Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package nginx for openSUSE:Factory checked
in at 2022-12-18 17:22:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/nginx (Old)
and /work/SRC/openSUSE:Factory/.nginx.new.1835 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nginx"
Sun Dec 18 17:22:24 2022 rev:78 rq:1043486 version:1.23.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2022-10-22
14:13:19.832772622 +0200
+++ /work/SRC/openSUSE:Factory/.nginx.new.1835/nginx.changes 2022-12-18
17:22:27.501287842 +0100
@@ -1,0 +2,14 @@
+Sat Dec 17 19:46:30 UTC 2022 - Michael Ströder <mich...@stroeder.com>
+
+- Updated to 1.23.3
+ * Bugfix: an error might occur when reading PROXY protocol version 2
+ header with large number of TLVs.
+ * Bugfix: a segmentation fault might occur in a worker process if SSI
+ was used to process subrequests created by other modules.
+ * Workaround: when a hostname used in the "listen" directive resolves
+ to multiple addresses, nginx now ignores duplicates within these
+ addresses.
+ * Bugfix: nginx might hog CPU during unbuffered proxying if SSL
+ connections to backends were used.
+
+-------------------------------------------------------------------
Old:
----
nginx-1.23.2.tar.gz
nginx-1.23.2.tar.gz.asc
New:
----
nginx-1.23.3.tar.gz
nginx-1.23.3.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ nginx.spec ++++++
--- /var/tmp/diff_new_pack.LTalnb/_old 2022-12-18 17:22:28.505293645 +0100
+++ /var/tmp/diff_new_pack.LTalnb/_new 2022-12-18 17:22:28.509293668 +0100
@@ -23,7 +23,7 @@
%bcond_with ngx_google_perftools
#
Name: nginx
-Version: 1.23.2
+Version: 1.23.3
Release: 0
Summary: A HTTP server and IMAP/POP3 proxy server
License: BSD-2-Clause
++++++ nginx-1.23.2.tar.gz -> nginx-1.23.3.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/CHANGES new/nginx-1.23.3/CHANGES
--- old/nginx-1.23.2/CHANGES 2022-10-19 09:56:26.000000000 +0200
+++ new/nginx-1.23.3/CHANGES 2022-12-13 16:53:57.000000000 +0100
@@ -1,4 +1,21 @@
+Changes with nginx 1.23.3 13 Dec 2022
+
+ *) Bugfix: an error might occur when reading PROXY protocol version 2
+ header with large number of TLVs.
+
+ *) Bugfix: a segmentation fault might occur in a worker process if SSI
+ was used to process subrequests created by other modules.
+ Thanks to Ciel Zhao.
+
+ *) Workaround: when a hostname used in the "listen" directive resolves
+ to multiple addresses, nginx now ignores duplicates within these
+ addresses.
+
+ *) Bugfix: nginx might hog CPU during unbuffered proxying if SSL
+ connections to backends were used.
+
+
Changes with nginx 1.23.2 19 Oct 2022
*) Security: processing of a specially crafted mp4 file by the
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/CHANGES.ru new/nginx-1.23.3/CHANGES.ru
--- old/nginx-1.23.2/CHANGES.ru 2022-10-19 09:56:25.000000000 +0200
+++ new/nginx-1.23.3/CHANGES.ru 2022-12-13 16:53:56.000000000 +0100
@@ -1,4 +1,22 @@
+ÐÐ·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð² nginx 1.23.3
13.12.2022
+
+ *) ÐÑпÑавление: пÑи ÑÑении заголовка
пÑоÑокола PROXY веÑÑии 2,
+ ÑодеÑжаÑего болÑÑое колиÑеÑÑво TLV,
могла возникаÑÑ Ð¾Ñибка.
+
+ *) ÐÑпÑавление: пÑи иÑполÑзовании SSI длÑ
обÑабоÑки подзапÑоÑов,
+ ÑозданнÑÑ
дÑÑгими модÑлÑми, в ÑабоÑем
пÑоÑеÑÑе мог пÑоизойÑи
+ segmentation fault.
+ СпаÑибо Ciel Zhao.
+
+ *) Ðзменение: ÑепеÑÑ, еÑли пÑи
пÑеобÑазовании в адÑеÑа имени Ñ
оÑÑа,
+ Ñказанного в диÑекÑиве listen,
возвÑаÑаеÑÑÑ Ð½ÐµÑколÑко адÑеÑов, nginx
+ игноÑиÑÑÐµÑ Ð´ÑбликаÑÑ ÑÑеди ÑÑиÑ
адÑеÑов.
