--- a/src/http/modules/ngx_http_mp4_module.c
+++ b/src/http/modules/ngx_http_mp4_module.c
@@ -165,10 +165,10 @@ typedef struct {
((u_char *) (p))[7] = n4
#define ngx_mp4_get_32value(p) \
- ( (((u_char *) (p))[0] << 24) \
- + (((u_char *) (p))[1] << 16) \
- + (((u_char *) (p))[2] << 8) \
- + (((u_char *) (p))[3]) )
+ ( ((uint32_t) ((u_char *) (p))[0] << 24) \
+ + ( ((u_char *) (p))[1] << 16) \
+ + ( ((u_char *) (p))[2] << 8) \
+ + ( ((u_char *) (p))[3]) )
#define ngx_mp4_set_32value(p, n) \
((u_char *) (p))[0] = (u_char) ((n) >> 24); \
diff --git a/src/http/modules/ngx_http_proxy_module.c b/src/http/modules/ngx_http_proxy_module.c
index b65093b72..b6aa38b53 100644
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -2348,6 +2348,8 @@ static ngx_int_t
ngx_http_proxy_rewrite_redirect_regex(ngx_http_request_t *r, ngx_table_elt_t *h,
size_t prefix, ngx_http_proxy_redirect_t *pr)
{
+ size_t len;
+ u_char *data;
ngx_str_t redirect, replacement;
redirect.len = h->value.len - prefix;
@@ -2361,7 +2363,23 @@ ngx_http_proxy_rewrite_redirect_regex(ngx_http_request_t *r, ngx_table_elt_t *h,
return NGX_ERROR;
}
- h->value = replacement;
+ if (!prefix) {
+ h->value = replacement;
+ return NGX_OK;
+ }
+
+ len = prefix + replacement.len;
+
+ data = ngx_pnalloc(r->pool, len);
+ if (data == NULL) {
+ return NGX_ERROR;
+ }
+
+ ngx_memcpy(data, h->value.data, prefix);
+ ngx_memcpy(data + prefix, replacement.data, replacement.len);
+
+ h->value.len = len;
+ h->value.data = data;
return NGX_OK;
}
@@ -2667,17 +2685,21 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
(NGX_CONF_BITMASK_SET
|NGX_HTTP_UPSTREAM_FT_OFF));
+ if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_OFF) {
+ conf->upstream.cache_use_stale = NGX_CONF_BITMASK_SET
+ |NGX_HTTP_UPSTREAM_FT_OFF;
+ }
+
+ if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_ERROR) {
+ conf->upstream.cache_use_stale |= NGX_HTTP_UPSTREAM_FT_NOLIVE;
+ }
+
if (conf->upstream.cache_methods == 0) {
conf->upstream.cache_methods = prev->upstream.cache_methods;
}
conf->upstream.cache_methods |= NGX_HTTP_GET|NGX_HTTP_HEAD;
- if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_OFF) {
- conf->upstream.cache_use_stale = NGX_CONF_BITMASK_SET
- |NGX_HTTP_UPSTREAM_FT_OFF;
- }
-
ngx_conf_merge_ptr_value(conf->upstream.cache_bypass,
prev->upstream.cache_bypass, NULL);
@@ -3580,7 +3602,9 @@ ngx_http_proxy_set_ssl(ngx_conf_t *cf, ngx_http_proxy_loc_conf_t *plcf)
plcf->upstream.ssl->log = cf->log;
if (ngx_ssl_create(plcf->upstream.ssl,
- NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1, NULL)
+ NGX_SSL_SSLv2|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2,
+ NULL)
!= NGX_OK)
{
return NGX_ERROR;
diff --git a/src/http/modules/ngx_http_scgi_module.c b/src/http/modules/ngx_http_scgi_module.c
index 9fd60147e..2ab9ee85c 100644
--- a/src/http/modules/ngx_http_scgi_module.c
+++ b/src/http/modules/ngx_http_scgi_module.c
@@ -1286,6 +1286,10 @@ ngx_http_scgi_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
|NGX_HTTP_UPSTREAM_FT_OFF;
}
+ if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_ERROR) {
+ conf->upstream.cache_use_stale |= NGX_HTTP_UPSTREAM_FT_NOLIVE;
+ }
+
if (conf->upstream.cache_methods == 0) {
conf->upstream.cache_methods = prev->upstream.cache_methods;
}
diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c
index 0ac744ca1..17a5b8de2 100644
