| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: improved hash table handling; the default values of the
"variables_hash_max_size" and "types_hash_bucket_size" were changed
to 1024 and 64 respectively.
*) Feature: the ngx_http_mp4_module now supports the "end" argument.
*) Feature: byte ranges support in the ngx_http_mp4_module and while
saving responses to cache.
*) Bugfix: alerts "ngx_slab_alloc() failed: no memory" no longer logged
when using shared memory in the "ssl_session_cache" directive and in
the ngx_http_limit_req_module.
*) Bugfix: the "underscores_in_headers" directive did not allow
underscore as a first character of a header.
Thanks to Piotr Sikora.
*) Bugfix: cache manager might hog CPU on exit in nginx/Windows.
*) Bugfix: nginx/Windows terminated abnormally if the
"ssl_session_cache" directive was used with the "shared" parameter.
*) Bugfix: in the ngx_http_spdy_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: a heap memory buffer overflow might occur in a worker
process while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0133).
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the "proxy_protocol" parameters of the "listen" and
"real_ip_header" directives, the $proxy_protocol_addr variable.
*) Bugfix: in the "fastcgi_next_upstream" directive.
Thanks to Lucas Molas.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: memory corruption might occur in a worker process on 32-bit
platforms while handling a specially crafted request by
ngx_http_spdy_module, potentially resulting in arbitrary code
execution (CVE-2014-0088); the bug had appeared in 1.5.10.
Thanks to Lucas Molas, researcher at Programa STIC, Fundación Dr.
Manuel Sadosky, Buenos Aires, Argentina.
*) Feature: the $ssl_session_reused variable.
*) Bugfix: the "client_max_body_size" directive might not work when
reading a request body using chunked transfer encoding; the bug had
appeared in 1.3.9.
Thanks to Lucas Molas.
*) Bugfix: a segmentation fault might occur in a worker process when
proxying WebSocket connections.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used on 32-bit platforms; the bug had
appeared in 1.5.10.
*) Bugfix: the $upstream_status variable might contain wrong data if the
"proxy_cache_use_stale" or "proxy_cache_revalidate" directives were
used.
Thanks to Piotr Sikora.
*) Bugfix: a segmentation fault might occur in a worker process if
errors with code 400 were redirected to a named location using the
"error_page" directive.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2013.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the ngx_http_spdy_module now uses SPDY 3.1 protocol.
Thanks to Automattic and MaxCDN for sponsoring this work.
*) Feature: the ngx_http_mp4_module now skips tracks too short for a
seek requested.
*) Bugfix: a segmentation fault might occur in a worker process if the
$ssl_session_id variable was used in logs; the bug had appeared in
1.5.9.
*) Bugfix: the $date_local and $date_gmt variables used wrong format
outside of the ngx_http_ssi_filter_module.
*) Bugfix: client connections might be immediately closed if deferred
accept was used; the bug had appeared in 1.3.15.
*) Bugfix: alerts "getsockopt(TCP_FASTOPEN) ... failed" appeared in logs
during binary upgrade on Linux; the bug had appeared in 1.5.8.
Thanks to Piotr Sikora.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now nginx expects escaped URIs in "X-Accel-Redirect" headers.
*) Feature: the "ssl_buffer_size" directive.
*) Feature: the "limit_rate" directive can now be used to rate limit
responses sent in SPDY connections.
*) Feature: the "spdy_chunk_size" directive.
*) Feature: the "ssl_session_tickets" directive.
Thanks to Dirkjan Bussink.
*) Bugfix: the $ssl_session_id variable contained full session
serialized instead of just a session id.
Thanks to Ivan Ristić.
*) Bugfix: nginx incorrectly handled escaped "?" character in the
"include" SSI command.
*) Bugfix: the ngx_http_dav_module did not unescape destination URI of
the COPY and MOVE methods.
*) Bugfix: resolver did not understand domain names with a trailing dot.
Thanks to Yichun Zhang.
*) Bugfix: alerts "zero size buf in output" might appear in logs while
proxying; the bug had appeared in 1.3.9.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used.
*) Bugfix: proxied WebSocket connections might hang right after
handshake if the select, poll, or /dev/poll methods were used.
*) Bugfix: the "xclient" directive of the mail proxy module incorrectly
handled IPv6 client addresses.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: a character following an unescaped space in a request line
was handled incorrectly (CVE-2013-4547); the bug had appeared in
0.8.41.
Thanks to Ivan Fratric of the Google Security Team.
*) Change: a logging level of auth_basic errors about no user/password
provided has been lowered from "error" to "info".
