From 7ecba5377f9732441667b4430e5c947e4968751d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 24 Sep 2016 12:30:46 -0700 Subject: [PATCH 001/136] travis-ci: use openssl 1.0.2i. --- .travis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index 0e516a9c4b..ccc63b5c66 100644 --- a/.travis.yml +++ b/.travis.yml @@ -43,7 +43,7 @@ env: - OPENSSL_PREFIX=/opt/ssl - OPENSSL_LIB=$OPENSSL_PREFIX/lib - OPENSSL_INC=$OPENSSL_PREFIX/include - - OPENSSL_VER=1.0.2h + - OPENSSL_VER=1.0.2i - LIBDRIZZLE_PREFIX=/opt/drizzle - LIBDRIZZLE_INC=$LIBDRIZZLE_PREFIX/include/libdrizzle-1.0 - LIBDRIZZLE_LIB=$LIBDRIZZLE_PREFIX/lib @@ -107,8 +107,8 @@ script: - cd .. - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz - cd openssl-$OPENSSL_VER/ - - wget https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-$OPENSSL_VER-sess_set_get_cb_yield.patch - - patch -p1 < openssl-$OPENSSL_VER-sess_set_get_cb_yield.patch + - wget https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch + - patch -p1 < openssl-1.0.2h-sess_set_get_cb_yield.patch - ./config shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1) - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1) From 3bd4227ce4ffe5c9c73c7592d67395a2b935fe8f Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 2 Oct 2016 18:30:12 -0700 Subject: [PATCH 002/136] made a resolver test case more tolerante. --- t/023-rewrite/tcp-socket.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/023-rewrite/tcp-socket.t b/t/023-rewrite/tcp-socket.t index 9b39ba1aaa..cf9d80af2c 100644 --- a/t/023-rewrite/tcp-socket.t +++ b/t/023-rewrite/tcp-socket.t @@ -446,7 +446,7 @@ attempt to send data on a closed socket --- request GET /t --- response_body_like -^failed to connect: blah-blah-not-found\.agentzh\.org could not be resolved(?: \(\d+: Operation timed out\))? +^failed to connect: blah-blah-not-found\.agentzh\.org could not be resolved(?: \(\d+: (?:Operation timed out|Host not found)\))? connected: nil failed to send request: closed$ --- error_log From da08f59ae5ff0f230595322b3a8ce48bd42f1b3f Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 2 Oct 2016 22:48:09 -0700 Subject: [PATCH 003/136] optimize: optimized the shdict node struct memory layout which can save 8 bytes for every key-value pair on 64-bit systems, for example. --- src/ngx_http_lua_shdict.c | 3 +++ src/ngx_http_lua_shdict.h | 7 +++---- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/src/ngx_http_lua_shdict.c b/src/ngx_http_lua_shdict.c index ac7f6f1f96..b6943a31ab 100644 --- a/src/ngx_http_lua_shdict.c +++ b/src/ngx_http_lua_shdict.c @@ -1195,6 +1195,9 @@ ngx_http_lua_shdict_set_helper(lua_State *L, int flags) + key.len + value.len; + dd("overhead = %d", (int) (offsetof(ngx_rbtree_node_t, color) + + offsetof(ngx_http_lua_shdict_node_t, data))); + node = ngx_slab_alloc_locked(ctx->shpool, n); if (node == NULL) { diff --git a/src/ngx_http_lua_shdict.h b/src/ngx_http_lua_shdict.h index 5c4ff36e6b..f0d44e9c50 100644 --- a/src/ngx_http_lua_shdict.h +++ b/src/ngx_http_lua_shdict.h @@ -13,12 +13,11 @@ typedef struct { u_char color; - u_char dummy; - u_short key_len; - ngx_queue_t queue; - uint64_t expires; uint8_t value_type; + u_short key_len; uint32_t value_len; + uint64_t expires; + ngx_queue_t queue; uint32_t user_flags; u_char data[1]; } ngx_http_lua_shdict_node_t; From d26ca9052d73cab8499436fc2a18956482b1772f Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 5 Oct 2016 13:26:30 -0700 Subject: [PATCH 004/136] fixed a hard-coded IP address in a test case. --- t/128-duplex-tcp-socket.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/t/128-duplex-tcp-socket.t b/t/128-duplex-tcp-socket.t index 0bf38d0b78..d3ef3f5926 100644 --- a/t/128-duplex-tcp-socket.t +++ b/t/128-duplex-tcp-socket.t @@ -357,7 +357,7 @@ F(ngx_http_lua_socket_tcp_finalize_write_part) { --- config server_tokens off; lua_socket_log_errors off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -390,7 +390,7 @@ F(ngx_http_lua_socket_tcp_finalize_write_part) { end sock:settimeout(300) - local ok, err = sock:connect("106.187.41.147", 12345) + local ok, err = sock:connect("106.184.1.99", 12345) ngx.say("connect: ", ok, " ", err) local ok, err = sock:close() From 5c491a59ce51879caba6abaa555f86bbedf643eb Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Mon, 3 Oct 2016 22:14:45 +0500 Subject: [PATCH 005/136] travis-ci: add nginx-1.11.2 (supported by openresty) --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index ccc63b5c66..808664d4d2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -52,7 +52,7 @@ env: - TEST_NGINX_SLEEP=0.006 matrix: - NGINX_VERSION=1.9.15 -# - NGINX_VERSION=1.10.0 + - NGINX_VERSION=1.11.2 services: - memcache From f7a0d58a4ecea29bdb513c8d64fdd45f715319d8 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Mon, 3 Oct 2016 22:33:39 +0500 Subject: [PATCH 006/136] travis-ci: upgraded openssl to 1.0.2j --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 808664d4d2..f9bc284ab2 100644 --- a/.travis.yml +++ b/.travis.yml @@ -43,7 +43,7 @@ env: - OPENSSL_PREFIX=/opt/ssl - OPENSSL_LIB=$OPENSSL_PREFIX/lib - OPENSSL_INC=$OPENSSL_PREFIX/include - - OPENSSL_VER=1.0.2i + - OPENSSL_VER=1.0.2j - LIBDRIZZLE_PREFIX=/opt/drizzle - LIBDRIZZLE_INC=$LIBDRIZZLE_PREFIX/include/libdrizzle-1.0 - LIBDRIZZLE_LIB=$LIBDRIZZLE_PREFIX/lib From 74bad01b2c4aa2aa28f39a3681f399f9974c56ae Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Mon, 3 Oct 2016 22:36:47 +0500 Subject: [PATCH 007/136] travis-ci: cache openssl-1.0.2h-sess_set_get_cb_yield.patch --- .travis.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index f9bc284ab2..dc1185e106 100644 --- a/.travis.yml +++ b/.travis.yml @@ -107,8 +107,8 @@ script: - cd .. - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz - cd openssl-$OPENSSL_VER/ - - wget https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch - - patch -p1 < openssl-1.0.2h-sess_set_get_cb_yield.patch + - if [ ! -f ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch ]; then wget -O ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch; fi + - patch -p1 < ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch - ./config shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1) - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1) From 91fc078c44cd76ab173ad4e538ff8fd630d71740 Mon Sep 17 00:00:00 2001 From: "pj.vegan" Date: Fri, 7 Oct 2016 10:58:50 +0900 Subject: [PATCH 008/136] doc: use *_by_lua_block {} in the examples. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 222 ++++++++++++++++++++--------------------- doc/HttpLuaModule.wiki | 222 ++++++++++++++++++++--------------------- 2 files changed, 222 insertions(+), 222 deletions(-) diff --git a/README.markdown b/README.markdown index 99b5275329..25c1ded549 100644 --- a/README.markdown +++ b/README.markdown @@ -585,10 +585,10 @@ and then accessing it from `nginx.conf`: ```nginx location /lua { - content_by_lua ' + content_by_lua_block { local mydata = require "mydata" ngx.say(mydata.get_age("dog")) - '; + } } ``` @@ -685,9 +685,9 @@ The [ngx.location.capture](#ngxlocationcapture) and [ngx.location.capture_multi] ```nginx location /foo { - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/bar") - '; + } } location /bar { echo_location /blah; @@ -859,9 +859,9 @@ servers in Lua. For example, datagram { server { listen 1953; - handler_by_lua ' + handler_by_lua_block { -- custom Lua code implementing the special UDP server... - '; + } } } ``` @@ -1223,9 +1223,9 @@ Usually you can register (true) Lua global variables or pre-load Lua modules at server { location = /api { - content_by_lua ' + content_by_lua_block { ngx.say(cjson.encode({dog = 5, cat = 6})) - '; + } } } ``` @@ -1243,10 +1243,10 @@ You can also initialize the [lua_shared_dict](#lua_shared_dict) shm storage at t server { location = /api { - content_by_lua ' + content_by_lua_block { local dogs = ngx.shared.dogs; ngx.say(dogs:get("Tom")) - '; + } } } ``` @@ -2062,7 +2062,7 @@ When the Lua code may change the length of the response body, then it is require location /foo { # fastcgi_pass/proxy_pass/... - header_filter_by_lua 'ngx.header.content_length = nil'; + header_filter_by_lua_block { ngx.header.content_length = nil } body_filter_by_lua 'ngx.arg[1] = string.len(ngx.arg[1]) .. "\\n"'; } ``` @@ -2172,7 +2172,7 @@ Here is an example of gathering average data for [$upstream_response_time](http: } location = /status { - content_by_lua ' + content_by_lua_block { local log_dict = ngx.shared.log_dict local sum = log_dict:get("upstream_time-sum") local nb = log_dict:get("upstream_time-nb") @@ -2183,7 +2183,7 @@ Here is an example of gathering average data for [$upstream_response_time](http: else ngx.say("no data yet") end - '; + } } } ``` @@ -2329,15 +2329,15 @@ Determines whether to force the request body data to be read before running rewr To read the request body data within the [$request_body](http://nginx.org/en/docs/http/ngx_http_core_module.html#var_request_body) variable, [client_body_buffer_size](http://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_buffer_size) must have the same value as [client_max_body_size](http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size). Because when the content length exceeds [client_body_buffer_size](http://nginx.org/en/docs/http/ngx_http_core_module.html#client_body_buffer_size) but less than [client_max_body_size](http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size), Nginx will buffer the data into a temporary file on the disk, which will lead to empty value in the [$request_body](http://nginx.org/en/docs/http/ngx_http_core_module.html#var_request_body) variable. -If the current location includes [rewrite_by_lua](#rewrite_by_lua) or [rewrite_by_lua_file](#rewrite_by_lua_file) directives, -then the request body will be read just before the [rewrite_by_lua](#rewrite_by_lua) or [rewrite_by_lua_file](#rewrite_by_lua_file) code is run (and also at the +If the current location includes [rewrite_by_lua*](#rewrite_by_lua) directives, +then the request body will be read just before the [rewrite_by_lua*](#rewrite_by_lua) code is run (and also at the `rewrite` phase). Similarly, if only [content_by_lua](#content_by_lua) is specified, the request body will not be read until the content handler's Lua code is about to run (i.e., the request body will be read during the content phase). It is recommended however, to use the [ngx.req.read_body](#ngxreqread_body) and [ngx.req.discard_body](#ngxreqdiscard_body) functions for finer control over the request body reading process instead. -This also applies to [access_by_lua](#access_by_lua) and [access_by_lua_file](#access_by_lua_file). +This also applies to [access_by_lua*](#access_by_lua). [Back to TOC](#directives) @@ -2859,7 +2859,7 @@ rewrite_by_lua_no_postpone **context:** *http* -Controls whether or not to disable postponing [rewrite_by_lua](#rewrite_by_lua)* directives to run at the end of the `rewrite` request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the `rewrite` phase. +Controls whether or not to disable postponing [rewrite_by_lua*](#rewrite_by_lua) directives to run at the end of the `rewrite` request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the `rewrite` phase. This directive was first introduced in the `v0.5.0rc29` release. @@ -2874,7 +2874,7 @@ access_by_lua_no_postpone **context:** *http* -Controls whether or not to disable postponing [access_by_lua](#access_by_lua)* directives to run at the end of the `access` request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the `access` phase. +Controls whether or not to disable postponing [access_by_lua*](#access_by_lua) directives to run at the end of the `access` request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the `access` phase. This directive was first introduced in the `v0.9.20` release. @@ -3119,7 +3119,7 @@ Nginx API for Lua Introduction ------------ -The various `*_by_lua` and `*_by_lua_file` configuration directives serve as gateways to the Lua API within the `nginx.conf` file. The Nginx Lua API described below can only be called within the user Lua code run in the context of these configuration directives. +The various `*_by_lua`, `*_by_lua_block` and `*_by_lua_file` configuration directives serve as gateways to the Lua API within the `nginx.conf` file. The Nginx Lua API described below can only be called within the user Lua code run in the context of these configuration directives. The API is exposed to Lua in the form of two standard packages `ngx` and `ndk`. These packages are in the default global scope within ngx_lua and are always available within ngx_lua directives. @@ -3160,7 +3160,7 @@ ngx.arg **context:** *set_by_lua*, body_filter_by_lua** -When this is used in the context of the [set_by_lua](#set_by_lua) or [set_by_lua_file](#set_by_lua_file) directives, this table is read-only and holds the input arguments to the config directives: +When this is used in the context of the [set_by_lua*](#set_by_lua) directives, this table is read-only and holds the input arguments to the config directives: ```lua @@ -3185,7 +3185,7 @@ Here is an example that writes out `88`, the sum of `32` and `56`. -When this table is used in the context of [body_filter_by_lua](#body_filter_by_lua) or [body_filter_by_lua_file](#body_filter_by_lua_file), the first element holds the input data chunk to the output filter code and the second element holds the boolean flag for the "eof" flag indicating the end of the whole output data stream. +When this table is used in the context of [body_filter_by_lua*](#body_filter_by_lua), the first element holds the input data chunk to the output filter code and the second element holds the boolean flag for the "eof" flag indicating the end of the whole output data stream. The data chunk and "eof" flag passed to the downstream Nginx output filters can also be overridden by assigning values directly to the corresponding table elements. When setting `nil` or an empty Lua string value to `ngx.arg[1]`, no data chunk will be passed to the downstream Nginx output filters at all. @@ -3212,10 +3212,10 @@ For example: location /foo { set $my_var ''; # this line is required to create $my_var at config time - content_by_lua ' + content_by_lua_block { ngx.var.my_var = 123; ... - '; + } } ``` @@ -3252,7 +3252,7 @@ This API requires a relatively expensive metamethod call and it is recommended t Core constants -------------- -**context:** *init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, *log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** +**context:** *init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, *log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** ```lua @@ -3278,7 +3278,7 @@ The `ngx.DECLINED` constant was first introduced in the `v0.5.0rc19` release. HTTP method constants --------------------- -**context:** *init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** +**context:** *init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** ngx.HTTP_GET @@ -3304,7 +3304,7 @@ These constants are usually used in [ngx.location.capture](#ngxlocationcapture) HTTP status constants --------------------- -**context:** *init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** +**context:** *init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** ```nginx @@ -3348,7 +3348,7 @@ HTTP status constants Nginx log level constants ------------------------- -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** +**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** ```lua @@ -3371,7 +3371,7 @@ print ----- **syntax:** *print(...)* -**context:** *init_by_lua*, init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** +**context:** *init_by_lua*, init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** Writes argument values into the nginx `error.log` file with the `ngx.NOTICE` log level. @@ -3390,7 +3390,7 @@ There is a hard coded `2048` byte limitation on error message lengths in the Ngi ngx.ctx ------- -**context:** *init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua** +**context:** *init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua** This table can be used to store per-request Lua context data and has a life time identical to the current request (as with the Nginx variables). @@ -3399,15 +3399,15 @@ Consider the following example, ```nginx location /test { - rewrite_by_lua ' + rewrite_by_lua_block { ngx.ctx.foo = 76 - '; - access_by_lua ' + } + access_by_lua_block { ngx.ctx.foo = ngx.ctx.foo + 3 - '; - content_by_lua ' + } + content_by_lua_block { ngx.say(ngx.ctx.foo) - '; + } } ``` @@ -3425,21 +3425,21 @@ Every request, including subrequests, has its own copy of the table. For example ```nginx location /sub { - content_by_lua ' + content_by_lua_block { ngx.say("sub pre: ", ngx.ctx.blah) ngx.ctx.blah = 32 ngx.say("sub post: ", ngx.ctx.blah) - '; + } } location /main { - content_by_lua ' + content_by_lua_block { ngx.ctx.blah = 73 ngx.say("main pre: ", ngx.ctx.blah) local res = ngx.location.capture("/sub") ngx.print(res.body) ngx.say("main post: ", ngx.ctx.blah) - '; + } } ``` @@ -3460,16 +3460,16 @@ Internal redirection will destroy the original request `ngx.ctx` data (if any) a ```nginx location /new { - content_by_lua ' + content_by_lua_block { ngx.say(ngx.ctx.foo) - '; + } } location /orig { - content_by_lua ' + content_by_lua_block { ngx.ctx.foo = "hello" ngx.exec("/new") - '; + } } ``` @@ -3671,13 +3671,13 @@ This option is set to `false` by default location /lua { set $dog 'hello'; - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/other", { share_all_vars = true }); ngx.print(res.body) ngx.say(ngx.var.uri, ": ", ngx.var.dog) - '; + } } ``` @@ -3699,13 +3699,13 @@ The `copy_all_vars` option provides a copy of the parent request's Nginx variabl location /lua { set $dog 'hello'; - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/other", { copy_all_vars = true }); ngx.print(res.body) ngx.say(ngx.var.uri, ": ", ngx.var.dog) - '; + } } ``` @@ -3728,21 +3728,21 @@ unescaping them in the Nginx config file. ```nginx location /other { - content_by_lua ' + content_by_lua_block { ngx.say("dog = ", ngx.var.dog) ngx.say("cat = ", ngx.var.cat) - '; + } } location /lua { set $dog ''; set $cat ''; - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/other", { vars = { dog = "hello", cat = 32 }}); ngx.print(res.body) - '; + } } ``` @@ -3758,18 +3758,18 @@ The `ctx` option can be used to specify a custom Lua table to serve as the [ngx. ```nginx location /sub { - content_by_lua ' + content_by_lua_block { ngx.ctx.foo = "bar"; - '; + } } location /lua { - content_by_lua ' + content_by_lua_block { local ctx = {} res = ngx.location.capture("/sub", { ctx = ctx }) ngx.say(ctx.foo); ngx.say(ngx.ctx.foo); - '; + } } ``` @@ -3785,15 +3785,15 @@ It is also possible to use this `ctx` option to share the same [ngx.ctx](#ngxctx ```nginx location /sub { - content_by_lua ' + content_by_lua_block { ngx.ctx.foo = "bar"; - '; + } } location /lua { - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/sub", { ctx = ngx.ctx }) ngx.say(ngx.ctx.foo); - '; + } } ``` @@ -3891,7 +3891,7 @@ Please also refer to restrictions on capturing locations configured by [subreque ngx.status ---------- -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua** +**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua** Read and write the current request's response status. This should be called before sending out the response headers. @@ -3916,7 +3916,7 @@ ngx.header.HEADER **syntax:** *value = ngx.header.HEADER* -**context:** *rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua** +**context:** *rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua** Set, add to, or clear the current request's `HEADER` response header that is to be sent. @@ -3983,7 +3983,7 @@ Reading `ngx.header.HEADER` will return the value of the response header named ` Underscores (`_`) in the header names will also be replaced by dashes (`-`) and the header names will be matched case-insensitively. If the response header is not present at all, `nil` will be returned. -This is particularly useful in the context of [header_filter_by_lua](#header_filter_by_lua) and [header_filter_by_lua_file](#header_filter_by_lua_file), for example, +This is particularly useful in the context of [header_filter_by_lua*](#header_filter_by_lua), for example, ```nginx @@ -3992,11 +3992,11 @@ This is particularly useful in the context of [header_filter_by_lua](#header_fil proxy_pass http://some-backend; - header_filter_by_lua ' + header_filter_by_lua_block { if ngx.header["X-My-Header"] == "blah" then ngx.var.footer = "some value" end - '; + } echo_after_body $footer; } @@ -4028,7 +4028,7 @@ ngx.resp.get_headers -------------------- **syntax:** *headers = ngx.resp.get_headers(max_headers?, raw?)* -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, balancer_by_lua** +**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, balancer_by_lua** Returns a Lua table holding all the current response headers for the current request. @@ -4223,17 +4223,17 @@ or equivalently, ngx.req.set_uri("/foo") ``` -The `jump` argument can only be set to `true` in [rewrite_by_lua](#rewrite_by_lua) and [rewrite_by_lua_file](#rewrite_by_lua_file). Use of jump in other contexts is prohibited and will throw out a Lua exception. +The `jump` argument can only be set to `true` in [rewrite_by_lua*](#rewrite_by_lua). Use of jump in other contexts is prohibited and will throw out a Lua exception. A more sophisticated example involving regex substitutions is as follows ```nginx location /test { - rewrite_by_lua ' + rewrite_by_lua_block { local uri = ngx.re.sub(ngx.var.uri, "^/test/(.*)", "/$1", "o") ngx.req.set_uri(uri) - '; + } proxy_pass http://my_backend; } ``` @@ -4316,14 +4316,14 @@ ngx.req.get_uri_args -------------------- **syntax:** *args = ngx.req.get_uri_args(max_args?)* -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, balancer_by_lua** +**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, balancer_by_lua** Returns a Lua table holding all the current request URL query arguments. ```nginx location = /test { - content_by_lua ' + content_by_lua_block { local args = ngx.req.get_uri_args() for key, val in pairs(args) do if type(val) == "table" then @@ -4332,7 +4332,7 @@ Returns a Lua table holding all the current request URL query arguments. ngx.say(key, ": ", val) end end - '; + } } ``` @@ -4412,14 +4412,14 @@ ngx.req.get_post_args --------------------- **syntax:** *args, err = ngx.req.get_post_args(max_args?)* -**context:** *rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua** +**context:** *rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua** Returns a Lua table holding all the current request POST query arguments (of the MIME type `application/x-www-form-urlencoded`). Call [ngx.req.read_body](#ngxreqread_body) to read the request body first or turn on the [lua_need_request_body](#lua_need_request_body) directive to avoid errors. ```nginx location = /test { - content_by_lua ' + content_by_lua_block { ngx.req.read_body() local args, err = ngx.req.get_post_args() if not args then @@ -4433,7 +4433,7 @@ Returns a Lua table holding all the current request POST query arguments (of the ngx.say(key, ": ", val) end end - '; + } } ``` @@ -4514,7 +4514,7 @@ ngx.req.get_headers ------------------- **syntax:** *headers = ngx.req.get_headers(max_headers?, raw?)