Wow, 104 views and not one of them could tell me how to do a basic task?
↧
Re: Basic website configuration
↧
Re: proxy cache purge Или каким способом лучше почистить одну запись в кеше
25.09.2014 00:12, Dimka пишет:
> На форуме и в сети много обсуждений на тему как почистить одну конкретную
> запись в кэше.
> Есть иной вариант, попросту удалить ненужный файл из директории где хранятся
> все записи.
> Вопрос экспертам - насколько вариант с жестким удалением файла из кэша
> кривой?
Доброй ночи, Dimka!
Это вполне рабочий вариант - в нашем вьетнамскои поиске http://wada.vn/
мы первое время именно так кешировали XML'ки с результатами вычисления
поисковых запросов.
Директиву "open_file_cache" выставили в "off" - и замечательно удаляли
некоторые ответы прямо из каталога кеша (скриптом по крону вычищались
наполные\неверные ответы).
Успешно дожили до 600 запросов в секунду - когда был запущен более умный
WebDAV-кеш.
--
Best regards,
Andrey Kopeyko <andrey@kopeyko.ru>
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
> На форуме и в сети много обсуждений на тему как почистить одну конкретную
> запись в кэше.
> Есть иной вариант, попросту удалить ненужный файл из директории где хранятся
> все записи.
> Вопрос экспертам - насколько вариант с жестким удалением файла из кэша
> кривой?
Доброй ночи, Dimka!
Это вполне рабочий вариант - в нашем вьетнамскои поиске http://wada.vn/
мы первое время именно так кешировали XML'ки с результатами вычисления
поисковых запросов.
Директиву "open_file_cache" выставили в "off" - и замечательно удаляли
некоторые ответы прямо из каталога кеша (скриптом по крону вычищались
наполные\неверные ответы).
Успешно дожили до 600 запросов в секунду - когда был запущен более умный
WebDAV-кеш.
--
Best regards,
Andrey Kopeyko <andrey@kopeyko.ru>
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
↧
↧
Re: Почему nginx убирает заголовок Content-Length с ответа fastcgi ?
Большое СПАСИБО !
Все работает)
Все работает)
↧
nginx-1.6.2 Ошибочный синтаксис в конфигурации
server (
...
index index.html
include include.conf;
....
}
Результат:
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Вместо индекса другая директива, например:
server (
...
error_log /var/log/nginx/error_qqq.log
include include.conf;
....
}
даёт такой результат:
Performing sanity check on nginx configuration:
nginx: [emerg] invalid log level "include" in /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
Теперь error_log после индекса:
server (
...
index index.html
error_log /var/log/nginx/error_qqq.log
include include.conf;
....
}
Получается:
Performing sanity check on nginx configuration:
nginx: [warn] only the last index in "index" directive should be absolute in /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Просто "f":
server (
...
index index.html
# error_log /var/log/srv_www/nginx/error_qqq.log
f
include include.conf;
....
}
Такой результат:
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Если включить "error_log" из последнего примера:
Performing sanity check on nginx configuration:
nginx: [warn] only the last index in "index" directive should be absolute in /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:16
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Тут 16-я строка: include include.conf;
...
index index.html
include include.conf;
....
}
Результат:
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Вместо индекса другая директива, например:
server (
...
error_log /var/log/nginx/error_qqq.log
include include.conf;
....
}
даёт такой результат:
Performing sanity check on nginx configuration:
nginx: [emerg] invalid log level "include" in /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
Теперь error_log после индекса:
server (
...
index index.html
error_log /var/log/nginx/error_qqq.log
include include.conf;
....
}
Получается:
Performing sanity check on nginx configuration:
nginx: [warn] only the last index in "index" directive should be absolute in /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Просто "f":
server (
...
index index.html
# error_log /var/log/srv_www/nginx/error_qqq.log
f
include include.conf;
....
}
Такой результат:
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Если включить "error_log" из последнего примера:
Performing sanity check on nginx configuration:
nginx: [warn] only the last index in "index" directive should be absolute in /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:16
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Тут 16-я строка: include include.conf;
↧
Re: nginx-1.6.2 Ошибочный синтаксис в конфигурации
On Oct 8, 2014, at 12:35 PM, vvmluxsite <nginx-forum@nginx.us> wrote:
> server (
> ...
> index index.html
пропущена точка с запятой
> include include.conf;
> ....
> }
--
Sergey Kandaurov
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
> server (
> ...
> index index.html
пропущена точка с запятой
> include include.conf;
> ....
> }
--
Sergey Kandaurov
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
↧
↧
Re: nginx-1.6.2 Ошибочный синтаксис в конфигурации
Добрый день.
Может дело в отсутствии точки с запятой в конце предыдущей строки?
08.10.2014 11:35, vvmluxsite пишет:
> server (
> ...
> index index.html
> include include.conf;
> ....
> }
>
> Результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
>
> Вместо индекса другая директива, например:
> server (
> ...
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> даёт такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: [emerg] invalid log level "include" in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
>
>
> Теперь error_log после индекса:
> server (
> ...
> index index.html
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> Получается:
>
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
>
> Просто "f":
> server (
> ...
> index index.html
> # error_log /var/log/srv_www/nginx/error_qqq.log
> f
> include include.conf;
> ....
> }
> Такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Если включить "error_log" из последнего примера:
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:16
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Тут 16-я строка: include include.conf;
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?21,253828,253828#msg-253828
>
> _______________________________________________
> nginx-ru mailing list
> nginx-ru@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-ru
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
Может дело в отсутствии точки с запятой в конце предыдущей строки?
08.10.2014 11:35, vvmluxsite пишет:
> server (
> ...
> index index.html
> include include.conf;
> ....
