Hello community, here is the log from the commit of package nginx for openSUSE:Factory checked in at 2019-05-24 11:33:33 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nginx (Old) and /work/SRC/openSUSE:Factory/.nginx.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "nginx" Fri May 24 11:33:33 2019 rev:36 rq:705181 version:1.17.0 Changes: -------- --- /work/SRC/openSUSE:Factory/nginx/nginx.changes 2019-05-07 23:19:03.904931672 +0200 +++ /work/SRC/openSUSE:Factory/.nginx.new.5148/nginx.changes 2019-05-24 11:33:35.233362168 +0200 @@ -1,0 +2,11 @@ +Thu May 23 19:51:31 UTC 2019 - seanlew@opensuse.org + +- update to version 1.17.0 + * Feature: variables support in the "limit_rate" directives + * Feature: variables support in the "proxy rate" directies + * Change: min supported OpenSSL is 0.9.8 + * Change: now the postpone filter is always built + * Bugfix: the "include" directive didn't work inside "if" + * Bugfix: in byte ranges processing + +------------------------------------------------------------------- Old: ---- nginx-1.16.0.tar.gz nginx-1.16.0.tar.gz.asc New: ---- nginx-1.17.0.tar.gz nginx-1.17.0.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nginx.spec ++++++ --- /var/tmp/diff_new_pack.o096kd/_old 2019-05-24 11:33:36.353361741 +0200 +++ /var/tmp/diff_new_pack.o096kd/_new 2019-05-24 11:33:36.353361741 +0200 @@ -70,7 +70,7 @@ %define ngx_doc_dir %{_datadir}/doc/packages/%{name} # Name: nginx -Version: 1.16.0 +Version: 1.17.0 Release: 0 %define ngx_fancyindex_version 0.4.2 %define ngx_fancyindex_module_path ngx-fancyindex-%{ngx_fancyindex_version} ++++++ nginx-1.16.0.tar.gz -> nginx-1.17.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/CHANGES new/nginx-1.17.0/CHANGES --- old/nginx-1.16.0/CHANGES 2019-04-23 15:13:01.000000000 +0200 +++ new/nginx-1.17.0/CHANGES 2019-05-21 16:24:01.000000000 +0200 @@ -1,7 +1,20 @@ -Changes with nginx 1.16.0 23 Apr 2019 +Changes with nginx 1.17.0 21 May 2019 - *) 1.16.x stable branch. + *) Feature: variables support in the "limit_rate" and "limit_rate_after" + directives. + + *) Feature: variables support in the "proxy_upload_rate" and + "proxy_download_rate" directives in the stream module. + + *) Change: minimum supported OpenSSL version is 0.9.8. + + *) Change: now the postpone filter is always built. + + *) Bugfix: the "include" directive did not work inside the "if" and + "limit_except" blocks. + + *) Bugfix: in byte ranges processing. Changes with nginx 1.15.12 16 Apr 2019 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/CHANGES.ru new/nginx-1.17.0/CHANGES.ru --- old/nginx-1.16.0/CHANGES.ru 2019-04-23 15:13:00.000000000 +0200 +++ new/nginx-1.17.0/CHANGES.ru 2019-05-21 16:24:00.000000000 +0200 @@ -1,7 +1,20 @@ -Изменения в nginx 1.16.0 23.04.2019 +Изменения в nginx 1.17.0 21.05.2019 - *) Стабильная ветка 1.16.x. + *) Добавление: директивы limit_rate и limit_rate_after поддерживают + переменные. + + *) Добавление: директивы proxy_upload_rate и proxy_download_rate в + модуле stream поддерживают переменные. + + *) Изменение: минимальная поддерживаемая версия OpenSSL - 0.9.8. + + *) Изменение: теперь postpone-фильтр собирается всегда. + + *) Исправление: директива include не работала в блоках if и + limit_except. + + *) Исправление: в обработке byte ranges. Изменения в nginx 1.15.12 16.04.2019 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/auto/modules new/nginx-1.17.0/auto/modules --- old/nginx-1.16.0/auto/modules 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/auto/modules 2019-05-21 16:23:57.000000000 +0200 @@ -102,21 +102,6 @@ fi - if [ $HTTP_SSI = YES ]; then - HTTP_POSTPONE=YES - fi - - - if [ $HTTP_SLICE = YES ]; then - HTTP_POSTPONE=YES - fi - - - if [ $HTTP_ADDITION = YES ]; then - HTTP_POSTPONE=YES - fi - - # the module order is important # ngx_http_static_module # ngx_http_gzip_static_module @@ -252,13 +237,13 @@ . auto/module fi - if [ $HTTP_POSTPONE = YES ]; then + if :; then ngx_module_name=ngx_http_postpone_filter_module ngx_module_incs= ngx_module_deps= ngx_module_srcs=src/http/ngx_http_postpone_filter_module.c ngx_module_libs= - ngx_module_link=$HTTP_POSTPONE + ngx_module_link=YES . auto/module fi diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/auto/options new/nginx-1.17.0/auto/options --- old/nginx-1.16.0/auto/options 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/auto/options 2019-05-21 16:23:57.000000000 +0200 @@ -60,7 +60,6 @@ HTTP_SSL=NO HTTP_V2=NO HTTP_SSI=YES -HTTP_POSTPONE=NO HTTP_REALIP=NO HTTP_XSLT=NO HTTP_IMAGE_FILTER=NO diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/core/nginx.h new/nginx-1.17.0/src/core/nginx.h --- old/nginx-1.16.0/src/core/nginx.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/core/nginx.h 2019-05-21 16:23:57.000000000 +0200 @@ -9,8 +9,8 @@ #define _NGINX_H_INCLUDED_ -#define nginx_version 1016000 -#define NGINX_VERSION "1.16.0" +#define nginx_version 1017000 +#define NGINX_VERSION "1.17.0" #define NGINX_VER "nginx/" NGINX_VERSION #ifdef NGX_BUILD diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/core/ngx_conf_file.h new/nginx-1.17.0/src/core/ngx_conf_file.h --- old/nginx-1.16.0/src/core/ngx_conf_file.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/core/ngx_conf_file.h 2019-05-21 16:23:57.000000000 +0200 @@ -49,7 +49,7 @@ #define NGX_DIRECT_CONF 0x00010000 #define NGX_MAIN_CONF 0x01000000 -#define NGX_ANY_CONF 0x1F000000 +#define NGX_ANY_CONF 0xFF000000 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/event/ngx_event_openssl.c new/nginx-1.17.0/src/event/ngx_event_openssl.c --- old/nginx-1.16.0/src/event/ngx_event_openssl.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/event/ngx_event_openssl.c 2019-05-21 16:23:57.000000000 +0200 @@ -164,7 +164,6 @@ #endif -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef SSL_OP_NO_COMPRESSION { /* @@ -182,7 +181,6 @@ } } #endif -#endif ngx_ssl_connection_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL); @@ -904,13 +902,6 @@ return NGX_ERROR; } - /* - * before 0.9.7h and 0.9.8 SSL_load_client_CA_file() - * always leaved an error in the error queue - */ - - ERR_clear_error(); - SSL_CTX_set_client_CA_list(ssl->ctx, list); return NGX_OK; @@ -1076,8 +1067,8 @@ * added to wbio, and set buffer size. */ - rbio = SSL_get_rbio((ngx_ssl_conn_t *) ssl_conn); - wbio = SSL_get_wbio((ngx_ssl_conn_t *) ssl_conn); + rbio = SSL_get_rbio(ssl_conn); + wbio = SSL_get_wbio(ssl_conn); if (rbio != wbio) { (void) BIO_set_write_buffer_size(wbio, NGX_SSL_BUFSIZE); @@ -1360,7 +1351,6 @@ ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name) { -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL #ifndef OPENSSL_NO_ECDH /* @@ -1435,7 +1425,6 @@ EC_KEY_free(ecdh); #endif #endif -#endif return NGX_OK; } @@ -3364,17 +3353,8 @@ } } -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - session_id = (u_char *) SSL_SESSION_get_id(sess, &session_id_length); -#else - - session_id = sess->session_id; - session_id_length = sess->session_id_length; - -#endif - #if (NGX_PTR_SIZE == 8) id = sess_id->sess_id; @@ -3450,13 +3430,10 @@ #endif u_char *id, int len, int *copy) { -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; size_t slen; uint32_t hash; ngx_int_t rc; + const u_char *p; ngx_shm_zone_t *shm_zone; ngx_slab_pool_t *shpool; ngx_rbtree_node_t *node, *sentinel; @@ -3578,17 +3555,8 @@ cache = shm_zone->data; -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - id = (u_char *) SSL_SESSION_get_id(sess, &len); -#else - - id = sess->session_id; - len = sess->session_id_length; - -#endif - hash = ngx_crc32_short(id, len); ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, @@ -4387,17 +4355,8 @@ return NGX_OK; } -#if OPENSSL_VERSION_NUMBER >= 0x0090800fL - buf = (u_char *) SSL_SESSION_get_id(sess, &len); -#else - - buf = sess->session_id; - len = sess->session_id_length; - -#endif - s->len = 2 * len; s->data = ngx_pnalloc(pool, 2 * len); if (s->data == NULL) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/event/ngx_event_openssl_stapling.c new/nginx-1.17.0/src/event/ngx_event_openssl_stapling.c --- old/nginx-1.16.0/src/event/ngx_event_openssl_stapling.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/event/ngx_event_openssl_stapling.c 2019-05-21 16:23:57.000000000 +0200 @@ -589,15 +589,12 @@ static void ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx) { -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; int n; size_t len; time_t now, valid; ngx_str_t response; X509_STORE *store; + const u_char *p; STACK_OF(X509) *chain; OCSP_CERTID *id; OCSP_RESPONSE *ocsp; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/modules/ngx_http_range_filter_module.c new/nginx-1.17.0/src/http/modules/ngx_http_range_filter_module.c --- old/nginx-1.16.0/src/http/modules/ngx_http_range_filter_module.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/modules/ngx_http_range_filter_module.c 2019-05-21 16:23:57.000000000 +0200 @@ -700,8 +700,9 @@ ngx_http_range_filter_ctx_t *ctx, ngx_chain_t *in) { off_t start, last; + ngx_int_t rc; ngx_buf_t *buf; - ngx_chain_t *out, *cl, **ll; + ngx_chain_t *out, *cl, *tl, **ll; ngx_http_range_t *range; out = NULL; @@ -721,8 +722,22 @@ "http range body buf: %O-%O", start, last); if (ngx_buf_special(buf)) { - *ll = cl; - ll = &cl->next; + + if (range->end <= start) { + continue; + } + + tl = ngx_alloc_chain_link(r->pool); + if (tl == NULL) { + return NGX_ERROR; + } + + tl->buf = buf; + tl->next = NULL; + + *ll = tl; + ll = &tl->next; + continue; } @@ -764,21 +779,42 @@ buf->last_buf = (r == r->main) ? 1 : 0; buf->last_in_chain = 1; - *ll = cl; - cl->next = NULL; - break; + tl = ngx_alloc_chain_link(r->pool); + if (tl == NULL) { + return NGX_ERROR; + } + + tl->buf = buf; + tl->next = NULL; + + *ll = tl; + ll = &tl->next; + + continue; + } + + tl = ngx_alloc_chain_link(r->pool); + if (tl == NULL) { + return NGX_ERROR; } - *ll = cl; - ll = &cl->next; + tl->buf = buf; + tl->next = NULL; + + *ll = tl; + ll = &tl->next; } - if (out == NULL) { - return NGX_OK; + rc = ngx_http_next_body_filter(r, out); + + while (out) { + cl = out; + out = out->next; + ngx_free_chain(r->pool, cl); } - return ngx_http_next_body_filter(r, out); + return rc; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_core_module.c new/nginx-1.17.0/src/http/ngx_http_core_module.c --- old/nginx-1.16.0/src/http/ngx_http_core_module.