Timeline



01/07/19:

18:26 Changeset in nginx_org [2318:0ef48463e075] by Maxim Konovalov <maxim@…>
Regenerated.
18:26 Changeset in nginx_org [2317:0aaa69eab2ca] by Maxim Konovalov <maxim@…>
nginx cookbook promo.
04:31 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) closed by Maxim Dounin
invalid: To return cookies with the "Secure" flag set, consider instructing …
03:00 Ticket #1702 ([NGINX Plus Openid connect]:audience check failed for array type field) closed by Maxim Dounin
invalid: This Trac is for nginx. If you have issues with OpenID Connect …
02:59 Ticket #1703 ([NGINX Plus Openid Connect]: error log printing variable not value) closed by Maxim Dounin
invalid: This Trac is for nginx. If you have issues with OpenID Connect …

01/06/19:

15:49 Ticket #1702 ([NGINX Plus Openid connect]:audience check failed for array type field) updated by chunilalkukreja@…
I faced this issue with 3 legged authz code flow. And i believe this …
15:14 Ticket #1703 ([NGINX Plus Openid Connect]: error log printing variable not value) created by chunilalkukreja@…
If audience validation fails it throws error & dumps it to …
14:45 Ticket #1702 ([NGINX Plus Openid connect]:audience check failed for array type field) created by chunilalkukreja@…
With nginx plus openid connect feature, if the id_token has "aud" …

01/04/19:

09:19 Capture.PNG attached to Ticket #1701 by arvindkrbhatt@…
secure cookies screen shot
09:19 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) created by arvindkrbhatt@…
we are using Nginx running as container but we see cookies/session ids …
05:25 Ticket #1700 (UDP connections are terminated when updating Nginx executable file ...) closed by Maxim Dounin
wontfix: This is expected. Since there is single UDP socket to handle all …
04:37 Ticket #1699 (encoding error ssl_stapling_file) closed by Maxim Dounin
invalid: The "ssl_stapling_file" directive needs an OCSP response obtained from …

01/02/19:

21:18 Changeset in nginx-tests [1426:a8d18c2852ab] by Sergey Kandaurov <pluknet@…>
Tests: userid TODO adjusted, fix committed.
21:16 Changeset in nginx-tests [1425:2f7d7953b2a8] by Sergey Kandaurov <pluknet@…>
Tests: skip certain tests on FreeBSD 12.0. The tests trip over a bug …
12:50 Ticket #1700 (UDP connections are terminated when updating Nginx executable file ...) created by podko.andrew@…
UDP handling allow to use it for OpenVPN balancing, but Nginx isn't …

01/01/19:

19:11 Ticket #1699 (encoding error ssl_stapling_file) created by n8v8R@…
[…] nginx -t then produces: [emerg] 24249#24249: …

12/31/18:

17:30 Ticket #1698 (A minor optimization for ngx_log_debug) closed by Maxim Dounin
invalid: You are not expected to use more than one level in ngx_log_debugN() …
08:00 Ticket #1698 (A minor optimization for ngx_log_debug) updated by chronolaw@…
sorry for the wrong patch filename ,I have uploaded the right …
07:58 ngx_log.h.patch attached to Ticket #1698 by chronolaw@…
07:56 ngx_log.c.patch attached to Ticket #1698 by chronolaw@…
07:53 Ticket #1698 (A minor optimization for ngx_log_debug) created by chronolaw@…
In ngx_log_debug, it will compare log_level and level use '&',but if …

12/30/18:

20:57 Ticket #1697 (mail proxy: ManageSieve protocol support) created by muhlemmer@…
I'm representing the small FOSS community of …

12/29/18:

16:25 Ticket #1529 (Could not configure TLS1.3 ciphers in OpenSSL 1.1.1 pre4) updated by Laurence 'GreenReaper' Parry
While I sympathize with the desire not to implement an interface which …

12/27/18:

