diff options
author | nginx <nginx@nginx.org> | 2013-01-10 13:34:07 +0000 |
---|---|---|
committer | Jon Kolb <jon@b0g.us> | 2013-01-10 13:34:07 +0000 |
commit | 61c2753477f8ea559ebf67c8bc8276a9804ecd5a (patch) | |
tree | e3c4babf9205a52b4c9afc408fad861aa0d546c8 | |
parent | 1c2503c4d9bc36b37e14c26ceb01558f6ca9949f (diff) | |
download | nginx-1.3.11.tar.gz |
Changes with nginx 1.3.11 10 Jan 2013v1.3.11
*) Bugfix: a segmentation fault might occur if logging was used; the bug
had appeared in 1.3.10.
*) Bugfix: the "proxy_pass" directive did not work with IP addresses
without port specified; the bug had appeared in 1.3.10.
*) Bugfix: a segmentation fault occurred on start or during
reconfiguration if the "keepalive" directive was specified more than
once in a single upstream block.
*) Bugfix: parameter "default" of the "geo" directive did not set
default value for IPv6 addresses.
-rw-r--r-- | CHANGES | 16 | ||||
-rw-r--r-- | CHANGES.ru | 16 | ||||
-rw-r--r-- | LICENSE | 4 | ||||
-rw-r--r-- | man/nginx.8 | 4 | ||||
-rw-r--r-- | src/core/nginx.h | 4 | ||||
-rw-r--r-- | src/core/ngx_conf_file.c | 1 | ||||
-rw-r--r-- | src/core/ngx_inet.c | 14 | ||||
-rw-r--r-- | src/event/ngx_event.c | 4 | ||||
-rw-r--r-- | src/event/ngx_event_openssl.c | 4 | ||||
-rw-r--r-- | src/http/modules/ngx_http_geo_module.c | 204 | ||||
-rw-r--r-- | src/http/modules/ngx_http_upstream_keepalive_module.c | 4 | ||||
-rw-r--r-- | src/http/modules/perl/nginx.pm | 2 | ||||
-rw-r--r-- | src/http/ngx_http_upstream.c | 10 | ||||
-rw-r--r-- | src/http/ngx_http_upstream.h | 1 | ||||
-rw-r--r-- | src/http/ngx_http_upstream_round_robin.c | 4 |
15 files changed, 184 insertions, 108 deletions
@@ -1,4 +1,20 @@ +Changes with nginx 1.3.11 10 Jan 2013 + + *) Bugfix: a segmentation fault might occur if logging was used; the bug + had appeared in 1.3.10. + + *) Bugfix: the "proxy_pass" directive did not work with IP addresses + without port specified; the bug had appeared in 1.3.10. + + *) Bugfix: a segmentation fault occurred on start or during + reconfiguration if the "keepalive" directive was specified more than + once in a single upstream block. + + *) Bugfix: parameter "default" of the "geo" directive did not set + default value for IPv6 addresses. + + Changes with nginx 1.3.10 25 Dec 2012 *) Change: domain names specified in configuration file are now resolved diff --git a/CHANGES.ru b/CHANGES.ru index f24e5f81f..165f2e732 100644 --- a/CHANGES.ru +++ b/CHANGES.ru @@ -1,4 +1,20 @@ +Изменения в nginx 1.3.11 10.01.2013 + + *) Исправление: при записи в лог мог происходить segmentation fault; + ошибка появилась в 1.3.10. + + *) Исправление: директива proxy_pass не работала с IP-адресами без + явного указания порта; ошибка появилась в 1.3.10. + + *) Исправление: на старте или во время переконфигурации происходил + segmentation fault, если директива keepalive была указана несколько + раз в одном блоке upstream. + + *) Исправление: параметр default директивы geo не определял значение по + умолчанию для IPv6-адресов. + + Изменения в nginx 1.3.10 25.12.2012 *) Изменение: для указанных в конфигурационном файле доменных имён @@ -1,6 +1,6 @@ /* - * Copyright (C) 2002-2012 Igor Sysoev - * Copyright (C) 2011,2012 Nginx, Inc. + * Copyright (C) 2002-2013 Igor Sysoev + * Copyright (C) 2011-2013 Nginx, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/man/nginx.8 b/man/nginx.8 index 8fcb0b0d2..f119a2327 100644 --- a/man/nginx.8 +++ b/man/nginx.8 @@ -1,6 +1,6 @@ .