PR/45506. No new options added. Notable changes:
*) Bugfix: a segmentation fault might occur in a worker process if
resolver got a big DNS response.
*) Feature: accept filters are now supported on NetBSD.
*) Bugfix: a segmentation fault occurred on start or while
reconfiguration if the "ssl" directive was used at http level and
there was no "ssl_certificate" defined.
*) Bugfix: nginx hogged CPU if all servers in an upstream were marked as
"down".
*) Bugfix: a segmentation fault might occur during reconfiguration if
ssl_session_cache was defined but not used in previous configuration.
*) Bugfix: a segmentation fault might occur in a worker process if many
backup servers were used in an upstream.
*) Feature: now nginx supports ECDHE key exchange ciphers.
*) Change: now default SSL ciphers are "HIGH:!aNULL:!MD5".
*) Bugfix: a segmentation fault might occur in a worker process, if a
caching was used.
*) Bugfix: worker processes may got caught in an endless loop during
reconfiguration, if a caching was used; the bug had appeared in 0.8.48.
- Allow the "error_page" directive to change the status code in a
redirect
- Support special "degration" mask in "gzip_disable" directive
- Fix a socket leak with file AIO
- Fix bug that made a server the default if none was explicitly set and
the first server has no "listen" directive
*) Change: the "secure_link_expires" directive has been canceled.
*) Change: a logging level of resolver errors has been lowered from
"alert" to "error".
*) Feature: now a listen socket "ssl" parameter may be set several
times.
*) Feature: the "secure_link", "secure_link_md5", and
"secure_link_expires" directives of the ngx_http_secure_link_module.
*) Feature: the -q switch.
Thanks to Gena Makhomed.
*) Bugfix: worker processes may got caught in an endless loop during
reconfiguration, if a caching was used; the bug had appeared in
0.8.48.
*) Bugfix: in the "gzip_disable" directive.
Thanks to Derrick Petzold.
*) Feature: the "image_filter_jpeg_quality" directive supports
variables.
*) Bugfix: a segmentation fault might occur in a worker process, if the
$geoip_region_name variables was used; the bug had appeared in
0.8.48.
*) Bugfix: errors intercepted by error_page were cached only for next
request; the bug had appeared in 0.8.48.
*) Change: now the "server_name" directive default value is an empty
name "".
Thanks to Gena Makhomed.
*) Change: now the "server_name_in_redirect" directive default value is
"off".
*) Feature: the $geoip_dma_code, $geoip_area_code, and
$geoip_region_name variables.
Thanks to Christine McGonagle.
*) Bugfix: the "proxy_pass", "fastcgi_pass", "uwsgi_pass", and
"scgi_pass" directives were not inherited inside "limit_except"
blocks.
*) Bugfix: the "proxy_cache_min_uses", "fastcgi_cache_min_uses"
"uwsgi_cache_min_uses", and "scgi_cache_min_uses" directives did not
work; the bug had appeared in 0.8.46.
*) Bugfix: the "fastcgi_split_path_info" directive used incorrectly
captures, if only parts of an URI were captured.
Thanks to Yuriy Taraday and Frank Enderle.
*) Bugfix: the "rewrite" directive did not escape a ";" character
during copying from URI to query string.
Thanks to Daisuke Murase.
*) Bugfix: the ngx_http_image_filter_module closed a connection, if an
image was larger than "image_filter_buffer" size.
*) Bugfix: $request_time variable had invalid values for subrequests.
*) Bugfix: errors intercepted by error_page could not be cached.
*) Bugfix: a cache manager process may got caught in an endless loop,
if max_size parameter was used; the bug had appeared in 0.8.46.
*) Change: now the "proxy_no_cache", "fastcgi_no_cache",
"uwsgi_no_cache", and "scgi_no_cache" directives affect on a cached
response saving only.
*) Feature: the "proxy_cache_bypass", "fastcgi_cache_bypass",
"uwsgi_cache_bypass", and "scgi_cache_bypass" directives.
*) Bugfix: nginx did not free memory in cache keys zones if there was
an error during working with backend: the memory was freed only
after inactivity time or on memory low condition.
*) Feature: ngx_http_xslt_filter improvements.
Thanks to Laurence Rowe.
*) Bugfix: SSI response might be truncated after include with
wait="yes"; the bug had appeared in 0.7.25.
Thanks to Maxim Dounin.
*) Bugfix: the "listen" directive did not support the "setfib=0"
parameter.
*) Change: now nginx does not cache by default backend responses, if
they have a "Set-Cookie" header line.
*) Feature: the "listen" directive supports the "setfib" parameter.
Thanks to Andrew Filonov.
