Is there a large technical barrier to implementing this feature? Patches
have been available for some time at: http://yaoweibin.cn/patches/
Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,244680,245610#msg-245610
___
nginx mailing list
nginx@n
> Looking at the tcpdump after applying the patch does show ~1400 byte records:
> http://cloudshark.org/captures/714cf2e0ca10?filter=tcp.stream%3D%3D2 [2]
>
> Although now on closer inspection there seems to be another gotcha in there
> that I overlooked: it's emitting two packets, one is 1389
>
> >>> What I don't get from your patch, it seems like you are hardcoding the
> >>> buffer to 16384 bytes during handshake (line 570) and only later use a
> >>> 1400 byte buffer (via NGX_SSL_BUFSIZE).
> >>>
> >>> Am I misunderstanding the patch/code?
> >
> > It may well be the case that I'm misund
This should be my last build question.
$ ./auto/configure --with-http_ssl_module ...
--with-cc-opt="-I/usr/local/ssl/include"
--with-ld-opt="-L/usr/local/ssl/lib /usr/local/ssl/lib/libssl.a
/usr/local/ssl/lib/libcrypto.a -ldl"
...
$ make
...
Results in the following. Note that OpenSSL is still dy
On Tue, Dec 17, 2013 at 12:26:16PM +0100, Lorenzo Milesi wrote:
Hi there,
> I need to override default index file for a subdirectory only.
http://nginx.org/r/location
Make sure that requests for this subdirectory only are handled in a
specific location block.
Set the default index file within
On Sat, Dec 14, 2013 at 01:04:59AM +, Matthew Ngaha wrote:
Hi there,
> So it seems the reloading wasn't taking effect and only did
> after a restart of my PC. i've beeb typing "sudo service nginx
> reload" after editing .. why isn't this working, do i have to do
> something else?
The best r
On Tue, Dec 17, 2013 at 12:18:00PM -0500, hussan wrote:
Hi there,
> location /blog/ {
> location / {
> location ~ "^(.+\.php)($|/)" {
> location ~* /\.(ht|git|svn) {
> When i try www.site.com/blog/ proxy_pass works, go to nginx server 2 , and
> my css/js are loaded fine.
Hi!
>>> What I don't get from your patch, it seems like you are hardcoding the
>>> buffer to 16384 bytes during handshake (line 570) and only later use a
>>> 1400 byte buffer (via NGX_SSL_BUFSIZE).
>>>
>>> Am I misunderstanding the patch/code?
>
> It may well be the case that I'm misunderstanding
Hi,
i have 2 nginx server, one with my main site(www.site.com) and other nginx
server with my blog(www.site2.com).
My nginx server 1 have this configurarion: on location /blog/ i have a
(proxy_pass) to blog on nginx server 2
*==
server {
server_name www.site.com;
root "/home/site/sit
Changes with nginx 1.5.8 17 Dec 2013
*) Feature: IPv6 support in resolver.
*) Feature: the "listen" directive supports the "fastopen" parameter.
Thanks to Mathew Rodley.
*) Feature: SSL support in the ngx_http_uwsgi_module.
Thanks
On Tue, Dec 17, 2013 at 8:07 AM, Maxim Dounin wrote:
> Hello!
>
> On Tue, Dec 17, 2013 at 08:05:49AM -0500, Jeffrey Walton wrote:
>
>> On Tue, Dec 17, 2013 at 8:01 AM, Maxim Dounin wrote:
>> > ...
>> >>
>> >> Any thoughts on how to proceed?
>> >
>> > First of all, try fixing typo in your configur
On 17/12/13 13:04, Maxim Dounin wrote:
Hello!
On Tue, Dec 17, 2013 at 12:58:43PM +, Richard Kearsley wrote:
Hi
If 'gzip off;' on front-end but a proxy_pass to backend gives a gzipped
response, will the front-end decompress it before proxy to client?
No.
But if you want nginx to decompres
Hello!
On Tue, Dec 17, 2013 at 08:05:49AM -0500, Jeffrey Walton wrote:
> On Tue, Dec 17, 2013 at 8:01 AM, Maxim Dounin wrote:
> > Hello!
> >
> > On Tue, Dec 17, 2013 at 07:17:47AM -0500, Jeffrey Walton wrote:
> >
> >> On Tue, Dec 17, 2013 at 7:02 AM, Maxim Dounin wrote:
> >> >...