\" -.\" Copyright (c) 2010 Sergey A. Osokin -.\" Copyright (c) 2011,2012 Nginx, Inc. +.\" Copyright (C) 2010 Sergey A. Osokin +.\" Copyright (C) Nginx, Inc. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without diff --git a/src/core/nginx.h b/src/core/nginx.h index 0d5cc0987..e31d796d0 100644 --- a/src/core/nginx.h +++ b/src/core/nginx.h @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1003010 -#define NGINX_VERSION "1.3.10" +#define nginx_version 1003011 +#define NGINX_VERSION "1.3.11" #define NGINX_VER "nginx/" NGINX_VERSION #define NGINX_VAR "NGINX" diff --git a/src/core/ngx_conf_file.c b/src/core/ngx_conf_file.c index 0eb6388cb..ed7a2ce92 100644 --- a/src/core/ngx_conf_file.c +++ b/src/core/ngx_conf_file.c @@ -946,6 +946,7 @@ ngx_conf_open_file(ngx_cycle_t *cycle, ngx_str_t *name) } file->flush = NULL; + file->data = NULL; return file; } diff --git a/src/core/ngx_inet.c b/src/core/ngx_inet.c index 9aec68964..7757ab7d9 100644 --- a/src/core/ngx_inet.c +++ b/src/core/ngx_inet.c @@ -707,11 +707,8 @@ ngx_parse_inet_url(ngx_pool_t *pool, ngx_url_t *u) } u->no_port = 1; - - if (!u->no_resolve) { - u->port = u->default_port; - sin->sin_port = htons(u->default_port); - } + u->port = u->default_port; + sin->sin_port = htons(u->default_port); } len = last - host; @@ -868,11 +865,8 @@ ngx_parse_inet6_url(ngx_pool_t *pool, ngx_url_t *u) } else { u->no_port = 1; - - if (!u->no_resolve) { - u->port = u->default_port; - sin6->sin6_port = htons(u->default_port); - } + u->port = u->default_port; + sin6->sin6_port = htons(u->default_port); } } diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c index 976bd6465..cbae0ee6a 100644 --- a/src/event/ngx_event.c +++ b/src/event/ngx_event.c @@ -892,6 +892,10 @@ ngx_events_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) ngx_conf_t pcf; ngx_event_module_t *m; + if (*(void **) conf) { + return "is duplicate"; + } + /* count the number of the event modules and set up their indices */ ngx_event_max_module = 0; diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c index 81da708f3..378e72709 100644 --- a/src/event/ngx_event_openssl.c +++ b/src/event/ngx_event_openssl.c @@ -643,10 +643,10 @@ ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name) return NGX_ERROR; } - SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh); - SSL_CTX_set_options(ssl->ctx, SSL_OP_SINGLE_ECDH_USE); + SSL_CTX_set_tmp_ecdh(ssl->ctx, ecdh); + EC_KEY_free(ecdh); #endif #endif diff --git a/src/http/modules/ngx_http_geo_module.c b/src/http/modules/ngx_http_geo_module.c index 4bad08d4f..a927ab798 100644 --- a/src/http/modules/ngx_http_geo_module.c +++ b/src/http/modules/ngx_http_geo_module.c @@ -93,6 +93,8 @@ static ngx_uint_t ngx_http_geo_delete_range(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, in_addr_t start, in_addr_t end); static char *ngx_http_geo_cidr(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, ngx_str_t *value); +static char *ngx_http_geo_cidr_add(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, + ngx_cidr_t *cidr, ngx_str_t *value, ngx_str_t *net); static ngx_http_variable_value_t *ngx_http_geo_value(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, ngx_str_t *value); static char *ngx_http_geo_add_proxy(ngx_conf_t *cf, @@ -1014,11 +1016,10 @@ static char * ngx_http_geo_cidr(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, ngx_str_t *value) { - ngx_int_t rc, del; - ngx_str_t *net; - ngx_uint_t i; - ngx_cidr_t cidr; - ngx_http_variable_value_t *val, *old; + char *rv; + ngx_int_t rc, del; + ngx_str_t *net; + ngx_cidr_t cidr; if (ctx->tree == NULL) { ctx->tree = ngx_radix_tree_create(ctx->pool, -1); @@ -1040,133 +1041,168 @@ ngx_http_geo_cidr(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, cidr.family = AF_INET; cidr.u.in.addr = 0; cidr.u.in.mask = 0; - net = &value[0]; - } else { - if (ngx_strcmp(value[0].data, "delete") == 0) { - net = &value[1]; - del = 1; + rv = ngx_http_geo_cidr_add(cf, ctx, &cidr, &value[1], &value[0]); - } else { - net = &value[0]; - del = 0; + if (rv != NGX_CONF_OK) { + return rv; } - if (ngx_http_geo_cidr_value(cf, net, &cidr) != NGX_OK) { - return NGX_CONF_ERROR; - } +#if (NGX_HAVE_INET6) + cidr.family = AF_INET6; + ngx_memzero(&cidr.u.in6, sizeof(ngx_in6_cidr_t)); + + rv = ngx_http_geo_cidr_add(cf, ctx, &cidr, &value[1], &value[0]); - if (cidr.family == AF_INET) { - cidr.u.in.addr = ntohl(cidr.u.in.addr); - cidr.u.in.mask = ntohl(cidr.u.in.mask); + if (rv != NGX_CONF_OK) { + return rv; } +#endif + + return NGX_CONF_OK; + } - if (del) { - switch (cidr.family) { + if (ngx_strcmp(value[0].data, "delete") == 0) { + net = &value[1]; + del = 1; + + } else { + net = &value[0]; + del = 0; + } + + if (ngx_http_geo_cidr_value(cf, net, &cidr) != NGX_OK) { + return NGX_CONF_ERROR; + } + + if (cidr.family == AF_INET) { + cidr.u.in.addr = ntohl(cidr.u.in.addr); + cidr.u.in.mask = ntohl(cidr.u.in.mask); + } + + if (del) { + switch (cidr.family) { #if (NGX_HAVE_INET6) - case AF_INET6: - rc = ngx_radix128tree_delete(ctx->tree6, - cidr.u.in6.addr.s6_addr, - cidr.u.in6.mask.s6_addr); - break; + case AF_INET6: + rc = ngx_radix128tree_delete(ctx->tree6, + cidr.u.in6.addr.s6_addr, + cidr.u.in6.mask.s6_addr); + break; #endif - default: /* AF_INET */ - rc = ngx_radix32tree_delete(ctx->tree, cidr.u.in.addr, - cidr.u.in.mask); - break; - } - - if (rc != NGX_OK) { - ngx_conf_log_error(NGX_LOG_WARN, cf, 0, - "no network \"%V\" to delete", net); - } + default: /* AF_INET */ + rc = ngx_radix32tree_delete(ctx->tree, cidr.u.in.addr, + cidr.u.in.mask); + break; + } - return NGX_CONF_OK; + if (rc != NGX_OK) { + ngx_conf_log_error(NGX_LOG_WARN, cf, 0, + "no network \"%V\" to delete", net); } + + return NGX_CONF_OK; } - val = ngx_http_geo_value(cf, ctx, &value[1]); + return ngx_http_geo_cidr_add(cf, ctx, &cidr, &value[1], net); +} + + +static char * +ngx_http_geo_cidr_add(ngx_conf_t *cf, ngx_http_geo_conf_ctx_t *ctx, + ngx_cidr_t *cidr, ngx_str_t *value, ngx_str_t *net) +{ + ngx_int_t rc; + ngx_http_variable_value_t *val, *old; + + val = ngx_http_geo_value(cf, ctx, value); if (val == NULL) { return NGX_CONF_ERROR; } - switch (cidr.family) { + switch (cidr->family) { #if (NGX_HAVE_INET6) case AF_INET6: - for (i = 2; i; i--) { - rc = ngx_radix128tree_insert(ctx->tree6, cidr.u.in6.addr.s6_addr, - cidr.u.in6.mask.s6_addr, - (uintptr_t) val); + rc = ngx_radix128tree_insert(ctx->tree6, cidr->u.in6.addr.s6_addr, + cidr->u.in6.mask.s6_addr, + (uintptr_t) val); - if (rc == NGX_OK) { - return NGX_CONF_OK; - } + if (rc == NGX_OK) { + return NGX_CONF_OK; + } - if (rc == NGX_ERROR) { - return NGX_CONF_ERROR; - } + if (rc == NGX_ERROR) { + return NGX_CONF_ERROR; + } - /* rc == NGX_BUSY */ + /* rc == NGX_BUSY */ - old = (ngx_http_variable_value_t *) - ngx_radix128tree_find(ctx->tree6, - cidr.u.in6.addr.s6_addr); + old = (ngx_http_variable_value_t *) + ngx_radix128tree_find(ctx->tree6, + cidr->u.in6.addr.s6_addr); - ngx_conf_log_error(NGX_LOG_WARN, cf, 0, - "duplicate network \"%V\", value: \"%v\", old value: \"%v\"", - net, val, old); + ngx_conf_log_error(NGX_LOG_WARN, cf, 0, + "duplicate network \"%V\", value: \"%v\", old value: \"%v\"", + net, val, old); - rc = ngx_radix128tree_delete(ctx->tree6, - cidr.u.in6.addr.s6_addr, - cidr.u.in6.mask.s6_addr); + rc = ngx_radix128tree_delete(ctx->tree6, + cidr->u.in6.addr.s6_addr, + cidr->u.in6.mask.s6_addr); - if (rc == NGX_ERROR) { - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid radix tree"); - return NGX_CONF_ERROR; - } + if (rc == NGX_ERROR) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid radix tree"); + return NGX_CONF_ERROR; } + rc = ngx_radix128tree_insert(ctx->tree6, cidr->u.in6.addr.s6_addr, + cidr->u.in6.mask.s6_addr, + (uintptr_t) val); + break; #endif default: /* AF_INET */ - for (i = 2; i; i--) { - rc = ngx_radix32tree_insert(ctx->tree, cidr.u.in.addr, - cidr.u.in.mask, (uintptr_t) val); + rc = ngx_radix32tree_insert(ctx->tree, cidr->u.in.addr, + cidr->u.in.mask, (uintptr_t) val); - if (rc == NGX_OK) { - return NGX_CONF_OK; - } + if (rc == NGX_OK) { + return NGX_CONF_OK; + } - if (rc == NGX_ERROR) { - return NGX_CONF_ERROR; - } + if (rc == NGX_ERROR) { + return NGX_CONF_ERROR; + } - /* rc == NGX_BUSY */ + /* rc == NGX_BUSY */ - old = (ngx_http_variable_value_t *) - ngx_radix32tree_find(ctx->tree, cidr.u.in.addr); + old = (ngx_http_variable_value_t *) + ngx_radix32tree_find(ctx->tree, cidr->u.in.addr); - ngx_conf_log_error(NGX_LOG_WARN, cf, 0, - "duplicate network \"%V\", value: \"%v\", old value: \"%v\"", - net, val, old); + ngx_conf_log_error(NGX_LOG_WARN, cf, 0, + "duplicate network \"%V\", value: \"%v\", old value: \"%v\"", + net, val, old); - rc = ngx_radix32tree_delete(ctx->tree, - cidr.u.in.addr, cidr.u.in.mask); + rc = ngx_radix32tree_delete(ctx->tree, + cidr->u.in.addr, cidr->u.in.mask); - if (rc == NGX_ERROR) { - ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid radix tree"); - return NGX_CONF_ERROR; - } + if (rc == NGX_ERROR) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "invalid radix tree"); + return NGX_CONF_ERROR; } + rc = ngx_radix32tree_insert(ctx->tree, cidr->u.in.addr, + cidr->u.in.mask, (uintptr_t) val); + break; } + if (rc == NGX_OK) { + return NGX_CONF_OK; + } + return NGX_CONF_ERROR; } diff --git a/src/http/modules/ngx_http_upstream_keepalive_module.c b/src/http/modules/ngx_http_upstream_keepalive_module.c index d10e3d016..a2ad5aa8d 100644 --- a/src/http/modules/ngx_http_upstream_keepalive_module.c +++ b/src/http/modules/ngx_http_upstream_keepalive_module.c @@ -502,6 +502,10 @@ ngx_http_upstream_keepalive(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) kcf = ngx_http_conf_upstream_srv_conf(uscf, ngx_http_upstream_keepalive_module); + if (kcf->original_init_upstream) { + return "is duplicate"; + } + kcf->original_init_upstream = uscf->peer.init_upstream ? uscf->peer.init_upstream : ngx_http_upstream_init_round_robin; diff --git a/src/http/modules/perl/nginx.pm b/src/http/modules/perl/nginx.pm index 04f1a968d..3684bde04 100644 --- a/src/http/modules/perl/nginx.pm +++ b/src/http/modules/perl/nginx.pm @@ -50,7 +50,7 @@ our @EXPORT = qw( HTTP_INSUFFICIENT_STORAGE ); -our $VERSION = '1.3.10'; +our $VERSION = '1.3.11'; require XSLoader; XSLoader::load('nginx', $VERSION); diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c index 3436c6b1d..fb9c08673 100644 --- a/src/http/ngx_http_upstream.c +++ b/src/http/ngx_http_upstream.c @@ -4121,6 +4121,7 @@ ngx_http_upstream(ngx_conf_t *cf, ngx_command_t *cmd, void *dummy) value = cf->args->elts; u.host = value[1]; u.no_resolve = 1; + u.no_port = 1; uscf = ngx_http_upstream_add(cf, &u, NGX_HTTP_UPSTREAM_CREATE |NGX_HTTP_UPSTREAM_WEIGHT @@ -4391,14 +4392,14 @@ ngx_http_upstream_add(ngx_conf_t *cf, ngx_url_t *u, ngx_uint_t flags) return NULL; } - if ((uscfp[i]->flags & NGX_HTTP_UPSTREAM_CREATE) && u->port) { + if ((uscfp[i]->flags & NGX_HTTP_UPSTREAM_CREATE) && !u->no_port) { ngx_conf_log_error(NGX_LOG_WARN, cf, 0, "upstream \"%V\" may not have port %d", &u->host, u->port); return NULL; } - if ((flags & NGX_HTTP_UPSTREAM_CREATE) && uscfp[i]->port) { + if ((flags & NGX_HTTP_UPSTREAM_CREATE) && !uscfp[i]->no_port) { ngx_log_error(NGX_LOG_WARN, cf->log, 0, "upstream \"%V\" may not have port %d in %s:%ui", &u->host, uscfp[i]->port, @@ -4406,7 +4407,9 @@ ngx_http_upstream_add(ngx_conf_t *cf, ngx_url_t *u, ngx_uint_t flags) return NULL; } - if (uscfp[i]->port != u->port) { + if (uscfp[i]->port && u->port + && uscfp[i]->port != u->port) + { continue; } @@ -4434,6 +4437,7 @@ ngx_http_upstream_add(ngx_conf_t *cf, ngx_url_t *u, ngx_uint_t flags) uscf->line = cf->conf_file->line; uscf->port = u->port; uscf->default_port = u->default_port; + uscf->no_port = u->no_port; if (u->naddrs == 1) { uscf->servers = ngx_array_create(cf->pool, 1, diff --git a/src/http/ngx_http_upstream.h b/src/http/ngx_http_upstream.h index f32c98522..0d2b738a9 100644 --- a/src/http/ngx_http_upstream.h +++ b/src/http/ngx_http_upstream.h @@ -116,6 +116,7 @@ struct ngx_http_upstream_srv_conf_s { ngx_uint_t line; in_port_t port; in_port_t default_port; + ngx_uint_t no_port; /* unsigned no_port:1 */ }; diff --git a/src/http/ngx_http_upstream_round_robin.c b/src/http/ngx_http_upstream_round_robin.c index 61dce69cb..b48039414 100644 --- a/src/http/ngx_http_upstream_round_robin.c +++ b/src/http/ngx_http_upstream_round_robin.c @@ -161,7 +161,7 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf, /* an upstream implicitly defined by proxy_pass, etc. */ - if (us->port == 0 && us->default_port == 0) { + if (us->port == 0) { ngx_log_error(NGX_LOG_EMERG, cf->log, 0, "no port in upstream \"%V\" in %s:%ui", &us->host, us->file_name, us->line); @@ -171,7 +171,7 @@ ngx_http_upstream_init_round_robin(ngx_conf_t *cf, ngx_memzero(&u, sizeof(ngx_url_t)); u.host = us->host; - u.port = (in_port_t) (us->port ? us->port : us->default_port); + u.port = us->port; if (ngx_inet_resolve_host(cf->pool, &u) != NGX_OK) { if (u.err) { |