*) Feature: the "proxy_cache_revalidate", "fastcgi_cache_revalidate",
"scgi_cache_revalidate", and "uwsgi_cache_revalidate" directives.
*) Feature: the "ssl_session_ticket_key" directive.
Thanks to Piotr Sikora.
*) Bugfix: the directive "add_header Cache-Control ''" added a
"Cache-Control" response header line with an empty value.
*) Bugfix: the "satisfy any" directive might return 403 error instead of
401 if auth_request and auth_basic directives were used.
Thanks to Jan Marc Hoffmann.
*) Bugfix: the "accept_filter" and "deferred" parameters of the "listen"
directive were ignored for listen sockets created during binary
upgrade.
Thanks to Piotr Sikora.
*) Bugfix: some data received from a backend with unbufferred proxy
might not be sent to a client immediately if "gzip" or "gunzip"
directives were used.
Thanks to Yichun Zhang.
*) Bugfix: in error handling in ngx_http_gunzip_filter_module.
*) Bugfix: responses might hang if the ngx_http_spdy_module was used
with the "auth_request" directive.
*) Bugfix: memory leak in nginx/Windows.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "fastcgi_buffering" directive.
*) Feature: the "proxy_ssl_protocols" and "proxy_ssl_ciphers"
directives.
Thanks to Piotr Sikora.
*) Feature: optimization of SSL handshakes when using long certificate
chains.
*) Feature: the mail proxy supports SMTP pipelining.
*) Bugfix: in the ngx_http_auth_basic_module when using "$apr1$"
password encryption method.
Thanks to Markus Linnala.
*) Bugfix: in MacOSX, Cygwin, and nginx/Windows incorrect location might
be used to process a request if locations were given using characters
in different cases.
*) Bugfix: automatic redirect with appended trailing slash for proxied
locations might not work.
*) Bugfix: in the mail proxy server.
*) Bugfix: in the ngx_http_spdy_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now nginx assumes HTTP/1.0 by default if it is not able to
detect protocol reliably.
*) Feature: the "disable_symlinks" directive now uses O_PATH on Linux.
*) Feature: now nginx uses EPOLLRDHUP events to detect premature
connection close by clients if the "epoll" method is used.
*) Bugfix: in the "valid_referers" directive if the "server_names"
parameter was used.
*) Bugfix: the $request_time variable did not work in nginx/Windows.
*) Bugfix: in the "image_filter" directive.
Thanks to Lanshun Zhou.
*) Bugfix: OpenSSL 1.0.1f compatibility.
Thanks to Piotr Sikora.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the "js" extension MIME type has been changed to
"application/javascript"; default value of the "charset_types"
directive was changed accordingly.
*) Change: now the "image_filter" directive with the "size" parameter
returns responses with the "application/json" MIME type.
*) Feature: the ngx_http_auth_request_module.
*) Bugfix: a segmentation fault might occur on start or during
reconfiguration if the "try_files" directive was used with an empty
parameter.
*) Bugfix: memory leak if relative paths were specified using variables
in the "root" or "auth_basic_user_file" directives.
*) Bugfix: the "valid_referers" directive incorrectly executed regular
expressions if a "Referer" header started with "https://".
Thanks to Liangbin Li.
*) Bugfix: responses might hang if subrequests were used and an SSL
handshake error happened during subrequest processing.
Thanks to Aviram Cohen.
*) Bugfix: in the ngx_http_autoindex_module.
*) Bugfix: in the ngx_http_spdy_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change in internal API: now u->length defaults to -1 if working with
backends in unbuffered mode.
*) Change: now after receiving an incomplete response from a backend
server nginx tries to send an available part of the response to a
client, and then closes client connection.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_spdy_module was used with the "client_body_in_file_only"
directive.
*) Bugfix: the "so_keepalive" parameter of the "listen" directive might
be handled incorrectly on DragonFlyBSD.
Thanks to Sepherosa Ziehau.
*) Bugfix: in the ngx_http_xslt_filter_module.
*) Bugfix: in the ngx_http_sub_filter_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: now several "error_log" directives can be used.
*) Bugfix: the $r->header_in() embedded perl method did not return value
of the "Cookie" and "X-Forwarded-For" request header lines; the bug
had appeared in 1.3.14.
*) Bugfix: in the ngx_http_spdy_module.
Thanks to Jim Radford.
*) Bugfix: nginx could not be built on Linux with x32 ABI.
Thanks to Serguei Ivantsov.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "ssi_last_modified", "sub_filter_last_modified", and
"xslt_last_modified" directives.
Thanks to Alexey Kolpakov.