+
+ *) ÐÑпÑавление: nginx мог нагÑÑжаÑÑ
пÑоÑеÑÑÐ¾Ñ Ð¿Ñи небÑÑеÑизиÑованном
+ пÑокÑиÑовании, еÑли иÑполÑзовалиÑÑ
SSL-ÑÐ¾ÐµÐ´Ð¸Ð½ÐµÐ½Ð¸Ñ Ñ Ð±Ñкендами.
+
+
ÐÐ·Ð¼ÐµÐ½ÐµÐ½Ð¸Ñ Ð² nginx 1.23.2
19.10.2022
*) ÐезопаÑноÑÑÑ: обÑабоÑка ÑпеÑиалÑно
Ñозданного mp4-Ñайла модÑлем
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/core/nginx.h
new/nginx-1.23.3/src/core/nginx.h
--- old/nginx-1.23.2/src/core/nginx.h 2022-10-19 09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/core/nginx.h 2022-12-13 16:53:53.000000000 +0100
@@ -9,8 +9,8 @@
#define _NGINX_H_INCLUDED_
-#define nginx_version 1023002
-#define NGINX_VERSION "1.23.2"
+#define nginx_version 1023003
+#define NGINX_VERSION "1.23.3"
#define NGINX_VER "nginx/" NGINX_VERSION
#ifdef NGX_BUILD
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/core/ngx_proxy_protocol.c
new/nginx-1.23.3/src/core/ngx_proxy_protocol.c
--- old/nginx-1.23.2/src/core/ngx_proxy_protocol.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/core/ngx_proxy_protocol.c 2022-12-13
16:53:53.000000000 +0100
@@ -109,7 +109,7 @@
len = last - buf;
if (len >= sizeof(ngx_proxy_protocol_header_t)
- && memcmp(p, signature, sizeof(signature) - 1) == 0)
+ && ngx_memcmp(p, signature, sizeof(signature) - 1) == 0)
{
return ngx_proxy_protocol_v2_read(c, buf, last);
}
@@ -281,7 +281,9 @@
{
ngx_uint_t port, lport;
- if (last - buf < NGX_PROXY_PROTOCOL_MAX_HEADER) {
+ if (last - buf < NGX_PROXY_PROTOCOL_V1_MAX_HEADER) {
+ ngx_log_error(NGX_LOG_ALERT, c->log, 0,
+ "too small buffer for PROXY protocol");
return NULL;
}
@@ -394,11 +396,11 @@
src_sockaddr.sockaddr_in.sin_family = AF_INET;
src_sockaddr.sockaddr_in.sin_port = 0;
- memcpy(&src_sockaddr.sockaddr_in.sin_addr, in->src_addr, 4);
+ ngx_memcpy(&src_sockaddr.sockaddr_in.sin_addr, in->src_addr, 4);
dst_sockaddr.sockaddr_in.sin_family = AF_INET;
dst_sockaddr.sockaddr_in.sin_port = 0;
- memcpy(&dst_sockaddr.sockaddr_in.sin_addr, in->dst_addr, 4);
+ ngx_memcpy(&dst_sockaddr.sockaddr_in.sin_addr, in->dst_addr, 4);
pp->src_port = ngx_proxy_protocol_parse_uint16(in->src_port);
pp->dst_port = ngx_proxy_protocol_parse_uint16(in->dst_port);
@@ -421,11 +423,11 @@
src_sockaddr.sockaddr_in6.sin6_family = AF_INET6;
src_sockaddr.sockaddr_in6.sin6_port = 0;
- memcpy(&src_sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16);
+ ngx_memcpy(&src_sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16);
dst_sockaddr.sockaddr_in6.sin6_family = AF_INET6;
dst_sockaddr.sockaddr_in6.sin6_port = 0;
- memcpy(&dst_sockaddr.sockaddr_in6.sin6_addr, in6->dst_addr, 16);
+ ngx_memcpy(&dst_sockaddr.sockaddr_in6.sin6_addr, in6->dst_addr, 16);
pp->src_port = ngx_proxy_protocol_parse_uint16(in6->src_port);
pp->dst_port = ngx_proxy_protocol_parse_uint16(in6->dst_port);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/core/ngx_proxy_protocol.h
new/nginx-1.23.3/src/core/ngx_proxy_protocol.h
--- old/nginx-1.23.2/src/core/ngx_proxy_protocol.h 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/core/ngx_proxy_protocol.h 2022-12-13
16:53:53.000000000 +0100
@@ -13,7 +13,8 @@
#include <ngx_core.h>
-#define NGX_PROXY_PROTOCOL_MAX_HEADER 107
