RE: PSK Support

2017-06-06 Thread Karstens, Nate 
Maxim,

The biggest downside that I can see to the dummy certificate approach is 
documentation. Using a dummy certificate wasn't immediately obvious to me, 
though perhaps my familiarity with OpenSSL's "nocert" option may have affected 
that. Which do you think would be easier for the user to find in the 
documentation: 1) a description of the dummy certificate approach under the 
"ssl_certificate" directive, 2) a separate directive ("ssl_nocert"), or 3) an 
explicit option to the "ssl_certificate" directive (e.g., " Syntax: 
ssl_certificate file | off;")?

I'm OK with changing it to read from a password file (formatted in a manner 
similar to stunnel) that is searched as needed (an "ssl_psk_file" directive). 
Would it be OK to support multiple files and stipulate that files are searched 
in the order that they are included in nginx.conf?

Can we support both ASCII and binary PSKs? RFC 4279 section 5.4 seems to 
require both types, and I need binary keys for my application :). Maybe a 
parameter to the "ssl_psk_file" directive could indicate how the PSKs are 
stored in the file?

Thanks,

Nate

-Original Message-
From: nginx-devel [mailto:nginx-devel-boun...@nginx.org] On Behalf Of Maxim 
Dounin
Sent: Monday, June 05, 2017 1:40 PM
To: nginx-devel@nginx.org
Subject: Re: PSK Support

Hello!

On Mon, Jun 05, 2017 at 02:08:15PM +, Karstens, Nate wrote:

> Maxim,
>
> Thanks for the reply. I understand your concerns about PSK. We
> discussed it quite a bit, but ultimately decided that a PKI was not
> practical for our environment. We have to rely on the end user to
> configure security and any solution using PKI would be so difficult to
> work with that they just wouldn't bother with security at all.

Ok, understood.  I think that PSK can be a reasonable alternative to using 
plain http in many cases.

> I considered some alternatives on the "ssl_nocert" option. My
> preference would have been to analyze the supported cipher suites
> (from "ssl_ciphers") and determine if any include a PSK, but it does
> not look like OpenSSL exposes APIs to accomplish this.

By default, nginx uses "HIGH:!aNULL:!MD5" as ciphers list, and this includes 
various PSK ciphers as well, so this approach doesn't look working even if 
there were appropriate APIs.

> Using a dummy certificate seemed more complicated than the other two
> suggestions you had (using "ssl_certificate" with a value of "off" or
> disabling the tests if there are PSK secrets), so I'd prefer one of
> those two. What is your preference?

Using a dummy certificate has an obvious benefit of not requiring any changes 
to the code, and might actually be a good starting option.

Disabling the tests with PSK secrets might not work as expected when they are 
defined at the http{} level.  Using "ssl_certificate off" is obviously most 
explicit of all options, but I would rather consider a dummy certificate 
instead for now, as long as there are no other downsides.

> One advantage of the PSK path concept is that it provides a lot of
> flexibility. It allows, for example, multiple applications to each
> independently manage their own PSKs without the need to coordinate
> changes to a single file (note that in this scenario each application
> would want to use $ssl_psk_identity to check the key).

On the one hand, it is a plus.  On the other - it is a nightmare when something 
goes wrong.  I would rather avoid such approach.

> stunnel uses a single file and seems to assume that keys will be ASCII
> strings. Its format, for example, would not allow NUL to appear in the
> string, as that would terminate the key early and, at best, lead to a
> reduced key size.

Yes, and stunnel author considers this to be a feature, see 
https://www.stunnel.org/pipermail/stunnel-users/2015-October/005275.html.
If you are targeting end-users, it might be actually easier to use sufficiently 
long printable keys then arbitrary binary strings.

> I might be mistaken, but wouldn't changing a certificate also require
> reloading the configuration? Do you have some ideas on how this could
> be done without requiring a reload?