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_core_module.c 2019-05-21 16:23:57.000000000 +0200 @@ -479,7 +479,7 @@ { ngx_string("limit_rate"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF |NGX_CONF_TAKE1, - ngx_conf_set_size_slot, + ngx_http_set_complex_value_size_slot, NGX_HTTP_LOC_CONF_OFFSET, offsetof(ngx_http_core_loc_conf_t, limit_rate), NULL }, @@ -487,7 +487,7 @@ { ngx_string("limit_rate_after"), NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF |NGX_CONF_TAKE1, - ngx_conf_set_size_slot, + ngx_http_set_complex_value_size_slot, NGX_HTTP_LOC_CONF_OFFSET, offsetof(ngx_http_core_loc_conf_t, limit_rate_after), NULL }, @@ -1281,10 +1281,6 @@ r->connection->tcp_nopush = NGX_TCP_NOPUSH_DISABLED; } - if (r->limit_rate == 0) { - r->limit_rate = clcf->limit_rate; - } - if (clcf->handler) { r->content_handler = clcf->handler; } @@ -3387,6 +3383,8 @@ * clcf->exact_match = 0; * clcf->auto_redirect = 0; * clcf->alias = 0; + * clcf->limit_rate = NULL; + * clcf->limit_rate_after = NULL; * clcf->gzip_proxied = 0; * clcf->keepalive_disable = 0; */ @@ -3417,8 +3415,6 @@ clcf->send_timeout = NGX_CONF_UNSET_MSEC; clcf->send_lowat = NGX_CONF_UNSET_SIZE; clcf->postpone_output = NGX_CONF_UNSET_SIZE; - clcf->limit_rate = NGX_CONF_UNSET_SIZE; - clcf->limit_rate_after = NGX_CONF_UNSET_SIZE; clcf->keepalive_timeout = NGX_CONF_UNSET_MSEC; clcf->keepalive_header = NGX_CONF_UNSET; clcf->keepalive_requests = NGX_CONF_UNSET_UINT; @@ -3647,9 +3643,15 @@ ngx_conf_merge_size_value(conf->send_lowat, prev->send_lowat, 0); ngx_conf_merge_size_value(conf->postpone_output, prev->postpone_output, 1460); - ngx_conf_merge_size_value(conf->limit_rate, prev->limit_rate, 0); - ngx_conf_merge_size_value(conf->limit_rate_after, prev->limit_rate_after, - 0); + + if (conf->limit_rate == NULL) { + conf->limit_rate = prev->limit_rate; + } + + if (conf->limit_rate_after == NULL) { + conf->limit_rate_after = prev->limit_rate_after; + } + ngx_conf_merge_msec_value(conf->keepalive_timeout, prev->keepalive_timeout, 75000); ngx_conf_merge_sec_value(conf->keepalive_header, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_core_module.h new/nginx-1.17.0/src/http/ngx_http_core_module.h --- old/nginx-1.16.0/src/http/ngx_http_core_module.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_core_module.h 2019-05-21 16:23:57.000000000 +0200 @@ -349,13 +349,14 @@ size_t client_body_buffer_size; /* client_body_buffer_size */ size_t send_lowat; /* send_lowat */ size_t postpone_output; /* postpone_output */ - size_t limit_rate; /* limit_rate */ - size_t limit_rate_after; /* limit_rate_after */ size_t sendfile_max_chunk; /* sendfile_max_chunk */ size_t read_ahead; /* read_ahead */ size_t subrequest_output_buffer_size; /* subrequest_output_buffer_size */ + ngx_http_complex_value_t *limit_rate; /* limit_rate */ + ngx_http_complex_value_t *limit_rate_after; /* limit_rate_after */ + ngx_msec_t client_body_timeout; /* client_body_timeout */ ngx_msec_t send_timeout; /* send_timeout */ ngx_msec_t keepalive_timeout; /* keepalive_timeout */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_request.h new/nginx-1.17.0/src/http/ngx_http_request.h --- old/nginx-1.16.0/src/http/ngx_http_request.