+#define NGX_PROXY_PROTOCOL_V1_MAX_HEADER 107
+#define NGX_PROXY_PROTOCOL_MAX_HEADER 4096
struct ngx_proxy_protocol_s {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/core/ngx_string.h
new/nginx-1.23.3/src/core/ngx_string.h
--- old/nginx-1.23.2/src/core/ngx_string.h 2022-10-19 09:56:21.000000000
+0200
+++ new/nginx-1.23.3/src/core/ngx_string.h 2022-12-13 16:53:53.000000000
+0100
@@ -140,12 +140,12 @@
#endif
-#define ngx_memmove(dst, src, n) (void) memmove(dst, src, n)
-#define ngx_movemem(dst, src, n) (((u_char *) memmove(dst, src, n)) + (n))
+#define ngx_memmove(dst, src, n) (void) memmove(dst, src, n)
+#define ngx_movemem(dst, src, n) (((u_char *) memmove(dst, src, n)) + (n))
/* msvc and icc7 compile memcmp() to the inline loop */
-#define ngx_memcmp(s1, s2, n) memcmp((const char *) s1, (const char *) s2, n)
+#define ngx_memcmp(s1, s2, n) memcmp(s1, s2, n)
u_char *ngx_cpystrn(u_char *dst, u_char *src, size_t n);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/event/ngx_event.c
new/nginx-1.23.3/src/event/ngx_event.c
--- old/nginx-1.23.2/src/event/ngx_event.c 2022-10-19 09:56:21.000000000
+0200
+++ new/nginx-1.23.3/src/event/ngx_event.c 2022-12-13 16:53:53.000000000
+0100
@@ -416,6 +416,7 @@
{
#if (NGX_HAVE_REUSEPORT)
ngx_uint_t i;
+ ngx_core_conf_t *ccf;
ngx_listening_t *ls;
#endif
@@ -442,7 +443,9 @@
#if (NGX_HAVE_REUSEPORT)
- if (!ngx_test_config) {
+ ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
+
+ if (!ngx_test_config && ccf->master) {
ls = cycle->listening.elts;
for (i = 0; i < cycle->listening.nelts; i++) {
@@ -810,7 +813,9 @@
rev->deferred_accept = ls[i].deferred_accept;
#endif
- if (!(ngx_event_flags & NGX_USE_IOCP_EVENT)) {
+ if (!(ngx_event_flags & NGX_USE_IOCP_EVENT)
+ && cycle->old_cycle)
+ {
if (ls[i].previous) {
/*
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/event/ngx_event_openssl.c
new/nginx-1.23.3/src/event/ngx_event_openssl.c
--- old/nginx-1.23.2/src/event/ngx_event_openssl.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/event/ngx_event_openssl.c 2022-12-13
16:53:53.000000000 +0100
@@ -2204,6 +2204,7 @@
#endif
if (c->ssl->last == NGX_ERROR) {
+ c->read->ready = 0;
c->read->error = 1;
return NGX_ERROR;
}
@@ -2270,6 +2271,7 @@
#if (NGX_HAVE_FIONREAD)
if (ngx_socket_nread(c->fd, &c->read->available) == -1) {
+ c->read->ready = 0;
c->read->error = 1;
ngx_connection_error(c, ngx_socket_errno,
ngx_socket_nread_n " failed");
@@ -2306,6 +2308,7 @@
return 0;
case NGX_ERROR:
+ c->read->ready = 0;
c->read->error = 1;
/* fall through */
@@ -2326,6 +2329,7 @@
size_t readbytes;
if (c->ssl->last == NGX_ERROR) {
+ c->read->ready = 0;
c->read->error = 1;
return NGX_ERROR;
}
@@ -2425,6 +2429,7 @@
return 0;
case NGX_ERROR:
+ c->read->ready = 0;
c->read->error = 1;
/* fall through */
@@ -3020,7 +3025,7 @@
n = SSL_sendfile(c->ssl->connection, file->file->fd, file->file_pos,
size, flags);
- ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_sendfile: %d", n);
+ ngx_log_debug1(NGX_LOG_DEBUG_EVENT, c->log, 0, "SSL_sendfile: %z", n);
if (n > 0) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/nginx-1.23.2/src/http/modules/ngx_http_ssi_filter_module.c
