Commit Graph

23 Commits

Author SHA1 Message Date
Maxim Dounin
300530284f Whitespace fix. 2013-08-17 16:54:55 +04:00
Sergey Budnevitch
be27365bb1 Fixed misleading example SSL config.
a) ssl as listen parameter is preferable.
b) ssl_protocols defaults are better because they do not forbid TLS versions
   1.1 and 1.2.
c) ssl_session_timeout has sense only with SSL cache.
2013-08-07 20:01:43 +04:00
Igor Sysoev
8d7b1d222e use !aNULL to disable all anonymous cipher suites
patch by Rob Stradling
2011-06-27 15:47:51 +00:00
Igor Sysoev
74732dded2 update $status in log_format example 2009-04-06 13:43:46 +00:00
Igor Sysoev
641ba448cd add double quotes around $request 2008-11-05 13:26:04 +00:00
Igor Sysoev
72c518452f add "root" to the fastcgi example to set correct included DOCUMENT_ROOT 2008-02-28 20:44:16 +00:00
Igor Sysoev
5cf4d1af4e axe --sysconfdir=PATH
configuration prefix is dirname of --conf-path=PATH
fix paths in default nginx.conf
2007-08-14 19:26:20 +00:00
Igor Sysoev
919130c76e delete default "tcp_nodelay on" 2007-01-18 07:08:18 +00:00
Igor Sysoev
e8f23e99aa fix "$request $status" order in log_format 2006-09-16 07:14:31 +00:00
Igor Sysoev
ef809b86c3 nginx-0.3.50-RELEASE import
*) Change: the "proxy_redirect_errors" and "fastcgi_redirect_errors"
       directives was renamed to the "proxy_intercept_errors" and
       "fastcgi_intercept_errors" directives.

    *) Feature: the ngx_http_charset_module supports the recoding from the
       single byte encodings to the UTF-8 encoding and back.

    *) Feature: the "X-Accel-Charset" response header line is supported in
       proxy and FastCGI mode.

    *) Bugfix: the "\" escape symbol in the "\"" and "\'" pairs in the SSI
       command was removed only if the command also has the "$" symbol.

    *) Bugfix: the "<!--" string might be added on some conditions in the
       SSI after inclusion.

    *) Bugfix: if the "Content-Length: 0" header line was in response, then
       in nonbuffered proxying mode the client connection was not closed.
2006-06-28 16:00:26 +00:00
Igor Sysoev
ac72bd17d1 nginx-0.3.44-RELEASE import
*) Feature: the "wait" parameter in the "include" SSI command.

    *) Feature: the Ukrainian and Byelorussian characters were added to
       koi-win conversion table.

    *) Bugfix: in the SSI.
2006-05-04 15:32:46 +00:00
Igor Sysoev
ffe714403d nginx-0.3.27-RELEASE import
*) Change: the "variables_hash_max_size" and
       "variables_hash_bucket_size" directives.

    *) Feature: the $body_bytes_sent variable can be used not only in the
       "log_format" directive.

    *) Feature: the $ssl_protocol and $ssl_cipher variables.

    *) Feature: the cache line size detection for widespread CPUs at start
       time.

    *) Feature: now the "accept_mutex" directive is supported using
       fcntl(2) on platforms different from i386, amd64, sparc64, and ppc.

    *) Feature: the "lock_file" directive and the --with-lock-path=PATH
       autoconfiguration directive.

    *) Bugfix: if the HTTPS protocol was used in the "proxy_pass" directive
       then the requests with the body was not transferred.
2006-02-08 15:33:12 +00:00
Igor Sysoev
305a9d83cf nginx-0.3.18-RELEASE import
*) Feature: the "server_names" directive supports the ".domain.tld"
       names.

    *) Feature: the "server_names" directive uses the hash for the
       "*.domain.tld" names and more effective hash for usual names.

    *) Change: the "server_names_hash_max_size" and
       "server_names_hash_bucket_size" directives.

    *) Change: the "server_names_hash" and "server_names_hash_threshold"
       directives were canceled.

    *) Feature: the "valid_referers" directive uses the hash site names.

    *) Change: now the "valid_referers" directive checks the site names
       only without the URI part.

    *) Bugfix: some ".domain.tld" names incorrectly processed by the
       ngx_http_map_module.

    *) Bugfix: segmentation fault was occurred if configuration file did
       not exist; the bug had appeared in 0.3.12.

    *) Bugfix: on 64-bit platforms segmentation fault may occurred on
       start; the bug had appeared in 0.3.16.
2005-12-26 17:07:48 +00:00
Igor Sysoev
0e5dc5cff6 nginx-0.3.10-RELEASE import
*) Change: the "valid_referers" directive and the "$invalid_referer"
       variable were moved to the new ngx_http_referer_module from the
       ngx_http_rewrite_module.

