Re: [PATCH] Mail: added support for SSL client certificate

Hi, >From the mail-auth-http module point of view, the Auth-Verify is a trivial information. Its value mostly depends of the current server configuration ( verify setting ). IMHO, it could be discard. About the various/duplicated headers related to the client certificate, a smart solution could b

[PATCH] Core: configurable listening try number

Hello, there, I'm a new guy to nginx. Recently, I'm reading the source code. I found some TODOs. I'm trying to implement some. This is my first small attempt. Any suggestion? Thank you! Regards, Cheng # HG changeset patch # User Han Cheng # Date 1396856176 -28800 # Mon Apr 07 15:36:16

Re: [PATCH] SSL: support automatic selection of ECDH temporary key parameters

Hello! On Sun, Apr 06, 2014 at 07:09:41PM -0700, Piotr Sikora wrote: > Hey Maxim, > > > Comments about the patch below, in no particular order: > > > > - Suggested code doesn't seem to allow to use the default list of > > curves, as normally available with just a call to > > SSL_CTX_set_ecdh

Re: [PATCH] Core: configurable listening try number

Hello! On Mon, Apr 07, 2014 at 04:34:52PM +0800, Han Cheng wrote: > > Hello, there, > > I'm a new guy to nginx. > Recently, I'm reading the source code. I found some TODOs. I'm trying to > implement some. This is my first small attempt. > > Any suggestion? It doesn't looks like it actually ne

[nginx] Win32: fixed link flags with MSVC, broken by bfe536716dbf.

details: http://hg.nginx.org/nginx/rev/ce98b460606e branches: changeset: 5639:ce98b460606e user: Maxim Dounin date: Mon Apr 07 18:29:05 2014 +0400 description: Win32: fixed link flags with MSVC, broken by bfe536716dbf. Notably, "-debug" was omitted, resulting in an executable withou

[nginx] Win32: fixed shared ssl_session_cache (ticket #528).

details: http://hg.nginx.org/nginx/rev/4c6ceca4f5f7 branches: changeset: 5640:4c6ceca4f5f7 user: Maxim Dounin date: Mon Apr 07 18:55:57 2014 +0400 description: Win32: fixed shared ssl_session_cache (ticket #528). In a worker process shm_zone->data was set to NULL instead of a proper

[nginx] SPDY: refactored ngx_http_spdy_state_read_data().

details: http://hg.nginx.org/nginx/rev/d2ac5cf4056d branches: changeset: 5642:d2ac5cf4056d user: Valentin Bartenev date: Mon Apr 07 19:27:56 2014 +0400 description: SPDY: refactored ngx_http_spdy_state_read_data(). There's no more need in a separate indicator of frame completeness a

[nginx] SPDY: consistently handle control frames with unknown type.

details: http://hg.nginx.org/nginx/rev/436f3605195a branches: changeset: 5643:436f3605195a user: Valentin Bartenev date: Mon Apr 07 19:27:56 2014 +0400 description: SPDY: consistently handle control frames with unknown type. The SPDY draft 2 specification requires that if an endpoin

[nginx] SPDY: better detect premature closing of stream.

details: http://hg.nginx.org/nginx/rev/0aeb6f63d242 branches: changeset: 5641:0aeb6f63d242 user: Valentin Bartenev date: Mon Apr 07 19:27:56 2014 +0400 description: SPDY: better detect premature closing of stream. Following a24f88eff684, now the case when the FIN flag is set in SYN_

Re: [PATCH] Core: configurable listening try number

Hello, Maxim, As I'm new to nginx, please point out if I'm wrong. The reason why we should have multiply tries is we may fail when we bind(). That is because the address and port are in use(temporary which caused by unclean close or others, permanent like another nginx is using) or others. In t

Re: [PATCH] Core: configurable listening try number

Hello! On Mon, Apr 07, 2014 at 11:44:18PM +0800, Han Cheng wrote: > Hello, Maxim, > > As I'm new to nginx, please point out if I'm wrong. > > The reason why we should have multiply tries is we may fail when we bind(). > That is because the address and port > are in use(temporary which caused b