Yes, changing a certificate requires a reload.  But the "path"
concept is generally used in SSL where appropriate filesystem lookups are done 
on the fly, in contrast to loading a file into memory and then working with the 
data from memory.  Consider "openssl verify -CApath" vs. "openssl verify 
-CAfile".

Additionally, PSK keys look much more dynamic than certificates, as adding a 
user requires configuration changes.  With PKI, you don't need any certificate 
changes on the server to add a user.
With PSK, you have to add a key to introduce a new user.

Overall, PSK seems to be very close to basic authentication, and it might worth 
looking how it is implemented in the auth_basic module (in short: the password 
file is searched on each request).

--
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list

Re: [PATCH] Use .exe for binaries for all win32 compilers

2017-06-06 Thread Maxim Dounin 
Hello!

On Tue, Jun 06, 2017 at 05:54:01PM +0300, Orgad Shaneh wrote:

> > http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009234.html
> 
> Thanks. It is needed with MSYS2 / gcc. Proposing a new patch:
> 
> ---
>  auto/cc/bcc  | 1 -
>  auto/cc/conf | 7 ++-
>  auto/cc/msvc | 1 -
>  auto/cc/owc  | 1 -
>  4 files changed, 6 insertions(+), 4 deletions(-)
> 
> diff --git a/auto/cc/bcc b/auto/cc/bcc
> index ec82e60f..e990a9f7 100644
> --- a/auto/cc/bcc
> +++ b/auto/cc/bcc
> @@ -62,7 +62,6 @@ ngx_include_opt="-I"
>  ngx_objout="-o"
>  ngx_binout="-e"
>  ngx_objext="obj"
> -ngx_binext=".exe"
> 
>  ngx_long_start='@&&|
>   '
> diff --git a/auto/cc/conf b/auto/cc/conf
> index afbca62b..7e1186b5 100644
> --- a/auto/cc/conf
> +++ b/auto/cc/conf
> @@ -14,9 +14,14 @@ ngx_pic_opt="-fPIC"
>  ngx_objout="-o "
>  ngx_binout="-o "
>  ngx_objext="o"
> -ngx_binext=
>  ngx_modext=".so"
> 
> +if [ "$NGX_PLATFORM" = win32 ]; then
> +ngx_binext=".exe"
> +else
> +ngx_binext=
> +fi
> +
>  ngx_long_start=
>  ngx_long_end=
> 

Looking more at this I tend to think that a better place would be 
to redefine it in auto/os/win32, like this:

diff --git a/auto/os/win32 b/auto/os/win32
--- a/auto/os/win32
+++ b/auto/os/win32
@@ -13,6 +13,7 @@ NGX_ICONS="$NGX_WIN32_ICONS"
 SELECT_SRCS=$WIN32_SELECT_SRCS
 
 ngx_pic_opt=
+ngx_binext=".exe"
 
 case "$NGX_CC_NAME" in
 

Full patch modified accordingly provided below.  Please test if it 
works for you.

# HG changeset patch
# User Orgad Shaneh 
# Date 1496767054 -10800
#  Tue Jun 06 19:37:34 2017 +0300
# Node ID 6c9b1238cf5c99ffc5a8a449ce738606e312350e
# Parent  23bea7aaebe287722ec5b5252e145da55d7906a9
Configure: use .exe for binaries for all win32 compilers.

diff --git a/auto/cc/bcc b/auto/cc/bcc
--- a/auto/cc/bcc
+++ b/auto/cc/bcc
@@ -62,7 +62,6 @@ ngx_include_opt="-I"
 ngx_objout="-o"
 ngx_binout="-e"
 ngx_objext="obj"
-ngx_binext=".exe"
 
 ngx_long_start='@&&|
'
diff --git a/auto/cc/msvc b/auto/cc/msvc
--- a/auto/cc/msvc
+++ b/auto/cc/msvc
@@ -142,7 +142,6 @@ ngx_pic_opt=
 ngx_objout="-Fo"
 ngx_binout="-Fe"
 ngx_objext="obj"
-ngx_binext=".exe"
 
