Timeline



11/13/15:

17:20 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) closed by Valentin V. Bartenev
fixed: A different version of the patch has been committed after review. It …
17:15 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) updated by Valentin Bartenev <vbart@…>
In [changeset:"932a465537ef8462c480dc664b1503e248db1bef/nginx"
17:10 Changeset in nginx [6293:ec6b07be88a5] by Valentin Bartenev <vbart@…>
HTTP/2: reused HEADERS and CONTINUATION frames buffers.
17:10 Changeset in nginx [6292:f72d3129cd35] by Valentin Bartenev <vbart@…>
HTTP/2: fixed handling of output HEADERS frames. The HEADERS frame is …
17:10 Changeset in nginx [6291:932a465537ef] by Valentin Bartenev <vbart@…>
HTTP/2: fixed invalid headers handling (ticket #831). The …
16:33 tcpdump-wiresharp-server-client.7z attached to Ticket #830 by Jeffrey
dump for client and server
16:13 debug-log-2054.7z attached to Ticket #830 by Jeffrey
debug log (see 2015/11/11 20:54:32)

11/12/15:

21:36 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) updated by Brian Stanback
I've applied your patch to my copy of the 1.9.6 source and did some …
19:44 Ticket #832 (OCSP_basic_verify : unable to get certificate CRL) closed by Maxim Dounin
wontfix: When ssl_crl is used, it applies to OCSP verifications as well, …
16:43 Ticket #832 (OCSP_basic_verify : unable to get certificate CRL) created by mttcr@…
Hello, I am configuring a server with OCSP stapling. I have the …
15:09 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) updated by Valentin V. Bartenev
The side-effect is cased by ignoring Content-Length in that case.
15:01 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) updated by Valentin V. Bartenev
Status changed
Thank you for the report. Please try the following patch: […]

11/11/15:

22:14 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) updated by Brian Stanback
For what it's worth, the issue was actually happening to me on …
22:12 Ticket #831 (Possible incorrect handling of invalid headers with HTTP/2.0 and ...) created by Brian Stanback
When an invalid header is encountered, it appears that all subsequent …
19:39 Ticket #830 (400 Bad Request - No required SSL certificate was sent occurs randomly ...) updated by Jeffrey
Thanks, I've recompile with OpenSSL 1.0.2d, unfortunately that did not …
15:36 Ticket #830 (400 Bad Request - No required SSL certificate was sent occurs randomly ...) updated by Maxim Dounin
Note that OpenSSL used (1.0.1e) is rather old and has lots of known …
13:20 debug.txt attached to Ticket #830 by Jeffrey
debug log
13:20 Ticket #830 (400 Bad Request - No required SSL certificate was sent occurs randomly ...) created by Jeffrey
What is wrong? Subdomains are protected with a client …
12:47 Changeset in nginx [6290:4d5ac1a31d44] by Roman Arutyunyan <arut@…>
Upstream: proxy_cache_convert_head directive. The directive toggles …

11/10/15:

18:19 Ticket #829 (Drupal 8 and Nginx Configuration) updated by Ilyas Bakirov
https://www.nginx.com/resources/wiki/start/topics/recipes/drupal/
15:55 Ticket #829 (Drupal 8 and Nginx Configuration) created by iraneagle@…
Hi, Please create documentation about Drupal 8 and Nginx …
14:23 Ticket #828 (HTTP2 POST requests seg faulting) closed by Valentin V. Bartenev
duplicate: Everything indicates that it's a duplicate of #822.
11:37 bt.txt attached to Ticket #828 by leev@…
11:37 error.log attached to Ticket #828 by leev@…
11:37 Ticket #828 (HTTP2 POST requests seg faulting) created by leev@…
When upgrading from 1.9.5 to 1.9.6 all HTTP2 POST requests fail. GET …

11/09/15:

19:26 Ticket #827 (proxy_cache bug when using custom error pages) created by stackoverflow.com/users/220086/denis-pshenov
Hi, I have a very simple proxy config: http { proxy_cache_path …
12:36 Ticket #195 (Close connection if SSL not enabled for vhost) updated by Maxim Dounin
Sensitive changed
Readily available workaround is to use unsatisfiable cipher …
07:53 Ticket #195 (Close connection if SSL not enabled for vhost) updated by ghprince@…
Hi, it's been 3 years, any update on this?

