flyskype
/
openresty
mirror of https://github.com/openresty/openresty
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
1,754 Commits
15 Branches
181 Tags
11 MiB
master
stream-ppv2
1.19.9.x
1.21.4.x
1.25.3.x
cve
ngx-http-redis
v24.2
bump-1.21.4.2
rel
close_fd
1.19.3.x
1.17.8.x
1.15.8.x
nginx-1.13.8
v1.15.8.2
v0.8.54.3
v0.8.54.4
v0.8.54.5
v0.8.54.6
v0.8.54.8
v0.8.54.9
v1.0.10.1
v1.0.10.11
v1.0.10.13
v1.0.10.15
v1.0.10.17
v1.0.10.19
v1.0.10.21
v1.0.10.23
v1.0.10.24
v1.0.10.25
v1.0.10.27
v1.0.10.29
v1.0.10.3
v1.0.10.31
v1.0.10.33
v1.0.10.35
v1.0.10.41
v1.0.10.43
v1.0.10.44
v1.0.10.45
v1.0.10.47
v1.0.10.48
v1.0.10.5
v1.0.10.7
v1.0.10.9
v1.0.11.11
v1.0.11.15
v1.0.11.17
v1.0.11.19
v1.0.11.21
v1.0.11.23
v1.0.11.25
v1.0.11.27
v1.0.11.28
v1.0.11.3
v1.0.11.7
v1.0.11.9
v1.0.15.1
v1.0.15.10
v1.0.15.11
v1.0.15.3
v1.0.15.5
v1.0.15.7
v1.0.15.9
v1.0.4.0
v1.0.4.1
v1.0.4.2
v1.0.5.0
v1.0.5.1
v1.0.6.22
v1.0.6.3
v1.0.6.5
v1.0.8.1
v1.0.8.11
v1.0.8.13
v1.0.8.15
v1.0.8.17
v1.0.8.19
v1.0.8.21
v1.0.8.26
v1.0.8.3
v1.0.8.5
v1.0.8.7
v1.0.8.9
v1.0.9.1
v1.0.9.10
v1.0.9.3
v1.0.9.5
v1.0.9.7
v1.0.9.9
v1.1.12.3
v1.1.12.4
v1.1.12.5
v1.1.13.1
v1.11.2.1
v1.11.2.2
v1.11.2.3
v1.11.2.4
v1.11.2.5
v1.13.6.1
v1.13.6.2
v1.15.8.1
v1.15.8.1rc1
v1.15.8.1rc2
v1.15.8.3
v1.17.8.1
v1.17.8.1rc1
v1.17.8.2
v1.19.3.1
v1.19.3.1rc0
v1.19.3.1rc1
v1.19.3.2
v1.19.9.1
v1.19.9.1rc1
v1.19.9.2
v1.2.1.1
v1.2.1.11
v1.2.1.13
v1.2.1.14
v1.2.1.3
v1.2.1.5
v1.2.1.7
v1.2.1.9
v1.2.3.1
v1.2.3.3
v1.2.3.5
v1.2.3.7
v1.2.3.8
v1.2.4.1
v1.2.4.11
v1.2.4.13
v1.2.4.14
v1.2.4.3
v1.2.4.5
v1.2.4.7
v1.2.4.9
v1.2.6.1
v1.2.6.3
v1.2.6.5
v1.2.6.6
v1.2.7.1
v1.2.7.3
v1.2.7.5
v1.2.7.6
v1.2.7.8
v1.2.8.1
v1.2.8.3
v1.2.8.5
v1.2.8.6
v1.21.4.1
v1.21.4.1rc1
v1.21.4.1rc2
v1.21.4.1rc3
v1.21.4.2
v1.21.4.2rc1
v1.21.4.3
v1.21.4.4
v1.25.3.1
v1.25.3.2
v1.27.1.1
v1.27.1.2
v1.4.1.1
v1.4.1.3
v1.4.2.1
v1.4.2.3
v1.4.2.5
v1.4.2.7
v1.4.2.8
v1.4.2.9
v1.4.3.1
v1.4.3.3
v1.4.3.4
v1.4.3.6
v1.4.3.7
v1.4.3.9
v1.5.11.1
v1.5.12.1
v1.5.8.1
v1.7.0.1
v1.7.10.1
v1.7.10.2
v1.7.2.1
v1.7.4.1
v1.7.7.1
v1.7.7.2
v1.9.15.1
v1.9.3.1
v1.9.3.1rc1
v1.9.3.2
v1.9.7.1
v1.9.7.2
v1.9.7.3
v1.9.7.4
v1.9.7.5
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6c438ff0ba'
${ noResults }
Commit Graph

