On Fri, Apr 25, 2025 at 10:51:12PM +0400, Sergey Kandaurov wrote:
> On Fri, Apr 25, 2025 at 01:55:11PM +0300, Vladimir Homutov via nginx-devel
> wrote:
> > missing attachments
> >
>
> Thanks for the provided debug, it is really helpful.
>
> Looking into debug, it b
certainly consealed other issues.
Do you have a reliable way to trigger this?
Yes, I'm able to trigger this reliably with angie as a client (with
cd5e4fa14 merged both on client and server).
On Fri, Apr 25, 2025 at 01:55:11PM +0300, Vladimir Homutov via nginx-devel
wrote:
missing attach
rc = ngx_quic_split_frame(c, f, max_payload - len);
logs_info.tar.gz
Description: application/gzip
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
On Tue, Apr 15, 2025 at 03:02:02PM +, [email protected] wrote:
> details:
> https://github.com/nginx/nginx/commit/cd5e4fa1446dff86fafc3b6ffcc11afd527a024f
> branches: master
> commit:cd5e4fa1446dff86fafc3b6ffcc11afd527a024f
> user: Roman Arutyunyan
> date:
In line with a recent nginx mailing list thread I had with a user about
how to properly secure a site with SSL/TLS Client Certificates, the user
indicated that "ssl_client_certificate" is a confusing misnomer. It
implies that the certificate(s) provided are a bundle of cert
Hi Nginx experts,
While reviewing the Nginx source code, I noticed that during the conf file
parsing, directive names are allocated from the cycle pool.
For instance:
ssl_certificate /path/to/cert/file;
It makes sense to allocate the directive's argument (e.g., the file path) from
a pool
populating the
h2c->last_out. Is there some reason why it is done in this way?
Sincerely
Jiří Setnička
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Seeing a lot of messages related to moving from mercurial to git here in the
mailing list. Are the nginx.org code repos shifting to Git instead of Mercurial?
Sent from my Galaxy
___
nginx-devel mailing list
[email protected]
https
er of the Nginx team can put in a request via
the following form. When approved and sign-up is complete resources can be set
up and delegated as appropriate.
https://www.ibm.com/community/z/open-source/virtual-machines-request/
I hope this will help restore Nginx open source binaries on
Hi,
This is regarding Nginx Binaries on s390x(IBM Z) platform. It looks like s390x
binaries are not published anymore, and latest versions are not found under
"http://nginx.org/packages/";
Found this PR which removed s390x: https://github.com/nginx/nginx.org/pull/56
However it is
O2"
+NGX_GCC_OPT="-O2"
#NGX_GCC_OPT="-Os"
-NGX_GCC_OPT="-O"
+#NGX_GCC_OPT="-O"
#CFLAGS="$CFLAGS -fomit-frame-pointer"
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
ngx_feature="C compiler"
ngx_feature_name=
-ngx_feature_run=yes
+ngx_feature_run=no
ngx_feature_incs=
ngx_feature_path=
ngx_feature_libs=
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
set additional C++ compiler options
--with-ld-opt=OPTIONS set additional linker options
--with-cpu-opt=CPU build for the specified CPU, valid values:
pentium, pentiumpro, pentium3, pentium4,
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
uot;
+CORE_LIBS="$CORE_LIBS kernel32.lib user32.lib advapi32.lib ws2_32.lib"
;;
esac
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
o $NGX_AUTOTEST $NGX_AUTOTEST.c $NGX_LD_OPT"
+ -o $NGX_AUTOTEST $NGX_AUTOTEST.c $NGX_LD_OPT $ngx_feature_libs"
eval "$ngx_test >> $NGX_AUTOCONF_ERR 2>&1"
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
(0);
+ngx_feature_test="const char *p; p = strerrordesc_np(0);
if (p == NULL) return 1"
. auto/feature
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
xit 1
+fi
+fi
+
+fi
+
NGX_TEST_LD_OPT="$NGX_LD_OPT"
if [ "$NGX_PLATFORM" != win32 ]; then
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
MSG_FIRSTHDR(&msg);
cmsg != NULL;
cmsg = CMSG_NXTHDR(&msg, cmsg))
@@ -150,6 +158,11 @@
}
}
+#ifndef __GLIBC__
+#pragma clang diagnostic pop
+#pragma GCC diagnostic pop
+#endif
+
#endif
if (ngx_quic_get_packet_dcid(ev->log,
Noted with thanks.