 ngx_long_start='@<<
'
diff --git a/auto/cc/owc b/auto/cc/owc
--- a/auto/cc/owc
+++ b/auto/cc/owc
@@ -84,7 +84,6 @@ ngx_include_opt="-i="
 ngx_objout="-fo"
 ngx_binout="-fe="
 ngx_objext="obj"
-ngx_binext=".exe"
 
 ngx_regex_dirsep='\\'
 ngx_dirsep="\\"
diff --git a/auto/os/win32 b/auto/os/win32
--- a/auto/os/win32
+++ b/auto/os/win32
@@ -13,6 +13,7 @@ NGX_ICONS="$NGX_WIN32_ICONS"
 SELECT_SRCS=$WIN32_SELECT_SRCS
 
 ngx_pic_opt=
+ngx_binext=".exe"
 
 case "$NGX_CC_NAME" in
 

-- 
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH] Fix compilation on MinGW64

2017-06-06 Thread Maxim Dounin 
Hello!

On Tue, Jun 06, 2017 at 05:48:39PM +0300, Orgad Shaneh wrote:

> On Tue, Jun 6, 2017 at 5:11 PM, Maxim Dounin  wrote:
> > Hello!
> >
> > On Tue, Jun 06, 2017 at 01:57:39PM +0300, Orgad Shaneh wrote:
> >
> >> I already proposed a similar patch (without MSYS) on November, but it
> >> was unnoticed since then.
> >> ---
> >>  auto/configure | 2 +-
> >>  1 file changed, 1 insertion(+), 1 deletion(-)
> >>
> >> diff --git a/auto/configure b/auto/configure
> >> index ceff15e4..107c2b5f 100755
> >> --- a/auto/configure
> >> +++ b/auto/configure
> >> @@ -36,7 +36,7 @@ if test -z "$NGX_PLATFORM"; then
> >>  NGX_PLATFORM="$NGX_SYSTEM:$NGX_RELEASE:$NGX_MACHINE";
> >>
> >>  case "$NGX_SYSTEM" in
> >> -MINGW32_*)
> >> +MINGW32_*|MINGW64_*|MSYS_*)
> >>  NGX_PLATFORM=win32
> >>  ;;
> >>  esac
> >> --
> >> 2.13.0.windows.1.7.g80a6209eb5
> >
> > A review of your previous patch can be found here:
> >
> > http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009233.html
> >
> > It still applies.
> >
> > --
> > Maxim Dounin
> > http://nginx.org/
> > ___
> > nginx-devel mailing list
> > nginx-devel@nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx-devel
> 
> Thanks. I wasn't aware that I should stay subscribed to receive replies.

You can unsubscribe and/or switch to write-only mode, but unless 
you've used Mail-Followup-To in your messages there will be no 
direct replies.

> Posted a fixed patch (using Git, I hope you don't mind).

Mercurial is really preferred, though I was able to import this 
particular patch.  Queued with a couple of style fixes you've 
missed, thanks.

-- 
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH] Use .exe for binaries for all win32 compilers

2017-06-06 Thread Orgad Shaneh 
> http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009234.html

Thanks. It is needed with MSYS2 / gcc. Proposing a new patch:

---
 auto/cc/bcc  | 1 -
 auto/cc/conf | 7 ++-
 auto/cc/msvc | 1 -
 auto/cc/owc  | 1 -
 4 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/auto/cc/bcc b/auto/cc/bcc
index ec82e60f..e990a9f7 100644
--- a/auto/cc/bcc
+++ b/auto/cc/bcc
@@ -62,7 +62,6 @@ ngx_include_opt="-I"
 ngx_objout="-o"
 ngx_binout="-e"
 ngx_objext="obj"
-ngx_binext=".exe"

 ngx_long_start='@&&|
  '
diff --git a/auto/cc/conf b/auto/cc/conf
index afbca62b..7e1186b5 100644
--- a/auto/cc/conf
+++ b/auto/cc/conf
@@ -14,9 +14,14 @@ ngx_pic_opt="-fPIC"
 ngx_objout="-o "
 ngx_binout="-o "
 ngx_objext="o"
-ngx_binext=
 ngx_modext=".so"