*) Feature: the "http_403" parameter of the "proxy_next_upstream",
"fastcgi_next_upstream", "scgi_next_upstream", and
"uwsgi_next_upstream" directives.
*) Feature: the "allow" and "deny" directives now support unix domain
sockets.
*) Bugfix: nginx could not be built with the ngx_mail_ssl_module, but
without ngx_http_ssl_module; the bug had appeared in 1.3.14.
*) Bugfix: in the "proxy_set_body" directive.
Thanks to Lanshun Zhou.
*) Bugfix: in the "lingering_time" directive.
Thanks to Lanshun Zhou.
*) Bugfix: the "fail_timeout" parameter of the "server" directive in the
"upstream" context might not work if "max_fails" parameter was used;
the bug had appeared in 1.3.0.
*) Bugfix: a segmentation fault might occur in a worker process if the
"ssl_stapling" directive was used.
Thanks to Piotr Sikora.
*) Bugfix: in the mail proxy server.
Thanks to Filipe Da Silva.
*) Bugfix: nginx/Windows might stop accepting connections if several
worker processes were used.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: opening and closing a connection without sending any data in
it is no longer logged to access_log with error code 400.
*) Feature: the ngx_http_spdy_module.
Thanks to Automattic for sponsoring this work.
*) Feature: the "limit_req_status" and "limit_conn_status" directives.
Thanks to Nick Marden.
*) Feature: the "image_filter_interlace" directive.
Thanks to Ian Babrou.
*) Feature: $connections_waiting variable in the
ngx_http_stub_status_module.
*) Feature: the mail proxy module now supports IPv6 backends.
*) Bugfix: request body might be transmitted incorrectly when retrying a
request to the next upstream server; the bug had appeared in 1.3.9.
Thanks to Piotr Sikora.
*) Bugfix: in the "client_body_in_file_only" directive; the bug had
appeared in 1.3.9.
*) Bugfix: responses might hang if subrequests were used and a DNS error
happened during subrequest processing.
Thanks to Lanshun Zhou.
*) Bugfix: in backend usage accounting.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: domain names specified in configuration file are now resolved
to IPv6 addresses as well as IPv4 ones.
*) Change: now if the "include" directive with mask is used on Unix
systems, included files are sorted in alphabetical order.
*) Change: the "add_header" directive adds headers to 201 responses.
*) Feature: the "geo" directive now supports IPv6 addresses in CIDR
notation.
*) Feature: the "flush" and "gzip" parameters of the "access_log"
directive.
*) Feature: variables support in the "auth_basic" directive.
*) Bugfix: nginx could not be built with the ngx_http_perl_module in
some cases.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_xslt_module was used.
*) Bugfix: nginx could not be built on MacOSX in some cases.
Thanks to Piotr Sikora.
*) Bugfix: the "limit_rate" directive with high rates might result in
truncated responses on 32-bit platforms.
Thanks to Alexey Antropov.
*) Bugfix: a segmentation fault might occur in a worker process if the
"if" directive was used.
Thanks to Piotr Sikora.
*) Bugfix: a "100 Continue" response was issued with "413 Request Entity
Too Large" responses.
*) Bugfix: the "image_filter", "image_filter_jpeg_quality" and
"image_filter_sharpen" directives might be inherited incorrectly.
Thanks to Ian Babrou.
*) Bugfix: "crypt_r() failed" errors might appear if the "auth_basic"
directive was used on Linux.
*) Bugfix: in backup servers handling.
Thanks to Thomas Chen.
*) Bugfix: proxied HEAD requests might return incorrect response if the
"gzip" directive was used.
Merry Christmas!
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: support for chunked transfer encoding while reading client
request body.
*) Feature: the $request_time and $msec variables can now be used not
only in the "log_format" directive.
*) Bugfix: cache manager and cache loader processes might not be able to
start if more than 512 listen sockets were used.
*) Bugfix: in the ngx_http_dav_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "optional_no_ca" parameter of the "ssl_verify_client"
directive.
Thanks to Mike Kazantsev and Eric O'Connor.
*) Feature: the $bytes_sent, $connection, and $connection_requests
variables can now be used not only in the "log_format" directive.
Thanks to Benjamin Grössing.
*) Feature: the "auto" parameter of the "worker_processes" directive.
*) Bugfix: "cache file ... has md5 collision" alert.
*) Bugfix: in the ngx_http_gunzip_filter_module.
*) Bugfix: in the "ssl_stapling" directive.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: OCSP stapling support.
Thanks to Comodo, DigiCert and GlobalSign for sponsoring this work.
*) Feature: the "ssl_trusted_certificate" directive.