    *) Change: the "$apache_bytes_sent" variable name was changed to
       "$body_bytes_sent".

    *) Feature: the "$sent_http_..." variables.

    *) Feature: the "if" directive supports the "=" and "!=" operations.

    *) Feature: the "proxy_pass" directive supports the HTTPS protocol.

    *) Feature: the "proxy_set_body" directive.

    *) Feature: the "post_action" directive.

    *) Feature: the ngx_http_empty_gif_module.

    *) Feature: the "worker_cpu_affinity" directive for Linux.

    *) Bugfix: the "rewrite" directive did not unescape URI part in
       redirect, now it is unescaped except the %00-%25 and %7F-%FF
       characters.

    *) Bugfix: nginx could not be built by the icc 9.0 compiler.

    *) Bugfix: if the SSI was enabled for zero size static file, then the
       chunked response was encoded incorrectly.
2005-11-15 13:30:52 +00:00
Igor Sysoev
09c684b2d5 nginx-0.3.8-RELEASE import
*) Security: nginx now checks URI got from a backend in
       "X-Accel-Redirect" header line or in SSI file for the "/../" paths
       and zeroes.

    *) Change: nginx now does not treat the empty user name in the
       "Authorization" header line as valid one.

    *) Feature: the "ssl_session_timeout" directives of the
       ngx_http_ssl_module and ngx_imap_ssl_module.

    *) Feature: the "auth_http_header" directive of the
       ngx_imap_auth_http_module.

    *) Feature: the "add_header" directive.

    *) Feature: the ngx_http_realip_module.

    *) Feature: the new variables to use in the "log_format" directive:
       $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri,
       $request_time, $request_length, $upstream_status,
       $upstream_response_time, $gzip_ratio, $uid_got, $uid_set,
       $connection, $pipe, and $msec. The parameters in the "%name" form
       will be canceled soon.

    *) Change: now the false variable values in the "if" directive are the
       empty string "" and string starting with "0".

    *) Bugfix: while using proxied or FastCGI-server nginx may leave
       connections and temporary files with client requests in open state.

    *) Bugfix: the worker processes did not flush the buffered logs on
       graceful exit.

    *) Bugfix: if the request URI was changes by the "rewrite" directive
       and the request was proxied in location given by regular expression,
       then the incorrect request was transferred to backend; the bug had
       appeared in 0.2.6.

    *) Bugfix: the "expires" directive did not remove the previous
       "Expires" header.

    *) Bugfix: nginx may stop to accept requests if the "rtsig" method and
       several worker processes were used.

    *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in
       SSI commands.

    *) Bugfix: if the response was ended just after the SSI command and
       gzipping was used, then the response did not transferred complete or
       did not transferred at all.
2005-11-09 17:25:55 +00:00
Igor Sysoev
9ac946bcc9 nginx-0.3.6-RELEASE import
*) Change: now the IMAP/POP3 proxy do not send the empty login to
       authorization server.

    *) Feature: the "log_format" supports the variables in the $name form.

    *) Bugfix: if at least in one server was no the "listen" directive,
       then nginx did not listen on the 80 port; the bug had appeared in
       0.3.3.

    *) Bugfix: if the URI part is omitted in "proxy_pass" directive, the
       the 80 port was always used.
2005-10-24 15:09:41 +00:00
Igor Sysoev
187b7d9558 nginx-0.1.39-RELEASE import
*) The changes in the ngx_http_charset_module: the "default_charset"
       directive was canceled; the "charset" directive sets the response
       charset; the "source_charset" directive sets the source charset only.

    *) Bugfix: the backend "WWW-Authenticate" header line did not
       transferred while the 401 response code redirecting.

    *) Bugfix: the ngx_http_proxy_module and ngx_http_fastcgi_module may
       close a connection before anything was transferred to a client; the
       bug had appeared in 0.1.38.

    *) Workaround: the Linux glibc crypt_r() initialization bug.

    *) Bugfix: the ngx_http_ssi_module did not support the relative URI in
       the "include virtual" command.

    *) Bugfix: if the backend response had the "Location" header line and
       nginx should not rewrite this line, then the 500 code response body
       was transferred; the bug had appeared in 0.1.29.

    *) Bugfix: some directives of the ngx_http_proxy_module and
       ngx_http_fastcgi_module were not inherited from the server to the
       location level; the bug had appeared in 0.1.29.

    *) Bugfix: the ngx_http_ssl_module did not support the certificate
       chain.