288 Commits (6c438ff0bac8f47c4aa74cab021839ed865de67b)

Author SHA1 Message Date
耗子 a6097d4edc
fix: remove unnecessary CVE-2025-23419 patch 3 weeks ago
耗子 22377d5aaa
feature: update nginx to v1.27.5. 3 weeks ago
lijunlong 5fdebe76b6 feature: add upstream proxy protocol v2 for stream module. 
Co-author: chenri_shen@163.com
 3 weeks ago
lijunlong 177ba250cc feature: check in openssl-3.4.1-sess_set_get_cb_yield.patch. 2 months ago
lijunlong 4ad3978ec8 bugfix: apply patch CVE-2025-23419.patch 3 months ago
lijunlong 279c5cf91a bugfix: fixed nginx-1.27.1-stream_ssl_preread_no_skip.patch. 4 months ago
Bo Xu 54c70cc1de
bugfix: make HTTP3 server headers also use openresty instead of nginx. 4 months ago
lijunlong 67aff27ddc feature: check in patch LuaJIT2-20241104.patch for apple. 6 months ago
lijunlong 8c37412c31 disable win32 in nginx-1.27.1-proc_exit_handler.patch. 7 months ago
lijunlong 5ef14281cd feature: add openssl-3.0.15-sess_set_get_cb_yield.patch. 8 months ago
耗子 efc930249e
feat: bump openssl-1.1.1f-sess_set_get_cb_yield.patch to 3.0.12. 8 months ago
lijunlong c58d90ce11 patch: add NGX_HAVE_PROC_EXIT for proc_exit_handler. 9 months ago
lijunlong 27303d2fd0 feature: add proc_exit_handler. 9 months ago
lijunlong 9fb4098d72
feature: add patches for nginx-1.27.1. (#999) 9 months ago
Johnny Wang 4da52a0574
patches: added initialize_quic_transport_id_variable.patch for nginx >= 1.27.0. (#993) 9 months ago
lijunlong cc86d58043 feature: more patch for balancer_pool_max_retry. 10 months ago
kurt 3636b199e5
bugfix: respect max retry after using balancer pool. 
Signed-off-by: tzssangglass <tzssangglass@gmail.com>
 10 months ago
Johnny Wang cdd227a4f6
feature: upgrade the nginx core to 1.27.0. 11 months ago
lijunlong 9c9495b6f9
bugfix: backport fixes for CVE-2024-24989 and CVE-2024-24990. 1 year ago
lijunlong aecf396061
feature: add patch for nginx-1.25.3. 1 year ago
Johnny Wang 2f97ded92b
bugfix: applied the patch for secrity advisory to NGINX cores (CVE-2023-44487). (#931) 2 years ago
swananan d086dbcfc5
bugfix: make no_error_pages patch more accurate to ensure work properly on macOS. 2 years ago
swananan 6278b1aeae feature: upgrade nginx core to 1.25.1 which supports HTTP3. 2 years ago
fesily d0a77980eb
patches: add privileged agent thread pool (#847) 3 years ago
lijunlong ae42a6bd86
upgrade nginx core to 1.23.0. (#839) 3 years ago
Johnny Wang a7142a8934
bugfix: fixed typo in no-pool patch of 1.21.4. (#799) 3 years ago
Johnny Wang 7e1cf985cf
bugfix: check if the worker_connections is 0 before privileged agent spawning. (#786) 
The core dump may occur during initialization