> }
>
> Результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
>
> Вместо индекса другая директива, например:
> server (
> ...
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> даёт такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: [emerg] invalid log level "include" in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
>
>
> Теперь error_log после индекса:
> server (
> ...
> index index.html
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> Получается:
>
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
>
> Просто "f":
> server (
> ...
> index index.html
> # error_log /var/log/srv_www/nginx/error_qqq.log
> f
> include include.conf;
> ....
> }
> Такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Если включить "error_log" из последнего примера:
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:16
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Тут 16-я строка: include include.conf;
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?21,253828,253828#msg-253828
>
> _______________________________________________
> nginx-ru mailing list
> nginx-ru@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-ru
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
↧
Re: nginx-1.6.2 Ошибочный синтаксис в конфигурации
On Wednesday 08 October 2014 04:35:23 vvmluxsite wrote:
> server (
> ...
> index index.html
> include include.conf;
> ....
> }
>
> Результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
Ничего удивительного. Вы пропустили точку с запятой
в результате чего "include" и "include.conf" были
интерпретированы как значения директивы index.
С точки зрения синтаксиса директивы index значения
валидны.
>
>
> Вместо индекса другая директива, например:
> server (
> ...
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> даёт такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: [emerg] invalid log level "include" in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
>
В директиве error_log вторым параметром, если задан,
должен задаваться уровень логгирования, который
может принимать только одно из следующих значений:
debug, info, notice, warn, error, crit, alert и emerg.
Значение "include" не является корректным уровнем
логгирования.
См. документацию:
http://nginx.org/r/error_log/ru
>
> Теперь error_log после индекса:
> server (
> ...
> index index.html
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> Получается:
>
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
Опять же, из-за пропущенных точек запятой все это
интерпретируется как значения директивы index, а именно
пять значений:
1. index.html
2. error_log
3. /var/log/nginx/error_qqq.log
4. include
5. include.conf
>
>
> Просто "f":
> server (
> ...
> index index.html
> # error_log /var/log/srv_www/nginx/error_qqq.log
> f
> include include.conf;
> ....
> }
> Такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Если включить "error_log" из последнего примера:
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:16
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Тут 16-я строка: include include.conf;
>
Аналогично. Будьте внимательны.
--
Валентин Бартенев
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
> server (
> ...
> index index.html
> include include.conf;
> ....
> }
>
> Результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
Ничего удивительного. Вы пропустили точку с запятой
в результате чего "include" и "include.conf" были
интерпретированы как значения директивы index.
С точки зрения синтаксиса директивы index значения
валидны.
>
>
> Вместо индекса другая директива, например:
> server (
> ...
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> даёт такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: [emerg] invalid log level "include" in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
>
В директиве error_log вторым параметром, если задан,
должен задаваться уровень логгирования, который
может принимать только одно из следующих значений:
debug, info, notice, warn, error, crit, alert и emerg.
Значение "include" не является корректным уровнем
логгирования.
См. документацию:
http://nginx.org/r/error_log/ru
>
> Теперь error_log после индекса:
> server (
> ...
> index index.html
> error_log /var/log/nginx/error_qqq.log
> include include.conf;
> ....
> }
> Получается:
>
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:15
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
Опять же, из-за пропущенных точек запятой все это
интерпретируется как значения директивы index, а именно
пять значений:
1. index.html
2. error_log
3. /var/log/nginx/error_qqq.log
4. include
5. include.conf
>
>
> Просто "f":
> server (
> ...
> index index.html
> # error_log /var/log/srv_www/nginx/error_qqq.log
> f
> include include.conf;
> ....
> }
> Такой результат:
>
> Performing sanity check on nginx configuration:
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Если включить "error_log" из последнего примера:
> Performing sanity check on nginx configuration:
> nginx: [warn] only the last index in "index" directive should be absolute in
> /usr/local/etc/nginx/vhosts/sites-enabled/sites.conf:16
> nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /usr/local/etc/nginx/nginx.conf test is
> successful
>
> Тут 16-я строка: include include.conf;
>
Аналогично. Будьте внимательны.
--
Валентин Бартенев
_______________________________________________
nginx-ru mailing list
nginx-ru@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-ru
↧
Re: nginx-1.6.2 Ошибочный синтаксис в конфигурации
Так вот и удивило отсутствие ругани на несуществующую ";".
Уже после создания вопроса вспомнил о многострочности.
Уже после создания вопроса вспомнил о многострочности.
↧
Reverse TLS proxy
Hi all,
I very new to NGINX, but thought that it might be the best tool to achieve a reverse proxy ( in the DMZ ) for an internal HTTPS server.
Unfortunately it isn't working and I get 502 Bad Gateway message if I check in the error Log I see :
2014/10/07 17:38:27 [crit] 2606#0: *1 connect() to 172.16.36.155:9999 failed (13: Permission denied) while connecting to upstream, client: 10.51.44.100, server: ping0a.cisco.net, request: "https://172.16.36.155:9999/pingfederate/app/", host: "ping0a.cisco.net:9999"
with a tcpdump in the HTTPS server that it is in the internal LAN I don't see any traffic arriving ....
I have a split dns schema in my test, and the FQDN name in the internal HTTPS server is the same as the on e in the DMZ ( ping0a.cisco,.net ).