*) Feature: resolver now randomly rotates addresses returned from cache.
Thanks to Anton Jouline.
*) Bugfix: OpenSSL 0.9.7 compatibility.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the ngx_http_mp4_module module no longer skips tracks in
formats other than H.264 and AAC.
*) Bugfix: a segmentation fault might occur in a worker process if the
"map" directive was used with variables as values.
*) Bugfix: a segmentation fault might occur in a worker process if the
"geo" directive was used with the "ranges" parameter but without the
"default" parameter; the bug had appeared in 0.8.43.
Thanks to Zhen Chen and Weibin Yao.
*) Bugfix: in the -p command-line parameter handling.
*) Bugfix: in the mail proxy server.
*) Bugfix: of minor potential bugs.
Thanks to Coverity.
*) Bugfix: nginx/Windows could not be built with Visual Studio 2005
Express.
Thanks to HAYASHI Kentaro.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the "ipv6only" parameter is now turned on by default for
listening IPv6 sockets.
*) Feature: the Clang compiler support.
*) Bugfix: extra listening sockets might be created.
Thanks to Roman Odaisky.
*) Bugfix: nginx/Windows might hog CPU if a worker process failed to
start.
Thanks to Ricardo Villalobos Guevara.
*) Bugfix: the "proxy_pass_header", "fastcgi_pass_header",
"scgi_pass_header", "uwsgi_pass_header", "proxy_hide_header",
"fastcgi_hide_header", "scgi_hide_header", and "uwsgi_hide_header"
directives might be inherited incorrectly.
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
| |
|
|
|
|
|
|
|
|
|
| |
*) Feature: entity tags support and the "etag" directive.
*) Bugfix: trailing dot in a source value was not ignored if the "map"
directive was used with the "hostnames" parameter.
*) Bugfix: incorrect location might be used to process a request if a
URI was changed via a "rewrite" directive before an internal redirect
to a named location.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the "single" parameter of the "keepalive" directive is now
ignored.
*) Change: SSL compression is now disabled when using all versions of
OpenSSL, including ones prior to 1.0.0.
*) Feature: it is now possible to use the "ip_hash" directive to balance
IPv6 clients.
*) Feature: the $status variable can now be used not only in the
"log_format" directive.
*) Bugfix: a segmentation fault might occur in a worker process on
shutdown if the "resolver" directive was used.
*) Bugfix: a segmentation fault might occur in a worker process if the
ngx_http_mp4_module was used.
*) Bugfix: in the ngx_http_mp4_module.
*) Bugfix: a segmentation fault might occur in a worker process if
conflicting wildcard server names were used.
*) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
ARM platform.
*) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
while reconfiguration.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: now nginx/Windows ignores trailing dot in URI path
component, and does not allow URIs with ":$" in it.
Thanks to Vladimir Kochetkov, Positive Research Center.
*) Feature: the "proxy_pass", "fastcgi_pass", "scgi_pass", "uwsgi_pass"
directives, and the "server" directive inside the "upstream" block,
now support IPv6 addresses.
*) Feature: the "resolver" directive now support IPv6 addresses and an
optional port specification.
*) Feature: the "least_conn" directive inside the "upstream" block.
*) Feature: it is now possible to specify a weight for servers while
using the "ip_hash" directive.
*) Bugfix: a segmentation fault might occur in a worker process if the
"image_filter" directive was used; the bug had appeared in 1.3.0.
*) Bugfix: nginx could not be built with ngx_cpp_test_module; the bug
had appeared in 1.1.12.
*) Bugfix: access to variables from SSI and embedded perl module might
not work after reconfiguration.
Thanks to Yichun Zhang.
*) Bugfix: in the ngx_http_xslt_filter_module.
Thanks to Kuramoto Eiji.
*) Bugfix: memory leak if $geoip_org variable was used.
Thanks to Denis F. Latypoff.
*) Bugfix: in the "proxy_cookie_domain" and "proxy_cookie_path"
directives.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "debug_connection" directive now supports IPv6 addresses
and the "unix:" parameter.
*) Feature: the "set_real_ip_from" directive and the "proxy" parameter
of the "geo" directive now support IPv6 addresses.
*) Feature: the "real_ip_recursive", "geoip_proxy", and
"geoip_proxy_recursive" directives.
*) Feature: the "proxy_recursive" parameter of the "geo" directive.
*) Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used.
*) Bugfix: a segmentation fault might occur in a worker process if the
"fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
backend returned incorrect response.
*) Bugfix: a segmentation fault might occur in a worker process if the
"rewrite" directive was used and new request arguments in a
replacement used variables.