* -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua** +**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua** Returns a Lua table holding all the current request headers. @@ -4588,7 +4588,7 @@ ngx.req.set_header ------------------ **syntax:** *ngx.req.set_header(header_name, header_value)* -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua* +**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua** Set the current request's request header named `header_name` to value `header_value`, overriding any existing ones. @@ -4805,7 +4805,7 @@ The usage of this function is often like this: ngx.req.finish_body() ``` -This function can be used with [ngx.req.append_body](#ngxreqappend_body), [ngx.req.finish_body](#ngxreqfinish_body), and [ngx.req.socket](#ngxreqsocket) to implement efficient input filters in pure Lua (in the context of [rewrite_by_lua](#rewrite_by_lua)* or [access_by_lua](#access_by_lua)*), which can be used with other Nginx content handler or upstream modules like [ngx_http_proxy_module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html) and [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html). +This function can be used with [ngx.req.append_body](#ngxreqappend_body), [ngx.req.finish_body](#ngxreqfinish_body), and [ngx.req.socket](#ngxreqsocket) to implement efficient input filters in pure Lua (in the context of [rewrite_by_lua*](#rewrite_by_lua) or [access_by_lua*](#access_by_lua)), which can be used with other Nginx content handler or upstream modules like [ngx_http_proxy_module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html) and [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html). This function was first introduced in the `v0.5.11` release. @@ -4823,7 +4823,7 @@ When the data can no longer be hold in the memory buffer for the request body, t It is important to always call the [ngx.req.finish_body](#ngxreqfinish_body) after all the data has been appended onto the current request body. -This function can be used with [ngx.req.init_body](#ngxreqinit_body), [ngx.req.finish_body](#ngxreqfinish_body), and [ngx.req.socket](#ngxreqsocket) to implement efficient input filters in pure Lua (in the context of [rewrite_by_lua](#rewrite_by_lua)* or [access_by_lua](#access_by_lua)*), which can be used with other Nginx content handler or upstream modules like [ngx_http_proxy_module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html) and [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html). +This function can be used with [ngx.req.init_body](#ngxreqinit_body), [ngx.req.finish_body](#ngxreqfinish_body), and [ngx.req.socket](#ngxreqsocket) to implement efficient input filters in pure Lua (in the context of [rewrite_by_lua*](#rewrite_by_lua) or [access_by_lua*](#access_by_lua)), which can be used with other Nginx content handler or upstream modules like [ngx_http_proxy_module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html) and [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html). This function was first introduced in the `v0.5.11` release. @@ -4839,7 +4839,7 @@ ngx.req.finish_body Completes the construction process of the new request body created by the [ngx.req.init_body](#ngxreqinit_body) and [ngx.req.append_body](#ngxreqappend_body) calls. -This function can be used with [ngx.req.init_body](#ngxreqinit_body), [ngx.req.append_body](#ngxreqappend_body), and [ngx.req.socket](#ngxreqsocket) to implement efficient input filters in pure Lua (in the context of [rewrite_by_lua](#rewrite_by_lua)* or [access_by_lua](#access_by_lua)*), which can be used with other Nginx content handler or upstream modules like [ngx_http_proxy_module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html) and [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html). +This function can be used with [ngx.req.init_body](#ngxreqinit_body), [ngx.req.append_body](#ngxreqappend_body), and [ngx.req.socket](#ngxreqsocket) to implement efficient input filters in pure Lua (in the context of [rewrite_by_lua*](#rewrite_by_lua) or [access_by_lua*](#access_by_lua)), which can be used with other Nginx content handler or upstream modules like [ngx_http_proxy_module](http://nginx.org/en/docs/http/ngx_http_proxy_module.html) and [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html). This function was first introduced in the `v0.5.11` release. @@ -4914,20 +4914,20 @@ Named locations are also supported but the second `args` argument will be ignore ```nginx location /foo { - content_by_lua ' + content_by_lua_block { ngx.exec("@bar", "a=goodbye"); - '; + } } location @bar { - content_by_lua ' + content_by_lua_block { local args = ngx.req.get_uri_args() for key, val in pairs(args) do if key == "a" then ngx.say(val) end end - '; + } } ``` @@ -4937,7 +4937,7 @@ it is purely an internal redirect and that no new external HTTP traffic is invol Also note that this method call terminates the processing of the current request and that it *must* be called before [ngx.send_headers](#ngxsend_headers) or explicit response body outputs by either [ngx.print](#ngxprint) or [ngx.say](#ngxsay). -It is recommended that a coding style that combines this method call with the `return` statement, i.e., `return ngx.exec(...)` be adopted when this method call is used in contexts other than [header_filter_by_lua](#header_filter_by_lua) to reinforce the fact that the request processing is being terminated. +It is recommended that a coding style that combines this method call with the `return` statement, i.e., `return ngx.exec(...)` be adopted when this method call is used in contexts other than [header_filter_by_lua*](#header_filter_by_lua) to reinforce the fact that the request processing is being terminated. [Back to TOC](#nginx-api-for-lua) @@ -5019,7 +5019,7 @@ URI arguments can be specified as well, for example: Note that this method call terminates the processing of the current request and that it *must* be called before [ngx.send_headers](#ngxsend_headers) or explicit response body outputs by either [ngx.print](#ngxprint) or [ngx.say](#ngxsay). -It is recommended that a coding style that combines this method call with the `return` statement, i.e., `return ngx.redirect(...)` be adopted when this method call is used in contexts other than [header_filter_by_lua](#header_filter_by_lua) to reinforce the fact that the request processing is being terminated. +It is recommended that a coding style that combines this method call with the `return` statement, i.e., `return ngx.redirect(...)` be adopted when this method call is used in contexts other than [header_filter_by_lua*](#header_filter_by_lua) to reinforce the fact that the request processing is being terminated. [Back to TOC](#nginx-api-for-lua) @@ -5034,7 +5034,7 @@ Explicitly send out the response headers. Since `v0.8.3` this function returns `1` on success, or returns `nil` and a string describing the error otherwise. Note that there is normally no need to manually send out response headers as ngx_lua will automatically send headers out -before content is output with [ngx.say](#ngxsay) or [ngx.print](#ngxprint) or when [content_by_lua](#content_by_lua) exits normally. +before content is output with [ngx.say](#ngxsay) or [ngx.print](#ngxprint) or when [content_by_lua*](#content_by_lua) exits normally. [Back to TOC](#nginx-api-for-lua) @@ -5145,7 +5145,7 @@ ngx.exit When `status >= 200` (i.e., `ngx.HTTP_OK` and above), it will interrupt the execution of the current request and return status code to nginx. -When `status == 0` (i.e., `ngx.OK`), it will only quit the current phase handler (or the content handler if the [content_by_lua](#content_by_lua) directive is used) and continue to run later phases (if any) for the current request. +When `status == 0` (i.e., `ngx.OK`), it will only quit the current phase handler (or the content handler if the [content_by_lua*](#content_by_lua) directive is used) and continue to run later phases (if any) for the current request. The `status` argument can be `ngx.OK`, `ngx.ERROR`, `ngx.HTTP_NOT_FOUND`, `ngx.HTTP_MOVED_TEMPORARILY`, or other [HTTP status constants](#http-status-constants). @@ -5206,11 +5206,11 @@ When you disable the HTTP 1.1 keep-alive feature for your downstream connections location = /async { keepalive_timeout 0; - content_by_lua ' + content_by_lua_block { ngx.say("got the task!") ngx.eof() -- a descent HTTP client will close the connection at this point -- access MySQL, PostgreSQL, Redis, Memcached, and etc here... - '; + } } ``` @@ -5455,7 +5455,7 @@ For example, ```nginx location = /md5 { - content_by_lua 'ngx.say(ngx.md5("hello"))'; + content_by_lua_block { ngx.say(ngx.md5("hello")) } } ``` @@ -6073,17 +6073,17 @@ Here is an example: lua_shared_dict dogs 10m; server { location /set { - content_by_lua ' + content_by_lua_block { local dogs = ngx.shared.dogs dogs:set("Jim", 8) ngx.say("STORED") - '; + } } location /get { - content_by_lua ' + content_by_lua_block { local dogs = ngx.shared.dogs ngx.say(dogs:get("Jim")) - '; + } } } } @@ -6500,7 +6500,7 @@ Here is an example for connecting to a UDP (memcached) server: location /test { resolver 8.8.8.8; - content_by_lua ' + content_by_lua_block { local sock = ngx.socket.udp() local ok, err = sock:setpeername("my.memcached.server.domain", 11211) if not ok then @@ -6509,7 +6509,7 @@ Here is an example for connecting to a UDP (memcached) server: end ngx.say("successfully connected to memcached!") sock:close() - '; + } } ``` @@ -6696,7 +6696,7 @@ Here is an example for connecting to a TCP server: location /test { resolver 8.8.8.8; - content_by_lua ' + content_by_lua_block { local sock = ngx.socket.tcp() local ok, err = sock:connect("www.google.com", 80) if not ok then @@ -6705,7 +6705,7 @@ Here is an example for connecting to a TCP server: end ngx.say("successfully connected to google!") sock:close() - '; + } } ``` @@ -7086,31 +7086,31 @@ ngx.get_phase Retrieves the current running phase name. Possible return values are * `init` - for the context of [init_by_lua](#init_by_lua) or [init_by_lua_file](#init_by_lua_file). + for the context of [init_by_lua*](#init_by_lua). * `init_worker` - for the context of [init_worker_by_lua](#init_worker_by_lua) or [init_worker_by_lua_file](#init_worker_by_lua_file). + for the context of [init_worker_by_lua*](#init_worker_by_lua). * `ssl_cert` - for the context of [ssl_certificate_by_lua_block](#ssl_certificate_by_lua_block) or [ssl_certificate_by_lua_file](#ssl_certificate_by_lua_file). + for the context of [ssl_certificate_by_lua*](#ssl_certificate_by_lua_block). * `ssl_session_fetch` for the context of [ssl_session_fetch_by_lua*](#ssl_session_fetch_by_lua_block). * `ssl_session_store` for the context of [ssl_session_store_by_lua*](#ssl_session_store_by_lua_block). * `set` - for the context of [set_by_lua](#set_by_lua) or [set_by_lua_file](#set_by_lua_file). + for the context of [set_by_lua*](#set_by_lua). * `rewrite` - for the context of [rewrite_by_lua](#rewrite_by_lua) or [rewrite_by_lua_file](#rewrite_by_lua_file). + for the context of [rewrite_by_lua*](#rewrite_by_lua). * `balancer` - for the context of [balancer_by_lua_block](#balancer_by_lua_block) or [balancer_by_lua_file](#balancer_by_lua_file). + for the context of [balancer_by_lua*](#balancer_by_lua_block). * `access` - for the context of [access_by_lua](#access_by_lua) or [access_by_lua_file](#access_by_lua_file). + for the context of [access_by_lua*](#access_by_lua). * `content` - for the context of [content_by_lua](#content_by_lua) or [content_by_lua_file](#content_by_lua_file). + for the context of [content_by_lua*](#content_by_lua). * `header_filter` - for the context of [header_filter_by_lua](#header_filter_by_lua) or [header_filter_by_lua_file](#header_filter_by_lua_file). + for the context of [header_filter_by_lua*](#header_filter_by_lua). * `body_filter` - for the context of [body_filter_by_lua](#body_filter_by_lua) or [body_filter_by_lua_file](#body_filter_by_lua_file). + for the context of [body_filter_by_lua*](#body_filter_by_lua). * `log` - for the context of [log_by_lua](#log_by_lua) or [log_by_lua_file](#log_by_lua_file). + for the context of [log_by_lua*](#log_by_lua). * `timer` for the context of user callback functions for [ngx.timer.*](#ngxtimerat). @@ -7458,7 +7458,7 @@ Here is a simple example: location / { ... - log_by_lua ' + log_by_lua_block { local function push_data(premature, uri, args, status) -- push the data uri, args, and status to the remote -- via ngx.socket.tcp or ngx.socket.udp @@ -7471,7 +7471,7 @@ Here is a simple example: ngx.log(ngx.ERR, "failed to create timer: ", err) return end - '; + } } ``` diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 028a98d96f..dffecc853d 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -463,10 +463,10 @@ and then accessing it from nginx.conf: location /lua { - content_by_lua ' + content_by_lua_block { local mydata = require "mydata" ngx.say(mydata.get_age("dog")) - '; + } } @@ -545,9 +545,9 @@ The [[#ngx.location.capture|ngx.location.capture]] and [[#ngx.location.capture_m location /foo { - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/bar") - '; + } } location /bar { echo_location /blah; @@ -693,9 +693,9 @@ servers in Lua. For example, datagram { server { listen 1953; - handler_by_lua ' + handler_by_lua_block { -- custom Lua code implementing the special UDP server... - '; + } } } @@ -957,9 +957,9 @@ Usually you can register (true) Lua global variables or pre-load Lua modules at server { location = /api { - content_by_lua ' + content_by_lua_block { ngx.say(cjson.encode({dog = 5, cat = 6})) - '; + } } } @@ -976,10 +976,10 @@ You can also initialize the [[#lua_shared_dict|lua_shared_dict]] shm storage at server { location = /api { - content_by_lua ' + content_by_lua_block { local dogs = ngx.shared.dogs; ngx.say(dogs:get("Tom")) - '; + } } } @@ -1707,7 +1707,7 @@ When the Lua code may change the length of the response body, then it is require location /foo { # fastcgi_pass/proxy_pass/... - header_filter_by_lua 'ngx.header.content_length = nil'; + header_filter_by_lua_block { ngx.header.content_length = nil } body_filter_by_lua 'ngx.arg[1] = string.len(ngx.arg[1]) .. "\\n"'; } @@ -1806,7 +1806,7 @@ Here is an example of gathering average data for [[HttpUpstreamModule#$upstream_ } location = /status { - content_by_lua ' + content_by_lua_block { local log_dict = ngx.shared.log_dict local sum = log_dict:get("upstream_time-sum") local nb = log_dict:get("upstream_time-nb") @@ -1817,7 +1817,7 @@ Here is an example of gathering average data for [[HttpUpstreamModule#$upstream_ else ngx.say("no data yet") end - '; + } } } @@ -1946,15 +1946,15 @@ Determines whether to force the request body data to be read before running rewr To read the request body data within the [[HttpCoreModule#$request_body|$request_body]] variable, [[HttpCoreModule#client_body_buffer_size|client_body_buffer_size]] must have the same value as [[HttpCoreModule#client_max_body_size|client_max_body_size]]. Because when the content length exceeds [[HttpCoreModule#client_body_buffer_size|client_body_buffer_size]] but less than [[HttpCoreModule#client_max_body_size|client_max_body_size]], Nginx will buffer the data into a temporary file on the disk, which will lead to empty value in the [[HttpCoreModule#$request_body|$request_body]] variable. -If the current location includes [[#rewrite_by_lua|rewrite_by_lua]] or [[#rewrite_by_lua_file|rewrite_by_lua_file]] directives, -then the request body will be read just before the [[#rewrite_by_lua|rewrite_by_lua]] or [[#rewrite_by_lua_file|rewrite_by_lua_file]] code is run (and also at the +If the current location includes [[#rewrite_by_lua|rewrite_by_lua*]] directives, +then the request body will be read just before the [[#rewrite_by_lua|rewrite_by_lua*]] code is run (and also at the rewrite phase). Similarly, if only [[#content_by_lua|content_by_lua]] is specified, the request body will not be read until the content handler's Lua code is about to run (i.e., the request body will be read during the content phase). It is recommended however, to use the [[#ngx.req.read_body|ngx.req.read_body]] and [[#ngx.req.discard_body|ngx.req.discard_body]] functions for finer control over the request body reading process instead. -This also applies to [[#access_by_lua|access_by_lua]] and [[#access_by_lua_file|access_by_lua_file]]. +This also applies to [[#access_by_lua|access_by_lua*]]. == ssl_certificate_by_lua_block == @@ -2408,7 +2408,7 @@ This directive was first introduced in the v0.5.0rc19 release. '''context:''' ''http'' -Controls whether or not to disable postponing [[#rewrite_by_lua|rewrite_by_lua]]* directives to run at the end of the rewrite request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the rewrite phase. +Controls whether or not to disable postponing [[#rewrite_by_lua|rewrite_by_lua*]] directives to run at the end of the rewrite request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the rewrite phase. This directive was first introduced in the v0.5.0rc29 release. @@ -2420,7 +2420,7 @@ This directive was first introduced in the v0.5.0rc29 release. '''context:''' ''http'' -Controls whether or not to disable postponing [[#access_by_lua|access_by_lua]]* directives to run at the end of the access request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the access phase. +Controls whether or not to disable postponing [[#access_by_lua|access_by_lua*]] directives to run at the end of the access request-processing phase. By default, this directive is turned off and the Lua code is postponed to run at the end of the access phase. This directive was first introduced in the v0.9.20 release. @@ -2504,7 +2504,7 @@ This directive was first introduced in the v0.8.0 release. == Introduction == -The various *_by_lua and *_by_lua_file configuration directives serve as gateways to the Lua API within the nginx.conf file. The Nginx Lua API described below can only be called within the user Lua code run in the context of these configuration directives. +The various *_by_lua, *_by_lua_block and *_by_lua_file configuration directives serve as gateways to the Lua API within the nginx.conf file. The Nginx Lua API described below can only be called within the user Lua code run in the context of these configuration directives. The API is exposed to Lua in the form of two standard packages ngx and ndk. These packages are in the default global scope within ngx_lua and are always available within ngx_lua directives. @@ -2540,7 +2540,7 @@ Network I/O operations in user code should only be done through the Nginx Lua AP '''context:''' ''set_by_lua*, body_filter_by_lua*'' -When this is used in the context of the [[#set_by_lua|set_by_lua]] or [[#set_by_lua_file|set_by_lua_file]] directives, this table is read-only and holds the input arguments to the config directives: +When this is used in the context of the [[#set_by_lua|set_by_lua*]] directives, this table is read-only and holds the input arguments to the config directives: value = ngx.arg[n] @@ -2563,7 +2563,7 @@ Here is an example that writes out 88, the sum of 32 and 56. -When this table is used in the context of [[#body_filter_by_lua|body_filter_by_lua]] or [[#body_filter_by_lua_file|body_filter_by_lua_file]], the first element holds the input data chunk to the output filter code and the second element holds the boolean flag for the "eof" flag indicating the end of the whole output data stream. +When this table is used in the context of [[#body_filter_by_lua|body_filter_by_lua*]], the first element holds the input data chunk to the output filter code and the second element holds the boolean flag for the "eof" flag indicating the end of the whole output data stream. The data chunk and "eof" flag passed to the downstream Nginx output filters can also be overridden by assigning values directly to the corresponding table elements. When setting nil or an empty Lua string value to ngx.arg[1], no data chunk will be passed to the downstream Nginx output filters at all. @@ -2585,10 +2585,10 @@ For example: location /foo { set $my_var ''; # this line is required to create $my_var at config time - content_by_lua ' + content_by_lua_block { ngx.var.my_var = 123; ... - '; + } } @@ -2620,7 +2620,7 @@ Undefined NGINX variables are evaluated to `nil` while uninitialized (but define This API requires a relatively expensive metamethod call and it is recommended to avoid using it on hot code paths. == Core constants == -'''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, *log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' +'''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, *log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' ngx.OK (0) @@ -2641,7 +2641,7 @@ The ngx.null constant is a NULL light userdata usually The ngx.DECLINED constant was first introduced in the v0.5.0rc19 release. == HTTP method constants == -'''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' +'''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' ngx.HTTP_GET @@ -2664,7 +2664,7 @@ The ngx.DECLINED constant was first introduced in the v0.5.0r These constants are usually used in [[#ngx.location.capture|ngx.location.capture]] and [[#ngx.location.capture_multi|ngx.location.capture_multi]] method calls. == HTTP status constants == -'''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' +'''context:''' ''init_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' value = ngx.HTTP_CONTINUE (100) (first added in the v0.9.20 release) @@ -2704,7 +2704,7 @@ These constants are usually used in [[#ngx.location.capture|ngx.location.capture == Nginx log level constants == -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' +'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' ngx.STDERR @@ -2723,7 +2723,7 @@ These constants are usually used by the [[#ngx.log|ngx.log]] method. == print == '''syntax:''' ''print(...)'' -'''context:''' ''init_by_lua*, init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' +'''context:''' ''init_by_lua*, init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' Writes argument values into the nginx error.log file with the ngx.NOTICE log level. @@ -2738,7 +2738,7 @@ Lua nil arguments are accepted and result in literal "nil"2048 byte limitation on error message lengths in the Nginx core. This limit includes trailing newlines and leading time stamps. If the message size exceeds this limit, Nginx will truncate the message text accordingly. This limit can be manually modified by editing the NGX_MAX_ERROR_STR macro definition in the src/core/ngx_log.h file in the Nginx source tree. == ngx.ctx == -'''context:''' ''init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, ngx.timer.*, balancer_by_lua*'' +'''context:''' ''init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*'' This table can be used to store per-request Lua context data and has a life time identical to the current request (as with the Nginx variables). @@ -2746,15 +2746,15 @@ Consider the following example, location /test { - rewrite_by_lua ' + rewrite_by_lua_block { ngx.ctx.foo = 76 - '; - access_by_lua ' + } + access_by_lua_block { ngx.ctx.foo = ngx.ctx.foo + 3 - '; - content_by_lua ' + } + content_by_lua_block { ngx.say(ngx.ctx.foo) - '; + } } @@ -2770,21 +2770,21 @@ Every request, including subrequests, has its own copy of the table. For example location /sub { - content_by_lua ' + content_by_lua_block { ngx.say("sub pre: ", ngx.ctx.blah) ngx.ctx.blah = 32 ngx.say("sub post: ", ngx.ctx.blah) - '; + } } location /main { - content_by_lua ' + content_by_lua_block { ngx.ctx.blah = 73 ngx.say("main pre: ", ngx.ctx.blah) local res = ngx.location.capture("/sub") ngx.print(res.body) ngx.say("main post: ", ngx.ctx.blah) - '; + } } @@ -2803,16 +2803,16 @@ Internal redirection will destroy the original request ngx.ctx data location /new { - content_by_lua ' + content_by_lua_block { ngx.say(ngx.ctx.foo) - '; + } } location /orig { - content_by_lua ' + content_by_lua_block { ngx.ctx.foo = "hello" ngx.exec("/new") - '; + } } @@ -2999,13 +2999,13 @@ This option is set to false by default location /lua { set $dog 'hello'; - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/other", { share_all_vars = true }); ngx.print(res.body) ngx.say(ngx.var.uri, ": ", ngx.var.dog) - '; + } } @@ -3026,13 +3026,13 @@ The copy_all_vars option provides a copy of the parent request's Ng location /lua { set $dog 'hello'; - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/other", { copy_all_vars = true }); ngx.print(res.body) ngx.say(ngx.var.uri, ": ", ngx.var.dog) - '; + } } @@ -3054,21 +3054,21 @@ unescaping them in the Nginx config file. location /other { - content_by_lua ' + content_by_lua_block { ngx.say("dog = ", ngx.var.dog) ngx.say("cat = ", ngx.var.cat) - '; + } } location /lua { set $dog ''; set $cat ''; - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/other", { vars = { dog = "hello", cat = 32 }}); ngx.print(res.body) - '; + } } @@ -3083,18 +3083,18 @@ The ctx option can be used to specify a custom Lua table to serve a location /sub { - content_by_lua ' + content_by_lua_block { ngx.ctx.foo = "bar"; - '; + } } location /lua { - content_by_lua ' + content_by_lua_block { local ctx = {} res = ngx.location.capture("/sub", { ctx = ctx }) ngx.say(ctx.foo); ngx.say(ngx.ctx.foo); - '; + } } @@ -3109,15 +3109,15 @@ It is also possible to use this ctx option to share the same [[#ngx location /sub { - content_by_lua ' + content_by_lua_block { ngx.ctx.foo = "bar"; - '; + } } location /lua { - content_by_lua ' + content_by_lua_block { res = ngx.location.capture("/sub", { ctx = ngx.ctx }) ngx.say(ngx.ctx.foo); - '; + } } @@ -3206,7 +3206,7 @@ of this function. Logically speaking, the [[#ngx.location.capture|ngx.location.c Please also refer to restrictions on capturing locations configured by [[#Locations_Configured_by_Subrequest_Directives_of_Other_Modules|subrequest directives of other modules]]. == ngx.status == -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*'' +'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*'' Read and write the current request's response status. This should be called before sending out the response headers. @@ -3227,7 +3227,7 @@ Setting ngx.status after the response header is sent out has no eff '''syntax:''' ''value = ngx.header.HEADER'' -'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*'' +'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*'' Set, add to, or clear the current request's HEADER response header that is to be sent. @@ -3287,7 +3287,7 @@ Reading ngx.header.HEADER will return the value of the response hea Underscores (_) in the header names will also be replaced by dashes (-) and the header names will be matched case-insensitively. If the response header is not present at all, nil will be returned. -This is particularly useful in the context of [[#header_filter_by_lua|header_filter_by_lua]] and [[#header_filter_by_lua_file|header_filter_by_lua_file]], for example, +This is particularly useful in the context of [[#header_filter_by_lua|header_filter_by_lua*]], for example, location /test { @@ -3295,11 +3295,11 @@ This is particularly useful in the context of [[#header_filter_by_lua|header_fil proxy_pass http://some-backend; - header_filter_by_lua ' + header_filter_by_lua_block { if ngx.header["X-My-Header"] == "blah" then ngx.var.footer = "some value" end - '; + } echo_after_body $footer; } @@ -3327,7 +3327,7 @@ For reading ''request'' headers, use the [[#ngx.req.get_headers|ngx.req.get_head == ngx.resp.get_headers == '''syntax:''' ''headers = ngx.resp.get_headers(max_headers?, raw?)'' -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, balancer_by_lua*'' +'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, balancer_by_lua*'' Returns a Lua table holding all the current response headers for the current request. @@ -3492,16 +3492,16 @@ or equivalently, ngx.req.set_uri("/foo") -The jump argument can only be set to true in [[#rewrite_by_lua|rewrite_by_lua]] and [[#rewrite_by_lua_file|rewrite_by_lua_file]]. Use of jump in other contexts is prohibited and will throw out a Lua exception. +The jump argument can only be set to true in [[#rewrite_by_lua|rewrite_by_lua*]]. Use of jump in other contexts is prohibited and will throw out a Lua exception. A more sophisticated example involving regex substitutions is as follows location /test { - rewrite_by_lua ' + rewrite_by_lua_block { local uri = ngx.re.sub(ngx.var.uri, "^/test/(.