This is my configuration :
[root@ping0a nginx]# more nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
upstream backend {
server 172.16.36.155:9999;
}
include /etc/nginx/conf.d/*.conf;
}
[root@ping0a conf.d]# more ping0a_ssl.conf
# HTTPS server
#
server {
listen 9999 default ssl;
index index.php index.html index.htm;
server_name ping0a.cisco.net;
ssl on;
ssl_certificate /etc/pki/tls/certs/IdP.pem;
ssl_certificate_key /etc/pki/tls/private/IdP.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_store off;
proxy_pass https://backend;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_ssl_verify off;
}
}
from the hosts in the DMZ where NGINX is installed I can reach the inetrnal HTTPS server
[root@ping0a conf.d]# wget --no-check-certificate https://172.16.36.155:9999/pingfederate/app
--2014-10-08 11:20:25-- https://172.16.36.155:9999/pingfederate/app
Connecting to 172.16.36.155:9999... connected.
WARNING: certificate common name ‘ping0a.cisco.net’ doesn't match requested host name ‘172.16.36.155’.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘app’
[ <=> ] 5,576 --.-K/s in 0s
2014-10-08 11:20:25 (45.8 MB/s) - ‘app’ saved [5576]
What is wrong in my configuration ?
Thank you,
Paulo
I very new to NGINX, but thought that it might be the best tool to achieve a reverse proxy ( in the DMZ ) for an internal HTTPS server.
Unfortunately it isn't working and I get 502 Bad Gateway message if I check in the error Log I see :
2014/10/07 17:38:27 [crit] 2606#0: *1 connect() to 172.16.36.155:9999 failed (13: Permission denied) while connecting to upstream, client: 10.51.44.100, server: ping0a.cisco.net, request: "https://172.16.36.155:9999/pingfederate/app/", host: "ping0a.cisco.net:9999"
with a tcpdump in the HTTPS server that it is in the internal LAN I don't see any traffic arriving ....
I have a split dns schema in my test, and the FQDN name in the internal HTTPS server is the same as the on e in the DMZ ( ping0a.cisco,.net ).
This is my configuration :
[root@ping0a nginx]# more nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
upstream backend {
server 172.16.36.155:9999;
}
include /etc/nginx/conf.d/*.conf;
}
[root@ping0a conf.d]# more ping0a_ssl.conf
# HTTPS server
#
server {
listen 9999 default ssl;
index index.php index.html index.htm;
server_name ping0a.cisco.net;
ssl on;
ssl_certificate /etc/pki/tls/certs/IdP.pem;
ssl_certificate_key /etc/pki/tls/private/IdP.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_store off;
proxy_pass https://backend;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_ssl_verify off;
}
}
from the hosts in the DMZ where NGINX is installed I can reach the inetrnal HTTPS server
[root@ping0a conf.d]# wget --no-check-certificate https://172.16.36.155:9999/pingfederate/app
--2014-10-08 11:20:25-- https://172.16.36.155:9999/pingfederate/app
Connecting to 172.16.36.155:9999... connected.
WARNING: certificate common name ‘ping0a.cisco.net’ doesn't match requested host name ‘172.16.36.155’.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: ‘app’
[ <=> ] 5,576 --.-K/s in 0s
2014-10-08 11:20:25 (45.8 MB/s) - ‘app’ saved [5576]
What is wrong in my configuration ?
Thank you,
Paulo
↧
↧
Re: [Patch] SO_REUSEPORT support from master process
Hello!
On Tue, Oct 07, 2014 at 07:32:08PM +0000, Lu, Yingqi wrote:
> Dear All,
>
> It has been quiet for a while on this patch. I am checking to
> see if there is any questions/feedbacks/concerns we need to
> address?
>
> Please let me know. Thanks very much for your help!
Apart from style/coding issues, I disagree with the whole
approach.
As far as I understand the patch idea, it tries to introduce
multiple listening sockets to avoid in-kernel lock contention.
This is something that can be done completely in kernel though,
and I see no reason to introduce any changes to nginx here.
The approach previously discussed with Sepherosa Ziehau looks much
more interesting.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
On Tue, Oct 07, 2014 at 07:32:08PM +0000, Lu, Yingqi wrote:
> Dear All,
>
> It has been quiet for a while on this patch. I am checking to
> see if there is any questions/feedbacks/concerns we need to
> address?
>
> Please let me know. Thanks very much for your help!
Apart from style/coding issues, I disagree with the whole
approach.
As far as I understand the patch idea, it tries to introduce
multiple listening sockets to avoid in-kernel lock contention.
This is something that can be done completely in kernel though,
and I see no reason to introduce any changes to nginx here.
The approach previously discussed with Sepherosa Ziehau looks much
more interesting.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
[nginx] Upstream: fix $upstream_cache_last_modified variable.
details: http://hg.nginx.org/nginx/rev/fd283aa92e04
branches:
changeset: 5869:fd283aa92e04
user: Piotr Sikora <piotr@cloudflare.com>
date: Wed Oct 01 15:48:53 2014 -0700
description:
Upstream: fix $upstream_cache_last_modified variable.
Due to the u->headers_in.last_modified_time not being correctly initialized,
this variable was evaluated to "Thu, 01 Jan 1970 00:00:00 GMT" for responses
cached without the "Last-Modified" header which resulted in subsequent proxy
requests being sent with "If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT"
header.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
diffstat:
src/http/ngx_http_upstream.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diffs (27 lines):
diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
@@ -441,6 +441,7 @@ ngx_http_upstream_create(ngx_http_reques
#endif
u->headers_in.content_length_n = -1;
+ u->headers_in.last_modified_time = -1;
return NGX_OK;
}
@@ -885,6 +886,7 @@ ngx_http_upstream_cache_send(ngx_http_re
ngx_memzero(&u->headers_in, sizeof(ngx_http_upstream_headers_in_t));
u->headers_in.content_length_n = -1;
+ u->headers_in.last_modified_time = -1;
if (ngx_list_init(&u->headers_in.headers, r->pool, 8,
sizeof(ngx_table_elt_t))
@@ -1582,6 +1584,7 @@ ngx_http_upstream_reinit(ngx_http_reques
ngx_memzero(&u->headers_in, sizeof(ngx_http_upstream_headers_in_t));
u->headers_in.content_length_n = -1;
+ u->headers_in.last_modified_time = -1;
if (ngx_list_init(&u->headers_in.headers, r->pool, 8,
sizeof(ngx_table_elt_t))
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
branches:
changeset: 5869:fd283aa92e04
user: Piotr Sikora <piotr@cloudflare.com>
date: Wed Oct 01 15:48:53 2014 -0700
description:
Upstream: fix $upstream_cache_last_modified variable.
