Hello community, here is the log from the commit of package nginx for openSUSE:Factory checked in at 2019-12-30 12:35:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nginx (Old) and /work/SRC/openSUSE:Factory/.nginx.new.6675 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx" Mon Dec 30 12:35:29 2019 rev:44 rq:759966 version:1.17.7 Changes: -------- --- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2019-12-02 11:38:04.206457257 +0100 +++ /work/SRC/openSUSE:Factory/.nginx.new.6675/nginx.changes 2019-12-30 12:35:32.939827637 +0100 @@ -1,0 +2,22 @@ +Sat Dec 28 11:03:16 UTC 2019 - Илья Индиго <[email protected]> + +- Refresh spec-file via spec-cleaner. +- Add in service-file Wants=network-online.target (boo#1155690) +- Update to 1.17.7 + * https://nginx.org/en/CHANGES + * A segmentation fault might occur on start or during + reconfiguration if the "rewrite" directive with an empty + replacement string was used in the configuration. + * A segmentation fault might occur in a worker process if the + "break" directive was used with the "alias" directive or with + the "proxy_pass" directive with a URI. + * The "Location" response header line might contain garbage if + the request URI was rewritten to the one containing a null character. + * Requests with bodies were handled incorrectly when returning redirections + with the "error_page" directive; the bug had appeared in 0.7.12. + * Socket leak when using HTTP/2. + * A timeout might occur while handling pipelined requests in an + SSL connection; the bug had appeared in 1.17.5. + * Bugfix in the ngx_http_dav_module. + +------------------------------------------------------------------- Old: ---- nginx-1.17.6.tar.gz nginx-1.17.6.tar.gz.asc New: ---- nginx-1.17.7.tar.gz nginx-1.17.7.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ --- /var/tmp/diff_new_pack.JQGplW/_old 2019-12-30 12:35:34.851828663 +0100 +++ /var/tmp/diff_new_pack.JQGplW/_new 2019-12-30 12:35:34.855828665 +0100 @@ -1,7 +1,7 @@ # # spec file for package nginx # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,21 +16,43 @@ # -%bcond_with cpp_test -%bcond_with google_perftools - +%{!?vim_data_dir:%global vim_data_dir %{_datadir}/vim/%(readlink %{_datadir}/vim/current)} +%define pkg_name nginx +%define ngx_prefix %{_prefix} +%define ngx_sbin_path %{_sbindir}/nginx +%define ngx_module_dir %{_libdir}/nginx/modules +%define ngx_conf_dir %{_sysconfdir}/nginx +%define ngx_conf_path %{ngx_conf_dir}/nginx.conf +%define ngx_log_dir %{_localstatedir}/log/nginx +%define ngx_error_log %{ngx_log_dir}/error.log +%define ngx_access_log %{ngx_log_dir}/access.log +%define ngx_home %{_localstatedir}/lib/nginx +%define ngx_tmp_http %{ngx_home}/tmp/ +%define ngx_tmp_proxy %{ngx_home}/proxy/ +%define ngx_tmp_fcgi %{ngx_home}/fastcgi/ +%define ngx_tmp_scgi %{ngx_home}/scgi/ +%define ngx_tmp_uwsgi %{ngx_home}/uwsgi/ +%define ngx_user_group nginx +%define ngx_doc_dir %{_docdir}/%{name} +%define ngx_fancyindex_version 0.4.2 +%define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version} +%define headers_more_nginx_version 0.33 +%define headers_more_nginx_module_path headers-more-nginx-module-%{headers_more_nginx_version} +%define nginx_upstream_check_version 0.3.0 +%define nginx_upstream_check_module_path nginx_upstream_check_module-%{nginx_upstream_check_version} +%define nginx_rtmp_version 1.2.1 +%define nginx_rtmp_module_path nginx-rtmp-module-%{nginx_rtmp_version} +%define src_install_dir %{_prefix}/src/%{name} %if 0%{?is_opensuse} %bcond_without extra_modules %else %bcond_with extra_modules %endif - %if 0%{?suse_version} != 1315 || 0%{?is_opensuse} %bcond_without libatomic %else %bcond_with libatomic %endif - %if 0%{?suse_version} > 1220 %bcond_without http2 %bcond_without pcre_jit @@ -40,25 +62,8 @@ %bcond_with pcre_jit %bcond_with systemd %endif - -%{!?vim_data_dir:%global vim_data_dir /usr/share/vim/%(readlink /usr/share/vim/current)} - -%define pkg_name nginx -%define ngx_prefix %{_prefix} -%define ngx_sbin_path %{_sbindir}/nginx -%define ngx_module_dir %{_libdir}/nginx/modules -%define ngx_conf_dir %{_sysconfdir}/nginx -%define ngx_conf_path %{ngx_conf_dir}/nginx.conf -%define ngx_log_dir %{_localstatedir}/log/nginx -%define ngx_error_log %{ngx_log_dir}/error.log -%define ngx_access_log %{ngx_log_dir}/access.log -%define ngx_home %{_localstatedir}/lib/nginx -%define ngx_tmp_http %{ngx_home}/tmp/ -%define ngx_tmp_proxy %{ngx_home}/proxy/ -%define ngx_tmp_fcgi %{ngx_home}/fastcgi/ -%define ngx_tmp_scgi %{ngx_home}/scgi/ -%define ngx_tmp_uwsgi %{ngx_home}/uwsgi/ -%define ngx_user_group nginx +%bcond_with cpp_test +%bcond_with google_perftools # %if %{with systemd} %define ngx_pid_path /run/nginx.pid @@ -67,25 +72,10 @@ %define ngx_pid_path %{_localstatedir}/run/nginx.pid %define ngx_lock_path %{_localstatedir}/run/nginx.lock %endif -%define ngx_doc_dir %{_datadir}/doc/packages/%{name} # Name: nginx -Version: 1.17.6 +Version: 1.17.7 Release: 0 -%define ngx_fancyindex_version 0.4.2 -%define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version} - -%define headers_more_nginx_version 0.33 -%define headers_more_nginx_module_path headers-more-nginx-module-%{headers_more_nginx_version} - -%define nginx_upstream_check_version 0.3.0 -%define nginx_upstream_check_module_path nginx_upstream_check_module-%{nginx_upstream_check_version} - -%define nginx_rtmp_version 1.2.1 -%define nginx_rtmp_module_path nginx-rtmp-module-%{nginx_rtmp_version} - -%define src_install_dir /usr/src/%{name} - Summary: A HTTP server and IMAP/POP3 proxy server License: BSD-2-Clause Group: Productivity/Networking/Web/Proxy @@ -99,7 +89,7 @@ Source6: https://github.com/yaoweibin/nginx_upstream_check_module/archive/v%{nginx_upstream_check_version}/%{nginx_upstream_check_module_path}.tar.gz Source7: https://github.com/arut/nginx-rtmp-module/archive/v%{nginx_rtmp_version}/%{nginx_rtmp_module_path}.tar.gz Source100: nginx.rpmlintrc -Source101: http://nginx.org/download/nginx-%{version}.tar.gz.asc +Source101: https://nginx.org/download/nginx-%{version}.tar.gz.asc Source102: https://nginx.org/keys/mdounin.key#/%{name}.keyring # PATCH-FIX-UPSTREAM nginx-1.11.2-no_Werror.patch Patch0: nginx-1.11.2-no_Werror.patch @@ -115,6 +105,8 @@ Patch5: check_1.9.2+.patch BuildRequires: gcc-c++ BuildRequires: gd-devel +# +BuildRequires: libGeoIP-devel BuildRequires: libxslt-devel BuildRequires: openssl-devel BuildRequires: pcre-devel @@ -122,15 +114,13 @@ BuildRequires: vim BuildRequires: zlib-devel %requires_eq perl -Requires(pre): pwdutils +Requires(pre): shadow Recommends: logrotate Recommends: vim-plugin-nginx -Conflicts: otherproviders(nginx) +Conflicts: nginx Provides: http_daemon Provides: httpd # -BuildRequires: libGeoIP-devel -# %if %{with google_perftools} BuildRequires: google-perftools-devel %endif @@ -154,10 +144,11 @@ %package -n vim-plugin-nginx Summary: VIM support for nginx config files Group: Productivity/Text/Editors +%requires_eq vim %if 0%{?suse_version} > 1110 BuildArch: noarch %endif -%requires_eq vim + %description -n vim-plugin-nginx nginx [engine x] is a HTTP server and IMAP/POP3 proxy server written by Igor Sysoev. It has been running on many heavily loaded Russian sites for more than two years. @@ -192,6 +183,7 @@ %endif %build +# FIXME: you should use the %%configure macro ./configure \ --prefix=%{ngx_prefix}/ \ --sbin-path=%{ngx_sbin_path} \ ++++++ nginx-1.17.6.tar.gz -> nginx-1.17.