Regards,
Mr. Turritopsis Dohrnii Teo En Ming
Targeted Individual in Singapore
On Saturday, March 9th, 2024 at 3:57 PM, Muhammad Nuzaihan
wrote:
> Hello,
>
> I don't think nginx uses Java key store and that's specific only for
> Java application
On Tue, Apr 09, 2024 at 03:02:21PM +0400, Roman Arutyunyan wrote:
> Hello Vladimir,
>
> On Mon, Apr 08, 2024 at 03:03:27PM +0300, Vladimir Homutov via nginx-devel
> wrote:
> > On Fri, Sep 22, 2023 at 03:36:25PM +, Roman Arutyunyan wrote:
> > > details: htt
On Fri, Sep 22, 2023 at 03:36:25PM +, Roman Arutyunyan wrote:
> details: https://hg.nginx.org/nginx/rev/ad3d34ddfdcc
> branches:
> changeset: 9158:ad3d34ddfdcc
> user: Roman Arutyunyan
> date: Wed Sep 13 17:59:37 2023 +0400
> description:
> QUIC: "handsh
Hi Sergey,
> Not sure nginx needs such complexity.
> Instead, I'd expect the missing API to be added to the library,
> especially that both parent and grandparent implement it.
>
> BoringSSL didn't have such API for quite some time until recently.
Right, this patch pred
ith me.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
nsorted by type; I'd put it after u_long
Good catch, thanks!
> This makes the following slight update to the patch.
> If you're okey with it, I will commit it then.
LGTM.
Best regards,
Piotr Sikora
___
nginx-devel mailing list
ngin
ora
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Hi Roman,
> It looks like this library is not super popular, but the patch is relatively
> large.
Perhaps it's not as widely used as the forks that started ~10 years ago,
but it's basically a version of BoringSSL that's more suitable to use with
NGINX than BoringSSL itself
the error at hand,
I find my version more readable.
But you're obviously welcome to commit either version.
[1] https://clang.llvm.org/docs/UndefinedBehaviorSanitizer.html
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
patch.
LGTM, thanks!
Best regards,
Piotr Sikora
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Hi Sergey,
> While I agree that false positives do not allow to run LeakSanitizer
> in a clean fashion, I don't think it is nginx which should be fixed.
> Rather, sanitizer analysis could be improved instead to prevent FPs.
Patches welcome?
> Meanwhile, leak sanitizer
Subject: nginx web server configuration file for Suprema BioStar 2 Door Access
System
Good day from Singapore,
On 7 Mar 2024 Thursday, I was installing NEW self-signed SSL certificate for
Suprema BioStar 2 door access system version 2.7.12.39 for a law firm in
Singapore because the common
ket leaks.)
Freeing memory in exit_process could result in use-after-free, since
cleanups for the cycle->pool might still access those connections.
Best regards,
Piotr Sikora
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Homebrew on Intel.
And then, there is Homebrew on Linux [6].
[1] https://formulae.brew.sh/analytics/install-on-request/30d/
[2] https://ports.macports.org/statistics/ports/
[3] https://support.apple.com/en-us/116943
[4] https://formulae.brew.sh/formula/nginx#default
[5] ht
defaults are not very good.
> Also, this change is required a corresponding change in the
> documentation on the nginx.org website.
I'm happy to submit the corresponding change if the patch
is accepted.