Due to the u->headers_in.last_modified_time not being correctly initialized,
this variable was evaluated to "Thu, 01 Jan 1970 00:00:00 GMT" for responses
cached without the "Last-Modified" header which resulted in subsequent proxy
requests being sent with "If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT"
header.
Signed-off-by: Piotr Sikora <piotr@cloudflare.com>
diffstat:
src/http/ngx_http_upstream.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diffs (27 lines):
diff --git a/src/http/ngx_http_upstream.c b/src/http/ngx_http_upstream.c
--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
@@ -441,6 +441,7 @@ ngx_http_upstream_create(ngx_http_reques
#endif
u->headers_in.content_length_n = -1;
+ u->headers_in.last_modified_time = -1;
return NGX_OK;
}
@@ -885,6 +886,7 @@ ngx_http_upstream_cache_send(ngx_http_re
ngx_memzero(&u->headers_in, sizeof(ngx_http_upstream_headers_in_t));
u->headers_in.content_length_n = -1;
+ u->headers_in.last_modified_time = -1;
if (ngx_list_init(&u->headers_in.headers, r->pool, 8,
sizeof(ngx_table_elt_t))
@@ -1582,6 +1584,7 @@ ngx_http_upstream_reinit(ngx_http_reques
ngx_memzero(&u->headers_in, sizeof(ngx_http_upstream_headers_in_t));
u->headers_in.content_length_n = -1;
+ u->headers_in.last_modified_time = -1;
if (ngx_list_init(&u->headers_in.headers, r->pool, 8,
sizeof(ngx_table_elt_t))
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
[nginx] Core: fixed buffer overrun when hash max_size reached.
details: http://hg.nginx.org/nginx/rev/5e72578e6503
branches:
changeset: 5870:5e72578e6503
user: Yichun Zhang <agentzh@gmail.com>
date: Thu Oct 02 12:00:17 2014 -0700
description:
Core: fixed buffer overrun when hash max_size reached.
diffstat:
src/core/ngx_hash.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diffs (12 lines):
diff --git a/src/core/ngx_hash.c b/src/core/ngx_hash.c
--- a/src/core/ngx_hash.c
+++ b/src/core/ngx_hash.c
@@ -312,6 +312,8 @@ ngx_hash_init(ngx_hash_init_t *hinit, ng
continue;
}
+ size--;
+
ngx_log_error(NGX_LOG_WARN, hinit->pool->log, 0,
"could not build optimal %s, you should increase "
"either %s_max_size: %i or %s_bucket_size: %i; "
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
branches:
changeset: 5870:5e72578e6503
user: Yichun Zhang <agentzh@gmail.com>
date: Thu Oct 02 12:00:17 2014 -0700
description:
Core: fixed buffer overrun when hash max_size reached.
diffstat:
src/core/ngx_hash.c | 2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diffs (12 lines):
diff --git a/src/core/ngx_hash.c b/src/core/ngx_hash.c
--- a/src/core/ngx_hash.c
+++ b/src/core/ngx_hash.c
@@ -312,6 +312,8 @@ ngx_hash_init(ngx_hash_init_t *hinit, ng
continue;
}
+ size--;
+
ngx_log_error(NGX_LOG_WARN, hinit->pool->log, 0,
"could not build optimal %s, you should increase "
"either %s_max_size: %i or %s_bucket_size: %i; "
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
[nginx] Fixed possible buffer overrun in "too long header line" ...
details: http://hg.nginx.org/nginx/rev/21043ce2a005
branches:
changeset: 5871:21043ce2a005
user: Maxim Dounin <mdounin@mdounin.ru>
date: Wed Oct 08 17:16:04 2014 +0400
description:
Fixed possible buffer overrun in "too long header line" logging.
Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.
Reported by Daniil Bondarev.
diffstat:
src/http/ngx_http_request.c | 5 ++---
1 files changed, 2 insertions(+), 3 deletions(-)
diffs (18 lines):
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -1227,12 +1227,11 @@ ngx_http_process_request_headers(ngx_eve
if (len > NGX_MAX_ERROR_STR - 300) {
len = NGX_MAX_ERROR_STR - 300;
- p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
}
ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent too long header line: \"%*s\"",
- len, r->header_name_start);
+ "client sent too long header line: \"%*s...\"",
+ len, r->header_name_start);
ngx_http_finalize_request(r,
NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
branches:
changeset: 5871:21043ce2a005
user: Maxim Dounin <mdounin@mdounin.ru>
date: Wed Oct 08 17:16:04 2014 +0400
description:
Fixed possible buffer overrun in "too long header line" logging.
Additionally, ellipsis now always added to make it clear that
the header logged is incomplete.
