Hello community, here is the log from the commit of package nginx for openSUSE:Factory checked in at 2012-11-25 13:11:02 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nginx (Old) and /work/SRC/openSUSE:Factory/.nginx.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx", Maintainer is "" Changes: -------- --- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2012-10-25 12:10:57.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nginx.new/nginx.changes 2012-11-25 13:11:08.000000000 +0100 @@ -1,0 +2,18 @@ +Wed Nov 21 18:07:33 UTC 2012 - s...@ammler.ch + +- revert permission for /var/log/nginx so reopen is possible (bnc#790726) + +------------------------------------------------------------------- +Wed Nov 14 14:47:52 UTC 2012 - s...@ammler.ch + +- update to 1.2.5 + *) Feature: the "optional_no_ca" parameter of the "ssl_verify_client" + directive. + *) Feature: the $bytes_sent, $connection, and $connection_requests + variables can now be used not only in the "log_format" directive. + *) Feature: resolver now randomly rotates addresses returned from cache. + *) Feature: the "auto" parameter of the "worker_processes" directive. + *) Bugfix: "cache file ... has md5 collision" alert. + *) Bugfix: OpenSSL 0.9.7 compatibility. + +------------------------------------------------------------------- Old: ---- nginx-1.2.4.tar.gz New: ---- nginx-1.2.5.tar.gz nginx.rpmlintrc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ --- /var/tmp/diff_new_pack.RgGGlD/_old 2012-11-25 13:11:17.000000000 +0100 +++ /var/tmp/diff_new_pack.RgGGlD/_new 2012-11-25 13:11:17.000000000 +0100 @@ -17,7 +17,7 @@ Name: nginx -Version: 1.2.4 +Version: 1.2.5 Release: 0 # %define pkg_name nginx @@ -81,7 +81,7 @@ PreReq: %insserv_prereq PreReq: pwdutils # -Conflicts: nginx-0.5 nginx-0.6 nginx-0.7 nginx-0.8 nginx-0.9 nginx-1.0 nginx-1.2 nginx-1.3 nginx-dev +Conflicts: nginx-0.5 nginx-0.6 nginx-0.7 nginx-0.8 nginx-0.9 nginx-1.0 nginx-1.2 nginx-1.3 %requires_eq perl # Url: http://nginx.net/ @@ -264,7 +264,7 @@ %{_sysconfdir}/init.d/%{pkg_name} %{_sbindir}/rc%{pkg_name} %config(noreplace) %{_sysconfdir}/logrotate.d/%{pkg_name} -%dir %attr(750,root,root) /var/log/nginx/ +%dir %attr(750,%{ngx_user_group},%{ngx_user_group}) /var/log/nginx/ %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_home}/ %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_http} %dir %attr(750,%{ngx_user_group},%{ngx_user_group}) %{ngx_tmp_proxy} ++++++ nginx-1.2.4.tar.gz -> nginx-1.2.5.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/CHANGES new/nginx-1.2.5/CHANGES --- old/nginx-1.2.4/CHANGES 2012-09-25 15:43:39.000000000 +0200 +++ new/nginx-1.2.5/CHANGES 2012-11-13 14:36:14.000000000 +0100 @@ -1,4 +1,24 @@ +Changes with nginx 1.2.5 13 Nov 2012 + + *) Feature: the "optional_no_ca" parameter of the "ssl_verify_client" + directive. + Thanks to Mike Kazantsev and Eric O'Connor. + + *) Feature: the $bytes_sent, $connection, and $connection_requests + variables can now be used not only in the "log_format" directive. + Thanks to Benjamin Grössing. + + *) Feature: resolver now randomly rotates addresses returned from cache. + Thanks to Anton Jouline. + + *) Feature: the "auto" parameter of the "worker_processes" directive. + + *) Bugfix: "cache file ... has md5 collision" alert. + + *) Bugfix: OpenSSL 0.9.7 compatibility. + + Changes with nginx 1.2.4 25 Sep 2012 *) Bugfix: in the "limit_req" directive; the bug had appeared in 1.1.14. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/CHANGES.ru new/nginx-1.2.5/CHANGES.ru --- old/nginx-1.2.4/CHANGES.ru 2012-09-25 15:43:38.000000000 +0200 +++ new/nginx-1.2.5/CHANGES.ru 2012-11-13 14:36:12.000000000 +0100 @@ -1,4 +1,25 @@ +Изменения в nginx 1.2.5 13.11.2012 + + *) Добавление: параметр optional_no_ca директивы ssl_verify_client. + Спасибо Михаилу Казанцеву и Eric O'Connor. + + *) Добавление: переменные $bytes_sent, $connection и + $connection_requests теперь можно использовать не только в директиве + log_format. + Спасибо Benjamin Grössing. + + *) Добавление: теперь resolver случайным образом меняет порядок + возвращаемых закэшированных адресов. + Спасибо Антону Жулину. + + *) Добавление: параметр auto директивы worker_processes. + + *) Исправление: сообщения "cache file ... has md5 collision". + + *) Исправление: совместимость с OpenSSL 0.9.7. + + Изменения в nginx 1.2.4 25.09.2012 *) Исправление: в директиве "limit_req"; ошибка появилась в 1.1.14. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/auto/lib/perl/conf new/nginx-1.2.5/auto/lib/perl/conf --- old/nginx-1.2.4/auto/lib/perl/conf 2012-01-18 16:07:43.000000000 +0100 +++ new/nginx-1.2.5/auto/lib/perl/conf 2012-11-12 18:57:57.000000000 +0100 @@ -12,12 +12,20 @@ if test -n "$NGX_PERL_VER"; then echo " + perl version: $NGX_PERL_VER" - if [ "`echo 'use 5.006001; print "OK"' | $NGX_PERL 2>&1`" != OK ]; then + if [ "`$NGX_PERL -e 'use 5.006001; print "OK"'`" != "OK" ]; then echo echo "$0: error: perl 5.6.1 or higher is required" echo exit 1; + fi + + if [ "`$NGX_PERL -MExtUtils::Embed -e 'print "OK"'`" != "OK" ]; then + echo + echo "$0: error: perl module ExtUtils::Embed is required" + echo + + exit 1; fi NGX_PERL_CFLAGS="$CFLAGS `$NGX_PERL -MExtUtils::Embed -e ccopts`" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/auto/make new/nginx-1.2.5/auto/make --- old/nginx-1.2.4/auto/make 2012-01-18 16:07:43.000000000 +0100 +++ new/nginx-1.2.5/auto/make 2012-11-12 19:39:51.000000000 +0100 @@ -49,7 +49,7 @@ ngx_all_srcs="$CORE_SRCS" -# the core dependences and include pathes +# the core dependences and include paths ngx_deps=`echo $CORE_DEPS $NGX_AUTO_CONFIG_H $NGX_PCH \ | sed -e "s/ *\([^ ][^ ]*\)/$ngx_regex_cont\1/g" \ @@ -69,7 +69,7 @@ END -# the http dependences and include pathes +# the http dependences and include paths if [ $HTTP = YES ]; then @@ -95,7 +95,7 @@ fi -# the mail dependences and include pathes +# the mail dependences and include paths if [ $MAIL = YES ]; then diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/auto/options new/nginx-1.2.5/auto/options --- old/nginx-1.2.4/auto/options 2012-07-02 18:41:13.000000000 +0200 +++ new/nginx-1.2.5/auto/options 2012-11-12 18:57:57.000000000 +0100 @@ -385,6 +385,10 @@ --without-http_browser_module disable ngx_http_browser_module --without-http_upstream_ip_hash_module disable ngx_http_upstream_ip_hash_module + --without-http_upstream_least_conn_module + disable ngx_http_upstream_least_conn_module + --without-http_upstream_keepalive_module + disable