Timeline



02/03/19:

17:45 Ticket #1718 (More info on ssl_early_data security) updated by Maxim Dounin
If such attacks are possible in your infrastructure, they cannot be …

02/02/19:

18:37 Ticket #1718 (More info on ssl_early_data security) updated by Sam Bull
So, something like this mentioned attack is unrelated? "Exploiting …
17:25 Ticket #1718 (More info on ssl_early_data security) closed by Maxim Dounin
invalid: No. Moreover, nginx [http://hg.nginx.org/nginx/rev/548a63b354a2#l1.31
13:10 Ticket #1718 (More info on ssl_early_data security) created by Sam Bull
I'm looking at the RFC relating to 0-RTT, and trying to understand how …

02/01/19:

14:35 Ticket #1717 (server info) closed by maxim
wontfix: Hello. No, we are not going to do that in any overseable future. …
14:21 Ticket #1717 (server info) created by https://stackoverflow.com/users/10070111/misha-shaygu
hi please set default config server_tokens on to off. …
03:11 Ticket #1716 (http2 ssl verify certificate failed should close tcp connection) created by xujunHW@…
when http2 ssl verify certificate failed, nginx send err response with …

01/31/19:

18:06 Ticket #1215 (Add support for SHA2 (SHA3?) family for RFC2307 passwords for HTTP ...) updated by Maxim Dounin
Replying to zasca@…: > Nginx already …
16:36 Changeset in nginx [7454:e72c8a8a8b10] by Maxim Dounin <mdounin@…>
SSL: separate checks for errors in ngx_ssl_read_password_file(). …
16:28 Changeset in nginx [7453:873150addfeb] by Ruslan Ermilov <ru@…>
SSL: explicitly zero out session ticket keys.
14:25 Changeset in nginx [7452:570d8c626eea] by Roman Arutyunyan <arut@…>
Modules compatibility: down flag in ngx_peer_connection_t.
14:02 Changeset in nginx_org [2329:c058e44b4111] by Andrei Belov <defan@…>
Linux packages: added Alpine 3.9.
11:15 Ticket #1215 (Add support for SHA2 (SHA3?) family for RFC2307 passwords for HTTP ...) updated by zasca@…
Nginx already supports

01/30/19:

10:05 Changeset in nginx_org [2327:5ecdddc3851e] by Konstantin Pavlov <thresh@…>
Updated links to linux packages page.
10:05 Changeset in nginx_org [2326:5d045e964270] by Konstantin Pavlov <thresh@…>
Moved the repository introduction paragraph to an appropriate place.
10:04 Changeset in nginx_org [2325:409d024ac536] by Konstantin Pavlov <thresh@…>
Emphasized that we provide Linux packages.
10:04 Changeset in nginx_org [2324:3cf6a0cbec12] by Konstantin Pavlov <thresh@…>
Added intra-page anchors and table of contents.
10:04 Changeset in nginx_org [2323:eaef8f4ca921] by Konstantin Pavlov <thresh@…>
Added Alpine Linux.
10:04 Changeset in nginx_org [2322:bb03e6ac2f16] by Konstantin Pavlov <thresh@…>
Added per-distro instructions on how to enable packages signature checks.
10:04 Changeset in nginx_org [2321:580c3007d242] by Konstantin Pavlov <thresh@…>
Merged version and codename.

01/29/19:

19:43 Ticket #1715 (Logs are no longer written to /dev/stdout after HUP, if daemon is on) closed by Maxim Dounin
wontfix: This is because opening /dev/stdout duplicates existing file …
17:10 Ticket #1715 (Logs are no longer written to /dev/stdout after HUP, if daemon is on) created by CamJN@…
In Passenger standalone we generate a config and start Nginx for the …
13:19 Changeset in nginx_org [2320:48e1ee5bbe97] by Yaroslav Zhuravlev <yar@…>
Updated with Netcraft January 2019 Web Server Survey stats.

01/28/19:

20:20 Ticket #1714 (Server Name Indication (SNI) in NGINX isn't honoring ssl_protocols, ...) updated by fortresslinux@…
You are right about the custom ciphers per server(). We mixed it up …
16:38 Ticket #844 (Allow support for different protocols on different hosts (same machine)) closed by Maxim Dounin
wontfix: For the record, [https://nginx-review.googlesource.com/c/nginx/+/3420
15:44 Ticket #844 (Allow support for different protocols on different hosts (same machine)) updated by Maxim Dounin
See also #1714.
15:42 Ticket #1714 (Server Name Indication (SNI) in NGINX isn't honoring ssl_protocols, ...) closed by Maxim Dounin
duplicate: > It should honor the second server ssl_ciphers and ssl_protocols (and …
15:08 Ticket #1714 (Server Name Indication (SNI) in NGINX isn't honoring ssl_protocols, ...) created by fortresslinux@…
== SNI bug: == Reproduce: Configure nginx (partly) as: […] Test …
13:17 Changeset in nginx-tests [1436:9d8b100a6ce3] by Dmitry Volyntsev <xeioex@…>
Tests: get rid of deprecated njs API in 0.2.2.
13:17 Changeset in nginx-tests [1435:cace66c3ce56] by Dmitry Volyntsev <xeioex@…>
Tests: removed js tests for deprecated njs API.
13:15 Ticket #1713 (proxy_ssl_session_reuse not working with proxy_pass containing variables) closed by Maxim Dounin
invalid: That's expected behaviour. SSL sessions are cached within a …
12:08 Ticket #1713 (proxy_ssl_session_reuse not working with proxy_pass containing variables) created by gchiesa@…
Hi, I'm trying to enable the proxy_ssl_session_reuse with dynamic …
10:21 Changeset in nginx_org [2319:c6a2d40342f4] by Ruslan Ermilov <ru@…>
Year 2019.

