Timeline



02/07/19:

20:27 Milestone unit-1.7.1 completed
Planned features: * Security fix
17:59 Ticket #621 (Could not allocate new session in SSL session shared cache) updated by rosenqui@…
+1 on changing this log entry from alert to warning. We've …
17:24 Changeset in nginx-tests [1440:5d0eb718f38e] by Dmitry Volyntsev <xeioex@…>
Tests: moved njs http headers test to a separate file.
17:23 Changeset in nginx-tests [1439:c083749bc47d] by Dmitry Volyntsev <xeioex@…>
Tests: added njs http r.headersOut tests.
17:14 Changeset in nginx_org [2330:2efd714bb10a] by Artem Konev <artem.konev@…>
Added Unit 1.7.1 release news.
16:39 Changeset in nginx [7455:992bf7540a98] by Sergey Kandaurov <pluknet@…>
SSL: fixed EVP_DigestFinal_ex() error message.

02/06/19:

17:19 Changeset in nginx-tests [1438:98facc98bb2e] by Dmitry Volyntsev <xeioex@…>
Tests: adapted js.t to set header changes in njs. Empty value means …
12:55 Ticket #1720 (gzip module documentation does not warn about BREACH) updated by Maxim Dounin
Priority, Type, Milestone changed
11:05 Ticket #1720 (gzip module documentation does not warn about BREACH) created by randomstuff@…
The gzip documentation …
09:17 Changeset in nginx-tests [1437:2fc21bdd6f0d] by Sergey Kandaurov <pluknet@…>
Tests: adjusted stream_udp_stream.t for slow hosts. A stream could …
08:37 Ticket #1719 (Enhance proxy_cache_min_uses directive) created by vadim.lazovskiy@…
When using nginx for caching large high traffic media it may have …

02/05/19:

15:05 Ticket #1693 (Documentation bug: Redirects without localization end up insecure) closed by Sergey Budnevitch
fixed: They are not secure or insecure, but https and http. Fixed to keep …

02/03/19:

17:45 Ticket #1718 (More info on ssl_early_data security) updated by Maxim Dounin
If such attacks are possible in your infrastructure, they cannot be …

02/02/19:

18:37 Ticket #1718 (More info on ssl_early_data security) updated by Sam Bull
So, something like this mentioned attack is unrelated? "Exploiting …
17:25 Ticket #1718 (More info on ssl_early_data security) closed by Maxim Dounin
invalid: No. Moreover, nginx [http://hg.nginx.org/nginx/rev/548a63b354a2#l1.31
13:10 Ticket #1718 (More info on ssl_early_data security) created by Sam Bull
I'm looking at the RFC relating to 0-RTT, and trying to understand how …

02/01/19:

14:35 Ticket #1717 (server info) closed by maxim
wontfix: Hello. No, we are not going to do that in any overseable future. …
14:21 Ticket #1717 (server info) created by https://stackoverflow.com/users/10070111/misha-shaygu
hi please set default config server_tokens on to off. …
03:11 Ticket #1716 (http2 ssl verify certificate failed should close tcp connection) created by xujunHW@…
when http2 ssl verify certificate failed, nginx send err response with …

01/31/19:

18:06 Ticket #1215 (Add support for SHA2 (SHA3?) family for RFC2307 passwords for HTTP ...) updated by Maxim Dounin
Replying to zasca@…: > Nginx already …
16:36 Changeset in nginx [7454:e72c8a8a8b10] by Maxim Dounin <mdounin@…>
SSL: separate checks for errors in ngx_ssl_read_password_file(). …
16:28 Changeset in nginx [7453:873150addfeb] by Ruslan Ermilov <ru@…>
SSL: explicitly zero out session ticket keys.
14:25 Changeset in nginx [7452:570d8c626eea] by Roman Arutyunyan <arut@…>
Modules compatibility: down flag in ngx_peer_connection_t.
14:02 Changeset in nginx_org [2329:c058e44b4111] by Andrei Belov <defan@…>
Linux packages: added Alpine 3.9.
11:15 Ticket #1215 (Add support for SHA2 (SHA3?) family for RFC2307 passwords for HTTP ...) updated by zasca@…
Nginx already supports