*) Bugfix: nginx might hog CPU if the open file resource limit was
reached.
*) Bugfix: nginx might loop infinitely over backends if the
"proxy_next_upstream" directive with the "http_404" parameter was
used and there were backup servers specified in an upstream block.
*) Bugfix: adding the "down" parameter of the "server" directive might
cause unneeded client redistribution among backend servers if the
"ip_hash" directive was used.
*) Bugfix: socket leak.
Thanks to Yichun Zhang.
*) Bugfix: in the ngx_http_fastcgi_module.
|
| |
|
|
|
|
|
|
|
|
|
| |
*) Bugfix: a segmentation fault might occur in a worker process if the
"try_files" directive was used; the bug had appeared in 1.1.19.
*) Bugfix: response might be truncated if there were more than IOV_MAX
buffers used.
*) Bugfix: in the "crop" parameter of the "image_filter" directive.
Thanks to Maxim Bublis.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Security: specially crafted mp4 file might allow to overwrite memory
locations in a worker process if the ngx_http_mp4_module was used,
potentially resulting in arbitrary code execution (CVE-2012-2089).
Thanks to Matthew Daley.
*) Bugfix: nginx/Windows might be terminated abnormally.
Thanks to Vincent Lee.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"backup".
*) Bugfix: the "allow" and "deny" directives might be inherited
incorrectly if they were used with IPv6 addresses.
*) Bugfix: the "modern_browser" and "ancient_browser" directives might
be inherited incorrectly.
*) Bugfix: timeouts might be handled incorrectly on Solaris/SPARC.
*) Bugfix: in the ngx_http_mp4_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: keepalive connections are no longer disabled for Safari by
default.
*) Feature: the $connection_requests variable.
*) Feature: $tcpinfo_rtt, $tcpinfo_rttvar, $tcpinfo_snd_cwnd and
$tcpinfo_rcv_space variables.
*) Feature: the "worker_cpu_affinity" directive now works on FreeBSD.
*) Feature: the "xslt_param" and "xslt_string_param" directives.
Thanks to Samuel Behan.
*) Bugfix: in configure tests.
Thanks to Piotr Sikora.
*) Bugfix: in the ngx_http_xslt_filter_module.
*) Bugfix: nginx could not be built on Debian GNU/Hurd.
|
| |
|
|
|
|
|
|
|
|
|
| |
*) Security: content of previously freed memory might be sent to a
client if backend returned specially crafted response.
Thanks to Matthew Daley.
*) Bugfix: in the embedded perl module if used from SSI.
Thanks to Matthew Daley.
*) Bugfix: in the ngx_http_uwsgi_module.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the simultaneous subrequest limit has been raised to 200.
*) Feature: the "from" parameter of the "disable_symlinks" directive.
*) Feature: the "return" and "error_page" directives can be used to
return 307 redirections.
*) Bugfix: a segmentation fault might occur in a worker process if the
"resolver" directive was used and there was no "error_log" directive
specified at global level.
Thanks to Roman Arutyunyan.
*) Bugfix: a segmentation fault might occur in a worker process if the
"proxy_http_version 1.1" or "fastcgi_keep_conn on" directives were
used.
*) Bugfix: memory leaks.
Thanks to Lanshun Zhou.
*) Bugfix: in the "disable_symlinks" directive.
*) Bugfix: on ZFS filesystem disk cache size might be calculated
incorrectly; the bug had appeared in 1.0.1.
*) Bugfix: nginx could not be built by the icc 12.1 compiler.
*) Bugfix: nginx could not be built by gcc on Solaris; the bug had
appeared in 1.1.15.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "disable_symlinks" directive.
*) Feature: the "proxy_cookie_domain" and "proxy_cookie_path"
directives.
*) Bugfix: nginx might log incorrect error "upstream prematurely closed
connection" instead of correct "upstream sent too big header" one.
Thanks to Feibo Li.
*) Bugfix: nginx could not be built with the ngx_http_perl_module if the
--with-openssl option was used.
*) Bugfix: internal redirects to named locations were not limited.
*) Bugfix: calling $r->flush() multiple times might cause errors in the
ngx_http_gzip_filter_module.
*) Bugfix: temporary files might be not removed if the "proxy_store"
directive were used with SSI includes.
*) Bugfix: in some cases non-cacheable variables (such as the $args
variable) returned old empty cached value.
*) Bugfix: a segmentation fault might occur in a worker process if too
many SSI subrequests were issued simultaneously; the bug had appeared
in 0.7.25.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: multiple "limit_req" limits may be used simultaneously.