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_request.h 2019-05-21 16:23:57.000000000 +0200 @@ -515,6 +515,9 @@ unsigned limit_conn_set:1; unsigned limit_req_set:1; + unsigned limit_rate_set:1; + unsigned limit_rate_after_set:1; + #if 0 unsigned cacheable:1; #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_script.c new/nginx-1.17.0/src/http/ngx_http_script.c --- old/nginx-1.16.0/src/http/ngx_http_script.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_script.c 2019-05-21 16:23:57.000000000 +0200 @@ -104,6 +104,37 @@ } +size_t +ngx_http_complex_value_size(ngx_http_request_t *r, + ngx_http_complex_value_t *val, size_t default_value) +{ + size_t size; + ngx_str_t value; + + if (val == NULL) { + return default_value; + } + + if (val->lengths == NULL) { + return val->u.size; + } + + if (ngx_http_complex_value(r, val, &value) != NGX_OK) { + return default_value; + } + + size = ngx_parse_size(&value); + + if (size == (size_t) NGX_ERROR) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "invalid size \"%V\"", &value); + return default_value; + } + + return size; +} + + ngx_int_t ngx_http_compile_complex_value(ngx_http_compile_complex_value_t *ccv) { @@ -241,6 +272,36 @@ } return NGX_CONF_OK; +} + + +char * +ngx_http_set_complex_value_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf) +{ + char *p = conf; + + char *rv; + ngx_http_complex_value_t *cv; + + rv = ngx_http_set_complex_value_slot(cf, cmd, conf); + + if (rv != NGX_CONF_OK) { + return rv; + } + + cv = *(ngx_http_complex_value_t **) (p + cmd->offset); + + if (cv->lengths) { + return NGX_CONF_OK; + } + + cv->u.size = ngx_parse_size(&cv->value); + if (cv->u.size == (size_t) NGX_ERROR) { + return "invalid value"; + } + + return NGX_CONF_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_script.h new/nginx-1.17.0/src/http/ngx_http_script.h --- old/nginx-1.16.0/src/http/ngx_http_script.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_script.h 2019-05-21 16:23:57.000000000 +0200 @@ -68,6 +68,10 @@ ngx_uint_t *flushes; void *lengths; void *values; + + union { + size_t size; + } u; } ngx_http_complex_value_t; @@ -207,9 +211,13 @@ ngx_http_complex_value_t *val); ngx_int_t ngx_http_complex_value(ngx_http_request_t *r, ngx_http_complex_value_t *val, ngx_str_t *value); +size_t ngx_http_complex_value_size(ngx_http_request_t *r, + ngx_http_complex_value_t *val, size_t default_value); ngx_int_t ngx_http_compile_complex_value(ngx_http_compile_complex_value_t *ccv); char *ngx_http_set_complex_value_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +char *ngx_http_set_complex_value_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); ngx_int_t ngx_http_test_predicates(ngx_http_request_t *r, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_upstream.c new/nginx-1.17.0/src/http/ngx_http_upstream.c --- old/nginx-1.16.0/src/http/ngx_http_upstream.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_upstream.c 2019-05-21 16:23:57.000000000 +0200 @@ -2979,6 +2979,7 @@ ngx_http_upstream_process_non_buffered_downstream; r->limit_rate = 0; + r->limit_rate_set = 1; if (u->input_filter_init(u->input_filter_ctx) == NGX_ERROR) { ngx_http_upstream_finalize_request(r, u, NGX_ERROR); @@ -4806,6 +4807,7 @@ if (n != NGX_ERROR) { r->limit_rate = (size_t) n; + r->limit_rate_set = 1; } return NGX_OK; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_upstream_round_robin.c new/nginx-1.17.0/src/http/ngx_http_upstream_round_robin.c --- old/nginx-1.16.0/src/http/ngx_http_upstream_round_robin.