Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package nginx for openSUSE:Factory checked in at 2021-04-08 22:12:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nginx (Old) and /work/SRC/openSUSE:Factory/.nginx.new.2401 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx" Thu Apr 8 22:12:59 2021 rev:62 rq:882790 version:1.19.9 Changes: -------- --- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2021-03-18 22:54:34.099506707 +0100 +++ /work/SRC/openSUSE:Factory/.nginx.new.2401/nginx.changes 2021-04-08 22:13:01.689530194 +0200 @@ -1,0 +2,18 @@ +Sat Apr 3 10:29:25 UTC 2021 - ???????? ???????????? <[email protected]> + +- Update to 1.19.9 + * https://nginx.org/en/CHANGES + * Fixed nginx could not be built with the mail proxy module, but + without the ngx_mail_ssl_module; the bug had appeared in 1.19.8. + * Fixed "upstream sent response body larger than indicated content + length" errors might occur when working with gRPC backends; + the bug had appeared in 1.19.1. + * Fixed nginx might not close a connection till keepalive timeout + expiration if the connection was closed by the client while + discarding the request body. + * Fixed nginx might not detect that a connection was already closed + by the client when waiting for auth_delay or limit_req delay, + or when working with backends. + * Fixed in the eventport method. + +------------------------------------------------------------------- Old: ---- nginx-1.19.8.tar.gz nginx-1.19.8.tar.gz.asc New: ---- nginx-1.19.9.tar.gz nginx-1.19.9.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ --- /var/tmp/diff_new_pack.ZeAIwe/_old 2021-04-08 22:13:02.249530745 +0200 +++ /var/tmp/diff_new_pack.ZeAIwe/_new 2021-04-08 22:13:02.253530750 +0200 @@ -23,7 +23,7 @@ %bcond_with ngx_google_perftools # Name: nginx -Version: 1.19.8 +Version: 1.19.9 Release: 0 Summary: A HTTP server and IMAP/POP3 proxy server License: BSD-2-Clause ++++++ nginx-1.19.8.tar.gz -> nginx-1.19.9.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/CHANGES new/nginx-1.19.9/CHANGES --- old/nginx-1.19.8/CHANGES 2021-03-09 16:27:57.000000000 +0100 +++ new/nginx-1.19.9/CHANGES 2021-03-30 16:47:17.000000000 +0200 @@ -1,4 +1,24 @@ +Changes with nginx 1.19.9 30 Mar 2021 + + *) Bugfix: nginx could not be built with the mail proxy module, but + without the ngx_mail_ssl_module; the bug had appeared in 1.19.8. + + *) Bugfix: "upstream sent response body larger than indicated content + length" errors might occur when working with gRPC backends; the bug + had appeared in 1.19.1. + + *) Bugfix: nginx might not close a connection till keepalive timeout + expiration if the connection was closed by the client while + discarding the request body. + + *) Bugfix: nginx might not detect that a connection was already closed + by the client when waiting for auth_delay or limit_req delay, or when + working with backends. + + *) Bugfix: in the eventport method. + + Changes with nginx 1.19.8 09 Mar 2021 *) Feature: flags in the "proxy_cookie_flags" directive can now contain diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/CHANGES.ru new/nginx-1.19.9/CHANGES.ru --- old/nginx-1.19.8/CHANGES.ru 2021-03-09 16:27:54.000000000 +0100 +++ new/nginx-1.19.9/CHANGES.ru 2021-03-30 16:47:15.000000000 +0200 @@ -1,4 +1,24 @@ +?????????????????? ?? nginx 1.19.9 30.03.2021 + + *) ??????????????????????: nginx ???? ?????????????????? ?? ???????????????? ????????????-????????????????, ???? ?????? + ???????????? ngx_mail_ssl_module; ???????????? ?????????????????? ?? 1.19.8. + + *) ??????????????????????: ?????? ???????????? ?? gRPC-?????????????????? ?????????? ?????????????????? ???????????? + "upstream sent response body larger than indicated content length"; + ???????????? ?????????????????? ?? 1.19.1. + + *) ??????????????????????: ???????? ???????????? ???????????????? ???????????????????? ?? ???????????? ???????????????????????? + ???????? ??????????????, nginx ?????? ???? ?????????????? ???????????????????? ???? ?????????????????? + keepalive-????????????????. + + *) ??????????????????????: ?????? ???????????????? ???????????????? limit_req ?????? auth_delay, ?? ?????????? + ?????? ???????????? ?? ?????????????????? nginx ?????? ???? ????????????????????, ?????? ???????????????????? ?????? + ?????????????? ????????????????. + + *) ??????????????????????: ?? ???????????? ?????????????????? ???????????????????? eventport. + + ?????????????????? ?? nginx 1.19.8 09.03.2021 *) ????????????????????: ?? ?????????????????? proxy_cookie_flags ???????????? ?????????? ?????????? diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/core/nginx.h new/nginx-1.19.9/src/core/nginx.h --- old/nginx-1.19.8/src/core/nginx.h 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/core/nginx.h 2021-03-30 16:47:11.000000000 +0200 @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1019008 -#define NGINX_VERSION "1.19.8" +#define nginx_version 1019009 +#define NGINX_VERSION "1.19.9" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/core/ngx_resolver.c new/nginx-1.19.9/src/core/ngx_resolver.c --- old/nginx-1.19.8/src/core/ngx_resolver.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/core/ngx_resolver.c 2021-03-30 16:47:11.000000000 +0200 @@ -1563,13 +1563,28 @@ do { n = ngx_udp_recv(c, buf, NGX_RESOLVER_UDP_SIZE); - if (n < 0) { - return; + if (n == NGX_AGAIN) { + break; + } + + if (n == NGX_ERROR) { + goto failed; } ngx_resolver_process_response(rec->resolver, buf, n, 0); } while (rev->ready); + + if (ngx_handle_read_event(rev, 0) != NGX_OK) { + goto failed; + } + + return; + +failed: + + ngx_close_connection(rec->udp); + rec->udp = NULL; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/event/modules/ngx_eventport_module.c new/nginx-1.19.9/src/event/modules/ngx_eventport_module.c --- old/nginx-1.19.8/src/event/modules/ngx_eventport_module.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/event/modules/ngx_eventport_module.c 2021-03-30 16:47:11.000000000 +0200 @@ -399,7 +399,7 @@ return NGX_ERROR; } - } else { + } else if (ev->active) { ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ev->log, 0, "eventport del event: fd:%d", c->fd); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/event/ngx_event.c new/nginx-1.19.9/src/event/ngx_event.c --- old/nginx-1.19.8/src/event/ngx_event.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/event/ngx_event.c 2021-03-30 16:47:11.000000000 +0200 @@ -257,9 +257,7 @@ ngx_shmtx_unlock(&ngx_accept_mutex); } - if (delta) { - ngx_event_expire_timers(); - } + ngx_event_expire_timers(); ngx_event_process_posted(cycle, &ngx_posted_events); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/http/modules/ngx_http_grpc_module.c new/nginx-1.19.9/src/http/modules/ngx_http_grpc_module.c --- old/nginx-1.19.8/src/http/modules/ngx_http_grpc_module.