new/nginx-1.23.3/src/http/modules/ngx_http_ssi_filter_module.c
--- old/nginx-1.23.2/src/http/modules/ngx_http_ssi_filter_module.c
2022-10-19 09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/http/modules/ngx_http_ssi_filter_module.c
2022-12-13 16:53:53.000000000 +0100
@@ -329,7 +329,7 @@
static ngx_int_t
ngx_http_ssi_header_filter(ngx_http_request_t *r)
{
- ngx_http_ssi_ctx_t *ctx;
+ ngx_http_ssi_ctx_t *ctx, *mctx;
ngx_http_ssi_loc_conf_t *slcf;
slcf = ngx_http_get_module_loc_conf(r, ngx_http_ssi_filter_module);
@@ -341,6 +341,8 @@
return ngx_http_next_header_filter(r);
}
+ mctx = ngx_http_get_module_ctx(r->main, ngx_http_ssi_filter_module);
+
ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_ssi_ctx_t));
if (ctx == NULL) {
return NGX_ERROR;
@@ -367,6 +369,26 @@
r->filter_need_in_memory = 1;
if (r == r->main) {
+
+ if (mctx) {
+
+ /*
+ * if there was a shared context previously used as main,
+ * copy variables and blocks
+ */
+
+ ctx->variables = mctx->variables;
+ ctx->blocks = mctx->blocks;
+
+#if (NGX_PCRE)
+ ctx->ncaptures = mctx->ncaptures;
+ ctx->captures = mctx->captures;
+ ctx->captures_data = mctx->captures_data;
+#endif
+
+ mctx->shared = 0;
+ }
+
ngx_http_clear_content_length(r);
ngx_http_clear_accept_ranges(r);
@@ -379,6 +401,10 @@
} else {
ngx_http_weak_etag(r);
}
+
+ } else if (mctx == NULL) {
+ ngx_http_set_ctx(r->main, ctx, ngx_http_ssi_filter_module);
+ ctx->shared = 1;
}
return ngx_http_next_header_filter(r);
@@ -405,6 +431,7 @@
ctx = ngx_http_get_module_ctx(r, ngx_http_ssi_filter_module);
if (ctx == NULL
+ || (ctx->shared && r == r->main)
|| (in == NULL
&& ctx->buf == NULL
&& ctx->in == NULL
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/nginx-1.23.2/src/http/modules/ngx_http_ssi_filter_module.h
new/nginx-1.23.3/src/http/modules/ngx_http_ssi_filter_module.h
--- old/nginx-1.23.2/src/http/modules/ngx_http_ssi_filter_module.h
2022-10-19 09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/http/modules/ngx_http_ssi_filter_module.h
2022-12-13 16:53:53.000000000 +0100
@@ -71,6 +71,7 @@
u_char *captures_data;
#endif
+ unsigned shared:1;
unsigned conditional:2;
unsigned encoding:2;
unsigned block:1;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/http/ngx_http_core_module.c
new/nginx-1.23.3/src/http/ngx_http_core_module.c
--- old/nginx-1.23.2/src/http/ngx_http_core_module.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/http/ngx_http_core_module.c 2022-12-13
16:53:53.000000000 +0100
@@ -3963,7 +3963,7 @@
ngx_str_t *value, size;
ngx_url_t u;
- ngx_uint_t n;
+ ngx_uint_t n, i;
ngx_http_listen_opt_t lsopt;
cscf->listen = 1;
@@ -4289,6 +4289,16 @@
}
for (n = 0; n < u.naddrs; n++) {
+
+ for (i = 0; i < n; i++) {
+ if (ngx_cmp_sockaddr(u.addrs[n].sockaddr, u.addrs[n].socklen,
+ u.addrs[i].sockaddr, u.addrs[i].socklen, 0)
+ == NGX_OK)
+ {
+ goto next;
+ }
+ }
+
lsopt.sockaddr = u.addrs[n].sockaddr;
lsopt.socklen = u.addrs[n].socklen;
lsopt.addr_text = u.addrs[n].name;
@@ -4297,6 +4307,9 @@
if (ngx_http_add_listen(cf, cscf, &lsopt) != NGX_OK) {