17:19 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by Maxim Dounin
Thanks for checking. Corruption of the response produced by the slice …
16:37 Changeset in nginx [7441:8acaa1161783] by Roman Arutyunyan <arut@…>
Stream: do not split datagrams when limiting proxy rate. Previously, …
13:09 Ticket #1696 (NGINX does not update cached response of POST requests) updated by azhuchkov@…
Sorry, forgot to put cache and backend configs. Here they are: […]
12:20 Ticket #1696 (NGINX does not update cached response of POST requests) created by azhuchkov@…
Recently I configured caching of POST requests. It's not user input, …
12:03 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
I added an archive with a cache directory with all parts of the file.
12:01 bugceph.tar.gz attached to Ticket #1695 by greenx@…
content cache directory
11:36 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
We reproduced it. I attach three files: two pcap files and source …
11:35 file attached to Ticket #1695 by greenx@…
11:28 nginx-client.pcap attached to Ticket #1695 by greenx@…
trafic from nginx to client
11:28 ceph-nginx.pcap attached to Ticket #1695 by greenx@…
trafic from ceph to nginx
08:23 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
Just FYI, there are no plans to fix the approach on the OpenSSL side, …
06:26 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
I changed the logging level from error to warn. Now I see this …

12/26/18:

19:36 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by Maxim Dounin
The message should be there unless you are using higher logging level. …
18:34 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
The statement is true, but the error log is empty. Maybe it is not …
16:18 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by Maxim Dounin
Priority, Keywords changed
So, the backend returns a 206 response with: 1. Content-Range
11:52 range-bug-with-SLO.png attached to Ticket #1695 by greenx@…
11:52 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) created by greenx@…
We found that data is corrupted in static large objects (SLO swift …

12/25/18:

15:09 Milestone nginx-1.15.8 completed
Status: scheduled Trunk: mainline * Bug fixes
14:53 Changeset in nginx [7437:6d15e452fa2e] by Maxim Dounin <mdounin@…>
release-1.15.8 tag
14:53 Changeset in nginx [7436:ee551e3f6dba]release-1.15.8 by Maxim Dounin <mdounin@…>
nginx-1.15.8-RELEASE
12:26 Changeset in nginx [7451:d864ee67b5ae] by Ruslan Ermilov <ru@…>
Use %s for errors returned from configuration parsing handlers.
10:56 Changeset in nginx-tests [1424:5bee71e1548f] by Sergey Kandaurov <pluknet@…>
Tests: adjusted stream udp test with failed peer.
10:56 Changeset in nginx-tests [1423:29d0961bc3f7] by Sergey Kandaurov <pluknet@…>
Tests: aligned generic read timeouts in stream and mail tests.
09:59 Changeset in nginx [7435:a91b93f3f3e7] by Vladimir Homutov <vl@…>
Autoindex: fixed possible integer overflow on 32-bit systems.
08:54 Milestone njs-0.2.7 completed
Planned features: * Object.entries() and values() methods * Rest …

12/24/18:

18:07 Changeset in nginx [7433:061ec464813f] by Maxim Dounin <mdounin@…>
Win32: removed NGX_DIR_MASK concept. Previous interface of …
16:56 Changeset in nginx-tests [1422:2d7fcd713b66] by Sergey Kandaurov <pluknet@…>
Tests: added userid tests with IPv6 and unix sockets.
16:55 Changeset in nginx [7432:ecc97cb0eda4] by Sergey Kandaurov <pluknet@…>
Userid: using stub for AF_UNIX addresses. Previously, AF_UNIX …
14:30 Changeset in nginx [7434:e3b262e7fc88] by Gena Makhomed <gmm@…>
Contrib: vim syntax, update core and 3rd party module directives.
11:24 Changeset in nginx-tests [1421:4e48bf51714f] by Sergey Kandaurov <pluknet@…>
Tests: aligned various generic read timeouts to http_end(). It was …
09:43 Ticket #1661 (Nginx repository for ubuntu has no Release file for cosmic (18.10)) closed by thresh
fixed: Correct, both stable and mainline now carry cosmic versions.

12/23/18:

11:23 Ticket #1661 (Nginx repository for ubuntu has no Release file for cosmic (18.10)) updated by Laurence 'GreenReaper' Parry
This seems to be done, at least in mainline! Unfortunately with i386 …
11:22 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) updated by Laurence 'GreenReaper' Parry
Replying to yura3d@…: > I think the solution suggested by …

12/21/18:

13:26 Ticket #1694 (Prefer SNI name to Host header when selecting server block) closed by Maxim Dounin
invalid: In theory, you are right. SNI was designed to be used with the only …
04:28 Ticket #1694 (Prefer SNI name to Host header when selecting server block) created by cHYzZQo@…
Let's say I have a config file that looks like this. […] If I …

