nginx 0.3.8 *) Security: nginx now checks URI got from a backend in "X-Accel-Redirect" header line or in SSI file for the "/../" paths and zeroes. *) Change: nginx now does not treat the empty user name in the "Authorization" header line as valid one. *) Feature: the "ssl_session_timeout" directives of the ngx_http_ssl_module and ngx_imap_ssl_module. *) Feature: the "auth_http_header" directive of the ngx_imap_auth_http_module. *) Feature: the "add_header" directive. *) Feature: the ngx_http_realip_module. *) Feature: the new variables to use in the "log_format" directive: $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri, $request_time, $request_length, $upstream_status, $upstream_response_time, $gzip_ratio, $uid_got, $uid_set, $connection, $pipe, and $msec. The parameters in the "%name" form will be canceled soon. *) Change: now the false variable values in the "if" directive are the empty string "" and string starting with "0". *) Bugfix: while using proxied or FastCGI-server nginx may leave connections and temporary files with client requests in open state. *) Bugfix: the worker processes did not flush the buffered logs on graceful exit. *) Bugfix: if the request URI was changes by the "rewrite" directive and the request was proxied in location given by regular expression, then the incorrect request was transferred to backend; bug appeared in 0.2.6. *) Bugfix: the "expires" directive did not remove the previous "Expires" header. *) Bugfix: nginx may stop to accept requests if the "rtsig" method and several worker processes were used. *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in SSI commands. *) Bugfix: if the response was ended just after the SSI command and gzipping was used, then the response did not transferred complete or did not transferred at all.

--- a/src/http/ngx_http_request.h
+++ b/src/http/ngx_http_request.h
@@ -40,6 +40,8 @@
 #define NGX_HTTP_PARSE_HEADER_ERROR        13
 #define NGX_HTTP_PARSE_INVALID_HEADER      13
 
+#define NGX_HTTP_ZERO_IN_URI               1
+
 
 #define NGX_HTTP_OK                        200
 #define NGX_HTTP_NO_CONTENT                204
@@ -150,10 +152,14 @@ typedef struct {
 
     ngx_table_elt_t                  *keep_alive;
 
-#if (NGX_HTTP_PROXY)
+#if (NGX_HTTP_PROXY || NGX_HTTP_REALIP)
     ngx_table_elt_t                  *x_forwarded_for;
 #endif
 
+#if (NGX_HTTP_REALIP)
+    ngx_table_elt_t                  *x_real_ip;
+#endif
+
 #if (NGX_HTTP_HEADERS)
     ngx_table_elt_t                  *accept;
     ngx_table_elt_t                  *accept_language;
@@ -320,7 +326,7 @@ struct ngx_http_request_s {
     ngx_http_handler_pt               content_handler;
     ngx_uint_t                        access_code;
 
-    ngx_http_variable_value_t       **variables;
+    ngx_http_variable_value_t        *variables;
 
     size_t                            limit_rate;
 
@@ -366,6 +372,16 @@ struct ngx_http_request_s {
     unsigned                          bypass_cache:1;
     unsigned                          no_cache:1;
 
+#if (NGX_HTTP_REALIP)
+
+    /*
+     * instead of using the request context data in ngx_http_realip_module
+     * we use the single bit in the request structure
+     */
+    unsigned                          realip_set:1;
+
+#endif
+
 #if 0
     unsigned                          cachable:1;
 #endif