*) Bugfix: in error handling while connecting to a backend.
Thanks to Piotr Sikora.
*) Bugfix: in AIO error handling on FreeBSD.
*) Bugfix: in the OpenSSL library initialization.
*) Bugfix: the "proxy_redirect" directives might not be correctly
inherited.
*) Bugfix: memory leak during reconfiguration if the "pcre_jit"
directive was used.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "TLSv1.1" and "TLSv1.2" parameters of the
"ssl_protocols" directive.
*) Bugfix: the "limit_req" directive parameters were not inherited
correctly; the bug had appeared in 1.1.12.
*) Bugfix: the "proxy_redirect" directive incorrectly processed
"Refresh" header if regular expression were used.
*) Bugfix: the "proxy_cache_use_stale" directive with "error" parameter
did not return answer from cache if there were no live upstreams.
*) Bugfix: the "worker_cpu_affinity" directive might not work.
*) Bugfix: nginx could not be built on Solaris; the bug had appeared in
1.1.12.
*) Bugfix: in the ngx_http_mp4_module.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "so_keepalive" parameter of the "listen" directive.
Thanks to Vsevolod Stakhov.
*) Feature: the "if_not_empty" parameter of the
"fastcgi/scgi/uwsgi_param" directives.
*) Feature: the $https variable.
*) Feature: the "proxy_redirect" directive supports variables in the
first parameter.
*) Feature: the "proxy_redirect" directive supports regular expressions.
*) Bugfix: the $sent_http_cache_control variable might contain a wrong
value if the "expires" directive was used.
Thanks to Yichun Zhang.
*) Bugfix: the "read_ahead" directive might not work combined with
"try_files" and "open_file_cache".
*) Bugfix: a segmentation fault might occur in a worker process if small
time was used in the "inactive" parameter of the "proxy_cache_path"
directive.
*) Bugfix: responses from cache might hang.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now double quotes are encoded in an "echo" SSI-command
output.
Thanks to Zaur Abasmirzoev.
*) Feature: the "valid" parameter of the "resolver" directive. By
default TTL returned by a DNS server is used.
Thanks to Kirill A. Korinskiy.
*) Bugfix: nginx might hang after a worker process abnormal termination.
*) Bugfix: a segmentation fault might occur in a worker process if SNI
was used; the bug had appeared in 1.1.2.
*) Bugfix: in the "keepalive_disable" directive; the bug had appeared in
1.1.8.
Thanks to Alexander Usov.
*) Bugfix: SIGWINCH signal did not work after first binary upgrade; the
bug had appeared in 1.1.1.
*) Bugfix: backend responses with length not matching "Content-Length"
header line are no longer cached.
*) Bugfix: in the "scgi_param" directive, if complex parameters were
used.
*) Bugfix: in the "epoll" event method.
Thanks to Yichun Zhang.
*) Bugfix: in the ngx_http_flv_module.
Thanks to Piotr Sikora.
*) Bugfix: in the ngx_http_mp4_module.
*) Bugfix: IPv6 addresses are now handled properly in a request line and
in a "Host" request header line.
*) Bugfix: "add_header" and "expires" directives did not work if a
request was proxied and response status code was 206.
*) Bugfix: nginx could not be built on FreeBSD 10.
*) Bugfix: nginx could not be built on AIX.
Maxim Dounin
_______________________________________________
nginx-announce mailing list
nginx-announce@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-announce
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: the ngx_http_limit_zone_module was renamed to the
ngx_http_limit_conn_module.
*) Change: the "limit_zone" directive was superseded by the
"limit_conn_zone" directive with a new syntax.
*) Feature: support for multiple "limit_conn" limits on the same level.
*) Feature: the "image_filter_sharpen" directive.
*) Bugfix: a segmentation fault might occur in a worker process if
resolver got a big DNS response.
Thanks to Ben Hawkes.
*) Bugfix: in cache key calculation if internal MD5 implementation was
used; the bug had appeared in 1.0.4.
*) Bugfix: the "If-Modified-Since", "If-Range", etc. client request
header lines might be passed to backend while caching; or not passed
without caching if caching was enabled in another part of the
configuration.
*) Bugfix: the module ngx_http_mp4_module sent incorrect
"Content-Length" response header line if the "start" argument was
used.
Thanks to Piotr Sikora.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: support of several resolvers in the "resolver" directive.
Thanks to Kirill A. Korinskiy.
*) Bugfix: a segmentation fault occurred on start or while
reconfiguration if the "ssl" directive was used at http level and
there was no "ssl_certificate" defined.
*) Bugfix: reduced memory consumption while proxying of big files if
they were buffered to disk.
