Mercurial > hg > nginx-ranges
comparison src/http/ngx_http_parse.c @ 520:24b676623d4f NGINX_0_8_7
nginx 0.8.7
*) Change: minimum supported OpenSSL version is 0.9.7.
*) Change: the "ask" parameter of the "ssl_verify_client" directive was
changed to the "optional" parameter and now it checks a client
certificate if it was offered.
Thanks to Brice Figureau.
*) Feature: the $ssl_client_verify variable.
Thanks to Brice Figureau.
*) Feature: the "ssl_crl" directive.
Thanks to Brice Figureau.
*) Feature: the "proxy" parameter of the "geo" directive.
*) Feature: the "image_filter" directive supports variables for setting
size.
*) Bugfix: the $ssl_client_cert variable usage corrupted memory; the
bug had appeared in 0.7.7.
Thanks to Sergey Zhuravlev.
*) Bugfix: "proxy_pass_header" and "fastcgi_pass_header" directives did
not pass to a client the "X-Accel-Redirect", "X-Accel-Limit-Rate",
"X-Accel-Buffering", and "X-Accel-Charset" lines from backend
response header.
Thanks to Maxim Dounin.
*) Bugfix: in handling "Last-Modified" and "Accept-Ranges" backend
response header lines; the bug had appeared in 0.7.44.
Thanks to Maxim Dounin.
*) Bugfix: the "[alert] zero size buf" error if subrequest returns an
empty response; the bug had appeared in 0.8.5.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 27 Jul 2009 00:00:00 +0400 |
parents | e8b686f230a8 |
children | 80f7156c2965 |
comparison
equal
deleted
inserted
replaced
519:41f4e459ace8 | 520:24b676623d4f |
---|---|
948 enum { | 948 enum { |
949 sw_usual = 0, | 949 sw_usual = 0, |
950 sw_slash, | 950 sw_slash, |
951 sw_dot, | 951 sw_dot, |
952 sw_dot_dot, | 952 sw_dot_dot, |
953 #if (NGX_WIN32) | |
954 sw_dot_dot_dot, | |
955 #endif | |
956 sw_quoted, | 953 sw_quoted, |
957 sw_quoted_second | 954 sw_quoted_second |
958 } state, quoted_state; | 955 } state, quoted_state; |
959 | 956 |
960 #if (NGX_SUPPRESS_WARN) | 957 #if (NGX_SUPPRESS_WARN) |
1152 case '?': | 1149 case '?': |
1153 r->args_start = p; | 1150 r->args_start = p; |
1154 goto args; | 1151 goto args; |
1155 case '#': | 1152 case '#': |
1156 goto done; | 1153 goto done; |
1157 #if (NGX_WIN32) | |
1158 case '.': | |
1159 state = sw_dot_dot_dot; | |
1160 *u++ = ch; | |
1161 break; | |
1162 #endif | |
1163 case '+': | 1154 case '+': |
1164 r->plus_in_uri = 1; | 1155 r->plus_in_uri = 1; |
1165 default: | 1156 default: |
1166 state = sw_usual; | 1157 state = sw_usual; |
1167 *u++ = ch; | 1158 *u++ = ch; |
1168 break; | 1159 break; |
1169 } | 1160 } |
1170 | 1161 |
1171 ch = *p++; | 1162 ch = *p++; |
1172 break; | 1163 break; |
1173 | |
1174 #if (NGX_WIN32) | |
1175 case sw_dot_dot_dot: | |
1176 | |
1177 if (usual[ch >> 5] & (1 << (ch & 0x1f))) { | |
1178 state = sw_usual; | |
1179 *u++ = ch; | |
1180 ch = *p++; | |
1181 break; | |
1182 } | |
1183 | |
1184 switch(ch) { | |
1185 case '\\': | |
1186 case '/': | |
1187 state = sw_slash; | |
1188 u -= 5; | |
1189 if (u < r->uri.data) { | |
1190 return NGX_HTTP_PARSE_INVALID_REQUEST; | |
1191 } | |
1192 while (*u != '/') { | |
1193 u--; | |
1194 } | |
1195 if (u < r->uri.data) { | |
1196 return NGX_HTTP_PARSE_INVALID_REQUEST; | |
1197 } | |
1198 while (*(u - 1) != '/') { | |
1199 u--; | |
1200 } | |
1201 break; | |
1202 case '%': | |
1203 quoted_state = state; | |
1204 state = sw_quoted; | |
1205 break; | |
1206 case '?': | |
1207 r->args_start = p; | |
1208 goto args; | |
1209 case '#': | |
1210 goto done; | |
1211 case '+': | |
1212 r->plus_in_uri = 1; | |
1213 default: | |
1214 state = sw_usual; | |
1215 *u++ = ch; | |
1216 break; | |
1217 } | |
1218 | |
1219 ch = *p++; | |
1220 break; | |
1221 #endif | |
1222 | 1164 |
1223 case sw_quoted: | 1165 case sw_quoted: |
1224 r->quoted_uri = 1; | 1166 r->quoted_uri = 1; |
1225 | 1167 |
1226 if (ch >= '0' && ch <= '9') { | 1168 if (ch >= '0' && ch <= '9') { |
1367 /* detect "/../" */ | 1309 /* detect "/../" */ |
1368 | 1310 |
1369 if (p[0] == '.' && p[1] == '.' && ngx_path_separator(p[2])) { | 1311 if (p[0] == '.' && p[1] == '.' && ngx_path_separator(p[2])) { |
1370 goto unsafe; | 1312 goto unsafe; |
1371 } | 1313 } |
1372 | |
1373 #if (NGX_WIN32) | |
1374 | |
1375 if (len > 3) { | |
1376 | |
1377 /* detect "/.../" */ | |
1378 | |
1379 if (p[0] == '.' && p[1] == '.' && p[2] == '.' | |
1380 && ngx_path_separator(p[3])) | |
1381 { | |
1382 goto unsafe; | |
1383 } | |
1384 } | |
1385 #endif | |
1386 } | 1314 } |
1387 } | 1315 } |
1388 | 1316 |
1389 return NGX_OK; | 1317 return NGX_OK; |
1390 | 1318 |