Mercurial > hg > nginx

view auto/summary @ 4668:ba2c7463ce18 stable-1.2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Merge of r4614, r4624-r4629, r4631: proxy recursive changes. *) Added IPv6 and UNIX-domain socket support in "debug_connection" directive. *) New function ngx_http_get_forwarded_addr() to look up real client address. On input it takes an original address, string in the X-Forwarded-For format and its length, list of trusted proxies, and a flag indicating to perform the recursive search. On output it returns NGX_OK and the "deepest" valid address in a chain, or NGX_DECLINED. It supports AF_INET and AF_INET6. Additionally, original address and/or proxy may be specified as AF_UNIX. *) Realip: chains of trusted proxies and IPv6 support. The module now supports recursive search of client address through the chain of trusted proxies, controlled by the "real_ip_recursive" directive (closes #2). It also gets full IPv6 support (closes #44) and canonical value of the $client_addr variable on address change. Example: real_ip_header X-Forwarded-For; set_real_ip_from 127.0.0.0/8; set_real_ip_from ::1; set_real_ip_from unix:; real_ip_recursive on; *) Geo: chains of trusted proxies and partial IPv6 support. The module now supports recursive search of client address through the chain of trusted proxies, controlled by the "proxy_recursive" directive in the "geo" block. It also gets partial IPv6 support: now proxies may be specified with IPv6 addresses. Example: geo $test { ... proxy 127.0.0.1; proxy ::1; proxy_recursive; } There's also a slight change in behavior. When original client address (as specified by the "geo" directive) is one of the trusted proxies, and the value of the X-Forwarded-For request header cannot not be parsed as a valid address, an original client address will be used for lookup. Previously, 255.255.255.255 was used in this case. *) Geoip: trusted proxies support and partial IPv6 support. The module now supports recursive search of client address through the chain of trusted proxies (closes #100), in the same scope as the geo module. Proxies are listed by the "geoip_proxy" directive, recursive search is enabled by the "geoip_proxy_recursive" directive. IPv6 is partially supported: proxies may be specified with IPv6 addresses. Example: geoip_country .../GeoIP.dat; geoip_proxy 127.0.0.1; geoip_proxy ::1; geoip_proxy 10.0.0.0/8; geoip_proxy_recursive on;
author Maxim Dounin <mdounin@mdounin.ru>
date Mon, 04 Jun 2012 11:58:12 +0000
parents d620f497c50f
children 83d54192e97b
line wrap: on
line source


# Copyright (C) Igor Sysoev
# Copyright (C) Nginx, Inc.


### STUB

if [ $USE_THREADS != NO ]; then

cat << END

$0: error: the threads support is broken now.

END
        exit 1
    fi

###


echo
echo "Configuration summary"


#case $USE_THREADS in
#    rfork)         echo "  + using rfork()ed threads" ;;
#    pthreads)      echo "  + using libpthread threads library" ;;
#    libthr)        echo "  + using FreeBSD libthr threads library" ;;
#    libc_r)        echo "  + using FreeBSD libc_r threads library" ;;
#    linuxthreads)  echo "  + using FreeBSD LinuxThreads port library" ;;
#    NO)            echo "  + threads are not used" ;;
#    *)             echo "  + using lib$USE_THREADS threads library" ;;
#esac

if [ $USE_PCRE = DISABLED ]; then
    echo "  + PCRE library is disabled"

else
    case $PCRE in
        YES)   echo "  + using system PCRE library" ;;
        NONE)  echo "  + PCRE library is not used" ;;
        *)     echo "  + using PCRE library: $PCRE" ;;
    esac
fi

case $OPENSSL in
    YES)   echo "  + using system OpenSSL library" ;;
    NONE)  echo "  + OpenSSL library is not used" ;;
    *)     echo "  + using OpenSSL library: $OPENSSL" ;;
esac

case $MD5 in
    YES)   echo "  + md5: using $MD5_LIB library" ;;
    NONE)  echo "  + md5 library is not used" ;;
    NO)    echo "  + using builtin md5 code" ;;
    *)     echo "  + using md5 library: $MD5" ;;
esac

case $SHA1 in
    YES)   echo "  + sha1: using $SHA1_LIB library" ;;
    NONE)  echo "  + sha1 library is not used" ;;
    NO)    echo "  + sha1 library is not found" ;;
    *)     echo "  + using sha1 library: $SHA1" ;;
esac

case $ZLIB in
    YES)   echo "  + using system zlib library" ;;
    NONE)  echo "  + zlib library is not used" ;;
    *)     echo "  + using zlib library: $ZLIB" ;;
esac

case $NGX_LIBATOMIC in
    YES)   echo "  + using system libatomic_ops library" ;;
    NO)    ;; # not used
    *)     echo "  + using libatomic_ops library: $NGX_LIBATOMIC" ;;
esac

echo


cat << END
  nginx path prefix: "$NGX_PREFIX"
  nginx binary file: "$NGX_SBIN_PATH"
  nginx configuration prefix: "$NGX_CONF_PREFIX"
  nginx configuration file: "$NGX_CONF_PATH"
  nginx pid file: "$NGX_PID_PATH"
END

if test -n "$NGX_ERROR_LOG_PATH"; then
    echo "  nginx error log file: \"$NGX_ERROR_LOG_PATH\""
else
    echo "  nginx logs errors to stderr"
fi

cat << END
  nginx http access log file: "$NGX_HTTP_LOG_PATH"
  nginx http client request body temporary files: "$NGX_HTTP_CLIENT_TEMP_PATH"
END

if [ $HTTP_PROXY = YES ]; then
    echo "  nginx http proxy temporary files: \"$NGX_HTTP_PROXY_TEMP_PATH\""
fi

if [ $HTTP_FASTCGI = YES ]; then
    echo "  nginx http fastcgi temporary files: \"$NGX_HTTP_FASTCGI_TEMP_PATH\""
fi

if [ $HTTP_UWSGI = YES ]; then
    echo "  nginx http uwsgi temporary files: \"$NGX_HTTP_UWSGI_TEMP_PATH\""
fi

if [ $HTTP_SCGI = YES ]; then
    echo "  nginx http scgi temporary files: \"$NGX_HTTP_SCGI_TEMP_PATH\""
fi

echo "$NGX_POST_CONF_MSG"