> >> >
> >> >
On Tue, Dec 17, 2013 at 8:01 AM, Maxim Dounin wrote:
> Hello!
>
> On Tue, Dec 17, 2013 at 07:17:47AM -0500, Jeffrey Walton wrote:
>
>> On Tue, Dec 17, 2013 at 7:02 AM, Maxim Dounin wrote:
>> >...
>> >
>> > Something like this should work for you:
>> >
>> > ./configure --with-cc-opt="-I/usr/local/
Hello!
On Tue, Dec 17, 2013 at 12:58:43PM +, Richard Kearsley wrote:
> Hi
> If 'gzip off;' on front-end but a proxy_pass to backend gives a gzipped
> response, will the front-end decompress it before proxy to client?
No.
But if you want nginx to decompress responses, there is gunzip
module
Hello!
On Tue, Dec 17, 2013 at 07:17:47AM -0500, Jeffrey Walton wrote:
> On Tue, Dec 17, 2013 at 7:02 AM, Maxim Dounin wrote:
> > Hello!
> >
> > On Mon, Dec 16, 2013 at 07:12:56PM -0500, Jeffrey Walton wrote:
> >
> >>
> >> checking for OpenSSL library ... not found
> >>
> >> ./auto/configure: e
Hi
If 'gzip off;' on front-end but a proxy_pass to backend gives a gzipped
response, will the front-end decompress it before proxy to client?
Cheers
Richard
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
On Tue, Dec 17, 2013 at 7:02 AM, Maxim Dounin wrote:
> Hello!
>
> On Mon, Dec 16, 2013 at 07:12:56PM -0500, Jeffrey Walton wrote:
>
>>
>> checking for OpenSSL library ... not found
>>
>> ./auto/configure: error: SSL modules require the OpenSSL library.
>> You can either do not enable the modules,
Hello!
On Mon, Dec 16, 2013 at 07:12:56PM -0500, Jeffrey Walton wrote:
>
> checking for OpenSSL library ... not found
>
> ./auto/configure: error: SSL modules require the OpenSSL library.
> You can either do not enable the modules, or install the OpenSSL library
> into the system, or build the
Any comments on this patch before it gets offered to Trac?
The patch allows a developer to specify OpenSSL include and library
directories through NGX_CONF_OPENSSL_INC and NGX_CONF_OPENSSL_LIB. The
developer must export them for the new functionality.
If NGX_CONF_OPENSSL_INC and NGX_CONF_OPENSSL_
Hi.
I need to override default index file for a subdirectory only.
My actual config (pretty much ubuntu's default):
server {
listen 80 default_server;
root /var/www;
index index.php index.html index.htm;
server_name localhost;
location / {
try_files $uri $uri/ /index.h
So, looking into this more, it looks like the configure subsytem is
not flexible enough to handle OpenSSL with customizations. The problem
appears to be in auto/lib/conf, with some hard coded values around
line 49:
ngx_feature_path=
ngx_feature_libs="-lssl -lcrypto"
ngx_fea
Hi,
> On 17 December 2013 08:46, Lukas Tribus wrote:
>> Hi Adam,
>>
>> Thanks, this is very helpful. Are you trying to upstream the record size
>> patch?
>>
>> What I don't get from your patch, it seems like you are hardcoding the
>> buffer to 16384 bytes during handshake (line 570) and only la
On 17 December 2013 08:46, Lukas Tribus wrote:
> Hi Adam,
>
> Thanks, this is very helpful. Are you trying to upstream the record size
> patch?
>
> What I don't get from your patch, it seems like you are hardcoding the
> buffer to 16384 bytes during handshake (line 570) and only later use a
> 1400
> if you are using centos/fedora you need to install openssl-devel
Thanks Stefanita.
This is kind of weird in auto/lib/openssl/conf (the default case is no
non-MS|non-Borland compilers):
*)
have=NGX_OPENSSL . auto/have
have=NGX_SSL . auto/have
CORE_INCS="$CORE_INCS $OPENSSL/.openss
Hi Adam,
> FYI:
> http://www.igvita.com/2013/12/16/optimizing-nginx-tls-time-to-first-byte/
>
> We started with a ~1800ms overhead for our TLS connection (nearly 5
> extra RTTs); eliminated the extra certificate roundtrip after a nginx
> upgrade; cut another RTT by forcing a smaller record
26 matches
Mail list logo