+if [ "$NGX_PLATFORM" = win32 ]; then
+ngx_binext=".exe"
+else
+ngx_binext=
+fi
+
 ngx_long_start=
 ngx_long_end=

diff --git a/auto/cc/msvc b/auto/cc/msvc
index 4eef1010..82572529 100644
--- a/auto/cc/msvc
+++ b/auto/cc/msvc
@@ -142,7 +142,6 @@ ngx_pic_opt=
 ngx_objout="-Fo"
 ngx_binout="-Fe"
 ngx_objext="obj"
-ngx_binext=".exe"

 ngx_long_start='@<<
  '
diff --git a/auto/cc/owc b/auto/cc/owc
index a063aa34..f7fd88c9 100644
--- a/auto/cc/owc
+++ b/auto/cc/owc
@@ -84,7 +84,6 @@ ngx_include_opt="-i="
 ngx_objout="-fo"
 ngx_binout="-fe="
 ngx_objext="obj"
-ngx_binext=".exe"

 ngx_regex_dirsep='\\'
 ngx_dirsep="\\"
-- 
2.13.0.windows.1.7.g80a6209eb5
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[PATCH] Configure: Fix compilation on MSYS2 / MinGW64

2017-06-06 Thread Orgad Shaneh 
---
 auto/configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auto/configure b/auto/configure
index ceff15e4..107c2b5f 100755
--- a/auto/configure
+++ b/auto/configure
@@ -36,7 +36,7 @@ if test -z "$NGX_PLATFORM"; then
 NGX_PLATFORM="$NGX_SYSTEM:$NGX_RELEASE:$NGX_MACHINE";

 case "$NGX_SYSTEM" in
-MINGW32_*)
+MINGW32_*|MINGW64_*|MSYS_*)
 NGX_PLATFORM=win32
 ;;
 esac
-- 
2.13.0.windows.1.7.g80a6209eb5
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH] Fix compilation on MinGW64

2017-06-06 Thread Orgad Shaneh 
On Tue, Jun 6, 2017 at 5:11 PM, Maxim Dounin  wrote:
> Hello!
>
> On Tue, Jun 06, 2017 at 01:57:39PM +0300, Orgad Shaneh wrote:
>
>> I already proposed a similar patch (without MSYS) on November, but it
>> was unnoticed since then.
>> ---
>>  auto/configure | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/auto/configure b/auto/configure
>> index ceff15e4..107c2b5f 100755
>> --- a/auto/configure
>> +++ b/auto/configure
>> @@ -36,7 +36,7 @@ if test -z "$NGX_PLATFORM"; then
>>  NGX_PLATFORM="$NGX_SYSTEM:$NGX_RELEASE:$NGX_MACHINE";
>>
>>  case "$NGX_SYSTEM" in
>> -MINGW32_*)
>> +MINGW32_*|MINGW64_*|MSYS_*)
>>  NGX_PLATFORM=win32
>>  ;;
>>  esac
>> --
>> 2.13.0.windows.1.7.g80a6209eb5
>
> A review of your previous patch can be found here:
>
> http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009233.html
>
> It still applies.
>
> --
> Maxim Dounin
> http://nginx.org/
> ___
> nginx-devel mailing list
> nginx-devel@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel

Thanks. I wasn't aware that I should stay subscribed to receive replies.

Posted a fixed patch (using Git, I hope you don't mind).

- Orgad
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH] Use .exe for binaries for all win32 compilers

2017-06-06 Thread Maxim Dounin 
Hello!

