| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: improved hash table handling; the default values of the
"variables_hash_max_size" and "types_hash_bucket_size" were changed
to 1024 and 64 respectively.
*) Feature: the ngx_http_mp4_module now supports the "end" argument.
*) Feature: byte ranges support in the ngx_http_mp4_module and while
saving responses to cache.
*) Bugfix: alerts "ngx_slab_alloc() failed: no memory" no longer logged
when using shared memory in the "ssl_session_cache" directive and in
the ngx_http_limit_req_module.
*) Bugfix: the "underscores_in_headers" directive did not allow
underscore as a first character of a header.
Thanks to Piotr Sikora.
*) Bugfix: cache manager might hog CPU on exit in nginx/Windows.
*) Bugfix: nginx/Windows terminated abnormally if the
"ssl_session_cache" directive was used with the "shared" parameter.
*) Bugfix: in the ngx_http_spdy_module.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the "proxy_protocol" parameters of the "listen" and
"real_ip_header" directives, the $proxy_protocol_addr variable.
*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.
*) Feature: the "ssl_buffer_size" directive.
*) Feature: the "limit_rate" directive can now be used to rate limit
responses sent in SPDY connections.
*) Feature: the "spdy_chunk_size" directive.
*) Feature: the "ssl_session_tickets" directive.
Thanks to Dirkjan Bussink.
*) Bugfix: the $ssl_session_id variable contained full session
serialized instead of just a session id.
Thanks to Ivan Ristić.
*) Bugfix: nginx incorrectly handled escaped "?" character in the
"include" SSI command.
*) Bugfix: the ngx_http_dav_module did not unescape destination URI of
the COPY and MOVE methods.
*) Bugfix: resolver did not understand domain names with a trailing dot.
Thanks to Yichun Zhang.
*) Bugfix: alerts "zero size buf in output" might appear in logs while
proxying; the bug had appeared in 1.3.9.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used.
*) Bugfix: proxied WebSocket connections might hang right after
handshake if the select, poll, or /dev/poll methods were used.
*) Bugfix: the "xclient" directive of the mail proxy module incorrectly
handled IPv6 client addresses.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: IPv6 support in resolver.
*) Feature: the "listen" directive supports the "fastopen" parameter.
Thanks to Mathew Rodley.
*) Feature: SSL support in the ngx_http_uwsgi_module.
Thanks to Roberto De Ioris.
*) Feature: vim syntax highlighting scripts were added to contrib.
Thanks to Evan Miller.
*) Bugfix: a timeout might occur while reading client request body in an
SSL connection using chunked transfer encoding.
*) Bugfix: the "master_process" directive did not work correctly in
nginx/Windows.
*) Bugfix: the "setfib" parameter of the "listen" directive might not
work.
*) Bugfix: in the ngx_http_spdy_module.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: a character following an unescaped space in a request line
was handled incorrectly (CVE-2013-4547); the bug had appeared in
0.8.41.
Thanks to Ivan Fratric of the Google Security Team.
*) Change: a logging level of auth_basic errors about no user/password
provided has been lowered from "error" to "info".
*) Feature: the "proxy_cache_revalidate", "fastcgi_cache_revalidate",
"scgi_cache_revalidate", and "uwsgi_cache_revalidate" directives.
*) Feature: the "ssl_session_ticket_key" directive.
Thanks to Piotr Sikora.
*) Bugfix: the directive "add_header Cache-Control ''" added a
"Cache-Control" response header line with an empty value.
*) Bugfix: the "satisfy any" directive might return 403 error instead of
401 if auth_request and auth_basic directives were used.
Thanks to Jan Marc Hoffmann.
*) Bugfix: the "accept_filter" and "deferred" parameters of the "listen"
directive were ignored for listen sockets created during binary
upgrade.
Thanks to Piotr Sikora.
*) Bugfix: some data received from a backend with unbufferred proxy
might not be sent to a client immediately if "gzip" or "gunzip"
directives were used.
Thanks to Yichun Zhang.
*) Bugfix: in error handling in ngx_http_gunzip_filter_module.
*) Bugfix: responses might hang if the ngx_http_spdy_module was used
with the "auth_request" directive.
*) Bugfix: memory leak in nginx/Windows.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "fastcgi_buffering" directive.
*) Feature: the "proxy_ssl_protocols" and "proxy_ssl_ciphers"
directives.
Thanks to Piotr Sikora.
*) Feature: optimization of SSL handshakes when using long certificate
chains.
