Custom Query (2311 matches)

Filters
 
Or
 
  
 
Columns

Show under each result:

Results (67 - 69 of 2311)

13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
Ticket Resolution Summary Owner Reporter
#2544 invalid Cores on nginx-quiche while running curl command Karthikdasari0423@…
Description

Hi ,

I tried to build nginx with quiche as explained below and tried to run curl with http3 but noticing below cores https://github.com/cloudflare/quiche/tree/master/nginx

nginx -V root@ubuntu:/tmp/cores# /src/nginx-1.16.1/objs/nginx -V nginx version: nginx/1.16.1 (quiche-ab2b44fa) built by gcc 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04) built with OpenSSL 1.1.1 (compatible; BoringSSL) (running with BoringSSL) TLS SNI support enabled configure arguments: --prefix=/src/nginx-1.16.1 --build=quiche-ab2b44fa --with-http_ssl_module --with-http_v2_module --with-http_v3_module --with-openssl=../quiche/quiche/deps/boringssl --with-quiche=../quiche

curl command and version root@ubuntu:/tmp/cores# curl -V curl 8.3.0-DEV (x86_64-pc-linux-gnu) libcurl/8.3.0-DEV OpenSSL/1.1.1s zlib/1.2.11 brotli/1.0.9 msh3/0.6.0.0 Release-Date: [unreleased] Protocols: dict file ftp ftps gopher gophers http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp Features: alt-svc AsynchDNS brotli HSTS HTTP3 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL threadsafe UnixSockets

root@ubuntu:/tmp/cores# curl -k -v --http3-only -# -o /tmp/index.html https://127.0.0.1:5443/index.html below is the nginx bt

(gdb) bt #0 0x000055d6712442c2 in ngx_quic_write_handler (wev=<optimized out>) at src/event/ngx_event_quic.c:411 #1 0x000055d67123456f in ngx_event_process_posted (cycle=cycle@entry=0x55d6737d0700, posted=0x55d6717a0280 <ngx_posted_events>)

at src/event/ngx_event_posted.c:34

#2 0x000055d67123405c in ngx_process_events_and_timers (cycle=cycle@entry=0x55d6737d0700) at src/event/ngx_event.c:267 #3 0x000055d67123bf51 in ngx_worker_process_cycle (cycle=0x55d6737d0700, data=<optimized out>) at src/os/unix/ngx_process_cycle.c:750 #4 0x000055d67123a431 in ngx_spawn_process (cycle=cycle@entry=0x55d6737d0700,

proc=proc@entry=0x55d67123be67 <ngx_worker_process_cycle>, data=data@entry=0x4, name=name@entry=0x55d6715d8236 "worker process", respawn=respawn@entry=-3) at src/os/unix/ngx_process.c:199

#5 0x000055d67123b537 in ngx_start_worker_processes (cycle=cycle@entry=0x55d6737d0700, n=8, type=type@entry=-3)

at src/os/unix/ngx_process_cycle.c:359

#6 0x000055d67123c62d in ngx_master_process_cycle (cycle=cycle@entry=0x55d6737d0700) at src/os/unix/ngx_process_cycle.c:131 #7 0x000055d671214e0f in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:382 (gdb) quit

nginx error log file

2023/09/06 11:26:06 [alert] 240245#0: worker process 240272 exited on signal 11 (core dumped) 2023/09/06 11:26:08 [alert] 240245#0: worker process 240274 exited on signal 11 (core dumped) 2023/09/06 11:26:12 [alert] 240245#0: worker process 240276 exited on signal 11 (core dumped) 2023/09/06 11:26:26 [alert] 240245#0: worker process 240247 exited on signal 11 (core dumped) 2023/09/06 11:26:27 [alert] 240245#0: worker process 240303 exited on signal 11 (core dumped) 2023/09/06 11:26:29 [alert] 240245#0: worker process 240305 exited on signal 11 (core dumped) 2023/09/06 11:26:33 [alert] 240245#0: worker process 240307 exited on signal 11 (core dumped) 2023/09/06 11:31:05 [alert] 240245#0: worker process 240250 exited on signal 11 (core dumped) 2023/09/06 11:31:06 [alert] 240245#0: worker process 241691 exited on signal 11 (core dumped) 2023/09/06 11:31:08 [alert] 240245#0: worker process 241692 exited on signal 11 (core dumped) 2023/09/06 11:31:12 [alert] 240245#0: worker process 241693 exited on signal 11 (core dumped) 2023/09/06 11:38:52 [alert] 240245#0: worker process 241694 exited on signal 11 (core dumped) 2023/09/06 11:38:53 [alert] 240245#0: worker process 241734 exited on signal 11 (core dumped) 2023/09/06 11:38:55 [alert] 240245#0: worker process 241735 exited on signal 11 (core dumped) 2023/09/06 11:38:59 [alert] 240245#0: worker process 241736 exited on signal 11 (core dumped) root@ubuntu:/tmp/cores#

