Timeline



12/29/18:

16:25 Ticket #1529 (Could not configure TLS1.3 ciphers in OpenSSL 1.1.1 pre4) updated by Laurence 'GreenReaper' Parry
While I sympathize with the desire not to implement an interface which …

12/27/18:

17:19 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by Maxim Dounin
Thanks for checking. Corruption of the response produced by the slice …
13:09 Ticket #1696 (NGINX does not update cached response of POST requests) updated by azhuchkov@…
Sorry, forgot to put cache and backend configs. Here they are: […]
12:20 Ticket #1696 (NGINX does not update cached response of POST requests) created by azhuchkov@…
Recently I configured caching of POST requests. It's not user input, …
12:03 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
I added an archive with a cache directory with all parts of the file.
12:01 bugceph.tar.gz attached to Ticket #1695 by greenx@…
content cache directory
11:36 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
We reproduced it. I attach three files: two pcap files and source …
11:35 file attached to Ticket #1695 by greenx@…
11:28 nginx-client.pcap attached to Ticket #1695 by greenx@…
trafic from nginx to client
11:28 ceph-nginx.pcap attached to Ticket #1695 by greenx@…
trafic from ceph to nginx
08:23 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
Just FYI, there are no plans to fix the approach on the OpenSSL side, …
06:26 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
I changed the logging level from error to warn. Now I see this …

12/26/18:

19:36 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by Maxim Dounin
The message should be there unless you are using higher logging level. …
18:34 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by greenx@…
The statement is true, but the error log is empty. Maybe it is not …
16:18 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) updated by Maxim Dounin
Priority, Keywords changed
So, the backend returns a 206 response with: 1. Content-Range
11:52 range-bug-with-SLO.png attached to Ticket #1695 by greenx@…
11:52 Ticket #1695 (Data is corrupted in static large objects (SLO swift API) when using ...) created by greenx@…
We found that data is corrupted in static large objects (SLO swift …

12/25/18:

15:09 Milestone nginx-1.15.8 completed
Status: scheduled Trunk: mainline * Bug fixes
08:54 Milestone njs-0.2.7 completed
Planned features: * Object.entries() and values() methods * Rest …

12/24/18:

09:43 Ticket #1661 (Nginx repository for ubuntu has no Release file for cosmic (18.10)) closed by thresh
fixed: Correct, both stable and mainline now carry cosmic versions.

12/23/18:

11:23 Ticket #1661 (Nginx repository for ubuntu has no Release file for cosmic (18.10)) updated by Laurence 'GreenReaper' Parry
This seems to be done, at least in mainline! Unfortunately with i386 …
11:22 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) updated by Laurence 'GreenReaper' Parry
Replying to yura3d@…: > I think the solution suggested by …

12/21/18:

13:26 Ticket #1694 (Prefer SNI name to Host header when selecting server block) closed by Maxim Dounin
invalid: In theory, you are right. SNI was designed to be used with the only …
04:28 Ticket #1694 (Prefer SNI name to Host header when selecting server block) created by cHYzZQo@…
Let's say I have a config file that looks like this. […] If I …

12/20/18:

22:32 Ticket #1693 (Documentation bug: Redirects without localization end up insecure) created by guardrex@…
Redirects without localization end up insecure The secure link ... …
17:10 Milestone unit-1.7 completed
Planned features: * nodejs support improvements
14:36 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
Got it, thanks for the explanation!
14:35 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by Maxim Dounin
The status is correct. We may, however, consider introducing a …
14:15 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
So the status of #1529 as "won't fix" is wrong, and you are
14:10 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by Maxim Dounin
This ticket is closed because it is duplicate of #1529 (the "planned …
12:41 Ticket #1533 (Some news about "support configure TLS1.3-Only ciphers") updated by rbaranauskas@…
I don't really get the situation - #1533 (this one) is closed, …

12/18/18:

15:37 Ticket #1692 (Zero level domain) updated by Maxim Dounin
> "The example.com and example.com. domains are syntactically …
08:02 Ticket #1692 (Zero level domain) updated by Highter87@…
"The example.com and example.com. domains are syntactically …

12/17/18:

16:31 Ticket #816 (Allow h2c and HTTP/1.1 support on the same listening socket) updated by AlekSi@…
It would be great to have that feature.