Reported by Daniil Bondarev.
diffstat:
src/http/ngx_http_request.c | 5 ++---
1 files changed, 2 insertions(+), 3 deletions(-)
diffs (18 lines):
diff --git a/src/http/ngx_http_request.c b/src/http/ngx_http_request.c
--- a/src/http/ngx_http_request.c
+++ b/src/http/ngx_http_request.c
@@ -1227,12 +1227,11 @@ ngx_http_process_request_headers(ngx_eve
if (len > NGX_MAX_ERROR_STR - 300) {
len = NGX_MAX_ERROR_STR - 300;
- p[len++] = '.'; p[len++] = '.'; p[len++] = '.';
}
ngx_log_error(NGX_LOG_INFO, c->log, 0,
- "client sent too long header line: \"%*s\"",
- len, r->header_name_start);
+ "client sent too long header line: \"%*s...\"",
+ len, r->header_name_start);
ngx_http_finalize_request(r,
NGX_HTTP_REQUEST_HEADER_TOO_LARGE);
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
↧
Re: [PATCH] Upstream: fix $upstream_cache_last_modified variable
Hello!
On Wed, Oct 01, 2014 at 05:20:06PM -0700, Piotr Sikora wrote:
> # HG changeset patch
> # User Piotr Sikora <piotr@cloudflare.com>
> # Date 1412203733 25200
> # Wed Oct 01 15:48:53 2014 -0700
> # Node ID dbf6364ab44fcc6b5d1fbbe64c162135b18e9209
> # Parent a215d9021f137b9e2d4f69c37c7f992a2bef12c6
> Upstream: fix $upstream_cache_last_modified variable.
>
> Due to the u->headers_in.last_modified_time not being correctly initialized,
> this variable was evaluated to "Thu, 01 Jan 1970 00:00:00 GMT" for responses
> cached without the "Last-Modified" header which resulted in subsequent proxy
> requests being sent with "If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT"
> header.
Committed, thanks.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
On Wed, Oct 01, 2014 at 05:20:06PM -0700, Piotr Sikora wrote:
> # HG changeset patch
> # User Piotr Sikora <piotr@cloudflare.com>
> # Date 1412203733 25200
> # Wed Oct 01 15:48:53 2014 -0700
> # Node ID dbf6364ab44fcc6b5d1fbbe64c162135b18e9209
> # Parent a215d9021f137b9e2d4f69c37c7f992a2bef12c6
> Upstream: fix $upstream_cache_last_modified variable.
>
> Due to the u->headers_in.last_modified_time not being correctly initialized,
> this variable was evaluated to "Thu, 01 Jan 1970 00:00:00 GMT" for responses
> cached without the "Last-Modified" header which resulted in subsequent proxy
> requests being sent with "If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT"
> header.
Committed, thanks.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
Re: [PATCH] Fix a buffer overflow issue in ngx_hash_t when exceeding limits
Hello!
On Thu, Oct 02, 2014 at 12:32:57PM -0700, Yichun Zhang (agentzh) wrote:
> # HG changeset patch
> # User Yichun Zhang <agentzh@gmail.com>
> # Date 1412276417 25200
> # Thu Oct 02 12:00:17 2014 -0700
> # Node ID 4032b992f23b054c1a2cfb0be879330d2c6708e5
> # Parent 1ff0f68d9376e3d184d65814a6372856bf65cfcd
> Hash: buffer overflow might happen when exceeding the pre-configured limits.
Committed with the commit message modified to match style we use,
thanks.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
On Thu, Oct 02, 2014 at 12:32:57PM -0700, Yichun Zhang (agentzh) wrote:
> # HG changeset patch
> # User Yichun Zhang <agentzh@gmail.com>
> # Date 1412276417 25200
> # Thu Oct 02 12:00:17 2014 -0700
> # Node ID 4032b992f23b054c1a2cfb0be879330d2c6708e5
> # Parent 1ff0f68d9376e3d184d65814a6372856bf65cfcd
> Hash: buffer overflow might happen when exceeding the pre-configured limits.
Committed with the commit message modified to match style we use,
thanks.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
Re: Prevent buffer overrun on NGX_HTTP_REQUEST_HEADER_TOO_LARGE
Hello!
On Tue, Oct 07, 2014 at 07:11:24PM +0000, Bondarev, Daniil wrote:
> Hey Maxim,
>
> > On the other hand, looking into this more closely, I tend to think
> > that ellipsis should be always added to make it clear that the
> > header logged is incomplete.
>
> Agree, good point!
>
> Patch looks good to me, only note - you can reduce amount of lines by ngx_min,
> if you wish:
I think the code is more readable as is, without ngx_min().
The patch comitted, thanks.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
On Tue, Oct 07, 2014 at 07:11:24PM +0000, Bondarev, Daniil wrote:
> Hey Maxim,
>
> > On the other hand, looking into this more closely, I tend to think
> > that ellipsis should be always added to make it clear that the
> > header logged is incomplete.
>
> Agree, good point!
>
> Patch looks good to me, only note - you can reduce amount of lines by ngx_min,
> if you wish:
I think the code is more readable as is, without ngx_min().
The patch comitted, thanks.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
Re: [PATCH] Support cross compiling with MinGW-w64 on Debian GNU/Linux
Hello!
On Sat, Oct 04, 2014 at 07:51:56PM +0900, Kouhei Sutou wrote:
> Hi,
>
> I'm trying cross compiling nginx for Windows on Debian
> GNU/Linux. The current nginx doesn't support it.
> I created a patch to do it. With the attached patch, I can
> cross compile nginx for Windows on Debian GNU/Linux.
> Please review the attached patch.
In short: changes to ngx_wsasend_chain.c and ngx_iocp_module.c
look fine, changes to ngx_win32_config.h look wrong. See below
for more comments.
[...]
> diff --git a/src/event/modules/ngx_iocp_module.c b/src/event/modules/ngx_iocp_module.c
> --- a/src/event/modules/ngx_iocp_module.c
> +++ b/src/event/modules/ngx_iocp_module.c
> @@ -242,17 +242,17 @@ ngx_int_t ngx_iocp_process_events(ngx_cy
> ngx_event_ovlp_t *ovlp;
>
> if (timer == NGX_TIMER_INFINITE) {
> timer = INFINITE;
> }
>
> ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "iocp timer: %M", timer);
>
> - rc = GetQueuedCompletionStatus(iocp, &bytes, (LPDWORD) &key,
> + rc = GetQueuedCompletionStatus(iocp, &bytes, (PULONG_PTR) &key,
> (LPOVERLAPPED *) &ovlp, (u_long) timer);
>
> if (rc == 0) {
> err = ngx_errno;
> } else {
> err = 0;
> }
>
Looks fine, though I think it should be a separate patch.
Please see http://nginx.org/en/docs/contributing_changes.html for
hints how to make sure you'll name will be preserved in commit
history.
> diff --git a/src/os/win32/ngx_win32_config.h b/src/os/win32/ngx_win32_config.h
> --- a/src/os/win32/ngx_win32_config.h
> +++ b/src/os/win32/ngx_win32_config.h
> @@ -33,18 +33,17 @@
>
> #include <winsock2.h>
> #include <ws2tcpip.h> /* ipv6 */
> #include <mswsock.h>
> #include <shellapi.h>
> #include <stddef.h> /* offsetof() */
>
> #ifdef __GNUC__
> -/* GCC MinGW's stdio.h includes sys/types.h */
> -#define _OFF_T_
> +#define _FILE_OFFSET_BITS 64
> #endif
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <stdarg.h>
> #include <ctype.h>
> #include <locale.h>
>
> @@ -131,25 +130,31 @@ typedef int int32_t;
> typedef unsigned short int uint16_t;
> #define ngx_libc_cdecl
>
> #endif
>
> typedef __int64 int64_t;
> typedef unsigned __int64 uint64_t;
>
> -#ifndef __WATCOMC__
> +#ifdef __WATCOMC__
> +/* do nothing */
> +#elif defined(__GNUC__)
> +#include <stdint.h>
> +#else
> typedef int intptr_t;
> typedef u_int uintptr_t;
> #endif
I think that ngx_win32_config.h part needs a bit more work. In
particular, "#include <stdint.h>" should be placed with other
includes if it's needed.
> +#ifndef __GNUC__
> /* Windows defines off_t as long, which is 32-bit */
> -typedef __int64 off_t;
> -#define _OFF_T_DEFINED
> +typedef __int64 off64_t;
> +#define _OFF64_T_DEFINED
> +#endif
Defining off64_t looks very wrong for me. There is nothing in
nginx which use it, and it shouldn't be defined.
Additionally, this breaks at least compilation with MSVC.
[...]
> --- a/src/os/win32/ngx_wsasend_chain.c
> +++ b/src/os/win32/ngx_wsasend_chain.c
> @@ -29,17 +29,17 @@ ngx_wsasend_chain(ngx_connection_t *c, n
> wev = c->write;
>
> if (!wev->ready) {
> return in;
> }
>
> /* the maximum limit size is the maximum u_long value - the page size */
>
> - if (limit == 0 || limit > NGX_MAX_UINT32_VALUE - ngx_pagesize) {
> + if (limit == 0 || limit > (off_t) (NGX_MAX_UINT32_VALUE - ngx_pagesize)) {
> limit = NGX_MAX_UINT32_VALUE - ngx_pagesize;
> }
>
> send = 0;
>
> /*
> * WSABUFs must be 4-byte aligned otherwise
> * WSASend() will return undocumented WSAEINVAL error.
> @@ -151,17 +151,17 @@ ngx_overlapped_wsasend_chain(ngx_connect
> "wev->complete: %d", wev->complete);
>
> if (!wev->complete) {
>
> /* post the overlapped WSASend() */
>
> /* the maximum limit size is the maximum u_long value - the page size */
>
> - if (limit == 0 || limit > NGX_MAX_UINT32_VALUE - ngx_pagesize) {
> + if (limit == 0 || limit > (off_t) (NGX_MAX_UINT32_VALUE - ngx_pagesize)) {
> limit = NGX_MAX_UINT32_VALUE - ngx_pagesize;
> }
>
> /*
> * WSABUFs must be 4-byte aligned otherwise
> * WSASend() will return undocumented WSAEINVAL error.
> */
>
Looks fine, though should be a separate patch. See above.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
On Sat, Oct 04, 2014 at 07:51:56PM +0900, Kouhei Sutou wrote:
> Hi,
>
> I'm trying cross compiling nginx for Windows on Debian
> GNU/Linux. The current nginx doesn't support it.
> I created a patch to do it. With the attached patch, I can
> cross compile nginx for Windows on Debian GNU/Linux.
> Please review the attached patch.
In short: changes to ngx_wsasend_chain.c and ngx_iocp_module.c
look fine, changes to ngx_win32_config.h look wrong. See below
for more comments.
[...]
> diff --git a/src/event/modules/ngx_iocp_module.c b/src/event/modules/ngx_iocp_module.c
> --- a/src/event/modules/ngx_iocp_module.c
> +++ b/src/event/modules/ngx_iocp_module.c
> @@ -242,17 +242,17 @@ ngx_int_t ngx_iocp_process_events(ngx_cy
> ngx_event_ovlp_t *ovlp;
>
> if (timer == NGX_TIMER_INFINITE) {
> timer = INFINITE;
> }
>
> ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0, "iocp timer: %M", timer);
>
> - rc = GetQueuedCompletionStatus(iocp, &bytes, (LPDWORD) &key,
> + rc = GetQueuedCompletionStatus(iocp, &bytes, (PULONG_PTR) &key,
> (LPOVERLAPPED *) &ovlp, (u_long) timer);
>
> if (rc == 0) {
> err = ngx_errno;
> } else {
> err = 0;
> }
>
Looks fine, though I think it should be a separate patch.