*) Bugfix: a segmentation fault might occur in a worker process if
"proxy_http_version 1.1" directive was used.
*) Bugfix: in the "expires @time" directive.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the ngx_http_upstream_keepalive module.
*) Feature: the "proxy_http_version" directive.
*) Feature: the "fastcgi_keep_conn" directive.
*) Feature: the "worker_aio_requests" directive.
*) Bugfix: if nginx was built --with-file-aio it could not be run on
Linux kernel which did not support AIO.
*) Bugfix: in Linux AIO error processing.
Thanks to Hagai Avrahami.
*) Bugfix: reduced memory consumption for long-lived requests.
*) Bugfix: the module ngx_http_mp4_module did not support 64-bit MP4
"co64" atom.
|
| |
|
|
|
|
|
|
|
|
|
| |
*) Feature: the module ngx_http_mp4_module.
*) Bugfix: in Linux AIO combined with open_file_cache.
*) Bugfix: open_file_cache did not update file info on retest if file
was not atomically changed.
*) Bugfix: nginx could not be built on MacOSX 10.7.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now cache loader processes either as many files as specified
by "loader_files" parameter or works no more than time specified by
"loader_threshold" parameter during each iteration.
*) Change: now SIGWINCH signal works only in deamon mode.
*) Feature: now shared zones and caches use POSIX semaphores on
Solaris.
Thanks to Den Ivanov.
*) Feature: accept filters are now supported on NetBSD.
*) Bugfix: nginx could not be build on Linux 3.0.
*) Bugfix: nginx did not use gzipping in some cases; the bug had
appeared in 1.1.0.
*) Bugfix: request body might be incorrectly processed if client used
pipelining.
*) Bugfix: in the "request_body_in_single_buf" directive.
*) Bugfix: in "proxy_set_body" and "proxy_pass_request_body" directives
if SSL connection to backend was used.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked
as "down".
*) Bugfix: a segmentation fault might occur during reconfiguration if
ssl_session_cache was defined but not used in a previous
configuration.
*) Bugfix: a segmentation fault might occur in a worker process if many
backup servers were used in an upstream.
*) Bugfix: a segmentation fault might occur in a worker process if
"fastcgi/scgi/uwsgi_param" directives were used with values starting
with "HTTP_"; the bug had appeared in 0.8.40.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: cache loader run time decrease.
*) Feature: "loader_files", "loader_sleep", and "loader_threshold"
options of the "proxy/fastcgi/scgi/uwsgi_cache_path" directives.
*) Feature: loading time decrease of configuration with large number of
HTTPS sites.
*) Feature: now nginx supports ECDHE key exchange ciphers.
Thanks to Adrian Kotelba.
*) Feature: the "lingering_close" directive.
Thanks to Maxim Dounin.
*) Bugfix: in closing connection for pipelined requests.
Thanks to Maxim Dounin.
*) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in
"Accept-Encoding" request header line.
*) Bugfix: in timeout in unbuffered proxied mode.
Thanks to Maxim Dounin.
*) Bugfix: memory leaks when a "proxy_pass" directive contains
variables and proxies to an HTTPS backend.
Thanks to Maxim Dounin.
*) Bugfix: in parameter validaiton of a "proxy_pass" directive with
variables.
Thanks to Lanshun Zhou.
*) Bugfix: SSL did not work on QNX.
Thanks to Maxim Dounin.
*) Bugfix: SSL modules could not be built by gcc 4.6 without
--with-debug option.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "auth_basic_user_file" directive supports "$apr1",
"{PLAIN}", and "{SSHA}" password encryption methods.
Thanks to Maxim Dounin.
*) Feature: the "geoip_org" directive and $geoip_org variable.
Thanks to Alexander Uskov, Arnaud Granal, and Denis F. Latypoff.
*) Feature: ngx_http_geo_module and ngx_http_geoip_module support IPv4
addresses mapped to IPv6 addresses.
*) Bugfix: a segmentation fault occurred in a worker process during
testing IPv4 address mapped to IPv6 address, if access or deny rules
were defined only for IPv6; the bug had appeared in 0.8.22.
*) Bugfix: a cached reponse may be broken if proxy/fastcgi/scgi/
uwsgi_cache_bypass and proxy/fastcgi/scgi/uwsgi_no_cache directive
values were different; the bug had appeared in 0.8.46.
|
| |
|
|
|
|
|
|
|
|
| |
*) Feature: now shared zones and caches use POSIX semaphores.
*) Bugfix: in the "rotate" parameter of the "image_filter" directive.
Thanks to Adam Bocim.