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/CHANGES new/nginx-1.17.7/CHANGES --- old/nginx-1.17.6/CHANGES 2019-11-19 15:19:02.000000000 +0100 +++ new/nginx-1.17.7/CHANGES 2019-12-24 16:00:14.000000000 +0100 @@ -1,4 +1,29 @@ +Changes with nginx 1.17.7 24 Dec 2019 + + *) Bugfix: a segmentation fault might occur on start or during + reconfiguration if the "rewrite" directive with an empty replacement + string was used in the configuration. + + *) Bugfix: a segmentation fault might occur in a worker process if the + "break" directive was used with the "alias" directive or with the + "proxy_pass" directive with a URI. + + *) Bugfix: the "Location" response header line might contain garbage if + the request URI was rewritten to the one containing a null character. + + *) Bugfix: requests with bodies were handled incorrectly when returning + redirections with the "error_page" directive; the bug had appeared in + 0.7.12. + + *) Bugfix: socket leak when using HTTP/2. + + *) Bugfix: a timeout might occur while handling pipelined requests in an + SSL connection; the bug had appeared in 1.17.5. + + *) Bugfix: in the ngx_http_dav_module. + + Changes with nginx 1.17.6 19 Nov 2019 *) Feature: the $proxy_protocol_server_addr and diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/CHANGES.ru new/nginx-1.17.7/CHANGES.ru --- old/nginx-1.17.6/CHANGES.ru 2019-11-19 15:19:01.000000000 +0100 +++ new/nginx-1.17.7/CHANGES.ru 2019-12-24 16:00:12.000000000 +0100 @@ -1,4 +1,29 @@ +Изменения в nginx 1.17.7 24.12.2019 + + *) Исправление: на старте или во время переконфигурации мог произойти + segmentation fault, если в конфигурации использовалась директива + rewrite с пустой строкой замены. + + *) Исправление: в рабочем процессе мог произойти segmentation fault, + если директива break использовалась совместно с директивой alias или + директивой proxy_pass с URI. + + *) Исправление: строка Location заголовка ответа могла содержать мусор, + если URI запроса был изменён на URI, содержащий нулевой символ. + + *) Исправление: при возврате перенаправлений с помощью директивы + error_page запросы с телом обрабатывались некорректно; ошибка + появилась в 0.7.12. + + *) Исправление: утечки сокетов при использовании HTTP/2. + + *) Исправление: при обработке pipelined-запросов по SSL-соединению мог + произойти таймаут; ошибка появилась в 1.17.5. + + *) Исправление: в модуле ngx_http_dav_module. + + Изменения в nginx 1.17.6 19.11.2019 *) Добавление: переменные $proxy_protocol_server_addr и diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/man/nginx.8 new/nginx-1.17.7/man/nginx.8 --- old/nginx-1.17.6/man/nginx.8 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/man/nginx.8 2019-12-24 16:00:09.000000000 +0100 @@ -1,5 +1,5 @@ .\" -.\" Copyright (C) 2010 Sergey A. Osokin +.\" Copyright (C) 2010, 2019 Sergey A. Osokin .\" Copyright (C) Nginx, Inc. .\" All rights reserved. .\" @@ -25,7 +25,7 @@ .\" SUCH DAMAGE. .\" .