Please see http://nginx.org/en/docs/contributing_changes.html for
hints how to make sure you'll name will be preserved in commit
history.
> diff --git a/src/os/win32/ngx_win32_config.h b/src/os/win32/ngx_win32_config.h
> --- a/src/os/win32/ngx_win32_config.h
> +++ b/src/os/win32/ngx_win32_config.h
> @@ -33,18 +33,17 @@
>
> #include <winsock2.h>
> #include <ws2tcpip.h> /* ipv6 */
> #include <mswsock.h>
> #include <shellapi.h>
> #include <stddef.h> /* offsetof() */
>
> #ifdef __GNUC__
> -/* GCC MinGW's stdio.h includes sys/types.h */
> -#define _OFF_T_
> +#define _FILE_OFFSET_BITS 64
> #endif
>
> #include <stdio.h>
> #include <stdlib.h>
> #include <stdarg.h>
> #include <ctype.h>
> #include <locale.h>
>
> @@ -131,25 +130,31 @@ typedef int int32_t;
> typedef unsigned short int uint16_t;
> #define ngx_libc_cdecl
>
> #endif
>
> typedef __int64 int64_t;
> typedef unsigned __int64 uint64_t;
>
> -#ifndef __WATCOMC__
> +#ifdef __WATCOMC__
> +/* do nothing */
> +#elif defined(__GNUC__)
> +#include <stdint.h>
> +#else
> typedef int intptr_t;
> typedef u_int uintptr_t;
> #endif
I think that ngx_win32_config.h part needs a bit more work. In
particular, "#include <stdint.h>" should be placed with other
includes if it's needed.
> +#ifndef __GNUC__
> /* Windows defines off_t as long, which is 32-bit */
> -typedef __int64 off_t;
> -#define _OFF_T_DEFINED
> +typedef __int64 off64_t;
> +#define _OFF64_T_DEFINED
> +#endif
Defining off64_t looks very wrong for me. There is nothing in
nginx which use it, and it shouldn't be defined.
Additionally, this breaks at least compilation with MSVC.
[...]
> --- a/src/os/win32/ngx_wsasend_chain.c
> +++ b/src/os/win32/ngx_wsasend_chain.c
> @@ -29,17 +29,17 @@ ngx_wsasend_chain(ngx_connection_t *c, n
> wev = c->write;
>
> if (!wev->ready) {
> return in;
> }
>
> /* the maximum limit size is the maximum u_long value - the page size */
>
> - if (limit == 0 || limit > NGX_MAX_UINT32_VALUE - ngx_pagesize) {
> + if (limit == 0 || limit > (off_t) (NGX_MAX_UINT32_VALUE - ngx_pagesize)) {
> limit = NGX_MAX_UINT32_VALUE - ngx_pagesize;
> }
>
> send = 0;
>
> /*
> * WSABUFs must be 4-byte aligned otherwise
> * WSASend() will return undocumented WSAEINVAL error.
> @@ -151,17 +151,17 @@ ngx_overlapped_wsasend_chain(ngx_connect
> "wev->complete: %d", wev->complete);
>
> if (!wev->complete) {
>
> /* post the overlapped WSASend() */
>
> /* the maximum limit size is the maximum u_long value - the page size */
>
> - if (limit == 0 || limit > NGX_MAX_UINT32_VALUE - ngx_pagesize) {
> + if (limit == 0 || limit > (off_t) (NGX_MAX_UINT32_VALUE - ngx_pagesize)) {
> limit = NGX_MAX_UINT32_VALUE - ngx_pagesize;
> }
>
> /*
> * WSABUFs must be 4-byte aligned otherwise
> * WSASend() will return undocumented WSAEINVAL error.
> */
>
Looks fine, though should be a separate patch. See above.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧
↧
Setting up Nginx with subdomain and ssl
Hello,
Could someone please tell me if there is a better way to rewrite my config file.
I have 1 domain that has got several subdomain and ssl. From what you can see all the port listening on port 80 uses the same setting and the same apply for the port 443.
Thank you very much in advance
Fred
---
server {
listen 80 default;
server_name domain1.co.uk www.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/live/httpdocs;
index index.php;
access_log /var/log/nginx/80.domain1.access.log;
error_log /var/log/nginx/80.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
include conf.d/php.conf;
include conf.d/drop.conf;
}
server {
listen 80;
server_name test.domain1.co.uk www.test.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/test/httpdocs;
index index.php;
access_log /var/log/nginx/80.test.domain1.access.log;
error_log /var/log/nginx/80.test.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
include conf.d/php.conf;
include conf.d/drop.conf;
}
server {
listen 443 default_server ssl spdy accept_filter=dataready;
server_name domain1.co.uk www.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/live/httpdocs;
index index.php;
access_log /var/log/nginx/443.domain1.access.log;
error_log /var/log/nginx/443.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
ssl_certificate /ssl_keys/example.com_ssl.crt;
ssl_certificate_key /ssl_keys/example.com_ssl.key;
include conf.d/php.conf;
include conf.d/drop.conf;
include conf.d/option-ssl
}
server {
listen 443;
server_name test.domain1.co.uk www.test.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/test/httpdocs;
index index.php;
access_log /var/log/nginx/443.test.domain1.access.log;
error_log /var/log/nginx/443.test.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
ssl_certificate /ssl_keys/example.com_ssl.crt;
ssl_certificate_key /ssl_keys/example.com_ssl.key;
include conf.d/php.conf;
include conf.d/drop.conf;
include conf.d/option-ssl
}
server {
listen 443;
server_name ossec.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/ossec/analogi;
index index.php;
access_log /var/log/nginx/443.ossec.domain1.access.log;
error_log /var/log/nginx/443.ossec.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
ssl_certificate /ssl_keys/example.com_ssl.crt;
ssl_certificate_key /ssl_keys/example.com_ssl.key;
include conf.d/php.conf;
include conf.d/drop.conf;
include conf.d/option-ssl
}
Could someone please tell me if there is a better way to rewrite my config file.
