Merge branch 'nginx' (nginx-1.17.8).
Change-Id: Ia4a0983d51784c44cc5d922b5275345bc9803246
Signed-off-by: Piotr Sikora <piotrsikora@google.com>
diff --git a/.hgtags b/.hgtags
index d8c1590..44ef2f1 100644
--- a/.hgtags
+++ b/.hgtags
@@ -446,3 +446,4 @@
9af0dddbddb2c368bfedd2801bc100ffad01e19b release-1.17.5
de68d0d94320cbf033599c6f3ca37e5335c67fd7 release-1.17.6
e56295fe0ea76bf53b06bffa77a2d3a9a335cb8c release-1.17.7
+fdacd273711ddf20f778c1fb91529ab53979a454 release-1.17.8
diff --git a/BUILD b/BUILD
index 148533f..b72c379 100644
--- a/BUILD
+++ b/BUILD
@@ -1520,5 +1520,5 @@
preinst = "@nginx_pkgoss//:debian_preinst",
prerm = "@nginx_pkgoss//:debian_prerm",
section = "httpd",
- version = "1.17.7",
+ version = "1.17.8",
)
diff --git a/build.bzl b/build.bzl
index 6b8620d..aed616e 100644
--- a/build.bzl
+++ b/build.bzl
@@ -673,9 +673,9 @@
name = "nginx_pkgoss",
build_file_content = _PKGOSS_BUILD_FILE.format(nginx = nginx) +
_PKGOSS_BUILD_FILE_TAIL,
- commit = "0c293ff483aea9e41a13192ea550374dc73a5027", # nginx-1.17.7
+ commit = "8c658c22ad1b25f46ae166fb02a17fa18bb080eb", # nginx-1.17.8
remote = "https://nginx.googlesource.com/nginx-pkgoss",
- shallow_since = "1577200078 +0300",
+ shallow_since = "1579613828 +0300",
)
def nginx_repositories_zlib(bind):
diff --git a/docs/xml/nginx/changes.xml b/docs/xml/nginx/changes.xml
index 359c25e..0bf680c 100644
--- a/docs/xml/nginx/changes.xml
+++ b/docs/xml/nginx/changes.xml
@@ -5,6 +5,42 @@
<change_log title="nginx">
+<changes ver="1.17.8" date="2020-01-21">
+
+<change type="feature">
+<para lang="ru">
+директива grpc_pass поддерживает переменные.
+</para>
+<para lang="en">
+variables support in the "grpc_pass" directive.
+</para>
+</change>
+
+<change type="bugfix">
+<para lang="ru">
+при обработке pipelined-запросов по SSL-соединению мог произойти таймаут;
+ошибка появилась в 1.17.5.
+</para>
+<para lang="en">
+a timeout might occur while handling pipelined requests in an SSL connection;
+the bug had appeared in 1.17.5.
+</para>
+</change>
+
+<change type="bugfix">
+<para lang="ru">
+в директиве debug_points при использовании HTTP/2.<br/>
+Спасибо Даниилу Бондареву.
+</para>
+<para lang="en">
+in the "debug_points" directive when using HTTP/2.<br/>
+Thanks to Daniil Bondarev.
+</para>
+</change>
+
+</changes>
+
+
<changes ver="1.17.7" date="2019-12-24">
<change type="bugfix">
@@ -27,7 +63,7 @@
или директивой proxy_pass с URI.
</para>
<para lang="en">
-a segmentation fault might occur in a worker process
+a segmentation fault might occur in a worker process
if the "break" directive was used with the "alias" directive
or with the "proxy_pass" directive with a URI.