\" -.Dd June 16, 2015 +.Dd December 5, 2019 .Dt NGINX 8 .Os .Sh NAME @@ -42,7 +42,8 @@ .Nm (pronounced .Dq engine x ) -is an HTTP and reverse proxy server, as well as a mail proxy server. +is an HTTP and reverse proxy server, a mail proxy server, and a generic +TCP/UDP proxy server. It is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption. .Pp @@ -82,15 +83,15 @@ .It Cm reload .Dv SIGHUP .El +.It Fl T +Same as +.Fl t , +but additionally dump configuration files to standard output. .It Fl t Do not run, just test the configuration file. .Nm checks the configuration file syntax and then tries to open files referenced in the configuration file. -.It Fl T -Same as -.Fl t , -but additionally dump configuration files to standard output. .It Fl V Print the .Nm diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/core/nginx.h new/nginx-1.17.7/src/core/nginx.h --- old/nginx-1.17.6/src/core/nginx.h 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/core/nginx.h 2019-12-24 16:00:09.000000000 +0100 @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1017006 -#define NGINX_VERSION "1.17.6" +#define nginx_version 1017007 +#define NGINX_VERSION "1.17.7" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/event/ngx_event.c new/nginx-1.17.7/src/event/ngx_event.c --- old/nginx-1.17.6/src/event/ngx_event.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/event/ngx_event.c 2019-12-24 16:00:09.000000000 +0100 @@ -238,8 +238,6 @@ } if (!ngx_queue_empty(&ngx_posted_next_events)) { - ngx_queue_add(&ngx_posted_events, &ngx_posted_next_events); - ngx_queue_init(&ngx_posted_next_events); timer = 0; } @@ -263,6 +261,7 @@ } ngx_event_process_posted(cycle, &ngx_posted_events); + ngx_event_process_posted_next(cycle, &ngx_posted_next_events); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/event/ngx_event_openssl.c new/nginx-1.17.7/src/event/ngx_event_openssl.c --- old/nginx-1.17.6/src/event/ngx_event_openssl.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/event/ngx_event_openssl.c 2019-12-24 16:00:09.000000000 +0100 @@ -43,7 +43,6 @@ #endif static ngx_int_t ngx_ssl_handle_recv(ngx_connection_t *c, int n); static void ngx_ssl_write_handler(ngx_event_t *wev); -static void ngx_ssl_next_read_handler(ngx_event_t *rev); #ifdef SSL_READ_EARLY_DATA_SUCCESS static ssize_t ngx_ssl_write_early(ngx_connection_t *c, u_char *data, size_t size); @@ -2018,11 +2017,6 @@ c->read->available = 0; c->read->ready = 0; - if (c->ssl->next_read_handler == NULL) { - c->ssl->next_read_handler = c->read->handler; - c->read->handler = ngx_ssl_next_read_handler; - } - ngx_post_event(c->read, &ngx_posted_next_events); } @@ -2328,31 +2322,6 @@ } -static void -ngx_ssl_next_read_handler(ngx_event_t *rev) -{ - ngx_connection_t *c; - - c = rev->data; - - ngx_log_debug0(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL next read handler"); - - rev->handler = c->ssl->next_read_handler; - c->ssl->next_read_handler = NULL; - - if (!rev->ready) { - rev->ready = 1; - rev->available = -1; - } - - if (rev->posted) { - ngx_delete_posted_event(rev); - } - - rev->handler(rev); -} - - /* * OpenSSL has no SSL_writev() so we copy several bufs into our 16K buffer * before the SSL_write() call to decrease a SSL overhead. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/event/ngx_event_openssl.h new/nginx-1.17.7/src/event/ngx_event_openssl.h --- old/nginx-1.17.6/src/event/ngx_event_openssl.h 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/event/ngx_event_openssl.h 2019-12-24 16:00:09.000000000 +0100 @@ -86,7 +86,6 @@ ngx_event_handler_pt saved_read_handler; ngx_event_handler_pt saved_write_handler; - ngx_event_handler_pt next_read_handler; u_char early_buf; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/event/ngx_event_posted.c new/nginx-1.17.7/src/event/ngx_event_posted.c --- old/nginx-1.17.6/src/event/ngx_event_posted.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/event/ngx_event_posted.c 2019-12-24 16:00:09.000000000 +0100 @@ -34,3 +34,29 @@ ev->handler(ev); } } + + +void +ngx_event_process_posted_next(ngx_cycle_t *cycle, ngx_queue_t *posted) +{ + ngx_queue_t *q; + ngx_event_t *ev; + + while (!ngx_queue_empty(posted)) { + + q = ngx_queue_head(posted); + ev = ngx_queue_data(q, ngx_event_t, queue); + + ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0, + "posted next event %p", ev); + + ngx_delete_posted_event(ev); + + if (!ev->ready) { + ev->ready = 1; + ev->available = -1; + } + + ev->handler(ev); + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/event/ngx_event_posted.h new/nginx-1.17.7/src/event/ngx_event_posted.h --- old/nginx-1.17.6/src/event/ngx_event_posted.h 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/event/ngx_event_posted.h 2019-12-24 16:00:09.000000000 +0100 @@ -39,6 +39,7 @@ void ngx_event_process_posted(ngx_cycle_t *cycle, ngx_queue_t *posted); +void ngx_event_process_posted_next(ngx_cycle_t *cycle, ngx_queue_t *posted); extern ngx_queue_t ngx_posted_accept_events; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/modules/ngx_http_dav_module.c new/nginx-1.17.7/src/http/modules/ngx_http_dav_module.c --- old/nginx-1.17.6/src/http/modules/ngx_http_dav_module.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/modules/ngx_http_dav_module.c 2019-12-24 16:00:09.000000000 +0100 @@ -56,7 +56,7 @@ static ngx_int_t ngx_http_dav_depth(ngx_http_request_t *r, ngx_int_t dflt); static ngx_int_t ngx_http_dav_error(ngx_log_t *log, ngx_err_t err, ngx_int_t not_found, char *failed, u_char *path); -static ngx_int_t ngx_http_dav_location(ngx_http_request_t *r, u_char *path); +static ngx_int_t ngx_http_dav_location(ngx_http_request_t *r); static void *ngx_http_dav_create_loc_conf(ngx_conf_t *cf); static char *ngx_http_dav_merge_loc_conf(ngx_conf_t *cf, void *parent, void *child); @@ -285,7 +285,7 @@ } if (status == NGX_HTTP_CREATED) { - if (ngx_http_dav_location(r, path.data) != NGX_OK) { + if (ngx_http_dav_location(r) != NGX_OK) { ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR); return; } @@ -312,7 +312,7 @@ ngx_file_info_t fi; ngx_http_dav_loc_conf_t *dlcf; - if (r->headers_in.content_length_n > 0) { + if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "DELETE with body is unsupported"); return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE; @@ -495,7 +495,7 @@ size_t root; ngx_str_t path; - if (r->headers_in.content_length_n > 0) { + if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) { ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "MKCOL with body is unsupported"); return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE; @@ -513,7 +513,6 @@ } *(p - 1) = '\0'; - r->uri.len--; ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "http mkcol path: \"%s\"", path.data); @@ -521,7 +520,7 @@ if (ngx_create_dir(path.data, ngx_dir_access(dlcf->access)) != NGX_FILE_ERROR) { - if (ngx_http_dav_location(r, path.data) != NGX_OK) { + if (ngx_http_dav_location(r) != NGX_OK) { return NGX_HTTP_INTERNAL_SERVER_ERROR; } @@ -550,7 +549,9 @@ ngx_http_dav_copy_ctx_t copy; ngx_http_dav_loc_conf_t *dlcf; - if (r->headers_in.content_length_n > 0) { + if (r->headers_in.content_length_n > 0 || r->headers_in.chunked) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "COPY and MOVE with body are unsupported"); return NGX_HTTP_UNSUPPORTED_MEDIA_TYPE; } @@ -1069,35 +1070,16 @@ static ngx_int_t -ngx_http_dav_location(ngx_http_request_t *r, u_char *path) +ngx_http_dav_location(ngx_http_request_t *r) { - u_char *location; - ngx_http_core_loc_conf_t *clcf; - r->headers_out.location = ngx_list_push(&r->headers_out.headers); if (r->headers_out.location == NULL) { return NGX_ERROR; } - clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module); - - if (!clcf->alias && clcf->root_lengths == NULL) { - location = path + clcf->root.len; - - } else { - location = ngx_pnalloc(r->pool, r->uri.len); - if (location == NULL) { - ngx_http_clear_location(r); - return NGX_ERROR; - } - - ngx_memcpy(location, r->uri.data, r->uri.len); - } - r->headers_out.location->hash = 1; ngx_str_set(&r->headers_out.location->key, "Location"); - r->headers_out.location->value.len = r->uri.len; - r->headers_out.location->value.data = location; + r->headers_out.location->value = r->uri; return NGX_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/modules/ngx_http_index_module.c new/nginx-1.17.7/src/http/modules/ngx_http_index_module.c --- old/nginx-1.17.6/src/http/modules/ngx_http_index_module.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/modules/ngx_http_index_module.c 2019-12-24 16:00:09.000000000 +0100 @@ -163,7 +163,7 @@ name = ngx_http_map_uri_to_path(r, &path, &root, reserve); if (name == NULL) { - return NGX_ERROR; + return NGX_HTTP_INTERNAL_SERVER_ERROR; } allocated = path.data + path.len - name; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/modules/ngx_http_rewrite_module.c new/nginx-1.17.7/src/http/modules/ngx_http_rewrite_module.c --- old/nginx-1.17.6/src/http/modules/ngx_http_rewrite_module.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/modules/ngx_http_rewrite_module.c 2019-12-24 16:00:09.000000000 +0100 @@ -318,6 +318,11 @@ value = cf->args->elts; + if (value[2].len == 0) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "empty replacement"); + return NGX_CONF_ERROR; + } + ngx_memzero(&rc, sizeof(ngx_regex_compile_t)); rc.pattern = value[1]; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/modules/ngx_http_static_module.c new/nginx-1.17.7/src/http/modules/ngx_http_static_module.c --- old/nginx-1.17.6/src/http/modules/ngx_http_static_module.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/modules/ngx_http_static_module.c 2019-12-24 16:00:09.000000000 +0100 @@ -157,8 +157,8 @@ len = r->uri.len + 1; - if (!clcf->alias && clcf->root_lengths == NULL && r->args.len == 0) { - location = path.data + clcf->root.len; + if (!clcf->alias && r->args.len == 0) { + location = path.data + root; *last = '/'; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/modules/ngx_http_upstream_keepalive_module.c new/nginx-1.17.7/src/http/modules/ngx_http_upstream_keepalive_module.c --- old/nginx-1.17.6/src/http/modules/ngx_http_upstream_keepalive_module.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/modules/ngx_http_upstream_keepalive_module.c 2019-12-24 16:00:09.000000000 +0100 @@ -275,6 +275,7 @@ c->idle = 0; c->sent = 0; + c->data = NULL; c->log = pc->log; c->read->log = pc->log; c->write->log = pc->log; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/ngx_http_core_module.c new/nginx-1.17.7/src/http/ngx_http_core_module.c --- old/nginx-1.17.6/src/http/ngx_http_core_module.