Best regards,
Piotr Sikora
___
\$(DESTDIR)$NGX_SBIN_PATH' \\
'\$(DESTDIR)$NGX_SBIN_PATH.old'
- cp $NGX_OBJS/nginx '\$(DESTDIR)$NGX_SBIN_PATH'
+ cp $NGX_OBJS/nginx$ngx_binext '\$(DESTDIR)$NGX_SBIN_PATH'
test -d '\$(DESTDIR)$NGX_CONF_PR
IndexHigh << 32) | (fi)->nFileIndexLow)
/* 1164447360 is commented in src/os/win32/ngx_time.c */
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
vapi32 -lws2_32"
MAIN_LINK="$MAIN_LINK -Wl,--export-all-symbols"
MAIN_LINK="$MAIN_LINK -Wl,--out-implib=$NGX_OBJS/libnginx.a"
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
clude"
+
+if [ $NGX_RPATH = YES ]; then
+ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib
-lpcre"
+else
+ngx_feature_libs="-L/opt/homebrew/lib -lpcre"
+fi
+
+ . auto/feature
+fi
+
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
ze; n >>= 1; ngx_pagesize_shift++) { /* void */ }
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
value=16 . auto/define
NGX_MACH_CACHE_LINE=32
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
@@
crypt_r(\"key\", \"salt\", &cd);"
. auto/feature
+if [ $ngx_found = yes ]; then
+CRYPT_LIB="-lcrypt"
+fi
+
ngx_include="sys/vfs.h"; . auto/include
___
ngi
turn NGX_ERROR;
}
+#else
+
+ngx_int_t
+ngx_libc_crypt(ngx_pool_t *pool, u_char *key, u_char *salt, u_char **encrypted)
+{
+return NGX_ERROR;
+}
+
#endif
#endif /* NGX_CRYPT */
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
\
|| NGX_QUIC_OPENSSL_COMPAT
#define NGX_QUIC_BORINGSSL_API 1
@@ -578,7 +579,7 @@
return NGX_ERROR;
}
-#ifdef OPENSSL_IS_BORINGSSL
+#if defined(OPENSSL_IS_BORINGSSL) || defined(OPENSSL_IS_AWSLC)
if (SSL_set_quic_early_data_context(ssl_conn, p, clen) == 0) {
ngx_
OR;
+}
+
+ngx_sprintf(s->data, "0x%04xd", curve_id);
+
+ return NGX_OK;
+}
+
#endif
ngx_str_null(s);
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
uot;);
return NGX_CONF_OK;
}
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
tream/ngx_stream_geoip_module.c Mon Feb 26 20:00:26 2024 +
@@ -236,10 +236,10 @@
if (IN6_IS_ADDR_V4MAPPED(inaddr6)) {
p = inaddr6->s6_addr;
-inaddr = p[12] << 24;
- inaddr += p[13] << 16;
-inaddr += p[14] << 8;
alloc(ctx->pool, sizeof(ngx_stream_variable_value_t));
if (val == NULL) {
return NULL;
}
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
26 20:00:18 2024 +
+++ b/src/mail/ngx_mail_proxy_module.c Mon Feb 26 20:00:19 2024 +
@@ -178,7 +178,7 @@
s->proxy->proxy_protocol = pcf->proxy_protocol;
-s->out.len = 0;
+ngx_str_null(&s->out);
switch (s->protocol) {
diff -r 8edb4003177d -r 529367
/src/stream/ngx_stream_upstream_round_robin.h Mon Feb 26 20:00:18
2024 +
@@ -142,6 +142,7 @@
void *data);
void ngx_stream_upstream_free_round_robin_peer(ngx_peer_connection_t *pc,
void *data, ngx_uint_t state);
+void ngx_stream_upstream_free_round_robin(ngx_stream_upstream_srv_co
ons;
+rev = cycle->read_events;
+wev = cycle->write_events;
+
ngx_destroy_pool(cycle->pool);
+ngx_free(c);
+ngx_free(rev);
+ngx_free(wev);
+
ngx_log_error(NGX_LOG_NOTICE, ngx_cycle->log, 0, "exit");
exit(0);
____
HTTP_SERVER_TOKENS_OFF);
ngx_conf_merge_ptr_value(conf->open_file_cache,
prev->open_file_cache, NULL);
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
27;ve reached an agreement
that I will maintain my role in nginx development as a volunteer.
And for almost two years I was working on improving nginx and
making it better for everyone, for free.
And you did a very good job!
Unfortunately, some new non-technical management at F5 recently
decided that
Hi Nginx experts,
I have noticed that upstream response time is populated to a non-zero and
non-negative value in Nginx even when upstream connection times out.
This is not true with other values like upstream connect time and upstream
header time.
Is this intentional ?
Get Outlook for
yielding to the segfault.
See the attached patch. Tested on our side and this fix works, also run
through the nginx-tests and ok, but I am not thoroughly sure that I am
not forgetting some cases.
Thank you for your review.
Sincerely
Jiří Setnička
daemon off;
events {
worker_connections
ntaxError: Unexpected token \"g\" in 1") },
{ njs_str("0X_ff"),
- njs_str("SyntaxError: Unexpected token \"_ff\" in 1") },
+ njs_str("SyntaxError: Unexpected token \"0X\" in 1") },
+
+{ njs_str("0X + 1"),
+ njs_str("SyntaxError: Unexpected token \"0X\" in 1") },
{ njs_str("0xff_"),
njs_str("SyntaxError: Unexpected token \"_\" in 1") },
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
;`\" in 1") },
+{ njs_str("for(1;;)for(-x;;)fr({-x;;)f"),
+ njs_str("SyntaxError: Unexpected token \"-\" in 1") },
+
{ njs_str("for(i;;)for(-new+3;;)break;"),
njs_str("SyntaxError: Unexpected token \"+\&q
27;
# at ssl_verify_depth.t line 169.
# 'HTTP/1.1 400 Bad Request
# Server: nginx/1.24.0
# Date: Fri, 26 Jan 2024 01:08:10 GMT
# Content-Type: text/html
# Content-Length: 215
# Connection: close
# X-Client: CN=end
# X-Verify: FAILED:unsuitable certificate purpose
#
#
# 400 The
Hey Andrey,
Thanks for the help. I rebuilt NGINX with OpenSSL 3.0.8 sources, but the same
tests still fail. Here is the output of nginx configuration:
nginx version: nginx/1.24.0
built by clang 14.0.0 (clang-1400.0.29.202)
built with OpenSSL 3.0.8 7 Feb 2023
TLS SNI support enabled
configure
Hi all,
I have not made any changes to NGINX. Vanilla NGINX (./configure with no flags)
passes all tests that run, but when compiling with SSL, not all SSL tests are
passing. Is this expected, or do I need to configure nginx further aside from
adding the --with-http_ssl_module flag? Do each of
for nginx-tests? I might be setting up perl wrong.
From: Sergey Kandaurov
Date: Wednesday, January 24, 2024 at 2:59 PM
To: [email protected]
Cc: Mayerhofer, Austin
Subject: [EXTERNAL] Re: Nginx-tests stream_ssl_conf_command.t test hanging
indefinitely
> On 25 Jan 2024, at 01:15, Mayerho
Hi all,
Apologies if I sent this twice, I don’t think the first one went through
because I wasn’t subscribed to the list.
nginx-tests’ stream_ssl_conf_command.t is hanging for me and not running to
completion, I’m using the following configuration:
OS: MacOS 12.6.3
Chip: Apple M1 Max
NGINX
\
-SWITCH (vmcode->code.operation)
+ SWITCH (vmcode->code)
#define NEXT_LBL
#define FALLTHROUGH
@@ -237,7 +237,7 @@ njs_vmcode_interpreter(njs_vm_t *vm, u_c
NEXT_LBL;
-SWITCH (vmcode->code.operation) {
+SWITCH (vmcode->code) {
CASE (NJS_VMCODE_MOVE):
njs_vmcode_debug_opcode();
diff -r 476f7b3e617d -r a5f279148c9f src/njs_vmcode.h
--- a/src/njs_vmcode.h Tue Jan 09 17:56:19 2024 -0800
+++ b/src/njs_vmcode.h Wed Jan 10 16:26:35 2024 -0800
@@ -23,11 +23,7 @@
typedef intptr_tnjs_jump_off_t;
-typedef uint8_t njs_vmcode_operation_t;
-
-
-#define NJS_VMCODE_3OPERANDS0
-#define NJS_VMCODE_2OPERANDS1
+typedef uint8_t njs_vmcode_t;
enum {
@@ -119,12 +115,6 @@ enum {
typedef struct {
-njs_vmcode_operation_t operation;
-uint8_toperands; /* 2 bits */
-} njs_vmcode_t;
-
-
-typedef struct {
njs_vmcode_t code;
njs_index_toperand1;
njs_index_toperand2;
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
On Thu, Dec 28, 2023 at 04:31:41PM +0300, Maxim Dounin wrote:
> Hello!
>
> On Wed, Dec 27, 2023 at 04:17:38PM +0300, Vladimir Homutov via nginx-devel
> wrote:
>
> > On Wed, Dec 27, 2023 at 02:48:04PM +0300, Maxim Dounin wrote:
> > > Hello!
> > >
> &g
On Wed, Dec 27, 2023 at 02:48:04PM +0300, Maxim Dounin wrote:
> Hello!
>
> On Mon, Dec 25, 2023 at 07:52:41PM +0300, Vladimir Homutov via nginx-devel
> wrote:
>
> > Hello, everyone,
> >
> > and Merry Christmas to all!
> >
> > I'm a developer of an
Example configuration:
location /foo {
proxy_http_version 3;
proxy_pass https://http3-server.example.com:4433;
}
src/http/modules/ngx_http_proxy_module.c | 2276 -
src/http/modules/ngx_http_upstream_keepalive_module.c |47 +-
src/http/ngx_http_header_fi
/src/http/modules/ngx_http_proxy_module.c
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -1,5 +1,6 @@
/*
+ * Copyright (C) 2023 Web Server LLC
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
*/
@@ -126,6 +127,11 @@ typedef struct
for keepalive tests.
diff --git a/src/http/v3/ngx_http_v3_module.c b/src/http/v3/ngx_http_v3_module.c
--- a/src/http/v3/ngx_http_v3_module.c
+++ b/src/http/v3/ngx_http_v3_module.c
@@ -1,5 +1,6 @@
/*
+ * Copyright (C) 2023 Web Server LLC
* Copyright (C) Nginx, Inc.
* Copyright (C) Roman
ding to the TLS standard.
+ */
+ngx_http_upstream_close_peer_connection(r, u, 0);
+}
if (u->pipe && u->pipe->temp_file) {
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
/ngx_http_upstream.c
--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
@@ -1,5 +1,6 @@
/*
+ * Copyright (C) 2023 Web Server LLC
* Copyright (C) Igor Sysoev
* Copyright (C) Nginx, Inc.
*/
@@ -37,6 +38,8 @@ static void ngx_http_upstream_check_brok
ngx_event_t *ev);
static void
_quic_get_send_ctx(qc, ssl_encryption_initial);
+}
+
+if (ngx_quic_ping_peer(c, ctx) != NGX_OK) {
+ngx_quic_close_connection(c, NGX_ERROR);
+return;
+}
}
qc->pto_count++;
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
/http/v3/ngx_http_v3.h
@@ -1,5 +1,6 @@
/*
+ * Copyright (C) 2023 Web Server LLC
* Copyright (C) Roman Arutyunyan
* Copyright (C) Nginx, Inc.
*/
@@ -72,6 +73,25 @@
#define NGX_HTTP_V3_ERR_CONNECT_ERROR 0x10f
#define NGX_HTTP_V3_ERR_VERSION_FALLBACK 0x110
+/* static
c->log->action = "handling decrypted packet";
+if (qc->client && !qc->server_id_known) {
+/* server generated new ID, use it (only if decrypted) */
+
+ngx_memcpy(qc->path->cid->id, pkt->scid.data, pkt->scid.len);
+q
/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
@@ -1,5 +1,6 @@
/*
+ * Copyright (C) 2023 Web Server LLC
* Copyright (C) Nginx, Inc.
*/
@@ -122,7 +123,7 @@ ngx_quic_connstate_dbg(ngx_connection_t
ngx_int_t
-ngx_quic_ap
(qc->streams.server_max_streams_bidi < f->limit) {
-qc->streams.server_max_streams_bidi = f->limit;
+if (qc->streams.server.bidi.max < f->limit) {
+qc->streams.server.bidi.max = f->limit;
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
"quic max_streams_bidi:%uL", f->limit);
}
} else {
-if (qc->streams.server_max_streams_uni < f->limit) {
-qc->streams.server_max_streams_uni = f->limit;
+if (qc->streams.server.uni.max < f->limit) {
+qc->streams.server.uni.max = f->limit;
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
"quic max_streams_uni:%uL", f->limit);
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Hello, everyone,
and Merry Christmas to all!
I'm a developer of an nginx fork Angie. Recently we implemented
an HTTP/3 proxy support in our fork [1].
We'd like to contribute this functionality to nginx OSS community.
Hence here is a patch series backported from Angie to the curre
@@
/*
+ * Copyright (C) 2023 Web Server LLC
* Copyright (C) Nginx, Inc.
*/
@@ -43,6 +44,8 @@ static ngx_msec_t ngx_quic_pcg_duration(
static void ngx_quic_persistent_congestion(ngx_connection_t *c);
static void ngx_quic_congestion_lost(ngx_connection_t *c,
ngx_quic_frame_t *frame);
+static
:
nginx/ngx_js_shared_dict.c | 30 +++---
nginx/t/js_shared_dict.t | 21 +++--
2 files changed, 46 insertions(+), 5 deletions(-)
diffs (115 lines):
diff -r fc1001f6801b -r 4a15613f4e8b nginx/ngx_js_shared_dict.c
--- a/nginx/ngx_js_shared_dict.cThu Dec
1:09:28AM -0500, Ben Kallus wrote:
Nginx executes numerous `memcpy`s from NULL during normal
execution.
`memcpy`ing to or from NULL is undefined behavior. Accordingly,
some
compilers (gcc -O2) make optimizations that assume `memcpy`
arguments
are not NULL. Nginx with UBSan crashes
ump(njs_vm_t *vm, njs_str_
continue;
}
-state = njs_json_push_stringify_state(vm, stringify, val);
+ state = njs_json_push_stringify_state(stringify, val);
if (njs_slow_path(state == NULL)) {
goto exception;
}
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
);
+ret = njs_get_own_ordered_keys(vm, object, parent, items_sorted, type,
+ all);
if (ret != NJS_OK) {
return NJS_ERROR;
}
___
nginx-devel mailing list
[email protected]
https
You should probably be sending development related questions like this
one to [email protected].
Additionally, what I've learned as a developer and a Security person is
that **coverity static testing issues** are not always actual *issues*
that need addressed. Without de
your organization or community with reliable and effective
safety solutions. With [ATISystems.com](http://atisystems.com/), safety is
priority.___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
rm your digital marketing endeavors. At
[Digitology.co](https://digitology.co), your success is our priority!
For more info, visit the best digital marketing agency in Egypt
[here](https://digitology.co)___
nginx-devel mailing list
[email protected]
array->start[index] = *init;
break;
@@ -2569,10 +2568,7 @@ njs_vmcode_return(njs_vm_t *vm, njs_valu
frame = (njs_frame_t *) vm->top_frame;
if (frame->native.ctor) {
-if (njs_is_object(retval)) {
-njs_release(vm, frame->native.local[0]);
-
-} else {
+if (!njs_is_object(retval)) {
retval = frame->native.local[0];
}
}
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
c = *p;
} while ((c & 0xC0) == 0x80);
_______
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
On Tue, Nov 28, 2023 at 05:58:23AM +0300, Maxim Dounin wrote:
> Hello!
>
> On Fri, Nov 10, 2023 at 12:11:54PM +0300, Vladimir Homutov via nginx-devel
> wrote:
>
> > If URI is not fully parsed yet, some pointers are not set.
> > As a result, the calculation of &qu
On Tue, Nov 28, 2023 at 05:57:39AM +0300, Maxim Dounin wrote:
> Hello!
>
> On Fri, Nov 10, 2023 at 12:11:55PM +0300, Vladimir Homutov via nginx-devel
> wrote:
>
> >
> > It is no longer used since the refactoring in 8e5bf1bc87e2 (2008).
>
> Neither r->port_
AggregateError('1234567'); e.errors"),
+ njs_str("1,2,3,4,5,6,7") },
+
{ njs_str("let e = AggregateError([1, 2, 3], 'm'); e"),
njs_str("AggregateError: m") },
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
}
+
+if (r->header_end) {
+r->header_end = new + (r->header_end - old);
+}
}
r->header_in = b;
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
like remnant of old refactoring.