</para>
diff --git a/src/core/nginx.h b/src/core/nginx.h
index 204fc34..c539c38 100644
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@@ -13,8 +13,8 @@
#define NGINX_NAME "nginx"
#endif
-#define nginx_version 1017007
-#define NGINX_VERSION "1.17.7"
+#define nginx_version 1017008
+#define NGINX_VERSION "1.17.8"
#define NGINX_VER NGINX_NAME "/" NGINX_VERSION
#ifdef NGX_BUILD
diff --git a/src/event/ngx_event.c b/src/event/ngx_event.c
index 4115cf9..b96d25b 100644
--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
@@ -238,6 +238,7 @@
}
if (!ngx_queue_empty(&ngx_posted_next_events)) {
+ ngx_event_move_posted_next(cycle);
timer = 0;
}
@@ -261,7 +262,6 @@
}
ngx_event_process_posted(cycle, &ngx_posted_events);
- ngx_event_process_posted_next(cycle, &ngx_posted_next_events);
}
diff --git a/src/event/ngx_event_openssl.c b/src/event/ngx_event_openssl.c
index 35225f0..763a894 100644
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2040,6 +2040,10 @@
c->read->available = 0;
c->read->ready = 0;
+ if (c->read->posted) {
+ ngx_delete_posted_event(c->read);
+ }
+
ngx_post_event(c->read, &ngx_posted_next_events);
}
diff --git a/src/event/ngx_event_posted.c b/src/event/ngx_event_posted.c
index 125bf4c..fa575bd 100644
--- a/src/event/ngx_event_posted.c
+++ b/src/event/ngx_event_posted.c
@@ -37,26 +37,24 @@
void
-ngx_event_process_posted_next(ngx_cycle_t *cycle, ngx_queue_t *posted)
+ngx_event_move_posted_next(ngx_cycle_t *cycle)
{
ngx_queue_t *q;
ngx_event_t *ev;
- while (!ngx_queue_empty(posted)) {
-
- q = ngx_queue_head(posted);
+ for (q = ngx_queue_head(&ngx_posted_next_events);
+ q != ngx_queue_sentinel(&ngx_posted_next_events);
+ q = ngx_queue_next(q))
+ {
ev = ngx_queue_data(q, ngx_event_t, queue);
ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
"posted next event %p", ev);
- ngx_delete_posted_event(ev);
-
- if (!ev->ready) {
- ev->ready = 1;
- ev->available = -1;
- }
-
- ev->handler(ev);
+ ev->ready = 1;
+ ev->available = -1;
}
+
+ ngx_queue_add(&ngx_posted_events, &ngx_posted_next_events);
+ ngx_queue_init(&ngx_posted_next_events);
}
diff --git a/src/event/ngx_event_posted.h b/src/event/ngx_event_posted.h
index de0a804..b1a85c4 100644
--- a/src/event/ngx_event_posted.h
+++ b/src/event/ngx_event_posted.h
@@ -39,7 +39,7 @@
void ngx_event_process_posted(ngx_cycle_t *cycle, ngx_queue_t *posted);
-void ngx_event_process_posted_next(ngx_cycle_t *cycle, ngx_queue_t *posted);
+void ngx_event_move_posted_next(ngx_cycle_t *cycle);
extern ngx_queue_t ngx_posted_accept_events;
diff --git a/src/http/modules/ngx_http_grpc_module.c b/src/http/modules/ngx_http_grpc_module.c
index f59ecbd..d4af66d 100644
--- a/src/http/modules/ngx_http_grpc_module.c
+++ b/src/http/modules/ngx_http_grpc_module.c
@@ -27,6 +27,9 @@
ngx_str_t host;
ngx_uint_t host_set;
+ ngx_array_t *grpc_lengths;
+ ngx_array_t *grpc_values;
+
#if (NGX_HTTP_SSL)
ngx_uint_t ssl;
ngx_uint_t ssl_protocols;
@@ -119,6 +122,8 @@
unsigned status:1;
ngx_http_request_t *request;
+
+ ngx_str_t host;
} ngx_http_grpc_ctx_t;
@@ -135,6 +140,8 @@
} ngx_http_grpc_frame_t;
+static ngx_int_t ngx_http_grpc_eval(ngx_http_request_t *r,
+ ngx_http_grpc_ctx_t *ctx, ngx_http_grpc_loc_conf_t *glcf);
static ngx_int_t ngx_http_grpc_create_request(ngx_http_request_t *r);
static ngx_int_t ngx_http_grpc_reinit_request(ngx_http_request_t *r);
static ngx_int_t ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in);
@@ -524,22 +531,40 @@
return NGX_HTTP_INTERNAL_SERVER_ERROR;
}
+ ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_grpc_ctx_t));
+ if (ctx == NULL) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
+
+ ctx->request = r;
+