12/16/18:

22:41 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) closed by Maxim Dounin
fixed: We cannot selectively enable or disable TLSv1.3 without relying on the …
19:30 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) reopened by yura3d@…
I think the solution suggested by @mdounin above is strange. I have …

12/15/18:

14:16 Ticket #1690 (Add MITM detection) updated by Fabian Franz BSc
I got it working in njs: …

12/14/18:

17:18 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) closed by Maxim Dounin
fixed: Fix committed, thanks.
16:55 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by Maxim Dounin <mdounin@…>
In [changeset:"286ae954009dd9249ba9652cb53461de908d9f10/nginx"

12/13/18:

14:27 Ticket #1692 (Zero level domain) closed by Maxim Dounin
invalid: The example.com and example.com. domains are syntactically …
12:53 Ticket #1692 (Zero level domain) updated by Highter87@…
Sorry... This […] to redirect example.com, but i can access …
12:48 Ticket #1692 (Zero level domain) created by Highter87@…
Why is open domain: "nginx.org." - point at the end of the line? I …

12/12/18:

17:58 Ticket #1690 (Add MITM detection) updated by Fabian Franz BSc
njs sounds like a good solution so i think it may work as the …
15:32 text.txt attached to Ticket #1689 by Nar
nginx -T
15:08 Ticket #68 (Include larger speed units for HttpLimitReqModule) updated by Maxim Dounin
The patch is wrong, it does not take into account that rates use fixed …
15:03 Ticket #1691 (ngx_http_browser_module treats amazon web service health checker as ...) updated by malarres@…
Thank you very much for the clarification
14:46 Ticket #1691 (ngx_http_browser_module treats amazon web service health checker as ...) closed by Maxim Dounin
invalid: The ancient_browser directive …
14:18 Ticket #1690 (Add MITM detection) updated by Maxim Dounin
I see at least two problems with this: 1. Detection of various TLS …
13:03 Ticket #1691 (ngx_http_browser_module treats amazon web service health checker as ...) created by malarres@…
Amazon Load Balancer performs a series of Health checks, and as user …
10:32 Ticket #68 (Include larger speed units for HttpLimitReqModule) updated by xdmitry@…
can we give it a go please? change is straightforward: […]
00:15 Ticket #1687 (Overrides system default minimum TLS version) updated by Kurt Roeckx
The nginx documentation currently says you can enable SSLv2 and SSLv3, …

12/11/18:

19:45 Ticket #1690 (Add MITM detection) created by Fabian Franz BSc
Caddy has a feature to detect TLS MITM attacks by comparing …
17:24 Ticket #1689 (Writing connections leak with http/2) updated by Maxim Dounin
Ok, so you observe open socket ... left in connection ... alerts on …
16:33 Ticket #1689 (Writing connections leak with http/2) created by Nar
Writing connections counter is gradually grow up as shown on munin …
15:29 Ticket #714 (Writing connection leak while SPDY enabled) closed by Maxim Dounin
duplicate: For most recent tickets about HTTP/2 issues, please refer to #1610, …
14:54 Ticket #1688 (want to get the socket port which use in nginx and upstream servers) updated by Maxim Dounin
Priority, Type changed
How do you expect to use such a variable?
03:11 Ticket #1688 (want to get the socket port which use in nginx and upstream servers) created by liutanrong@…
i can not log the backend_source_port,why nginx doesn't have a …

12/10/18:

22:04 Ticket #714 (Writing connection leak while SPDY enabled) reopened by Nar
Have same issue with nginx 1.15.7 [[Image(...)]] uname -a …
22:03 nginx_leak.jpg attached to Ticket #714 by Nar
14:54 Ticket #1687 (Overrides system default minimum TLS version) updated by Maxim Dounin
In theory. In practice, there are number of problems with this …

12/09/18:

16:56 Ticket #1687 (Overrides system default minimum TLS version) updated by Kurt Roeckx
The point of system wide defaults is so that there actually is 1 place …
00:37 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by gdrbyKo1@…
Replying to mdounin: That makes sense, thank you. …

12/08/18:

19:41 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by Maxim Dounin
Replying to gdrbyKo1@…: > Thanks for your response. I just …
18:57 Ticket #1687 (Overrides system default minimum TLS version) closed by Maxim Dounin
wontfix: Thank you for your feedback. Allowed SSL protocol versions are …
10:10 Ticket #1687 (Overrides system default minimum TLS version) created by Kurt Roeckx
In https://hg.nginx.org/nginx/rev/7ad0f4ace359
03:35 Ticket #1686 (Log files ownership) closed by Maxim Dounin
invalid: On startup and on reload, log files are opened by the master process …
02:27 Ticket #1686 (Log files ownership) created by https://stackoverflow.com/users/573152/bernard-rosset
On log rotation, nginx seems to process …

12/06/18:

22:10 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by gdrbyKo1@…
Replying to mdounin: > This seems to be a bug in the geo …
16:45 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) updated by Maxim Dounin
This seems to be a bug in the geo module, it doesn't know that there …
13:34 Ticket #1243 (Add primary media type for font) updated by Maxim Dounin
See also #1685.
13:33 Ticket #1685 (Update fonts mime types refer to IANA) closed by Maxim Dounin
duplicate: The only fonts in nginx's conf/mime.types are font/woff and …
08:37 Ticket #1685 (Update fonts mime types refer to IANA) created by bes.internal@…
Please update nginx/conf/mime.types refer to IANA. All fonts move to …

12/05/18:

09:46 Ticket #1057 (Google QUIC - statement) updated by maxim
Hello, We are planning to have this feature in our 2019 roadmap. …
09:39 Ticket #1057 (Google QUIC - statement) updated by raul.peixoto@…
Can someone on Nginx please take a look at supporting QUIC already?

12/04/18:

15:01 Milestone nginx-1.14.2 completed
Status: scheduled Trunk: stable * Bug fixes merge from the …
14:20 fetch_values.py attached to Ticket #1684 by gdrbyKo1@…
14:19 nginx.conf attached to Ticket #1684 by gdrbyKo1@…
14:19 Ticket #1684 (documentation for ngx_http_geo_module is inconsistent with the ...) created by gdrbyKo1@…
The documentation for ngx_http_geo_module states that "By default, the …
13:40 Ticket #1654 (nginx does not honor ssl_protocols for TLSv1.3) updated by Maxim Dounin <mdounin@…>
In [changeset:"11be3c0723bd808b03a1781a96e0b2cc09897fe9/nginx"
13:40 Ticket #1605 (nginx does not compile with LibreSSL 2.8.0) updated by Maxim Dounin <mdounin@…>
In [changeset:"2cf1d945bbb31b1c8294ad2533673753ff989305/nginx"
13:40 Ticket #1565 (Prematurely deleting request body temp files on fast response) updated by Maxim Dounin <mdounin@…>
In [changeset:"17ee239ae2e6caa8ec24d7626f5cc91b197e79cb/nginx"
13:40 Ticket #1469 (nginx won't build under libxcrypt due to missing 'current_salt' in ...) updated by Maxim Dounin <mdounin@…>
In [changeset:"b1a166ab7f04efc4205afc0bf56b89aab4e0d457/nginx"
13:40 Ticket #1546 (nginx/1.14.0 compilation with gcc 8.1.0 fails) updated by Sergey Kandaurov <pluknet@…>
In [changeset:"ed5b3c4c128421c13350a81978487c5c884626b1/nginx"
11:12 Ticket #1683 (ngx_parent in ngx_daemon() can not work properly?) closed by Maxim Dounin
invalid: The ngx_parent variable is expected to contain PID or original parent …
01:59 Ticket #1683 (ngx_parent in ngx_daemon() can not work properly?) created by chronolaw@…
In function ngx_daemon(), after fork the child would run ngx_parent = …

11/30/18:

19:04 Ticket #1682 (Nginx tries to open the html file and through error 404. I expected ...) updated by Maxim Dounin
Description changed
I've tested the configuration in question, and it seems to work fine …
18:48 Ticket #1678 (limit_rate and proxy_limit_rate broken from 1.14) closed by Maxim Dounin
wontfix: Thanks for testing. I'm not sure there is a good way to document all …
17:53 Ticket #1682 (Nginx tries to open the html file and through error 404. I expected ...) created by dertin@…
Hi, Nginx tries to open the html file and through error 404. I …
09:11 Ticket #1534 (OCSP client certificate validation) updated by boardbloke@…
+1 We have a number of use cases that require Mutual TLS with OCSP …
Note: See TracTimeline for information about the timeline view.