nginx-vendor-current: src/http/ngx_http_core

comparison src/http/ngx_http_core_module.c @ 662:e5fa0a4a7d27 NGINX_1_1_15

nginx 1.1.15 *) Feature: the "disable_symlinks" directive. *) Feature: the "proxy_cookie_domain" and "proxy_cookie_path" directives. *) Bugfix: nginx might log incorrect error "upstream prematurely closed connection" instead of correct "upstream sent too big header" one. Thanks to Feibo Li. *) Bugfix: nginx could not be built with the ngx_http_perl_module if the --with-openssl option was used. *) Bugfix: internal redirects to named locations were not limited. *) Bugfix: calling $r->flush() multiple times might cause errors in the ngx_http_gzip_filter_module. *) Bugfix: temporary files might be not removed if the "proxy_store" directive were used with SSI includes. *) Bugfix: in some cases non-cacheable variables (such as the $args variable) returned old empty cached value. *) Bugfix: a segmentation fault might occur in a worker process if too many SSI subrequests were issued simultaneously; the bug had appeared in 0.7.25.

author	Igor Sysoev <http://sysoev.ru>
date	Wed, 15 Feb 2012 00:00:00 +0400
parents	d0f7a625f27c
children	f5b859b2f097

comparison

equal deleted inserted replaced

-:b49c1751031c
+:e5fa0a4a7d27
 static ngx_str_t  ngx_http_gzip_private = ngx_string("private");
 #endif
+#if (NGX_HAVE_OPENAT)
+static ngx_conf_enum_t  ngx_http_core_disable_symlinks[] = {
+{ ngx_string("off"), NGX_DISABLE_SYMLINKS_OFF },
+{ ngx_string("if_not_owner"), NGX_DISABLE_SYMLINKS_NOTOWNER },
+{ ngx_string("on"), NGX_DISABLE_SYMLINKS_ON },
+{ ngx_null_string, 0 }
+};
+#endif
 static ngx_command_t  ngx_http_core_commands[] = {
 { ngx_string("variables_hash_max_size"),
 NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
 ngx_conf_set_num_slot,
 NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_1MORE,
 ngx_http_gzip_disable,
 NGX_HTTP_LOC_CONF_OFFSET,
 0,
 NULL },
+#endif
+#if (NGX_HAVE_OPENAT)
+{ ngx_string("disable_symlinks"),
+NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_LOC_CONF|NGX_CONF_TAKE1,
+ngx_conf_set_enum_slot,
+NGX_HTTP_LOC_CONF_OFFSET,
+offsetof(ngx_http_core_loc_conf_t, disable_symlinks),
+&ngx_http_core_disable_symlinks },
 #endif
 ngx_null_command
 };
 of.valid = clcf->open_file_cache_valid;
 of.min_uses = clcf->open_file_cache_min_uses;
 of.test_only = 1;
 of.errors = clcf->open_file_cache_errors;
 of.events = clcf->open_file_cache_events;
+#if (NGX_HAVE_OPENAT)
+of.disable_symlinks = clcf->disable_symlinks;
+#endif
 if (ngx_open_cached_file(clcf->open_file_cache, &path, &of, r->pool)
 != NGX_OK)
 {
 if (of.err != NGX_ENOENT
 tp = ngx_timeofday();
 sr->start_sec = tp->sec;
 sr->start_msec = tp->msec;
-r->main->subrequests++;
 r->main->count++;
 *psr = sr;
 return ngx_http_post_request(sr, NULL);
 ngx_http_core_srv_conf_t    *cscf;
 ngx_http_core_loc_conf_t   **clcfp;
 ngx_http_core_main_conf_t   *cmcf;
 r->main->count++;
+r->uri_changes--;
+if (r->uri_changes == 0) {
+ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
+"rewrite or internal redirection cycle "
+"while redirect to named location \"%V\"", name);
+ngx_http_finalize_request(r, NGX_HTTP_INTERNAL_SERVER_ERROR);
+return NGX_DONE;
+}
 cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module);
 if (cscf->named_locations) {
 #if (NGX_HTTP_DEGRADATION)
 clcf->gzip_disable_degradation = 3;
 #endif
 #endif
+#if (NGX_HAVE_OPENAT)
+clcf->disable_symlinks = NGX_CONF_UNSET_UINT;
+#endif
 return clcf;
 }
 static ngx_str_t  ngx_http_core_text_html_type = ngx_string("text/html");
 }
 #endif
 #endif
+#if (NGX_HAVE_OPENAT)
+ngx_conf_merge_uint_value(conf->disable_symlinks, prev->disable_symlinks,
+NGX_DISABLE_SYMLINKS_OFF);
+#endif
 return NGX_CONF_OK;
 }
 static char *
 if (p > s.data) {
 s.len = p - s.data;
 lsopt.tcp_keepidle = ngx_parse_time(&s, 1);
-if (lsopt.tcp_keepidle == NGX_ERROR) {
+if (lsopt.tcp_keepidle == (time_t) NGX_ERROR) {
 goto invalid_so_keepalive;
 }
 }
 s.data = (p < end) ? (p + 1) : end;
 if (p > s.data) {
 s.len = p - s.data;
 lsopt.tcp_keepintvl = ngx_parse_time(&s, 1);
-if (lsopt.tcp_keepintvl == NGX_ERROR) {
+if (lsopt.tcp_keepintvl == (time_t) NGX_ERROR) {
 goto invalid_so_keepalive;
 }
 }
 s.data = (p < end) ? (p + 1) : end;
 s.len = value[i].len - 9;
 s.data = value[i].data + 9;
 inactive = ngx_parse_time(&s, 1);
-if (inactive < 0) {
+if (inactive == (time_t) NGX_ERROR) {
 goto failed;
 }
 continue;
 }
 if (clcf->keepalive_timeout == (ngx_msec_t) NGX_ERROR) {
 return "invalid value";
 }
-if (clcf->keepalive_timeout == (ngx_msec_t) NGX_PARSE_LARGE_TIME) {
-return "value must be less than 597 hours";
-}
 if (cf->args->nelts == 2) {
 return NGX_CONF_OK;
 }
 clcf->keepalive_header = ngx_parse_time(&value[2], 1);
-if (clcf->keepalive_header == NGX_ERROR) {
+if (clcf->keepalive_header == (time_t) NGX_ERROR) {
 return "invalid value";
-}
-if (clcf->keepalive_header == NGX_PARSE_LARGE_TIME) {
-return "value must be less than 68 years";
 }
 return NGX_CONF_OK;
 }

Mercurial > hg > nginx-vendor-current

comparison src/http/ngx_http_core_module.c @ 662:e5fa0a4a7d27 NGINX_1_1_15