Timeline



08/12/19:

13:05 Ticket #1829 (ssl: fail gracefully on Alert instead of ClientHello) closed by Maxim Dounin
wontfix: Replying to gvormayr@…: > Replying to mdounin: …
10:48 Ticket #1830 (OCSP must staple fails with multi-domain certificates) closed by Maxim Dounin
duplicate: Each server block uses its own SSL context with independent settings, …
09:28 Ticket #1829 (ssl: fail gracefully on Alert instead of ClientHello) updated by Gernot Vormayr
Replying to mdounin: > Replying to gvormayr@…: …

08/11/19:

15:12 Ticket #812 (Fetch OCSP responses on startup, and store across restarts) updated by Sam Bull
Also see #1830 for a more serious blocker, if using multi-domain …
15:10 Ticket #1830 (OCSP must staple fails with multi-domain certificates) created by Sam Bull
If using the same certificate across multiple server blocks (e.g. …

08/09/19:

12:29 Ticket #1829 (ssl: fail gracefully on Alert instead of ClientHello) updated by Maxim Dounin
Replying to gvormayr@…: > Replying to mdounin: …
09:34 Ticket #1829 (ssl: fail gracefully on Alert instead of ClientHello) updated by Gernot Vormayr
Replying to mdounin: > As long as alerts are allowed …

08/08/19:

18:16 Ticket #85 (ngx_http_cookie_time date format error.) updated by Maxim Dounin
The "SHOULD NOT" is not the same as "MUST NOT", and not following a …
16:34 Ticket #1829 (ssl: fail gracefully on Alert instead of ClientHello) updated by Maxim Dounin
As long as alerts are allowed before ClientHello, these should be …
15:24 Ticket #85 (ngx_http_cookie_time date format error.) updated by jribbens@…
I'm not sure why "the specification says you SHOULD NOT do this" isn't …
15:12 Ticket #85 (ngx_http_cookie_time date format error.) closed by Maxim Dounin
invalid: As outlined above, when the code in question was written, there were …
15:07 nginx_ssl_alert.patch attached to Ticket #1829 by Gernot Vormayr
15:06 Ticket #1829 (ssl: fail gracefully on Alert instead of ClientHello) created by Gernot Vormayr
When openssl encounters an error after it already connected, but …
14:51 Ticket #85 (ngx_http_cookie_time date format error.) reopened by jribbens@…
RFC 6265 says "To avoid compatibility issues, servers SHOULD use the …

08/07/19:

18:04 Changeset in nginx_org [2413:c6581f9aefa3] by Yaroslav Zhuravlev <yar@…>
Documented Perl $r->internal_redirect() fixes.
10:44 Ticket #85 (ngx_http_cookie_time date format error.) updated by Maxim Dounin
See also #1828.
10:43 Ticket #1828 (Cookies with 2-digit years in their expires value) closed by Maxim Dounin
duplicate: Duplicate of #85.

08/06/19:

17:45 Changeset in nginx-tests [1497:40e5f2a0a238] by Sergey Kandaurov <pluknet@…>
Tests: upstream_ip_hash_ipv6.t startup fixes.
00:20 Ticket #508 (nginx rewrite URL decoding first encoded character in URI) updated by adhamsadakah.as@…
aaaaaaaaa

08/05/19:

10:29 Ticket #1828 (Cookies with 2-digit years in their expires value) created by jribbens@…
Cloudflare sets a cookie called __cfduid. It sets the cookie expiry …

08/02/19:

16:46 Ticket #1623 (HTTP/2 config applied globally) updated by Sergey Kandaurov
See also #1827.
16:46 Ticket #1827 (Enabling http2 for one server block enables it for all) closed by Sergey Kandaurov
duplicate: Duplicate of #1623.
16:14 Ticket #1827 (Enabling http2 for one server block enables it for all) created by mattpr@…
Enabling http2 for one server block apparently enables it for other …
13:29 Ticket #1826 (Gzip deflate broken in some cases) closed by Maxim Dounin
fixed: This was already reported here: …
13:15 spin.js attached to Ticket #1826 by g.krist.linqhost.nl@…
Example file to trigger connection
13:14 Ticket #1826 (Gzip deflate broken in some cases) created by g.krist.linqhost.nl@…
In the 1.17 branch some particular gzipped request fail with the …

08/01/19:

11:22 Changeset in nginx-tests [1496:e1eb3432487b] by Sergey Kandaurov <pluknet@…>
Tests: added mail resolver tests with ssl.
10:50 Changeset in nginx [7546:fcd92ad76b7b] by Maxim Dounin <mdounin@…>
Mail: fixed duplicate resolving. When using SMTP with SSL and …
09:48 Ticket #1825 (Is the $request_time conatin the time send to client or send to socket) closed by Maxim Dounin
invalid: For questions, please use [http://nginx.org/en/support.html support …
06:16 Ticket #1825 (Is the $request_time conatin the time send to client or send to socket) created by wudebao5220150@…
From http://nginx.org/en/docs/http/ngx_http_log_module.html,I see the …

07/31/19:

14:29 Changeset in nginx [7545:0ef2bc0ec9c9] by Maxim Dounin <mdounin@…>
Gzip: fixed "zero size buf" alerts after ac5a741d39cf. After …
14:28 Changeset in nginx [7544:e1a3fa4c054f] by Maxim Dounin <mdounin@…>
Version bump.
09:58 Changeset in nginx-tests [1495:b8b92ed90485] by Sergey Kandaurov <pluknet@…>
Tests: limit_rate.t adjusted.

07/30/19:

16:38 Changeset in nginx_org [2412:bd026d5898b8] by Yaroslav Zhuravlev <yar@…>
Minor language improvements in Development guide.
15:33 Changeset in nginx_org [2411:7202f078bfa7] by Yaroslav Zhuravlev <yar@…>
Updated with Netcraft July 2019 Web Server Survey stats.
13:36 Ticket #1659 (nginx intermittent delay before sending response) updated by cbz@…
Did you find a solution ? Currently experiencing the same thing with …
08:10 Ticket #1824 (Bypassing cache if worker failed to allocate node in cache keys zone ?) created by keyolk@…
Using http file cache. Seems that if a worker failed to allocate node …

07/29/19:

16:34 Ticket #1823 (Connection header for inflight return messages during shutdown) updated by Maxim Dounin
Type changed
While it might be possible to return Connection: close in some …
16:26 Changeset in nginx-tests [1494:1356e7374c57] by Sergey Kandaurov <pluknet@…>
Tests: added mail resolver tests for PTR with rn->waiting.
15:17 Ticket #1823 (Connection header for inflight return messages during shutdown) created by marius.predescu@…
Hi, During an nginx reload, workers perform a gracefully shutdown, …
12:30 Ticket #1822 (segfault when running nginx in reverse TLS proxy configuration on ...) updated by Maxim Dounin
We've seen number of problems with both Buildroot-compiled nginx - due …
11:24 Ticket #1820 (text/x-gwt-rpc post failing sometimes) closed by Maxim Dounin
invalid: Clearly at 08:23:26.272934 client opens a new connection and starts …
08:46 Ticket #1820 (text/x-gwt-rpc post failing sometimes) updated by simon.verzijl.verzity.nl@…
From the debug log : […] I've also attached a dump using Wireshark …
08:45 error_capture.pcap attached to Ticket #1820 by simon.verzijl.verzity.nl@…

07/28/19:

10:23 Ticket #1822 (segfault when running nginx in reverse TLS proxy configuration on ...) created by antonsviridenko@…
nginx version 1.17.2 is built by "motioneye OS" (based on Buildroot), …

07/25/19:

15:36 Ticket #1740 (ngins -s reopen / SIGUSR1 and permissions problem) updated by Maxim Dounin
Usual approach is to use root-owned log directory, and pre-create new …
14:20 Ticket #1740 (ngins -s reopen / SIGUSR1 and permissions problem) updated by adriano-di-giovanni@…
Thanks for your reply. Do you suggest to use root as the owner? I …
14:04 Ticket #1740 (ngins -s reopen / SIGUSR1 and permissions problem) updated by Maxim Dounin
For log rotation to work, nginx worker processes need to be able to …
13:16 Ticket #1821 (Nginx 1.14.0 fails to start if ipv6 support on host is disabled) closed by Maxim Dounin
invalid: You may want to report this to maintainers of the package you are …
13:06 Ticket #1820 (text/x-gwt-rpc post failing sometimes) updated by Maxim Dounin
Please provide [http://nginx.org/en/docs/debugging_log.html debuging …
12:19 Ticket #1740 (ngins -s reopen / SIGUSR1 and permissions problem) updated by adriano-di-giovanni@…
I have the same problem and I solved by doing as follows: usermod -a …
08:34 Ticket #1817 (HTTP2 Server Push doesn't include Authorization header into the push ...) updated by Dalibor Karlović
Hi, I understand the motivation behind obscuring these headers since …
08:07 Ticket #1821 (Nginx 1.14.0 fails to start if ipv6 support on host is disabled) updated by bevand10@…
For info, this occurred during a today's Ubuntu 18.04 upgrade: …
07:21 Ticket #1821 (Nginx 1.14.0 fails to start if ipv6 support on host is disabled) created by bevand10@…
# ifconfig docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 …
06:52 Ticket #1820 (text/x-gwt-rpc post failing sometimes) created by simon.verzijl.verzity.nl@…
We have a Nginx reverse proxy configured in front of a TIBCO AMX-BPM …