*) Feature: the mail proxy supports SMTP pipelining.
*) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
password encryption method.
Thanks to Markus Linnala.
*) Bugfix: in MacOSX, Cygwin, and nginx/Windows incorrect location might
be used to process a request if locations were given using characters
in different cases.
*) Bugfix: automatic redirect with appended trailing slash for proxied
locations might not work.
*) Bugfix: in the mail proxy server.
*) Bugfix: in the ngx_http_spdy_module.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change in internal API: now u->length defaults to -1 if working with
backends in unbuffered mode.
*) Change: now after receiving an incomplete response from a backend
server nginx tries to send an available part of the response to a
client, and then closes client connection.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used with the "client_body_in_file_only"
directive.
*) Bugfix: the "so_keepalive" parameter of the "listen" directive might
be handled incorrectly on DragonFlyBSD.
Thanks to Sepherosa Ziehau.
*) Bugfix: in the ngx_http_xslt_filter_module.
*) Bugfix: in the ngx_http_sub_filter_module.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: now several "error_log" directives can be used.
*) Bugfix: the $r->header_in() embedded perl method did not return value
of the "Cookie" and "X-Forwarded-For" request header lines; the bug
had appeared in 1.3.14.
*) Bugfix: in the ngx_http_spdy_module.
Thanks to Jim Radford.
*) Bugfix: nginx could not be built on Linux with x32 ABI.
Thanks to Serguei Ivantsov.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "ssi_last_modified", "sub_filter_last_modified", and
"xslt_last_modified" directives.
Thanks to Alexey Kolpakov.
*) Feature: the "http_403" parameter of the "proxy_next_upstream",
"fastcgi_next_upstream", "scgi_next_upstream", and
"uwsgi_next_upstream" directives.
*) Feature: the "allow" and "deny" directives now support unix domain
sockets.
*) Bugfix: nginx could not be built with the ngx_mail_ssl_module, but
without ngx_http_ssl_module; the bug had appeared in 1.3.14.
*) Bugfix: in the "proxy_set_body" directive.
Thanks to Lanshun Zhou.
*) Bugfix: in the "lingering_time" directive.
Thanks to Lanshun Zhou.
*) Bugfix: the "fail_timeout" parameter of the "server" directive in the
"upstream" context might not work if "max_fails" parameter was used;
the bug had appeared in 1.3.0.
*) Bugfix: a segmentation fault might occur in a worker process if the
"ssl_stapling" directive was used.
Thanks to Piotr Sikora.
*) Bugfix: in the mail proxy server.
Thanks to Filipe Da Silva.
*) Bugfix: nginx/Windows might stop accepting connections if several
worker processes were used.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: opening and closing a connection without sending any data in
it is no longer logged to access_log with error code 400.
*) Feature: the ngx_http_spdy_module.
Thanks to Automattic for sponsoring this work.
*) Feature: the "limit_req_status" and "limit_conn_status" directives.
Thanks to Nick Marden.
*) Feature: the "image_filter_interlace" directive.
Thanks to Ian Babrou.
*) Feature: $connections_waiting variable in the
ngx_http_stub_status_module.
*) Feature: the mail proxy module now supports IPv6 backends.
*) Bugfix: request body might be transmitted incorrectly when retrying a
request to the next upstream server; the bug had appeared in 1.3.9.
Thanks to Piotr Sikora.
*) Bugfix: in the "client_body_in_file_only" directive; the bug had
appeared in 1.3.9.
*) Bugfix: responses might hang if subrequests were used and a DNS error
happened during subrequest processing.
Thanks to Lanshun Zhou.
*) Bugfix: in backend usage accounting.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: domain names specified in configuration file are now resolved
to IPv6 addresses as well as IPv4 ones.
*) Change: now if the "include" directive with mask is used on Unix
systems, included files are sorted in alphabetical order.
*) Change: the "add_header" directive adds headers to 201 responses.
*) Feature: the "geo" directive now supports IPv6 addresses in CIDR
notation.
*) Feature: the "flush" and "gzip" parameters of the "access_log"
directive.
*) Feature: variables support in the "auth_basic" directive.
*) Bugfix: nginx could not be built with the ngx_http_perl_module in
some cases.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_xslt_module was used.
*) Bugfix: nginx could not be built on MacOSX in some cases.
Thanks to Piotr Sikora.
*) Bugfix: the "limit_rate" directive with high rates might result in
truncated responses on 32-bit platforms.
Thanks to Alexey Antropov.