    *) Bugfix: the ngx_http_autoindex_module did not show correctly the
       long file names; the bug had appeared in 0.1.38.

    *) Bugfixes in IMAP/POP3 proxy in interaction with a backend at the
       login state.
2005-07-14 12:51:53 +00:00
Igor Sysoev
5192b3651f nginx-0.1.38-RELEASE import
*) Feature: the "limit_rate" directive is supported in in proxy and
       FastCGI mode.

    *) Feature: the "X-Accel-Limit-Rate" response header line is supported
       in proxy and FastCGI mode.

    *) Feature: the "break" directive.

    *) Feature: the "log_not_found" directive.

    *) Bugfix: the response status code was not changed when request was
       redirected by the ""X-Accel-Redirect" header line.

    *) Bugfix: the variables set by the "set" directive could not be used
       in SSI.

    *) Bugfix: the segmentation fault may occurred if the SSI page has more
       than one remote subrequest.

    *) Bugfix: nginx treated the backend response as invalid if the status
       line in the header was transferred in two packets; the bug had
       appeared in 0.1.29.

    *) Feature: the "ssi_types" directive.

    *) Feature: the "autoindex_exact_size" directive.

    *) Bugfix: the ngx_http_autoindex_module did not support the long file
       names in UTF-8.

    *) Feature: the IMAP/POP3 proxy.
2005-07-08 14:34:20 +00:00
Igor Sysoev
b145b067e2 nginx-0.1.36-RELEASE import
*) Change: if the request header has duplicate the "Host",
       "Connection", "Content-Length", or "Authorization" lines, then nginx
       now returns the 400 error.

    *) Change: the "post_accept_timeout" directive was canceled.

    *) Feature: the "default", "af=", "bl=", "deferred", and "bind"
       parameters of the "listen" directive.

    *) Feature: the FreeBSD accept filters support.

    *) Feature: the Linux TCP_DEFER_ACCEPT support.

    *) Bugfix: the ngx_http_autoindex_module did not support the file names
       in UTF-8.

    *) Bugfix: the new log file can be rotated by the -USR1 signal only if
       the reconfiguration by the -HUP signal was made twice.
2005-06-15 18:33:41 +00:00
Igor Sysoev
d039a2e193 nginx-0.1.21-RELEASE import
*) Bugfix: the ngx_http_stub_status_module showed incorrect statistics
       if "rtsig" method was used or if several worker process ran on SMP.

    *) Bugfix: nginx could not be built by the icc compiler on Linux or if
       the zlib-1.2.x library was building from sources.

    *) Bugfix: nginx could not be built on NetBSD 2.0.
2005-02-22 14:40:13 +00:00
Igor Sysoev
3259e85b7a nginx-0.1.15-RELEASE import
*) Bugfix: the error while the connecting to the FastCGI server caused
       segmentation fault.

    *) Bugfix: the correct handling of the regular expression, that has
       different number of the captures and substitutions.

    *) Feature: the location, that is passed to the FastCGI server, can be
       regular expression.

    *) Bugfix: the FastCGI's parameter REQUEST_URI is now passed with the
       arguments and in the original state.

    *) Bugfix: the ngx_http_rewrite_module module was required to be built
       to use the regular expressions in locations.

    *) Bugfix: the directive "proxy_preserve_host  on" adds port 80 to the
       "Host" headers, if upstream listen on port 80; the bug had appeared
       in 0.1.14.

    *) Bugfix: the same paths in autoconfiguration parameters
       --http-client-body-temp-path=PATH and --http-proxy-temp-path=PATH,
       or --http-client-body-temp-path=PATH and
       --http-fastcgi-temp-path=PATH caused segmentation fault.
2005-01-19 13:10:56 +00:00
Igor Sysoev
c0edbcce58 nginx-0.1.2-RELEASE import
*) Feature: the --user=USER, --group=GROUP, and --with-ld-opt=OPTIONS
       options in configure.

    *) Feature: the server_name directive supports *.domain.tld.

    *) Bugfix: the portability improvements.

    *) Bugfix: if configuration file was set in command line, the
       reconfiguration was impossible; the bug had appeared in 0.1.1.

    *) Bugfix: proxy module may get caught in an endless loop when sendfile
       is not used.

    *) Bugfix: with sendfile the response was not recoded according to the
       charset module directives; the bug had appeared in 0.1.1.

    *) Bugfix: very seldom bug in the kqueue processing.

    *) Bugfix: the gzip module compressed the proxied responses that was
       already compressed.
2004-10-21 15:34:38 +00:00
Igor Sysoev
0e8348c500 nginx-0.1.0-RELEASE import
*) The first public version.
2004-10-04 15:04:06 +00:00