+ ngx_http_set_ctx(r, ctx, ngx_http_grpc_module);
+
glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module);
u = r->upstream;
-#if (NGX_HTTP_SSL)
- u->ssl = (glcf->upstream.ssl != NULL);
+ if (glcf->grpc_lengths == NULL) {
+ ctx->host = glcf->host;
- if (u->ssl) {
- ngx_str_set(&u->schema, "grpcs://");
+#if (NGX_HTTP_SSL)
+ u->ssl = (glcf->upstream.ssl != NULL);
+
+ if (u->ssl) {
+ ngx_str_set(&u->schema, "grpcs://");
+
+ } else {
+ ngx_str_set(&u->schema, "grpc://");
+ }
+#else
+ ngx_str_set(&u->schema, "grpc://");
+#endif
} else {
- ngx_str_set(&u->schema, "grpc://");
+ if (ngx_http_grpc_eval(r, ctx, glcf) != NGX_OK) {
+ return NGX_HTTP_INTERNAL_SERVER_ERROR;
+ }
}
-#else
- ngx_str_set(&u->schema, "grpc://");
-#endif
u->output.tag = (ngx_buf_tag_t) &ngx_http_grpc_module;
@@ -551,15 +576,6 @@
u->abort_request = ngx_http_grpc_abort_request;
u->finalize_request = ngx_http_grpc_finalize_request;
- ctx = ngx_pcalloc(r->pool, sizeof(ngx_http_grpc_ctx_t));
- if (ctx == NULL) {
- return NGX_HTTP_INTERNAL_SERVER_ERROR;
- }
-
- ctx->request = r;
-
- ngx_http_set_ctx(r, ctx, ngx_http_grpc_module);
-
u->input_filter_init = ngx_http_grpc_filter_init;
u->input_filter = ngx_http_grpc_filter;
u->input_filter_ctx = ctx;
@@ -577,6 +593,103 @@
static ngx_int_t
+ngx_http_grpc_eval(ngx_http_request_t *r, ngx_http_grpc_ctx_t *ctx,
+ ngx_http_grpc_loc_conf_t *glcf)
+{
+ size_t add;
+ ngx_url_t url;
+ ngx_http_upstream_t *u;
+
+ ngx_memzero(&url, sizeof(ngx_url_t));
+
+ if (ngx_http_script_run(r, &url.url, glcf->grpc_lengths->elts, 0,
+ glcf->grpc_values->elts)
+ == NULL)
+ {
+ return NGX_ERROR;
+ }
+
+ if (url.url.len > 7
+ && ngx_strncasecmp(url.url.data, (u_char *) "grpc://", 7) == 0)
+ {
+ add = 7;
+
+ } else if (url.url.len > 8
+ && ngx_strncasecmp(url.url.data, (u_char *) "grpcs://", 8) == 0)
+ {
+
+#if (NGX_HTTP_SSL)
+ add = 8;
+ r->upstream->ssl = 1;
+#else
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "grpcs protocol requires SSL support");
+ return NGX_ERROR;
+#endif
+
+ } else {
+ add = 0;
+ }
+
+ u = r->upstream;
+
+ if (add) {
+ u->schema.len = add;
+ u->schema.data = url.url.data;
+
+ url.url.data += add;
+ url.url.len -= add;
+
+ } else {
+ ngx_str_set(&u->schema, "grpc://");
+ }
+
+ url.no_resolve = 1;
+
+ if (ngx_parse_url(r->pool, &url) != NGX_OK) {
+ if (url.err) {
+ ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+ "%s in upstream \"%V\"", url.err, &url.url);
+ }
+
+ return NGX_ERROR;
+ }
+
+ u->resolved = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_resolved_t));
+ if (u->resolved == NULL) {
+ return NGX_ERROR;
+ }
+
+ if (url.addrs) {
+ u->resolved->sockaddr = url.addrs[0].sockaddr;
+ u->resolved->socklen = url.addrs[0].socklen;
+ u->resolved->name = url.addrs[0].name;
+ u->resolved->naddrs = 1;
+ }
+
+ u->resolved->host = url.host;
+ u->resolved->port = url.port;
+ u->resolved->no_port = url.no_port;
+
+ if (url.family != AF_UNIX) {
+
+ if (url.no_port) {
+ ctx->host = url.host;
+
+ } else {
+ ctx->host.len = url.host.len + 1 + url.port_text.len;
+ ctx->host.data = url.host.data;
+ }
+
+ } else {
+ ngx_str_set(&ctx->host, "localhost");
+ }
+
+ return NGX_OK;
+}
+
+
+static ngx_int_t
ngx_http_grpc_create_request(ngx_http_request_t *r)
{
u_char *p, *tmp, *key_tmp, *val_tmp, *headers_frame;
@@ -587,6 +700,7 @@
ngx_chain_t *cl, *body;
ngx_list_part_t *part;
ngx_table_elt_t *header;
+ ngx_http_grpc_ctx_t *ctx;
ngx_http_upstream_t *u;
ngx_http_grpc_frame_t *f;
ngx_http_script_code_pt code;
@@ -598,6 +712,8 @@
glcf = ngx_http_get_module_loc_conf(r, ngx_http_grpc_module);
+ ctx = ngx_http_get_module_ctx(r, ngx_http_grpc_module);
+
len = sizeof(ngx_http_grpc_connection_start) - 1