12/20/18:

22:32 Ticket #1693 (Documentation bug: Redirects without localization end up insecure) created by guardrex@…
Redirects without localization end up insecure The secure link ... …
17:10 Milestone unit-1.7 completed
Planned features: * nodejs support improvements
14:36 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
Got it, thanks for the explanation!
14:35 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by Maxim Dounin
The status is correct. We may, however, consider introducing a …
14:15 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
So the status of #1529 as "won't fix" is wrong, and you are
14:10 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by Maxim Dounin
This ticket is closed because it is duplicate of #1529 (the "planned …
12:41 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
I don't really get the situation - #1533 (this one) is closed, …

12/19/18:

09:51 Changeset in nginx-tests [1420:ea593a9bab09] by Sergey Kandaurov <pluknet@…>
Tests: adjusted read timeout in HTTP/2 request buffering tests.

12/18/18:

15:37 Ticket #1692 (Zero level domain) updated by Maxim Dounin
> "The example.com and example.com. domains are syntactically …
14:54 Changeset in nginx-tests [1419:16a8962ff246] by Sergey Kandaurov <pluknet@…>
Tests: upstream_response_length_variable tests, proxy.t merged. This …
12:15 Changeset in nginx [7431:294162223c7c] by Sergey Kandaurov <pluknet@…>
SSL: avoid reading on pending SSL_write_early_data(). If …
08:02 Ticket #1692 (Zero level domain) updated by Highter87@…
"The example.com and example.com. domains are syntactically …

12/17/18:

16:31 Ticket #816 (Allow h2c and HTTP/1.1 support on the same listening socket) updated by AlekSi@…
It would be great to have that feature.

12/16/18:

22:41 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) closed by Maxim Dounin
fixed: We cannot selectively enable or disable TLSv1.3 without relying on the …
19:30 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) reopened by yura3d@…
I think the solution suggested by @mdounin above is strange. I have …
10:06 Changeset in nginx-tests [1418:f3422a4fe349] by Sergey Kandaurov <pluknet@…>
Tests: simple geo module tests with unix socket address.
10:05 Changeset in nginx-tests [1417:ea796652fcdc] by Sergey Kandaurov <pluknet@…>
Tests: added missing proxy prerequisites.

12/15/18:

14:16 Ticket #1690 (Add MITM detection) updated by Fabian Franz BSc
I got it working in njs: …

12/14/18:

17:18 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) closed by Maxim Dounin
fixed: Fix committed, thanks.
16:55 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by Maxim Dounin <mdounin@…>
In [changeset:"286ae954009dd9249ba9652cb53461de908d9f10/nginx"
15:11 Changeset in nginx [7430:286ae954009d] by Maxim Dounin <mdounin@…>
Geo: fixed handling of AF_UNIX client addresses (ticket #1684). …

12/13/18:

14:27 Ticket #1692 (Zero level domain) closed by Maxim Dounin
invalid: The example.com and example.com. domains are syntactically …
14:23 Changeset in nginx [7429:e573d74299a0] by Ruslan Ermilov <ru@…>
Upstream: implemented $upstream_bytes_sent.
12:53 Ticket #1692 (Zero level domain) updated by Highter87@…
Sorry... This […] to redirect example.com, but i can access …
12:48 Ticket #1692 (Zero level domain) created by Highter87@…
Why is open domain: "nginx.org." - point at the end of the line? I …

12/12/18:

20:00 Changeset in nginx-tests [1416:d22717fcabdb] by Sergey Kandaurov <pluknet@…>
Tests: adjusted rate in limit_req_delay.t for slow hosts. If the …
17:58 Ticket #1690 (Add MITM detection) updated by Fabian Franz BSc
njs sounds like a good solution so i think it may work as the …
15:32 text.txt attached to Ticket #1689 by Nar
nginx -T
15:08 Ticket #68 (Include larger speed units for HttpLimitReqModule) updated by Maxim Dounin
The patch is wrong, it does not take into account that rates use fixed …
15:03 Ticket #1691 (ngx_http_browser_module treats amazon web service health checker as ...) updated by malarres@…
Thank you very much for the clarification
14:46 Ticket #1691 (ngx_http_browser_module treats amazon web service health checker as ...) closed by Maxim Dounin
invalid: The ancient_browser directive …
14:18 Ticket #1690 (Add MITM detection) updated by Maxim Dounin
I see at least two problems with this: 1. Detection of various TLS …
13:03 Ticket #1691 (ngx_http_browser_module treats amazon web service health checker as ...) created by malarres@…
Amazon Load Balancer performs a series of Health checks, and as user …
10:32 Ticket #68 (Include larger speed units for HttpLimitReqModule) updated by xdmitry@…
can we give it a go please? change is straightforward: […]
00:15 Ticket #1687 (Overrides system default minimum TLS version) updated by Kurt Roeckx
The nginx documentation currently says you can enable SSLv2 and SSLv3, …