root@ubuntu:/tmp/cores# ls -lrth total 89M -rwxrwxrwx 1 root root 12M Sep 6 11:31 core.nginx.240250 -rwxrwxrwx 1 root root 12M Sep 6 11:31 core.nginx.241691 -rwxrwxrwx 1 root root 12M Sep 6 11:31 core.nginx.241692 -rwxrwxrwx 1 root root 12M Sep 6 11:31 core.nginx.241693 -rwxrwxrwx 1 root root 12M Sep 6 11:38 core.nginx.241694 -rwxrwxrwx 1 root root 12M Sep 6 11:38 core.nginx.241734 -rwxrwxrwx 1 root root 12M Sep 6 11:38 core.nginx.241735 -rwxrwxrwx 1 root root 12M Sep 6 11:38 core.nginx.241736 root@ubuntu:/tmp/cores#

am i missing anything here?

#2543 invalid wrong "host" header when using upstreams girsch.ventx.de@…
Description

Hi,

we have a reverse proxy setup with 2 upstreams, the decision to which upstream to route a request is based on value of a specific header. Lets say we want to route requests to upstreams based on a value of the user-agent header 

          upstream banana {
             server banana-server;
           }
           upstream apple {
             server apple-server;
           }

          map $http_user_agent $proxied_server {
            default apple;

            "~*Firefox*" apple;
            "~*Chrome*" banana;
          }
 
          server {
              listen 8080;
              server_name localhost;
              location / {
                    proxy_pass http://$proxied_server;
              }
          }

the request is sent to the right upstream IP by a reverse proxy, but instead of taking the DNS name of the server specified in the "upstream" the reverse proxy takes the name of upstream as a value for the host header. So instead of "banana-server" it sends just "banana".

#2541 invalid TLS 1.2 connection on TLS 1.3 only site vp1981@…
Description

I configured nginx to accept only TLS 1.3 connections and up to version 1.25.2 everything was fine. But since version 1.25.2, both curl and ssllabs show me that a site is accessible with TLS 1.2 as well.

To force the use of TLS 1.3, I used a trick with the OPENSSL_CONF environment variable pointing to a file with the content 

openssl_conf = default_conf

[default_conf]
ssl_conf = ssl_sect

[ssl_sect]
system_default = system_default_sect

[system_default_sect]
Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384
Options = ServerPreference,PrioritizeChaCha

and the following configuration for the site 

  listen            443 ssl;
  listen       [::]:443 ssl;
  http2        on;
  server_name  isu.bkoty.ru;

  ssl_session_cache          shared:SSL:10m;
  ssl_session_timeout        10m;
  ssl_password_file          /etc/cert/hosts/isu.ppp;
  ssl_certificate            /etc/cert/hosts/isu.crt;
  ssl_certificate_key        /etc/cert/hosts/isu.key;
  ssl_protocols              TLSv1.3;
  ssl_prefer_server_ciphers  on;
  ssl_ecdh_curve             secp384r1;

To use the OPENSSL_CONF variable I added a line 

Environment=OPENSSL_CONF=/etc/nginx/openssl.conf

to the nginx.service file.

Now, to test the connection to the site I ran the command 

$ curl -I -v --tlsv1.2 --tls-max 1.2 https://isu.bkoty.ru

and the site responded using the TLS 1.2 protocol. I don't understand why TLS 1.2 is being used (I didn't configure it, right?). Has something changed in nginx regarding how openssl configuration is used?

P.S. Sorry, this might be my second ticket, I didn't manage to write the first one correctly.

13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
Batch Modify
Note: See TracBatchModify for help on using batch modify.
Note: See TracQuery for help on using queries.