11/06/15:

12:22 Changeset in nginx [6306:b1858fc47e3b] by Ruslan Ermilov <ru@…>
Style: unified request method checks.
12:21 Changeset in nginx [6311:44122bddd9a1] by Ruslan Ermilov <ru@…>
Proxy: improved code readability. Do not assume that space character …
10:03 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by nick
pantsman0, You need to activate your NGINX Plus Support as described …

11/05/15:

19:58 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by Roman Arutyunyan
Use logs to figure out if the second request belongs to the same nginx …
14:41 Ticket #826 (Add config option for NGX_HTTP_CACHE_VARY_LEN) updated by Maxim Dounin
There are no plans to add configurable option, this is an overkill and …
12:06 Ticket #822 (Worker process crashing (exit, signal 11)) closed by Valentin V. Bartenev
fixed
12:05 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valentin Bartenev <vbart@…>
In [changeset:"0f4b7800e681cd82dfb55ae72fc38a366a33d755/nginx"
12:01 Changeset in nginx [6345:5ae5142d39a3]stable-1.8 by Valentin Bartenev <vbart@…>
SSL: only select SPDY using NPN if "spdy" is enabled. OpenSSL doesn't …
12:01 Changeset in nginx [6289:909b5b191f25] by Valentin Bartenev <vbart@…>
SSL: only select HTTP/2 using NPN if "http2" is enabled. OpenSSL …
12:01 Changeset in nginx [6288:0f4b7800e681] by Valentin Bartenev <vbart@…>
HTTP/2: backed out 16905ecbb49e (ticket #822). It caused …
10:13 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by pantsman0@…
arut: I have updated the sample configuration file to remove the typos …
09:51 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by nick
NGINX Plus is fully supported software. You can receive very quick …
02:49 sample_ntlm_upstream.conf attached to Ticket #825 by pantsman0@…
sample configuration file

11/04/15:

14:10 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by Roman Arutyunyan
Your config obviously has wrong syntax - missing semicolons in the …

11/03/15:

23:08 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by pantsman0@…
The issue does not occur when you are actively accessing the site. If …
13:13 Ticket #826 (Add config option for NGX_HTTP_CACHE_VARY_LEN) created by Neil Craig
Hi Currently NGX_HTTP_CACHE_VARY_LEN is hardcoded at 42 characters in …
10:30 Ticket #825 (NTLM option in upstream module allows authentication bypass) updated by Roman Arutyunyan
Please describe how do you observe the issue? In ntlm proxy mode nginx …
01:01 Ticket #825 (NTLM option in upstream module allows authentication bypass) created by pantsman0@…
When using the upstream module with ntlm authentication, users are …

11/02/15:

19:45 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Bruno Bigras
I had those crashes while using nagios. The patch seems to have fixed …

10/30/15:

19:25 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) closed by Maxim Dounin
fixed: Fix committed, thanks for reporting the problem and testing the patch.
19:20 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by Maxim Dounin <mdounin@…>
In [changeset:"4ccb37b04454dec6afb9476d085c06aea00adaa0/nginx"
18:43 Changeset in nginx [6344:a8ecb0a2193f]stable-1.8 by Maxim Dounin <mdounin@…>
Fixed ngx_parse_time() out of bounds access (ticket #821). The code …
18:43 Changeset in nginx [6287:4ccb37b04454] by Maxim Dounin <mdounin@…>
Fixed ngx_parse_time() out of bounds access (ticket #821). The code …
14:22 Ticket #738 (Describe how to extend mime.types in types docs) updated by Maxim Dounin
Component changed
14:22 Ticket #781 (Documentation not clear on auth_basic_user_file) updated by Maxim Dounin
Component changed
14:21 Ticket #803 (proxy_pass differs in behavior if used with variable substitution) updated by Maxim Dounin
Component changed
14:16 Ticket #712 (limit_conn and internal redirects) updated by Maxim Dounin
Status, Component changed
13:51 Ticket #779 (allow relative path to log files) closed by Maxim Dounin
invalid: Relative paths are allowed, though they work from prefix, not from …
13:43 Ticket #344 (SSL proxy - CRL verification error) closed by Maxim Dounin
worksforme: When using intermediate CAs, a file with CRLs is expected to contain …
13:40 Ticket #822 (Worker process crashing (exit, signal 11)) updated by maxim
Status, Owner changed
13:26 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) closed by Maxim Dounin
wontfix
13:26 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) reopened by Maxim Dounin

10/29/15:

17:46 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) closed by Valentin V. Bartenev
fixed: Almost all directives in nginx are based on this principle. The …
17:29 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) reopened by arno01@…
This is exactly the opposite of what I want, thus I have tried to …
14:57 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valentin V. Bartenev
The following patch should fix the issue: […]
13:25 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valentin V. Bartenev
Status changed
Thank you for the report. We are able to reproduce.
12:03 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Nick
Confim this bug - had to downgrade to 1.9.5. Nginx works as a proxy …
11:58 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by wkuranowski@…
I can confirm that your patch solves this issue. I am also unable to …
10:09 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valerian Saliou
I see some XML traces in the dump. We're using NGINX to proxy a large …
10:04 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valerian Saliou
Replying to maxim: > Hi, > > not exactly -- the binary …
09:56 Ticket #822 (Worker process crashing (exit, signal 11)) updated by maxim
Hi, not exactly -- the binary misses debug symbols. There are two …
09:20 Tickets #783,​677 batch updated by Vladimir Homutov <vl@…>
In [changeset:"a6a2016b8e31e3fd26aaf32c952d9643161925c6/nginx"
02:22 Ticket #736 (Nginx responses 412 to invalid If-Unmodified-Since request-header) updated by Maxim Dounin
All of the above times are recognized by nginx to be -1, the last UTC …
01:50 Ticket #701 (nginx -s stop and -s quit hang on Yosemite) closed by Maxim Dounin
worksforme: Works fine here.
01:47 Ticket #824 (NGINX returning 404 on proxy timeout instead of 504 when request is a POST) updated by Maxim Dounin
Unless you've configured nginx to return a custom error page for 504 …
01:23 Ticket #738 (Describe how to extend mime.types in types docs) updated by Maxim Dounin
Component changed
01:19 Ticket #795 (nginx 1.9.5-1 with deb package can't be install on ubuntu with error) closed by Maxim Dounin
invalid: As suggested, removing conflicting packages should help.
01:15 Ticket #796 (nginx.pid is removed during reload if pid path is changed in ...) closed by Maxim Dounin
wontfix: Feedback timeout.
00:47 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) closed by Maxim Dounin
wontfix: If you don't want nginx to add a header in a particular …

10/28/15:

20:49 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valerian Saliou
I hope this is what you are asking for -- I'm not familiar with those …
20:48 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valerian Saliou
Core dump: ---- [root@jappix debugcores]# gdb /usr/sbin/nginx …
20:45 Ticket #824 (NGINX returning 404 on proxy timeout instead of 504 when request is a POST) created by brad.getsensibill.com@…
Hello, We have been diagnosing a strange issue in our systems error …
20:42 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valerian Saliou
nginx -V output: ---- nginx version: nginx/1.9.6 built by gcc 4.9.2 …
20:30 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) updated by arno01@…
There is another problem, when I am adding "add_header" to some of …
20:14 Ticket #823 (Add disable_header option (opposite of add_header) which would let ...) created by arno01@…
Dear devs, I think it would be nice to have "disable_header" option. …
18:26 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by Maxim Dounin
Please try the following patch (problem found by Roman Arutyunyan): […]
17:25 Ticket #822 (Worker process crashing (exit, signal 11)) updated by maxim
Hi, could you please provide a stack trace from the coredump? …
17:07 Ticket #822 (Worker process crashing (exit, signal 11)) updated by Valerian Saliou
As a side note: I could not reproduce the issue on my end. A buggy …
17:04 Ticket #822 (Worker process crashing (exit, signal 11)) created by Valerian Saliou
Hello, Since updating from 1.9.5 to 1.9.6 a few hours ago, I'm …
12:07 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by wkuranowski@…
I also see that a request in file "missing_expires.txt" has …
11:04 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by wkuranowski@…
Ok, I think that missing gzip filter is because of "Via" header…
10:39 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by wkuranowski@…
I have found another interesting example. There is no Expires header …
10:38 missing_gzip_missing_expires.txt attached to Ticket #821 by wkuranowski@…
Missing Gzip and Expires

10/27/15:

22:58 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by wkuranowski@…
I have captured responses without Expires header. Let me know if you …
22:55 correct_expires.txt attached to Ticket #821 by wkuranowski@…
Correct Expires header
22:55 missing_expires.txt attached to Ticket #821 by wkuranowski@…
Missing Expires header
21:05 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by wkuranowski@…
I have a new hint - I am unable to find missing Expires header when …
20:16 Changeset in nginx [6285:1f26bf65b1bc] by Valentin Bartenev <vbart@…>
HTTP/2: changed behavior of the "http2_max_field_size" directive. Now …
20:16 Changeset in nginx [6284:66ee1c5cb6aa] by Valentin Bartenev <vbart@…>
HTTP/2: fixed spelling.
20:16 Changeset in nginx [6283:86b5f146b121] by Valentin Bartenev <vbart@…>
Version bump.
17:14 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) updated by Maxim Dounin
Description changed
Please provide [[http://nginx.org/en/docs/debugging_log.html|debug
16:26 Ticket #821 (Header "Expires" and "Cache-Control" is not sent for random requests ...) created by wkuranowski@…
There is a problem with missing "Expires" and "Cache-Control" headers …
14:14 Milestone 1.9.6 completed
Status: scheduled Trunk: mainline * Bug fixes release
13:47 Changeset in nginx [6282:f1424eef1966] by Maxim Dounin <mdounin@…>
release-1.9.6 tag
13:47 Changeset in nginx [6281:b78018cfaa2f]release-1.9.6 by Maxim Dounin <mdounin@…>
nginx-1.9.6-RELEASE

10/26/15:

17:05 Ticket #818 (error_log host information is confusing) updated by Maxim Dounin
Please read …
16:54 Ticket #818 (error_log host information is confusing) updated by tamere22@…
I understand this is not a bug :) But I don't understand the logic …
16:16 Ticket #818 (error_log host information is confusing) updated by Maxim Dounin
In your configuration as provided, the listen socket on port 443 is …
16:06 Changeset in nginx [6286:a6a2016b8e31] by Vladimir Homutov <vl@…>
Syslog: added "nohostname" option. The option disables sending …
15:55 Ticket #818 (error_log host information is confusing) updated by tamere22@…
Full unaltered configuration is problematic for me as it is our main …
14:46 Changeset in nginx [6280:16905ecbb49e] by Valentin Bartenev <vbart@…>
HTTP/2: simplified checking the END_STREAM flag. No functional changes.
14:46 Changeset in nginx [6279:c72eaf694d99] by Valentin Bartenev <vbart@…>
HTTP/2: improved the ngx_http_v2_integer_octets(v) macro. Previously, …
14:46 Changeset in nginx [6278:b78df0822168] by Valentin Bartenev <vbart@…>
HTTP/2: fixed the NGX_HTTP_V2_MAX_FIELD macro.
12:54 Ticket #820 (Add neverbleed support) closed by Maxim Dounin
wontfix: As of nginx 1.7.9+, loading of secret keys via arbitrary OpenSSL …