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_upstream_round_robin.c 2019-05-21 16:23:57.000000000 +0200 @@ -669,10 +669,7 @@ ngx_http_upstream_rr_peer_t *peer; #if (NGX_HTTP_UPSTREAM_ZONE) int len; -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; + const u_char *p; ngx_http_upstream_rr_peers_t *peers; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; #endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_variables.c new/nginx-1.17.0/src/http/ngx_http_variables.c --- old/nginx-1.16.0/src/http/ngx_http_variables.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_variables.c 2019-05-21 16:23:57.000000000 +0200 @@ -22,8 +22,6 @@ #endif static ngx_int_t ngx_http_variable_request_get_size(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); -static void ngx_http_variable_request_set_size(ngx_http_request_t *r, - ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_header(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); @@ -124,6 +122,8 @@ ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_sent_transfer_encoding(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); +static void ngx_http_variable_set_limit_rate(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data); static ngx_int_t ngx_http_variable_connection(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data); @@ -321,7 +321,7 @@ { ngx_string("sent_http_link"), NULL, ngx_http_variable_headers, offsetof(ngx_http_request_t, headers_out.link), 0, 0 }, - { ngx_string("limit_rate"), ngx_http_variable_request_set_size, + { ngx_string("limit_rate"), ngx_http_variable_set_limit_rate, ngx_http_variable_request_get_size, offsetof(ngx_http_request_t, limit_rate), NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOCACHEABLE, 0 }, @@ -788,32 +788,6 @@ } -static void -ngx_http_variable_request_set_size(ngx_http_request_t *r, - ngx_http_variable_value_t *v, uintptr_t data) -{ - ssize_t s, *sp; - ngx_str_t val; - - val.len = v->len; - val.data = v->data; - - s = ngx_parse_size(&val); - - if (s == NGX_ERROR) { - ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, - "invalid size \"%V\"", &val); - return; - } - - sp = (ssize_t *) ((char *) r + data); - - *sp = s; - - return; -} - - static ngx_int_t ngx_http_variable_header(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) @@ -1993,6 +1967,29 @@ } +static void +ngx_http_variable_set_limit_rate(ngx_http_request_t *r, + ngx_http_variable_value_t *v, uintptr_t data) +{ + ssize_t s; + ngx_str_t val; + + val.len = v->len; + val.data = v->data; + + s = ngx_parse_size(&val); + + if (s == NGX_ERROR) { + ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, + "invalid $limit_rate \"%V\"", &val); + return; + } + + r->limit_rate = s; + r->limit_rate_set = 1; +} + + static ngx_int_t ngx_http_variable_request_completion(ngx_http_request_t *r, ngx_http_variable_value_t *v, uintptr_t data) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/http/ngx_http_write_filter_module.c new/nginx-1.17.0/src/http/ngx_http_write_filter_module.c --- old/nginx-1.16.0/src/http/ngx_http_write_filter_module.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/http/ngx_http_write_filter_module.c 2019-05-21 16:23:57.000000000 +0200 @@ -250,9 +250,17 @@ return NGX_ERROR; } + if (!r->limit_rate_set) { + r->limit_rate = ngx_http_complex_value_size(r, clcf->limit_rate, 0); + r->limit_rate_set = 1; + } + if (r->limit_rate) { - if (r->limit_rate_after == 0) { - r->limit_rate_after = clcf->limit_rate_after; + + if (!r->limit_rate_after_set) { + r->limit_rate_after = ngx_http_complex_value_size(r, + clcf->limit_rate_after, 0); + r->limit_rate_after_set = 1; } limit = (off_t) r->limit_rate * (ngx_time() - r->start_sec + 1) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/stream/ngx_stream_proxy_module.c new/nginx-1.17.0/src/stream/ngx_stream_proxy_module.c --- old/nginx-1.16.0/src/stream/ngx_stream_proxy_module.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/stream/ngx_stream_proxy_module.c 2019-05-21 16:23:57.000000000 +0200 @@ -24,8 +24,8 @@ ngx_msec_t timeout; ngx_msec_t next_upstream_timeout; size_t buffer_size; - size_t upload_rate; - size_t download_rate; + ngx_stream_complex_value_t *upload_rate; + ngx_stream_complex_value_t *download_rate; ngx_uint_t requests; ngx_uint_t responses; ngx_uint_t next_upstream_tries; @@ -184,14 +184,14 @@ { ngx_string("proxy_upload_rate"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, - ngx_conf_set_size_slot, + ngx_stream_set_complex_value_size_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_proxy_srv_conf_t, upload_rate), NULL }, { ngx_string("proxy_download_rate"), NGX_STREAM_MAIN_CONF|NGX_STREAM_SRV_CONF|NGX_CONF_TAKE1, - ngx_conf_set_size_slot, + ngx_stream_set_complex_value_size_slot, NGX_STREAM_SRV_CONF_OFFSET, offsetof(ngx_stream_proxy_srv_conf_t, download_rate), NULL }, @@ -895,6 +895,9 @@ u->proxy_protocol = 0; } + u->upload_rate = ngx_stream_complex_value_size(s, pscf->upload_rate, 0); + u->download_rate = ngx_stream_complex_value_size(s, pscf->download_rate, 0); + u->connected = 1; pc->read->handler = ngx_stream_proxy_upstream_handler; @@ -1532,7 +1535,7 @@ src = pc; dst = c; b = &u->upstream_buf; - limit_rate = pscf->download_rate; + limit_rate = u->download_rate; received = &u->received; packets = &u->responses; out = &u->downstream_out; @@ -1544,7 +1547,7 @@ src = c; dst = pc; b = &u->downstream_buf; - limit_rate = pscf->upload_rate; + limit_rate = u->upload_rate; received = &s->received; packets = &u->requests; out = &u->upstream_out; @@ -1955,6 +1958,8 @@ * conf->ssl_certificate = { 0, NULL }; * conf->ssl_certificate_key = { 0, NULL }; * + * conf->upload_rate = NULL; + * conf->download_rate = NULL; * conf->ssl = NULL; * conf->upstream = NULL; * conf->upstream_value = NULL; @@ -1964,8 +1969,6 @@ conf->timeout = NGX_CONF_UNSET_MSEC; conf->next_upstream_timeout = NGX_CONF_UNSET_MSEC; conf->buffer_size = NGX_CONF_UNSET_SIZE; - conf->upload_rate = NGX_CONF_UNSET_SIZE; - conf->download_rate = NGX_CONF_UNSET_SIZE; conf->requests = NGX_CONF_UNSET_UINT; conf->responses = NGX_CONF_UNSET_UINT; conf->next_upstream_tries = NGX_CONF_UNSET_UINT; @@ -2005,11 +2008,13 @@ ngx_conf_merge_size_value(conf->buffer_size, prev->buffer_size, 16384); - ngx_conf_merge_size_value(conf->upload_rate, - prev->upload_rate, 0); + if (conf->upload_rate == NULL) { + conf->upload_rate = prev->upload_rate; + } - ngx_conf_merge_size_value(conf->download_rate, - prev->download_rate, 0); + if (conf->download_rate == NULL) { + conf->download_rate = prev->download_rate; + } ngx_conf_merge_uint_value(conf->requests, prev->requests, 0); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/stream/ngx_stream_script.c new/nginx-1.17.0/src/stream/ngx_stream_script.c --- old/nginx-1.16.0/src/stream/ngx_stream_script.