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/ngx_http_core_module.c 2019-12-24 16:00:09.000000000 +0100 @@ -1843,7 +1843,8 @@ } } - last = ngx_cpystrn(last, r->uri.data + alias, r->uri.len - alias + 1); + last = ngx_copy(last, r->uri.data + alias, r->uri.len - alias); + *last = '\0'; return last; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/ngx_http_script.c new/nginx-1.17.7/src/http/ngx_http_script.c --- old/nginx-1.17.6/src/http/ngx_http_script.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/ngx_http_script.c 2019-12-24 16:00:09.000000000 +0100 @@ -1470,7 +1470,14 @@ void ngx_http_script_break_code(ngx_http_script_engine_t *e) { - e->request->uri_changed = 0; + ngx_http_request_t *r; + + r = e->request; + + if (r->uri_changed) { + r->valid_location = 0; + r->uri_changed = 0; + } e->ip = ngx_http_script_exit; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/ngx_http_special_response.c new/nginx-1.17.7/src/http/ngx_http_special_response.c --- old/nginx-1.17.6/src/http/ngx_http_special_response.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/ngx_http_special_response.c 2019-12-24 16:00:09.000000000 +0100 @@ -623,6 +623,12 @@ return ngx_http_named_location(r, &uri); } + r->expect_tested = 1; + + if (ngx_http_discard_request_body(r) != NGX_OK) { + r->keepalive = 0; + } + location = ngx_list_push(&r->headers_out.headers); if (location == NULL) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.17.6/src/http/v2/ngx_http_v2.c new/nginx-1.17.7/src/http/v2/ngx_http_v2.c --- old/nginx-1.17.6/src/http/v2/ngx_http_v2.c 2019-11-19 15:18:58.000000000 +0100 +++ new/nginx-1.17.7/src/http/v2/ngx_http_v2.c 2019-12-24 16:00:09.000000000 +0100 @@ -178,6 +178,7 @@ static ngx_int_t ngx_http_v2_terminate_stream(ngx_http_v2_connection_t *h2c, ngx_http_v2_stream_t *stream, ngx_uint_t status); static void ngx_http_v2_close_stream_handler(ngx_event_t *ev); +static void ngx_http_v2_retry_close_stream_handler(ngx_event_t *ev); static void ngx_http_v2_handle_connection_handler(ngx_event_t *rev); static void ngx_http_v2_idle_handler(ngx_event_t *rev); static void ngx_http_v2_finalize_connection(ngx_http_v2_connection_t *h2c, @@ -4288,8 +4289,9 @@ fc = stream->request->connection; if (stream->queued) { - fc->write->handler = ngx_http_v2_close_stream_handler; - fc->read->handler = ngx_http_empty_handler; + fc->error = 1; + fc->write->handler = ngx_http_v2_retry_close_stream_handler; + fc->read->handler = ngx_http_v2_retry_close_stream_handler; return; } @@ -4409,6 +4411,22 @@ ngx_http_v2_close_stream(r->stream, 0); } + + +static void +ngx_http_v2_retry_close_stream_handler(ngx_event_t *ev) +{ + ngx_connection_t *fc; + ngx_http_request_t *r; + + fc = ev->data; + r = fc->data; + + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, fc->log, 0, + "http2 retry close stream handler"); + + ngx_http_v2_close_stream(r->stream, 0); +} static void ++++++ nginx.service ++++++ --- /var/tmp/diff_new_pack.JQGplW/_old 2019-12-30 12:35:35.163828830 +0100 +++ /var/tmp/diff_new_pack.JQGplW/_new 2019-12-30 12:35:35.163828830 +0100 @@ -1,6 +1,7 @@ [Unit] Description=The nginx HTTP and reverse proxy server -After=network.target remote-fs.target nss-lookup.target +After=network-online.target remote-fs.target nss-lookup.target +Wants=network-online.target [Service] PIDFile=/run/nginx.pid