12/11/18:

19:45 Ticket #1690 (Add MITM detection) created by Fabian Franz BSc
Caddy has a feature to detect TLS MITM attacks by comparing …
17:24 Ticket #1689 (Writing connections leak with http/2) updated by Maxim Dounin
Ok, so you observe open socket ... left in connection ... alerts on …
16:41 Changeset in nginx [7428:cbc5dee8d5d2] by Roman Arutyunyan <arut@…>
Resolver: report SRV resolve failure if all A resolves failed. …
16:33 Ticket #1689 (Writing connections leak with http/2) created by Nar
Writing connections counter is gradually grow up as shown on munin …
15:59 Changeset in nginx-tests [1415:01d806268a12] by Sergey Kandaurov <pluknet@…>
Tests: removed TODOs for gRPC fixes merged in 1.14.2.
15:29 Ticket #714 (Writing connection leak while SPDY enabled) closed by Maxim Dounin
duplicate: For most recent tickets about HTTP/2 issues, please refer to #1610, …
14:54 Ticket #1688 (want to get the socket port which use in nginx and upstream servers) updated by Maxim Dounin
Priority, Type changed
How do you expect to use such a variable?
13:10 Changeset in nginx-tests [1414:f5b18471e17a] by Sergey Kandaurov <pluknet@…>
Tests: proxy cache background update with regex captures.
11:12 Changeset in nginx-tests [1413:215f3357034b] by Dmitry Volyntsev <xeioex@…>
Tests: njs http global code.
10:12 Changeset in nginx [7426:4722b4b8aa93] by Roman Arutyunyan <arut@…>
Version bump.
10:09 Changeset in nginx [7427:81d49f85afed] by Roman Arutyunyan <arut@…>
Copy regex unnamed captures to cloned subrequests. Previously, …
03:11 Ticket #1688 (want to get the socket port which use in nginx and upstream servers) created by liutanrong@…
i can not log the backend_source_port,why nginx doesn't have a …

12/10/18:

22:04 Ticket #714 (Writing connection leak while SPDY enabled) reopened by Nar
Have same issue with nginx 1.15.7 [[Image(...)]] uname -a …
22:03 nginx_leak.jpg attached to Ticket #714 by Nar
14:54 Ticket #1687 (Overrides system default minimum TLS version) updated by Maxim Dounin
In theory. In practice, there are number of problems with this …
10:27 Changeset in nginx-tests [1412:aaaa8a40250b] by Sergey Kandaurov <pluknet@…>
Tests: adjusted proxy_cache_use_stale.t for slow hosts. The request …

12/09/18:

16:56 Ticket #1687 (Overrides system default minimum TLS version) updated by Kurt Roeckx
The point of system wide defaults is so that there actually is 1 place …
00:37 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by gdrbyKo1@…
Replying to mdounin: That makes sense, thank you. …

12/08/18:

19:41 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by Maxim Dounin
Replying to gdrbyKo1@…: > Thanks for your response. I just …
18:57 Ticket #1687 (Overrides system default minimum TLS version) closed by Maxim Dounin
wontfix: Thank you for your feedback. Allowed SSL protocol versions are …
10:10 Ticket #1687 (Overrides system default minimum TLS version) created by Kurt Roeckx
In https://hg.nginx.org/nginx/rev/7ad0f4ace359
03:35 Ticket #1686 (Log files ownership) closed by Maxim Dounin
invalid: On startup and on reload, log files are opened by the master process …
02:27 Ticket #1686 (Log files ownership) created by https://stackoverflow.com/users/573152/bernard-rosset
On log rotation, nginx seems to process …
Note: See TracTimeline for information about the timeline view.