    Program terminated with signal SIGSEGV, Segmentation fault.
    #0  0x0000000000441711 in ngx_event_process_init (cycle=0x1e93cc0) at src/event/ngx_event.c:807
    801         i = cycle->connection_n;
    802         next = NULL;
    803
    804         do {
    805             i--;
    806
    807             c[i].data = next;
    #1  0x000000000044abb9 in ngx_worker_process_init (cycle=cycle@entry=0x1e93cc0, worker=worker@entry=-1) at src/os/unix/ngx_process_cycle.c:968
 4 years ago
lijunlong 7df6239881 upgrade the nginx core to 1.21.4. 4 years ago
Johnny Wang 5c7ad29352
upgrade the nginx core to 1.21.3. (#779) 4 years ago
Zhefeng Chen 9fa420424a patches: added the nginx-1.19.9-ssl_client_hello_cb_yield patch. 4 years ago
Johnny Wang 1befa30baa
upgraded ngx_http_redis module to 0.3.9. (#754) 4 years ago
wangyao c93ef77262
change: introduce a new patch for privileged agent process connections. (#751) 4 years ago
Yao Wang 174f72b95c feature: add config ability for privileged connections number. 4 years ago
Johnny Wang 4b5ec7edd7
bugfix: applied the patch for security advisory to NGINX cores >= 0.6.18 and <= 1.20.0 (CVE-2021-23017). (#739) 4 years ago
Johnny Wang 1562e11be5
upgraded the nginx core to 1.19.9. (#717) 4 years ago
Johnny Wang 3abb2c7fae
upgraded the nginx core to 1.19.8. (#715) 4 years ago
Yichun Zhang (agentzh) 275739cf1f upgraded the nginx core to 1.19.3. 5 years ago
Yichun Zhang (agentzh) 5d118a38a6 upgrade the nginx core to 1.19.2. 5 years ago
root 50717794af bugfix: nginx would crash when receiving SIGHUP in the single process mode. 
Signed-off-by: Yichun Zhang (agentzh) <yichun@openresty.com>
 5 years ago
lijunlong 6985198d46 bugfix: ngx_http_static_module: the 'Locatoin' response header value was not properly encoded by URI rules. 
This may impose security vulnerabilities for Location values from
untrusted sources.

The corresponding tests are in the lua-nginx-module repo.
 5 years ago
Thibault Charbonnier 4b5cb7a546 patches: added the openssl-1.1.1f-sess_set_get_cb_yield patch. 5 years ago
Yichun Zhang (agentzh) 7dfeed5921 win32/win64: added new patch to fix openssl compilation on windows via the mingw64 toolchain. 5 years ago
Thibault Charbonnier 721d7dacc4 patches: added the openssl-1.1.1e-sess_set_get_cb_yield patch. 5 years ago
Thibault Charbonnier c1a0a9ad8f bugfix: fixed a memory leak in the OpenSSL 1.1.1 sess_set_get_cb_yield patch. 
This memory leak was found by running the Valgrind testing mode against
lua-resty-core's `ssl-session-fetch.t` test suite:

    TEST 5: yield during doing handshake with client which uses low version OpenSSL

    ==16956== 64 (32 direct, 32 indirect) bytes in 1 blocks are definitely lost in loss record 5 of 15
    ==16956== at 0x4C2B002: malloc (vg_replace_malloc.c:298)
    ==16956== by 0x5FFC868: CRYPTO_malloc (mem.c:222)
    ==16956== by 0x5FFC96F: CRYPTO_zalloc (mem.c:230)
    ==16956== by 0x603C54A: OPENSSL_sk_new_reserve (stack.c:209)
    ==16956== by 0x603C597: OPENSSL_sk_new_null (stack.c:118)
    ==16956== by 0x5C94A86: sk_SSL_CIPHER_new_null (ssl.h:960)
    ==16956== by 0x5C94A86: bytes_to_cipher_list (ssl_lib.c:5361)
    ==16956== by 0x5CB52E9: tls_early_post_process_client_hello (statem_srvr.c:1713)
    ==16956== by 0x5CB52E9: tls_post_process_client_hello (statem_srvr.c:2231)
    ==16956== by 0x5CB6F39: ossl_statem_server_post_process_message (statem_srvr.c:1218)
    ==16956== by 0x5CA4C11: read_state_machine (statem.c:664)
    ==16956== by 0x5CA4C11: state_machine (statem.c:434)
    ==16956== by 0x5CA538A: ossl_statem_accept (statem.c:255)
    ==16956== by 0x5C91759: SSL_do_handshake (ssl_lib.c:3609)
    ==16956== by 0x45456B: ngx_ssl_handshake (ngx_event_openssl.c:1606)
    ==16956== by 0x4698D3: ngx_http_ssl_handshake (ngx_http_request.c:751)
    ==16956== by 0x44ECA8: ngx_epoll_process_events (ngx_epoll_module.c:901)
    ==16956== by 0x443E94: ngx_process_events_and_timers (ngx_event.c:257)
    ==16956== by 0x44DC25: ngx_single_process_cycle (ngx_process_cycle.c:333)
    ==16956== by 0x4236AB: main (nginx.c:382)
    ==16956==
    {
    <insert_a_suppression_name_here>
    Memcheck:Leak
    match-leak-kinds: definite
    fun:malloc
    fun:CRYPTO_malloc
    fun:CRYPTO_zalloc
    fun:OPENSSL_sk_new_reserve
    fun:OPENSSL_sk_new_null
    fun:sk_SSL_CIPHER_new_null
    fun:bytes_to_cipher_list
    fun:tls_early_post_process_client_hello
    fun:tls_post_process_client_hello
    fun:ossl_statem_server_post_process_message
    fun:read_state_machine
    fun:state_machine
    fun:ossl_statem_accept
    fun:SSL_do_handshake
    fun:ngx_ssl_handshake
    fun:ngx_http_ssl_handshake
    fun:ngx_epoll_process_events
    fun:ngx_process_events_and_timers
    fun:ngx_single_process_cycle
    fun:main
    }