I have 1 domain that has got several subdomain and ssl. From what you can see all the port listening on port 80 uses the same setting and the same apply for the port 443.
Thank you very much in advance
Fred
---
server {
listen 80 default;
server_name domain1.co.uk www.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/live/httpdocs;
index index.php;
access_log /var/log/nginx/80.domain1.access.log;
error_log /var/log/nginx/80.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
include conf.d/php.conf;
include conf.d/drop.conf;
}
server {
listen 80;
server_name test.domain1.co.uk www.test.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/test/httpdocs;
index index.php;
access_log /var/log/nginx/80.test.domain1.access.log;
error_log /var/log/nginx/80.test.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
include conf.d/php.conf;
include conf.d/drop.conf;
}
server {
listen 443 default_server ssl spdy accept_filter=dataready;
server_name domain1.co.uk www.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/live/httpdocs;
index index.php;
access_log /var/log/nginx/443.domain1.access.log;
error_log /var/log/nginx/443.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
ssl_certificate /ssl_keys/example.com_ssl.crt;
ssl_certificate_key /ssl_keys/example.com_ssl.key;
include conf.d/php.conf;
include conf.d/drop.conf;
include conf.d/option-ssl
}
server {
listen 443;
server_name test.domain1.co.uk www.test.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/test/httpdocs;
index index.php;
access_log /var/log/nginx/443.test.domain1.access.log;
error_log /var/log/nginx/443.test.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
ssl_certificate /ssl_keys/example.com_ssl.crt;
ssl_certificate_key /ssl_keys/example.com_ssl.key;
include conf.d/php.conf;
include conf.d/drop.conf;
include conf.d/option-ssl
}
server {
listen 443;
server_name ossec.domain1.co.uk;
root /usr/local/www/webs/domain1_co_uk/ossec/analogi;
index index.php;
access_log /var/log/nginx/443.ossec.domain1.access.log;
error_log /var/log/nginx/443.ossec.domain1.error.log;
location / {
try_files $uri $uri/ /index.php;
}
location /search { limit_req zone=gulag burst=3 nodelay; rewrite ^ /index.php; }
fastcgi_intercept_errors off;
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
ssl_certificate /ssl_keys/example.com_ssl.crt;
ssl_certificate_key /ssl_keys/example.com_ssl.key;
include conf.d/php.conf;
include conf.d/drop.conf;
include conf.d/option-ssl
}
↧
Re: proxy_hide_header question
Thanks. That was it!
↧
RE: [Patch] SO_REUSEPORT support from master process
Hi Maxim,
Thanks for letting us know.
Our updated patch is located at http://forum.nginx.org/read.php?29,253446,253446#msg-253446
It supposes to address all the style issues and fixes the restart and binary upgrade issues. This is just a FYI in case you are not aware of.
Thanks,
Yingqi
-----Original Message-----
From: nginx-devel-bounces@nginx.org [mailto:nginx-devel-bounces@nginx.org] On Behalf Of Maxim Dounin
Sent: Wednesday, October 08, 2014 5:59 AM
To: nginx-devel@nginx.org
Subject: Re: [Patch] SO_REUSEPORT support from master process
Hello!
On Tue, Oct 07, 2014 at 07:32:08PM +0000, Lu, Yingqi wrote:
> Dear All,
>
> It has been quiet for a while on this patch. I am checking to see if
> there is any questions/feedbacks/concerns we need to address?
>
> Please let me know. Thanks very much for your help!
Apart from style/coding issues, I disagree with the whole approach.
As far as I understand the patch idea, it tries to introduce multiple listening sockets to avoid in-kernel lock contention.
This is something that can be done completely in kernel though, and I see no reason to introduce any changes to nginx here.
The approach previously discussed with Sepherosa Ziehau looks much more interesting.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
Thanks for letting us know.
Our updated patch is located at http://forum.nginx.org/read.php?29,253446,253446#msg-253446
It supposes to address all the style issues and fixes the restart and binary upgrade issues. This is just a FYI in case you are not aware of.
Thanks,
Yingqi
-----Original Message-----
From: nginx-devel-bounces@nginx.org [mailto:nginx-devel-bounces@nginx.org] On Behalf Of Maxim Dounin
Sent: Wednesday, October 08, 2014 5:59 AM
To: nginx-devel@nginx.org
Subject: Re: [Patch] SO_REUSEPORT support from master process
Hello!
On Tue, Oct 07, 2014 at 07:32:08PM +0000, Lu, Yingqi wrote:
> Dear All,
>
> It has been quiet for a while on this patch. I am checking to see if
> there is any questions/feedbacks/concerns we need to address?
>
> Please let me know. Thanks very much for your help!
Apart from style/coding issues, I disagree with the whole approach.
As far as I understand the patch idea, it tries to introduce multiple listening sockets to avoid in-kernel lock contention.
This is something that can be done completely in kernel though, and I see no reason to introduce any changes to nginx here.
The approach previously discussed with Sepherosa Ziehau looks much more interesting.
--
Maxim Dounin
http://nginx.org/
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
_______________________________________________
nginx-devel mailing list
nginx-devel@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel
↧