*)", "/$1", "o") ngx.req.set_uri(uri) - '; + } proxy_pass http://my_backend; } @@ -3571,13 +3571,13 @@ See also [[#ngx.req.set_uri|ngx.req.set_uri]]. == ngx.req.get_uri_args == '''syntax:''' ''args = ngx.req.get_uri_args(max_args?)'' -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*, balancer_by_lua*'' +'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, balancer_by_lua*'' Returns a Lua table holding all the current request URL query arguments. location = /test { - content_by_lua ' + content_by_lua_block { local args = ngx.req.get_uri_args() for key, val in pairs(args) do if type(val) == "table" then @@ -3586,7 +3586,7 @@ Returns a Lua table holding all the current request URL query arguments. ngx.say(key, ": ", val) end end - '; + } } @@ -3655,13 +3655,13 @@ Removing the max_args cap is strongly discouraged. == ngx.req.get_post_args == '''syntax:''' ''args, err = ngx.req.get_post_args(max_args?)'' -'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*'' +'''context:''' ''rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*'' Returns a Lua table holding all the current request POST query arguments (of the MIME type application/x-www-form-urlencoded). Call [[#ngx.req.read_body|ngx.req.read_body]] to read the request body first or turn on the [[#lua_need_request_body|lua_need_request_body]] directive to avoid errors. location = /test { - content_by_lua ' + content_by_lua_block { ngx.req.read_body() local args, err = ngx.req.get_post_args() if not args then @@ -3675,7 +3675,7 @@ Returns a Lua table holding all the current request POST query arguments (of the ngx.say(key, ": ", val) end end - '; + } } @@ -3745,7 +3745,7 @@ Removing the max_args cap is strongly discouraged. == ngx.req.get_headers == '''syntax:''' ''headers = ngx.req.get_headers(max_headers?, raw?)'' -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua, log_by_lua*'' +'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*'' Returns a Lua table holding all the current request headers. @@ -3809,7 +3809,7 @@ The __index metamethod will not be added when the raw == ngx.req.set_header == '''syntax:''' ''ngx.req.set_header(header_name, header_value)'' -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua'' +'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*'' Set the current request's request header named header_name to value header_value, overriding any existing ones. @@ -3995,7 +3995,7 @@ The usage of this function is often like this: ngx.req.finish_body() -This function can be used with [[#ngx.req.append_body|ngx.req.append_body]], [[#ngx.req.finish_body|ngx.req.finish_body]], and [[#ngx.req.socket|ngx.req.socket]] to implement efficient input filters in pure Lua (in the context of [[#rewrite_by_lua|rewrite_by_lua]]* or [[#access_by_lua|access_by_lua]]*), which can be used with other Nginx content handler or upstream modules like [[HttpProxyModule]] and [[HttpFastcgiModule]]. +This function can be used with [[#ngx.req.append_body|ngx.req.append_body]], [[#ngx.req.finish_body|ngx.req.finish_body]], and [[#ngx.req.socket|ngx.req.socket]] to implement efficient input filters in pure Lua (in the context of [[#rewrite_by_lua|rewrite_by_lua*]] or [[#access_by_lua|access_by_lua*]]), which can be used with other Nginx content handler or upstream modules like [[HttpProxyModule]] and [[HttpFastcgiModule]]. This function was first introduced in the v0.5.11 release. @@ -4010,7 +4010,7 @@ When the data can no longer be hold in the memory buffer for the request body, t It is important to always call the [[#ngx.req.finish_body|ngx.req.finish_body]] after all the data has been appended onto the current request body. -This function can be used with [[#ngx.req.init_body|ngx.req.init_body]], [[#ngx.req.finish_body|ngx.req.finish_body]], and [[#ngx.req.socket|ngx.req.socket]] to implement efficient input filters in pure Lua (in the context of [[#rewrite_by_lua|rewrite_by_lua]]* or [[#access_by_lua|access_by_lua]]*), which can be used with other Nginx content handler or upstream modules like [[HttpProxyModule]] and [[HttpFastcgiModule]]. +This function can be used with [[#ngx.req.init_body|ngx.req.init_body]], [[#ngx.req.finish_body|ngx.req.finish_body]], and [[#ngx.req.socket|ngx.req.socket]] to implement efficient input filters in pure Lua (in the context of [[#rewrite_by_lua|rewrite_by_lua*]] or [[#access_by_lua|access_by_lua*]]), which can be used with other Nginx content handler or upstream modules like [[HttpProxyModule]] and [[HttpFastcgiModule]]. This function was first introduced in the v0.5.11 release. @@ -4023,7 +4023,7 @@ See also [[#ngx.req.init_body|ngx.req.init_body]]. Completes the construction process of the new request body created by the [[#ngx.req.init_body|ngx.req.init_body]] and [[#ngx.req.append_body|ngx.req.append_body]] calls. -This function can be used with [[#ngx.req.init_body|ngx.req.init_body]], [[#ngx.req.append_body|ngx.req.append_body]], and [[#ngx.req.socket|ngx.req.socket]] to implement efficient input filters in pure Lua (in the context of [[#rewrite_by_lua|rewrite_by_lua]]* or [[#access_by_lua|access_by_lua]]*), which can be used with other Nginx content handler or upstream modules like [[HttpProxyModule]] and [[HttpFastcgiModule]]. +This function can be used with [[#ngx.req.init_body|ngx.req.init_body]], [[#ngx.req.append_body|ngx.req.append_body]], and [[#ngx.req.socket|ngx.req.socket]] to implement efficient input filters in pure Lua (in the context of [[#rewrite_by_lua|rewrite_by_lua*]] or [[#access_by_lua|access_by_lua*]]), which can be used with other Nginx content handler or upstream modules like [[HttpProxyModule]] and [[HttpFastcgiModule]]. This function was first introduced in the v0.5.11 release. @@ -4088,20 +4088,20 @@ Named locations are also supported but the second args argument wil location /foo { - content_by_lua ' + content_by_lua_block { ngx.exec("@bar", "a=goodbye"); - '; + } } location @bar { - content_by_lua ' + content_by_lua_block { local args = ngx.req.get_uri_args() for key, val in pairs(args) do if key == "a" then ngx.say(val) end end - '; + } } @@ -4111,7 +4111,7 @@ it is purely an internal redirect and that no new external HTTP traffic is invol Also note that this method call terminates the processing of the current request and that it ''must'' be called before [[#ngx.send_headers|ngx.send_headers]] or explicit response body outputs by either [[#ngx.print|ngx.print]] or [[#ngx.say|ngx.say]]. -It is recommended that a coding style that combines this method call with the return statement, i.e., return ngx.exec(...) be adopted when this method call is used in contexts other than [[#header_filter_by_lua|header_filter_by_lua]] to reinforce the fact that the request processing is being terminated. +It is recommended that a coding style that combines this method call with the return statement, i.e., return ngx.exec(...) be adopted when this method call is used in contexts other than [[#header_filter_by_lua|header_filter_by_lua*]] to reinforce the fact that the request processing is being terminated. == ngx.redirect == '''syntax:''' ''ngx.redirect(uri, status?)'' @@ -4181,7 +4181,7 @@ URI arguments can be specified as well, for example: Note that this method call terminates the processing of the current request and that it ''must'' be called before [[#ngx.send_headers|ngx.send_headers]] or explicit response body outputs by either [[#ngx.print|ngx.print]] or [[#ngx.say|ngx.say]]. -It is recommended that a coding style that combines this method call with the return statement, i.e., return ngx.redirect(...) be adopted when this method call is used in contexts other than [[#header_filter_by_lua|header_filter_by_lua]] to reinforce the fact that the request processing is being terminated. +It is recommended that a coding style that combines this method call with the return statement, i.e., return ngx.redirect(...) be adopted when this method call is used in contexts other than [[#header_filter_by_lua|header_filter_by_lua*]] to reinforce the fact that the request processing is being terminated. == ngx.send_headers == '''syntax:''' ''ok, err = ngx.send_headers()'' @@ -4193,7 +4193,7 @@ Explicitly send out the response headers. Since v0.8.3 this function returns 1 on success, or returns nil and a string describing the error otherwise. Note that there is normally no need to manually send out response headers as ngx_lua will automatically send headers out -before content is output with [[#ngx.say|ngx.say]] or [[#ngx.print|ngx.print]] or when [[#content_by_lua|content_by_lua]] exits normally. +before content is output with [[#ngx.say|ngx.say]] or [[#ngx.print|ngx.print]] or when [[#content_by_lua|content_by_lua*]] exits normally. == ngx.headers_sent == '''syntax:''' ''value = ngx.headers_sent'' @@ -4284,7 +4284,7 @@ Since v0.8.3 this function returns 1 on success, or re When status >= 200 (i.e., ngx.HTTP_OK and above), it will interrupt the execution of the current request and return status code to nginx. -When status == 0 (i.e., ngx.OK), it will only quit the current phase handler (or the content handler if the [[#content_by_lua|content_by_lua]] directive is used) and continue to run later phases (if any) for the current request. +When status == 0 (i.e., ngx.OK), it will only quit the current phase handler (or the content handler if the [[#content_by_lua|content_by_lua*]] directive is used) and continue to run later phases (if any) for the current request. The status argument can be ngx.OK, ngx.ERROR, ngx.HTTP_NOT_FOUND, ngx.HTTP_MOVED_TEMPORARILY, or other [[#HTTP status constants|HTTP status constants]]. @@ -4338,11 +4338,11 @@ When you disable the HTTP 1.1 keep-alive feature for your downstream connections location = /async { keepalive_timeout 0; - content_by_lua ' + content_by_lua_block { ngx.say("got the task!") ngx.eof() -- a descent HTTP client will close the connection at this point -- access MySQL, PostgreSQL, Redis, Memcached, and etc here... - '; + } } @@ -4546,7 +4546,7 @@ For example, location = /md5 { - content_by_lua 'ngx.say(ngx.md5("hello"))'; + content_by_lua_block { ngx.say(ngx.md5("hello")) } } @@ -5085,17 +5085,17 @@ Here is an example: lua_shared_dict dogs 10m; server { location /set { - content_by_lua ' + content_by_lua_block { local dogs = ngx.shared.dogs dogs:set("Jim", 8) ngx.say("STORED") - '; + } } location /get { - content_by_lua ' + content_by_lua_block { local dogs = ngx.shared.dogs ngx.say(dogs:get("Jim")) - '; + } } } } @@ -5448,7 +5448,7 @@ Here is an example for connecting to a UDP (memcached) server: location /test { resolver 8.8.8.8; - content_by_lua ' + content_by_lua_block { local sock = ngx.socket.udp() local ok, err = sock:setpeername("my.memcached.server.domain", 11211) if not ok then @@ -5457,7 +5457,7 @@ Here is an example for connecting to a UDP (memcached) server: end ngx.say("successfully connected to memcached!") sock:close() - '; + } } @@ -5619,7 +5619,7 @@ Here is an example for connecting to a TCP server: location /test { resolver 8.8.8.8; - content_by_lua ' + content_by_lua_block { local sock = ngx.socket.tcp() local ok, err = sock:connect("www.google.com", 80) if not ok then @@ -5628,7 +5628,7 @@ Here is an example for connecting to a TCP server: end ngx.say("successfully connected to google!") sock:close() - '; + } } @@ -5967,31 +5967,31 @@ This feature was first introduced in the v0.5.0rc1 release. Retrieves the current running phase name. Possible return values are * init -: for the context of [[#init_by_lua|init_by_lua]] or [[#init_by_lua_file|init_by_lua_file]]. +: for the context of [[#init_by_lua|init_by_lua*]]. * init_worker -: for the context of [[#init_worker_by_lua|init_worker_by_lua]] or [[#init_worker_by_lua_file|init_worker_by_lua_file]]. +: for the context of [[#init_worker_by_lua|init_worker_by_lua*]]. * ssl_cert -: for the context of [[#ssl_certificate_by_lua_block|ssl_certificate_by_lua_block]] or [[#ssl_certificate_by_lua_file|ssl_certificate_by_lua_file]]. +: for the context of [[#ssl_certificate_by_lua_block|ssl_certificate_by_lua*]]. * ssl_session_fetch : for the context of [[#ssl_session_fetch_by_lua_block|ssl_session_fetch_by_lua*]]. * ssl_session_store : for the context of [[#ssl_session_store_by_lua_block|ssl_session_store_by_lua*]]. * set -: for the context of [[#set_by_lua|set_by_lua]] or [[#set_by_lua_file|set_by_lua_file]]. +: for the context of [[#set_by_lua|set_by_lua*]]. * rewrite -: for the context of [[#rewrite_by_lua|rewrite_by_lua]] or [[#rewrite_by_lua_file|rewrite_by_lua_file]]. +: for the context of [[#rewrite_by_lua|rewrite_by_lua*]]. * balancer -: for the context of [[#balancer_by_lua_block|balancer_by_lua_block]] or [[#balancer_by_lua_file|balancer_by_lua_file]]. +: for the context of [[#balancer_by_lua_block|balancer_by_lua*]]. * access -: for the context of [[#access_by_lua|access_by_lua]] or [[#access_by_lua_file|access_by_lua_file]]. +: for the context of [[#access_by_lua|access_by_lua*]]. * content -: for the context of [[#content_by_lua|content_by_lua]] or [[#content_by_lua_file|content_by_lua_file]]. +: for the context of [[#content_by_lua|content_by_lua*]]. * header_filter -: for the context of [[#header_filter_by_lua|header_filter_by_lua]] or [[#header_filter_by_lua_file|header_filter_by_lua_file]]. +: for the context of [[#header_filter_by_lua|header_filter_by_lua*]]. * body_filter -: for the context of [[#body_filter_by_lua|body_filter_by_lua]] or [[#body_filter_by_lua_file|body_filter_by_lua_file]]. +: for the context of [[#body_filter_by_lua|body_filter_by_lua*]]. * log -: for the context of [[#log_by_lua|log_by_lua]] or [[#log_by_lua_file|log_by_lua_file]]. +: for the context of [[#log_by_lua|log_by_lua*]]. * timer : for the context of user callback functions for [[#ngx.timer.at|ngx.timer.*]]. @@ -6318,7 +6318,7 @@ Here is a simple example: location / { ... - log_by_lua ' + log_by_lua_block { local function push_data(premature, uri, args, status) -- push the data uri, args, and status to the remote -- via ngx.socket.tcp or ngx.socket.udp @@ -6331,7 +6331,7 @@ Here is a simple example: ngx.log(ngx.ERR, "failed to create timer: ", err) return end - '; + } } From 1173cc7c936b797782ad03bc3cb8b3b6761c6fce Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 2 Oct 2016 12:00:49 -0700 Subject: [PATCH 009/136] feature: added new config directive "lua_malloc_trim N" to periodically call malloc_trim(1) every N requests when malloc_trim() is available. By default, "lua_malloc_trim 1000" is configured. This should fix the glibc oddity of holding too much freed memory when it fails to use brk() to allocate memory in the data segment. --- README.markdown | 26 +++ config | 18 ++ doc/HttpLuaModule.wiki | 26 +++ src/ngx_http_lua_common.h | 4 + src/ngx_http_lua_logby.c | 37 +++++ src/ngx_http_lua_module.c | 54 ++++++ t/146-malloc-trim.t | 337 ++++++++++++++++++++++++++++++++++++++ 7 files changed, 502 insertions(+) create mode 100644 t/146-malloc-trim.t diff --git a/README.markdown b/README.markdown index 25c1ded549..58996fc3de 100644 --- a/README.markdown +++ b/README.markdown @@ -1002,6 +1002,7 @@ Directives ========== * [lua_use_default_type](#lua_use_default_type) +* [lua_malloc_trim](#lua_malloc_trim) * [lua_code_cache](#lua_code_cache) * [lua_regex_cache_max_entries](#lua_regex_cache_max_entries) * [lua_regex_match_limit](#lua_regex_match_limit) @@ -1089,6 +1090,31 @@ This directive was first introduced in the `v0.9.1` release. [Back to TOC](#directives) +lua_malloc_trim +--------------- +**syntax:** *lua_malloc_trim <request-count>* + +**default:** *lua_malloc_trim 1000* + +**context:** *http* + +Asks the underlying `libc` runtime library to release its cached free memory back to the operating system every +`N` requests processed by the NGINX core. By default, `N` is 1000. You can configure the request count +by using your own numbers. Smaller numbers mean more frequent releases, which may introduce higher CPU time consumption and +smaller memory footprint while larger numbers usually lead to less CPU time overhead and relatively larger memory footprint. +Just tune the number for your own use cases. + +Configuring the argument to `0` essentially turns off the periodical memory trimming altogether. + +The current implementation uses an NGINX log phase handler to do the request counting. So the appearance of the +[log_subrequest on](http://nginx.org/en/docs/http/ngx_http_core_module.html#log_subrequest) directives in `nginx.conf` +may make the counting faster when subrequests are involved. By default, only "main requests" count. + +Note that this directive does *not* affect the memory allocated by LuaJIT's own allocator based on the `mmap` +system call. + +[Back to TOC](#directives) + lua_code_cache -------------- **syntax:** *lua_code_cache on | off* diff --git a/config b/config index 0f2749d32f..01a6b3c3cc 100644 --- a/config +++ b/config @@ -519,6 +519,24 @@ CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS" CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS" +# ---------------------------------------- + +ngx_feature="malloc_trim" +ngx_feature_libs= +ngx_feature_name="NGX_HTTP_LUA_HAVE_MALLOC_TRIM" +ngx_feature_run=yes +ngx_feature_incs="#include +#include " +ngx_feature_test="int rc = malloc_trim((size_t) 0); printf(\"%d\", rc);" +SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS" +CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS" + +. auto/feature + +CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS" + +# ---------------------------------------- + if test -n "$ngx_module_link"; then ngx_module_type=HTTP_AUX_FILTER ngx_module_name=$ngx_addon_name diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index dffecc853d..a4fb2c4932 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -840,6 +840,32 @@ This directive is turned on by default. This directive was first introduced in the v0.9.1 release. +== lua_malloc_trim == +'''syntax:''' ''lua_malloc_trim '' + +'''default:''' ''lua_malloc_trim 1000'' + +'''context:''' ''http'' + +Asks the underlying libc runtime library to release its cached free memory back to the operating system every +N requests processed by the NGINX core. By default, N is 1000. You can configure the request count +by using your own numbers. Smaller numbers mean more frequent releases, which may introduce higher CPU time consumption and +smaller memory footprint while larger numbers usually lead to less CPU time overhead and relatively larger memory footprint. +Just tune the number for your own use cases. + +Configuring the argument to 0 essentially turns off the periodical memory trimming altogether. + + + lua_malloc_trim 0; # turn off trimming completely + + +The current implementation uses an NGINX log phase handler to do the request counting. So the appearance of the +[http://nginx.org/en/docs/http/ngx_http_core_module.html#log_subrequest log_subrequest on] directives in nginx.conf +may make the counting faster when subrequests are involved. By default, only "main requests" count. + +Note that this directive does *not* affect the memory allocated by LuaJIT's own allocator based on the mmap +system call. + == lua_code_cache == '''syntax:''' ''lua_code_cache on | off'' diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h index d5e0dc8052..6aa0f171c1 100644 --- a/src/ngx_http_lua_common.h +++ b/src/ngx_http_lua_common.h @@ -193,6 +193,10 @@ struct ngx_http_lua_main_conf_s { ngx_http_lua_sema_mm_t *sema_mm; + ngx_uint_t malloc_trim_cycle; /* a cycle is defined as the number + of reqeusts */ + ngx_uint_t malloc_trim_req_count; + unsigned requires_header_filter:1; unsigned requires_body_filter:1; unsigned requires_capture_filter:1; diff --git a/src/ngx_http_lua_logby.c b/src/ngx_http_lua_logby.c index 49fcd08365..0f1d2f35b3 100644 --- a/src/ngx_http_lua_logby.c +++ b/src/ngx_http_lua_logby.c @@ -27,6 +27,9 @@ #include "ngx_http_lua_shdict.h" #include "ngx_http_lua_util.h" #include "ngx_http_lua_exception.h" +#if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM) +#include +#endif static ngx_int_t ngx_http_lua_log_by_chunk(lua_State *L, ngx_http_request_t *r); @@ -67,9 +70,43 @@ ngx_http_lua_log_by_lua_env(lua_State *L, ngx_http_request_t *r) ngx_int_t ngx_http_lua_log_handler(ngx_http_request_t *r) { +#if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM) + ngx_uint_t trim_cycle, trim_nreq; + ngx_http_lua_main_conf_t *lmcf; +#endif ngx_http_lua_loc_conf_t *llcf; ngx_http_lua_ctx_t *ctx; +#if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM) + lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module); + + trim_cycle = lmcf->malloc_trim_cycle; + + if (trim_cycle > 0) { + + dd("cycle: %d", (int) trim_cycle); + + trim_nreq = ++lmcf->malloc_trim_req_count; + + if (trim_nreq >= trim_cycle) { + lmcf->malloc_trim_req_count = 0; + +#if (NGX_DEBUG) + ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "malloc_trim(1) returned %d", malloc_trim(1)); +#else + (void) malloc_trim(1); +#endif + } + } +# if (NGX_DEBUG) + else { + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, + "malloc_trim() disabled"); + } +# endif +#endif + ngx_log_debug2(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "lua log handler, uri:\"%V\" c:%ud", &r->uri, r->main->count); diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index c5e10f9159..fe39391901 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -53,6 +53,8 @@ void ngx_http_lua_limit_data_segment(void); static ngx_int_t ngx_http_lua_pre_config(ngx_conf_t *cf); # endif #endif +static char *ngx_http_lua_malloc_trim(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); static ngx_conf_post_t ngx_http_lua_lowat_post = @@ -578,6 +580,13 @@ static ngx_command_t ngx_http_lua_cmds[] = { #endif /* NGX_HTTP_SSL */ + { ngx_string("lua_malloc_trim"), + NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, + ngx_http_lua_malloc_trim, + NGX_HTTP_MAIN_CONF_OFFSET, + 0, + NULL }, + ngx_null_command }; @@ -832,6 +841,10 @@ ngx_http_lua_create_main_conf(ngx_conf_t *cf) lmcf->postponed_to_rewrite_phase_end = NGX_CONF_UNSET; lmcf->postponed_to_access_phase_end = NGX_CONF_UNSET; +#if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM) + lmcf->malloc_trim_cycle = NGX_CONF_UNSET_UINT; +#endif + #ifndef NGX_LUA_NO_FFI_API rc = ngx_http_lua_sema_mm_init(cf, lmcf); if (rc != NGX_OK) { @@ -868,6 +881,12 @@ ngx_http_lua_init_main_conf(ngx_conf_t *cf, void *conf) lmcf->max_running_timers = 256; } +#if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM) + if (lmcf->malloc_trim_cycle == NGX_CONF_UNSET_UINT) { + lmcf->malloc_trim_cycle = 1000; /* number of reqs */ + } +#endif + lmcf->cycle = cf->cycle; return NGX_CONF_OK; @@ -1283,4 +1302,39 @@ ngx_http_lua_limit_data_segment(void) } #endif + +static char * +ngx_http_lua_malloc_trim(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) +{ +#if (NGX_HTTP_LUA_HAVE_MALLOC_TRIM) + + ngx_int_t nreqs; + ngx_str_t *value; + + ngx_http_lua_main_conf_t *lmcf = conf; + + value = cf->args->elts; + + nreqs = ngx_atoi(value[1].data, value[1].len); + if (nreqs == NGX_ERROR) { + return "invalid number in the 1st argument"; + } + + lmcf->malloc_trim_cycle = (ngx_uint_t) nreqs; + + if (nreqs == 0) { + return NGX_CONF_OK; + } + + lmcf->requires_log = 1; + +#else + + ngx_conf_log_error(NGX_LOG_WARN, cf, 0, "lua_malloc_trim is not supported " + "on this platform, ignored"); + +#endif + return NGX_CONF_OK; +} + /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ diff --git a/t/146-malloc-trim.t b/t/146-malloc-trim.t new file mode 100644 index 0000000000..45fb9f2463 --- /dev/null +++ b/t/146-malloc-trim.t @@ -0,0 +1,337 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: + +use Test::Nginx::Socket::Lua; + +#worker_connections(1014); +#master_process_enabled(1); +#log_level('warn'); + +#repeat_each(2); + +plan tests => repeat_each() * (blocks() * 4 + 3); + +#no_diff(); +no_long_string(); +#master_on(); +#workers(2); + +run_tests(); + +__DATA__ + +=== TEST 1: malloc_trim() every 1 req, in subreq +--- http_config + lua_malloc_trim 1; +--- config + location = /t { + return 200 "ok\n"; + } + + location = /main { + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + } +--- request +GET /main +--- response_body +ok +ok +ok +ok +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +malloc_trim(1) returned 0 +--- wait: 0.2 +--- no_error_log +[error] + + + +=== TEST 2: malloc_trim() every 1 req, in subreq +--- http_config + lua_malloc_trim 1; +--- config + location = /t { + log_subrequest on; + return 200 "ok\n"; + } + + location = /main { + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + } +--- request +GET /main +--- response_body +ok +ok +ok +ok +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +--- wait: 0.2 +--- no_error_log +[error] + + + +=== TEST 3: malloc_trim() every 2 req, in subreq +--- http_config + lua_malloc_trim 2; +--- config + location = /t { + log_subrequest on; + return 200 "ok\n"; + } + + location = /main { + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + } +--- request +GET /main +--- response_body +ok +ok +ok +ok +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +--- wait: 0.2 +--- no_error_log +[error] + + + +=== TEST 4: malloc_trim() every 3 req, in subreq +--- http_config + lua_malloc_trim 3; +--- config + location = /t { + log_subrequest on; + return 200 "ok\n"; + } + + location = /main { + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + } +--- request +GET /main +--- response_body +ok +ok +ok +ok +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +malloc_trim(1) returned 0 +malloc_trim(1) returned 0 +--- wait: 0.2 +--- no_error_log +[error] + + + +=== TEST 5: malloc_trim() every 2 req, in subreq, big memory usage +--- http_config + lua_malloc_trim 2; + lua_package_path "$prefix/html/?.lua;;"; +--- config + location = /t { + log_subrequest on; + content_by_lua_block { + require("foo")() + } + } + + location = /main { + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + } +--- user_files +>>> foo.lua +local ffi = require "ffi" + +ffi.cdef[[ + void *malloc(size_t sz); + void free(void *p); +]] + +return function () + local t = {} + for i = 1, 10 do + t[i] = ffi.C.malloc(1024 * 128) + end + for i = 1, 10 do + ffi.C.free(t[i]) + end + ngx.say("ok") +end +--- request +GET /main +--- response_body +ok +ok +ok +ok +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +malloc_trim(1) returned 1 +malloc_trim(1) returned 1 +malloc_trim(1) returned 1 +--- wait: 0.2 +--- no_error_log +[error] + + + +=== TEST 6: zero count means off +--- http_config + lua_malloc_trim 0; + lua_package_path "$prefix/html/?.lua;;"; +--- config + location = /t { + content_by_lua_block { + require("foo")() + } + } +--- user_files +>>> foo.lua +local ffi = require "ffi" + +ffi.cdef[[ + void *malloc(size_t sz); + void free(void *p); +]] + +return function () + local t = {} + for i = 1, 10 do + t[i] = ffi.C.malloc(1024 * 128) + end + for i = 1, 10 do + ffi.C.free(t[i]) + end + ngx.say("ok") +end + +--- request +GET /t +--- response_body +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +--- wait: 0.2 +--- no_error_log +malloc_trim() disabled +[error] + + + +=== TEST 7: zero count means off, log_by_lua +--- http_config + lua_malloc_trim 0; + lua_package_path "$prefix/html/?.lua;;"; +--- config + location = /t { + content_by_lua_block { + require("foo")() + } + log_by_lua_block { + print("Hello from log") + } + } +--- user_files +>>> foo.lua +local ffi = require "ffi" + +ffi.cdef[[ + void *malloc(size_t sz); + void free(void *p); +]] + +return function () + local t = {} + for i = 1, 10 do + t[i] = ffi.C.malloc(1024 * 128) + end + for i = 1, 10 do + ffi.C.free(t[i]) + end + ngx.say("ok") +end + +--- request +GET /t +--- response_body +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +--- wait: 0.2 +--- error_log +Hello from log +malloc_trim() disabled +--- no_error_log +[error] + + + +=== TEST 8: malloc_trim() every 1 req +--- http_config + lua_malloc_trim 1; +--- config + location = /t { + return 200 "ok\n"; + } + + location = /main { + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + echo_location /t; + } +--- request +GET /main +--- response_body +ok +ok +ok +ok +ok +--- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ +--- grep_error_log_out +malloc_trim(1) returned 0 +--- wait: 0.2 +--- no_error_log +[error] From 66405877d6686ff87a2d1cf2653229ef6606bec5 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 22 Oct 2016 20:03:09 -0700 Subject: [PATCH 010/136] bumped the API version to 0.10.7; also documented that lua_malloc_trim was first introduced in ngx_lua 0.10.7. --- README.markdown | 7 +++++++ doc/HttpLuaModule.wiki | 2 ++ src/api/ngx_http_lua_api.h | 2 +- 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/README.markdown b/README.markdown index 58996fc3de..5f5f008f87 100644 --- a/README.markdown +++ b/README.markdown @@ -1106,6 +1106,11 @@ Just tune the number for your own use cases. Configuring the argument to `0` essentially turns off the periodical memory trimming altogether. +```nginx + + lua_malloc_trim 0; # turn off trimming completely +``` + The current implementation uses an NGINX log phase handler to do the request counting. So the appearance of the [log_subrequest on](http://nginx.org/en/docs/http/ngx_http_core_module.html#log_subrequest) directives in `nginx.conf` may make the counting faster when subrequests are involved. By default, only "main requests" count. @@ -1113,6 +1118,8 @@ may make the counting faster when subrequests are involved. By default, only "ma Note that this directive does *not* affect the memory allocated by LuaJIT's own allocator based on the `mmap` system call. +This directive was first introduced in the `v0.10.7` release. + [Back to TOC](#directives) lua_code_cache diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index a4fb2c4932..d2fb07f229 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -866,6 +866,8 @@ may make the counting faster when subrequests are involved. By default, only "ma Note that this directive does *not* affect the memory allocated by LuaJIT's own allocator based on the mmap system call. +This directive was first introduced in the v0.10.7 release. + == lua_code_cache == '''syntax:''' ''lua_code_cache on | off'' diff --git a/src/api/ngx_http_lua_api.h b/src/api/ngx_http_lua_api.h index 88b41ad17a..f6c197855b 100644 --- a/src/api/ngx_http_lua_api.h +++ b/src/api/ngx_http_lua_api.h @@ -19,7 +19,7 @@ /* Public API for other Nginx modules */ -#define ngx_http_lua_version 10006 +#define ngx_http_lua_version 10007 typedef struct { From 28df10b1661039c8dd70683badf68ad729d250c3 Mon Sep 17 00:00:00 2001 From: doujiang24 Date: Thu, 25 Aug 2016 16:44:28 +0800 Subject: [PATCH 011/136] feature: added a new api function tcpsock:settimeouts(connect_timeout, send_timeout, read_timeout). Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 27 +- doc/HttpLuaModule.wiki | 23 +- src/ngx_http_lua_socket_tcp.c | 124 ++++++-- t/062-count.t | 4 +- t/147-tcp-socket-timeouts.t | 516 ++++++++++++++++++++++++++++++++++ 5 files changed, 666 insertions(+), 28 deletions(-) create mode 100644 t/147-tcp-socket-timeouts.t diff --git a/README.markdown b/README.markdown index 5f5f008f87..323b8a55f3 100644 --- a/README.markdown +++ b/README.markdown @@ -2654,7 +2654,7 @@ lua_socket_connect_timeout **context:** *http, server, location* -This directive controls the default timeout value used in TCP/unix-domain socket object's [connect](#tcpsockconnect) method and can be overridden by the [settimeout](#tcpsocksettimeout) method. +This directive controls the default timeout value used in TCP/unix-domain socket object's [connect](#tcpsockconnect) method and can be overridden by the [settimeout](#tcpsocksettimeout) or [settimeouts](#tcpsocksettimeouts) methods. The ` or 302 redirection to uri. -The optional status parameter specifies whether -301 or 302 to be used. It is 302 (ngx.HTTP_MOVED_TEMPORARILY) by default. +The optional status parameter specifies the HTTP status code to be used. The following status codes are supported right now: + +* 301 +* 302 (default) +* 307 + +It is 302 (ngx.HTTP_MOVED_TEMPORARILY) by default. Here is an example assuming the current server name is localhost and that it is listening on port 1984: From 7bd68906b7a7503e6ee77fda0f19f743cdee8c62 Mon Sep 17 00:00:00 2001 From: detailyang Date: Wed, 2 Nov 2016 20:01:39 +0800 Subject: [PATCH 021/136] doc: log level constants are also available in init_by_lua* and init_worker_by_lua* contexts. thanks kraml for the report in #876. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index a9ce4bf641..4689bf5753 100644 --- a/README.markdown +++ b/README.markdown @@ -3394,7 +3394,7 @@ HTTP status constants Nginx log level constants ------------------------- -**context:** *set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** +**context:** *init_by_lua*, init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** ```lua diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 80ebbf54e2..f4f14800cf 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -2744,7 +2744,7 @@ These constants are usually used in [[#ngx.location.capture|ngx.location.capture == Nginx log level constants == -'''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' +'''context:''' ''init_by_lua*, init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' ngx.STDERR From 3cbe5be4a66794af7cd8bc7f4aadaece5bce5edb Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 2 Nov 2016 19:58:17 -0700 Subject: [PATCH 022/136] tests: skipped the newly added test case that cannot run in check leak test mode. --- t/028-req-header.t | 1 + 1 file changed, 1 insertion(+) diff --git a/t/028-req-header.t b/t/028-req-header.t index c9a0fb0fc5..1ebcdff4e2 100644 --- a/t/028-req-header.t +++ b/t/028-req-header.t @@ -1643,3 +1643,4 @@ GeT / HTTP/1.1 ok --- no_error_log [error] +--- no_check_leak From 00643248825f61614541bb409a241e87ad87a554 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 4 Nov 2016 12:09:18 -0700 Subject: [PATCH 023/136] doc: bumped version to 0.10.7. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 4689bf5753..3699a72de4 100644 --- a/README.markdown +++ b/README.markdown @@ -62,7 +62,7 @@ Production ready. Version ======= -This document describes ngx_lua [v0.10.6](https://github.com/openresty/lua-nginx-module/tags) released on 15 August 2016. +This document describes ngx_lua [v0.10.7](https://github.com/openresty/lua-nginx-module/tags) released on 4 November 2016. Synopsis ======== diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index f4f14800cf..be454af326 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -10,7 +10,7 @@ Production ready. = Version = -This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.6] released on 15 August 2016. +This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.7] released on 4 November 2016. = Synopsis = From 75b03949c1898a4ff688eb390b4549519b6991bf Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 13 Nov 2016 12:30:56 -0800 Subject: [PATCH 024/136] doc: added a note about the LRU regex cache used in the ngx.re.* implementation of lua-resty-core. --- README.markdown | 2 ++ doc/HttpLuaModule.wiki | 2 ++ 2 files changed, 4 insertions(+) diff --git a/README.markdown b/README.markdown index 3699a72de4..eaac1456c9 100644 --- a/README.markdown +++ b/README.markdown @@ -1176,6 +1176,8 @@ The default number of entries allowed is 1024 and when this limit is reached, ne 2011/08/27 23:18:26 [warn] 31997#0: *1 lua exceeding regex cache max entries (1024), ... +If you are using the `ngx.re.*` implementation of [lua-resty-core](https://github.com/openresty/lua-resty-core) by loading the `resty.core.regex` module (or just the `resty.core` module), then an LRU cache is used for the regex cache being used here. + Do not activate the `o` option for regular expressions (and/or `replace` string arguments for [ngx.re.sub](#ngxresub) and [ngx.re.gsub](#ngxregsub)) that are generated *on the fly* and give rise to infinite variations to avoid hitting the specified limit. [Back to TOC](#directives) diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index be454af326..aa357a1c8d 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -918,6 +918,8 @@ The default number of entries allowed is 1024 and when this limit is reached, ne 2011/08/27 23:18:26 [warn] 31997#0: *1 lua exceeding regex cache max entries (1024), ... +If you are using the `ngx.re.*` implementation of [lua-resty-core](https://github.com/openresty/lua-resty-core) by loading the `resty.core.regex` module (or just the `resty.core` module), then an LRU cache is used for the regex cache being used here. + Do not activate the o option for regular expressions (and/or replace string arguments for [[#ngx.re.sub|ngx.re.sub]] and [[#ngx.re.gsub|ngx.re.gsub]]) that are generated ''on the fly'' and give rise to infinite variations to avoid hitting the specified limit. == lua_regex_match_limit == From ce525fb5060a75941aa5b21c6f0290ca84ddee67 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 14 Nov 2016 14:43:59 -0800 Subject: [PATCH 025/136] tests: made tests less likely to fail due to bad network. --- t/087-udp-socket.t | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/t/087-udp-socket.t b/t/087-udp-socket.t index 79ba452edf..c618fd7ad0 100644 --- a/t/087-udp-socket.t +++ b/t/087-udp-socket.t @@ -667,7 +667,8 @@ lua udp socket receive buffer size: 8192 === TEST 12: github issue #215: Handle the posted requests in lua cosocket api (failed to resolve) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; + resolver_timeout 5s; location = /sub { content_by_lua ' @@ -704,12 +705,13 @@ resolve name done --- no_error_log [error] +--- timeout: 10 === TEST 13: github issue #215: Handle the posted requests in lua cosocket api (successfully resolved) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 5s; location = /sub { From 0a1de31ff65803929a0e144d1e1c8fd2b3335375 Mon Sep 17 00:00:00 2001 From: jimtan <312841925@qq.com> Date: Mon, 14 Nov 2016 16:56:32 +0800 Subject: [PATCH 026/136] bugfix: C API: ngx_http_lua_add_package_preload() might not take effect when lua_code_cache is off. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_api.c | 5 +- t/150-fake-delayed-load.t | 56 +++++++++++++ t/data/fake-delayed-load-module/config | 3 + .../ngx_http_lua_fake_delayed_load_module.c | 78 +++++++++++++++++++ util/build.sh | 1 + 5 files changed, 140 insertions(+), 3 deletions(-) create mode 100644 t/150-fake-delayed-load.t create mode 100644 t/data/fake-delayed-load-module/config create mode 100644 t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c diff --git a/src/ngx_http_lua_api.c b/src/ngx_http_lua_api.c index b72c7077f9..6c3d83de50 100644 --- a/src/ngx_http_lua_api.c +++ b/src/ngx_http_lua_api.c @@ -56,11 +56,10 @@ ngx_http_lua_add_package_preload(ngx_conf_t *cf, const char *package, lua_pushcfunction(L, func); lua_setfield(L, -2, package); lua_pop(L, 2); - - return NGX_OK; } - /* L == NULL */ + /* we always register preload_hooks since we always create new Lua VMs + * when lua code cache is off. */ if (lmcf->preload_hooks == NULL) { lmcf->preload_hooks = diff --git a/t/150-fake-delayed-load.t b/t/150-fake-delayed-load.t new file mode 100644 index 0000000000..232bbf3a83 --- /dev/null +++ b/t/150-fake-delayed-load.t @@ -0,0 +1,56 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: +use lib 'lib'; +use Test::Nginx::Socket::Lua; + +#worker_connections(1014); +#master_process_enabled(1); +#log_level('warn'); + +#repeat_each(2); + +plan tests => repeat_each() * (blocks() * 3); + +#no_diff(); +no_long_string(); +#master_on(); +#workers(2); + +run_tests(); + +__DATA__ + +=== TEST 1: lua code cache on +--- http_config + lua_code_cache on; +--- config + location = /cache_on { + content_by_lua_block { + local delayed_load = require("ngx.delayed_load") + ngx.say(type(delayed_load.get_function)) + } + } +--- request +GET /cache_on +--- response_body +function +--- no_error_log +[error] + + + +=== TEST 2: lua code cache off +--- http_config + lua_code_cache off; +--- config + location = /cache_off { + content_by_lua_block { + local delayed_load = require("ngx.delayed_load") + ngx.say(type(delayed_load.get_function)) + } + } +--- request +GET /cache_off +--- response_body +function +--- no_error_log +[error] diff --git a/t/data/fake-delayed-load-module/config b/t/data/fake-delayed-load-module/config new file mode 100644 index 0000000000..a5fa6fb48f --- /dev/null +++ b/t/data/fake-delayed-load-module/config @@ -0,0 +1,3 @@ +ngx_addon_name="ngx_http_lua_fake_delayed_load_module" +HTTP_AUX_FILTER_MODULES="$HTTP_AUX_FILTER_MODULES ngx_http_lua_fake_delayed_load_module" +NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_http_lua_fake_delayed_load_module.c" diff --git a/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c b/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c new file mode 100644 index 0000000000..8548d878e7 --- /dev/null +++ b/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c @@ -0,0 +1,78 @@ +/* Copyright (C) Jim Tan + * + * This fake_delayed_load delayed load module was used to reproduce + * a bug in ngx_lua's function ngx_http_lua_add_package_preload. + */ + + +#include +#include +#include +#include + + +#include "ngx_http_lua_api.h" + + +static ngx_int_t ngx_http_lua_fake_delayed_load_init(ngx_conf_t *cf); +static int ngx_http_lua_fake_delayed_load_preload(lua_State *L); +static int ngx_http_lua_fake_delayed_load_function(lua_State * L); + + +static ngx_http_module_t ngx_http_lua_fake_delayed_load_module_ctx = { + NULL, /* preconfiguration */ + ngx_http_lua_fake_delayed_load_init, /* postconfiguration */ + + NULL, /* create main configuration */ + NULL, /* init main configuration */ + + NULL, /* create server configuration */ + NULL, /* merge server configuration */ + + NULL, /* create location configuration */ + NULL, /* merge location configuration */ +}; + +/* flow identify module struct */ +ngx_module_t ngx_http_lua_fake_delayed_load_module = { + NGX_MODULE_V1, + &ngx_http_lua_fake_delayed_load_module_ctx, /* module context */ + NULL, /* module directives */ + NGX_HTTP_MODULE, /* module type */ + NULL, /* init master */ + NULL, /* init module */ + NULL, /* init process */ + NULL, /* init thread */ + NULL, /* exit thread */ + NULL, /* exit process */ + NULL, /* exit master */ + NGX_MODULE_V1_PADDING +}; + + +static ngx_int_t +ngx_http_lua_fake_delayed_load_init(ngx_conf_t *cf) +{ + ngx_http_lua_add_package_preload(cf, "ngx.delayed_load", + ngx_http_lua_fake_delayed_load_preload); + return NGX_OK; +} + + +static int +ngx_http_lua_fake_delayed_load_preload(lua_State *L) +{ + lua_createtable(L, 0, 1); + + lua_pushcfunction(L, ngx_http_lua_fake_delayed_load_function); + lua_setfield(L, -2, "get_function"); + + return 1; +} + + +static int +ngx_http_lua_fake_delayed_load_function(lua_State * L) +{ + return 1; +} diff --git a/util/build.sh b/util/build.sh index 7887fe93ac..e45c00a73f 100755 --- a/util/build.sh +++ b/util/build.sh @@ -52,6 +52,7 @@ time ngx-build $force $version \ --add-module=$root/../redis2-nginx-module \ --add-module=$root/t/data/fake-module \ --add-module=$root/t/data/fake-shm-module \ + --add-module=$root/t/data/fake-delayed-load-module \ --with-http_gunzip_module \ --with-http_dav_module \ --with-select_module \ From 3b42b8bb8c2c2f4f6baf3c566fe0dc059ec9f5c3 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 14 Nov 2016 15:19:43 -0800 Subject: [PATCH 027/136] tests: avoided solving IPv6 addresses. --- t/023-rewrite/tcp-socket.t | 8 ++++---- t/058-tcp-socket.t | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/t/023-rewrite/tcp-socket.t b/t/023-rewrite/tcp-socket.t index cf9d80af2c..e84734cca6 100644 --- a/t/023-rewrite/tcp-socket.t +++ b/t/023-rewrite/tcp-socket.t @@ -204,7 +204,7 @@ attempt to send data on a closed socket: --- timeout: 10 --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { rewrite_by_lua ' @@ -296,7 +296,7 @@ qr/connect\(\) failed \(\d+: Connection refused\)/ === TEST 6: connection timeout (tcp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_socket_connect_timeout 100ms; lua_socket_send_timeout 100ms; lua_socket_read_timeout 100ms; @@ -372,7 +372,7 @@ connected: 1 === TEST 8: resolver error (host not found) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { rewrite_by_lua ' @@ -415,7 +415,7 @@ attempt to send data on a closed socket === TEST 9: resolver error (timeout) --- config server_tokens off; - resolver 8.8.8.8; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 1ms; location /t { rewrite_by_lua ' diff --git a/t/058-tcp-socket.t b/t/058-tcp-socket.t index acf69f0408..5b0d79005a 100644 --- a/t/058-tcp-socket.t +++ b/t/058-tcp-socket.t @@ -2038,7 +2038,7 @@ resolve name done === TEST 34: github issue #215: Handle the posted requests in lua cosocket api (successfully resolved) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 5s; location = /sub { From 0a83639f1985e0add654369b6a514fc8310bc8e5 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 14 Nov 2016 16:08:51 -0800 Subject: [PATCH 028/136] tests: avoided solving IPv6 addresses in more tests. --- t/129-ssl-socket.t | 58 +++++++++++++++++++++++----------------------- 1 file changed, 29 insertions(+), 29 deletions(-) diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t index 9da9a5c245..cc14594cb3 100644 --- a/t/129-ssl-socket.t +++ b/t/129-ssl-socket.t @@ -125,7 +125,7 @@ SSL reused session === TEST 2: no SNI, no verify --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -202,7 +202,7 @@ SSL reused session === TEST 3: SNI, no verify --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -280,7 +280,7 @@ SSL reused session === TEST 4: ssl session reuse --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -374,7 +374,7 @@ lua ssl free session The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.org". --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 5; location /t { @@ -453,7 +453,7 @@ SSL reused session The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.org". --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_socket_log_errors off; lua_ssl_verify_depth 2; @@ -532,7 +532,7 @@ SSL reused session === TEST 7: certificate does not match host name (no verify) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -611,7 +611,7 @@ SSL reused session === TEST 8: iscribblet.org: passing SSL verify --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 2; location /t { @@ -696,7 +696,7 @@ SSL reused session === TEST 9: ssl verify depth not enough (with automatic error logging) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 1; location /t { @@ -774,7 +774,7 @@ SSL reused session === TEST 10: ssl verify depth not enough (without automatic error logging) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 1; lua_socket_log_errors off; @@ -1033,7 +1033,7 @@ SSL reused session === TEST 13: iscribblet.org: passing SSL verify with multiple certificates --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 2; location /t { @@ -1119,7 +1119,7 @@ SSL reused session === TEST 14: default cipher --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1198,7 +1198,7 @@ SSL reused session === TEST 15: explicit cipher configuration --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_ciphers RC4-SHA; location /t { #set $port 5000; @@ -1278,7 +1278,7 @@ SSL reused session === TEST 16: explicit ssl protocol configuration --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_protocols TLSv1; location /t { #set $port 5000; @@ -1358,7 +1358,7 @@ SSL reused session === TEST 17: unsupported ssl protocol --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_protocols SSLv2; lua_socket_log_errors off; location /t { @@ -1435,7 +1435,7 @@ SSL reused session === TEST 18: iscribblet.org: passing SSL verify: keepalive (reuse the ssl session) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 2; location /t { @@ -1512,7 +1512,7 @@ SSL reused session === TEST 19: iscribblet.org: passing SSL verify: keepalive (no reusing the ssl session) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 2; location /t { @@ -1592,7 +1592,7 @@ SSL reused session === TEST 20: downstream cosockets do not support ssl handshake --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/trusted.crt; lua_ssl_verify_depth 2; location /t { @@ -1647,7 +1647,7 @@ attempt to call method 'sslhandshake' (a nil value) } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1750,7 +1750,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/test.crt; location /t { @@ -1854,7 +1854,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1946,7 +1946,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_crl ../html/test.crl; lua_ssl_trusted_certificate ../html/test.crt; lua_socket_log_errors off; @@ -2031,7 +2031,7 @@ SSL reused session === TEST 25: multiple handshake calls --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -2115,7 +2115,7 @@ SSL reused session === TEST 26: handshake timed out --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -2183,7 +2183,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -2254,7 +2254,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -2328,7 +2328,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -2405,7 +2405,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate ../html/test.crt; location /t { @@ -2510,7 +2510,7 @@ SSL reused session } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; #lua_ssl_trusted_certificate ../html/test.crt; location /t { @@ -2589,7 +2589,7 @@ SSL reused session === TEST 32: handshake, too many arguments --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; From 38dfb174a219754e8275ca7b41bf3d8ef7840fcf Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 14 Nov 2016 20:33:17 -0800 Subject: [PATCH 029/136] tests: fixed a bug in the example ngx_fake_delayed module. thanks Dejiang Zhu. also removed the copyright notice in this module since it is already granted. --- .../ngx_http_lua_fake_delayed_load_module.