01/24/19:

14:05 Changeset in nginx-tests [1434:fc8341cf92a3] by Sergey Kandaurov <pluknet@…>
Tests: removed ngx_parse_inet6_url() "::" test from proxy.t. It …

01/23/19:

19:01 Ticket #416 (proxy_cache_use_stale run updating in new thread and serve stale data ...) closed by Maxim Dounin
fixed: Yes, thanks.
18:27 Ticket #416 (proxy_cache_use_stale run updating in new thread and serve stale data ...) updated by snizovtsev@…
Isn't proxy_cache_background_update directive introduced by …

01/22/19:

11:37 Changeset in nginx-tests [1433:3e0dcf1e7752] by Sergey Kandaurov <pluknet@…>
Tests: keep stream_udp_limit_rate.t TODOs for a while. It's useful to …

01/21/19:

17:13 Ticket #1709 (Не формируется Push-запрос) updated by wladimirmu@…
Replying to mdounin: > Проблемы в сторонних модулях стоит …
15:32 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) updated by vladimir.nikolic.74@…
True, using allocsize=64k in the mount options makes cache size …
13:20 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) closed by Maxim Dounin
duplicate: Quick search suggests that by default XFS is using speculative …
10:20 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) reopened by vladimir.nikolic.74@…
I had seen #157 before opening this issue. We are using default xfs …

01/18/19:

22:08 Ticket #157 (cache max_size limit applied incorrectly with xfs) updated by Maxim Dounin
See also #1712.
22:08 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) closed by Maxim Dounin
duplicate: There is a known problem with XFS when using large allocsize= in …
13:05 Changeset in nginx-tests [1432:d17fb72140f2] by Sergey Kandaurov <pluknet@…>
Tests: adjusted stream_udp_limit_rate.t for slow hosts. Upload could …
12:29 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) created by vladimir.nikolic.74@…
If we put nginx proxy_cache_path and proxy_temp_path nginx …
11:00 Ticket #1711 (TLS 1.3 on Windows build) created by Obscurax@…
As TLS 1.3 was ratified lat year, it would be nice if nginx for …

01/17/19:

16:29 Changeset in nginx-tests [1431:aab729315dca] by Sergey Kandaurov <pluknet@…>
Tests: stream_udp_limit_rate.t TODOs removed, fix committed.

01/16/19:

15:32 Changeset in nginx-tests [1430:bba26f4b40ef] by Sergey Kandaurov <pluknet@…>
Tests: stream limit rate tests with datagrams.
13:36 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) updated by Maxim Dounin
For questions on how to configure nginx, consider using …
13:14 Ticket #1709 (Не формируется Push-запрос) closed by Maxim Dounin
invalid: Проблемы в сторонних модулях стоит адресовать авторам этих модулей.
10:20 Ticket #1710 (ngx_http_dav_module: Allow to configure some anti-overwrite) created by JulienPalard@…
Maybe I didn't found an existing way to do so... I'd like to protect …
09:19 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) updated by arvindkrbhatt@…
I logged the same ticket in for Jenkins …
02:48 Ticket #1709 (Не формируется Push-запрос) created by wladimirmu@…
Включил http2_push_preload on;, если делать заголовок с nginx или …

01/15/19:

09:32 Changeset in nginx-tests [1429:f7f387086278] by Sergey Kandaurov <pluknet@…>
Tests: upstream ip_hash tests with IPv6 and unix sockets.

01/14/19:

13:07 Changeset in nginx-tests [1428:4c43a0ebcd2d] by Sergey Kandaurov <pluknet@…>
Tests: reverted 2f7d7953b2a8 after FreeBSD-EN-19:02.tcp.

01/12/19:

05:46 Ticket #1708 (closed_nodes in h2c should define as ngx_uint_t) updated by Maxim Dounin
Thanks for the report, this indeed seems possible if …

01/11/19:

15:07 Ticket #1705 (Enable ssl if ssl_certificate is present) updated by Maxim Dounin
Because it is better to be explicit in what you want from the …
10:18 Ticket #1708 (closed_nodes in h2c should define as ngx_uint_t) created by zhengjinhuanHW@…
When h2c->processing exceeds 256 and all streams are released, the …
08:01 Ticket #1705 (Enable ssl if ssl_certificate is present) updated by Olaf van der Spek
> I don't think this is a good feature. Why?