10/25/15:

02:04 Ticket #820 (Add neverbleed support) created by HLFH@…
Hi, [Neverbleed](https://github.com/h2o/neverbleed) is a privilege …

10/24/15:

01:21 Changeset in nginx [6619:67938e63758d] by Piotr Sikora <piotrsikora@…>
Configure: remove auto/lib/test, unused since nginx-0.1.2. …

10/23/15:

10:48 Ticket #819 (http auth digest new fork) closed by thresh
invalid

10/22/15:

22:43 Ticket #819 (http auth digest new fork) updated by CyberCr33p@…
I found that my OS is responsible for downloading the 3rd party …
22:26 Ticket #819 (http auth digest new fork) created by CyberCr33p@…
nginx 1.8 and 1.9 download http-auth-digest from …
15:24 Ticket #800 (Variable $server_protocol is empty on HTTP2) updated by Rob Janssen
Replying to vbart: > and since the variable is mostly used …

10/21/15:

15:28 Ticket #818 (error_log host information is confusing) updated by Maxim Dounin
This may happen if a connection is accepted on a listening socket …
15:05 Ticket #818 (error_log host information is confusing) updated by tamere22@…
Replying to mdounin: > The host is a host from a request …
13:45 Ticket #818 (error_log host information is confusing) closed by Maxim Dounin
invalid: The host is a host from a request (see http://nginx.org/r/$host), and …
13:17 Ticket #818 (error_log host information is confusing) created by tamere22@…
Hi, I think it's a bug because log_format is not possible with …

10/20/15:

16:39 Ticket #608 (Please specify prototyping behavior for nginx.xs) closed by Maxim Dounin
fixed: Fixed by c6cc0b79a43d.
16:38 Ticket #235 (segfault with SNI and ssl_session_cache assymetrical configuration) closed by Maxim Dounin
fixed: Fix committed and will be available in upcoming nginx 1.9.6.
16:32 Ticket #235 (segfault with SNI and ssl_session_cache assymetrical configuration) updated by Maxim Dounin <mdounin@…>
In [changeset:"97f102a13f3373ed27d1d0d8f78ac9af8d88a0ff/nginx"
02:14 Ticket #817 (Wrong or undocumented srever resolving) closed by Maxim Dounin
invalid: When you have a listening socket configured for a particular IP …
00:52 Ticket #817 (Wrong or undocumented srever resolving) updated by marunin@…
The same problem exists for very old nginx version: nginx/0.7.67 TLS …
00:51 nginx_bug.log attached to Ticket #817 by marunin@…
debug log for request
00:51 nginx_bug.conf attached to Ticket #817 by marunin@…
Bug config
00:47 Ticket #817 (Wrong or undocumented srever resolving) created by marunin@…
I you mix listen <ip_name>:80 and listen 80 Than servers with listen …

10/19/15:

18:22 Changeset in nginx [6343:60ae75969588]stable-1.8 by Maxim Dounin <mdounin@…>
SSL: preserve default server context in connection (ticket #235). …
14:59 Ticket #813 (Double encoding of utf-8 strings inside x509 certificates) updated by Maxim Dounin
The phpinfo() provided shows representation that OpenSSL produces, …
13:32 Ticket #813 (Double encoding of utf-8 strings inside x509 certificates) updated by Spindel@…
This isn't only in access logs, it's also in parameters passed into …

10/15/15:

01:10 Ticket #810 (OCSP Stapling fails if first relevant server block lacks ssl_stapling ...) closed by Maxim Dounin
wontfix: I think I finally tracked this (there were some complains previously …
Note: See TracTimeline for information about the timeline view.