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c b/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c index 8548d878e7..2898255c21 100644 --- a/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c +++ b/t/data/fake-delayed-load-module/ngx_http_lua_fake_delayed_load_module.c @@ -1,5 +1,4 @@ -/* Copyright (C) Jim Tan - * +/* * This fake_delayed_load delayed load module was used to reproduce * a bug in ngx_lua's function ngx_http_lua_add_package_preload. */ @@ -74,5 +73,5 @@ ngx_http_lua_fake_delayed_load_preload(lua_State *L) static int ngx_http_lua_fake_delayed_load_function(lua_State * L) { - return 1; + return 0; } From a24db2cb992494d6e30fb3b96812b677f6b0e63a Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 14 Nov 2016 20:34:36 -0800 Subject: [PATCH 030/136] tests: ngx_http_fake_module: removed the coyyright notice since the copyright is already granted. --- t/data/fake-module/ngx_http_fake_module.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/t/data/fake-module/ngx_http_fake_module.c b/t/data/fake-module/ngx_http_fake_module.c index 42cde555bd..650f4f7ccc 100644 --- a/t/data/fake-module/ngx_http_fake_module.c +++ b/t/data/fake-module/ngx_http_fake_module.c @@ -1,5 +1,4 @@ -/* Copyright (C) ZHANG Heng (chiyouhen) - * +/* * This fake module was used to reproduce a bug in ngx_lua's * init_worker_by_lua implementation. */ From 4bc90422224c7274795754f23df84be513e7282f Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 14 Nov 2016 20:45:29 -0800 Subject: [PATCH 031/136] tests: fixed a perl warning "Unescaped left brace in regex is deprecated, passed through in regex". --- t/026-mysql.t | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/t/026-mysql.t b/t/026-mysql.t index e14ffb6f14..569f96fbc9 100644 --- a/t/026-mysql.t +++ b/t/026-mysql.t @@ -66,7 +66,7 @@ __DATA__ ^status = 504 thread id = \d+ kill status = 200 -kill body = {"errcode":0}$ +kill body = \{"errcode":0\}$ --- error_log eval qr{upstream timed out \(\d+: Connection timed out\) while sending query to drizzle upstream} @@ -126,6 +126,5 @@ qr{upstream timed out \(\d+: Connection timed out\) while sending query to drizz ^status = 504 thread id = \d+ kill status = 200 -kill body = {"errcode":0}$ +kill body = \{"errcode":0\}$ --- SKIP - From 5e59e8c897c4256dc14bdd7f1b2f0b8d090a9434 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Wed, 16 Nov 2016 08:41:47 +0000 Subject: [PATCH 032/136] bugfix: compilation failures with nginx cores older than 1.9.0. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_api.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/ngx_http_lua_api.c b/src/ngx_http_lua_api.c index 6c3d83de50..7b590e7a9f 100644 --- a/src/ngx_http_lua_api.c +++ b/src/ngx_http_lua_api.c @@ -175,7 +175,9 @@ ngx_http_lua_shared_memory_init(ngx_shm_zone_t *shm_zone, void *data) } zone->shm = shm_zone->shm; +#if defined(nginx_version) && nginx_version >= 1009000 zone->noreuse = shm_zone->noreuse; +#endif if (zone->init(zone, odata) != NGX_OK) { return NGX_ERROR; From 793531df5451e6cc45cdce0319302add72c79e90 Mon Sep 17 00:00:00 2001 From: Thibault Charbonnier Date: Fri, 18 Nov 2016 17:34:27 -0800 Subject: [PATCH 033/136] doc: removed ngx.re.split() from TODO section since it is already implemented in ngx.re. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 1 - doc/HttpLuaModule.wiki | 1 - 2 files changed, 2 deletions(-) diff --git a/README.markdown b/README.markdown index eaac1456c9..ea57ef1bce 100644 --- a/README.markdown +++ b/README.markdown @@ -871,7 +871,6 @@ servers in Lua. For example, * cosocket: pool-based backend concurrency level control: implement automatic `connect` queueing when the backend concurrency exceeds its connection pool limit. * cosocket: review and merge aviramc's [patch](https://github.com/openresty/lua-nginx-module/pull/290) for adding the `bsdrecv` method. * add new API function `ngx.resp.add_header` to emulate the standard `add_header` config directive. -* review and apply Jader H. Silva's patch for `ngx.re.split()`. * review and apply vadim-pavlov's patch for [ngx.location.capture](#ngxlocationcapture)'s `extra_headers` option * use `ngx_hash_t` to optimize the built-in header look-up process for [ngx.req.set_header](#ngxreqset_header), [ngx.header.HEADER](#ngxheaderheader), and etc. * add configure options for different strategies of handling the cosocket connection exceeding in the pools. diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index aa357a1c8d..876e7d9970 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -705,7 +705,6 @@ servers in Lua. For example, * cosocket: pool-based backend concurrency level control: implement automatic connect queueing when the backend concurrency exceeds its connection pool limit. * cosocket: review and merge aviramc's [https://github.com/openresty/lua-nginx-module/pull/290 patch] for adding the bsdrecv method. * add new API function ngx.resp.add_header to emulate the standard add_header config directive. -* review and apply Jader H. Silva's patch for ngx.re.split(). * review and apply vadim-pavlov's patch for [[#ngx.location.capture|ngx.location.capture]]'s extra_headers option * use ngx_hash_t to optimize the built-in header look-up process for [[#ngx.req.set_header|ngx.req.set_header]], [[#ngx.header.HEADER|ngx.header.HEADER]], and etc. * add configure options for different strategies of handling the cosocket connection exceeding in the pools. From aa43ca0639255af9decb2f2affada6087cd69c4d Mon Sep 17 00:00:00 2001 From: Andreas Lubbe Date: Mon, 14 Nov 2016 09:13:52 +0100 Subject: [PATCH 034/136] doc: stripped line trailing whitespaces. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 50 ++++++------- doc/HttpLuaModule.wiki | 156 ++++++++++++++++++++--------------------- 2 files changed, 103 insertions(+), 103 deletions(-) diff --git a/README.markdown b/README.markdown index ea57ef1bce..21f0816d4e 100644 --- a/README.markdown +++ b/README.markdown @@ -623,9 +623,9 @@ Known Issues TCP socket connect operation issues ----------------------------------- -The [tcpsock:connect](#tcpsockconnect) method may indicate `success` despite connection failures such as with `Connection Refused` errors. +The [tcpsock:connect](#tcpsockconnect) method may indicate `success` despite connection failures such as with `Connection Refused` errors. -However, later attempts to manipulate the cosocket object will fail and return the actual error status message generated by the failed connect operation. +However, later attempts to manipulate the cosocket object will fail and return the actual error status message generated by the failed connect operation. This issue is due to limitations in the Nginx event model and only appears to affect Mac OS X. @@ -755,7 +755,7 @@ To avoid this, *double* escape the backslash: Here, `\\\\d+` is stripped down to `\\d+` by the Nginx config file parser and this is further stripped down to `\d+` by the Lua language parser before running. -Alternatively, the regex pattern can be presented as a long-bracketed Lua string literal by encasing it in "long brackets", `[[...]]`, in which case backslashes have to only be escaped once for the Nginx config file parser. +Alternatively, the regex pattern can be presented as a long-bracketed Lua string literal by encasing it in "long brackets", `[[...]]`, in which case backslashes have to only be escaped once for the Nginx config file parser. ```nginx @@ -772,7 +772,7 @@ Alternatively, the regex pattern can be presented as a long-bracketed Lua string Here, `[[\\d+]]` is stripped down to `[[\d+]]` by the Nginx config file parser and this is processed correctly. -Note that a longer from of the long bracket, `[=[...]=]`, may be required if the regex pattern contains `[...]` sequences. +Note that a longer from of the long bracket, `[=[...]=]`, may be required if the regex pattern contains `[...]` sequences. The `[=[...]=]` form may be used as the default form if desired. ```nginx @@ -788,7 +788,7 @@ The `[=[...]=]` form may be used as the default form if desired. # evaluates to "1234" ``` -An alternative approach to escaping PCRE sequences is to ensure that Lua code is placed in external script files and executed using the various `*_by_lua_file` directives. +An alternative approach to escaping PCRE sequences is to ensure that Lua code is placed in external script files and executed using the various `*_by_lua_file` directives. With this approach, the backslashes are only stripped by the Lua language parser and therefore only need to be escaped once each. ```lua @@ -800,8 +800,8 @@ With this approach, the backslashes are only stripped by the Lua language parser -- evaluates to "1234" ``` -Within external script files, PCRE sequences presented as long-bracketed Lua string literals do not require modification. - +Within external script files, PCRE sequences presented as long-bracketed Lua string literals do not require modification. + ```lua -- test.lua @@ -1152,7 +1152,7 @@ The ngx_lua module does not support the `stat` mode available with the Apache `mod_lua` module (yet). Disabling the Lua code cache is strongly -discouraged for production use and should only be used during +discouraged for production use and should only be used during development as it has a significant negative impact on overall performance. For example, the performance a "hello world" Lua example can drop by an order of magnitude after disabling the Lua code cache. [Back to TOC](#directives) @@ -1538,15 +1538,15 @@ set_by_lua_file **phase:** *rewrite* -Equivalent to [set_by_lua](#set_by_lua), except that the file specified by `` contains the Lua code, or, as from the `v0.5.0rc32` release, the [Lua/LuaJIT bytecode](#lualuajit-bytecode-support) to be executed. +Equivalent to [set_by_lua](#set_by_lua), except that the file specified by `` contains the Lua code, or, as from the `v0.5.0rc32` release, the [Lua/LuaJIT bytecode](#lualuajit-bytecode-support) to be executed. Nginx variable interpolation is supported in the `` argument string of this directive. But special care must be taken for injection attacks. When a relative path like `foo/bar.lua` is given, they will be turned into the absolute path relative to the `server prefix` path determined by the `-p PATH` command-line option while starting the Nginx server. -When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached +When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached and the Nginx config must be reloaded each time the Lua source file is modified. -The Lua code cache can be temporarily disabled during development by +The Lua code cache can be temporarily disabled during development by switching [lua_code_cache](#lua_code_cache) `off` in `nginx.conf` to avoid reloading Nginx. This directive requires the [ngx_devel_kit](https://github.com/simpl/ngx_devel_kit) module. @@ -1565,7 +1565,7 @@ content_by_lua **WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; use the new [content_by_lua_block](#content_by_lua_block) directive instead. -Acts as a "content handler" and executes Lua code string specified in `` for every request. +Acts as a "content handler" and executes Lua code string specified in `` for every request. The Lua code may make [API calls](#nginx-api-for-lua) and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). Do not use this directive and other content handler directives in the same location. For example, this directive and the [proxy_pass](http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass) directive should not be used in the same location. @@ -1614,9 +1614,9 @@ Nginx variables can be used in the `` string to provide When a relative path like `foo/bar.lua` is given, they will be turned into the absolute path relative to the `server prefix` path determined by the `-p PATH` command-line option while starting the Nginx server. -When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached +When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached and the Nginx config must be reloaded each time the Lua source file is modified. -The Lua code cache can be temporarily disabled during development by +The Lua code cache can be temporarily disabled during development by switching [lua_code_cache](#lua_code_cache) `off` in `nginx.conf` to avoid reloading Nginx. Nginx variables are supported in the file path for dynamic dispatch, for example: @@ -1934,7 +1934,7 @@ Nginx variables can be used in the `` string to provide When a relative path like `foo/bar.lua` is given, they will be turned into the absolute path relative to the `server prefix` path determined by the `-p PATH` command-line option while starting the Nginx server. -When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached +When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached and the Nginx config must be reloaded each time the Lua source file is modified. The Lua code cache can be temporarily disabled during development by switching [lua_code_cache](#lua_code_cache) `off` in `nginx.conf` to avoid repeatedly reloading Nginx. @@ -2175,7 +2175,7 @@ Runs the Lua source code inlined as the `` at the `log` request Note that the following API functions are currently disabled within this context: * Output API functions (e.g., [ngx.say](#ngxsay) and [ngx.send_headers](#ngxsend_headers)) -* Control API functions (e.g., [ngx.exit](#ngxexit)) +* Control API functions (e.g., [ngx.exit](#ngxexit)) * Subrequest API functions (e.g., [ngx.location.capture](#ngxlocationcapture) and [ngx.location.capture_multi](#ngxlocationcapture_multi)) * Cosocket API functions (e.g., [ngx.socket.tcp](#ngxsockettcp) and [ngx.req.socket](#ngxreqsocket)). @@ -3439,7 +3439,7 @@ ngx.ctx ------- **context:** *init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua** -This table can be used to store per-request Lua context data and has a life time identical to the current request (as with the Nginx variables). +This table can be used to store per-request Lua context data and has a life time identical to the current request (as with the Nginx variables). Consider the following example, @@ -3702,7 +3702,7 @@ The `args` option can also take plain query strings: This is functionally identical to the previous examples. -The `share_all_vars` option controls whether to share nginx variables among the current request and its subrequests. +The `share_all_vars` option controls whether to share nginx variables among the current request and its subrequests. If this option is set to `true`, then the current request and associated subrequests will share the same Nginx variable scope. Hence, changes to Nginx variables made by a subrequest will affect the current request. Care should be taken in using this option as variable scope sharing can have unexpected side effects. The `args`, `vars`, or `copy_all_vars` options are generally preferable instead. @@ -3769,7 +3769,7 @@ In addition to the two settings above, it is possible to specify values for variables in the subrequest using the `vars` option. These variables are set after the sharing or copying of variables has been evaluated, and provides a more efficient method of passing specific -values to a subrequest over encoding them as URL arguments and +values to a subrequest over encoding them as URL arguments and unescaping them in the Nginx config file. ```nginx @@ -3854,7 +3854,7 @@ Note that subrequests issued by [ngx.location.capture](#ngxlocationcapture) inhe request headers of the current request by default and that this may have unexpected side effects on the subrequest responses. For example, when using the standard `ngx_proxy` module to serve subrequests, an "Accept-Encoding: gzip" header in the main request may result -in gzipped responses that cannot be handled properly in Lua code. Original request headers should be ignored by setting +in gzipped responses that cannot be handled properly in Lua code. Original request headers should be ignored by setting [proxy_pass_request_headers](http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_pass_request_headers) to `off` in subrequest locations. When the `body` option is not specified and the `always_forward_body` option is false (the default value), the `POST` and `PUT` subrequests will inherit the request bodies of the parent request (if any). @@ -3994,7 +3994,7 @@ will yield Set-Cookie: b=4; path=/ ``` -in the response headers. +in the response headers. Only Lua tables are accepted (Only the last element in the table will take effect for standard headers such as `Content-Type` that only accept a single value). @@ -4026,7 +4026,7 @@ The same applies to assigning an empty table: Setting `ngx.header.HEADER` after sending out response headers (either explicitly with [ngx.send_headers](#ngxsend_headers) or implicitly with [ngx.print](#ngxprint) and similar) will throw out a Lua exception. -Reading `ngx.header.HEADER` will return the value of the response header named `HEADER`. +Reading `ngx.header.HEADER` will return the value of the response header named `HEADER`. Underscores (`_`) in the header names will also be replaced by dashes (`-`) and the header names will be matched case-insensitively. If the response header is not present at all, `nil` will be returned. @@ -4537,7 +4537,7 @@ That is, they will take Lua boolean values `true`. However, they are different f Empty key arguments are discarded. `POST /test` with body `=hello&=world` will yield empty outputs for instance. -Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. +Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. However, the optional `max_args` function argument can be used to override this limit: @@ -4598,7 +4598,7 @@ the value of `ngx.req.get_headers()["Foo"]` will be a Lua (array) table such as: {"foo", "bar", "baz"} ``` -Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks. +Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks. However, the optional `max_headers` function argument can be used to override this limit: @@ -6007,7 +6007,7 @@ When the `replace` is a string, then it is treated as a special template for str where `$0` referring to the whole substring matched by the pattern and `$1` referring to the first parenthesized capturing substring. -Curly braces can also be used to disambiguate variable names from the background string literals: +Curly braces can also be used to disambiguate variable names from the background string literals: ```lua diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 876e7d9970..5b1d8bcc2b 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -16,34 +16,34 @@ This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/t # set search paths for pure Lua external libraries (';;' is the default path): lua_package_path '/foo/bar/?.lua;/blah/?.lua;;'; - + # set search paths for Lua external libraries written in C (can also use ';;'): lua_package_cpath '/bar/baz/?.so;/blah/blah/?.so;;'; - + server { location /lua_content { # MIME type determined by default_type: default_type 'text/plain'; - + content_by_lua_block { ngx.say('Hello,world!') } } - + location /nginx_var { # MIME type determined by default_type: default_type 'text/plain'; - + # try access /nginx_var?a=hello,world content_by_lua_block { ngx.say(ngx.var.arg_a) } } - + location = /request_body { client_max_body_size 50k; client_body_buffer_size 50k; - + content_by_lua_block { ngx.req.read_body() -- explicitly read the req body local data = ngx.req.get_body_data() @@ -62,13 +62,13 @@ This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/t end } } - + # transparent non-blocking I/O in Lua via subrequests # (well, a better way is to use cosockets) location = /lua { # MIME type determined by default_type: default_type 'text/plain'; - + content_by_lua_block { local res = ngx.location.capture("/some_other_location") if res then @@ -78,23 +78,23 @@ This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/t end } } - + location = /foo { rewrite_by_lua_block { res = ngx.location.capture("/memc", { args = { cmd = "incr", key = ngx.var.uri } } ) } - + proxy_pass http://blah.blah.com; } - + location = /mixed { rewrite_by_lua_file /path/to/rewrite.lua; access_by_lua_file /path/to/access.lua; content_by_lua_file /path/to/content.lua; } - + # use nginx var in code path # WARNING: contents in nginx var must be carefully filtered, # otherwise there'll be great security risk! @@ -102,27 +102,27 @@ This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/t set $path $1; content_by_lua_file /path/to/lua/app/root/$path.lua; } - + location / { client_max_body_size 100k; client_body_buffer_size 100k; - + access_by_lua_block { -- check the client IP address is in our black list if ngx.var.remote_addr == "132.5.72.3" then ngx.exit(ngx.HTTP_FORBIDDEN) end - + -- check if the URI contains bad words if ngx.var.uri and string.match(ngx.var.request_body, "evil") then return ngx.redirect("/terms_of_use.html") end - + -- tests passed } - + # proxy_pass/fastcgi_pass/etc settings } } @@ -220,17 +220,17 @@ Build the source with this module: # tell nginx's build system where to find LuaJIT 2.1: export LUAJIT_LIB=/path/to/luajit/lib export LUAJIT_INC=/path/to/luajit/include/luajit-2.1 - + # or tell where to find Lua if using Lua instead: #export LUA_LIB=/path/to/lua/lib #export LUA_INC=/path/to/lua/include - + # Here we assume Nginx is to be installed under /opt/nginx/. ./configure --prefix=/opt/nginx \ --with-ld-opt="-Wl,-rpath,/path/to/luajit-or-lua/lib" \ --add-module=/path/to/ngx_devel_kit \ --add-module=/path/to/lua-nginx-module - + make -j2 make install @@ -451,7 +451,7 @@ Here is a complete small example: cat = 4, pig = 5, } - + function _M.get_age(name) return data[name] end @@ -495,9 +495,9 @@ If server-wide data sharing is required, then use one or more of the following a = Known Issues = == TCP socket connect operation issues == -The [[#tcpsock:connect|tcpsock:connect]] method may indicate success despite connection failures such as with Connection Refused errors. +The [[#tcpsock:connect|tcpsock:connect]] method may indicate success despite connection failures such as with Connection Refused errors. -However, later attempts to manipulate the cosocket object will fail and return the actual error status message generated by the failed connect operation. +However, later attempts to manipulate the cosocket object will fail and return the actual error status message generated by the failed connect operation. This issue is due to limitations in the Nginx event model and only appears to affect Mac OS X. @@ -606,7 +606,7 @@ To avoid this, ''double'' escape the backslash: Here, \\\\d+ is stripped down to \\d+ by the Nginx config file parser and this is further stripped down to \d+ by the Lua language parser before running. -Alternatively, the regex pattern can be presented as a long-bracketed Lua string literal by encasing it in "long brackets", [[...]], in which case backslashes have to only be escaped once for the Nginx config file parser. +Alternatively, the regex pattern can be presented as a long-bracketed Lua string literal by encasing it in "long brackets", [[...]], in which case backslashes have to only be escaped once for the Nginx config file parser. # nginx.conf @@ -622,7 +622,7 @@ Alternatively, the regex pattern can be presented as a long-bracketed Lua string Here, [[\\d+]] is stripped down to [[\d+]] by the Nginx config file parser and this is processed correctly. -Note that a longer from of the long bracket, [=[...]