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/stream/ngx_stream_script.c 2019-05-21 16:23:57.000000000 +0200 @@ -105,6 +105,37 @@ } +size_t +ngx_stream_complex_value_size(ngx_stream_session_t *s, + ngx_stream_complex_value_t *val, size_t default_value) +{ + size_t size; + ngx_str_t value; + + if (val == NULL) { + return default_value; + } + + if (val->lengths == NULL) { + return val->u.size; + } + + if (ngx_stream_complex_value(s, val, &value) != NGX_OK) { + return default_value; + } + + size = ngx_parse_size(&value); + + if (size == (size_t) NGX_ERROR) { + ngx_log_error(NGX_LOG_ERR, s->connection->log, 0, + "invalid size \"%V\"", &value); + return default_value; + } + + return size; +} + + ngx_int_t ngx_stream_compile_complex_value(ngx_stream_compile_complex_value_t *ccv) { @@ -243,6 +274,36 @@ } return NGX_CONF_OK; +} + + +char * +ngx_stream_set_complex_value_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf) +{ + char *p = conf; + + char *rv; + ngx_stream_complex_value_t *cv; + + rv = ngx_stream_set_complex_value_slot(cf, cmd, conf); + + if (rv != NGX_CONF_OK) { + return rv; + } + + cv = *(ngx_stream_complex_value_t **) (p + cmd->offset); + + if (cv->lengths) { + return NGX_CONF_OK; + } + + cv->u.size = ngx_parse_size(&cv->value); + if (cv->u.size == (size_t) NGX_ERROR) { + return "invalid value"; + } + + return NGX_CONF_OK; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/stream/ngx_stream_script.h new/nginx-1.17.0/src/stream/ngx_stream_script.h --- old/nginx-1.16.0/src/stream/ngx_stream_script.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/stream/ngx_stream_script.h 2019-05-21 16:23:57.000000000 +0200 @@ -56,6 +56,10 @@ ngx_uint_t *flushes; void *lengths; void *values; + + union { + size_t size; + } u; } ngx_stream_complex_value_t; @@ -102,10 +106,14 @@ ngx_stream_complex_value_t *val); ngx_int_t ngx_stream_complex_value(ngx_stream_session_t *s, ngx_stream_complex_value_t *val, ngx_str_t *value); +size_t ngx_stream_complex_value_size(ngx_stream_session_t *s, + ngx_stream_complex_value_t *val, size_t default_value); ngx_int_t ngx_stream_compile_complex_value( ngx_stream_compile_complex_value_t *ccv); char *ngx_stream_set_complex_value_slot(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); +char *ngx_stream_set_complex_value_size_slot(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); ngx_uint_t ngx_stream_script_variables_count(ngx_str_t *value); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/stream/ngx_stream_upstream.h new/nginx-1.17.0/src/stream/ngx_stream_upstream.h --- old/nginx-1.16.0/src/stream/ngx_stream_upstream.h 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/stream/ngx_stream_upstream.h 2019-05-21 16:23:57.000000000 +0200 @@ -132,6 +132,9 @@ ngx_uint_t responses; ngx_msec_t start_time; + size_t upload_rate; + size_t download_rate; + ngx_str_t ssl_name; ngx_stream_upstream_srv_conf_t *upstream; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/nginx-1.16.0/src/stream/ngx_stream_upstream_round_robin.c new/nginx-1.17.0/src/stream/ngx_stream_upstream_round_robin.c --- old/nginx-1.16.0/src/stream/ngx_stream_upstream_round_robin.c 2019-04-23 15:12:58.000000000 +0200 +++ new/nginx-1.17.0/src/stream/ngx_stream_upstream_round_robin.c 2019-05-21 16:23:57.000000000 +0200 @@ -701,10 +701,7 @@ ngx_stream_upstream_rr_peer_t *peer; #if (NGX_STREAM_UPSTREAM_ZONE) int len; -#if OPENSSL_VERSION_NUMBER >= 0x0090707fL - const -#endif - u_char *p; + const u_char *p; ngx_stream_upstream_rr_peers_t *peers; u_char buf[NGX_SSL_MAX_SESSION_SIZE]; #endif