*) Bugfix: a segmentation fault might occur in a worker process if the
"if" directive was used.
Thanks to Piotr Sikora.
*) Bugfix: a "100 Continue" response was issued with "413 Request Entity
Too Large" responses.
*) Bugfix: the "image_filter", "image_filter_jpeg_quality" and
"image_filter_sharpen" directives might be inherited incorrectly.
Thanks to Ian Babrou.
*) Bugfix: "crypt_r() failed" errors might appear if the "auth_basic"
directive was used on Linux.
*) Bugfix: in backup servers handling.
Thanks to Thomas Chen.
*) Bugfix: proxied HEAD requests might return incorrect response if the
"gzip" directive was used.
Merry Christmas!
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the ngx_http_mp4_module module no longer skips tracks in
formats other than H.264 and AAC.
*) Bugfix: a segmentation fault might occur in a worker process if the
"map" directive was used with variables as values.
*) Bugfix: a segmentation fault might occur in a worker process if the
"geo" directive was used with the "ranges" parameter but without the
"default" parameter; the bug had appeared in 0.8.43.
Thanks to Zhen Chen and Weibin Yao.
*) Bugfix: in the -p command-line parameter handling.
*) Bugfix: in the mail proxy server.
*) Bugfix: of minor potential bugs.
Thanks to Coverity.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2005
Express.
Thanks to HAYASHI Kentaro.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the "ipv6only" parameter is now turned on by default for
listening IPv6 sockets.
*) Feature: the Clang compiler support.
*) Bugfix: extra listening sockets might be created.
Thanks to Roman Odaisky.
*) Bugfix: nginx/Windows might hog CPU if a worker process failed to
start.
Thanks to Ricardo Villalobos Guevara.
*) Bugfix: the "proxy_pass_header", "fastcgi_pass_header",
"scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header",
"fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header"
directives might be inherited incorrectly.
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: content of previously freed memory might be sent to a
client if backend returned specially crafted response.
Thanks to Matthew Daley.
*) Bugfix: in the embedded perl module if used from SSI.
Thanks to Matthew Daley.
*) Bugfix: in the ngx_http_uwsgi_module.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the simultaneous subrequest limit has been raised to 200.
*) Feature: the "from" parameter of the "disable_symlinks" directive.
*) Feature: the "return" and "error_page" directives can be used to
return 307 redirections.
*) Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used and there was no "error_log" directive
specified at global level.
Thanks to Roman Arutyunyan.
*) Bugfix: a segmentation fault might occur in a worker process if the
"proxy_http_version 1.1" or "fastcgi_keep_conn on" directives were
used.
*) Bugfix: memory leaks.
Thanks to Lanshun Zhou.
*) Bugfix: in the "disable_symlinks" directive.
*) Bugfix: on ZFS filesystem disk cache size might be calculated
incorrectly; the bug had appeared in 1.0.1.
*) Bugfix: nginx could not be built by the icc 12.1 compiler.
*) Bugfix: nginx could not be built by gcc on Solaris; the bug had
appeared in 1.1.15.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "disable_symlinks" directive.
*) Feature: the "proxy_cookie_domain" and "proxy_cookie_path"
directives.
*) Bugfix: nginx might log incorrect error "upstream prematurely closed
connection" instead of correct "upstream sent too big header" one.
Thanks to Feibo Li.
*) Bugfix: nginx could not be built with the ngx_http_perl_module if the
--with-openssl option was used.
*) Bugfix: internal redirects to named locations were not limited.
*) Bugfix: calling $r->flush() multiple times might cause errors in the
ngx_http_gzip_filter_module.
*) Bugfix: temporary files might be not removed if the "proxy_store"
directive were used with SSI includes.
*) Bugfix: in some cases non-cacheable variables (such as the $args
variable) returned old empty cached value.
*) Bugfix: a segmentation fault might occur in a worker process if too
many SSI subrequests were issued simultaneously; the bug had appeared
in 0.7.25.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: multiple "limit_req" limits may be used simultaneously.
*) Bugfix: in error handling while connecting to a backend.
Thanks to Piotr Sikora.
*) Bugfix: in AIO error handling on FreeBSD.
*) Bugfix: in the OpenSSL library initialization.
*) Bugfix: the "proxy_redirect" directives might not be correctly
inherited.
*) Bugfix: memory leak during reconfiguration if the "pcre_jit"
directive was used.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the
"ssl_protocols" directive.
*) Bugfix: the "limit_req" directive parameters were not inherited
correctly; the bug had appeared in 1.1.12.
*) Bugfix: the "proxy_redirect" directive incorrectly processed
"Refresh" header if regular expression were used.
*) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter
did not return answer from cache if there were no live upstreams.
*) Bugfix: the "worker_cpu_affinity" directive might not work.
*) Bugfix: nginx could not be built on Solaris; the bug had appeared in
1.1.12.
*) Bugfix: in the ngx_http_mp4_module.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "so_keepalive" parameter of the "listen" directive.
Thanks to Vsevolod Stakhov.
*) Feature: the "if_not_empty" parameter of the
"fastcgi/scgi/uwsgi_param" directives.
*) Feature: the $https variable.
*) Feature: the "proxy_redirect" directive supports variables in the
first parameter.
*) Feature: the "proxy_redirect" directive supports regular expressions.
*) Bugfix: the $sent_http_cache_control variable might contain a wrong
value if the "expires" directive was used.
Thanks to Yichun Zhang.
*) Bugfix: the "read_ahead" directive might not work combined with
"try_files" and "open_file_cache".
*) Bugfix: a segmentation fault might occur in a worker process if small
time was used in the "inactive" parameter of the "proxy_cache_path"
directive.
*) Bugfix: responses from cache might hang.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the ngx_http_limit_zone_module was renamed to the
ngx_http_limit_conn_module.
*) Change: the "limit_zone" directive was superseded by the
"limit_conn_zone" directive with a new syntax.
*) Feature: support for multiple "limit_conn" limits on the same level.
*) Feature: the "image_filter_sharpen" directive.
*) Bugfix: a segmentation fault might occur in a worker process if
resolver got a big DNS response.
Thanks to Ben Hawkes.
*) Bugfix: in cache key calculation if internal MD5 implementation was
used; the bug had appeared in 1.0.4.
*) Bugfix: the "If-Modified-Since", "If-Range", etc. client request
header lines might be passed to backend while caching; or not passed
without caching if caching was enabled in another part of the
configuration.
*) Bugfix: the module ngx_http_mp4_module sent incorrect
"Content-Length" response header line if the "start" argument was
used.
Thanks to Piotr Sikora.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: support of several resolvers in the "resolver" directive.
Thanks to Kirill A. Korinskiy.
*) Bugfix: a segmentation fault occurred on start or while
reconfiguration if the "ssl" directive was used at http level and
there was no "ssl_certificate" defined.
*) Bugfix: reduced memory consumption while proxying of big files if
they were buffered to disk.
*) Bugfix: a segmentation fault might occur in a worker process if
"proxy_http_version 1.1" directive was used.
*) Bugfix: in the "expires @time" directive.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "uwsgi_buffering" and "scgi_buffering" directives.
Thanks to Peter Smit.
*) Bugfix: non-cacheable responses might be cached if
"proxy_cache_bypass" directive was used.
Thanks to John Ferlito.
*) Bugfix: in HTTP/1.1 support in the ngx_http_proxy_module.
*) Bugfix: cached responses with an empty body were returned
incorrectly; the bug had appeared in 0.8.31.
*) Bugfix: 201 responses of the ngx_http_dav_module were incorrect; the
bug had appeared in 0.8.32.
*) Bugfix: in the "return" directive.
*) Bugfix: the "ssl_session_cache builtin" directive caused segmentation
fault; the bug had appeared in 1.1.1.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now cache loader processes either as many files as specified
by "loader_files" parameter or works no more than time specified by
"loader_threshold" parameter during each iteration.
*) Change: now SIGWINCH signal works only in deamon mode.
*) Feature: now shared zones and caches use POSIX semaphores on
Solaris.
Thanks to Den Ivanov.
*) Feature: accept filters are now supported on NetBSD.
*) Bugfix: nginx could not be build on Linux 3.0.
*) Bugfix: nginx did not use gzipping in some cases; the bug had
appeared in 1.1.0.
*) Bugfix: request body might be incorrectly processed if client used
pipelining.
*) Bugfix: in the "request_body_in_single_buf" directive.
*) Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives
if SSL connection to backend was used.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked
as "down".
*) Bugfix: a segmentation fault might occur during reconfiguration if
ssl_session_cache was defined but not used in a previous
configuration.
*) Bugfix: a segmentation fault might occur in a worker process if many
backup servers were used in an upstream.
*) Bugfix: a segmentation fault might occur in a worker process if
"fastcgi/scgi/uwsgi_param" directives were used with values starting
with "HTTP_"; the bug had appeared in 0.8.40.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: cache loader run time decrease.
*) Feature: "loader_files", "loader_sleep", and "loader_threshold"
options of the "proxy/fastcgi/scgi/uwsgi_cache_path" directives.
*) Feature: loading time decrease of configuration with large number of
HTTPS sites.
*) Feature: now nginx supports ECDHE key exchange ciphers.
Thanks to Adrian Kotelba.
*) Feature: the "lingering_close" directive.
Thanks to Maxim Dounin.
*) Bugfix: in closing connection for pipelined requests.
Thanks to Maxim Dounin.
*) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in
"Accept-Encoding" request header line.
*) Bugfix: in timeout in unbuffered proxied mode.
Thanks to Maxim Dounin.
*) Bugfix: memory leaks when a "proxy_pass" directive contains
variables and proxies to an HTTPS backend.
Thanks to Maxim Dounin.
*) Bugfix: in parameter validaiton of a "proxy_pass" directive with
variables.
Thanks to Lanshun Zhou.
*) Bugfix: SSL did not work on QNX.
Thanks to Maxim Dounin.
*) Bugfix: SSL modules could not be built by gcc 4.6 without
--with-debug option.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now default SSL ciphers are "HIGH:!aNULL:!MD5".
Thanks to Rob Stradling.
*) Feature: the "referer_hash_max_size" and "referer_hash_bucket_size"
directives.
Thanks to Witold Filipczyk.
*) Feature: $uid_reset variable.
*) Bugfix: a segmentation fault might occur in a worker process, if a
caching was used.
Thanks to Lanshun Zhou.
*) Bugfix: worker processes may got caught in an endless loop during
reconfiguration, if a caching was used; the bug had appeared in
0.8.48.
Thanks to Maxim Dounin.
*) Bugfix: "stalled cache updating" alert.
Thanks to Maxim Dounin.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: large geo ranges base loading speed-up.
*) Bugfix: an error_page redirection to "location /zero { return 204;
}" without changing status code kept the error body; the bug had
appeared in 0.8.42.
*) Bugfix: nginx might close IPv6 listen socket during
reconfiguration.
Thanks to Maxim Dounin.
*) Bugfix: the $uid_set variable may be used at any request processing
stage.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the ngx_http_split_clients_module.
*) Feature: the "map" directive supports keys more than 255 characters.
*) Bugfix: nginx ignored the "private" and "no-store" values in the
"Cache-Control" backend response header line.
*) Bugfix: a "stub" parameter of an "include" SSI directive was not
used, if empty response has 200 status code.
*) Bugfix: if a proxied or FastCGI request was internally redirected to
another proxied or FastCGI location, then a segmentation fault might
occur in a worker process; the bug had appeared in 0.8.33.
Thanks to Yichun Zhang.
*) Bugfix: IMAP connections may hang until they timed out while talking
to Zimbra server.
Thanks to Alan Batie.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Bugfix: nginx did not support all ciphers and digests used in client
certificates.
Thanks to Innocenty Enikeew.
*) Bugfix: nginx cached incorrectly FastCGI responses if there was
large stderr output before response.
*) Bugfix: nginx did not support HTTPS referrers.
*) Bugfix: nginx/Windows might not find file if path in configuration
was given in other character case; the bug had appeared in 0.8.34.
*) Bugfix: the $date_local variable has an incorrect value, if the "%s"
format was used.
Thanks to Maxim Dounin.
*) Bugfix: if ssl_session_cache was not set or was set to "none", then
during client certificate verify the error "session id context
uninitialized" might occur; the bug had appeared in 0.7.1.
*) Bugfix: a geo range returned default value if the range included two
or more /16 networks and did not begin at /16 network boundary.
*) Bugfix: a block used in a "stub" parameter of an "include" SSI
directive was output with "text/plain" MIME type.
*) Bugfix: $r->sleep() did not work; the bug had appeared in 0.8.11.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Bugfix: UTF-8 encoding usage in the ngx_http_autoindex_module.
Thanks to Maxim Dounin.
*) Bugfix: regular expression named captures worked for two names only.
Thanks to Maxim Dounin.
*) Bugfix: now the "localhost" name is used in the "Host" request
header line, if an unix domain socket is defined in the "auth_http"
directive.
Thanks to Maxim Dounin.
*) Bugfix: nginx did nor support chunked transfer encoding for 201
responses.
Thanks to Julian Reich.
*) Bugfix: if the "expires modified" set date in the past, the a
negative number was set in the "Cache-Control" response header
line.
Thanks to Alex Kapranoff.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: now SSL/TLS renegotiation is disabled.
Thanks to Maxim Dounin.
*) Bugfix: listen unix domain socket did not inherit while online
upgrade.
*) Bugfix: the "unix:" parameter of the "set_real_ip_from" directive
did not without yet another directive with any IP address.
*) Bugfix: segmentation fault and infinite looping in resolver.
*) Bugfix: in resolver.
Thanks to Artem Bokhan.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "proxy_bind", "fastcgi_bind", and "memcached_bind"
directives.
*) Feature: the "access" and the "deny" directives support IPv6.
*) Feature: the "set_real_ip_from" directive supports IPv6 addresses in
request headers.
*) Feature: the "unix:" parameter of the "set_real_ip_from" directive.
*) Bugfix: nginx did not delete unix domain socket after configuration
testing.
*) Bugfix: nginx deleted unix domain socket while online upgrade.
*) Bugfix: the "!-x" operator did not work.
Thanks to Maxim Dounin.
*) Bugfix: a segmentation fault might occur in a worker process, if
limit_rate was used in HTTPS server.
Thanks to Maxim Dounin.
*) Bugfix: a segmentation fault might occur in a worker process while
$limit_rate logging.
Thanks to Maxim Dounin.
*) Bugfix: a segmentation fault might occur in a worker process, if
there was no "listen" directive in "server" block; the bug had
appeared in 0.8.21.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now default SSL ciphers are "HIGH:!ADH:!MD5".
*) Bugfix: the ngx_http_autoindex_module did not show the trailing
slash in links to a directory; the bug had appeared in 0.7.15.
*) Bugfix: nginx did not close a log file set by the --error-log-path
configuration option; the bug had appeared in 0.7.53.
*) Bugfix: nginx did not treat a comma as separator in the
"Cache-Control" backend response header line.
*) Bugfix: nginx/Windows might not create temporary file, a cache file,
or "proxy/fastcgi_store"d file if a worker has no enough access
rights for top level directories.
*) Bugfix: the "Set-Cookie" and "P3P" FastCGI response header lines
were not hidden while caching if no "fastcgi_hide_header" directives
were used with any parameters.
*) Bugfix: nginx counted incorrectly disk cache size.
|
|
|
|
|
|
|
|
|
| |
*) Change: now SSLv2 protocol is disabled by default.
*) Change: now default SSL ciphers are "ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM".
*) Bugfix: a "limit_req" directive did not work; the bug had appeared
in 0.8.18.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: minimum supported OpenSSL version is 0.9.7.
*) Change: the "ask" parameter of the "ssl_verify_client" directive was
changed to the "optional" parameter and now it checks a client
certificate if it was offered.
Thanks to Brice Figureau.
*) Feature: the $ssl_client_verify variable.
Thanks to Brice Figureau.
*) Feature: the "ssl_crl" directive.
Thanks to Brice Figureau.
*) Feature: the "proxy" parameter of the "geo" directive.
*) Feature: the "image_filter" directive supports variables for setting
size.
*) Bugfix: the $ssl_client_cert variable usage corrupted memory; the
bug had appeared in 0.7.7.
Thanks to Sergey Zhuravlev.
*) Bugfix: "proxy_pass_header" and "fastcgi_pass_header" directives did
not pass to a client the "X-Accel-Redirect", "X-Accel-Limit-Rate",
"X-Accel-Buffering", and "X-Accel-Charset" lines from backend
response header.
Thanks to Maxim Dounin.
*) Bugfix: in handling "Last-Modified" and "Accept-Ranges" backend
response header lines; the bug had appeared in 0.7.44.
Thanks to Maxim Dounin.
*) Bugfix: the "[alert] zero size buf" error if subrequest returns an
empty response; the bug had appeared in 0.8.5.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the $upstream_cache_status variable.
*) Bugfix: nginx could not be built on MacOSX 10.6. the bug had
appeared in 0.8.2.
*) Bugfix: nginx could not be built --without-http-cache; the bug had
appeared in 0.8.2.
*) Bugfix: a segmentation fault occurred in worker process, if a
backend 401 error was intercepted and the backend did not set the
"WWW-Authenticate" response header line.
Thanks to Eugene Mychlo.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "keepalive_requests" directive.
*) Feature: the "limit_rate_after" directive.
Thanks to Ivan Debnar.
*) Bugfix: XLST filter did not work in subrequests.
*) Bugfix: in relative paths handling in nginx/Windows.
*) Bugfix: in proxy_store, fastcgi_store, proxy_cache, and
fastcgi_cache in nginx/Windows.
*) Bugfix: in memory allocation error handling.
Thanks to Maxim Dounin and Kirill A. Korinskiy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: a "listen" directive of the mail proxy module supports IPv6.
*) Feature: the "image_filter_jpeg_quality" directive.
*) Feature: the "client_body_in_single_buffer" directive.
*) Feature: the $request_body variable.
*) Bugfix: in ngx_http_autoindex_module in file name links having a ":"
symbol in the name.
*) Bugfix: "make upgrade" procedure did not work; the bug had appeared
in 0.7.53.
Thanks to Denis F. Latypoff.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Bugfix: the http_XXX parameters in "proxy_cache_use_stale" and
"fastcgi_cache_use_stale" directives did not work.
*) Bugfix: fastcgi cache did not cache header only responses.
*) Bugfix: of "select() failed (9: Bad file descriptor)" error in
nginx/Unix and "select() failed (10022: ...)" error in nginx/Windows.
*) Bugfix: a segmentation fault might occur in worker process, if an
"debug_connection" directive was used; the bug had appeared in
0.7.54.
*) Bugfix: fix ngx_http_image_filter_module building errors.
*) Bugfix: the files bigger than 2G could not be transferred using
$r->sendfile.
Thanks to Maxim Dounin.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the ngx_http_image_filter_module.
*) Feature: the "proxy_ignore_headers" and "fastcgi_ignore_headers"
directives.
*) Bugfix: a segmentation fault might occur in worker process, if an
"open_file_cache_errors off" directive was used; the bug had
appeared in 0.7.53.
*) Bugfix: the "port_in_redirect off" directive did not work; the bug
had appeared in 0.7.39.
*) Bugfix: improve handling of "select" method errors.
*) Bugfix: of "select() failed (10022: ...)" error in nginx/Windows.
*) Bugfix: in error text descriptions in nginx/Windows; the bug had
appeared in 0.7.53.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now a log set by --error-log-path is created from the very
start-up.
*) Feature: now the start up errors and warnings are outputted to an
error_log and stderr.
*) Feature: the empty --prefix= configure parameter forces nginx to use
a directory where it was run as prefix.
*) Feature: the -p switch.
*) Feature: the -s switch on Unix platforms.
*) Feature: the -? and -h switches.
Thanks to Jerome Loyet.
*) Feature: now switches may be set in condensed form.
*) Bugfix: nginx/Windows did not work if configuration file was given
by the -c switch.
*) Bugfix: temporary files might be not removed if the "proxy_store",
"fastcgi_store", "proxy_cache", or "fastcgi_cache" were used.
Thanks to Maxim Dounin.
*) Bugfix: an incorrect value was passed to mail proxy authentication
server in "Auth-Method" header line; the bug had appeared
in 0.7.34.
Thanks to Simon Lecaille.
*) Bugfix: system error text descriptions were not logged on Linux;
the bug had appeared in 0.7.45.
*) Bugfix: the "fastcgi_cache_min_uses" directive did not work.
Thanks to Andrew Vorobyoff.
|
|
|
|
|
|
|
|
| |
*) Feature: a preliminary IPv6 support; the "listen" directive of the
HTTP module supports IPv6.
*) Bugfix: the $ancient_browser variable did not work for browsers
preset by a "modern_browser" directives.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "off" parameter of the "if_modified_since" directive.
*) Feature: now nginx sends an HELO/EHLO command after a XCLIENT
command.
Thanks to Maxim Dounin.
*) Feature: Microsoft specific "AUTH LOGIN with User Name" mode support
in mail proxy server.
Thanks to Maxim Dounin.
*) Bugfix: in a redirect rewrite directive original arguments were
concatenated with new arguments by an "?" rather than an "&";
the bug had appeared in 0.1.18.
Thanks to Maxim Dounin.
*) Bugfix: nginx could not be built on AIX.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Bugfix: a double response might be returned if the epoll or rtsig
methods are used and a redirect was returned to a request with
body.
Thanks to Eden Li.
*) Bugfix: the $sent_http_location variable was empty for some
redirects types.
*) Bugfix: a segmentation fault might occur in worker process if
"resolver" directive was used in SMTP proxy.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now the "try_files" directive tests files only and ignores
directories.
*) Feature: the "fastcgi_split_path_info" directive.
*) Bugfixes in an "Expect" request header line support.
*) Bugfixes in geo ranges.
*) Bugfix: in a miss case ngx_http_memcached_module returned the "END"
line as response body instead of default 404 page body; the bug had
appeared in 0.7.18.
Thanks to Maxim Dounin.
*) Bugfix: while SMTP proxying nginx issued message "250 2.0.0 OK"
instead of "235 2.0.0 OK"; the bug had appeared in 0.7.22.
Thanks to Maxim Dounin.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "try_files" directive.
*) Feature: variables support in the "fastcgi_pass" directive.
*) Feature: now the $geo variable may get an address from a
variable.
Thanks to Andrei Nigmatulin.
*) Feature: now a location's modifier may be used without space before
name.
*) Feature: the $upstream_response_length variable.
*) Bugfix: now a "add_header" directive does not add an empty value.
*) Bugfix: if zero length static file was requested, then nginx just
closed connection; the bug had appeared in 0.7.25.
*) Bugfix: a MOVE method could not move file in non-existent directory.
*) Bugfix: a segmentation fault occurred in worker process, if no one
named location was defined in server, but some one was used in an
error_page directive.
Thanks to Sergey Bochenkov.
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "none" parameter in the "smtp_auth" directive.
Thanks to Maxim Dounin.
*) Feature: the "$cookie_..." variables.
*) Bugfix: the "directio" directive did not work in XFS filesystem.
*) Bugfix: the resolver did not understand big DNS responses.
Thanks to Zyb.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now the ssl_certificate and ssl_certificate_key directives
have not default values.
*) Feature: the "listen" directive supports the "ssl" parameter.
*) Feature: now nginx takes into account a time zone change while
reconfiguration on FreeBSD and Linux.
*) Bugfix: the "listen" directive parameters such as "backlog",
"rcvbuf", etc. were not set, if a default server was not the first
one.
*) Bugfix: if URI part captured by a "rewrite" directive was used as a
query string, then the query string was not escaped.
*) Bugfix: configuration file validity test improvements.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "server_name" directive supports empty name "".
*) Feature: the "gzip_disable" directive supports special "msie6" mask.
*) Bugfix: if the "max_fails=0" parameter was used in upstream with
several servers, then a worker process exited on a SIGFPE signal.
Thanks to Maxim Dounin.
*) Bugfix: a request body was dropped while redirection via an
"error_page" directive.
*) Bugfix: a full response was returned for request method HEAD while
redirection via an "error_page" directive.
*) Bugfix: the $r->header_in() method did not return value of the
"Host", "User-Agent", and "Connection" request header lines; the bug
had appeared in 0.7.0.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now ngx_http_charset_module works by default with following
MIME types: text/html, text/css, text/xml, text/plain,
text/vnd.wap.wml, application/x-javascript, and application/rss+xml.
*) Feature: the "charset_types" and "addition_types" directives.
*) Feature: now the "gzip_types", "ssi_types", and "sub_filter_types"
directives use hash.
*) Feature: the ngx_cpp_test_module.
*) Feature: the "expires" directive supports daily time.
*) Feature: the ngx_http_xslt_module improvements and bug fixing.
Thanks to Denis F. Latypoff and Maxim Dounin.
*) Bugfix: the "log_not_found" directive did not work for index files
tests.
*) Bugfix: HTTPS connections might hang, if kqueue, epoll, rtsig, or
eventport methods were used; the bug had appeared in 0.7.7.
*) Bugfix: if the "server_name", "valid_referers", and "map" directives
used an "*.domain.tld" wildcard and exact name "domain.tld" was not
set, then the exact name was matched by the wildcard; the bugs had
appeared in 0.3.18.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now the EAGAIN error returned by connect() is not considered
as temporary error.
*) Change: now the $ssl_client_cert variable value is a certificate
with TAB character intended before each line except first one; an
unchanged certificate is available in the $ssl_client_raw_cert
variable.
*) Feature: the "ask" parameter in the "ssl_verify_client" directive.
*) Feature: byte-range processing improvements.
Thanks to Maxim Dounin.
*) Feature: the "directio" directive.
*) Feature: MacOSX 1.5 sendfile() support.
*) Bugfix: now in MacOSX and Cygwin locations are tested in case
insensitive mode; however, the compare is provided by single-byte
locales only.
*) Bugfix: mail proxy SSL connections hanged, if select, poll, or
/dev/poll methods were used.
*) Bugfix: UTF-8 encoding usage in the ngx_http_autoindex_module.
|