On Tue, Jun 06, 2017 at 01:58:17PM +0300, Orgad Shaneh wrote:

> ---
>  auto/cc/conf | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
> 
> diff --git a/auto/cc/conf b/auto/cc/conf
> index afbca62b..19a231aa 100644
> --- a/auto/cc/conf
> +++ b/auto/cc/conf
> @@ -144,7 +144,9 @@ fi
>  CFLAGS="$CFLAGS $NGX_CC_OPT"
>  NGX_TEST_LD_OPT="$NGX_LD_OPT"
> 
> -if [ "$NGX_PLATFORM" != win32 ]; then
> +if [ "$NGX_PLATFORM" = win32 ]; then
> +ngx_binext=".exe"
> +else
> 
>  if test -n "$NGX_LD_OPT"; then
>  ngx_feature=--with-ld-opt=\"$NGX_LD_OPT\"
> -- 
> 2.13.0.windows.1.7.g80a6209eb5

http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009234.html

-- 
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH] Fix compilation on MinGW64

2017-06-06 Thread Maxim Dounin 
Hello!

On Tue, Jun 06, 2017 at 01:57:39PM +0300, Orgad Shaneh wrote:

> I already proposed a similar patch (without MSYS) on November, but it
> was unnoticed since then.
> ---
>  auto/configure | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/auto/configure b/auto/configure
> index ceff15e4..107c2b5f 100755
> --- a/auto/configure
> +++ b/auto/configure
> @@ -36,7 +36,7 @@ if test -z "$NGX_PLATFORM"; then
>  NGX_PLATFORM="$NGX_SYSTEM:$NGX_RELEASE:$NGX_MACHINE";
> 
>  case "$NGX_SYSTEM" in
> -MINGW32_*)
> +MINGW32_*|MINGW64_*|MSYS_*)
>  NGX_PLATFORM=win32
>  ;;
>  esac
> -- 
> 2.13.0.windows.1.7.g80a6209eb5

A review of your previous patch can be found here:

http://mailman.nginx.org/pipermail/nginx-devel/2016-December/009233.html

It still applies.

-- 
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH 3 of 3] Headers filter: added "add_trailer" directive

2017-06-06 Thread Maxim Dounin 
Hello!

On Mon, Jun 05, 2017 at 09:59:45PM -0700, Piotr Sikora via nginx-devel wrote:

> Hey Maxim,
> 
> > It doesn't look like "if (h[i].value.value.len)" is needed here.
> > It is either true, or the "add_trailer" directive is nop and we
> > already know this while parsing the configuration.
> >
> > -if (h[i].value.value.len) {
> > -r->expect_trailers = 1;
> > -break;
> > -}
> > +r->expect_trailers = 1;
> > +break;
> 
> Well, both "add_header" and "add_trailer" allow setting something like:
> 
> add_trailer Empty "";
> 
> which will get added to headers / trailers list.
> 
> I've added this extra check to avoid forcing chunked encoding with
> such configuration.
> 
> Maybe we should reject it during configuration instead, or ignore this
> case and let it force chunked encoding? Which one do you prefer?

I think it is perfectly ok to ignore this and let if force chunked 
encoding (and this is what the suggested change does).

-- 
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH 1 of 3] Added support for trailers in HTTP responses

2017-06-06 Thread Maxim Dounin 
Hello!

On Mon, Jun 05, 2017 at 09:56:03PM -0700, Piotr Sikora via nginx-devel wrote:

> Hey Maxim,
> 
> > I would prefer to preserve the typical code path (when there are no
> > trailers) without an extra allocation.  It looks like it would be
> > as trivail as:
> >
> > @@ -273,14 +273,18 @@ ngx_http_chunked_create_trailers(ngx_htt
> >  b->memory = 1;
> >  b->last_buf = 1;
> >
> > +if (len == sizeof(CRLF "0" CRLF CRLF) - 1) {
> > +b->pos = (u_char *) CRLF "0" CRLF CRLF;
> > +b->last = b->pos + sizeof(CRLF "0" CRLF CRLF) - 1;
> > +return cl;
> > +}
> 
> Sounds good, but the if statement reads a bit weird.
> 
> What about this instead, even though it might be a bit more expensive?
> 
> @@ -236,7 +236,7 @@ ngx_http_chunked_create_trailers(ngx_http_request_t *r,
>  ngx_list_part_t  *part;
>  ngx_table_elt_t  *header;
> 
> -len = sizeof(CRLF "0" CRLF CRLF) - 1;
> +len = 0;
> 
>  part = >headers_out.trailers.part;
>  header = part->elts;
> @@ -273,12 +273,14 @@ ngx_http_chunked_create_trailers(ngx_http_request_t *r,
>  b->memory = 1;
>  b->last_buf = 1;
> 
> -if (len == sizeof(CRLF "0" CRLF CRLF) - 1) {
> +if (len == 0) {
>  b->pos = (u_char *) CRLF "0" CRLF CRLF;
>  b->last = b->pos + sizeof(CRLF "0" CRLF CRLF) - 1;
>  return cl;
>  }
> 
> +len += sizeof(CRLF "0" CRLF CRLF) - 1;
> +
>  b->pos = ngx_palloc(r->pool, len);
>  if (b->pos == NULL) {
>  return NULL;

I've tried this as well, and decided that "if (len == 
sizeof(...))" is slightly more readable, and also produces smaller 
patch to your code.   No strict preference though, feel free to 
use any variant you think is better.

-- 
Maxim Dounin
http://nginx.org/
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[PATCH] Use .exe for binaries for all win32 compilers

2017-06-06 Thread Orgad Shaneh 
---
 auto/cc/conf | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/auto/cc/conf b/auto/cc/conf
index afbca62b..19a231aa 100644
--- a/auto/cc/conf
+++ b/auto/cc/conf
@@ -144,7 +144,9 @@ fi
 CFLAGS="$CFLAGS $NGX_CC_OPT"
 NGX_TEST_LD_OPT="$NGX_LD_OPT"

-if [ "$NGX_PLATFORM" != win32 ]; then
+if [ "$NGX_PLATFORM" = win32 ]; then
+ngx_binext=".exe"
+else

 if test -n "$NGX_LD_OPT"; then
 ngx_feature=--with-ld-opt=\"$NGX_LD_OPT\"
-- 
2.13.0.windows.1.7.g80a6209eb5
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

[PATCH] Fix compilation on MinGW64

2017-06-06 Thread Orgad Shaneh 
I already proposed a similar patch (without MSYS) on November, but it
was unnoticed since then.
---
 auto/configure | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/auto/configure b/auto/configure
index ceff15e4..107c2b5f 100755
--- a/auto/configure
+++ b/auto/configure
@@ -36,7 +36,7 @@ if test -z "$NGX_PLATFORM"; then
 NGX_PLATFORM="$NGX_SYSTEM:$NGX_RELEASE:$NGX_MACHINE";

 case "$NGX_SYSTEM" in
-MINGW32_*)
+MINGW32_*|MINGW64_*|MSYS_*)
 NGX_PLATFORM=win32
 ;;
 esac
-- 
2.13.0.windows.1.7.g80a6209eb5
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

Re: [PATCH 2 of 3] HTTP/2: added support for trailers in HTTP responses

2017-06-06 Thread Maxim Konovalov 
On 05/06/2017 21:00, Maxim Dounin wrote:
> Hello!
> 
> On Fri, Jun 02, 2017 at 08:33:46PM -0700, Piotr Sikora via nginx-devel wrote:
> 
>> # HG changeset patch
>> # User Piotr Sikora 
>> # Date 1493191954 25200
>> #  Wed Apr 26 00:32:34 2017 -0700
>> # Node ID 8d74ff6c2015180f5c1f399f492214d7d0a52b3f
>> # Parent  41c09a2fd90410e25ad8515793bd48028001c954
>> HTTP/2: added support for trailers in HTTP responses.
>>
>> Signed-off-by: Piotr Sikora 
> 
> I've asked Valentin to look into this part.  Hopefully he'll be 
> able to do so in a couple of days.
> 
> [...]
> 
To be precise and to avoid confusion: Valentin is on the conf today
so expect his feedback this week.

-- 
Maxim Konovalov
___
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel