The new auth_delay directive for delaying unauthorized requests. The request processing is delayed by a timer. Since nginx updates internal time once at the start of each event loop iteration, this normally ensures constant time delay, adding a mitigation from time-based attacks. A notable exception to this is the case when there are no additional events before the timer expires. To ensure constant-time processing in this case as well, we trigger an additional event loop iteration by posting a dummy event for the next event loop iteration.

# Copyright (C) Nginx, Inc.


if [ $USE_THREADS = YES ]; then

    if [ "$NGX_PLATFORM" = win32 ]; then
        cat << END

$0: --with-threads is not supported on Windows

END
        exit 1
    fi

    have=NGX_THREADS . auto/have
    CORE_DEPS="$CORE_DEPS $THREAD_POOL_DEPS"
    CORE_SRCS="$CORE_SRCS $THREAD_POOL_SRCS"
    CORE_LIBS="$CORE_LIBS -lpthread"
    NGX_LIBPTHREAD="-lpthread"
fi