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
hema_end;
u_char *host_start;
u_char *host_end;
-u_char *port_start;
u_char *port_end;
unsigned http_minor:16;
_______
nginx-dev
->level;
+f->type = NGX_QUIC_FT_PING;
+f->len = ngx_quic_create_frame(NULL, f);
+
+if (ngx_quic_frame_sendto(c, f, 0, qc->path) != NGX_OK) {
+return NGX_ERROR;
+ }
+
+ngx_queue_insert_tail(&ctx->sent, &f->queue);
+cg->in_flight += f->plen;
+}
+
+ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0,
+ "quic congestion send if:%uz", cg->in_flight);
+
+return NGX_OK;
+}
+
+
ngx_int_t
ngx_quic_ack_packet(ngx_connection_t *c, ngx_quic_header_t *pkt)
{
diff --git a/src/event/quic/ngx_event_quic_output.c b/src/event/quic/ngx_event_quic_output.c
--- a/src/event/quic/ngx_event_quic_output.c
+++ b/src/event/quic/ngx_event_quic_output.c
@@ -1237,6 +1237,10 @@ ngx_quic_frame_sendto(ngx_connection_t *
return NGX_ERROR;
}
+if (frame->need_ack) {
+frame->plen = res.len;
+}
+
ctx->pnum++;
sent = ngx_quic_send(c, res.data, res.len, path->sockaddr, path->socklen);
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
On Wed, Nov 08, 2023 at 07:51:39AM +0300, Artem Pogartsev via nginx-devel wrote:
> diff -r 7ec761f0365f -r eb0dd3d90343 src/os/unix/ngx_process_cycle.c
> if (!ngx_exiting) {
> ngx_exiting = 1;
> +ccf = (ngx_core_conf_t *) ngx_get_conf(cyc
Hi,
Sending a patch in previous email, I fully understand that similar
proposals have already been discussed and rejected (those were
implemented in a different approach though):
https://trac.nginx.org/nginx/ticket/1022
https://mailman.nginx.org/pipermail/nginx-devel/2019-January/011804.html
idle connections to be used
when gracefully shutting down worker processes. When the timer expires, nginx
will attempt to close any remaining idle connections.
The delay is only added for connections with the "shutdown_delay" flag, and
currently it's only keepalive HTTP/1.1 c
w + (r->uri_end - old);
+}
if (r->schema_start) {
r->schema_start = new + (r->schema_start - old);
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
/src/stream/ngx_stream_script.c
+++ b/src/stream/ngx_stream_script.c
@@ -842,7 +842,9 @@ ngx_stream_script_copy_var_code(ngx_stre
if (value && !value->not_found) {
p = e->pos;
- e->pos = ngx_copy(p, value->data, value->len);
+if (value->len) {
+e->pos = ngx_copy(p, value->data, value->len);
+}
ngx_log_debug2(NGX_LOG_DEBUG_STREAM,
e->session->connection->log, 0,
___
nginx-devel mailing list
[email protected]
https://mailman.nginx.org/mailman/listinfo/nginx-devel
Hello,
Below are two patches, created by results of running nginx-tests with
GCC undefined behaviour sanitizer enabled.
The first one is about memcpy() with NULL second argument calls, which
are considere undefined behaviour by sanitizer. While the actual harm
is arguable, having such calls is
On Fri, Oct 27, 2023 at 12:27:22AM +0400, Sergey Kandaurov wrote:
> On Thu, Oct 26, 2023 at 05:20:39PM +0300, Vladimir Homutov wrote:
> > On Thu, Oct 26, 2023 at 03:08:55AM +0400, Sergey Kandaurov wrote:
> > > On Wed, Oct 11, 2023 at 04:58:47PM +0300, Vladimir Homutov via
>
On Thu, Oct 26, 2023 at 03:08:55AM +0400, Sergey Kandaurov wrote:
> On Wed, Oct 11, 2023 at 04:58:47PM +0300, Vladimir Homutov via nginx-devel
> wrote:
[..]
> > diff --git a/src/event/quic/ngx_event_quic_output.c
> > b/src/event/quic/ngx_event_quic_output.c
> &
1 - 100 of 511 matches
Mail list logo