01/10/19:

16:25 Ticket #1692 (Zero level domain) updated by Maxim Dounin
Replying to Highter87@…: > Ok. "google.com." -> redirect …
14:42 Changeset in nginx-tests [1427:eb1d883305ea] by Sergey Kandaurov <pluknet@…>
Tests: avoid edge cases in upstream random two test. Unavailable …
14:03 Ticket #86 (the "if" directive have problems in location context) updated by Maxim Dounin
See also #1707.
14:03 Ticket #1707 (try_files doesn't work sometimes) closed by Maxim Dounin
duplicate: The try_files directive is not inherited into the if block, and …
10:54 Ticket #1707 (try_files doesn't work sometimes) created by fuweichin@…
My site uses HTML5 History state and now I need to configure nginx to …
07:32 Ticket #1692 (Zero level domain) updated by Highter87@…
Replying to mdounin: > This behaviour is also in line with …
02:32 Ticket #1704 (Nginx should have a friendly notice when config file have same port ...) updated by dannyZhou@…
Sorry it's my fault. English is poor.

01/09/19:

16:29 Ticket #1696 (NGINX does not update cached response of POST requests) updated by Maxim Dounin
Could you please: 1. Make sure there are no 3rd party modules loaded. …
16:02 Ticket #1706 (Orphan processes after fatal signals) closed by Maxim Dounin
invalid: Thank you for your feedback. Doing anything in case of fatal signals …
15:14 Ticket #1706 (Orphan processes after fatal signals) created by jiazhouyang09@…
Hi, I'm a PhD student, and I'm studying how software handles signals. …
13:32 Ticket #1705 (Enable ssl if ssl_certificate is present) closed by Maxim Dounin
wontfix: I don't think this is a good feature. Rather, I would prefer to remove …
13:22 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
The patch helped - it works as expected. Thank!
13:14 Ticket #1704 (Nginx should have a friendly notice when config file have same port ...) closed by Maxim Dounin
invalid: The message says: […] which clearly warns about conflicting server …
09:59 Ticket #1705 (Enable ssl if ssl_certificate is present) created by Olaf van der Spek
> If the directive is not present then either *:80 is used if nginx …
09:12 Changeset in nginx_org [2328:9aa6f3f76055] by Vladimir Homutov <vl@…>
Described synchronization of delete operations in keyval module.
01:42 Ticket #1704 (Nginx should have a friendly notice when config file have same port ...) created by dannyZhou@…
nginx.conf to reproduce. […] Two server blocks with same listen …

01/08/19:

19:19 Ticket #1696 (NGINX does not update cached response of POST requests) updated by azhuchkov@…
I confirm the same issue for mainline version nginx/1.15.8: files of …

01/07/19:

18:26 Changeset in nginx_org [2318:0ef48463e075] by Maxim Konovalov <maxim@…>
Regenerated.
18:26 Changeset in nginx_org [2317:0aaa69eab2ca] by Maxim Konovalov <maxim@…>
nginx cookbook promo.
04:31 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) closed by Maxim Dounin
invalid: To return cookies with the "Secure" flag set, consider instructing …
03:00 Ticket #1702 ([NGINX Plus Openid connect]:audience check failed for array type field) closed by Maxim Dounin
invalid: This Trac is for nginx. If you have issues with OpenID Connect …
02:59 Ticket #1703 ([NGINX Plus Openid Connect]: error log printing variable not value) closed by Maxim Dounin
invalid: This Trac is for nginx. If you have issues with OpenID Connect …

01/06/19:

15:49 Ticket #1702 ([NGINX Plus Openid connect]:audience check failed for array type field) updated by chunilalkukreja@…
I faced this issue with 3 legged authz code flow. And i believe this …
15:14 Ticket #1703 ([NGINX Plus Openid Connect]: error log printing variable not value) created by chunilalkukreja@…
If audience validation fails it throws error & dumps it to …
14:45 Ticket #1702 ([NGINX Plus Openid connect]:audience check failed for array type field) created by chunilalkukreja@…
With nginx plus openid connect feature, if the id_token has "aud" …

01/04/19:

09:19 Capture.PNG attached to Ticket #1701 by arvindkrbhatt@…
secure cookies screen shot
09:19 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) created by arvindkrbhatt@…
we are using Nginx running as container but we see cookies/session ids …
05:25 Ticket #1700 (UDP connections are terminated when updating Nginx executable file ...) closed by Maxim Dounin
wontfix: This is expected. Since there is single UDP socket to handle all …
04:37 Ticket #1699 (encoding error ssl_stapling_file) closed by Maxim Dounin
invalid: The "ssl_stapling_file" directive needs an OCSP response obtained from …
Note: See TracTimeline for information about the timeline view.