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -37,6 +37,8 @@ static ngx_conf_bitmask_t ngx_http_ssl_protocols[] = {
{ ngx_string("SSLv2"), NGX_SSL_SSLv2 },
{ ngx_string("SSLv3"), NGX_SSL_SSLv3 },
{ ngx_string("TLSv1"), NGX_SSL_TLSv1 },
+ { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 },
+ { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 },
{ ngx_null_string, 0 }
};
@@ -364,7 +366,8 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child)
prev->prefer_server_ciphers, 0);
ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1));
+ (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_uint_value(conf->verify, prev->verify, 0);
ngx_conf_merge_uint_value(conf->verify_depth, prev->verify_depth, 1);
diff --git a/src/http/modules/ngx_http_uwsgi_module.c b/src/http/modules/ngx_http_uwsgi_module.c
index 86959b3e3..f28d9aa0f 100644
--- a/src/http/modules/ngx_http_uwsgi_module.c
+++ b/src/http/modules/ngx_http_uwsgi_module.c
@@ -1338,6 +1338,10 @@ ngx_http_uwsgi_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child)
|NGX_HTTP_UPSTREAM_FT_OFF;
}
+ if (conf->upstream.cache_use_stale & NGX_HTTP_UPSTREAM_FT_ERROR) {
+ conf->upstream.cache_use_stale |= NGX_HTTP_UPSTREAM_FT_NOLIVE;
+ }
+
if (conf->upstream.cache_methods == 0) {
conf->upstream.cache_methods = prev->upstream.cache_methods;
}
diff --git a/src/http/modules/perl/nginx.pm b/src/http/modules/perl/nginx.pm
index 8cd3b7469..01e977646 100644
--- a/src/http/modules/perl/nginx.pm
+++ b/src/http/modules/perl/nginx.pm
@@ -48,7 +48,7 @@ our @EXPORT = qw(
HTTP_INSUFFICIENT_STORAGE
);
-our $VERSION = '1.1.12';
+our $VERSION = '1.1.13';
require XSLoader;
XSLoader::load('nginx', $VERSION);
diff --git a/src/mail/ngx_mail_ssl_module.c b/src/mail/ngx_mail_ssl_module.c
index 4f4c9a20d..fa02409d2 100644
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c
@@ -37,6 +37,8 @@ static ngx_conf_bitmask_t ngx_mail_ssl_protocols[] = {
{ ngx_string("SSLv2"), NGX_SSL_SSLv2 },
{ ngx_string("SSLv3"), NGX_SSL_SSLv3 },
{ ngx_string("TLSv1"), NGX_SSL_TLSv1 },
+ { ngx_string("TLSv1.1"), NGX_SSL_TLSv1_1 },
+ { ngx_string("TLSv1.2"), NGX_SSL_TLSv1_2 },
{ ngx_null_string, 0 }
};
@@ -206,7 +208,8 @@ ngx_mail_ssl_merge_conf(ngx_conf_t *cf, void *parent, void *child)
prev->prefer_server_ciphers, 0);
ngx_conf_merge_bitmask_value(conf->protocols, prev->protocols,
- (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1));
+ (NGX_CONF_BITMASK_SET|NGX_SSL_SSLv3|NGX_SSL_TLSv1
+ |NGX_SSL_TLSv1_1|NGX_SSL_TLSv1_2));
ngx_conf_merge_str_value(conf->certificate, prev->certificate, "");
ngx_conf_merge_str_value(conf->certificate_key, prev->certificate_key, "");
diff --git a/src/os/unix/ngx_process_cycle.c b/src/os/unix/ngx_process_cycle.c
index 863176fac..fbf18a5f2 100644
--- a/src/os/unix/ngx_process_cycle.c
+++ b/src/os/unix/ngx_process_cycle.c
@@ -914,7 +914,10 @@ ngx_worker_process_init(ngx_cycle_t *cycle, ngx_uint_t priority)
ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0,
"sched_setaffinity(0x%08Xl)", cpu_affinity);
- if (sched_setaffinity(0, 32, (cpu_set_t *) &cpu_affinity) == -1) {
+ if (sched_setaffinity(0, sizeof(cpu_affinity),
+ (cpu_set_t *) &cpu_affinity)
+ == -1)
+ {
ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_errno,
"sched_setaffinity(0x%08Xl) failed", cpu_affinity);
}
View Lorry Controller Status