[njs] Renamed njscript to njs.

2018-05-03 Thread Dmitry Volyntsev
details: http://hg.nginx.org/njs/rev/71455987b770 branches: changeset: 515:71455987b770 user: Dmitry Volyntsev date: Thu May 03 18:29:26 2018 +0300 description: Renamed njscript to njs. njscript.c -> njs.c njscript.h -> njs.h njs.c -> njs_shell.c diffstat:

[njs] Added njs_core.h

2018-05-03 Thread Dmitry Volyntsev
details: http://hg.nginx.org/njs/rev/2b64817dd8f6 branches: changeset: 514:2b64817dd8f6 user: Dmitry Volyntsev date: Fri Apr 27 14:21:39 2018 +0300 description: Added njs_core.h diffstat: Makefile| 25 ++

[njs] Public header cleanup.

2018-05-03 Thread Dmitry Volyntsev
details: http://hg.nginx.org/njs/rev/4ab51298e1fe branches: changeset: 516:4ab51298e1fe user: Dmitry Volyntsev date: Thu May 03 18:29:28 2018 +0300 description: Public header cleanup. diffstat: njs/njs.h| 6 -- njs/njs_vm.h | 6 ++ 2 files changed,

Re: [PATCH] SSL: Set engine passed in ssl_certificate_key as default

2018-05-03 Thread Maxim Dounin
Hello! On Mon, Apr 30, 2018 at 06:05:56AM -0400, Anderson Sasaki wrote: > Hello, > > Following there are two patches, one adding the call to set the engine as > default for all methods and the other restricting the engine to be the > default only for PKEY methods. > For me makes sense to have

Re: [PATCH] SSL: Add ENGINE_init() calls before using engines.

2018-05-03 Thread Maxim Dounin
Hello! On Fri, Apr 27, 2018 at 11:27:57AM -0400, Anderson Sasaki wrote: > Hello, > > > > > In my opinion it would be better to have nginx working with engines in > > > > both scenarios. > > > > And is not a problem to call ENGINE_init() from multiple places, since > > > > the API takes care of

Re: Regex in proxy_hide_header

2018-05-03 Thread Oleg A. Mamontov
On Wed, May 02, 2018 at 01:14:58PM +, bmrf wrote: Oleg A. Mamontov Wrote: --- On Wed, May 02, 2018 at 09:34:04AM +, bmrf wrote: >Hi list, > >I was trying to unset/delete a header using proxy_hide_header. The problem >is that the header

Re: Reverse proxy from NGINX to Keycloak with 2FA

2018-05-03 Thread Joncheski
Hi Francis, Thanks for your reply. I have tried with tcp port forwarder ("stream") but my host is changed to the client's url, which directly sends me to Keycloak, which I do not want to have direct access to Keycloak, so I use proxy. Keycloak has been configured to verify a client certificate

Proxy pass and SSL certificates

2018-05-03 Thread Mephysto On Hell
Hello everyone, I am using Nginx in a production environment since some years, but I am almost a newbie with SSL certificates and connections. A the moment I have a configuration with two levels: 1. A first level Nginx that operate as load balancer 2. Two second level Nginx: the first host a web