*) Bugfix: the "sub_filter" directive might change character case on
partial match.
*) Bugfix: compatibility with HP/UX.
*) Bugfix: compatibility with AIX xcl_r compiler.
*) Bugfix: nginx treated large SSLv2 packets as plain requests.
Thanks to Miroslaw Jaworski.
*) Feature: large geo ranges base loading speed-up.
*) Bugfix: an error_page redirection to "location /zero {return 204;}"
without changing status code kept the error body; the bug had
appeared in 0.8.42.
*) Bugfix: nginx might close IPv6 listen socket during
reconfiguration.
Thanks to Maxim Dounin.
*) Bugfix: the $uid_set variable may be used at any request processing
stage.
*) Change: now nginx tests locations given by regular expressions, if
request was matched exactly by a location given by a prefix string.
The previous behavior has been introduced in 0.7.1.
*) Feature: the ngx_http_scgi_module.
Thanks to Manlio Perillo.
*) Feature: a text answer may be added to a "return" directive.
- New http_uwsgi_module, replacing the (optional) external one
- New ngx_http_split_clients module
- Support "map" directive with keys longer than 255 charecters
- Allow overriding client request header in fastcgi_param
- New "proxy_no_cache" and "fastcgi_no_cache" directives
- Automatically redirect from "rewrite" if $scheme is used
- Various bugfixes
- Support all ciphers and digests typically used in client certificates
- Fix caching of FastCGI reponses with large stderr output
- Support HTTPS referrers
- Fix $date_local variable with "%s" format
- Fix client certificate verification error with ssl_session_cache=none
- Fix matching error with geo ranges
- Fix SSI issue with stub parameter
- Fix $r->sleep
- fix issues with Keep-Alive in various clients
- fix issue with internal redirects between proxy/fastcgi locations
- fix a bug with discarding request bodies
Add optional uwsgi backend.
*) Change: now the ngx_http_userid_module adds start time microseconds
to the cookie field contains a pid value.
*) Change: now the uname(2) is used on Linux instead of procfs.
Thanks to Ilya Novikov.
*) Feature: the "If-Range" request header line support.
Thanks to Alexander V. Inyukhin.
*) Bugfix: in HTTPS mode requests might fail with the "bad write retry"
error; bug appeared in 0.5.13.
*) Bugfix: the STARTTLS in SMTP mode did not work.
Thanks to Oleg Motienko.
*) Bugfix: large_client_header_buffers did not freed before going to
keep-alive state.
Thanks to Olexander Shtepa.
*) Bugfix: the "limit_rate" directive did not allow to use full
throughput, even if limit value was very high.
*) Bugfix: the $status variable was equal to 0 if a proxied server
returned response in HTTP/0.9 version.
*) Bugfix: if the "?" character was in a "error_page" directive, then
it was escaped in a proxied request; bug appeared in 0.5.32.
*) Change: now the full request line instead of URI only is written to
error_log.
*) Feature: Cygwin compatibility.
Thanks to Vladimir Kutakov.
*) Feature: the "merge_slashes" directive.
*) Feature: the "gzip_vary" directive.
*) Feature: the "server_tokens" directive.
*) Feature: the "access_log" directive may be used inside the
"limit_except" block.
*) Bugfix: if the $server_protocol was used in FastCGI parameters and a
request line length was near to the "client_header_buffer_size"
directive value, then nginx issued an alert "fastcgi: the request
record is too big".
*) Bugfix: if a plain text HTTP/0.9 version request was made to HTTPS
server, then nginx returned usual response.
*) Bugfix: URL double escaping in a redirect of the "msie_refresh"
directive; bug appeared in 0.5.28.
*) Bugfix: a segmentation fault might occur in worker process if
subrequests were used.
*) Bugfix: the big responses may be transferred truncated if SSL and
gzip were used.
*) Bugfix: compatibility with mget.
*) Bugfix: nginx did not unescape URI in the "include" SSI command.
*) Bugfix: the segmentation fault was occurred on start or while
reconfiguration if variable was used in the "charset" or
"source_charset" directives.
*) Bugfix: nginx returned the 400 response on requests like
"GET http://www.domain.com HTTP/1.0".
Thanks to James Oakley.
*) Bugfix: a segmentation fault occurred in worker process if
$date_local and $date_gmt were used outside the
ngx_http_ssi_filter_module.
*) Bugfix: a segmentation fault might occur in worker process if debug
log was enabled.
Thanks to Andrei Nigmatulin.
*) Bugfix: ngx_http_memcached_module did not set
$upstream_response_time.
Thanks to Maxim Dounin.
*) Bugfix: a worker process may got caught in an endless loop, if the
memcached was used.