01/29/19:

19:43 Ticket #1715 (Logs are no longer written to /dev/stdout after HUP, if daemon is on) closed by Maxim Dounin
wontfix: This is because opening /dev/stdout duplicates existing file …
17:10 Ticket #1715 (Logs are no longer written to /dev/stdout after HUP, if daemon is on) created by CamJN@…
In Passenger standalone we generate a config and start Nginx for the …

01/28/19:

20:20 Ticket #1714 (Server Name Indication (SNI) in NGINX isn't honoring ssl_protocols, ...) updated by fortresslinux@…
You are right about the custom ciphers per server(). We mixed it up …
16:38 Ticket #844 (Allow support for different protocols on different hosts (same machine)) closed by Maxim Dounin
wontfix: For the record, [https://nginx-review.googlesource.com/c/nginx/+/3420
15:44 Ticket #844 (Allow support for different protocols on different hosts (same machine)) updated by Maxim Dounin
See also #1714.
15:42 Ticket #1714 (Server Name Indication (SNI) in NGINX isn't honoring ssl_protocols, ...) closed by Maxim Dounin
duplicate: > It should honor the second server ssl_ciphers and ssl_protocols (and …
15:08 Ticket #1714 (Server Name Indication (SNI) in NGINX isn't honoring ssl_protocols, ...) created by fortresslinux@…
== SNI bug: == Reproduce: Configure nginx (partly) as: […] Test …
13:17 Changeset in nginx-tests [1436:9d8b100a6ce3] by Dmitry Volyntsev <xeioex@…>
Tests: get rid of deprecated njs API in 0.2.2.
13:17 Changeset in nginx-tests [1435:cace66c3ce56] by Dmitry Volyntsev <xeioex@…>
Tests: removed js tests for deprecated njs API.
13:15 Ticket #1713 (proxy_ssl_session_reuse not working with proxy_pass containing variables) closed by Maxim Dounin
invalid: That's expected behaviour. SSL sessions are cached within a …
12:08 Ticket #1713 (proxy_ssl_session_reuse not working with proxy_pass containing variables) created by gchiesa@…
Hi, I'm trying to enable the proxy_ssl_session_reuse with dynamic …

01/24/19:

14:05 Changeset in nginx-tests [1434:fc8341cf92a3] by Sergey Kandaurov <pluknet@…>
Tests: removed ngx_parse_inet6_url() "::" test from proxy.t. It …

01/23/19:

19:01 Ticket #416 (proxy_cache_use_stale run updating in new thread and serve stale data ...) closed by Maxim Dounin
fixed: Yes, thanks.
18:27 Ticket #416 (proxy_cache_use_stale run updating in new thread and serve stale data ...) updated by snizovtsev@…
Isn't proxy_cache_background_update directive introduced by …

01/22/19:

11:37 Changeset in nginx-tests [1433:3e0dcf1e7752] by Sergey Kandaurov <pluknet@…>
Tests: keep stream_udp_limit_rate.t TODOs for a while. It's useful to …

01/21/19:

17:13 Ticket #1709 (Не формируется Push-запрос) updated by wladimirmu@…
Replying to mdounin: > Проблемы в сторонних модулях стоит …
15:32 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) updated by vladimir.nikolic.74@…
True, using allocsize=64k in the mount options makes cache size …
13:20 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) closed by Maxim Dounin
duplicate: Quick search suggests that by default XFS is using speculative …
10:20 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) reopened by vladimir.nikolic.74@…
I had seen #157 before opening this issue. We are using default xfs …

01/18/19:

22:08 Ticket #157 (cache max_size limit applied incorrectly with xfs) updated by Maxim Dounin
See also #1712.
22:08 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) closed by Maxim Dounin
duplicate: There is a known problem with XFS when using large allocsize= in …
13:05 Changeset in nginx-tests [1432:d17fb72140f2] by Sergey Kandaurov <pluknet@…>
Tests: adjusted stream_udp_limit_rate.t for slow hosts. Upload could …
12:29 Ticket #1712 (xfs - nginx cache manager wrongly calculates cache size) created by vladimir.nikolic.74@…
If we put nginx proxy_cache_path and proxy_temp_path nginx …
11:00 Ticket #1711 (TLS 1.3 on Windows build) created by Obscurax@…
As TLS 1.3 was ratified lat year, it would be nice if nginx for …

01/17/19:

16:29 Changeset in nginx-tests [1431:aab729315dca] by Sergey Kandaurov <pluknet@…>
Tests: stream_udp_limit_rate.t TODOs removed, fix committed.

01/16/19:

15:32 Changeset in nginx-tests [1430:bba26f4b40ef] by Sergey Kandaurov <pluknet@…>
Tests: stream limit rate tests with datagrams.
13:36 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) updated by Maxim Dounin
For questions on how to configure nginx, consider using …
13:14 Ticket #1709 (Не формируется Push-запрос) closed by Maxim Dounin
invalid: Проблемы в сторонних модулях стоит адресовать авторам этих модулей.
10:20 Ticket #1710 (ngx_http_dav_module: Allow to configure some anti-overwrite) created by JulienPalard@…
Maybe I didn't found an existing way to do so... I'd like to protect …
09:19 Ticket #1701 (unable to import module ngx_http_proxy_module to secure cookies) updated by arvindkrbhatt@…
I logged the same ticket in for Jenkins …
02:48 Ticket #1709 (Не формируется Push-запрос) created by wladimirmu@…
Включил http2_push_preload on;, если делать заголовок с nginx или …

01/15/19:

09:32 Changeset in nginx-tests [1429:f7f387086278] by Sergey Kandaurov <pluknet@…>
Tests: upstream ip_hash tests with IPv6 and unix sockets.

01/14/19:

13:07 Changeset in nginx-tests [1428:4c43a0ebcd2d] by Sergey Kandaurov <pluknet@…>
Tests: reverted 2f7d7953b2a8 after FreeBSD-EN-19:02.tcp.

01/12/19:

05:46 Ticket #1708 (closed_nodes in h2c should define as ngx_uint_t) updated by Maxim Dounin
Thanks for the report, this indeed seems possible if …

01/11/19:

15:07 Ticket #1705 (Enable ssl if ssl_certificate is present) updated by Maxim Dounin
Because it is better to be explicit in what you want from the …
10:18 Ticket #1708 (closed_nodes in h2c should define as ngx_uint_t) created by zhengjinhuanHW@…
When h2c->processing exceeds 256 and all streams are released, the …
08:01 Ticket #1705 (Enable ssl if ssl_certificate is present) updated by Olaf van der Spek
> I don't think this is a good feature. Why?

01/10/19:

16:25 Ticket #1692 (Zero level domain) updated by Maxim Dounin
Replying to Highter87@…: > Ok. "google.com." -> redirect …
14:42 Changeset in nginx-tests [1427:eb1d883305ea] by Sergey Kandaurov <pluknet@…>
Tests: avoid edge cases in upstream random two test. Unavailable …
14:03 Ticket #86 (the "if" directive have problems in location context) updated by Maxim Dounin
See also #1707.
14:03 Ticket #1707 (try_files doesn't work sometimes) closed by Maxim Dounin
duplicate: The try_files directive is not inherited into the if block, and …
10:54 Ticket #1707 (try_files doesn't work sometimes) created by fuweichin@…
My site uses HTML5 History state and now I need to configure nginx to …
07:32 Ticket #1692 (Zero level domain) updated by Highter87@…
Replying to mdounin: > This behaviour is also in line with …
02:32 Ticket #1704 (Nginx should have a friendly notice when config file have same port ...) updated by dannyZhou@…
Sorry it's my fault. English is poor.
Note: See TracTimeline for information about the timeline view.