    ==16956== 368 (32 direct, 336 indirect) bytes in 1 blocks are definitely lost in loss record 8 of 15
    ==16956== at 0x4C2B002: malloc (vg_replace_malloc.c:298)
    ==16956== by 0x5FFC868: CRYPTO_malloc (mem.c:222)
    ==16956== by 0x5FFC96F: CRYPTO_zalloc (mem.c:230)
    ==16956== by 0x603C54A: OPENSSL_sk_new_reserve (stack.c:209)
    ==16956== by 0x603C597: OPENSSL_sk_new_null (stack.c:118)
    ==16956== by 0x5C94A79: sk_SSL_CIPHER_new_null (ssl.h:960)
    ==16956== by 0x5C94A79: bytes_to_cipher_list (ssl_lib.c:5360)
    ==16956== by 0x5CB52E9: tls_early_post_process_client_hello (statem_srvr.c:1713)
    ==16956== by 0x5CB52E9: tls_post_process_client_hello (statem_srvr.c:2231)
    ==16956== by 0x5CB6F39: ossl_statem_server_post_process_message (statem_srvr.c:1218)
    ==16956== by 0x5CA4C11: read_state_machine (statem.c:664)
    ==16956== by 0x5CA4C11: state_machine (statem.c:434)
    ==16956== by 0x5CA538A: ossl_statem_accept (statem.c:255)
    ==16956== by 0x5C91759: SSL_do_handshake (ssl_lib.c:3609)
    ==16956== by 0x45456B: ngx_ssl_handshake (ngx_event_openssl.c:1606)
    ==16956== by 0x4698D3: ngx_http_ssl_handshake (ngx_http_request.c:751)
    ==16956== by 0x44ECA8: ngx_epoll_process_events (ngx_epoll_module.c:901)
    ==16956== by 0x443E94: ngx_process_events_and_timers (ngx_event.c:257)
    ==16956== by 0x44DC25: ngx_single_process_cycle (ngx_process_cycle.c:333)
    ==16956== by 0x4236AB: main (nginx.c:382)
    ==16956==
    {
    <insert_a_suppression_name_here>
    Memcheck:Leak
    match-leak-kinds: definite
    fun:malloc
    fun:CRYPTO_malloc
    fun:CRYPTO_zalloc
    fun:OPENSSL_sk_new_reserve
    fun:OPENSSL_sk_new_null
    fun:sk_SSL_CIPHER_new_null
    fun:bytes_to_cipher_list
    fun:tls_early_post_process_client_hello
    fun:tls_post_process_client_hello
    fun:ossl_statem_server_post_process_message
    fun:read_state_machine
    fun:state_machine
    fun:ossl_statem_accept
    fun:SSL_do_handshake
    fun:ngx_ssl_handshake
    fun:ngx_http_ssl_handshake
    fun:ngx_epoll_process_events
    fun:ngx_process_events_and_timers
    fun:ngx_single_process_cycle
    fun:main
    }
 5 years ago
Thibault Charbonnier 28f76c1d27 upgraded the NGINX core to 1.17.8. 5 years ago
Thibault Charbonnier 268229af83 misc: removed the gcc-maybe-uninitialized-warning patch. 
This was fixed in the 1.5.10 release. We unconditionally remove it since
we only support NGINX cores 1.6.0 and above.
 5 years ago
Yichun Zhang (agentzh) f17fe6edc1 change: we no longer maintain the nginx dtrace patch. 5 years ago
Thibault Charbonnier bad7098d88 patches: added the nginx-1.17.4 patches. 6 years ago
Thibault Charbonnier 59e4ef5c23 bugfix: applied the patch for security advisory to NGINX cores < 1.14.1 and < 1.15.6 (CVE-2019-9511 CVE-2019-9513 CVE-2019-9516). 6 years ago
Thibault Charbonnier 80ba3892c6 bugfix: applied the patch for security advisory to NGINX cores < 1.14.1 and < 1.15.6 (CVE-2018-16843 CVE-2018-16844). 6 years ago