return NGX_CONF_ERROR;
}
+
+ next:
+ continue;
}
return NGX_CONF_OK;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/mail/ngx_mail_core_module.c
new/nginx-1.23.3/src/mail/ngx_mail_core_module.c
--- old/nginx-1.23.2/src/mail/ngx_mail_core_module.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/mail/ngx_mail_core_module.c 2022-12-13
16:53:53.000000000 +0100
@@ -308,7 +308,7 @@
ngx_str_t *value, size;
ngx_url_t u;
ngx_uint_t i, n, m;
- ngx_mail_listen_t *ls, *als;
+ ngx_mail_listen_t *ls, *als, *nls;
ngx_mail_module_t *module;
ngx_mail_core_main_conf_t *cmcf;
@@ -333,7 +333,7 @@
cmcf = ngx_mail_conf_get_module_main_conf(cf, ngx_mail_core_module);
- ls = ngx_array_push_n(&cmcf->listen, u.naddrs);
+ ls = ngx_array_push(&cmcf->listen);
if (ls == NULL) {
return NGX_CONF_ERROR;
}
@@ -568,20 +568,40 @@
return NGX_CONF_ERROR;
}
- als = cmcf->listen.elts;
-
for (n = 0; n < u.naddrs; n++) {
- ls[n] = ls[0];
- ls[n].sockaddr = u.addrs[n].sockaddr;
- ls[n].socklen = u.addrs[n].socklen;
- ls[n].addr_text = u.addrs[n].name;
- ls[n].wildcard = ngx_inet_wildcard(ls[n].sockaddr);
+ for (i = 0; i < n; i++) {
+ if (ngx_cmp_sockaddr(u.addrs[n].sockaddr, u.addrs[n].socklen,
+ u.addrs[i].sockaddr, u.addrs[i].socklen, 0)
+ == NGX_OK)
+ {
+ goto next;
+ }
+ }
+
+ if (n != 0) {
+ nls = ngx_array_push(&cmcf->listen);
+ if (nls == NULL) {
+ return NGX_CONF_ERROR;
+ }
- for (i = 0; i < cmcf->listen.nelts - u.naddrs + n; i++) {
+ *nls = *ls;
+
+ } else {
+ nls = ls;
+ }
+
+ nls->sockaddr = u.addrs[n].sockaddr;
+ nls->socklen = u.addrs[n].socklen;
+ nls->addr_text = u.addrs[n].name;
+ nls->wildcard = ngx_inet_wildcard(nls->sockaddr);
+
+ als = cmcf->listen.elts;
+
+ for (i = 0; i < cmcf->listen.nelts - 1; i++) {
if (ngx_cmp_sockaddr(als[i].sockaddr, als[i].socklen,
- ls[n].sockaddr, ls[n].socklen, 1)
+ nls->sockaddr, nls->socklen, 1)
!= NGX_OK)
{
continue;
@@ -589,9 +609,12 @@
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"duplicate \"%V\" address and port pair",
- &ls[n].addr_text);
+ &nls->addr_text);
return NGX_CONF_ERROR;
}
+
+ next:
+ continue;
}
return NGX_CONF_OK;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/mail/ngx_mail_proxy_module.c
new/nginx-1.23.3/src/mail/ngx_mail_proxy_module.c
--- old/nginx-1.23.2/src/mail/ngx_mail_proxy_module.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/mail/ngx_mail_proxy_module.c 2022-12-13
16:53:53.000000000 +0100
@@ -890,7 +890,7 @@
u_char *p;
ssize_t n, size;
ngx_connection_t *c;
- u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER];
+ u_char buf[NGX_PROXY_PROTOCOL_V1_MAX_HEADER];
s->connection->log->action = "sending PROXY protocol header to upstream";
@@ -898,7 +898,7 @@
"mail proxy send PROXY protocol header");
p = ngx_proxy_protocol_write(s->connection, buf,
- buf + NGX_PROXY_PROTOCOL_MAX_HEADER);
+ buf + NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_mail_proxy_internal_server_error(s);
return NGX_ERROR;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/os/unix/ngx_process_cycle.c
new/nginx-1.23.3/src/os/unix/ngx_process_cycle.c