*) Bugfix: nginx could not be built on Solaris; the bug had appeared in
1.0.1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now the "split_clients" directive uses MurmurHash2 algorithm
because of better distribution.
Thanks to Oleg Mamontov.
*) Change: now long strings starting with zero are not considered as
false values.
Thanks to Maxim Dounin.
*) Change: now nginx uses a default listen backlog value 511 on Linux.
*) Feature: the $upstream_... variables may be used in the SSI and perl
modules.
*) Bugfix: now nginx limits better disk cache size.
Thanks to Oleg Mamontov.
*) Bugfix: a segmentation fault might occur while parsing incorrect
IPv4 address; the bug had appeared in 0.9.3.
Thanks to Maxim Dounin.
*) Bugfix: nginx could not be built by gcc 4.6 without --with-debug
option.
*) Bugfix: nginx could not be built on Solaris 9 and earlier; the bug
had appeared in 0.9.3.
Thanks to Dagobert Michelsen.
*) Bugfix: $request_time variable had invalid values if subrequests
were used; the bug had appeared in 0.8.47.
Thanks to Igor A. Valcov.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now nginx uses a default listen backlog value -1 on
Linux.
Thanks to Andrei Nigmatulin.
*) Feature: the "utf8" parameter of "geoip_country" and "geoip_city"
directives.
Thanks to Denis F. Latypoff.
*) Bugfix: in a default "proxy_redirect" directive if "proxy_pass"
directive has no URI part.
Thanks to Maxim Dounin.
*) Bugfix: an "error_page" directive did not work with nonstandard
error codes; the bug had appeared in 0.8.53.
Thanks to Maxim Dounin.
|
| |
|
|
|
|
|
|
|
| |
*) Bugfix: if there was a single server for given IPv6 address:port
pair, then captures in regular expressions in a "server_name"
directive did not work.
*) Bugfix: nginx could not be built on Solaris; the bug had appeared in
0.9.0.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: the "keepalive_disable" directive.
*) Feature: the "map" directive supports variables as value of a
defined variable.
*) Feature: the "map" directive supports empty strings as value of the
first parameter.
*) Feature: the "map" directive supports expressions as the first
parameter.
*) Feature: nginx(8) manual page.
Thanks to Sergey Osokin.
*) Feature: Linux accept4() support.
Thanks to Simon Liu.
*) Workaround: elimination of Linux linker warning about "sys_errlist"
and "sys_nerr"; the warning had appeared in 0.8.35.
*) Bugfix: a segmentation fault might occur in a worker process, if the
"auth_basic" directive was used.
Thanks to Michail Laletin.
*) Bugfix: compatibility with ngx_http_eval_module; the bug had
appeared in 0.8.42.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: now the "error_page" directive allows to change a status
code in a redirect.
*) Feature: the "gzip_disable" directive supports special "degradation"
mask.
*) Bugfix: a socket leak might occurred if file AIO was used.
Thanks to Maxim Dounin.
*) Bugfix: if the first server had no "listen" directive and there was
no explicit default server, then a next server with a "listen"
directive became the default server; the bug had appeared in 0.8.21.
|
| |
|
|
|
|
|
|
|
|
| |
*) Change: the "secure_link_expires" directive has been canceled.
*) Change: a logging level of resolver errors has been lowered from
"alert" to "error".
*) Feature: now a listen socket "ssl" parameter may be set several
times.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: ngx_http_xslt_filter improvements.
Thanks to Laurence Rowe.
*) Bugfix: SSI response might be truncated after include with
wait="yes"; the bug had appeared in 0.7.25.
Thanks to Maxim Dounin.
*) Bugfix: the "listen" directive did not support the "setfib=0"
parameter.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Change: now nginx does not cache by default backend responses, if
they have a "Set-Cookie" header line.
*) Feature: the "listen" directive supports the "setfib" parameter.
Thanks to Andrew Filonov.
*) Bugfix: the "sub_filter" directive might change character case on
partial match.
*) Bugfix: compatibility with HP/UX.
*) Bugfix: compatibility with AIX xcl_r compiler.
*) Bugfix: nginx treated a large SSLv2 packets as plain requests.
Thanks to Miroslaw Jaworski.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
*) Feature: large geo ranges base loading speed-up.
*) Bugfix: an error_page redirection to "location /zero { return 204;
}" without changing status code kept the error body; the bug had
appeared in 0.8.42.
*) Bugfix: nginx might close IPv6 listen socket during
reconfiguration.
Thanks to Maxim Dounin.
*) Bugfix: the $uid_set variable may be used at any request processing
stage.
|