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/http/modules/ngx_http_grpc_module.c 2021-03-30 16:47:11.000000000 +0200 @@ -2074,17 +2074,6 @@ return NGX_ERROR; } - if (ctx->length != -1) { - if ((off_t) ctx->rest > ctx->length) { - ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, - "upstream sent response body larger " - "than indicated content length"); - return NGX_ERROR; - } - - ctx->length -= ctx->rest; - } - if (ctx->rest > ctx->recv_window) { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "upstream violated stream flow control, " @@ -2450,6 +2439,18 @@ b->pos = b->last; buf->last = b->pos; + if (ctx->length != -1) { + + if (buf->last - buf->pos > ctx->length) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "upstream sent response body larger " + "than indicated content length"); + return NGX_ERROR; + } + + ctx->length -= buf->last - buf->pos; + } + return NGX_AGAIN; } @@ -2457,6 +2458,18 @@ buf->last = b->pos; ctx->rest = ctx->padding; + if (ctx->length != -1) { + + if (buf->last - buf->pos > ctx->length) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "upstream sent response body larger " + "than indicated content length"); + return NGX_ERROR; + } + + ctx->length -= buf->last - buf->pos; + } + done: if (ctx->padding) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/http/modules/ngx_http_limit_req_module.c new/nginx-1.19.9/src/http/modules/ngx_http_limit_req_module.c --- old/nginx-1.19.8/src/http/modules/ngx_http_limit_req_module.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/http/modules/ngx_http_limit_req_module.c 2021-03-30 16:47:11.000000000 +0200 @@ -310,8 +310,13 @@ r->main->limit_req_status = NGX_HTTP_LIMIT_REQ_DELAYED; - if (ngx_handle_read_event(r->connection->read, 0) != NGX_OK) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + if (r->connection->read->ready) { + ngx_post_event(r->connection->read, &ngx_posted_events); + + } else { + if (ngx_handle_read_event(r->connection->read, 0) != NGX_OK) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } } r->read_event_handler = ngx_http_test_reading; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/http/ngx_http_core_module.c new/nginx-1.19.9/src/http/ngx_http_core_module.c --- old/nginx-1.19.8/src/http/ngx_http_core_module.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/http/ngx_http_core_module.c 2021-03-30 16:47:11.000000000 +0200 @@ -1190,8 +1190,13 @@ ngx_log_error(NGX_LOG_INFO, r->connection->log, 0, "delaying unauthorized request"); - if (ngx_handle_read_event(r->connection->read, 0) != NGX_OK) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + if (r->connection->read->ready) { + ngx_post_event(r->connection->read, &ngx_posted_events); + + } else { + if (ngx_handle_read_event(r->connection->read, 0) != NGX_OK) { + return NGX_HTTP_INTERNAL_SERVER_ERROR; + } } r->read_event_handler = ngx_http_test_reading; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/http/ngx_http_request.c new/nginx-1.19.9/src/http/ngx_http_request.c --- old/nginx-1.19.8/src/http/ngx_http_request.