--- old/nginx-1.23.2/src/os/unix/ngx_process_cycle.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/os/unix/ngx_process_cycle.c 2022-12-13
16:53:53.000000000 +0100
@@ -736,6 +736,7 @@
ngx_set_shutdown_timer(cycle);
ngx_close_listening_sockets(cycle);
ngx_close_idle_connections(cycle);
+ ngx_event_process_posted(cycle, &ngx_posted_events);
}
}
@@ -758,7 +759,6 @@
ngx_cpuset_t *cpu_affinity;
struct rlimit rlmt;
ngx_core_conf_t *ccf;
- ngx_listening_t *ls;
if (ngx_set_environment(cycle, NULL) == NULL) {
/* fatal */
@@ -888,15 +888,6 @@
tp = ngx_timeofday();
srandom(((unsigned) ngx_pid << 16) ^ tp->sec ^ tp->msec);
- /*
- * disable deleting previous events for the listening sockets because
- * in the worker processes there are no events at all at this point
- */
- ls = cycle->listening.elts;
- for (i = 0; i < cycle->listening.nelts; i++) {
- ls[i].previous = NULL;
- }
-
for (i = 0; cycle->modules[i]; i++) {
if (cycle->modules[i]->init_process) {
if (cycle->modules[i]->init_process(cycle) == NGX_ERROR) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/os/win32/ngx_process_cycle.c
new/nginx-1.23.3/src/os/win32/ngx_process_cycle.c
--- old/nginx-1.23.2/src/os/win32/ngx_process_cycle.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/os/win32/ngx_process_cycle.c 2022-12-13
16:53:53.000000000 +0100
@@ -804,6 +804,7 @@
ngx_set_shutdown_timer(cycle);
ngx_close_listening_sockets(cycle);
ngx_close_idle_connections(cycle);
+ ngx_event_process_posted(cycle, &ngx_posted_events);
}
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/os/win32/ngx_wsarecv.c
new/nginx-1.23.3/src/os/win32/ngx_wsarecv.c
--- old/nginx-1.23.2/src/os/win32/ngx_wsarecv.c 2022-10-19 09:56:21.000000000
+0200
+++ new/nginx-1.23.3/src/os/win32/ngx_wsarecv.c 2022-12-13 16:53:53.000000000
+0100
@@ -78,6 +78,7 @@
ngx_socket_nread_n " failed");
if (n == NGX_ERROR) {
+ rev->ready = 0;
rev->error = 1;
}
@@ -95,6 +96,7 @@
}
if (bytes == 0) {
+ rev->ready = 0;
rev->eof = 1;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/os/win32/ngx_wsarecv_chain.c
new/nginx-1.23.3/src/os/win32/ngx_wsarecv_chain.c
--- old/nginx-1.23.2/src/os/win32/ngx_wsarecv_chain.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/os/win32/ngx_wsarecv_chain.c 2022-12-13
16:53:53.000000000 +0100
@@ -121,6 +121,7 @@
} else if (bytes == size) {
if (ngx_socket_nread(c->fd, &rev->available) == -1) {
+ rev->ready = 0;
rev->error = 1;
ngx_connection_error(c, ngx_socket_errno,
ngx_socket_nread_n " failed");
@@ -138,6 +139,7 @@
}
if (bytes == 0) {
+ rev->ready = 0;
rev->eof = 1;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/stream/ngx_stream_core_module.c
new/nginx-1.23.3/src/stream/ngx_stream_core_module.c
--- old/nginx-1.23.2/src/stream/ngx_stream_core_module.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/stream/ngx_stream_core_module.c 2022-12-13
16:53:53.000000000 +0100
@@ -578,7 +578,7 @@
ngx_str_t *value, size;
ngx_url_t u;
ngx_uint_t i, n, backlog;
- ngx_stream_listen_t *ls, *als;
+ ngx_stream_listen_t *ls, *als, *nls;
ngx_stream_core_main_conf_t *cmcf;
cscf->listen = 1;
@@ -602,7 +602,7 @@
cmcf = ngx_stream_conf_get_module_main_conf(cf, ngx_stream_core_module);