ngx_http_upstream_keepalive_module --with-http_perl_module enable ngx_http_perl_module --with-perl_modules_path=PATH set Perl modules path diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/nginx.c new/nginx-1.2.5/src/core/nginx.c --- old/nginx-1.2.4/src/core/nginx.c 2012-09-24 20:50:25.000000000 +0200 +++ new/nginx-1.2.5/src/core/nginx.c 2012-11-13 12:00:37.000000000 +0100 @@ -21,6 +21,8 @@ static char *ngx_set_priority(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); static char *ngx_set_cpu_affinity(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +static char *ngx_set_worker_processes(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); static ngx_conf_enum_t ngx_debug_points[] = { @@ -69,9 +71,9 @@ { ngx_string("worker_processes"), NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_TAKE1, - ngx_conf_set_num_slot, + ngx_set_worker_processes, + 0, 0, - offsetof(ngx_core_conf_t, worker_processes), NULL }, { ngx_string("debug_points"), @@ -1329,3 +1331,32 @@ return ccf->cpu_affinity[ccf->cpu_affinity_n - 1]; } + + +static char * +ngx_set_worker_processes(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +{ + ngx_str_t *value; + ngx_core_conf_t *ccf; + + ccf = (ngx_core_conf_t *) conf; + + if (ccf->worker_processes != NGX_CONF_UNSET) { + return "is duplicate"; + } + + value = (ngx_str_t *) cf->args->elts; + + if (ngx_strcmp(value[1].data, "auto") == 0) { + ccf->worker_processes = ngx_ncpu; + return NGX_CONF_OK; + } + + ccf->worker_processes = ngx_atoi(value[1].data, value[1].len); + + if (ccf->worker_processes == NGX_ERROR) { + return "invalid value"; + } + + return NGX_CONF_OK; +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/nginx.h new/nginx-1.2.5/src/core/nginx.h --- old/nginx-1.2.4/src/core/nginx.h 2012-09-24 20:24:07.000000000 +0200 +++ new/nginx-1.2.5/src/core/nginx.h 2012-11-12 18:03:38.000000000 +0100 @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1002004 -#define NGINX_VERSION "1.2.4" +#define nginx_version 1002005 +#define NGINX_VERSION "1.2.5" #define NGINX_VER "nginx/" NGINX_VERSION #define NGINX_VAR "NGINX" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/ngx_cycle.c new/nginx-1.2.5/src/core/ngx_cycle.c --- old/nginx-1.2.4/src/core/ngx_cycle.c 2012-09-24 20:34:04.000000000 +0200 +++ new/nginx-1.2.5/src/core/ngx_cycle.c 2012-11-12 19:39:51.000000000 +0100 @@ -118,18 +118,18 @@ } - n = old_cycle->pathes.nelts ? old_cycle->pathes.nelts : 10; + n = old_cycle->paths.nelts ? old_cycle->paths.nelts : 10; - cycle->pathes.elts = ngx_pcalloc(pool, n * sizeof(ngx_path_t *)); - if (cycle->pathes.elts == NULL) { + cycle->paths.elts = ngx_pcalloc(pool, n * sizeof(ngx_path_t *)); + if (cycle->paths.elts == NULL) { ngx_destroy_pool(pool); return NULL; } - cycle->pathes.nelts = 0; - cycle->pathes.size = sizeof(ngx_path_t *); - cycle->pathes.nalloc = n; - cycle->pathes.pool = pool; + cycle->paths.nelts = 0; + cycle->paths.size = sizeof(ngx_path_t *); + cycle->paths.nalloc = n; + cycle->paths.pool = pool; if (old_cycle->open_files.part.nelts) { @@ -334,7 +334,7 @@ } - if (ngx_create_pathes(cycle, ccf->user) != NGX_OK) { + if (ngx_create_paths(cycle, ccf->user) != NGX_OK) { goto failed; } @@ -1038,6 +1038,8 @@ ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module); + ngx_memzero(&file, sizeof(ngx_file_t)); + file.name = ccf->pid; file.log = cycle->log; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/ngx_cycle.h new/nginx-1.2.5/src/core/ngx_cycle.h --- old/nginx-1.2.4/src/core/ngx_cycle.h 2012-03-21 14:58:51.000000000 +0100 +++ new/nginx-1.2.5/src/core/ngx_cycle.h 2012-11-12 19:39:51.000000000 +0100 @@ -48,7 +48,7 @@ ngx_queue_t reusable_connections_queue; ngx_array_t listening; - ngx_array_t pathes; + ngx_array_t paths; ngx_list_t open_files; ngx_list_t shared_memory; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/ngx_file.c new/nginx-1.2.5/src/core/ngx_file.c --- old/nginx-1.2.4/src/core/ngx_file.c 2012-04-03 09:37:31.000000000 +0200 +++ new/nginx-1.2.5/src/core/ngx_file.c 2012-11-12 19:39:51.000000000 +0100 @@ -412,8 +412,8 @@ path = *slot; - p = cf->cycle->pathes.elts; - for (i = 0; i < cf->cycle->pathes.nelts; i++) { + p = cf->cycle->paths.elts; + for (i = 0; i < cf->cycle->paths.nelts; i++) { if (p[i]->name.len == path->name.len && ngx_strcmp(p[i]->name.data, path->name.data) == 0) { @@ -457,7 +457,7 @@ } } - p = ngx_array_push(&cf->cycle->pathes); + p = ngx_array_push(&cf->cycle->paths); if (p == NULL) { return NGX_ERROR; } @@ -469,14 +469,14 @@ ngx_int_t -ngx_create_pathes(ngx_cycle_t *cycle, ngx_uid_t user) +ngx_create_paths(ngx_cycle_t *cycle, ngx_uid_t user) { ngx_err_t err; ngx_uint_t i; ngx_path_t **path; - path = cycle->pathes.elts; - for (i = 0; i < cycle->pathes.nelts; i++) { + path = cycle->paths.elts; + for (i = 0; i < cycle->paths.nelts; i++) { if (ngx_create_dir(path[i]->name.data, 0700) == NGX_FILE_ERROR) { err = ngx_errno; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/ngx_file.h new/nginx-1.2.5/src/core/ngx_file.h --- old/nginx-1.2.4/src/core/ngx_file.h 2012-01-18 16:07:43.000000000 +0100 +++ new/nginx-1.2.5/src/core/ngx_file.h 2012-11-12 19:39:51.000000000 +0100 @@ -130,7 +130,7 @@ ngx_int_t ngx_create_path(ngx_file_t *file, ngx_path_t *path); ngx_err_t ngx_create_full_path(u_char *dir, ngx_uint_t access); ngx_int_t ngx_add_path(ngx_conf_t *cf, ngx_path_t **slot); -ngx_int_t ngx_create_pathes(ngx_cycle_t *cycle, ngx_uid_t user); +ngx_int_t ngx_create_paths(ngx_cycle_t *cycle, ngx_uid_t user); ngx_int_t ngx_ext_rename_file(ngx_str_t *src, ngx_str_t *to, ngx_ext_rename_file_t *ext); ngx_int_t ngx_copy_file(u_char *from, u_char *to, ngx_copy_file_t *cf); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/core/ngx_resolver.c new/nginx-1.2.5/src/core/ngx_resolver.c --- old/nginx-1.2.4/src/core/ngx_resolver.c 2012-09-24 20:54:28.000000000 +0200 +++ new/nginx-1.2.5/src/core/ngx_resolver.c 2012-11-12 19:47:07.000000000 +0100 @@ -88,6 +88,8 @@ static void ngx_resolver_free(ngx_resolver_t *r, void *p); static void ngx_resolver_free_locked(ngx_resolver_t *r, void *p); static void *ngx_resolver_dup(ngx_resolver_t *r, void *src, size_t size); +static in_addr_t *ngx_resolver_rotate(ngx_resolver_t *r, in_addr_t *src, + ngx_uint_t n); static u_char *ngx_resolver_log_error(ngx_log_t *log, u_char *buf, size_t len); @@ -445,8 +447,7 @@ if (naddrs != 1) { addr = 0; - addrs = ngx_resolver_dup(r, rn->u.addrs, - naddrs * sizeof(in_addr_t)); + addrs = ngx_resolver_rotate(r, rn->u.addrs, naddrs); if (addrs == NULL) { return