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/http/ngx_http_request.c 2021-03-30 16:47:11.000000000 +0200 @@ -2643,11 +2643,6 @@ ngx_del_timer(c->write); } - if (c->read->eof) { - ngx_http_close_request(r, 0); - return; - } - ngx_http_finalize_connection(r); } @@ -2746,6 +2741,11 @@ r = r->main; + if (r->connection->read->eof) { + ngx_http_close_request(r, 0); + return; + } + if (r->reading_body) { r->keepalive = 0; r->lingering_close = 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/http/ngx_http_upstream.c new/nginx-1.19.9/src/http/ngx_http_upstream.c --- old/nginx-1.19.8/src/http/ngx_http_upstream.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/http/ngx_http_upstream.c 2021-03-30 16:47:11.000000000 +0200 @@ -607,6 +607,17 @@ u->store = u->conf->store; if (!u->store && !r->post_action && !u->conf->ignore_client_abort) { + + if (r->connection->read->ready) { + ngx_post_event(r->connection->read, &ngx_posted_events); + + } else { + if (ngx_handle_read_event(r->connection->read, 0) != NGX_OK) { + ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); + return; + } + } + r->read_event_handler = ngx_http_upstream_rd_check_broken_connection; r->write_event_handler = ngx_http_upstream_wr_check_broken_connection; } @@ -3011,9 +3022,7 @@ return; } - if (u->peer.connection->read->ready || u->length == 0) { - ngx_http_upstream_process_non_buffered_upstream(r, u); - } + ngx_http_upstream_process_non_buffered_upstream(r, u); } return; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/http/v2/ngx_http_v2.c new/nginx-1.19.9/src/http/v2/ngx_http_v2.c --- old/nginx-1.19.8/src/http/v2/ngx_http_v2.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/http/v2/ngx_http_v2.c 2021-03-30 16:47:11.000000000 +0200 @@ -1368,7 +1368,9 @@ clcf = ngx_http_get_module_loc_conf(h2c->http_connection->conf_ctx, ngx_http_core_module); - if (h2c->connection->requests >= clcf->keepalive_requests) { + if (clcf->keepalive_timeout == 0 + || h2c->connection->requests >= clcf->keepalive_requests) + { h2c->goaway = 1; if (ngx_http_v2_send_goaway(h2c, NGX_HTTP_V2_NO_ERROR) == NGX_ERROR) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/mail/ngx_mail_auth_http_module.c new/nginx-1.19.9/src/mail/ngx_mail_auth_http_module.c --- old/nginx-1.19.8/src/mail/ngx_mail_auth_http_module.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/mail/ngx_mail_auth_http_module.c 2021-03-30 16:47:11.000000000 +0200 @@ -1135,10 +1135,10 @@ size_t len; ngx_buf_t *b; ngx_str_t login, passwd; + ngx_connection_t *c; #if (NGX_MAIL_SSL) ngx_str_t verify, subject, issuer, serial, fingerprint, raw_cert, cert; - ngx_connection_t *c; ngx_mail_ssl_conf_t *sslcf; #endif ngx_mail_core_srv_conf_t *cscf; @@ -1151,9 +1151,10 @@ return NULL; } + c = s->connection; + #if (NGX_MAIL_SSL) - c = s->connection; sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); if (c->ssl && sslcf->verify) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/mail/ngx_mail_handler.c new/nginx-1.19.9/src/mail/ngx_mail_handler.c --- old/nginx-1.19.8/src/mail/ngx_mail_handler.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/mail/ngx_mail_handler.c 2021-03-30 16:47:11.000000000 +0200 @@ -272,16 +272,17 @@ static void ngx_mail_init_session_handler(ngx_event_t *rev) { - ngx_connection_t *c; - ngx_mail_session_t *s; + ngx_connection_t *c; c = rev->data; - s = c->data; #if (NGX_MAIL_SSL) { + ngx_mail_session_t *s; ngx_mail_ssl_conf_t *sslcf; + s = c->data; + sslcf = ngx_mail_get_module_srv_conf(s, ngx_mail_ssl_module); if (sslcf->enable || s->ssl) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.19.8/src/os/unix/ngx_process_cycle.c new/nginx-1.19.9/src/os/unix/ngx_process_cycle.c --- old/nginx-1.19.8/src/os/unix/ngx_process_cycle.c 2021-03-09 16:27:51.000000000 +0100 +++ new/nginx-1.19.9/src/os/unix/ngx_process_cycle.c 2021-03-30 16:47:11.000000000 +0200 @@ -15,7 +15,7 @@ ngx_int_t type); static void ngx_start_cache_manager_processes(ngx_cycle_t *cycle, ngx_uint_t respawn); -static void ngx_pass_open_channel(ngx_cycle_t *cycle, ngx_channel_t *ch); +static void ngx_pass_open_channel(ngx_cycle_t *cycle); static void ngx_signal_worker_processes(ngx_cycle_t *cycle, int signo); static ngx_uint_t ngx_reap_children(ngx_cycle_t *cycle); static void ngx_master_process_exit(ngx_cycle_t *cycle); @@ -335,25 +335,16 @@ static void ngx_start_worker_processes(ngx_cycle_t *cycle, ngx_int_t n, ngx_int_t type) { - ngx_int_t i; - ngx_channel_t ch; + ngx_int_t i; ngx_log_error(NGX_LOG_NOTICE, cycle->log, 0, "start worker processes"); - ngx_memzero(&ch, sizeof(ngx_channel_t)); - - ch.command = NGX_CMD_OPEN_CHANNEL; - for (i = 0; i < n; i++) { ngx_spawn_process(cycle, ngx_worker_process_cycle, (void *) (intptr_t) i, "worker process", type); - ch.pid = ngx_processes[ngx_process_slot].pid; - ch.slot = ngx_process_slot; - ch.fd = ngx_processes[ngx_process_slot].channel[0]; - - ngx_pass_open_channel(cycle, &ch); + ngx_pass_open_channel(cycle); } } @@ -361,9 +352,8 @@ static void ngx_start_cache_manager_processes(ngx_cycle_t *cycle, ngx_uint_t respawn) { - ngx_uint_t i, manager, loader; - ngx_path_t **path; - ngx_channel_t ch; + ngx_uint_t i, manager, loader; + ngx_path_t **path; manager = 0; loader = 0; @@ -388,14 +378,7 @@ &ngx_cache_manager_ctx, "cache manager process", respawn ? NGX_PROCESS_JUST_RESPAWN : NGX_PROCESS_RESPAWN); - ngx_memzero(&ch, sizeof(ngx_channel_t)); - - ch.command = NGX_CMD_OPEN_CHANNEL; - ch.pid = ngx_processes[ngx_process_slot].pid; - ch.slot = ngx_process_slot; - ch.fd = ngx_processes[ngx_process_slot].channel[0]; - - ngx_pass_open_channel(cycle, &ch); + ngx_pass_open_channel(cycle); if (loader == 0) { return; @@ -405,19 +388,20 @@ &ngx_cache_loader_ctx, "cache loader process", respawn ? NGX_PROCESS_JUST_SPAWN : NGX_PROCESS_NORESPAWN); - ch.command = NGX_CMD_OPEN_CHANNEL; - ch.pid = ngx_processes[ngx_process_slot].pid; - ch.slot = ngx_process_slot; - ch.fd = ngx_processes[ngx_process_slot].channel[0]; - - ngx_pass_open_channel(cycle, &ch); + ngx_pass_open_channel(cycle); } static void -ngx_pass_open_channel(ngx_cycle_t *cycle, ngx_channel_t *ch) +ngx_pass_open_channel(ngx_cycle_t *cycle) { - ngx_int_t i; + ngx_int_t i; + ngx_channel_t ch; + + ch.command = NGX_CMD_OPEN_CHANNEL; + ch.pid = ngx_processes[ngx_process_slot].pid; + ch.slot = ngx_process_slot; + ch.fd = ngx_processes[ngx_process_slot].channel[0]; for (i = 0; i < ngx_last_process; i++) { @@ -430,14 +414,14 @@ ngx_log_debug6(NGX_LOG_DEBUG_CORE, cycle->log, 0, "pass channel s:%i pid:%P fd:%d to s:%i pid:%P fd:%d", - ch->slot, ch->pid, ch->fd, + ch.slot, ch.pid, ch.fd, i, ngx_processes[i].pid, ngx_processes[i].channel[0]); /* TODO: NGX_AGAIN */ ngx_write_channel(ngx_processes[i].channel[0], - ch, sizeof(ngx_channel_t), cycle->log); + &ch, sizeof(ngx_channel_t), cycle->log); } } @@ -621,12 +605,7 @@ } - ch.command = NGX_CMD_OPEN_CHANNEL; - ch.pid = ngx_processes[ngx_process_slot].pid; - ch.slot = ngx_process_slot; - ch.fd = ngx_processes[ngx_process_slot].channel[0]; - - ngx_pass_open_channel(cycle, &ch); + ngx_pass_open_channel(cycle); live = 1;