- ls = ngx_array_push_n(&cmcf->listen, u.naddrs);
+ ls = ngx_array_push(&cmcf->listen);
if (ls == NULL) {
return NGX_CONF_ERROR;
}
@@ -886,23 +886,43 @@
#endif
}
- als = cmcf->listen.elts;
-
for (n = 0; n < u.naddrs; n++) {
- ls[n] = ls[0];
- ls[n].sockaddr = u.addrs[n].sockaddr;
- ls[n].socklen = u.addrs[n].socklen;
- ls[n].addr_text = u.addrs[n].name;
- ls[n].wildcard = ngx_inet_wildcard(ls[n].sockaddr);
+ for (i = 0; i < n; i++) {
+ if (ngx_cmp_sockaddr(u.addrs[n].sockaddr, u.addrs[n].socklen,
+ u.addrs[i].sockaddr, u.addrs[i].socklen, 0)
+ == NGX_OK)
+ {
+ goto next;
+ }
+ }
+
+ if (n != 0) {
+ nls = ngx_array_push(&cmcf->listen);
+ if (nls == NULL) {
+ return NGX_CONF_ERROR;
+ }
- for (i = 0; i < cmcf->listen.nelts - u.naddrs + n; i++) {
- if (ls[n].type != als[i].type) {
+ *nls = *ls;
+
+ } else {
+ nls = ls;
+ }
+
+ nls->sockaddr = u.addrs[n].sockaddr;
+ nls->socklen = u.addrs[n].socklen;
+ nls->addr_text = u.addrs[n].name;
+ nls->wildcard = ngx_inet_wildcard(nls->sockaddr);
+
+ als = cmcf->listen.elts;
+
+ for (i = 0; i < cmcf->listen.nelts - 1; i++) {
+ if (nls->type != als[i].type) {
continue;
}
if (ngx_cmp_sockaddr(als[i].sockaddr, als[i].socklen,
- ls[n].sockaddr, ls[n].socklen, 1)
+ nls->sockaddr, nls->socklen, 1)
!= NGX_OK)
{
continue;
@@ -910,9 +930,12 @@
ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
"duplicate \"%V\" address and port pair",
- &ls[n].addr_text);
+ &nls->addr_text);
return NGX_CONF_ERROR;
}
+
+ next:
+ continue;
}
return NGX_CONF_OK;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/nginx-1.23.2/src/stream/ngx_stream_proxy_module.c
new/nginx-1.23.3/src/stream/ngx_stream_proxy_module.c
--- old/nginx-1.23.2/src/stream/ngx_stream_proxy_module.c 2022-10-19
09:56:21.000000000 +0200
+++ new/nginx-1.23.3/src/stream/ngx_stream_proxy_module.c 2022-12-13
16:53:53.000000000 +0100
@@ -894,7 +894,7 @@
return;
}
- p = ngx_pnalloc(c->pool, NGX_PROXY_PROTOCOL_MAX_HEADER);
+ p = ngx_pnalloc(c->pool, NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
return;
@@ -902,7 +902,8 @@
cl->buf->pos = p;
- p = ngx_proxy_protocol_write(c, p, p + NGX_PROXY_PROTOCOL_MAX_HEADER);
+ p = ngx_proxy_protocol_write(c, p,
+ p + NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
return;
@@ -946,14 +947,15 @@
ngx_connection_t *c, *pc;
ngx_stream_upstream_t *u;
ngx_stream_proxy_srv_conf_t *pscf;
- u_char buf[NGX_PROXY_PROTOCOL_MAX_HEADER];
+ u_char buf[NGX_PROXY_PROTOCOL_V1_MAX_HEADER];
c = s->connection;
ngx_log_debug0(NGX_LOG_DEBUG_STREAM, c->log, 0,
"stream proxy send PROXY protocol header");
- p = ngx_proxy_protocol_write(c, buf, buf + NGX_PROXY_PROTOCOL_MAX_HEADER);
+ p = ngx_proxy_protocol_write(c, buf,
+ buf + NGX_PROXY_PROTOCOL_V1_MAX_HEADER);
if (p == NULL) {
ngx_stream_proxy_finalize(s, NGX_STREAM_INTERNAL_SERVER_ERROR);
return NGX_ERROR;
@@ -1673,9 +1675,8 @@
size = b->end - b->last;
- if (size && src->read->ready && !src->read->delayed
- && !src->read->error)
- {
+ if (size && src->read->ready && !src->read->delayed) {
+
if (limit_rate) {
limit = (off_t) limit_rate * (ngx_time() - u->start_sec + 1)
- *received;
