changeset 570:8246d8a2c2be NGINX_0_8_37

nginx 0.8.37 *) Feature: the ngx_http_split_clients_module. *) Feature: the "map" directive supports keys more than 255 characters. *) Bugfix: nginx ignored the "private" and "no-store" values in the "Cache-Control" backend response header line. *) Bugfix: a "stub" parameter of an "include" SSI directive was not used, if empty response has 200 status code. *) Bugfix: if a proxied or FastCGI request was internally redirected to another proxied or FastCGI location, then a segmentation fault might occur in a worker process; the bug had appeared in 0.8.33. Thanks to Yichun Zhang. *) Bugfix: IMAP connections may hang until they timed out while talking to Zimbra server. Thanks to Alan Batie.
author Igor Sysoev <http://sysoev.ru>
date Mon, 17 May 2010 00:00:00 +0400
parents 19b134bf21c0
children 5b59e716792b
files CHANGES CHANGES.ru auto/modules auto/options auto/sources src/core/nginx.c src/core/nginx.h src/core/ngx_conf_file.c src/core/ngx_file.c src/core/ngx_hash.c src/core/ngx_hash.h src/core/ngx_log.c src/core/ngx_output_chain.c src/core/ngx_string.c src/core/ngx_string.h src/event/ngx_event_openssl.c src/http/modules/ngx_http_auth_basic_module.c src/http/modules/ngx_http_autoindex_module.c src/http/modules/ngx_http_empty_gif_module.c src/http/modules/ngx_http_fastcgi_module.c src/http/modules/ngx_http_gzip_filter_module.c src/http/modules/ngx_http_gzip_static_module.c src/http/modules/ngx_http_headers_filter_module.c src/http/modules/ngx_http_image_filter_module.c src/http/modules/ngx_http_log_module.c src/http/modules/ngx_http_memcached_module.c src/http/modules/ngx_http_proxy_module.c src/http/modules/ngx_http_range_filter_module.c src/http/modules/ngx_http_referer_module.c src/http/modules/ngx_http_split_clients_module.c src/http/modules/ngx_http_ssi_filter_module.c src/http/modules/ngx_http_ssl_module.c src/http/modules/ngx_http_stub_status_module.c src/http/modules/ngx_http_userid_filter_module.c src/http/modules/ngx_http_xslt_filter_module.c src/http/modules/perl/nginx.pm src/http/modules/perl/ngx_http_perl_module.c src/http/ngx_http_copy_filter_module.c src/http/ngx_http_core_module.c src/http/ngx_http_header_filter_module.c src/http/ngx_http_script.c src/http/ngx_http_special_response.c src/http/ngx_http_upstream.c src/http/ngx_http_variables.c src/mail/ngx_mail_auth_http_module.c src/mail/ngx_mail_imap_handler.c src/mail/ngx_mail_pop3_handler.c src/mail/ngx_mail_proxy_module.c src/mail/ngx_mail_smtp_handler.c src/mail/ngx_mail_ssl_module.c
diffstat 50 files changed, 506 insertions(+), 332 deletions(-) [+]
line wrap: on
line diff
--- a/CHANGES
+++ b/CHANGES
@@ -1,4 +1,26 @@
 
+Changes with nginx 0.8.37                                        17 May 2010
+
+    *) Feature: the ngx_http_split_clients_module.
+
+    *) Feature: the "map" directive supports keys more than 255 characters.
+
+    *) Bugfix: nginx ignored the "private" and "no-store" values in the 
+       "Cache-Control" backend response header line.
+
+    *) Bugfix: a "stub" parameter of an "include" SSI directive was not 
+       used, if empty response has 200 status code.
+
+    *) Bugfix: if a proxied or FastCGI request was internally redirected to 
+       another proxied or FastCGI location, then a segmentation fault might 
+       occur in a worker process; the bug had appeared in 0.8.33.
+       Thanks to Yichun Zhang.
+
+    *) Bugfix: IMAP connections may hang until they timed out while talking 
+       to Zimbra server.
+       Thanks to Alan Batie.
+
+
 Changes with nginx 0.8.36                                        22 Apr 2010
 
     *) Bugfix: the ngx_http_dav_module handled incorrectly the DELETE, 
--- a/CHANGES.ru
+++ b/CHANGES.ru
@@ -1,4 +1,27 @@
 
+Изменения в nginx 0.8.37                                          17.05.2010
+
+    *) Добавление: модуль ngx_http_split_clients_module.
+
+    *) Добавление: директива map поддерживает ключи больше 255 символов.
+
+    *) Исправление: nginx игнорировал значения "private" и "no-store" в 
+       строке "Cache-Control" в заголовке ответа бэкенда.
+
+    *) Исправление: параметр stub в SSI-директиве include не использовался, 
+       если пустой ответ имел код 200.
+
+    *) Исправление: если проксированный или FastCGI запрос внутренне 
+       перенаправлялся в другой проксированный или FastCGI location, то в 
+       рабочем процессе мог произойти segmentation fault; ошибка появилась 
+       в 0.8.33.
+       Спасибо Yichun Zhang.
+
+    *) Исправление: соединения IMAP к серверу Zimbra могло зависнуть до 
+       таймаута.
+       Спасибо Alan Batie.
+
+
 Изменения в nginx 0.8.36                                          22.04.2010
 
     *) Исправление: модуль ngx_http_dav_module неправильно обрабатывал 
@@ -349,7 +372,7 @@
        --error-log-path; ошибка появилась в 0.7.53.
 
     *) Исправление: nginx не считал запятую разделителем в строке 
-       "Cache-Control" в строке заголовка бэкенда.
+       "Cache-Control" в заголовке ответа бэкенда.
 
     *) Исправление: nginx/Windows мог не создать временный файл, файл в 
        кэше или файл с помощью директив proxy/fastcgi_store, если рабочий 
--- a/auto/modules
+++ b/auto/modules
@@ -139,7 +139,6 @@ if [ $HTTP_SSI = YES ]; then
 fi
 
 if [ $HTTP_CHARSET = YES ]; then
-    have=NGX_HTTP_CHARSET . auto/have
     HTTP_FILTER_MODULES="$HTTP_FILTER_MODULES $HTTP_CHARSET_FILTER_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_CHARSET_SRCS"
 fi
@@ -186,7 +185,6 @@ if [ $HTTP_DAV = YES ]; then
 fi
 
 if [ $HTTP_AUTOINDEX = YES ]; then
-    have=NGX_HTTP_AUTOINDEX . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_AUTOINDEX_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_AUTOINDEX_SRCS"
 fi
@@ -194,13 +192,11 @@ fi
 HTTP_MODULES="$HTTP_MODULES $HTTP_INDEX_MODULE"
 
 if [ $HTTP_RANDOM_INDEX = YES ]; then
-    have=NGX_HTTP_RANDOM_INDEX . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_RANDOM_INDEX_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_RANDOM_INDEX_SRCS"
 fi
 
 if [ $HTTP_AUTH_BASIC = YES ]; then
-    have=NGX_HTTP_AUTH_BASIC . auto/have
     have=NGX_CRYPT . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_AUTH_BASIC_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_AUTH_BASIC_SRCS"
@@ -208,7 +204,6 @@ if [ $HTTP_AUTH_BASIC = YES ]; then
 fi
 
 if [ $HTTP_ACCESS = YES ]; then
-    have=NGX_HTTP_ACCESS . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_ACCESS_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_ACCESS_SRCS"
 fi
@@ -230,7 +225,6 @@ if [ $HTTP_REALIP = YES ]; then
 fi
 
 if [ $HTTP_STATUS = YES ]; then
-    have=NGX_HTTP_STATUS . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_STATUS_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_STATUS_SRCS"
 fi
@@ -242,24 +236,26 @@ if [ $HTTP_GEO = YES ]; then
 fi
 
 if [ $HTTP_GEOIP = YES ]; then
-    have=NGX_HTTP_GEOIP . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_GEOIP_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_GEOIP_SRCS"
 fi
 
 if [ $HTTP_MAP = YES ]; then
-    have=NGX_HTTP_MAP . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_MAP_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_MAP_SRCS"
 fi
 
+if [ $HTTP_SPLIT_CLIENTS = YES ]; then
+    HTTP_MODULES="$HTTP_MODULES $HTTP_SPLIT_CLIENTS_MODULE"
+    HTTP_SRCS="$HTTP_SRCS $HTTP_SPLIT_CLIENTS_SRCS"
+fi
+
 if [ $HTTP_REFERER = YES ]; then
     HTTP_MODULES="$HTTP_MODULES $HTTP_REFERER_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_REFERER_SRCS"
 fi
 
 if [ $HTTP_REWRITE = YES -a $USE_PCRE != DISABLED ]; then
-    have=NGX_HTTP_REWRITE . auto/have
     USE_PCRE=YES
     HTTP_MODULES="$HTTP_MODULES $HTTP_REWRITE_MODULE"
     HTTP_SRCS="$HTTP_SRCS $HTTP_REWRITE_SRCS"
@@ -288,7 +284,6 @@ fi
 
 if [ $HTTP_PERL = YES ]; then
     USE_PERL=YES
-    have=NGX_HTTP_PERL . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_PERL_MODULE"
     HTTP_INCS="$HTTP_INCS $HTTP_PERL_INCS"
     HTTP_DEPS="$HTTP_DEPS $HTTP_PERL_DEPS"
--- a/auto/options
+++ b/auto/options
@@ -74,6 +74,7 @@ HTTP_STATUS=NO
 HTTP_GEO=YES
 HTTP_GEOIP=NO
 HTTP_MAP=YES
+HTTP_SPLIT_CLIENTS=YES
 HTTP_REFERER=YES
 HTTP_REWRITE=YES
 HTTP_PROXY=YES
@@ -209,6 +210,7 @@ do
         --without-http_status_module)    HTTP_STATUS=NO             ;;
         --without-http_geo_module)       HTTP_GEO=NO                ;;
         --without-http_map_module)       HTTP_MAP=NO                ;;
+        --without-http_split_clients_module) HTTP_SPLIT_CLIENTS=NO  ;;
         --without-http_referer_module)   HTTP_REFERER=NO            ;;
         --without-http_rewrite_module)   HTTP_REWRITE=NO            ;;
         --without-http_proxy_module)     HTTP_PROXY=NO              ;;
@@ -341,6 +343,7 @@ cat << END
   --without-http_autoindex_module    disable ngx_http_autoindex_module
   --without-http_geo_module          disable ngx_http_geo_module
   --without-http_map_module          disable ngx_http_map_module
+  --without-http_split_clients_module disable ngx_http_split_clients_module
   --without-http_referer_module      disable ngx_http_referer_module
   --without-http_rewrite_module      disable ngx_http_rewrite_module
   --without-http_proxy_module        disable ngx_http_proxy_module
--- a/auto/sources
+++ b/auto/sources
@@ -387,6 +387,10 @@ HTTP_MAP_MODULE=ngx_http_map_module
 HTTP_MAP_SRCS=src/http/modules/ngx_http_map_module.c
 