=], may be required if the regex pattern contains [...] sequences. +Note that a longer from of the long bracket, [=[...]=], may be required if the regex pattern contains [...] sequences. The [=[...]=] form may be used as the default form if desired. @@ -637,7 +637,7 @@ The [=[...]=] form may be used as the default form if desired. # evaluates to "1234" -An alternative approach to escaping PCRE sequences is to ensure that Lua code is placed in external script files and executed using the various *_by_lua_file directives. +An alternative approach to escaping PCRE sequences is to ensure that Lua code is placed in external script files and executed using the various *_by_lua_file directives. With this approach, the backslashes are only stripped by the Lua language parser and therefore only need to be escaped once each. @@ -648,8 +648,8 @@ With this approach, the backslashes are only stripped by the Lua language parser -- evaluates to "1234" -Within external script files, PCRE sequences presented as long-bracketed Lua string literals do not require modification. - +Within external script files, PCRE sequences presented as long-bracketed Lua string literals do not require modification. + -- test.lua local regex = [[\d+]] @@ -897,7 +897,7 @@ The ngx_lua module does not support the stat mode available with th Apache mod_lua module (yet). Disabling the Lua code cache is strongly -discouraged for production use and should only be used during +discouraged for production use and should only be used during development as it has a significant negative impact on overall performance. For example, the performance a "hello world" Lua example can drop by an order of magnitude after disabling the Lua code cache. == lua_regex_cache_max_entries == @@ -1178,15 +1178,15 @@ a time. However, a workaround is possible using the [[#ngx.var.VARIABLE|ngx.var. location /foo { set $diff ''; # we have to predefine the $diff variable here - + set_by_lua $sum ' local a = 32 local b = 56 - + ngx.var.diff = a - b; -- write to $diff directly return a + b; -- return the $sum value normally '; - + echo "sum = $sum, diff = $diff"; } @@ -1236,15 +1236,15 @@ This directive was first introduced in the v0.9.17 release. '''phase:''' ''rewrite'' -Equivalent to [[#set_by_lua|set_by_lua]], except that the file specified by contains the Lua code, or, as from the v0.5.0rc32 release, the [[#Lua/LuaJIT bytecode support|Lua/LuaJIT bytecode]] to be executed. +Equivalent to [[#set_by_lua|set_by_lua]], except that the file specified by contains the Lua code, or, as from the v0.5.0rc32 release, the [[#Lua/LuaJIT bytecode support|Lua/LuaJIT bytecode]] to be executed. Nginx variable interpolation is supported in the argument string of this directive. But special care must be taken for injection attacks. When a relative path like foo/bar.lua is given, they will be turned into the absolute path relative to the server prefix path determined by the -p PATH command-line option while starting the Nginx server. -When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached +When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached and the Nginx config must be reloaded each time the Lua source file is modified. -The Lua code cache can be temporarily disabled during development by +The Lua code cache can be temporarily disabled during development by switching [[#lua_code_cache|lua_code_cache]] off in nginx.conf to avoid reloading Nginx. This directive requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_kit] module. @@ -1260,7 +1260,7 @@ This directive requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_ki '''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; use the new [[#content_by_lua_block|content_by_lua_block]] directive instead. -Acts as a "content handler" and executes Lua code string specified in for every request. +Acts as a "content handler" and executes Lua code string specified in for every request. The Lua code may make [[#Nginx API for Lua|API calls]] and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). Do not use this directive and other content handler directives in the same location. For example, this directive and the [[HttpProxyModule#proxy_pass|proxy_pass]] directive should not be used in the same location. @@ -1302,9 +1302,9 @@ Nginx variables can be used in the string When a relative path like foo/bar.lua is given, they will be turned into the absolute path relative to the server prefix path determined by the -p PATH command-line option while starting the Nginx server. -When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached +When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached and the Nginx config must be reloaded each time the Lua source file is modified. -The Lua code cache can be temporarily disabled during development by +The Lua code cache can be temporarily disabled during development by switching [[#lua_code_cache|lua_code_cache]] off in nginx.conf to avoid reloading Nginx. Nginx variables are supported in the file path for dynamic dispatch, for example: @@ -1377,7 +1377,7 @@ The right way of doing this is as follows: return ngx.redirect("/bar"); end '; - + echo "res = $b"; } @@ -1389,11 +1389,11 @@ Note that the [http://www.grid.net.ru/nginx/eval.en.html ngx_eval] module can be eval $res { proxy_pass http://foo.com/check-spam; } - + if ($res = 'spam') { rewrite ^ /terms-of-use.html redirect; } - + fastcgi_pass ...; } @@ -1405,7 +1405,7 @@ can be implemented in ngx_lua as: internal; proxy_pass http://foo.com/check-spam; } - + location / { rewrite_by_lua ' local res = ngx.location.capture("/check-spam") @@ -1413,7 +1413,7 @@ can be implemented in ngx_lua as: return ngx.redirect("/terms-of-use.html") end '; - + fastcgi_pass ...; } @@ -1503,12 +1503,12 @@ Note that this handler always runs ''after'' the standard [[HttpAccessModule]]. allow 192.168.1.0/24; allow 10.1.1.0/16; deny all; - + access_by_lua ' local res = ngx.location.capture("/mysql", { ... }) ... '; - + # proxy_pass/fastcgi_pass/... } @@ -1520,7 +1520,7 @@ Note that the [http://mdounin.ru/hg/ngx_http_auth_request_module/ ngx_auth_reque location / { auth_request /auth; - + # proxy_pass/fastcgi_pass/postgres_pass/... } @@ -1531,18 +1531,18 @@ can be implemented in ngx_lua as: location / { access_by_lua ' local res = ngx.location.capture("/auth") - + if res.status == ngx.HTTP_OK then return end - + if res.status == ngx.HTTP_FORBIDDEN then ngx.exit(res.status) end - + ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR) '; - + # proxy_pass/fastcgi_pass/postgres_pass/... } @@ -1592,7 +1592,7 @@ Nginx variables can be used in the string When a relative path like foo/bar.lua is given, they will be turned into the absolute path relative to the server prefix path determined by the -p PATH command-line option while starting the Nginx server. -When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached +When the Lua code cache is turned on (by default), the user code is loaded once at the first request and cached and the Nginx config must be reloaded each time the Lua source file is modified. The Lua code cache can be temporarily disabled during development by switching [[#lua_code_cache|lua_code_cache]] off in nginx.conf to avoid repeatedly reloading Nginx. @@ -1805,7 +1805,7 @@ Runs the Lua source code inlined as the at the @@ -2781,7 +2781,7 @@ There is a hard coded 2048 byte limitation on error message lengths == ngx.ctx == '''context:''' ''init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*'' -This table can be used to store per-request Lua context data and has a life time identical to the current request (as with the Nginx variables). +This table can be used to store per-request Lua context data and has a life time identical to the current request (as with the Nginx variables). Consider the following example, @@ -2817,7 +2817,7 @@ Every request, including subrequests, has its own copy of the table. For example ngx.say("sub post: ", ngx.ctx.blah) } } - + location /main { content_by_lua_block { ngx.ctx.blah = 73 @@ -2848,7 +2848,7 @@ Internal redirection will destroy the original request ngx.ctx data ngx.say(ngx.ctx.foo) } } - + location /orig { content_by_lua_block { ngx.ctx.foo = "hello" @@ -3025,7 +3025,7 @@ The args option can also take plain query strings: This is functionally identical to the previous examples. -The share_all_vars option controls whether to share nginx variables among the current request and its subrequests. +The share_all_vars option controls whether to share nginx variables among the current request and its subrequests. If this option is set to true, then the current request and associated subrequests will share the same Nginx variable scope. Hence, changes to Nginx variables made by a subrequest will affect the current request. Care should be taken in using this option as variable scope sharing can have unexpected side effects. The args, vars, or copy_all_vars options are generally preferable instead. @@ -3090,7 +3090,7 @@ In addition to the two settings above, it is possible to specify values for variables in the subrequest using the vars option. These variables are set after the sharing or copying of variables has been evaluated, and provides a more efficient method of passing specific -values to a subrequest over encoding them as URL arguments and +values to a subrequest over encoding them as URL arguments and unescaping them in the Nginx config file. @@ -3172,7 +3172,7 @@ Note that subrequests issued by [[#ngx.location.capture|ngx.location.capture]] i request headers of the current request by default and that this may have unexpected side effects on the subrequest responses. For example, when using the standard ngx_proxy module to serve subrequests, an "Accept-Encoding: gzip" header in the main request may result -in gzipped responses that cannot be handled properly in Lua code. Original request headers should be ignored by setting +in gzipped responses that cannot be handled properly in Lua code. Original request headers should be ignored by setting [[HttpProxyModule#proxy_pass_request_headers|proxy_pass_request_headers]] to off in subrequest locations. When the body option is not specified and the always_forward_body option is false (the default value), the POST and PUT subrequests will inherit the request bodies of the parent request (if any). @@ -3202,11 +3202,11 @@ This function issues several parallel subrequests specified by the input table a { "/bar" }, { "/baz", { method = ngx.HTTP_POST, body = "hello" } }, } - + if res1.status == ngx.HTTP_OK then ... end - + if res2.body == "BLAH" then ... end @@ -3224,10 +3224,10 @@ Lua tables can be used for both requests and responses when the number of subreq table.insert(reqs, { "/postgres" }) table.insert(reqs, { "/redis" }) table.insert(reqs, { "/memcached" }) - + -- issue all the requests at once and wait until they all return local resps = { ngx.location.capture_multi(reqs) } - + -- loop over the responses table for i, resp in ipairs(resps) do -- process the response table "resp" @@ -3279,7 +3279,7 @@ The header names are matched case-insensitively. -- equivalent to ngx.header["Content-Type"] = 'text/plain' ngx.header.content_type = 'text/plain'; - + ngx.header["X-My-Header"] = 'blah blah'; @@ -3296,7 +3296,7 @@ will yield Set-Cookie: b=4; path=/ -in the response headers. +in the response headers. Only Lua tables are accepted (Only the last element in the table will take effect for standard headers such as Content-Type that only accept a single value). @@ -3324,7 +3324,7 @@ The same applies to assigning an empty table: Setting ngx.header.HEADER after sending out response headers (either explicitly with [[#ngx.send_headers|ngx.send_headers]] or implicitly with [[#ngx.print|ngx.print]] and similar) will throw out a Lua exception. -Reading ngx.header.HEADER will return the value of the response header named HEADER. +Reading ngx.header.HEADER will return the value of the response header named HEADER. Underscores (_) in the header names will also be replaced by dashes (-) and the header names will be matched case-insensitively. If the response header is not present at all, nil will be returned. @@ -3656,8 +3656,8 @@ Arguments without the = parts are treated as boolean argumen That is, they will take Lua boolean values true. However, they are different from arguments taking empty string values. GET /test?foo=&bar= will give something like - foo: - bar: + foo: + bar: Empty key arguments are discarded. GET /test?=hello&=world will yield an empty output for instance. @@ -3761,13 +3761,13 @@ Arguments without the = parts are treated as boolean argumen That is, they will take Lua boolean values true. However, they are different from arguments taking empty string values. POST /test with request body foo=&bar= will return something like - foo: - bar: + foo: + bar: Empty key arguments are discarded. POST /test with body =hello&=world will yield empty outputs for instance. -Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. +Note that a maximum of 100 request arguments are parsed by default (including those with the same name) and that additional request arguments are silently discarded to guard against potential denial of service attacks. However, the optional max_args function argument can be used to override this limit: @@ -3819,7 +3819,7 @@ the value of ngx.req.get_headers()["Foo"] will be a Lua (array) tab {"foo", "bar", "baz"} -Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks. +Note that a maximum of 100 request headers are parsed by default (including those with the same name) and that additional request headers are silently discarded to guard against potential denial of service attacks. However, the optional max_headers function argument can be used to override this limit: @@ -5025,7 +5025,7 @@ When the replace is a string, then it is treated as a special templ where $0 referring to the whole substring matched by the pattern and $1 referring to the first parenthesized capturing substring. -Curly braces can also be used to disambiguate variable names from the background string literals: +Curly braces can also be used to disambiguate variable names from the background string literals: local newstr, n, err = ngx.re.sub("hello, 1234", "[0-9]", "${0}00") @@ -6188,7 +6188,7 @@ Then it will generate the output ngx.thread.spawn(query_mysql) -- create thread 1 ngx.thread.spawn(query_memcached) -- create thread 2 - ngx.thread.spawn(query_http) -- create thread 3 + ngx.thread.spawn(query_http) -- create thread 3 This API was first enabled in the v0.7.0 release. @@ -6414,7 +6414,7 @@ One can also create infinite re-occurring timers, for instance, a timer getting return end end - + local ok, err = ngx.timer.at(delay, handler) if not ok then ngx.log(ngx.ERR, "failed to create the timer: ", err) From db28ece8e4c3c7956e07305654f750c472be0393 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 1 Dec 2016 10:24:53 -0800 Subject: [PATCH 035/136] doc: a typo fix from Andrei Belov. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 21f0816d4e..bc16200531 100644 --- a/README.markdown +++ b/README.markdown @@ -2884,7 +2884,7 @@ lua_http10_buffering **context:** *http, server, location, location-if* -Enables or disables automatic response buffering for HTTP 1.0 (or older) requests. This buffering mechanism is mainly used for HTTP 1.0 keep-alive which replies on a proper `Content-Length` response header. +Enables or disables automatic response buffering for HTTP 1.0 (or older) requests. This buffering mechanism is mainly used for HTTP 1.0 keep-alive which relies on a proper `Content-Length` response header. If the Lua code explicitly sets a `Content-Length` response header before sending the headers (either explicitly via [ngx.send_headers](#ngxsend_headers) or implicitly via the first [ngx.say](#ngxsay) or [ngx.print](#ngxprint) call), then the HTTP 1.0 response buffering will be disabled even when this directive is turned on. diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 5b1d8bcc2b..693275ca44 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -2431,7 +2431,7 @@ See also [[#lua_ssl_trusted_certificate|lua_ssl_trusted_certificate]]. '''context:''' ''http, server, location, location-if'' -Enables or disables automatic response buffering for HTTP 1.0 (or older) requests. This buffering mechanism is mainly used for HTTP 1.0 keep-alive which replies on a proper Content-Length response header. +Enables or disables automatic response buffering for HTTP 1.0 (or older) requests. This buffering mechanism is mainly used for HTTP 1.0 keep-alive which relies on a proper Content-Length response header. If the Lua code explicitly sets a Content-Length response header before sending the headers (either explicitly via [[#ngx.send_headers|ngx.send_headers]] or implicitly via the first [[#ngx.say|ngx.say]] or [[#ngx.print|ngx.print]] call), then the HTTP 1.0 response buffering will be disabled even when this directive is turned on. From 7c9503493501573a8383c6a59cf13b4131ae7826 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 12 Dec 2016 18:28:24 -0800 Subject: [PATCH 036/136] tests: added a passing test for ngx.re.find + \G regexes. --- t/120-re-find.t | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/t/120-re-find.t b/t/120-re-find.t index 34c0207ea5..92e33bdab0 100644 --- a/t/120-re-find.t +++ b/t/120-re-find.t @@ -891,3 +891,29 @@ not matched! --- no_error_log [error] + + +=== TEST 31: match with ctx and a pos (anchored by \G) +--- config + location /re { + content_by_lua ' + local ctx = { pos = 3 } + local from, to, err = ngx.re.find("1234, hello", [[(\G[0-9]+)]], "", ctx) + if from then + ngx.say("from: ", from) + ngx.say("to: ", to) + ngx.say("pos: ", ctx.pos) + else + ngx.say("not matched!") + ngx.say("pos: ", ctx.pos) + end + '; + } +--- request + GET /re +--- response_body +from: 3 +to: 4 +pos: 5 +--- no_error_log +[error] From 26be99deffc369608b9b10e558ad6fa5dfc3c03c Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 14 Dec 2016 12:34:33 -0800 Subject: [PATCH 037/136] tests: t/090-log-socket-errors.t: avoided connecting to 8.8.8.8:80. --- t/090-log-socket-errors.t | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/t/090-log-socket-errors.t b/t/090-log-socket-errors.t index a5943c27c6..1c3099d6e2 100644 --- a/t/090-log-socket-errors.t +++ b/t/090-log-socket-errors.t @@ -11,6 +11,8 @@ repeat_each(2); plan tests => repeat_each() * (blocks() * 3); +$ENV{TEST_NGINX_RESOLVER} ||= '8.8.8.8'; + #no_diff(); #no_long_string(); run_tests(); @@ -19,12 +21,14 @@ __DATA__ === TEST 1: log socket errors off (tcp) --- config + resolver $TEST_NGINX_RESOLVER; + location /t { lua_socket_connect_timeout 1ms; lua_socket_log_errors off; content_by_lua ' local sock = ngx.socket.tcp() - local ok, err = sock:connect("8.8.8.8", 80) + local ok, err = sock:connect("agentzh.org", 12345) ngx.say(err) '; } @@ -39,12 +43,14 @@ timeout === TEST 2: log socket errors on (tcp) --- config + resolver $TEST_NGINX_RESOLVER; + location /t { lua_socket_connect_timeout 1ms; lua_socket_log_errors on; content_by_lua ' local sock = ngx.socket.tcp() - local ok, err = sock:connect("8.8.8.8", 80) + local ok, err = sock:connect("agentzh.org", 12345) ngx.say(err) '; } @@ -59,12 +65,14 @@ lua tcp socket connect timed out === TEST 3: log socket errors on (udp) --- config + resolver $TEST_NGINX_RESOLVER; + location /t { lua_socket_log_errors on; lua_socket_read_timeout 1ms; content_by_lua ' local sock = ngx.socket.udp() - local ok, err = sock:setpeername("8.8.8.8", 80) + local ok, err = sock:setpeername("agentzh.org", 12345) ok, err = sock:receive() ngx.say(err) '; @@ -80,12 +88,14 @@ lua udp socket read timed out === TEST 4: log socket errors off (udp) --- config + resolver $TEST_NGINX_RESOLVER; + location /t { lua_socket_log_errors off; lua_socket_read_timeout 1ms; content_by_lua ' local sock = ngx.socket.udp() - local ok, err = sock:setpeername("8.8.8.8", 80) + local ok, err = sock:setpeername("agentzh.org", 12345) ok, err = sock:receive() ngx.say(err) '; @@ -96,4 +106,3 @@ GET /t timeout --- no_error_log [error] - From 9ed76a7328aa65e265b9140b319bf18e070ae317 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Wed, 14 Dec 2016 23:07:51 +0500 Subject: [PATCH 038/136] travis-ci: several improvements. * moved mysql to the right place * simplified wget calls * no, we were not going to cache drizzle (cache only works on successful build) * apt actually does not cache (I've looked to the travis-ci sources) Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/.travis.yml b/.travis.yml index dc1185e106..28d0f087ec 100644 --- a/.travis.yml +++ b/.travis.yml @@ -12,7 +12,6 @@ compiler: addons: apt: packages: - - mysql-server - axel - cpanminus - libtest-base-perl @@ -24,7 +23,6 @@ addons: - libgd-dev cache: - apt: true directories: - download-cache @@ -57,13 +55,12 @@ env: services: - memcache - redis-server + - mysql install: - - if [ ! -d download-cache ]; then mkdir download-cache; fi - - rm -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz # alas, we may end up with corrupted drizzle tarball stuck in the download-cache/ forever. - - if [ ! -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz ]; then wget -O download-cache/drizzle7-$DRIZZLE_VER.tar.gz http://openresty.org/download/drizzle7-$DRIZZLE_VER.tar.gz; fi - - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -O download-cache/pcre-$PCRE_VER.tar.gz http://ftp.cs.stanford.edu/pub/exim/pcre/pcre-$PCRE_VER.tar.gz; fi - - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -O download-cache/openssl-$OPENSSL_VER.tar.gz https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz; fi + - if [ ! -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz ]; then wget -P download-cache http://openresty.org/download/drizzle7-$DRIZZLE_VER.tar.gz; fi + - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache http://ftp.cs.stanford.edu/pub/exim/pcre/pcre-$PCRE_VER.tar.gz; fi + - if [ ! -f download-cache/openssl-$OPENSSL_VER.tar.gz ]; then wget -P download-cache https://www.openssl.org/source/openssl-$OPENSSL_VER.tar.gz; fi - git clone https://github.com/openresty/test-nginx.git - git clone https://github.com/openresty/openresty.git ../openresty - git clone https://github.com/openresty/no-pool-nginx.git ../no-pool-nginx From 6e38c11eb401b9e8afa88ed51d78e1e2a989f1ae Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 14 Dec 2016 15:23:00 -0800 Subject: [PATCH 039/136] tests: disable IPv6 in resolver. --- t/014-bugs.t | 2 +- t/023-rewrite/tcp-socket-timeout.t | 28 ++++++++++----------- t/058-tcp-socket.t | 26 +++++++++---------- t/065-tcp-socket-timeout.t | 40 +++++++++++++++--------------- t/090-log-socket-errors.t | 8 +++--- t/091-coroutine.t | 8 +++--- t/124-init-worker.t | 2 +- t/127-uthread-kill.t | 2 +- t/142-ssl-session-store.t | 24 +++++++++--------- t/143-ssl-session-fetch.t | 24 +++++++++--------- t/147-tcp-socket-timeouts.t | 2 +- 11 files changed, 83 insertions(+), 83 deletions(-) diff --git a/t/014-bugs.t b/t/014-bugs.t index 44337e325b..8e5ee3f7f2 100644 --- a/t/014-bugs.t +++ b/t/014-bugs.t @@ -849,7 +849,7 @@ ok "lua_package_path '$::HtmlDir/?.lua;./?.lua';" --- config location /t { - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; set $myhost 'agentzh.org.'; proxy_pass http://$myhost/misc/.vimrc; } diff --git a/t/023-rewrite/tcp-socket-timeout.t b/t/023-rewrite/tcp-socket-timeout.t index 79cd0b9495..68a27059a7 100644 --- a/t/023-rewrite/tcp-socket-timeout.t +++ b/t/023-rewrite/tcp-socket-timeout.t @@ -41,7 +41,7 @@ __DATA__ --- config server_tokens off; lua_socket_connect_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t1 { rewrite_by_lua ' @@ -73,7 +73,7 @@ lua tcp socket connect timed out server_tokens off; lua_socket_connect_timeout 60s; lua_socket_log_errors off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t2 { rewrite_by_lua ' @@ -108,7 +108,7 @@ lua tcp socket connect timeout: 150 server_tokens off; lua_socket_log_errors off; lua_socket_connect_timeout 102ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; #resolver_timeout 