+ sizeof(ngx_http_grpc_frame_t); /* headers frame */
@@ -637,10 +753,10 @@
/* :authority header */
if (!glcf->host_set) {
- len += 1 + NGX_HTTP_V2_INT_OCTETS + glcf->host.len;
+ len += 1 + NGX_HTTP_V2_INT_OCTETS + ctx->host.len;
- if (tmp_len < glcf->host.len) {
- tmp_len = glcf->host.len;
+ if (tmp_len < ctx->host.len) {
+ tmp_len = ctx->host.len;
}
}
@@ -785,7 +901,7 @@
}
#if (NGX_HTTP_SSL)
- if (glcf->ssl) {
+ if (u->ssl) {
*b->last++ = ngx_http_v2_indexed(NGX_HTTP_V2_SCHEME_HTTPS_INDEX);
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
@@ -846,11 +962,11 @@
if (!glcf->host_set) {
*b->last++ = ngx_http_v2_inc_indexed(NGX_HTTP_V2_AUTHORITY_INDEX);
- b->last = ngx_http_v2_write_value(b->last, glcf->host.data,
- glcf->host.len, tmp);
+ b->last = ngx_http_v2_write_value(b->last, ctx->host.data,
+ ctx->host.len, tmp);
ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
- "grpc header: \":authority: %V\"", &glcf->host);
+ "grpc header: \":authority: %V\"", &ctx->host);
}
ngx_memzero(&e, sizeof(ngx_http_script_engine_t));
@@ -4319,15 +4435,23 @@
clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
- if (clcf->noname && conf->upstream.upstream == NULL) {
+ if (clcf->noname
+ && conf->upstream.upstream == NULL && conf->grpc_lengths == NULL)
+ {
conf->upstream.upstream = prev->upstream.upstream;
conf->host = prev->host;
+
+ conf->grpc_lengths = prev->grpc_lengths;
+ conf->grpc_values = prev->grpc_values;
+
#if (NGX_HTTP_SSL)
conf->upstream.ssl = prev->upstream.ssl;
#endif
}
- if (clcf->lmt_excpt && clcf->handler == NULL && conf->upstream.upstream) {
+ if (clcf->lmt_excpt && clcf->handler == NULL
+ && (conf->upstream.upstream || conf->grpc_lengths))
+ {
clcf->handler = ngx_http_grpc_handler;
}
@@ -4537,18 +4661,54 @@
{
ngx_http_grpc_loc_conf_t *glcf = conf;
- size_t add;
- ngx_str_t *value, *url;
- ngx_url_t u;
- ngx_http_core_loc_conf_t *clcf;
+ size_t add;
+ ngx_str_t *value, *url;
+ ngx_url_t u;
+ ngx_uint_t n;
+ ngx_http_core_loc_conf_t *clcf;
+ ngx_http_script_compile_t sc;
- if (glcf->upstream.upstream) {
+ if (glcf->upstream.upstream || glcf->grpc_lengths) {
return "is duplicate";
}
+ clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
+
+ clcf->handler = ngx_http_grpc_handler;
+
+ if (clcf->name.len && clcf->name.data[clcf->name.len - 1] == '/') {
+ clcf->auto_redirect = 1;
+ }
+
value = cf->args->elts;
+
url = &value[1];
+ n = ngx_http_script_variables_count(url);
+
+ if (n) {
+
+ ngx_memzero(&sc, sizeof(ngx_http_script_compile_t));
+
+ sc.cf = cf;
+ sc.source = url;
+ sc.lengths = &glcf->grpc_lengths;
+ sc.values = &glcf->grpc_values;
+ sc.variables = n;
+ sc.complete_lengths = 1;
+ sc.complete_values = 1;
+
+ if (ngx_http_script_compile(&sc) != NGX_OK) {
+ return NGX_CONF_ERROR;
+ }
+
+#if (NGX_HTTP_SSL)
+ glcf->ssl = 1;
+#endif
+
+ return NGX_CONF_OK;
+ }
+
if (ngx_strncasecmp(url->data, (u_char *) "grpc://", 7) == 0) {
add = 7;
@@ -4593,14 +4753,6 @@
ngx_str_set(&glcf->host, "localhost");
}
- clcf = ngx_http_conf_get_module_loc_conf(cf, ngx_http_core_module);
-
- clcf->handler = ngx_http_grpc_handler;
-
- if (clcf->name.len && clcf->name.data[clcf->name.len - 1] == '/') {
- clcf->auto_redirect = 1;
- }
-
return NGX_CONF_OK;
}
diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c
index 5ce93ce..f677e8e 100644
--- a/src/http/v2/ngx_http_v2.c
+++ b/src/http/v2/ngx_http_v2.c
@@ -2496,10 +2496,6 @@
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, h2c->connection->log, 0,
"http2 state connection error");
- if (err == NGX_HTTP_V2_INTERNAL_ERROR) {
- ngx_debug_point();
- }
-
ngx_http_v2_finalize_connection(h2c, err);
return NULL;