 
+HTTP_SPLIT_CLIENTS_MODULE=ngx_http_split_clients_module
+HTTP_SPLIT_CLIENTS_SRCS=src/http/modules/ngx_http_split_clients_module.c
+
+
 HTTP_REFERER_MODULE=ngx_http_referer_module
 HTTP_REFERER_SRCS=src/http/modules/ngx_http_referer_module.c
 
--- a/src/core/nginx.c
+++ b/src/core/nginx.c
@@ -859,14 +859,11 @@ ngx_process_options(ngx_cycle_t *cycle)
 #else
 
 #ifdef NGX_CONF_PREFIX
-        cycle->conf_prefix.len = sizeof(NGX_CONF_PREFIX) - 1;
-        cycle->conf_prefix.data = (u_char *) NGX_CONF_PREFIX;
+        ngx_str_set(&cycle->conf_prefix, NGX_CONF_PREFIX);
 #else
-        cycle->conf_prefix.len = sizeof(NGX_PREFIX) - 1;
-        cycle->conf_prefix.data = (u_char *) NGX_PREFIX;
+        ngx_str_set(&cycle->conf_prefix, NGX_PREFIX);
 #endif
-        cycle->prefix.len = sizeof(NGX_PREFIX) - 1;
-        cycle->prefix.data = (u_char *) NGX_PREFIX;
+        ngx_str_set(&cycle->prefix, NGX_PREFIX);
 
 #endif
     }
@@ -876,8 +873,7 @@ ngx_process_options(ngx_cycle_t *cycle)
         cycle->conf_file.data = ngx_conf_file;
 
     } else {
-        cycle->conf_file.len = sizeof(NGX_CONF_PATH) - 1;
-        cycle->conf_file.data = (u_char *) NGX_CONF_PATH;
+        ngx_str_set(&cycle->conf_file, NGX_CONF_PATH);
     }
 
     if (ngx_conf_full_name(cycle, &cycle->conf_file, 0) != NGX_OK) {
@@ -993,8 +989,7 @@ ngx_core_module_init_conf(ngx_cycle_t *c
 
 
     if (ccf->pid.len == 0) {
-        ccf->pid.len = sizeof(NGX_PID_PATH) - 1;
-        ccf->pid.data = (u_char *) NGX_PID_PATH;
+        ngx_str_set(&ccf->pid, NGX_PID_PATH);
     }
 
     if (ngx_conf_full_name(cycle, &ccf->pid, 0) != NGX_OK) {
@@ -1042,8 +1037,7 @@ ngx_core_module_init_conf(ngx_cycle_t *c
 
 
     if (ccf->lock_file.len == 0) {
-        ccf->lock_file.len = sizeof(NGX_LOCK_PATH) - 1;
-        ccf->lock_file.data = (u_char *) NGX_LOCK_PATH;
+        ngx_str_set(&ccf->lock_file, NGX_LOCK_PATH);
     }
 
     if (ngx_conf_full_name(cycle, &ccf->lock_file, 0) != NGX_OK) {
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@@ -8,8 +8,8 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define nginx_version         8036
-#define NGINX_VERSION      "0.8.36"
+#define nginx_version         8037
+#define NGINX_VERSION      "0.8.37"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 
 #define NGINX_VAR          "NGINX"
--- a/src/core/ngx_conf_file.c
+++ b/src/core/ngx_conf_file.c
@@ -903,8 +903,7 @@ ngx_conf_open_file(ngx_cycle_t *cycle, n
     ngx_open_file_t  *file;
 
 #if (NGX_SUPPRESS_WARN)
-    full.len = 0;
-    full.data = NULL;
+    ngx_str_null(&full);
 #endif
 
     if (name->len) {
--- a/src/core/ngx_file.c
+++ b/src/core/ngx_file.c
@@ -825,8 +825,7 @@ ngx_walk_tree(ngx_tree_ctx_t *ctx, ngx_s
     ngx_str_t   file, buf;
     ngx_dir_t   dir;
 
-    buf.len = 0;
-    buf.data = NULL;
+    ngx_str_null(&buf);
 
     ngx_log_debug1(NGX_LOG_DEBUG_CORE, ctx->log, 0,
                    "walk tree \"%V\"", tree);
--- a/src/core/ngx_hash.c
+++ b/src/core/ngx_hash.c
@@ -245,7 +245,7 @@ ngx_hash_find_combined(ngx_hash_combined
 
 
 #define NGX_HASH_ELT_SIZE(name)                                               \
-    (sizeof(void *) + ngx_align((name)->key.len + 1, sizeof(void *)))
+    (sizeof(void *) + ngx_align((name)->key.len + 2, sizeof(void *)))
 
 ngx_int_t
 ngx_hash_init(ngx_hash_init_t *hinit, ngx_hash_key_t *names, ngx_uint_t nelts)
@@ -257,14 +257,6 @@ ngx_hash_init(ngx_hash_init_t *hinit, ng
     ngx_hash_elt_t  *elt, **buckets;
 
     for (n = 0; n < nelts; n++) {
-        if (names[n].key.len >= 255) {
-            ngx_log_error(NGX_LOG_EMERG, hinit->pool->log, 0,
-                          "the \"%V\" value to hash is to long: %uz bytes, "
-                          "the maximum length can be 255 bytes only",
-                          &names[n].key, names[n].key.len);
-            return NGX_ERROR;
-        }
-
         if (hinit->bucket_size < NGX_HASH_ELT_SIZE(&names[n]) + sizeof(void *))
         {
             ngx_log_error(NGX_LOG_EMERG, hinit->pool->log, 0,
@@ -406,7 +398,7 @@ found:
         elt = (ngx_hash_elt_t *) ((u_char *) buckets[key] + test[key]);
 
         elt->value = names[n].value;
-        elt->len = (u_char) names[n].key.len;
+        elt->len = (u_short) names[n].key.len;
 
         ngx_strlow(elt->name, names[n].key.data, names[n].key.len);
 
--- a/src/core/ngx_hash.h
+++ b/src/core/ngx_hash.h
@@ -14,7 +14,7 @@
 
 typedef struct {
     void             *value;
-    u_char            len;
+    u_short           len;
     u_char            name[1];
 } ngx_hash_elt_t;
 
--- a/src/core/ngx_log.c
+++ b/src/core/ngx_log.c
@@ -429,8 +429,7 @@ ngx_error_log(ngx_conf_t *cf, ngx_comman
     value = cf->args->elts;
 
     if (ngx_strcmp(value[1].data, "stderr") == 0) {
-        name.len = 0;
-        name.data = NULL;
+        ngx_str_null(&name);
 
     } else {
         name = value[1];
--- a/src/core/ngx_output_chain.c
+++ b/src/core/ngx_output_chain.c
@@ -465,10 +465,7 @@ ngx_output_chain_copy_buf(ngx_output_cha
     dst = ctx->buf;
 
     size = ngx_buf_size(src);
-
-    if (size > dst->end - dst->pos) {
-        size = dst->end - dst->pos;
-    }
+    size = ngx_min(size, dst->end - dst->pos);
 
     sendfile = ctx->sendfile & !ctx->directio;
 
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -75,7 +75,7 @@ ngx_pstrdup(ngx_pool_t *pool, ngx_str_t 
  *    %[0][width][u][x|X]D      int32_t/uint32_t
  *    %[0][width][u][x|X]L      int64_t/uint64_t
  *    %[0][width|m][u][x|X]A    ngx_atomic_int_t/ngx_atomic_uint_t
- *    %[0][width][.width]f      float
+ *    %[0][width][.width]f      double, max valid number fits to %18.15f
  *    %P                        ngx_pid_t
  *    %M                        ngx_msec_t
  *    %r                        rlim_t
@@ -143,7 +143,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
 {
     u_char                *p, zero;
     int                    d;
-    float                  f, scale;
+    double                 f, scale;
     size_t                 len, slen;
     int64_t                i64;
     uint64_t               ui64;
@@ -229,9 +229,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
             case 'V':
                 v = va_arg(args, ngx_str_t *);
 
-                len = v->len;
-                len = (buf + len < last) ? len : (size_t) (last - buf);
-
+                len = ngx_min(((size_t) (last - buf)), v->len);
                 buf = ngx_cpymem(buf, v->data, len);
                 fmt++;
 
@@ -240,9 +238,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
             case 'v':
                 vv = va_arg(args, ngx_variable_value_t *);
 
-                len = vv->len;
-                len = (buf + len < last) ? len : (size_t) (last - buf);
-
+                len = ngx_min(((size_t) (last - buf)), vv->len);
                 buf = ngx_cpymem(buf, vv->data, len);
                 fmt++;
 
@@ -257,8 +253,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
                     }
 
                 } else {
-                    len = (buf + slen < last) ? slen : (size_t) (last - buf);
-
+                    len = ngx_min(((size_t) (last - buf)), slen);
                     buf = ngx_cpymem(buf, p, len);
                 }
 
@@ -359,7 +354,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
                 break;
 
             case 'f':
-                f = (float) va_arg(args, double);
+                f = va_arg(args, double);
 
                 if (f < 0) {
                     *buf++ = '-';
@@ -386,7 +381,7 @@ ngx_vslprintf(u_char *buf, u_char *last,
                      * (int64_t) cast is required for msvc6:
                      * it can not convert uint64_t to double
                      */
-                    ui64 = (uint64_t) ((f - (int64_t) ui64) * scale);
+                    ui64 = (uint64_t) ((f - (int64_t) ui64) * scale + 0.5);
 
                     buf = ngx_sprintf_num(buf, last, ui64, '0', 0, frac_width);
                 }
@@ -877,6 +872,56 @@ ngx_atoi(u_char *line, size_t n)
 }
 
 
+/* parse a fixed point number, e.g., ngx_atofp("10.5", 4, 2) returns 1050 */
+
+ngx_int_t
+ngx_atofp(u_char *line, size_t n, size_t point)
+{
+    ngx_int_t   value;
+    ngx_uint_t  dot;
+
+    if (n == 0) {
+        return NGX_ERROR;
+    }
+
+    dot = 0;
+
+    for (value = 0; n--; line++) {
+
+        if (point == 0) {
+            return NGX_ERROR;
+        }
+
+        if (*line == '.') {
+            if (dot) {
+                return NGX_ERROR;
+            }
+
+            dot = 1;
+            continue;
+        }
+
+        if (*line < '0' || *line > '9') {
+            return NGX_ERROR;
+        }
+
+        value = value * 10 + (*line - '0');
+        point -= dot;
+    }
+
+    while (point--) {
+        value = value * 10;
+    }
+
+    if (value < 0) {
+        return NGX_ERROR;
+
+    } else {
+        return value;
+    }
+}
+
+
 ssize_t
 ngx_atosz(u_char *line, size_t n)
 {
--- a/src/core/ngx_string.h
+++ b/src/core/ngx_string.h
@@ -38,6 +38,9 @@ typedef struct {
 
 #define ngx_string(str)     { sizeof(str) - 1, (u_char *) str }
 #define ngx_null_string     { 0, NULL }
+#define ngx_str_set(str, text)                                               \
+    (str)->len = sizeof(text) - 1; (str)->data = (u_char *) text
+#define ngx_str_null(str)   (str)->len = 0; (str)->data = NULL
 
 
 #define ngx_tolower(c)      (u_char) ((c >= 'A' && c <= 'Z') ? (c | 0x20) : c)
@@ -161,6 +164,7 @@ ngx_int_t ngx_memn2cmp(u_char *s1, u_cha
 ngx_int_t ngx_dns_strcmp(u_char *s1, u_char *s2);
 
 ngx_int_t ngx_atoi(u_char *line, size_t n);
+ngx_int_t ngx_atofp(u_char *line, size_t n, size_t point);
 ssize_t ngx_atosz(u_char *line, size_t n);
 off_t ngx_atoof(u_char *line, size_t n);
 time_t ngx_atotm(u_char *line, size_t n);
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
@@ -2234,21 +2234,17 @@ ngx_ssl_get_client_verify(ngx_connection
     X509  *cert;
 
     if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) {
-        s->len = sizeof("FAILED") - 1;
-        s->data = (u_char *) "FAILED";
-
+        ngx_str_set(s, "FAILED");
         return NGX_OK;
     }
 
     cert = SSL_get_peer_certificate(c->ssl->connection);
 
     if (cert) {
-        s->len = sizeof("SUCCESS") - 1;
-        s->data = (u_char *) "SUCCESS";
+        ngx_str_set(s, "SUCCESS");
 
     } else {
-        s->len = sizeof("NONE") - 1;
-        s->data = (u_char *) "NONE";
+        ngx_str_set(s, "NONE");
     }
 
     X509_free(cert);
--- a/src/http/modules/ngx_http_auth_basic_module.c
+++ b/src/http/modules/ngx_http_auth_basic_module.c
@@ -348,8 +348,7 @@ ngx_http_auth_basic_set_realm(ngx_http_r
     }
 
     r->headers_out.www_authenticate->hash = 1;
-    r->headers_out.www_authenticate->key.len = sizeof("WWW-Authenticate") - 1;
-    r->headers_out.www_authenticate->key.data = (u_char *) "WWW-Authenticate";
+    ngx_str_set(&r->headers_out.www_authenticate->key, "WWW-Authenticate");
     r->headers_out.www_authenticate->value = *realm;
 
     return NGX_HTTP_UNAUTHORIZED;
@@ -425,9 +424,7 @@ ngx_http_auth_basic(ngx_conf_t *cf, void
     u_char  *basic, *p;
 
     if (ngx_strcmp(realm->data, "off") == 0) {
-        realm->len = 0;
-        realm->data = (u_char *) "";
-
+        ngx_str_set(realm, "");
         return NGX_CONF_OK;
     }
 
--- a/src/http/modules/ngx_http_autoindex_module.c
+++ b/src/http/modules/ngx_http_autoindex_module.c
@@ -235,8 +235,7 @@ ngx_http_autoindex_handler(ngx_http_requ
 
     r->headers_out.status = NGX_HTTP_OK;
     r->headers_out.content_type_len = sizeof("text/html") - 1;
-    r->headers_out.content_type.len = sizeof("text/html") - 1;
-    r->headers_out.content_type.data = (u_char *) "text/html";
+    ngx_str_set(&r->headers_out.content_type, "text/html");
 
     rc = ngx_http_send_header(r);
 
--- a/src/http/modules/ngx_http_empty_gif_module.c
+++ b/src/http/modules/ngx_http_empty_gif_module.c
@@ -123,8 +123,7 @@ ngx_http_empty_gif_handler(ngx_http_requ
     }
 
     r->headers_out.content_type_len = sizeof("image/gif") - 1;
-    r->headers_out.content_type.len = sizeof("image/gif") - 1;
-    r->headers_out.content_type.data = (u_char *) "image/gif";
+    ngx_str_set(&r->headers_out.content_type, "image/gif");
 
     if (r->method == NGX_HTTP_HEAD) {
         r->headers_out.status = NGX_HTTP_OK;
--- a/src/http/modules/ngx_http_fastcgi_module.c
+++ b/src/http/modules/ngx_http_fastcgi_module.c
@@ -589,9 +589,7 @@ ngx_http_fastcgi_handler(ngx_http_reques
 
     u = r->upstream;
 
-    u->schema.len = sizeof("fastcgi://") - 1;
-    u->schema.data = (u_char *) "fastcgi://";
-
+    ngx_str_set(&u->schema, "fastcgi://");
     u->output.tag = (ngx_buf_tag_t) &ngx_http_fastcgi_module;
 
     u->conf = &flcf->upstream;
@@ -1449,15 +1447,12 @@ ngx_http_fastcgi_process_header(ngx_http
 
                 } else if (u->headers_in.location) {
                     u->headers_in.status_n = 302;
-                    u->headers_in.status_line.len =
-                                           sizeof("302 Moved Temporarily") - 1;
-                    u->headers_in.status_line.data =
-                                           (u_char *) "302 Moved Temporarily";
+                    ngx_str_set(&u->headers_in.status_line,
+                                "302 Moved Temporarily");
 
                 } else {
                     u->headers_in.status_n = 200;
-                    u->headers_in.status_line.len = sizeof("200 OK") - 1;
-                    u->headers_in.status_line.data = (u_char *) "200 OK";
+                    ngx_str_set(&u->headers_in.status_line, "200 OK");
                 }
 
                 if (u->state) {
@@ -1922,8 +1917,7 @@ ngx_http_fastcgi_create_loc_conf(ngx_con
      *     conf->upstream.store_lengths = NULL;
      *     conf->upstream.store_values = NULL;
      *
-     *     conf->index.len = 0;
-     *     conf->index.data = NULL;
+     *     conf->index.len = { 0, NULL };
      */
 
     conf->upstream.store = NGX_CONF_UNSET;
--- a/src/http/modules/ngx_http_gzip_filter_module.c
+++ b/src/http/modules/ngx_http_gzip_filter_module.c
@@ -285,11 +285,8 @@ ngx_http_gzip_header_filter(ngx_http_req
     }
 
     h->hash = 1;
-    h->key.len = sizeof("Content-Encoding") - 1;
-    h->key.data = (u_char *) "Content-Encoding";
-    h->value.len = sizeof("gzip") - 1;
-    h->value.data = (u_char *) "gzip";
-
+    ngx_str_set(&h->key, "Content-Encoding");
+    ngx_str_set(&h->value, "gzip");
     r->headers_out.content_encoding = h;
 
     r->main_filter_need_in_memory = 1;
--- a/src/http/modules/ngx_http_gzip_static_module.c
+++ b/src/http/modules/ngx_http_gzip_static_module.c
@@ -212,12 +212,10 @@ ngx_http_gzip_static_handler(ngx_http_re
     }
 
     h->hash = 1;
-    h->key.len = sizeof("Content-Encoding") - 1;
-    h->key.data = (u_char *) "Content-Encoding";
-    h->value.len = sizeof("gzip") - 1;
-    h->value.data = (u_char *) "gzip";
+    ngx_str_set(&h->key, "Content-Encoding");
+    ngx_str_set(&h->value, "gzip");
+    r->headers_out.content_encoding = h;
 
-    r->headers_out.content_encoding = h;
     r->ignore_content_encoding = 1;
 
     /* we need to allocate all before the header would be sent */
--- a/src/http/modules/ngx_http_headers_filter_module.c
+++ b/src/http/modules/ngx_http_headers_filter_module.c
@@ -196,8 +196,7 @@ ngx_http_set_expires(ngx_http_request_t 
         r->headers_out.expires = expires;
 
         expires->hash = 1;
-        expires->key.len = sizeof("Expires") - 1;
-        expires->key.data = (u_char *) "Expires";
+        ngx_str_set(&expires->key, "Expires");
     }
 
     len = sizeof("Mon, 28 Sep 1970 06:00:00 GMT");
@@ -225,9 +224,7 @@ ngx_http_set_expires(ngx_http_request_t 
         }
 
         cc->hash = 1;
-        cc->key.len = sizeof("Cache-Control") - 1;
-        cc->key.data = (u_char *) "Cache-Control";
-
+        ngx_str_set(&cc->key, "Cache-Control");
         *ccp = cc;
 
     } else {
@@ -240,20 +237,14 @@ ngx_http_set_expires(ngx_http_request_t 
 
     if (conf->expires == NGX_HTTP_EXPIRES_EPOCH) {
         expires->value.data = (u_char *) "Thu, 01 Jan 1970 00:00:01 GMT";
-
-        cc->value.len = sizeof("no-cache") - 1;
-        cc->value.data = (u_char *) "no-cache";
-
+        ngx_str_set(&cc->value, "no-cache");
         return NGX_OK;
     }
 
     if (conf->expires == NGX_HTTP_EXPIRES_MAX) {
         expires->value.data = (u_char *) "Thu, 31 Dec 2037 23:55:55 GMT";
-
         /* 10 years */
-        cc->value.len = sizeof("max-age=315360000") - 1;
-        cc->value.data = (u_char *) "max-age=315360000";
-
+        ngx_str_set(&cc->value, "max-age=315360000");
         return NGX_OK;
     }
 
@@ -265,10 +256,7 @@ ngx_http_set_expires(ngx_http_request_t 
     if (conf->expires_time == 0) {
         ngx_memcpy(expires->value.data, ngx_cached_http_time.data,
                    ngx_cached_http_time.len + 1);
-
-        cc->value.len = sizeof("max-age=0") - 1;
-        cc->value.data = (u_char *) "max-age=0";
-
+        ngx_str_set(&cc->value, "max-age=0");
         return NGX_OK;
     }
 
@@ -292,9 +280,7 @@ ngx_http_set_expires(ngx_http_request_t 
     ngx_http_time(expires->value.data, expires_time);
 
     if (conf->expires_time < 0 || max_age < 0) {
-        cc->value.len = sizeof("no-cache") - 1;
-        cc->value.data = (u_char *) "no-cache";
-
+        ngx_str_set(&cc->value, "no-cache");
         return NGX_OK;
     }
 
@@ -361,8 +347,7 @@ ngx_http_add_cache_control(ngx_http_requ
     }
 
     cc->hash = 1;
-    cc->key.len = sizeof("Cache-Control") - 1;
-    cc->key.data = (u_char *) "Cache-Control";
+    ngx_str_set(&cc->key, "Cache-Control");
     cc->value = *value;
 
     *ccp = cc;
--- a/src/http/modules/ngx_http_image_filter_module.c
+++ b/src/http/modules/ngx_http_image_filter_module.c
@@ -529,8 +529,7 @@ ngx_http_image_json(ngx_http_request_t *
     ngx_http_clean_header(r);
 
     r->headers_out.status = NGX_HTTP_OK;
-    r->headers_out.content_type.len = sizeof("text/plain") - 1;
-    r->headers_out.content_type.data = (u_char *) "text/plain";
+    ngx_str_set(&r->headers_out.content_type, "text/plain");
     r->headers_out.content_type_lowcase = NULL;
 
     if (ctx == NULL) {
--- a/src/http/modules/ngx_http_log_module.c
+++ b/src/http/modules/ngx_http_log_module.c
@@ -533,7 +533,7 @@ ngx_http_log_request_time(ngx_http_reque
 
     ms = (ngx_msec_int_t)
              ((tp->sec - r->start_sec) * 1000 + (tp->msec - r->start_msec));
-    ms = (ms >= 0) ? ms : 0;
+    ms = ngx_max(ms, 0);
 
     return ngx_sprintf(buf, "%T.%03M", ms / 1000, ms % 1000);
 }
@@ -747,8 +747,7 @@ ngx_http_log_create_main_conf(ngx_conf_t
         return NULL;
     }
 
-    fmt->name.len = sizeof("combined") - 1;
-    fmt->name.data = (u_char *) "combined";
+    ngx_str_set(&fmt->name, "combined");
 
     fmt->flushes = NULL;
 
@@ -922,8 +921,7 @@ ngx_http_log_set_log(ngx_conf_t *cf, ngx
         }
 
     } else {
-        name.len = sizeof("combined") - 1;
-        name.data = (u_char *) "combined";
+        ngx_str_set(&name, "combined");
         lmcf->combined_used = 1;
     }
 
--- a/src/http/modules/ngx_http_memcached_module.c
+++ b/src/http/modules/ngx_http_memcached_module.c
@@ -189,9 +189,7 @@ ngx_http_memcached_handler(ngx_http_requ
 
     u = r->upstream;
 
-    u->schema.len = sizeof("memcached://") - 1;
-    u->schema.data = (u_char *) "memcached://";
-
+    ngx_str_set(&u->schema, "memcached://");
     u->output.tag = (ngx_buf_tag_t) &ngx_http_memcached_module;
 
     mlcf = ngx_http_get_module_loc_conf(r, ngx_http_memcached_module);
--- a/src/http/modules/ngx_http_proxy_module.c
+++ b/src/http/modules/ngx_http_proxy_module.c
@@ -1568,10 +1568,8 @@ ngx_http_proxy_process_header(ngx_http_r
                 h->hash = ngx_hash(ngx_hash(ngx_hash(ngx_hash(
                                     ngx_hash('s', 'e'), 'r'), 'v'), 'e'), 'r');
 
-                h->key.len = sizeof("Server") - 1;
-                h->key.data = (u_char *) "Server";
-                h->value.len = 0;
-                h->value.data = NULL;
+                ngx_str_set(&h->key, "Server");
+                ngx_str_null(&h->value);
                 h->lowcase_key = (u_char *) "server";
             }
 
@@ -1583,10 +1581,8 @@ ngx_http_proxy_process_header(ngx_http_r
 
                 h->hash = ngx_hash(ngx_hash(ngx_hash('d', 'a'), 't'), 'e');
 
-                h->key.len = sizeof("Date") - 1;
-                h->key.data = (u_char *) "Date";
-                h->value.len = 0;
-                h->value.data = NULL;
+                ngx_str_set(&h->key, "Date");
+                ngx_str_null(&h->value);
                 h->lowcase_key = (u_char *) "date";
             }
 
@@ -2222,8 +2218,7 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t
                 pr->replacement.text = conf->location;
 
             } else {
-                pr->replacement.text.len = 0;
-                pr->replacement.text.data = NULL;
+                ngx_str_null(&pr->replacement.text);
             }
         }
     }
@@ -2311,10 +2306,8 @@ ngx_http_proxy_merge_loc_conf(ngx_conf_t
             return NGX_CONF_ERROR;
         }
 
-        s->key.len = sizeof("Content-Length") - 1;
-        s->key.data = (u_char *) "Content-Length";
-        s->value.len = sizeof("$proxy_internal_body_length") - 1;
-        s->value.data = (u_char *) "$proxy_internal_body_length";
+        ngx_str_set(&s->key, "Content-Length");
+        ngx_str_set(&s->value, "$proxy_internal_body_length");
     }
 
     if (ngx_http_proxy_merge_headers(cf, conf, prev) != NGX_OK) {
@@ -2777,8 +2770,7 @@ ngx_http_proxy_redirect(ngx_conf_t *cf, 
             pr->replacement.text = plcf->location;
 
         } else {
-            pr->replacement.text.len = 0;
-            pr->replacement.text.data = NULL;
+            ngx_str_null(&pr->replacement.text);
         }
 
         return NGX_CONF_OK;
@@ -3038,12 +3030,10 @@ ngx_http_proxy_set_vars(ngx_url_t *u, ng
             v->host_header = u->host;
 
             if (u->default_port == 80) {
-                v->port.len = sizeof("80") - 1;
-                v->port.data = (u_char *) "80";
+                ngx_str_set(&v->port, "80");
 
             } else {
-                v->port.len = sizeof("443") - 1;
-                v->port.data = (u_char *) "443";
+                ngx_str_set(&v->port, "443");
             }
 
         } else {
@@ -3055,10 +3045,8 @@ ngx_http_proxy_set_vars(ngx_url_t *u, ng
         v->key_start.len += v->host_header.len;
 
     } else {
-        v->host_header.len = sizeof("localhost") - 1;
-        v->host_header.data = (u_char *) "localhost";
-        v->port.len = 0;
-        v->port.data = (u_char *) "";
+        ngx_str_set(&v->host_header, "localhost");
+        ngx_str_null(&v->port);
         v->key_start.len += sizeof("unix:") - 1 + u->host.len + 1;
     }
 
--- a/src/http/modules/ngx_http_range_filter_module.c
+++ b/src/http/modules/ngx_http_range_filter_module.c
@@ -224,10 +224,8 @@ next_filter:
     }
 
     r->headers_out.accept_ranges->hash = 1;
-    r->headers_out.accept_ranges->key.len = sizeof("Accept-Ranges") - 1;
-    r->headers_out.accept_ranges->key.data = (u_char *) "Accept-Ranges";
-    r->headers_out.accept_ranges->value.len = sizeof("bytes") - 1;
-    r->headers_out.accept_ranges->value.data = (u_char *) "bytes";
+    ngx_str_set(&r->headers_out.accept_ranges->key, "Accept-Ranges");
+    ngx_str_set(&r->headers_out.accept_ranges->value, "bytes");
 
     return ngx_http_next_header_filter(r);
 }
@@ -355,8 +353,7 @@ ngx_http_range_singlepart_header(ngx_htt
     r->headers_out.content_range = content_range;
 
     content_range->hash = 1;
-    content_range->key.len = sizeof("Content-Range") - 1;
-    content_range->key.data = (u_char *) "Content-Range";
+    ngx_str_set(&content_range->key, "Content-Range");
 
     content_range->value.data = ngx_pnalloc(r->pool,
                                     sizeof("bytes -/") - 1 + 3 * NGX_OFF_T_LEN);
@@ -520,8 +517,7 @@ ngx_http_range_not_satisfiable(ngx_http_
     r->headers_out.content_range = content_range;
 
     content_range->hash = 1;
-    content_range->key.len = sizeof("Content-Range") - 1;
-    content_range->key.data = (u_char *) "Content-Range";
+    ngx_str_set(&content_range->key, "Content-Range");
 
     content_range->value.data = ngx_pnalloc(r->pool,
                                        sizeof("bytes */") - 1 + NGX_OFF_T_LEN);
--- a/src/http/modules/ngx_http_referer_module.c
+++ b/src/http/modules/ngx_http_referer_module.c
@@ -363,8 +363,7 @@ ngx_http_valid_referers(ngx_conf_t *cf, 
     ngx_http_server_name_t    *sn;
     ngx_http_core_srv_conf_t  *cscf;
 
-    name.len = sizeof("invalid_referer") - 1;
-    name.data = (u_char *) "invalid_referer";
+    ngx_str_set(&name, "invalid_referer");
 
     var = ngx_http_add_variable(cf, &name,
                                 NGX_HTTP_VAR_CHANGEABLE|NGX_HTTP_VAR_NOHASH);
@@ -407,8 +406,7 @@ ngx_http_valid_referers(ngx_conf_t *cf, 
             continue;
         }
 
-        uri.len = 0;
-        uri.data = NULL;
+        ngx_str_null(&uri);
 
         if (ngx_strcmp(value[i].data, "server_names") == 0) {
 
new file mode 100644
--- /dev/null
+++ b/src/http/modules/ngx_http_split_clients_module.c
@@ -0,0 +1,237 @@
+
+/*
+ * Copyright (C) Igor Sysoev
+ */
+
+
+#include <ngx_config.h>
+#include <ngx_core.h>
+#include <ngx_http.h>
+
+
+typedef struct {
+    uint32_t                    percent;
+    ngx_http_variable_value_t   value;
+} ngx_http_split_clients_part_t;
+
+
+typedef struct {
+    ngx_http_complex_value_t    value;
+    ngx_array_t                 parts;
+} ngx_http_split_clients_ctx_t;
+
+
+static char *ngx_conf_split_clients_block(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+static char *ngx_http_split_clients(ngx_conf_t *cf, ngx_command_t *dummy,
+    void *conf);
+
+static ngx_command_t  ngx_http_split_clients_commands[] = {
+
+    { ngx_string("split_clients"),
+      NGX_HTTP_MAIN_CONF|NGX_CONF_BLOCK|NGX_CONF_TAKE2,
+      ngx_conf_split_clients_block,
+      NGX_HTTP_MAIN_CONF_OFFSET,
+      0,
+      NULL },
+
+      ngx_null_command
+};
+
+
+static ngx_http_module_t  ngx_http_split_clients_module_ctx = {
+    NULL,                                  /* preconfiguration */
+    NULL,                                  /* postconfiguration */
+
+    NULL,                                  /* create main configuration */
+    NULL,                                  /* init main configuration */
+
+    NULL,                                  /* create server configuration */
+    NULL,                                  /* merge server configuration */
+
+    NULL,                                  /* create location configuration */
+    NULL                                   /* merge location configuration */
+};
+
+
+ngx_module_t  ngx_http_split_clients_module = {
+    NGX_MODULE_V1,
+    &ngx_http_split_clients_module_ctx,    /* module context */
+    ngx_http_split_clients_commands,       /* module directives */
+    NGX_HTTP_MODULE,                       /* module type */
+    NULL,                                  /* init master */
+    NULL,                                  /* init module */
+    NULL,                                  /* init process */
+    NULL,                                  /* init thread */
+    NULL,                                  /* exit thread */
+    NULL,                                  /* exit process */
+    NULL,                                  /* exit master */
+    NGX_MODULE_V1_PADDING
+};
+
+
+static ngx_int_t
+ngx_http_split_clients_variable(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data)
+{
+    ngx_http_split_clients_ctx_t *ctx = (ngx_http_split_clients_ctx_t *) data;
+
+    uint32_t                        hash;
+    ngx_str_t                       val;
+    ngx_uint_t                      i;
+    ngx_http_split_clients_part_t  *part;
+
+    *v = ngx_http_variable_null_value;
+
+    if (ngx_http_complex_value(r, &ctx->value, &val) != NGX_OK) {
+        return NGX_OK;
+    }
+
+    hash = ngx_crc32_short(val.data, val.len);
+
+    part = ctx->parts.elts;
+
+    for (i = 0; i < ctx->parts.nelts; i++) {
+
+        ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+                       "%D %D", hash, part[i].percent);
+
+        if (hash < part[i].percent) {
+            *v = part[i].value;
+            return NGX_OK;
+        }
+    }
+
+    return NGX_OK;
+}
+
+
+static char *
+ngx_conf_split_clients_block(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    char                                *rv;
+    ngx_str_t                           *value, name;
+    ngx_uint_t                           i, sum, last;
+    ngx_conf_t                           save;
+    ngx_http_variable_t                 *var;
+    ngx_http_split_clients_ctx_t        *ctx;
+    ngx_http_split_clients_part_t       *part;
+    ngx_http_compile_complex_value_t     ccv;
+
+    ctx = ngx_pcalloc(cf->pool, sizeof(ngx_http_split_clients_ctx_t));
+    if (ctx == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    value = cf->args->elts;
+
+    ngx_memzero(&ccv, sizeof(ngx_http_compile_complex_value_t));
+
+    ccv.cf = cf;
+    ccv.value = &value[1];
+    ccv.complex_value = &ctx->value;
+
+    if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
+        return NGX_CONF_ERROR;
+    }
+
+    name = value[2];
+    name.len--;
+    name.data++;
+
+    var = ngx_http_add_variable(cf, &name, NGX_HTTP_VAR_CHANGEABLE);
+    if (var == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    var->get_handler = ngx_http_split_clients_variable;
+    var->data = (uintptr_t) ctx;
+
+    if (ngx_array_init(&ctx->parts, cf->pool, 2,
+                       sizeof(ngx_http_split_clients_part_t))
+        != NGX_OK)
+    {
+        return NGX_CONF_ERROR;
+    }
+
+    save = *cf;
+    cf->ctx = ctx;
+    cf->handler = ngx_http_split_clients;
+    cf->handler_conf = conf;
+
+    rv = ngx_conf_parse(cf, NULL);
+
+    *cf = save;
+
+    sum = 0;
+    last = 0;
+    part = ctx->parts.elts;
+
+    for (i = 0; i < ctx->parts.nelts; i++) {
+        sum = part[i].percent ? sum + part[i].percent : 10000;
+        if (sum > 10000) {
+           ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                              "percent sum is more than 100%%");
+           return NGX_CONF_ERROR;
+        }
+
+        if (part[i].percent) {
+            part[i].percent = (uint32_t)
+                                 (last + 0xffffffff / 10000 * part[i].percent);
+        } else {
+            part[i].percent = 0xffffffff;
+        }
+
+        last = part[i].percent;
+    }
+
+    return rv;
+}
+
+
+static char *
+ngx_http_split_clients(ngx_conf_t *cf, ngx_command_t *dummy, void *conf)
+{
+    ngx_int_t                       n;
+    ngx_str_t                      *value;
+    ngx_http_split_clients_ctx_t   *ctx;
+    ngx_http_split_clients_part_t  *part;
+
+    ctx = cf->ctx;
+    value = cf->args->elts;
+
+    part = ngx_array_push(&ctx->parts);
+    if (part == NULL) {
+        return NGX_CONF_ERROR;
+    }
+
+    if (value[0].len == 1 && value[0].data[0] == '*') {
+        part->percent = 0;
+
+    } else {
+        if (value[0].data[value[0].len - 1] != '%') {
+            goto invalid;
+        }
+
+        n = ngx_atofp(value[0].data, value[0].len - 1, 2);
+        if (n == NGX_ERROR || n == 0) {
+            goto invalid;
+        }
+
+        part->percent = (uint32_t) n;
+    }
+
+    part->value.len = value[1].len;
+    part->value.valid = 1;
+    part->value.no_cacheable = 0;
+    part->value.not_found = 0;
+    part->value.data = value[1].data;
+
+    return NGX_CONF_OK;
+
+invalid:
+
+    ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                       "invalid percent value \"%V\"", &value[0]);
+    return NGX_CONF_ERROR;
+}
--- a/src/http/modules/ngx_http_ssi_filter_module.c
+++ b/src/http/modules/ngx_http_ssi_filter_module.c
@@ -346,13 +346,9 @@ ngx_http_ssi_header_filter(ngx_http_requ
     ctx->params.nalloc = NGX_HTTP_SSI_PARAMS_N;
     ctx->params.pool = r->pool;
 
-    ctx->timefmt.len = sizeof("%A, %d-%b-%Y %H:%M:%S %Z") - 1;
-    ctx->timefmt.data = (u_char *) "%A, %d-%b-%Y %H:%M:%S %Z";
-
-    ctx->errmsg.len =
-              sizeof("[an error occurred while processing the directive]") - 1;
-    ctx->errmsg.data = (u_char *)
-                     "[an error occurred while processing the directive]";
+    ngx_str_set(&ctx->timefmt, "%A, %d-%b-%Y %H:%M:%S %Z");
+    ngx_str_set(&ctx->errmsg,
+                "[an error occurred while processing the directive]");
 
     r->filter_need_in_memory = 1;
 
@@ -1904,8 +1900,7 @@ ngx_http_ssi_include(ngx_http_request_t 
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "ssi include: \"%V\"", uri);
 
-    args.len = 0;
-    args.data = NULL;
+    ngx_str_null(&args);
     flags = NGX_HTTP_LOG_UNSAFE;
 
     if (ngx_http_parse_unsafe_uri(r, uri, &args, &flags) != NGX_OK) {
--- a/src/http/modules/ngx_http_ssl_module.c
+++ b/src/http/modules/ngx_http_ssl_module.c
@@ -314,8 +314,7 @@ ngx_http_ssl_create_srv_conf(ngx_conf_t 
      *     sscf->dhparam = { 0, NULL };
      *     sscf->client_certificate = { 0, NULL };
      *     sscf->crl = { 0, NULL };
-     *     sscf->ciphers.len = 0;
-     *     sscf->ciphers.data = NULL;
+     *     sscf->ciphers = { 0, NULL };
      *     sscf->shm_zone = NULL;
      */
 
--- a/src/http/modules/ngx_http_stub_status_module.c
+++ b/src/http/modules/ngx_http_stub_status_module.c
@@ -75,8 +75,7 @@ static ngx_int_t ngx_http_status_handler
         return rc;
     }
 
-    r->headers_out.content_type.len = sizeof("text/plain") - 1;
-    r->headers_out.content_type.data = (u_char *) "text/plain";
+    ngx_str_set(&r->headers_out.content_type, "text/plain");
 
     if (r->method == NGX_HTTP_HEAD) {
         r->headers_out.status = NGX_HTTP_OK;
--- a/src/http/modules/ngx_http_userid_filter_module.c
+++ b/src/http/modules/ngx_http_userid_filter_module.c
@@ -493,8 +493,7 @@ ngx_http_userid_set_uid(ngx_http_request
     }
 
     set_cookie->hash = 1;
-    set_cookie->key.len = sizeof("Set-Cookie") - 1;
-    set_cookie->key.data = (u_char *) "Set-Cookie";
+    ngx_str_set(&set_cookie->key, "Set-Cookie");
     set_cookie->value.len = p - cookie;
     set_cookie->value.data = cookie;
 
@@ -511,8 +510,7 @@ ngx_http_userid_set_uid(ngx_http_request
     }
 
     p3p->hash = 1;
-    p3p->key.len = sizeof("P3P") - 1;
-    p3p->key.data = (u_char *) "P3P";
+    ngx_str_set(&p3p->key, "P3P");
     p3p->value = conf->p3p;
 
     return NGX_OK;
@@ -576,14 +574,10 @@ ngx_http_userid_create_conf(ngx_conf_t *
     /*
      * set by ngx_pcalloc():
      *
-     *     conf->name.len = 0;
-     *     conf->name.date = NULL;
-     *     conf->domain.len = 0;
-     *     conf->domain.date = NULL;
-     *     conf->path.len = 0;
-     *     conf->path.date = NULL;
-     *     conf->p3p.len = 0;
-     *     conf->p3p.date = NULL;
+     *     conf->name = { 0, NULL };
+     *     conf->domain = { 0, NULL };
+     *     conf->path = { 0, NULL };
+     *     conf->p3p = { 0, NULL };
      */
 
     conf->enable = NGX_CONF_UNSET_UINT;
@@ -642,9 +636,7 @@ ngx_http_userid_domain(ngx_conf_t *cf, v
     u_char  *p, *new;
 
     if (ngx_strcmp(domain->data, "none") == 0) {
-        domain->len = 0;
-        domain->data = (u_char *) "";
-
+        ngx_str_set(domain, "");
         return NGX_CONF_OK;
     }
 
@@ -727,8 +719,7 @@ ngx_http_userid_p3p(ngx_conf_t *cf, void
     ngx_str_t  *p3p = data;
 
     if (ngx_strcmp(p3p->data, "none") == 0) {
-        p3p->len = 0;
-        p3p->data = (u_char *) "";
+        ngx_str_set(p3p, "");
     }
 
     return NGX_CONF_OK;
@@ -780,4 +771,3 @@ ngx_http_userid_init_worker(ngx_cycle_t 
 
     return NGX_OK;
 }
-
--- a/src/http/modules/ngx_http_xslt_filter_module.c
+++ b/src/http/modules/ngx_http_xslt_filter_module.c
@@ -837,8 +837,7 @@ ngx_http_xslt_apply_stylesheet(ngx_http_
     } else if (doc_type == XML_HTML_DOCUMENT_NODE) {
 
         r->headers_out.content_type_len = sizeof("text/html") - 1;
-        r->headers_out.content_type.len = sizeof("text/html") - 1;
-        r->headers_out.content_type.data = (u_char *) "text/html";
+        ngx_str_set(&r->headers_out.content_type, "text/html");
     }
 
     r->headers_out.content_type_lowcase = NULL;
@@ -1144,7 +1143,6 @@ found:
         if (ngx_http_compile_complex_value(&ccv) != NGX_OK) {
             return NGX_CONF_ERROR;
         }
-
     }
 
     return NGX_CONF_OK;
--- a/src/http/modules/perl/nginx.pm
+++ b/src/http/modules/perl/nginx.pm
@@ -47,7 +47,7 @@ our @EXPORT = qw(
     HTTP_INSUFFICIENT_STORAGE
 );
 
-our $VERSION = '0.8.36';
+our $VERSION = '0.8.37';
 
 require XSLoader;
 XSLoader::load('nginx', $VERSION);
--- a/src/http/modules/perl/ngx_http_perl_module.c
+++ b/src/http/modules/perl/ngx_http_perl_module.c
@@ -481,8 +481,7 @@ ngx_http_perl_init_interpreter(ngx_conf_
             return NGX_CONF_ERROR;
         }
 
-        m->len = sizeof(NGX_PERL_MODULES) - 1;
-        m->data = NGX_PERL_MODULES;
+        ngx_str_set(m, NGX_PERL_MODULES);
     }
 #endif
 
--- a/src/http/ngx_http_copy_filter_module.c
+++ b/src/http/ngx_http_copy_filter_module.c
@@ -126,7 +126,9 @@ ngx_http_copy_filter(ngx_http_request_t 
         }
 #endif
 
-        r->request_output = 1;
+        if (in && in->buf && ngx_buf_size(in->buf)) {
+            r->request_output = 1;
+        }
     }
 
 #if (NGX_HAVE_FILE_AIO)
--- a/src/http/ngx_http_core_module.c
+++ b/src/http/ngx_http_core_module.c
@@ -1685,8 +1685,7 @@ ngx_http_set_exten(ngx_http_request_t *r
 {
     ngx_int_t  i;
 
-    r->exten.len = 0;
-    r->exten.data = NULL;
+    ngx_str_null(&r->exten);
 
     for (i = r->uri.len - 1; i > 1; i--) {
         if (r->uri.data[i] == '.' && r->uri.data[i - 1] != '/') {
@@ -2187,8 +2186,7 @@ ngx_http_internal_redirect(ngx_http_requ
         r->args = *args;
 
     } else {
-        r->args.len = 0;
-        r->args.data = NULL;
+        ngx_str_null(&r->args);
     }
 
     ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
@@ -3032,8 +3030,7 @@ ngx_http_core_merge_loc_conf(ngx_conf_t 
         conf->root_values = prev->root_values;
 
         if (prev->root.data == NULL) {
-            conf->root.len = sizeof("html") - 1;
-            conf->root.data = (u_char *) "html";
+            ngx_str_set(&conf->root, "html");
 
             if (ngx_conf_full_name(cf->cycle, &conf->root, 0) != NGX_OK) {
                 return NGX_CONF_ERROR;
@@ -3891,8 +3888,7 @@ ngx_http_core_error_page(ngx_conf_t *cf,
         return NGX_CONF_ERROR;
     }
 
-    args.len = 0;
-    args.data = NULL;
+    ngx_str_null(&args);
 
     if (cv.lengths == NULL && uri.data[0] == '/') {
         p = (u_char *) ngx_strchr(uri.data, '?');
--- a/src/http/ngx_http_header_filter_module.c
+++ b/src/http/ngx_http_header_filter_module.c
@@ -218,8 +218,7 @@ ngx_http_header_filter(ngx_http_request_
 
             if (status == NGX_HTTP_NO_CONTENT) {
                 r->header_only = 1;
-                r->headers_out.content_type.len = 0;
-                r->headers_out.content_type.data = NULL;
+                ngx_str_null(&r->headers_out.content_type);
                 r->headers_out.last_modified_time = -1;
                 r->headers_out.last_modified = NULL;
                 r->headers_out.content_length = NULL;
@@ -371,8 +370,7 @@ ngx_http_header_filter(ngx_http_request_
         }
 
     } else {
-        host.len = 0;
-        host.data = NULL;
+        ngx_str_null(&host);
         port = 0;
     }
 
@@ -539,8 +537,7 @@ ngx_http_header_filter(ngx_http_request_
 
         r->headers_out.location->value.len = b->last - p;
         r->headers_out.location->value.data = p;
-        r->headers_out.location->key.len = sizeof("Location") - 1;
-        r->headers_out.location->key.data = (u_char *) "Location";
+        ngx_str_set(&r->headers_out.location->key, "Location");
 
         *b->last++ = CR; *b->last++ = LF;
     }
--- a/src/http/ngx_http_script.c
+++ b/src/http/ngx_http_script.c
@@ -1008,8 +1008,7 @@ ngx_http_script_regex_end_code(ngx_http_
         }
 
         r->headers_out.location->hash = 1;
-        r->headers_out.location->key.len = sizeof("Location") - 1;
-        r->headers_out.location->key.data = (u_char *) "Location";
+        ngx_str_set(&r->headers_out.location->key, "Location");
         r->headers_out.location->value = e->buf;
 
         e->ip += sizeof(ngx_http_script_regex_end_code_t);
--- a/src/http/ngx_http_special_response.c
+++ b/src/http/ngx_http_special_response.c
@@ -553,8 +553,7 @@ ngx_http_send_error_page(ngx_http_reques
     r->err_status = NGX_HTTP_MOVED_TEMPORARILY;
 
     location->hash = 1;
-    location->key.len = sizeof("Location") - 1;
-    location->key.data = (u_char *) "Location";
+    ngx_str_set(&location->key, "Location");
     location->value = uri;
 
     r->headers_out.location = location;
@@ -608,8 +607,7 @@ ngx_http_send_special_response(ngx_http_
             }
 
             r->headers_out.content_type_len = sizeof("text/html") - 1;
-            r->headers_out.content_type.len = sizeof("text/html") - 1;
-            r->headers_out.content_type.data = (u_char *) "text/html";
+            ngx_str_set(&r->headers_out.content_type, "text/html");
             r->headers_out.content_type_lowcase = NULL;
 
         } else {
@@ -711,8 +709,7 @@ ngx_http_send_refresh(ngx_http_request_t
     r->err_status = NGX_HTTP_OK;
 
     r->headers_out.content_type_len = sizeof("text/html") - 1;
-    r->headers_out.content_type.len = sizeof("text/html") - 1;
-    r->headers_out.content_type.data = (u_char *) "text/html";
+    ngx_str_set(&r->headers_out.content_type, "text/html");
     r->headers_out.content_type_lowcase = NULL;
 
     r->headers_out.location->hash = 0;
--- a/src/http/ngx_http_upstream.c
+++ b/src/http/ngx_http_upstream.c
@@ -365,8 +365,6 @@ ngx_http_upstream_create(ngx_http_reques
     if (u && u->cleanup) {
         r->main->count++;
         ngx_http_upstream_cleanup(r);
-        *u->cleanup = NULL;
-        u->cleanup = NULL;
     }
 
     u = ngx_pcalloc(r->pool, sizeof(ngx_http_upstream_t));
@@ -1802,8 +1800,7 @@ ngx_http_upstream_process_headers(ngx_ht
         }
 
         uri = &u->headers_in.x_accel_redirect->value;
-        args.len = 0;
-        args.data = NULL;
+        ngx_str_null(&args);
         flags = NGX_HTTP_LOG_UNSAFE;
 
         if (ngx_http_parse_unsafe_uri(r, uri, &args, &flags) != NGX_OK) {
@@ -3026,16 +3023,18 @@ ngx_http_upstream_process_cache_control(
         return NGX_OK;
     }
 
-    last = h->value.data + h->value.len;
-
-    if (ngx_strlcasestrn(h->value.data, last, (u_char *) "no-cache", 8 - 1)
-        != NULL)
+    p = h->value.data;
+    last = p + h->value.len;
+
+    if (ngx_strlcasestrn(p, last, (u_char *) "no-cache", 8 - 1) != NULL
+        || ngx_strlcasestrn(p, last, (u_char *) "no-store", 8 - 1) != NULL
+        || ngx_strlcasestrn(p, last, (u_char *) "private", 7 - 1) != NULL)
     {
         u->cacheable = 0;
         return NGX_OK;
     }
 
-    p = ngx_strlcasestrn(h->value.data, last, (u_char *) "max-age=", 8 - 1);
+    p = ngx_strlcasestrn(p, last, (u_char *) "max-age=", 8 - 1);
 
     if (p == NULL) {
         return NGX_OK;
@@ -3712,7 +3711,7 @@ ngx_http_upstream_response_time_variable
         if (state[i].status) {
             ms = (ngx_msec_int_t)
                      (state[i].response_sec * 1000 + state[i].response_msec);
-            ms = (ms >= 0) ? ms : 0;
+            ms = ngx_max(ms, 0);
             p = ngx_sprintf(p, "%d.%03d", ms / 1000, ms % 1000);
 
         } else {
--- a/src/http/ngx_http_variables.c
+++ b/src/http/ngx_http_variables.c
@@ -1390,8 +1390,7 @@ ngx_http_variable_sent_location(ngx_http
         return NGX_OK;
     }
 
-    name.len = sizeof("sent_http_location") - 1;
-    name.data = (u_char *) "sent_http_location";
+    ngx_str_set(&name, "sent_http_location");
 
     return ngx_http_variable_unknown_header(v, &name,
                                             &r->headers_out.headers.part,
--- a/src/mail/ngx_mail_auth_http_module.c
+++ b/src/mail/ngx_mail_auth_http_module.c
@@ -1409,15 +1409,13 @@ ngx_mail_auth_http(ngx_conf_t *cf, ngx_c
         ahcf->host_header = u.host;
 
     } else {
-        ahcf->host_header.len = sizeof("localhost") - 1;
-        ahcf->host_header.data = (u_char *) "localhost";
+        ngx_str_set(&ahcf->host_header, "localhost");
     }
 
     ahcf->uri = u.uri;
 
     if (ahcf->uri.len == 0) {
-        ahcf->uri.len = sizeof("/") - 1;
-        ahcf->uri.data = (u_char *) "/";
+        ngx_str_set(&ahcf->uri, "/");
     }
 
     return NGX_CONF_OK;
--- a/src/mail/ngx_mail_imap_handler.c
+++ b/src/mail/ngx_mail_imap_handler.c
@@ -39,8 +39,7 @@ ngx_mail_imap_init_session(ngx_mail_sess
 
     cscf = ngx_mail_get_module_srv_conf(s, ngx_mail_core_module);
 
-    s->out.len = sizeof(imap_greeting) - 1;
-    s->out.data = imap_greeting;
+    ngx_str_set(&s->out, imap_greeting);
 
     c->read->handler = ngx_mail_imap_init_protocol;
 
@@ -136,8 +135,7 @@ ngx_mail_imap_auth_state(ngx_event_t *re
 
     tag = 1;
     s->text.len = 0;
-    s->out.len = sizeof(imap_ok) - 1;
-    s->out.data = imap_ok;
+    ngx_str_set(&s->out, imap_ok);
 
     if (rc == NGX_OK) {
 
@@ -186,8 +184,7 @@ ngx_mail_imap_auth_state(ngx_event_t *re
 
             case NGX_IMAP_LOGOUT:
                 s->quit = 1;
-                s->text.len = sizeof(imap_bye) - 1;
-                s->text.data = imap_bye;
+                ngx_str_set(&s->text, imap_bye);
                 break;
 
             case NGX_IMAP_NOOP:
@@ -208,8 +205,7 @@ ngx_mail_imap_auth_state(ngx_event_t *re
             rc = ngx_mail_auth_login_username(s, c, 0);
 
             tag = 0;
-            s->out.len = sizeof(imap_password) - 1;
-            s->out.data = imap_password;
+            ngx_str_set(&s->out, imap_password);
             s->mail_state = ngx_imap_auth_login_password;
 
             break;
@@ -229,8 +225,7 @@ ngx_mail_imap_auth_state(ngx_event_t *re
 
     } else if (rc == NGX_IMAP_NEXT) {
         tag = 0;
-        s->out.len = sizeof(imap_next) - 1;
-        s->out.data = imap_next;
+        ngx_str_set(&s->out, imap_next);
     }
 
     switch (rc) {
@@ -245,16 +240,14 @@ ngx_mail_imap_auth_state(ngx_event_t *re
 
     case NGX_MAIL_PARSE_INVALID_COMMAND:
         s->state = 0;
-        s->out.len = sizeof(imap_invalid_command) - 1;
-        s->out.data = imap_invalid_command;
+        ngx_str_set(&s->out, imap_invalid_command);
         s->mail_state = ngx_imap_start;
         break;
     }
 
     if (tag) {
         if (s->tag.len == 0) {
-            s->tag.len = sizeof(imap_star) - 1;
-            s->tag.data = (u_char *) imap_star;
+            ngx_str_set(&s->tag, imap_star);
         }
 
         if (s->tagged_line.len < s->tag.len + s->text.len + s->out.len) {
@@ -364,24 +357,21 @@ ngx_mail_imap_authenticate(ngx_mail_sess
 
     case NGX_MAIL_AUTH_LOGIN:
 
-        s->out.len = sizeof(imap_username) - 1;
-        s->out.data = imap_username;
+        ngx_str_set(&s->out, imap_username);
         s->mail_state = ngx_imap_auth_login_username;
 
         return NGX_OK;
 
     case NGX_MAIL_AUTH_LOGIN_USERNAME:
 
-        s->out.len = sizeof(imap_password) - 1;
-        s->out.data = imap_password;
+        ngx_str_set(&s->out, imap_password);
         s->mail_state = ngx_imap_auth_login_password;
 
         return ngx_mail_auth_login_username(s, c, 1);
 
     case NGX_MAIL_AUTH_PLAIN:
 
-        s->out.len = sizeof(imap_plain_next) - 1;
-        s->out.data = imap_plain_next;
+        ngx_str_set(&s->out, imap_plain_next);
         s->mail_state = ngx_imap_auth_plain;
 
         return NGX_OK;
--- a/src/mail/ngx_mail_pop3_handler.c
+++ b/src/mail/ngx_mail_pop3_handler.c
@@ -59,8 +59,7 @@ ngx_mail_pop3_init_session(ngx_mail_sess
         s->out.len = p - s->out.data;
 
     } else {
-        s->out.len = sizeof(pop3_greeting) - 1;
-        s->out.data = pop3_greeting;
+        ngx_str_set(&s->out, pop3_greeting);
     }
 
     c->read->handler = ngx_mail_pop3_init_protocol;
@@ -149,8 +148,7 @@ ngx_mail_pop3_auth_state(ngx_event_t *re
         return;
     }
 
-    s->out.len = sizeof(pop3_ok) - 1;
-    s->out.data = pop3_ok;
+    ngx_str_set(&s->out, pop3_ok);
 
     if (rc == NGX_OK) {
         switch (s->mail_state) {
@@ -226,8 +224,7 @@ ngx_mail_pop3_auth_state(ngx_event_t *re
         case ngx_pop3_auth_login_username:
             rc = ngx_mail_auth_login_username(s, c, 0);
 
-            s->out.len = sizeof(pop3_password) - 1;
-            s->out.data = pop3_password;
+            ngx_str_set(&s->out, pop3_password);
             s->mail_state = ngx_pop3_auth_login_password;
             break;
 
@@ -259,8 +256,7 @@ ngx_mail_pop3_auth_state(ngx_event_t *re
         s->mail_state = ngx_pop3_start;
         s->state = 0;
 
-        s->out.len = sizeof(pop3_invalid_command) - 1;
-        s->out.data = pop3_invalid_command;
+        ngx_str_set(&s->out, pop3_invalid_command);
 
         /* fall through */
 
@@ -466,24 +462,21 @@ ngx_mail_pop3_auth(ngx_mail_session_t *s
 
     case NGX_MAIL_AUTH_LOGIN:
 
-        s->out.len = sizeof(pop3_username) - 1;
-        s->out.data = pop3_username;
+        ngx_str_set(&s->out, pop3_username);
         s->mail_state = ngx_pop3_auth_login_username;
 
         return NGX_OK;
 
     case NGX_MAIL_AUTH_LOGIN_USERNAME:
 
-        s->out.len = sizeof(pop3_password) - 1;
-        s->out.data = pop3_password;
+        ngx_str_set(&s->out, pop3_password);
         s->mail_state = ngx_pop3_auth_login_password;
 
         return ngx_mail_auth_login_username(s, c, 1);
 
     case NGX_MAIL_AUTH_PLAIN:
 
-        s->out.len = sizeof(pop3_next) - 1;
-        s->out.data = pop3_next;
+        ngx_str_set(&s->out, pop3_next);
         s->mail_state = ngx_pop3_auth_plain;
 
         return NGX_OK;
--- a/src/mail/ngx_mail_proxy_module.c
+++ b/src/mail/ngx_mail_proxy_module.c
@@ -304,8 +304,7 @@ ngx_mail_proxy_pop3_handler(ngx_event_t 
 
     default:
 #if (NGX_SUPPRESS_WARN)
-        line.len = 0;
-        line.data = NULL;
+        ngx_str_null(&line);
 #endif
         break;
     }
@@ -439,8 +438,7 @@ ngx_mail_proxy_imap_handler(ngx_event_t 
 
     default:
 #if (NGX_SUPPRESS_WARN)
-        line.len = 0;
-        line.data = NULL;
+        ngx_str_null(&line);
 #endif
         break;
     }
@@ -664,8 +662,7 @@ ngx_mail_proxy_smtp_handler(ngx_event_t 
 
     default:
 #if (NGX_SUPPRESS_WARN)
-        line.len = 0;
-        line.data = NULL;
+        ngx_str_null(&line);
 #endif
         break;
     }
@@ -726,7 +723,7 @@ ngx_mail_proxy_read_response(ngx_mail_se
 
     b->last += n;
 
-    if (b->last - b->pos < 5) {
+    if (b->last - b->pos < 4) {
         return NGX_AGAIN;
     }
 
--- a/src/mail/ngx_mail_smtp_handler.c
+++ b/src/mail/ngx_mail_smtp_handler.c
@@ -319,8 +319,7 @@ ngx_mail_smtp_invalid_pipelining(ngx_eve
             return;
         }
 
-        s->out.len = sizeof(smtp_invalid_pipelining) - 1;
-        s->out.data = smtp_invalid_pipelining;
+        ngx_str_set(&s->out, smtp_invalid_pipelining);
     }
 
     ngx_mail_send(c->write);
@@ -414,8 +413,7 @@ ngx_mail_smtp_auth_state(ngx_event_t *re
         return;
     }
 
-    s->out.len = sizeof(smtp_ok) - 1;
-    s->out.data = smtp_ok;
+    ngx_str_set(&s->out, smtp_ok);
 
     if (rc == NGX_OK) {
         switch (s->mail_state) {
@@ -435,8 +433,7 @@ ngx_mail_smtp_auth_state(ngx_event_t *re
 
             case NGX_SMTP_QUIT:
                 s->quit = 1;
-                s->out.len = sizeof(smtp_bye) - 1;
-                s->out.data = smtp_bye;
+                ngx_str_set(&s->out, smtp_bye);
                 break;
 
             case NGX_SMTP_MAIL:
@@ -456,8 +453,7 @@ ngx_mail_smtp_auth_state(ngx_event_t *re
 
             case NGX_SMTP_STARTTLS:
                 rc = ngx_mail_smtp_starttls(s, c);
-                s->out.len = sizeof(smtp_starttls) - 1;
-                s->out.data = smtp_starttls;
+                ngx_str_set(&s->out, smtp_starttls);
                 break;
 
             default:
@@ -470,8 +466,7 @@ ngx_mail_smtp_auth_state(ngx_event_t *re
         case ngx_smtp_auth_login_username:
             rc = ngx_mail_auth_login_username(s, c, 0);
 
-            s->out.len = sizeof(smtp_password) - 1;
-            s->out.data = smtp_password;
+            ngx_str_set(&s->out, smtp_password);
             s->mail_state = ngx_smtp_auth_login_password;
             break;
 
@@ -502,9 +497,7 @@ ngx_mail_smtp_auth_state(ngx_event_t *re
     case NGX_MAIL_PARSE_INVALID_COMMAND:
         s->mail_state = ngx_smtp_start;
         s->state = 0;
-
-        s->out.len = sizeof(smtp_invalid_command) - 1;
-        s->out.data = smtp_invalid_command;
+        ngx_str_set(&s->out, smtp_invalid_command);
 
         /* fall through */
 
@@ -529,8 +522,7 @@ ngx_mail_smtp_helo(ngx_mail_session_t *s
     ngx_mail_smtp_srv_conf_t  *sscf;
 
     if (s->args.nelts != 1) {
-        s->out.len = sizeof(smtp_invalid_argument) - 1;
-        s->out.data = smtp_invalid_argument;
+        ngx_str_set(&s->out, smtp_invalid_argument);
         s->state = 0;
         return NGX_OK;
     }
@@ -546,10 +538,8 @@ ngx_mail_smtp_helo(ngx_mail_session_t *s
 
     ngx_memcpy(s->smtp_helo.data, arg[0].data, arg[0].len);
 
-    s->smtp_from.len = 0;
-    s->smtp_from.data = NULL;
-    s->smtp_to.len = 0;
-    s->smtp_to.data = NULL;
+    ngx_str_null(&s->smtp_from);
+    ngx_str_null(&s->smtp_to);
 
     sscf = ngx_mail_get_module_srv_conf(s, ngx_mail_smtp_module);
 
@@ -599,8 +589,7 @@ ngx_mail_smtp_auth(ngx_mail_session_t *s
 #endif
 
     if (s->args.nelts == 0) {
-        s->out.len = sizeof(smtp_invalid_argument) - 1;
-        s->out.data = smtp_invalid_argument;
+        ngx_str_set(&s->out, smtp_invalid_argument);
         s->state = 0;
         return NGX_OK;
     }
@@ -611,24 +600,21 @@ ngx_mail_smtp_auth(ngx_mail_session_t *s
 
     case NGX_MAIL_AUTH_LOGIN:
 
-        s->out.len = sizeof(smtp_username) - 1;
-        s->out.data = smtp_username;
+        ngx_str_set(&s->out, smtp_username);
         s->mail_state = ngx_smtp_auth_login_username;
 
         return NGX_OK;
 
     case NGX_MAIL_AUTH_LOGIN_USERNAME:
 
-        s->out.len = sizeof(smtp_password) - 1;
-        s->out.data = smtp_password;
+        ngx_str_set(&s->out, smtp_password);
         s->mail_state = ngx_smtp_auth_login_password;
 
         return ngx_mail_auth_login_username(s, c, 1);
 
     case NGX_MAIL_AUTH_PLAIN:
 
-        s->out.len = sizeof(smtp_next) - 1;
-        s->out.data = smtp_next;
+        ngx_str_set(&s->out, smtp_next);
         s->mail_state = ngx_smtp_auth_plain;
 
         return NGX_OK;
@@ -673,18 +659,14 @@ ngx_mail_smtp_mail(ngx_mail_session_t *s
 
     if (!(sscf->auth_methods & NGX_MAIL_AUTH_NONE_ENABLED)) {
         ngx_mail_smtp_log_rejected_command(s, c, "client was rejected: \"%V\"");
-
-        s->out.len = sizeof(smtp_auth_required) - 1;
-        s->out.data = smtp_auth_required;
-
+        ngx_str_set(&s->out, smtp_auth_required);
         return NGX_OK;
     }
 
     /* auth none */
 
     if (s->smtp_from.len) {
-        s->out.len = sizeof(smtp_bad_sequence) - 1;
-        s->out.data = smtp_bad_sequence;
+        ngx_str_set(&s->out, smtp_bad_sequence);
         return NGX_OK;
     }
 
@@ -723,8 +705,7 @@ ngx_mail_smtp_mail(ngx_mail_session_t *s
     ngx_log_debug1(NGX_LOG_DEBUG_MAIL, c->log, 0,
                    "smtp mail from:\"%V\"", &s->smtp_from);
 
-    s->out.len = sizeof(smtp_ok) - 1;
-    s->out.data = smtp_ok;
+    ngx_str_set(&s->out, smtp_ok);
 
     return NGX_OK;
 }
@@ -738,8 +719,7 @@ ngx_mail_smtp_rcpt(ngx_mail_session_t *s
     ngx_uint_t  i;
 
     if (s->smtp_from.len == 0) {
-        s->out.len = sizeof(smtp_bad_sequence) - 1;
-        s->out.data = smtp_bad_sequence;
+        ngx_str_set(&s->out, smtp_bad_sequence);
         return NGX_OK;
     }
 
@@ -787,13 +767,9 @@ ngx_mail_smtp_rcpt(ngx_mail_session_t *s
 static ngx_int_t
 ngx_mail_smtp_rset(ngx_mail_session_t *s, ngx_connection_t *c)
 {
-    s->smtp_from.len = 0;
-    s->smtp_from.data = NULL;
-    s->smtp_to.len = 0;
-    s->smtp_to.data = NULL;
-
-    s->out.len = sizeof(smtp_ok) - 1;
-    s->out.data = smtp_ok;
+    ngx_str_null(&s->smtp_from);
+    ngx_str_null(&s->smtp_to);
+    ngx_str_set(&s->out, smtp_ok);
 
     return NGX_OK;
 }
@@ -814,12 +790,9 @@ ngx_mail_smtp_starttls(ngx_mail_session_
              * obtained from client before STARTTLS.
              */
 
-            s->smtp_helo.len = 0;
-            s->smtp_helo.data = NULL;
-            s->smtp_from.len = 0;
-            s->smtp_from.data = NULL;
-            s->smtp_to.len = 0;
-            s->smtp_to.data = NULL;
+            ngx_str_null(&s->smtp_helo);
+            ngx_str_null(&s->smtp_from);
+            ngx_str_null(&s->smtp_to);
 
             c->read->handler = ngx_mail_starttls_handler;
             return NGX_OK;
--- a/src/mail/ngx_mail_ssl_module.c
+++ b/src/mail/ngx_mail_ssl_module.c
@@ -163,8 +163,7 @@ ngx_mail_ssl_create_conf(ngx_conf_t *cf)
      *     scf->certificate = { 0, NULL };
      *     scf->certificate_key = { 0, NULL };
      *     scf->dhparam = { 0, NULL };
-     *     scf->ciphers.len = 0;
-     *     scf->ciphers.data = NULL;
+     *     scf->ciphers = { 0, NULL };
      *     scf->shm_zone = NULL;
      */