07/24/19:

14:54 Ticket #1819 (Core dump when http2 client cancelled stream while upstream) updated by Maxim Dounin
Priority, Status changed
Note that proxying to a different server won't work due to …
10:51 Ticket #1819 (Core dump when http2 client cancelled stream while upstream) created by crasyangel.lhy@…
It would cause segment fault when test as below ---- test cmd […] …
10:09 Ticket #1817 (HTTP2 Server Push doesn't include Authorization header into the push ...) closed by Ruslan Ermilov
wontfix: Regarding the "Accept" header, please see this discussion: …

07/23/19:

16:07 Changeset in nginx_org [2410:392e11db3260] by Vladimir Homutov <vl@…>
Development guide: added the "Common Pitfalls" section.
12:25 Milestone nginx-1.17.2 completed
Status: scheduled Trunk: mainline * Various bug fixes
12:16 Changeset in nginx_org [2409:3bc28d88f34e] by Maxim Dounin <mdounin@…>
nginx-1.17.2
12:01 Changeset in nginx [7543:e7181cfe9212] by Maxim Dounin <mdounin@…>
release-1.17.2 tag
12:01 Changeset in nginx [7542:2fc9f853a6b7]release-1.17.2 by Maxim Dounin <mdounin@…>
nginx-1.17.2-RELEASE

07/22/19:

11:15 Ticket #1818 (Custom Error Pages fails to return the correct Content-Type header in ...) closed by Maxim Dounin
invalid: It is not clear what are you trying to do, but `more_set_headers …
00:32 Ticket #1818 (Custom Error Pages fails to return the correct Content-Type header in ...) created by adrian.quiambao.torocloud.com@…
Similar Issue with here: …

07/19/19:

16:38 Ticket #1816 (Worker process loops infinitely in ngx_rbtree_min) updated by Novex@…
Thank you for the information - appreciate your time.
15:04 Ticket #1816 (Worker process loops infinitely in ngx_rbtree_min) closed by Maxim Dounin
invalid: > The third-party module code seemed to be running in a different …
14:56 Ticket #1816 (Worker process loops infinitely in ngx_rbtree_min) updated by Novex@…
No, I haven't seen this before. It's a bit tricky because we rely on …
14:50 Changeset in nginx [7541:eb9c7fb796d5] by Maxim Dounin <mdounin@…>
Core: fixed memory leak on error, missed in c3f60d618c17. Found by …
12:46 Ticket #1817 (HTTP2 Server Push doesn't include Authorization header into the push ...) updated by Dalibor Karlović
Accept header is also definitely missing.
12:41 Ticket #1817 (HTTP2 Server Push doesn't include Authorization header into the push ...) created by Dalibor Karlović
I have Nginx setup as a reverse proxy in front of my Varnish-enabled …
11:12 Ticket #1816 (Worker process loops infinitely in ngx_rbtree_min) updated by Maxim Dounin
Are you able to reproduce the problem without any 3rd party modules?
10:18 Ticket #1816 (Worker process loops infinitely in ngx_rbtree_min) created by Novex@…
I found an nginx worker on one of our production sites pegged at 100% …

07/18/19:

16:11 Changeset in nginx-tests [1493:829467f8d696] by Sergey Kandaurov <pluknet@…>
Tests: xslt_stylesheet parameter from variable.
15:48 Ticket #1806 (New Set of Map files causing server segmentation fault) closed by Maxim Dounin
fixed: Fix committed, thanks for reporting this.
15:30 Ticket #1806 (New Set of Map files causing server segmentation fault) updated by Maxim Dounin <mdounin@…>
In [changeset:"c3f60d618c1738620ae82d75f132b18b7f63bd97/nginx"
15:27 Changeset in nginx [7540:9a970c905045] by Maxim Dounin <mdounin@…>
Xslt: fixed potential buffer overflow with null character. Due to …
15:27 Changeset in nginx [7539:d75153522557] by Maxim Dounin <mdounin@…>
SSI: avoid potential buffer overflow. When "-" follows a parameter of …
15:27 Changeset in nginx [7538:08ed570ad93c] by Maxim Dounin <mdounin@…>
Upstream: fixed EOF handling in unbuffered and upgraded modes. With …
15:27 Changeset in nginx [7537:01e26357916a] by Maxim Dounin <mdounin@…>
HTTP/2: return error on output on closed stream. Without this, an …
15:27 Changeset in nginx [7536:c3f60d618c17] by Maxim Dounin <mdounin@…>
Core: fixed segfault with too large bucket sizes (ticket #1806). To …
14:59 Ticket #1814 (What should I do about the warning: "upstream response is buffered to ...) updated by anthony.mastrean.vaeit.com@…
OK, if I simply open a "documentation" issue saying that this should …

07/17/19:

14:00 Changeset in nginx [7535:56b4fb46ba7d] by Maxim Dounin <mdounin@…>
Perl: removed unused variable, forgotten in 975d7ab37b39.
12:59 Changeset in nginx-tests [1492:760fdf2865bb] by Sergey Kandaurov <pluknet@…>
Tests: tune proxy_timeout in stream_udp_limit_rate.t. When something …
12:54 Ticket #1815 (Debug log of response is garbled in journald) updated by kosmas.valianos@…
Apparently journald does not like some characters and deems it as …
10:54 Ticket #1815 (Debug log of response is garbled in journald) closed by Maxim Dounin
invalid: It looks like your syslog daemon doesn't like multi-line messages and …
10:48 Ticket #1814 (What should I do about the warning: "upstream response is buffered to ...) closed by Maxim Dounin
invalid: For questions, please use [http://nginx.org/en/support.html support …
09:18 Ticket #1815 (Debug log of response is garbled in journald) created by kosmas.valianos@…
It is quite easy to reproduce. In your nginx.conf set the …
03:47 Ticket #1811 (proxy server,slice+limit_rate,keepalived connection will be delayed to ...) updated by kuninchengdu@…
although I use a 3rd module, but the process as above never enter it,I …

07/16/19:

21:35 Ticket #1814 (What should I do about the warning: "upstream response is buffered to ...) created by anthony.mastrean.vaeit.com@…
I'm one of those people that gets really concerned about warnings in …
11:41 Ticket #1813 (OCSP does not work with $ssl_server_name) updated by leon.mailhardener.com@…
Hello mdounin, thank you for the clarification! I hope this ticket may …
11:14 Ticket #1813 (OCSP does not work with $ssl_server_name) updated by Maxim Dounin
OCSP stapling is not supposed to work in this scenario, as …
11:01 Ticket #1813 (OCSP does not work with $ssl_server_name) updated by leon.mailhardener.com@…
Hello mdounin, thank you for your quick reply. However, this was not a …
09:09 Ticket #1811 (proxy server,slice+limit_rate,keepalived connection will be delayed to ...) updated by Maxim Dounin
It looks like you are using a 3rd party fork of an outdated nginx …
08:31 Ticket #1813 (OCSP does not work with $ssl_server_name) closed by Maxim Dounin
invalid: By default, variables are not supported. As long as variables are …

07/15/19:

17:48 Ticket #1813 (OCSP does not work with $ssl_server_name) created by leon.mailhardener.com@…
We have a multi-tenant setup with TLS enabled. We use the …
16:20 Ticket #1812 (NGINX does not reply with HTTP Headers on broken request line) closed by Sergey Kandaurov
invalid: HTTP/0.9 requests are not expected to contain the protocol version …
16:06 Ticket #1812 (NGINX does not reply with HTTP Headers on broken request line) created by archmalet@…
NGINX does reply without HTTP Response Headers when there is a newline …
10:43 Ticket #1810 (Complex UX - Configuration Pitfalls ("Passing uncontrolled requests to ...) closed by Maxim Dounin
wontfix: Thank you for your opinion. Configuration of nginx is designed to …
01:44 Ticket #1811 (proxy server,slice+limit_rate,keepalived connection will be delayed to ...) created by kuninchengdu@…
slice 512k; limit_rate 512k; proxy_pass ... above …

07/13/19:

10:47 Ticket #1810 (Complex UX - Configuration Pitfalls ("Passing uncontrolled requests to ...) created by yanosz@…
Is: Problematic User-Experience (UX) for administrators
Note: See TracTimeline for information about the timeline view.