NGX_ERROR; } @@ -2133,6 +2134,32 @@ return dst; } + + +static in_addr_t * +ngx_resolver_rotate(ngx_resolver_t *r, in_addr_t *src, ngx_uint_t n) +{ + void *dst, *p; + ngx_uint_t j; + + dst = ngx_resolver_alloc(r, n * sizeof(in_addr_t)); + + if (dst == NULL) { + return dst; + } + + j = ngx_random() % n; + + if (j == 0) { + ngx_memcpy(dst, src, n * sizeof(in_addr_t)); + return dst; + } + + p = ngx_cpymem(dst, &src[j], (n - j) * sizeof(in_addr_t)); + ngx_memcpy(p, src, j * sizeof(in_addr_t)); + + return dst; +} char * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/event/ngx_event_openssl.c new/nginx-1.2.5/src/event/ngx_event_openssl.c --- old/nginx-1.2.4/src/event/ngx_event_openssl.c 2012-07-02 19:25:51.000000000 +0200 +++ new/nginx-1.2.5/src/event/ngx_event_openssl.c 2012-11-12 19:00:32.000000000 +0100 @@ -94,23 +94,25 @@ OpenSSL_add_all_algorithms(); +#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef SSL_OP_NO_COMPRESSION { /* * Disable gzip compression in OpenSSL prior to 1.0.0 version, * this saves about 522K per connection. */ - int i, n; + int n; STACK_OF(SSL_COMP) *ssl_comp_methods; ssl_comp_methods = SSL_COMP_get_compression_methods(); n = sk_SSL_COMP_num(ssl_comp_methods); - for (i = 0; i < n; i++) { - (void) sk_SSL_COMP_delete(ssl_comp_methods, i); + while (n--) { + (void) sk_SSL_COMP_pop(ssl_comp_methods); } } #endif +#endif ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/event/ngx_event_openssl.h new/nginx-1.2.5/src/event/ngx_event_openssl.h --- old/nginx-1.2.4/src/event/ngx_event_openssl.h 2012-01-18 16:07:43.000000000 +0100 +++ new/nginx-1.2.5/src/event/ngx_event_openssl.h 2012-11-13 11:42:16.000000000 +0100 @@ -120,6 +120,13 @@ #define ngx_ssl_get_server_conf(ssl_ctx) \ SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_server_conf_index) +#define ngx_ssl_verify_error_optional(n) \ + (n == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT \ + || n == X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN \ + || n == X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY \ + || n == X509_V_ERR_CERT_UNTRUSTED \ + || n == X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE) + ngx_int_t ngx_ssl_get_protocol(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/event/ngx_event_pipe.c new/nginx-1.2.5/src/event/ngx_event_pipe.c --- old/nginx-1.2.4/src/event/ngx_event_pipe.c 2012-02-28 12:31:05.000000000 +0100 +++ new/nginx-1.2.5/src/event/ngx_event_pipe.c 2012-11-13 12:24:14.000000000 +0100 @@ -946,8 +946,15 @@ return NGX_ERROR; } - b->pos = b->start; - b->last = b->start; + if (p->buf_to_file && b->start == p->buf_to_file->start) { + b->pos = p->buf_to_file->last; + b->last = p->buf_to_file->last; + + } else { + b->pos = b->start; + b->last = b->start; + } + b->shadow = NULL; cl->buf = b; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/http/modules/ngx_http_log_module.c new/nginx-1.2.5/src/http/modules/ngx_http_log_module.c --- old/nginx-1.2.4/src/http/modules/ngx_http_log_module.c 2012-08-06 19:07:28.000000000 +0200 +++ new/nginx-1.2.5/src/http/modules/ngx_http_log_module.c 2012-11-13 11:45:23.000000000 +0100 @@ -78,10 +78,6 @@ static ssize_t ngx_http_log_script_write(ngx_http_request_t *r, ngx_http_log_script_t *script, u_char **name, u_char *buf, size_t len); -static u_char *ngx_http_log_connection(ngx_http_request_t *r, u_char *buf, - ngx_http_log_op_t *op); -static u_char *ngx_http_log_connection_requests(ngx_http_request_t *r, - u_char *buf, ngx_http_log_op_t *op); static u_char *ngx_http_log_pipe(ngx_http_request_t *r, u_char *buf, ngx_http_log_op_t *op); static u_char *ngx_http_log_time(ngx_http_request_t *r, u_char *buf, @@ -194,9 +190,6 @@ static ngx_http_log_var_t ngx_http_log_vars[] = { - { ngx_string("connection"), NGX_ATOMIC_T_LEN, ngx_http_log_connection }, - { ngx_string("connection_requests"), NGX_INT_T_LEN, - ngx_http_log_connection_requests }, { ngx_string("pipe"), 1, ngx_http_log_pipe }, { ngx_string("time_local"), sizeof("28/Sep/1970:12:00:00 +0600") - 1, ngx_http_log_time }, @@ -209,8 +202,6 @@ { ngx_string("bytes_sent"), NGX_OFF_T_LEN, ngx_http_log_bytes_sent }, { ngx_string("body_bytes_sent"), NGX_OFF_T_LEN, ngx_http_log_body_bytes_sent }, - { ngx_string("apache_bytes_sent"), NGX_OFF_T_LEN, - ngx_http_log_body_bytes_sent }, { ngx_string("request_length"), NGX_SIZE_T_LEN, ngx_http_log_request_length }, @@ -502,22 +493,6 @@ static u_char * -ngx_http_log_connection(ngx_http_request_t *r, u_char *buf, - ngx_http_log_op_t *op) -{ - return ngx_sprintf(buf, "%uA", r->connection->number); -} - - -static u_char * -ngx_http_log_connection_requests(ngx_http_request_t *r, u_char *buf, - ngx_http_log_op_t *op) -{ - return ngx_sprintf(buf, "%ui", r->connection->requests); -} - - -static u_char * ngx_http_log_pipe(ngx_http_request_t *r, u_char *buf, ngx_http_log_op_t *op) { if (r->pipeline) { @@ -1143,12 +1118,6 @@ goto invalid; } - if (ngx_strncmp(var.data, "apache_bytes_sent", 17) == 0) { - ngx_conf_log_error(NGX_LOG_WARN, cf, 0, - "use \"$body_bytes_sent\" instead of " - "\"$apache_bytes_sent\""); - } - for (v = ngx_http_log_vars; v->name.len; v++) { if (v->name.len == var.len diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/http/modules/ngx_http_ssl_module.c new/nginx-1.2.5/src/http/modules/ngx_http_ssl_module.c --- old/nginx-1.2.4/src/http/modules/ngx_http_ssl_module.c 2012-01-18 16:07:43.000000000 +0100 +++ new/nginx-1.2.5/src/http/modules/ngx_http_ssl_module.c 2012-11-13 11:42:16.000000000 +0100 @@ -48,6 +48,7 @@ { ngx_string("off"), 0 }, { ngx_string("on"), 1 }, { ngx_string("optional"), 2 }, + { ngx_string("optional_no_ca"), 3 }, { ngx_null_string, 0 } }; @@ -466,7 +467,7 @@ if (conf->verify) { - if (conf->client_certificate.len == 0) { + if (conf->client_certificate.len == 0 && conf->verify != 3) { ngx_log_error(NGX_LOG_EMERG, cf->log, 0, "no ssl_client_certificate for ssl_client_verify"); return NGX_CONF_ERROR; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/http/modules/perl/nginx.pm new/nginx-1.2.5/src/http/modules/perl/nginx.pm --- old/nginx-1.2.4/src/http/modules/perl/nginx.pm 2012-09-24 20:24:07.000000000 +0200 +++ new/nginx-1.2.5/src/http/modules/perl/nginx.pm 2012-11-12 18:03:38.000000000 +0100 @@ -50,7 +50,7 @@ HTTP_INSUFFICIENT_STORAGE ); -our $VERSION = '1.2.4'; +our $VERSION = '1.2.5'; require XSLoader; XSLoader::load('nginx', $VERSION); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/http/ngx_http_request.c new/nginx-1.2.5/src/http/ngx_http_request.c --- old/nginx-1.2.4/src/http/ngx_http_request.c 2012-08-06 19:36:30.000000000 +0200 +++ new/nginx-1.2.5/src/http/ngx_http_request.c 2012-11-13 12:21:31.000000000 +0100 @@ -1634,7 +1634,9 @@ if (sscf->verify) { rc = SSL_get_verify_result(c->ssl->connection); - if (rc != X509_V_OK) { + if (rc != X509_V_OK + && (sscf->verify != 3 || !ngx_ssl_verify_error_optional(rc))) + { ngx_log_error(NGX_LOG_INFO, c->log, 0, "client SSL certificate verify error: (%l:%s)", rc, X509_verify_cert_error_string(rc)); @@ -2743,6 +2745,20 @@ ngx_http_close_connection(c); } + /* + * Like ngx_http_set_keepalive() we are trying to not hold + * c->buffer's memory for a keepalive connection. + */ + + if (ngx_pfree(c->pool, b->start) == NGX_OK) { + + /* + * the special note that c->buffer's memory was freed + */ + + b->pos = NULL; + } + return; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/http/ngx_http_upstream.c new/nginx-1.2.5/src/http/ngx_http_upstream.c --- old/nginx-1.2.4/src/http/ngx_http_upstream.c 2012-08-06 19:34:08.000000000 +0200 +++ new/nginx-1.2.5/src/http/ngx_http_upstream.c 2012-11-13 12:24:14.000000000 +0100 @@ -2287,6 +2287,7 @@ return; } + p->buf_to_file->start = u->buffer.start; p->buf_to_file->pos = u->buffer.start; p->buf_to_file->last = u->buffer.pos; p->buf_to_file->temporary = 1; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/http/ngx_http_variables.c new/nginx-1.2.5/src/http/ngx_http_variables.c --- old/nginx-1.2.4/src/http/ngx_http_variables.c 2012-07-02 19:41:52.000000000 +0200 +++ new/nginx-1.2.5/src/http/ngx_http_variables.c 2012-11-13 11:45:23.000000000 +0100 @@ -69,6 +69,8 @@ ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_remote_user(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); +static ngx_int_t ngx_http_variable_bytes_sent(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_body_bytes_sent(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_request_completion(ngx_http_request_t *r, @@ -95,6 +97,11 @@ static ngx_int_t ngx_http_variable_sent_transfer_encoding(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); +static ngx_int_t ngx_http_variable_connection(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data); +static ngx_int_t ngx_http_variable_connection_requests(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data); + static ngx_int_t ngx_http_variable_nginx_version(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_hostname(ngx_http_request_t *r, @@ -212,6 +219,9 @@ { ngx_string("remote_user"), NULL, ngx_http_variable_remote_user, 0, 0, 0 }, + { ngx_string("bytes_sent"), NULL, ngx_http_variable_bytes_sent, + 0, 0, 0 }, + { ngx_string("body_bytes_sent"), NULL, ngx_http_variable_body_bytes_sent, 0, 0, 0 }, @@ -260,6 +270,12 @@ offsetof(ngx_http_request_t, limit_rate), NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 }, + { ngx_string("connection"), NULL, + ngx_http_variable_connection, 0, 0, 0 }, + + { ngx_string("connection_requests"), NULL, + ngx_http_variable_connection_requests, 0, 0, 0 }, + { ngx_string("nginx_version"), NULL, ngx_http_variable_nginx_version, 0, 0, 0 }, @@ -1434,6 +1450,27 @@ static ngx_int_t +ngx_http_variable_bytes_sent(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data) +{ + u_char *p; + + p = ngx_pnalloc(r->pool, NGX_OFF_T_LEN); + if (p == NULL) { + return NGX_ERROR; + } + + v->len = ngx_sprintf(p, "%O", r->connection->sent) - p; + v->valid = 1; + v->no_cacheable = 0; + v->not_found = 0; + v->data = p; + + return NGX_OK; +} + + +static ngx_int_t ngx_http_variable_body_bytes_sent(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) { @@ -1785,6 +1822,48 @@ return NGX_OK; } + + +static ngx_int_t +ngx_http_variable_connection(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data) +{ + u_char *p; + + p = ngx_pnalloc(r->pool, NGX_ATOMIC_T_LEN); + if (p == NULL) { + return NGX_ERROR; + } + + v->len = ngx_sprintf(p, "%uA", r->connection->number) - p; + v->valid = 1; + v->no_cacheable = 0; + v->not_found = 0; + v->data = p; + + return NGX_OK; +} + + +static ngx_int_t +ngx_http_variable_connection_requests(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data) +{ + u_char *p; + + p = ngx_pnalloc(r->pool, NGX_INT_T_LEN); + if (p == NULL) { + return NGX_ERROR; + } + + v->len = ngx_sprintf(p, "%ui", r->connection->requests) - p; + v->valid = 1; + v->no_cacheable = 0; + v->not_found = 0; + v->data = p; + + return NGX_OK; +} static ngx_int_t diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/os/unix/ngx_process.c new/nginx-1.2.5/src/os/unix/ngx_process.c --- old/nginx-1.2.4/src/os/unix/ngx_process.c 2012-03-05 19:09:06.000000000 +0100 +++ new/nginx-1.2.5/src/os/unix/ngx_process.c 2012-11-12 19:39:51.000000000 +0100 @@ -474,8 +474,6 @@ return; } -#if (NGX_SOLARIS || NGX_FREEBSD) - /* * Solaris always calls the signal handler for each exited process * despite waitpid() may be already called for this process. @@ -491,8 +489,6 @@ return; } -#endif - ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, err, "waitpid() failed"); return; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.2.4/src/os/unix/ngx_process_cycle.c new/nginx-1.2.5/src/os/unix/ngx_process_cycle.c --- old/nginx-1.2.4/src/os/unix/ngx_process_cycle.c 2012-07-02 18:23:14.000000000 +0200 +++ new/nginx-1.2.5/src/os/unix/ngx_process_cycle.c 2012-11-12 19:39:51.000000000 +0100 @@ -371,6 +371,8 @@ ngx_pass_open_channel(cycle, &ch); } + + cpu_affinity = 0; } @@ -384,8 +386,8 @@ manager = 0; loader = 0; - path = ngx_cycle->pathes.elts; - for (i = 0; i < ngx_cycle->pathes.nelts; i++) { + path = ngx_cycle->paths.elts; + for (i = 0; i < ngx_cycle->paths.nelts; i++) { if (path[i]->manager) { manager = 1; @@ -1339,8 +1341,8 @@ next = 60 * 60; - path = ngx_cycle->pathes.elts; - for (i = 0; i < ngx_cycle->pathes.nelts; i++) { + path = ngx_cycle->paths.elts; + for (i = 0; i < ngx_cycle->paths.nelts; i++) { if (path[i]->manager) { n = path[i]->manager(path[i]->data); @@ -1368,8 +1370,8 @@ cycle = (ngx_cycle_t *) ngx_cycle; - path = cycle->pathes.elts; - for (i = 0; i < cycle->pathes.nelts; i++) { + path = cycle->paths.elts; + for (i = 0; i < cycle->paths.nelts; i++) { if (ngx_terminate || ngx_quit) { break; ++++++ nginx.rpmlintrc ++++++ # user nginx needs write permissions to /var/log/nginx so nginx is able to reopen the logs addFilter("nginx.*: W: suse-logrotate-user-writable-log-dir /var/log/nginx nginx:nginx 0750") -- To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org For additional commands, e-mail: opensuse-commit+h...@opensuse.org