diff options
| author | Igor Sysoev <igor@sysoev.ru> | 2005-10-19 16:33:58 +0400 |
|---|---|---|
| committer | Igor Sysoev <igor@sysoev.ru> | 2005-10-19 16:33:58 +0400 |
| commit | c2068d08f097383b8eac508117e6d405627e6cef (patch) | |
| tree | 06ca21df58481e97289a566f42703102c0b6583c /src/http/modules | |
| parent | 8743f92a1acd46c0a4b0df2bf6a80fc1b110affb (diff) | |
nginx-0.3.3-RELEASE importrelease-0.3.3
*) Change: the "bl" and "af" parameters of the "listen" directive was
renamed to the "backlog" and "accept_filter".
*) Feature: the "rcvbuf" and "sndbuf" parameters of the "listen"
directive.
*) Change: the "$msec" log parameter does not require now the
additional the gettimeofday() system call.
*) Feature: the -t switch now tests the "listen" directives.
*) Bugfix: if the invalid address was specified in the "listen"
directive, then after the -HUP signal nginx left an open socket in
the CLOSED state.
*) Bugfix: the mime type may be incorrectly set to default value for
index file with variable in the name; the bug had appeared in 0.3.0.
*) Feature: the "timer_resolution" directive.
*) Feature: the millisecond "$upstream_response_time" log parameter.
*) Bugfix: a temporary file with client request body now is removed
just after the response header was transferred to a client.
*) Bugfix: OpenSSL 0.9.6 compatibility.
*) Bugfix: the SSL certificate and key file paths could not be relative.
*) Bugfix: the "ssl_prefer_server_ciphers" directive did not work in
the ngx_imap_ssl_module.
*) Bugfix: the "ssl_protocols" directive allowed to specify the single
protocol only.
Diffstat (limited to 'src/http/modules')
| -rw-r--r-- | src/http/modules/ngx_http_autoindex_module.c | 5 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_geo_module.c | 1 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_index_module.c | 33 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_ssi_filter_module.c | 11 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_ssl_module.c | 53 | ||||
| -rw-r--r-- | src/http/modules/ngx_http_static_module.c | 24 |
6 files changed, 88 insertions, 39 deletions
diff --git a/src/http/modules/ngx_http_autoindex_module.c b/src/http/modules/ngx_http_autoindex_module.c index 70f7974c5..3623e2a5f 100644 --- a/src/http/modules/ngx_http_autoindex_module.c +++ b/src/http/modules/ngx_http_autoindex_module.c @@ -144,6 +144,7 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) ngx_dir_t dir; ngx_uint_t i, level; ngx_pool_t *pool; + ngx_time_t *tp; ngx_chain_t out; ngx_array_t entries; ngx_http_autoindex_entry_t *entry; @@ -372,6 +373,8 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) b->last = ngx_cpymem(b->last, "<hr><pre><a href=\"../\">../</a>" CRLF, sizeof("<hr><pre><a href=\"../\">../</a>" CRLF) - 1); + tp = ngx_timeofday(); + for (i = 0; i < entries.nelts; i++) { b->last = ngx_cpymem(b->last, "<a href=\"", sizeof("<a href=\"") - 1); @@ -428,7 +431,7 @@ ngx_http_autoindex_handler(ngx_http_request_t *r) *b->last++ = ' '; - ngx_gmtime(entry[i].mtime + ngx_gmtoff * 60 * alcf->localtime, &tm); + ngx_gmtime(entry[i].mtime + tp->gmtoff * 60 * alcf->localtime, &tm); b->last = ngx_sprintf(b->last, "%02d-%s-%d %02d:%02d ", tm.ngx_tm_mday, diff --git a/src/http/modules/ngx_http_geo_module.c b/src/http/modules/ngx_http_geo_module.c index eedc1f7b2..6d94a069e 100644 --- a/src/http/modules/ngx_http_geo_module.c +++ b/src/http/modules/ngx_http_geo_module.c @@ -123,6 +123,7 @@ ngx_http_geo_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) } tree = ngx_radix_tree_create(cf->pool, -1); + if (tree == NULL) { return NGX_CONF_ERROR; } diff --git a/src/http/modules/ngx_http_index_module.c b/src/http/modules/ngx_http_index_module.c index 01b6d0cab..b7daa6d41 100644 --- a/src/http/modules/ngx_http_index_module.c +++ b/src/http/modules/ngx_http_index_module.c @@ -126,7 +126,8 @@ ngx_http_index_handler(ngx_http_request_t *r) ngx_uint_t i; ngx_http_index_t *index; ngx_http_index_ctx_t *ctx; - ngx_pool_cleanup_file_t *cln; + ngx_pool_cleanup_t *cln; + ngx_pool_cleanup_file_t *clnf; ngx_http_script_code_pt code; ngx_http_script_engine_t e; ngx_http_core_loc_conf_t *clcf; @@ -180,9 +181,9 @@ ngx_http_index_handler(ngx_http_request_t *r) e.ip = index[i].lengths->elts; e.request = r; - /* 1 byte for terminating '\0' and 4 bytes is preallocation */ + /* 1 byte for terminating '\0' */ - len = 1 + 4; + len = 1; while (*(uintptr_t *) e.ip) { lcode = *(ngx_http_script_len_code_pt *) e.ip; @@ -190,6 +191,10 @@ ngx_http_index_handler(ngx_http_request_t *r) } ctx->index.len = len; + + /* 16 bytes are preallocation */ + + len += 16; } if (len > ctx->path.len) { @@ -228,6 +233,11 @@ ngx_http_index_handler(ngx_http_request_t *r) ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0, "open index \"%s\"", ctx->path.data); + cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_pool_cleanup_file_t)); + if (cln == NULL) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + fd = ngx_open_file(ctx->path.data, NGX_FILE_RDONLY, NGX_FILE_OPEN); if (fd == (ngx_fd_t) NGX_AGAIN) { @@ -268,19 +278,12 @@ ngx_http_index_handler(ngx_http_request_t *r) return NGX_HTTP_INTERNAL_SERVER_ERROR; } + cln->handler = ngx_pool_cleanup_file; + clnf = cln->data; - cln = ngx_palloc(r->pool, sizeof(ngx_pool_cleanup_file_t)); - if (cln == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } - - cln->fd = fd; - cln->name = ctx->path.data; - cln->log = r->pool->log; - - if (ngx_pool_cleanup_add(r->pool, ngx_pool_cleanup_file, cln) == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } + clnf->fd = fd; + clnf->name = ctx->path.data; + clnf->log = r->pool->log; clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); diff --git a/src/http/modules/ngx_http_ssi_filter_module.c b/src/http/modules/ngx_http_ssi_filter_module.c index 5f9ee3a42..af82b0e8b 100644 --- a/src/http/modules/ngx_http_ssi_filter_module.c +++ b/src/http/modules/ngx_http_ssi_filter_module.c @@ -1968,6 +1968,7 @@ ngx_http_ssi_date_gmt_local_variable(ngx_http_request_t *r, uintptr_t gmt) { ngx_http_ssi_ctx_t *ctx; ngx_http_variable_value_t *vv; + ngx_time_t *tp; struct tm tm; char buf[NGX_HTTP_SSI_DATE_LEN]; @@ -1976,12 +1977,14 @@ ngx_http_ssi_date_gmt_local_variable(ngx_http_request_t *r, uintptr_t gmt) return NULL; } + tp = ngx_timeofday(); + ctx = ngx_http_get_module_ctx(r, ngx_http_ssi_filter_module); if (ctx->timefmt.len == sizeof("%s") - 1 && ctx->timefmt.data[0] == '%' && ctx->timefmt.data[1] == 's') { - vv->value = ngx_time() + (gmt ? 0 : ngx_gmtoff); + vv->value = tp->sec + (gmt ? 0 : tp->gmtoff); vv->text.data = ngx_palloc(r->pool, NGX_TIME_T_LEN); if (vv->text.data == NULL) { @@ -1994,12 +1997,12 @@ ngx_http_ssi_date_gmt_local_variable(ngx_http_request_t *r, uintptr_t gmt) } if (gmt) { - ngx_libc_gmtime(&tm); + ngx_libc_gmtime(tp->sec, &tm); } else { - ngx_libc_localtime(&tm); + ngx_libc_localtime(tp->sec, &tm); } - vv->value = ngx_time() + (gmt ? 0 : ngx_gmtoff); + vv->value = tp->sec + (gmt ? 0 : tp->gmtoff); vv->text.len = strftime(buf, NGX_HTTP_SSI_DATE_LEN, (char *) ctx->timefmt.data, &tm); diff --git a/src/http/modules/ngx_http_ssl_module.c b/src/http/modules/ngx_http_ssl_module.c index bb9a55f49..09bf63dcf 100644 --- a/src/http/modules/ngx_http_ssl_module.c +++ b/src/http/modules/ngx_http_ssl_module.c @@ -17,6 +17,15 @@ static void *ngx_http_ssl_create_srv_conf(ngx_conf_t *cf); static char *ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child); +#if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) + +static char *ngx_http_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); + +static char ngx_http_ssl_openssl097[] = "OpenSSL 0.9.7 and higher"; + +#endif + static ngx_conf_bitmask_t ngx_http_ssl_protocols[] = { { ngx_string("SSLv2"), NGX_SSL_SSLv2 }, @@ -26,6 +35,7 @@ static ngx_conf_bitmask_t ngx_http_ssl_protocols[] = { }; + static ngx_command_t ngx_http_ssl_commands[] = { { ngx_string("ssl"), @@ -50,14 +60,14 @@ static ngx_command_t ngx_http_ssl_commands[] = { NULL }, { ngx_string("ssl_protocols"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_1MORE, ngx_conf_set_bitmask_slot, NGX_HTTP_SRV_CONF_OFFSET, offsetof(ngx_http_ssl_srv_conf_t, protocols), &ngx_http_ssl_protocols }, { ngx_string("ssl_ciphers"), - NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_1MORE, + NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_TAKE1, ngx_conf_set_str_slot, NGX_HTTP_SRV_CONF_OFFSET, offsetof(ngx_http_ssl_srv_conf_t, ciphers), @@ -65,10 +75,14 @@ static ngx_command_t ngx_http_ssl_commands[] = { { ngx_string("ssl_prefer_server_ciphers"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_CONF_FLAG, +#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE ngx_conf_set_flag_slot, NGX_HTTP_SRV_CONF_OFFSET, offsetof(ngx_http_ssl_srv_conf_t, prefer_server_ciphers), NULL }, +#else + ngx_http_ssl_nosupported, 0, 0, ngx_http_ssl_openssl097 }, +#endif ngx_null_command }; @@ -144,6 +158,8 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) ngx_http_ssl_srv_conf_t *prev = parent; ngx_http_ssl_srv_conf_t *conf = child; + ngx_pool_cleanup_t *cln; + ngx_conf_merge_value(conf->enable, prev->enable, 0); if (conf->enable == 0) { @@ -172,29 +188,37 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) return NGX_CONF_ERROR; } - if (ngx_pool_cleanup_add(cf->pool, ngx_ssl_cleanup_ctx, &conf->ssl) == NULL) - { + cln = ngx_pool_cleanup_add(cf->pool, 0); + if (cln == NULL) { return NGX_CONF_ERROR; } - if (ngx_ssl_certificate(&conf->ssl, conf->certificate.data, - conf->certificate_key.data) != NGX_OK) + cln->handler = ngx_ssl_cleanup_ctx; + cln->data = &conf->ssl; + + if (ngx_ssl_certificate(cf, &conf->ssl, &conf->certificate, + &conf->certificate_key) != NGX_OK) { return NGX_CONF_ERROR; } if (SSL_CTX_set_cipher_list(conf->ssl.ctx, - (const char *) conf->ciphers.data) == 0) + (const char *) conf->ciphers.data) + == 0) { ngx_ssl_error(NGX_LOG_EMERG, cf->log, 0, "SSL_CTX_set_cipher_list(\"%V\") failed", &conf->ciphers); } +#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE + if (conf->prefer_server_ciphers) { SSL_CTX_set_options(conf->ssl.ctx, SSL_OP_CIPHER_SERVER_PREFERENCE); } +#endif + /* a temporary 512-bit RSA key is required for export versions of MSIE */ if (ngx_ssl_generate_rsa512_key(&conf->ssl) != NGX_OK) { return NGX_CONF_ERROR; @@ -207,3 +231,18 @@ ngx_http_ssl_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) return NGX_CONF_OK; } + + +#if !defined (SSL_OP_CIPHER_SERVER_PREFERENCE) + +static char * +ngx_http_ssl_nosupported(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +{ + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "\"%V\" directive is available only in %s,", + &cmd->name, cmd->post); + + return NGX_CONF_ERROR; +} + +#endif diff --git a/src/http/modules/ngx_http_static_module.c b/src/http/modules/ngx_http_static_module.c index c5d5af855..0e995f526 100644 --- a/src/http/modules/ngx_http_static_module.c +++ b/src/http/modules/ngx_http_static_module.c @@ -82,7 +82,8 @@ ngx_http_static_handler(ngx_http_request_t *r) ngx_buf_t *b; ngx_chain_t out; ngx_file_info_t fi; - ngx_pool_cleanup_file_t *cln; + ngx_pool_cleanup_t *cln; + ngx_pool_cleanup_file_t *clnf; ngx_http_core_loc_conf_t *clcf; if (r->uri.data[r->uri.len - 1] == '/') { @@ -119,6 +120,11 @@ ngx_http_static_handler(ngx_http_request_t *r) ngx_log_debug1(NGX_LOG_DEBUG_HTTP, log, 0, "http filename: \"%s\"", path.data); + cln = ngx_pool_cleanup_add(r->pool, sizeof(ngx_pool_cleanup_file_t)); + if (cln == NULL) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } + fd = ngx_open_file(path.data, NGX_FILE_RDONLY, NGX_FILE_OPEN); if (fd == NGX_INVALID_FILE) { @@ -223,18 +229,12 @@ ngx_http_static_handler(ngx_http_request_t *r) log->action = "sending response to client"; - cln = ngx_palloc(r->pool, sizeof(ngx_pool_cleanup_file_t)); - if (cln == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } - - cln->fd = fd; - cln->name = path.data; - cln->log = r->pool->log; + cln->handler = ngx_pool_cleanup_file; + clnf = cln->data; - if (ngx_pool_cleanup_add(r->pool, ngx_pool_cleanup_file, cln) == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; - } + clnf->fd = fd; + clnf->name = path.data; + clnf->log = r->pool->log; r->headers_out.status = NGX_HTTP_OK; r->headers_out.content_length_n = ngx_file_size(&fi); |