3s; location /t3 { rewrite_by_lua ' @@ -143,7 +143,7 @@ lua tcp socket connect timeout: 102 server_tokens off; lua_socket_connect_timeout 102ms; lua_socket_log_errors off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t4 { rewrite_by_lua ' @@ -179,7 +179,7 @@ lua tcp socket connect timeout: 102 server_tokens off; lua_socket_connect_timeout 102ms; lua_socket_log_errors off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t5 { rewrite_by_lua ' @@ -251,7 +251,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 60s; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -292,7 +292,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -333,7 +333,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -375,7 +375,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -416,7 +416,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_send_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -455,7 +455,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 60s; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -496,7 +496,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -537,7 +537,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() @@ -578,7 +578,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { rewrite_by_lua ' local sock = ngx.socket.tcp() diff --git a/t/058-tcp-socket.t b/t/058-tcp-socket.t index 5b0d79005a..4734926a16 100644 --- a/t/058-tcp-socket.t +++ b/t/058-tcp-socket.t @@ -200,7 +200,7 @@ attempt to send data on a closed socket: --- timeout: 10 --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' @@ -290,7 +290,7 @@ qr/connect\(\) failed \(\d+: Connection refused\)/ === TEST 6: connection timeout (tcp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_socket_connect_timeout 100ms; lua_socket_send_timeout 100ms; lua_socket_read_timeout 100ms; @@ -362,7 +362,7 @@ connected: 1 === TEST 8: resolver error (host not found) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' @@ -403,7 +403,7 @@ attempt to send data on a closed socket === TEST 9: resolver error (timeout) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 1ms; location /t { content_by_lua ' @@ -1995,7 +1995,7 @@ close: 1 nil === TEST 33: github issue #215: Handle the posted requests in lua cosocket api (failed to resolve) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location = /sub { content_by_lua ' @@ -2136,7 +2136,7 @@ close: nil closed --- config server_tokens off; lua_socket_read_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -2178,7 +2178,7 @@ lua tcp socket read timed out === TEST 37: successful reread after a read time out happen (receive -> receive) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -2255,7 +2255,7 @@ lua tcp socket read timed out === TEST 38: successful reread after a read time out happen (receive -> receiveuntil) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -2335,7 +2335,7 @@ lua tcp socket read timed out === TEST 39: successful reread after a read time out happen (receiveuntil -> receiveuntil) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -2417,7 +2417,7 @@ lua tcp socket read timed out === TEST 40: successful reread after a read time out happen (receiveuntil -> receive) --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -3015,7 +3015,7 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):16: bad request/ === TEST 50: cosocket resolving aborted by coroutine yielding failures (require) --- http_config lua_package_path "$prefix/html/?.lua;;"; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; --- config location = /t { @@ -3049,7 +3049,7 @@ runtime error: attempt to yield across C-call boundary === TEST 51: cosocket resolving aborted by coroutine yielding failures (xpcall err) --- http_config lua_package_path "$prefix/html/?.lua;;"; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; --- config location = /t { @@ -3307,7 +3307,7 @@ close: 1 nil --- config server_tokens off; lua_socket_connect_timeout 1s; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' diff --git a/t/065-tcp-socket-timeout.t b/t/065-tcp-socket-timeout.t index ec7989128b..6f903e89f1 100644 --- a/t/065-tcp-socket-timeout.t +++ b/t/065-tcp-socket-timeout.t @@ -46,7 +46,7 @@ __DATA__ --- config server_tokens off; lua_socket_connect_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' @@ -75,7 +75,7 @@ lua tcp socket connect timed out --- config server_tokens off; lua_socket_connect_timeout 60s; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' @@ -105,7 +105,7 @@ lua tcp socket connect timed out --- config server_tokens off; lua_socket_connect_timeout 102ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -133,7 +133,7 @@ lua tcp socket connect timed out --- config server_tokens off; lua_socket_connect_timeout 102ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' @@ -163,7 +163,7 @@ lua tcp socket connect timed out --- config server_tokens off; lua_socket_connect_timeout 102ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -191,7 +191,7 @@ lua tcp socket connect timed out --- config server_tokens off; lua_socket_read_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -228,7 +228,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 60s; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -267,7 +267,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -306,7 +306,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -346,7 +346,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_read_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -385,7 +385,7 @@ lua tcp socket read timed out --- config server_tokens off; lua_socket_send_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -436,7 +436,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 60s; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -475,7 +475,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -514,7 +514,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -553,7 +553,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_send_timeout 102ms; - #resolver $TEST_NGINX_RESOLVER; + #resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -686,7 +686,7 @@ after --- config server_tokens off; lua_socket_connect_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /t { content_by_lua ' @@ -724,7 +724,7 @@ lua tcp socket connect timed out --- config server_tokens off; lua_socket_send_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -779,7 +779,7 @@ lua tcp socket write timed out === TEST 19: abort when upstream sockets pending on writes --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() @@ -832,7 +832,7 @@ lua tcp socket write timed out === TEST 20: abort when downstream socket pending on writes --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' ngx.send_headers() @@ -888,7 +888,7 @@ lua tcp socket write timed out --- config server_tokens off; lua_socket_read_timeout 100ms; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { content_by_lua ' local sock = ngx.socket.tcp() diff --git a/t/090-log-socket-errors.t b/t/090-log-socket-errors.t index 1c3099d6e2..8e498cdeba 100644 --- a/t/090-log-socket-errors.t +++ b/t/090-log-socket-errors.t @@ -21,7 +21,7 @@ __DATA__ === TEST 1: log socket errors off (tcp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { lua_socket_connect_timeout 1ms; @@ -43,7 +43,7 @@ timeout === TEST 2: log socket errors on (tcp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { lua_socket_connect_timeout 1ms; @@ -65,7 +65,7 @@ lua tcp socket connect timed out === TEST 3: log socket errors on (udp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { lua_socket_log_errors on; @@ -88,7 +88,7 @@ lua udp socket read timed out === TEST 4: log socket errors off (udp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /t { lua_socket_log_errors off; diff --git a/t/091-coroutine.t b/t/091-coroutine.t index b047ccb1f9..5f348c2950 100644 --- a/t/091-coroutine.t +++ b/t/091-coroutine.t @@ -160,7 +160,7 @@ cc3: 2 === TEST 3: basic coroutine and cosocket --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /lua { content_by_lua ' function worker(url) @@ -359,7 +359,7 @@ GET /lua === TEST 7: coroutine wrap and cosocket --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /lua { content_by_lua ' function worker(url) @@ -987,7 +987,7 @@ test10 --- http_config init_by_lua 'return'; --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /lua { content_by_lua ' function worker(url) @@ -1041,7 +1041,7 @@ successfully connected to: agentzh.org init_by_lua_file html/init.lua; --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /lua { content_by_lua ' function worker(url) diff --git a/t/124-init-worker.t b/t/124-init-worker.t index d6ea6754fa..22a943e39e 100644 --- a/t/124-init-worker.t +++ b/t/124-init-worker.t @@ -447,7 +447,7 @@ warn(): Thu, 01 Jan 1970 01:34:38 GMT --- timeout: 10 --- http_config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; init_worker_by_lua ' -- global diff --git a/t/127-uthread-kill.t b/t/127-uthread-kill.t index 2ab8abee15..7e7d3dd6af 100644 --- a/t/127-uthread-kill.t +++ b/t/127-uthread-kill.t @@ -190,7 +190,7 @@ resolve name done: -2 === TEST 4: kill pending connect --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; location /lua { content_by_lua ' local ready = false diff --git a/t/142-ssl-session-store.t b/t/142-ssl-session-store.t index 5c9fad35f6..73b6e1979b 100644 --- a/t/142-ssl-session-store.t +++ b/t/142-ssl-session-store.t @@ -38,7 +38,7 @@ __DATA__ } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -108,7 +108,7 @@ ssl_session_store_by_lua_block:1: ssl session store by lua is running! } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -183,7 +183,7 @@ API disabled in the context of ssl_session_store_by_lua* } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -275,7 +275,7 @@ my timer run! } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -343,7 +343,7 @@ API disabled in the context of ssl_session_store_by_lua* } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -415,7 +415,7 @@ ngx.exit does not yield and the error code is eaten. } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -488,7 +488,7 @@ ssl_session_store_by_lua*: handler return value: 0, sess new cb exit code: 0 } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -556,7 +556,7 @@ should never reached here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -627,7 +627,7 @@ get_phase: ssl_session_store } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -696,7 +696,7 @@ qr/elapsed in ssl cert by lua: 0.(?:09|1[01])\d+,/, } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -778,7 +778,7 @@ a.lua:1: ssl store session by lua is running! } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -849,7 +849,7 @@ qr/\[emerg\] .*? "ssl_session_store_by_lua_block" directive is not allowed here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { diff --git a/t/143-ssl-session-fetch.t b/t/143-ssl-session-fetch.t index bd800ff891..701ead7296 100644 --- a/t/143-ssl-session-fetch.t +++ b/t/143-ssl-session-fetch.t @@ -39,7 +39,7 @@ __DATA__ } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -120,7 +120,7 @@ qr/ssl_session_fetch_by_lua_block:1: ssl fetch sess by lua is running!/s } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -204,7 +204,7 @@ qr/elapsed in ssl fetch session by lua: 0.(?:09|1[01])\d+,/, } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -305,7 +305,7 @@ qr/my timer run!/s } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -385,7 +385,7 @@ qr/received memc reply: OK/s } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -466,7 +466,7 @@ should never reached here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -548,7 +548,7 @@ should never reached here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -629,7 +629,7 @@ should never reached here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -712,7 +712,7 @@ should never reached here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; lua_ssl_verify_depth 3; @@ -793,7 +793,7 @@ should never reached here } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -879,7 +879,7 @@ qr/get_phase: ssl_session_fetch/s --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { @@ -1049,7 +1049,7 @@ qr/\S+:\d+: ssl fetch sess by lua is running!/s } --- config server_tokens off; - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; lua_ssl_trusted_certificate $TEST_NGINX_CERT_DIR/cert/test.crt; location /t { diff --git a/t/147-tcp-socket-timeouts.t b/t/147-tcp-socket-timeouts.t index 52f015aee2..0689a9b29d 100644 --- a/t/147-tcp-socket-timeouts.t +++ b/t/147-tcp-socket-timeouts.t @@ -315,7 +315,7 @@ lua tcp socket write timed out === TEST 5: connection timeout (tcp) --- config - resolver $TEST_NGINX_RESOLVER; + resolver $TEST_NGINX_RESOLVER ipv6=off; resolver_timeout 3s; location /test { content_by_lua_block { From e7031127e33bf84d5e6a241707c06c497f381033 Mon Sep 17 00:00:00 2001 From: Tom Thorogood Date: Thu, 25 Aug 2016 13:26:06 +0930 Subject: [PATCH 040/136] feature: added support for the 303 status code in ngx.redirect(). Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 1 + doc/HttpLuaModule.wiki | 1 + src/ngx_http_lua_control.c | 4 ++- t/022-redirect.t | 53 +++++++++++++++++++++++++++++++++++++- 4 files changed, 57 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index bc16200531..162343ff0f 100644 --- a/README.markdown +++ b/README.markdown @@ -5000,6 +5000,7 @@ The optional `status` parameter specifies the HTTP status code to be used. The f * `301` * `302` (default) +* `303` * `307` It is `302` (`ngx.HTTP_MOVED_TEMPORARILY`) by default. diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 693275ca44..dce94dcccf 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -4165,6 +4165,7 @@ The optional status parameter specifies the HTTP status code to be * 301 * 302 (default) +* 303 * 307 It is 302 (ngx.HTTP_MOVED_TEMPORARILY) by default. diff --git a/src/ngx_http_lua_control.c b/src/ngx_http_lua_control.c index 249d7632c2..ae36505f9d 100644 --- a/src/ngx_http_lua_control.c +++ b/src/ngx_http_lua_control.c @@ -212,10 +212,12 @@ ngx_http_lua_ngx_redirect(lua_State *L) if (rc != NGX_HTTP_MOVED_TEMPORARILY && rc != NGX_HTTP_MOVED_PERMANENTLY + && rc != NGX_HTTP_SEE_OTHER && rc != NGX_HTTP_TEMPORARY_REDIRECT) { return luaL_error(L, "only ngx.HTTP_MOVED_TEMPORARILY, " - "ngx.HTTP_MOVED_PERMANENTLY, and " + "ngx.HTTP_MOVED_PERMANENTLY, " + "ngx.HTTP_SEE_OTHER, and " "ngx.HTTP_TEMPORARY_REDIRECT are allowed"); } diff --git a/t/022-redirect.t b/t/022-redirect.t index 57c7add987..fae39e3adf 100644 --- a/t/022-redirect.t +++ b/t/022-redirect.t @@ -84,7 +84,7 @@ GET /read --- response_body_like: 500 Internal Server Error --- error_code: 500 --- error_log -only ngx.HTTP_MOVED_TEMPORARILY, ngx.HTTP_MOVED_PERMANENTLY, and ngx.HTTP_TEMPORARY_REDIRECT are allowed +only ngx.HTTP_MOVED_TEMPORARILY, ngx.HTTP_MOVED_PERMANENTLY, ngx.HTTP_SEE_OTHER, and ngx.HTTP_TEMPORARY_REDIRECT are allowed @@ -218,3 +218,54 @@ GET /read Location: http://agentzh.org/foo?a=b&c=d --- response_body_like: 307 Temporary Redirect --- error_code: 307 + + + +=== TEST 12: explicit 303 +--- config + location /read { + content_by_lua_block { + ngx.redirect("http://agentzh.org/foo", ngx.HTTP_SEE_OTHER); + ngx.say("hi") + } + } +--- request +GET /read +--- response_headers +Location: http://agentzh.org/foo +--- response_body_like: 303 See Other +--- error_code: 303 + + + +=== TEST 13: explicit 303 with args +--- config + location /read { + content_by_lua_block { + ngx.redirect("http://agentzh.org/foo?a=b&c=d", ngx.HTTP_SEE_OTHER); + ngx.say("hi") + } + } +--- request +GET /read +--- response_headers +Location: http://agentzh.org/foo?a=b&c=d +--- response_body_like: 303 See Other +--- error_code: 303 + + + +=== TEST 14: explicit 303 +--- config + location /read { + content_by_lua_block { + ngx.redirect("http://agentzh.org/foo?a=b&c=d", 303); + ngx.say("hi") + } + } +--- request +GET /read +--- response_headers +Location: http://agentzh.org/foo?a=b&c=d +--- response_body_like: 303 See Other +--- error_code: 303 From 3cf7062366af4ec79e4047140b96d6a184ed5070 Mon Sep 17 00:00:00 2001 From: Ilya Shipitsin Date: Sat, 17 Dec 2016 21:15:58 +0700 Subject: [PATCH 041/136] travis-ci: cosmetic "wget" improvement. Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 28d0f087ec..e85f77d926 100644 --- a/.travis.yml +++ b/.travis.yml @@ -104,7 +104,7 @@ script: - cd .. - tar zxf download-cache/openssl-$OPENSSL_VER.tar.gz - cd openssl-$OPENSSL_VER/ - - if [ ! -f ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch ]; then wget -O ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch; fi + - if [ ! -f ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch ]; then wget -P ../download-cache https://raw.githubusercontent.com/openresty/openresty/master/patches/openssl-1.0.2h-sess_set_get_cb_yield.patch; fi - patch -p1 < ../download-cache/openssl-1.0.2h-sess_set_get_cb_yield.patch - ./config shared --prefix=$OPENSSL_PREFIX -DPURIFY > build.log 2>&1 || (cat build.log && exit 1) - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) From 5028d63536ac795dc56a996416f79279f2f13d5d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 18 Dec 2016 14:05:18 -0800 Subject: [PATCH 042/136] doc: updated copyright notice. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 162343ff0f..f7044606f5 100644 --- a/README.markdown +++ b/README.markdown @@ -956,7 +956,7 @@ This module is licensed under the BSD license. Copyright (C) 2009-2016, by Xiaozhe Wang (chaoslawful) . -Copyright (C) 2009-2016, by Yichun "agentzh" Zhang (章亦春) , CloudFlare Inc. +Copyright (C) 2009-2017, by Yichun "agentzh" Zhang (章亦春) , OpenResty Inc. All rights reserved. diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index dce94dcccf..f9b98a4ee5 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -781,7 +781,7 @@ This module is licensed under the BSD license. Copyright (C) 2009-2016, by Xiaozhe Wang (chaoslawful) . -Copyright (C) 2009-2016, by Yichun "agentzh" Zhang (章亦春) , CloudFlare Inc. +Copyright (C) 2009-2017, by Yichun "agentzh" Zhang (章亦春) , OpenResty Inc. All rights reserved. From da11870db65eb827ae00c0b24255ba749aefd060 Mon Sep 17 00:00:00 2001 From: qleex001 Date: Mon, 14 Nov 2016 09:10:07 +0000 Subject: [PATCH 043/136] bugfix: balancer_by_lua*: the number of retres might exceed the limit of proxy_next_upstream_tries or alike. Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 1 + src/ngx_http_lua_balancer.c | 7 +++-- t/138-balancer.t | 57 +++++++++++++++++++++++++++++++++++++ 3 files changed, 62 insertions(+), 3 deletions(-) diff --git a/.travis.yml b/.travis.yml index e85f77d926..07d92b5747 100644 --- a/.travis.yml +++ b/.travis.yml @@ -79,6 +79,7 @@ install: - git clone https://github.com/openresty/rds-json-nginx-module.git ../rds-json-nginx-module - git clone https://github.com/openresty/srcache-nginx-module.git ../srcache-nginx-module - git clone https://github.com/openresty/redis2-nginx-module.git ../redis2-nginx-module + - git clone https://github.com/openresty/lua-resty-core.git ../lua-resty-core - git clone -b v2.1-agentzh https://github.com/openresty/luajit2.git before_script: diff --git a/src/ngx_http_lua_balancer.c b/src/ngx_http_lua_balancer.c index 0adf787350..03d9eac082 100644 --- a/src/ngx_http_lua_balancer.c +++ b/src/ngx_http_lua_balancer.c @@ -640,7 +640,7 @@ ngx_http_lua_ffi_balancer_set_more_tries(ngx_http_request_t *r, int count, char **err) { #if (nginx_version >= 1007005) - ngx_uint_t max_tries; + ngx_uint_t max_tries, total; #endif ngx_http_lua_ctx_t *ctx; ngx_http_upstream_t *u; @@ -681,9 +681,10 @@ ngx_http_lua_ffi_balancer_set_more_tries(ngx_http_request_t *r, #if (nginx_version >= 1007005) max_tries = r->upstream->conf->next_upstream_tries; + total = bp->total_tries + r->upstream->peer.tries - 1; - if (bp->total_tries + count > max_tries) { - count = max_tries - bp->total_tries; + if (max_tries && total + count > max_tries) { + count = max_tries - total; *err = "reduced tries due to limit"; } else { diff --git a/t/138-balancer.t b/t/138-balancer.t index 8d45c24563..b300c2eb27 100644 --- a/t/138-balancer.t +++ b/t/138-balancer.t @@ -431,3 +431,60 @@ qr{\[crit\] .*? connect\(\) to 0\.0\.0\.1:80 failed .*?, upstream: "http://0\.0\ ] --- no_error_log [warn] + + + +=== TEST 15: test if execeed proxy_next_upstream_limit +--- http_config + lua_package_path "../lua-resty-core/lib/?.lua;;"; + + proxy_next_upstream_tries 5; + upstream backend { + server 0.0.0.1; + balancer_by_lua_block { + local b = require "ngx.balancer" + + if not ngx.ctx.tries then + ngx.ctx.tries = 0 + end + + if ngx.ctx.tries >= 6 then + ngx.log(ngx.ERR, "retry count exceed limit") + ngx.exit(500) + end + + ngx.ctx.tries = ngx.ctx.tries + 1 + print("retry counter: ", ngx.ctx.tries) + + local ok, err = b.set_more_tries(2) + if not ok then + return error("failed to set more tries: ", err) + elseif err then + ngx.log(ngx.WARN, "set more tries: ", err) + end + + assert(b.set_current_peer("127.0.0.1", 81)) + } + } +--- config + location = /t { + proxy_pass http://backend/back; + } + + location = /back { + return 404; + } +--- request + GET /t +--- response_body_like: 502 Bad Gateway +--- error_code: 502 +--- grep_error_log eval: qr/\bretry counter: \w+/ +--- grep_error_log_out +retry counter: 1 +retry counter: 2 +retry counter: 3 +retry counter: 4 +retry counter: 5 + +--- error_log +set more tries: reduced tries due to limit From b3c872e124a44d1d76524430fac7e7b03f455e8f Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 26 Dec 2016 21:45:06 -0800 Subject: [PATCH 044/136] added a passing test for #853. thanks jinhua luo for the original test case in openresty/lua-resty-core#58. --- t/138-balancer.t | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/t/138-balancer.t b/t/138-balancer.t index b300c2eb27..fc2617350a 100644 --- a/t/138-balancer.t +++ b/t/138-balancer.t @@ -488,3 +488,41 @@ retry counter: 5 --- error_log set more tries: reduced tries due to limit + + + +=== TEST 16: set_more_tries bugfix +--- http_config + lua_package_path "../lua-resty-core/lib/?.lua;;"; + proxy_next_upstream_tries 0; + upstream backend { + server 0.0.0.1; + balancer_by_lua_block { + local balancer = require "ngx.balancer" + local ctx = ngx.ctx + if not ctx.has_run then + ctx.has_run = true + local _, err = balancer.set_more_tries(3) + if err then + ngx.log(ngx.ERR, "failed to set more tries: ", err) + end + end + balancer.set_current_peer("127.0.0.1", 81) + } + } +--- config + location = /t { + proxy_pass http://backend; + } +--- request + GET /t +--- error_code: 502 +--- grep_error_log eval: qr/http next upstream, \d+/ +--- grep_error_log_out +http next upstream, 2 +http next upstream, 2 +http next upstream, 2 +http next upstream, 2 +--- no_error_log +failed to set more tries: reduced tries due to limit +[alert] From 5fdbb56ad53b6be94f80857e6e625e0969ea9e31 Mon Sep 17 00:00:00 2001 From: WenMing Date: Wed, 21 Dec 2016 09:15:45 +0800 Subject: [PATCH 045/136] bugfix: setting response headers would change the Content-Type response header. thanks leafo for the report in openresty/openresty#92. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_headers.c | 36 ++++++++++++++++++++ t/016-resp-header.t | 70 +++++++++++++++++++++++++++++++++++++- 2 files changed, 105 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_headers.c b/src/ngx_http_lua_headers.c index 0af56f66ad..a7cfc3c74e 100644 --- a/src/ngx_http_lua_headers.c +++ b/src/ngx_http_lua_headers.c @@ -444,6 +444,8 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L) ngx_list_part_t *part; ngx_table_elt_t *header; ngx_http_request_t *r; + ngx_http_lua_ctx_t *ctx; + ngx_int_t rc; u_char *lowcase_key = NULL; size_t lowcase_key_sz = 0; ngx_uint_t i; @@ -475,6 +477,22 @@ ngx_http_lua_ngx_resp_get_headers(lua_State *L) return luaL_error(L, "no request object found"); } + ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); + if (ctx == NULL) { + return luaL_error(L, "no ctx found"); + } + + if (!ctx->headers_set) { + rc = ngx_http_lua_set_content_type(r); + if (rc != NGX_OK) { + return luaL_error(L, + "failed to set default content type: %d", + (int) rc); + } + + ctx->headers_set = 1; + } + ngx_http_lua_check_fake_request(L, r); part = &r->headers_out.headers.part; @@ -603,12 +621,19 @@ ngx_http_lua_ngx_header_get(lua_State *L) ngx_uint_t i; size_t len; ngx_http_lua_loc_conf_t *llcf; + ngx_http_lua_ctx_t *ctx; + ngx_int_t rc; r = ngx_http_lua_get_req(L); if (r == NULL) { return luaL_error(L, "no request object found"); } + ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); + if (ctx == NULL) { + return luaL_error(L, "no ctx found"); + } + ngx_http_lua_check_fake_request(L, r); /* we skip the first argument that is the table */ @@ -640,6 +665,17 @@ ngx_http_lua_ngx_header_get(lua_State *L) key.len = len; + if (!ctx->headers_set) { + rc = ngx_http_lua_set_content_type(r); + if (rc != NGX_OK) { + return luaL_error(L, + "failed to set default content type: %d", + (int) rc); + } + + ctx->headers_set = 1; + } + return ngx_http_lua_get_output_header(L, r, &key); } diff --git a/t/016-resp-header.t b/t/016-resp-header.t index 179b411b8c..1fae2922a5 100644 --- a/t/016-resp-header.t +++ b/t/016-resp-header.t @@ -8,7 +8,7 @@ use Test::Nginx::Socket::Lua; repeat_each(2); -plan tests => repeat_each() * (blocks() * 3 + 38); +plan tests => repeat_each() * (blocks() * 3 + 41); #no_diff(); no_long_string(); @@ -1441,3 +1441,71 @@ Content-Type: ; blah test --- no_error_log [error] + + + +=== TEST 69: return the matched content-type instead of default_type +--- http_config +types { + image/png png; +} +--- config +location /set/ { + default_type text/html; + content_by_lua_block { + ngx.say(ngx.header["content-type"]) + } +} +--- request +GET /set/hello.png +--- response_headers +Content-Type: image/png +--- response_body +image/png +--- no_error_log +[error] + + + +=== TEST 70: always return the matched content-type +--- config + location /set/ { + default_type "image/png"; + content_by_lua_block { + ngx.say(ngx.header["content-type"]) + ngx.say(ngx.header["content-type"]) + } + } +--- request +GET /set/hello.png +--- response_headers +Content-Type: image/png +--- response_body +image/png +image/png +--- no_error_log +[error] + + + +=== TEST 71: return the matched content-type after ngx.resp.get_headers() +--- http_config +types { + image/png png; +} +--- config + location /set/ { + default_type text/html; + content_by_lua_block { + local h = ngx.resp.get_headers() + ngx.say(h["content-type"]) + } + } +--- request +GET /set/hello.png +--- response_headers +Content-Type: image/png +--- response_body +image/png +--- no_error_log +[error] From 39783100f5b7e821dd929a9426c459e72dcf9361 Mon Sep 17 00:00:00 2001 From: doujiang24 Date: Sun, 4 Sep 2016 01:09:00 +0800 Subject: [PATCH 046/136] feature: tcpsock:connect(): allows the options_table argument being nil. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_socket_tcp.c | 6 ++++ t/058-tcp-socket.t | 52 ++++++++++++++++++++++++++++++++++- 2 files changed, 57 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c index 6db6e2da92..c3a266da03 100644 --- a/src/ngx_http_lua_socket_tcp.c +++ b/src/ngx_http_lua_socket_tcp.c @@ -501,6 +501,12 @@ ngx_http_lua_socket_tcp_connect(lua_State *L) n--; } + /* the fourth argument is not a table */ + if (n == 4) { + lua_pop(L, 1); + n--; + } + if (n == 3) { port = luaL_checkinteger(L, 3); diff --git a/t/058-tcp-socket.t b/t/058-tcp-socket.t index 4734926a16..1ee113b9ce 100644 --- a/t/058-tcp-socket.t +++ b/t/058-tcp-socket.t @@ -4,7 +4,7 @@ use Test::Nginx::Socket::Lua; repeat_each(2); -plan tests => repeat_each() * 187; +plan tests => repeat_each() * 190; our $HtmlDir = html_dir; @@ -3640,3 +3640,53 @@ failed to receive a line: closed [] close: 1 nil --- error_log lua http cleanup reuse + + + +=== TEST 60: options_table is nil +--- config + location /t { + set $port $TEST_NGINX_MEMCACHED_PORT; + + content_by_lua_block { + local sock = ngx.socket.tcp() + local port = ngx.var.port + + local ok, err = sock:connect("127.0.0.1", port, nil) + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local req = "flush_all\r\n" + + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send request: ", err) + return + end + ngx.say("request sent: ", bytes) + + local line, err, part = sock:receive() + if line then + ngx.say("received: ", line) + + else + ngx.say("failed to receive a line: ", err, " [", part, "]") + end + + ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + } + } +--- request +GET /t +--- response_body +connected: 1 +request sent: 11 +received: OK +close: 1 nil +--- no_error_log +[error] From 1ada6d0e59d28f958227c6eedc6ae1a4867830e1 Mon Sep 17 00:00:00 2001 From: Andreas Lubbe Date: Tue, 10 Jan 2017 10:54:40 +0100 Subject: [PATCH 047/136] tests: require PCRE 8.39 instead of 8.33 to run our test suite. Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 2 +- t/034-match.t | 4 ++-- t/035-gmatch.t | 4 ++-- t/036-sub.t | 4 ++-- t/037-gsub.t | 4 ++-- t/120-re-find.t | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.travis.yml b/.travis.yml index 07d92b5747..b1cbddc498 100644 --- a/.travis.yml +++ b/.travis.yml @@ -34,7 +34,7 @@ env: - LUAJIT_LIB=$LUAJIT_PREFIX/lib - LUAJIT_INC=$LUAJIT_PREFIX/include/luajit-2.1 - LUA_INCLUDE_DIR=$LUAJIT_INC - - PCRE_VER=8.33 + - PCRE_VER=8.39 - PCRE_PREFIX=/opt/pcre - PCRE_LIB=$PCRE_PREFIX/lib - PCRE_INC=$PCRE_PREFIX/include diff --git a/t/034-match.t b/t/034-match.t index 35149f1b7b..ebe5762be4 100644 --- a/t/034-match.t +++ b/t/034-match.t @@ -1017,7 +1017,7 @@ exec opts: 0 === TEST 45: just hit match limit --- http_config - lua_regex_match_limit 5600; + lua_regex_match_limit 5000; --- config location /re { content_by_lua_file html/a.lua; @@ -1057,7 +1057,7 @@ error: pcre_exec() failed: -8 === TEST 46: just not hit match limit --- http_config - lua_regex_match_limit 5700; + lua_regex_match_limit 5100; --- config location /re { content_by_lua_file html/a.lua; diff --git a/t/035-gmatch.t b/t/035-gmatch.t index 69b9512b52..cbc673385e 100644 --- a/t/035-gmatch.t +++ b/t/035-gmatch.t @@ -814,7 +814,7 @@ exec opts: 0 === TEST 30: just hit match limit --- http_config - lua_regex_match_limit 5600; + lua_regex_match_limit 5000; --- config location /re { content_by_lua_file html/a.lua; @@ -860,7 +860,7 @@ error: pcre_exec() failed: -8 === TEST 31: just not hit match limit --- http_config - lua_regex_match_limit 5700; + lua_regex_match_limit 5100; --- config location /re { content_by_lua_file html/a.lua; diff --git a/t/036-sub.t b/t/036-sub.t index f08c50f4bc..2b4b07510a 100644 --- a/t/036-sub.t +++ b/t/036-sub.t @@ -580,7 +580,7 @@ s: a好 === TEST 28: just hit match limit --- http_config - lua_regex_match_limit 5600; + lua_regex_match_limit 5000; --- config location /re { content_by_lua_file html/a.lua; @@ -617,7 +617,7 @@ error: pcre_exec() failed: -8 === TEST 29: just not hit match limit --- http_config - lua_regex_match_limit 5700; + lua_regex_match_limit 5100; --- config location /re { content_by_lua_file html/a.lua; diff --git a/t/037-gsub.t b/t/037-gsub.t index 2a1e00f37a..4c5810d527 100644 --- a/t/037-gsub.t +++ b/t/037-gsub.t @@ -501,7 +501,7 @@ s: aa === TEST 23: just hit match limit --- http_config - lua_regex_match_limit 5600; + lua_regex_match_limit 5000; --- config location /re { content_by_lua_file html/a.lua; @@ -538,7 +538,7 @@ error: pcre_exec() failed: -8 === TEST 24: just not hit match limit --- http_config - lua_regex_match_limit 5700; + lua_regex_match_limit 5100; --- config location /re { content_by_lua_file html/a.lua; diff --git a/t/120-re-find.t b/t/120-re-find.t index 92e33bdab0..73e6134fd7 100644 --- a/t/120-re-find.t +++ b/t/120-re-find.t @@ -612,7 +612,7 @@ matched: 你 === TEST 22: just hit match limit --- http_config - lua_regex_match_limit 5600; + lua_regex_match_limit 5000; --- config location /re { content_by_lua_file html/a.lua; @@ -654,7 +654,7 @@ error: pcre_exec() failed: -8 === TEST 23: just not hit match limit --- http_config - lua_regex_match_limit 5700; + lua_regex_match_limit 5100; --- config location /re { content_by_lua_file html/a.lua; From 5c54198a369961cca351c98ad447e802124521e0 Mon Sep 17 00:00:00 2001 From: detailyang Date: Sat, 14 Jan 2017 22:47:24 +0800 Subject: [PATCH 048/136] bugfix: tcp cosockets: sslhandshake(): typo in the error message. also fixed a code comment for the last argument recently added. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_socket_tcp.c | 4 ++-- t/129-ssl-socket.t | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c index c3a266da03..de8762f8ce 100644 --- a/src/ngx_http_lua_socket_tcp.c +++ b/src/ngx_http_lua_socket_tcp.c @@ -1214,11 +1214,11 @@ ngx_http_lua_socket_tcp_sslhandshake(lua_State *L) ngx_http_lua_socket_tcp_upstream_t *u; - /* Lua function arguments: self [,session] [,host] [,verify] */ + /* Lua function arguments: self [,session] [,host] [,verify] [,send_status_req] */ n = lua_gettop(L); if (n < 1 || n > 5) { - return luaL_error(L, "ngx.socket connect: expecting 1 ~ 5 " + return luaL_error(L, "ngx.socket sslhandshake: expecting 1 ~ 5 " "arguments (including the object), but seen %d", n); } diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t index cc14594cb3..726b4423c9 100644 --- a/t/129-ssl-socket.t +++ b/t/129-ssl-socket.t @@ -2614,7 +2614,7 @@ SSL reused session GET /t --- ignore_response --- error_log eval -qr/\[error\] .* ngx.socket connect: expecting 1 ~ 5 arguments \(including the object\), but seen 0/ +qr/\[error\] .* ngx.socket sslhandshake: expecting 1 ~ 5 arguments \(including the object\), but seen 0/ --- no_error_log [alert] --- timeout: 5 From 0c3706298899370049d866d133aefc61ca746a7f Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 18 Jan 2017 11:45:54 -0800 Subject: [PATCH 049/136] fixed a coding style issue in the previous commit. --- src/ngx_http_lua_socket_tcp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c index de8762f8ce..06a0f6fcfd 100644 --- a/src/ngx_http_lua_socket_tcp.c +++ b/src/ngx_http_lua_socket_tcp.c @@ -1214,7 +1214,8 @@ ngx_http_lua_socket_tcp_sslhandshake(lua_State *L) ngx_http_lua_socket_tcp_upstream_t *u; - /* Lua function arguments: self [,session] [,host] [,verify] [,send_status_req] */ + /* Lua function arguments: self [,session] [,host] [,verify] + [,send_status_req] */ n = lua_gettop(L); if (n < 1 || n > 5) { From 1028333e48c3397113b4dac60565e45a1325e083 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 18 Jan 2017 11:56:19 -0800 Subject: [PATCH 050/136] travis-ci: added checks for use of tabs and source lines exceeding 80 cols. --- .travis.yml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.travis.yml b/.travis.yml index b1cbddc498..72a61a572c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -57,6 +57,10 @@ services: - redis-server - mysql +before_install: + - '! grep -n -P ''(?<=.{80}).+'' --color `find src -name ''*.c''` `find . -name ''*.h''` || (echo "ERROR: Found C source lines exceeding 80 columns." > /dev/stderr; exit 1)' + - '! grep -n -P ''\t+'' --color `find src -name ''*.c''` `find . -name ''*.h''` || (echo "ERROR: Cannot use tabs." > /dev/stderr; exit 1)' + install: - if [ ! -f download-cache/drizzle7-$DRIZZLE_VER.tar.gz ]; then wget -P download-cache http://openresty.org/download/drizzle7-$DRIZZLE_VER.tar.gz; fi - if [ ! -f download-cache/pcre-$PCRE_VER.tar.gz ]; then wget -P download-cache http://ftp.cs.stanford.edu/pub/exim/pcre/pcre-$PCRE_VER.tar.gz; fi From 5ae4aba8385c60443df328698f2126c73739f37a Mon Sep 17 00:00:00 2001 From: Thibault Charbonnier Date: Thu, 26 Jan 2017 11:40:25 -0800 Subject: [PATCH 051/136] travis-ci: upgraded openssl to 1.0.2k. Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 72a61a572c..c935543265 100644 --- a/.travis.yml +++ b/.travis.yml @@ -41,7 +41,7 @@ env: - OPENSSL_PREFIX=/opt/ssl - OPENSSL_LIB=$OPENSSL_PREFIX/lib - OPENSSL_INC=$OPENSSL_PREFIX/include - - OPENSSL_VER=1.0.2j + - OPENSSL_VER=1.0.2k - LIBDRIZZLE_PREFIX=/opt/drizzle - LIBDRIZZLE_INC=$LIBDRIZZLE_PREFIX/include/libdrizzle-1.0 - LIBDRIZZLE_LIB=$LIBDRIZZLE_PREFIX/lib From 827a5d6f83de4aed10fd1182e10656945d5bcf2c Mon Sep 17 00:00:00 2001 From: Tom Thorogood Date: Fri, 27 Jan 2017 12:59:35 +1030 Subject: [PATCH 052/136] feature: fixed build compatibility with BoringSSL. There are two issues that prevent lua-nginx-module from building when compiled against BoringSSL. They are: |SSL_set_tlsext_host_name| changing from a macro that internally casts name to a char* to a function that expects a char*, and |sk_X509_num| returning a size_t and no longer an int. The first issue is fixed by changing the caller of |SSL_set_tlsext_host_name|. This is identical to the fix applied in nginx/nginx@9b8b33b. The second issue is fixed by changing variable `i` to be a size_t rather than an int when built against BoringSSL, i.e. when OPENSSL_IS_BORINGSSL is defined. This change only addresses build failures and does not attempt to address missing features or correctness. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_socket_tcp.c | 3 ++- src/ngx_http_lua_ssl_certby.c | 4 ++++ 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c index 06a0f6fcfd..49811168d1 100644 --- a/src/ngx_http_lua_socket_tcp.c +++ b/src/ngx_http_lua_socket_tcp.c @@ -1334,7 +1334,8 @@ ngx_http_lua_socket_tcp_sslhandshake(lua_State *L) #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME - if (SSL_set_tlsext_host_name(c->ssl->connection, name.data) + if (SSL_set_tlsext_host_name(c->ssl->connection, + (char *) name.data) == 0) { lua_pushnil(L); diff --git a/src/ngx_http_lua_ssl_certby.c b/src/ngx_http_lua_ssl_certby.c index aca473557c..84e309316a 100644 --- a/src/ngx_http_lua_ssl_certby.c +++ b/src/ngx_http_lua_ssl_certby.c @@ -1129,7 +1129,11 @@ ngx_http_lua_ffi_set_cert(ngx_http_request_t *r, # else +#ifdef OPENSSL_IS_BORINGSSL + size_t i; +#else int i; +#endif X509 *x509 = NULL; ngx_ssl_conn_t *ssl_conn; STACK_OF(X509) *chain = cdata; From e958cb2caf9a3e17e511a5b3ce8ceab0783c41f4 Mon Sep 17 00:00:00 2001 From: detailyang Date: Thu, 2 Feb 2017 20:04:36 +0800 Subject: [PATCH 053/136] tests: fixed a bug in testing the nullness of cdata pointers. Signed-off-by: Yichun Zhang (agentzh) --- t/140-ssl-c-api.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/t/140-ssl-c-api.t b/t/140-ssl-c-api.t index 44ad93d1c0..854ff30aad 100644 --- a/t/140-ssl-c-api.t +++ b/t/140-ssl-c-api.t @@ -561,7 +561,7 @@ failed to parse PEM priv key: PEM_read_bio_PrivateKey() failed f:close() local pkey = ffi.C.ngx_http_lua_ffi_parse_pem_priv_key(pkey_data, #pkey_data, errmsg) - if not pkey then + if pkey == nil then ngx.log(ngx.ERR, "failed to parse PEM priv key: ", ffi.string(errmsg[0])) return @@ -711,7 +711,7 @@ lua ssl server name: "test.com" f:close() local pkey = ffi.C.ngx_http_lua_ffi_parse_pem_priv_key(pkey_data, #pkey_data, errmsg) - if not pkey then + if pkey == nil then ngx.log(ngx.ERR, "failed to parse PEM priv key: ", ffi.string(errmsg[0])) return From 4fb510f5fb1cb66042b6037aee701dfc053c0d76 Mon Sep 17 00:00:00 2001 From: tan <312841925@qq.com> Date: Mon, 6 Feb 2017 23:09:28 +0800 Subject: [PATCH 054/136] fixed a function parameter name. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_common.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h index 267952be21..079a4dc3b8 100644 --- a/src/ngx_http_lua_common.h +++ b/src/ngx_http_lua_common.h @@ -138,7 +138,7 @@ typedef struct ngx_http_lua_sema_mm_s ngx_http_lua_sema_mm_t; typedef ngx_int_t (*ngx_http_lua_main_conf_handler_pt)(ngx_log_t *log, ngx_http_lua_main_conf_t *lmcf, lua_State *L); typedef ngx_int_t (*ngx_http_lua_srv_conf_handler_pt)(ngx_http_request_t *r, - ngx_http_lua_srv_conf_t *lmcf, lua_State *L); + ngx_http_lua_srv_conf_t *lscf, lua_State *L); typedef struct { From e73cd4b90013b23cf6af60432b1d367b2985708e Mon Sep 17 00:00:00 2001 From: detailyang Date: Fri, 10 Feb 2017 16:43:59 +0800 Subject: [PATCH 055/136] tweak: guarded SSL related function declarations with the macro NGX_HTTP_SSL. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_ssl.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_ssl.h b/src/ngx_http_lua_ssl.h index 7a245ffda7..acb8c4b16c 100644 --- a/src/ngx_http_lua_ssl.h +++ b/src/ngx_http_lua_ssl.h @@ -12,6 +12,8 @@ #if (NGX_HTTP_SSL) + + typedef struct { ngx_connection_t *connection; /* original true connection */ ngx_http_request_t *request; /* fake request */ @@ -31,7 +33,6 @@ typedef struct { unsigned entered_cert_handler:1; unsigned entered_sess_fetch_handler:1; } ngx_http_lua_ssl_ctx_t; -#endif ngx_int_t ngx_http_lua_ssl_init(ngx_log_t *log); @@ -40,4 +41,7 @@ ngx_int_t ngx_http_lua_ssl_init(ngx_log_t *log); extern int ngx_http_lua_ssl_ctx_index; +#endif + + #endif /* _NGX_HTTP_LUA_SSL_H_INCLUDED_ */ From a14b9cd374904e02dd46b30e925d106285188cc4 Mon Sep 17 00:00:00 2001 From: Dayo Akanji Date: Sat, 11 Feb 2017 21:11:15 +0300 Subject: [PATCH 056/136] doc: various wording tweaks and more code examples. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * instances of “Warning” changed to more appropriate terms such as “Note” or “Caution” * removed informal terms such as “kinda” Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 107 +++++++++++++++++------------ doc/HttpLuaModule.wiki | 152 +++++++++++++++++++++++------------------ 2 files changed, 151 insertions(+), 108 deletions(-) diff --git a/README.markdown b/README.markdown index f7044606f5..c13f2dacc2 100644 --- a/README.markdown +++ b/README.markdown @@ -150,7 +150,7 @@ Synopsis } # use nginx var in code path - # WARNING: contents in nginx var must be carefully filtered, + # CAUTION: contents in nginx var must be carefully filtered, # otherwise there'll be great security risk! location ~ ^/app/([-_a-zA-Z0-9/]+) { set $path $1; @@ -312,8 +312,9 @@ Starting from NGINX 1.9.11, you can also compile this module as a dynamic module directive, for example, ```nginx -load_module /path/to/modules/ndk_http_module.so; # assuming NDK is built as a dynamic module too -load_module /path/to/modules/ngx_http_lua_module.so; + + load_module /path/to/modules/ndk_http_module.so; # assuming NDK is built as a dynamic module too + load_module /path/to/modules/ngx_http_lua_module.so; ``` [Back to TOC](#table-of-contents) @@ -656,15 +657,29 @@ instead of the old deprecated form: Here is the reason: by design, the global environment has exactly the same lifetime as the Nginx request handler associated with it. Each request handler has its own set of Lua global variables and that is the idea of request isolation. The Lua module is actually loaded by the first Nginx request handler and is cached by the `require()` built-in in the `package.loaded` table for later reference, and the `module()` builtin used by some Lua modules has the side effect of setting a global variable to the loaded module table. But this global variable will be cleared at the end of the request handler, and every subsequent request handler all has its own (clean) global environment. So one will get Lua exception for accessing the `nil` value. -Generally, use of Lua global variables is a really really bad idea in the context of ngx_lua because +The use of Lua global variables is a generally inadvisable in the ngx_lua context as: + +1. the misuse of Lua globals has detrimental side effects on concurrent requests when such variables should instead be local in scope, +1. Lua global variables require Lua table look-ups in the global environment which is computationally expensive, and +1. some Lua global variable references may include typing errors which make such difficult to debug. + +It is therefore *highly* recommended to always declare such within an appropriate local scope instead. -1. misuse of Lua globals has very bad side effects for concurrent requests when these variables are actually supposed to be local only, -1. Lua global variables require Lua table look-up in the global environment (which is just a Lua table), which is kinda expensive, and -1. some Lua global variable references are just typos, which are hard to debug. +```lua + + -- Avoid + foo = 123 + -- Recomended + local foo = 123 -It's *highly* recommended to always declare them via "local" in the scope that is reasonable. + -- Avoid + function foo() return 123 end + -- Recomended + local function foo() return 123 end +``` -To find out all the uses of Lua global variables in your Lua code, you can run the [lua-releng tool](https://github.com/openresty/nginx-devel-utils/blob/master/lua-releng) across all your .lua source files: + +To find all instances of Lua global variables in your Lua code, run the [lua-releng tool](https://github.com/openresty/nginx-devel-utils/blob/master/lua-releng) across all `.lua` source files: $ lua-releng Checking use of Lua global variables in file lib/foo/bar.lua ... @@ -709,28 +724,27 @@ will not work as expected. Cosockets Not Available Everywhere ---------------------------------- -Due the internal limitations in the nginx core, the cosocket API are disabled in the following contexts: [set_by_lua*](#set_by_lua), [log_by_lua*](#log_by_lua), [header_filter_by_lua*](#header_filter_by_lua), and [body_filter_by_lua](#body_filter_by_lua). +Due to internal limitations in the nginx core, the cosocket API is disabled in the following contexts: [set_by_lua*](#set_by_lua), [log_by_lua*](#log_by_lua), [header_filter_by_lua*](#header_filter_by_lua), and [body_filter_by_lua](#body_filter_by_lua). The cosockets are currently also disabled in the [init_by_lua*](#init_by_lua) and [init_worker_by_lua*](#init_worker_by_lua) directive contexts but we may add support for these contexts in the future because there is no limitation in the nginx core (or the limitation might be worked around). -There exists a work-around, however, when the original context does *not* need to wait for the cosocket results. That is, creating a 0-delay timer via the [ngx.timer.at](#ngxtimerat) API and do the cosocket results in the timer handler, which runs asynchronously as to the original context creating the timer. +There exists a work-around, however, when the original context does *not* need to wait for the cosocket results. That is, creating a zero-delay timer via the [ngx.timer.at](#ngxtimerat) API and do the cosocket results in the timer handler, which runs asynchronously as to the original context creating the timer. [Back to TOC](#table-of-contents) Special Escaping Sequences -------------------------- -**WARNING** We no longer suffer from this pitfall since the introduction of the -`*_by_lua_block {}` configuration directives. +**NOTE** Following the `v0.9.17` release, this pitfall can be avoided by using the `*_by_lua_block {}` configuration directives. -PCRE sequences such as `\d`, `\s`, or `\w`, require special attention because in string literals, the backslash character, `\`, is stripped out by both the Lua language parser and by the Nginx config file parser before processing. So the following snippet will not work as expected: +PCRE sequences such as `\d`, `\s`, or `\w`, require special attention because in string literals, the backslash character, `\`, is stripped out by both the Lua language parser and by the nginx config file parser before processing if not within a `*_by_lua_block {}` directive. So the following snippet will not work as expected: ```nginx # nginx.conf ? location /test { ? content_by_lua ' - ? local regex = "\d+" -- THIS IS WRONG!! + ? local regex = "\d+" -- THIS IS WRONG OUTSIDE OF A *_by_lua_block DIRECTIVE ? local m = ngx.re.match("hello, 1234", regex) ? if m then ngx.say(m[0]) else ngx.say("not matched!") end ? '; @@ -811,6 +825,22 @@ Within external script files, PCRE sequences presented as long-bracketed Lua str -- evaluates to "1234" ``` +As noted earlier, PCRE sequences presented within `*_by_lua_block {}` directives (available following the `v0.9.17` release) do not require modification. + +```nginx + + # nginx.conf + location /test { + content_by_lua_block { + local regex = "\d+" + local m = ngx.re.match("hello, 1234", regex) + if m then ngx.say(m[0]) else ngx.say("not matched!") end + } + } + # evaluates to "1234" +``` + + [Back to TOC](#table-of-contents) Mixing with SSI Not Supported @@ -885,7 +915,7 @@ servers in Lua. For example, Changes ======= -The changes of every release of this module can be obtained from the OpenResty bundle's change logs: +The changes made in every release of this module are listed in the change logs of the OpenResty bundle: @@ -1081,7 +1111,7 @@ lua_use_default_type **context:** *http, server, location, location if* -Specifies whether to use the MIME type specified by the [default_type](http://nginx.org/en/docs/http/ngx_http_core_module.html#default_type) directive for the default value of the `Content-Type` response header. If you do not want a default `Content-Type` response header for your Lua request handlers, then turn this directive off. +Specifies whether to use the MIME type specified by the [default_type](http://nginx.org/en/docs/http/ngx_http_core_module.html#default_type) directive for the default value of the `Content-Type` response header. Deactivate this directive if a default `Content-Type` response header for Lua request handlers is not desired. This directive is turned on by default. @@ -1153,7 +1183,7 @@ Apache `mod_lua` module (yet). Disabling the Lua code cache is strongly discouraged for production use and should only be used during -development as it has a significant negative impact on overall performance. For example, the performance a "hello world" Lua example can drop by an order of magnitude after disabling the Lua code cache. +development as it has a significant negative impact on overall performance. For example, the performance of a "hello world" Lua example can drop by an order of magnitude after disabling the Lua code cache. [Back to TOC](#directives) @@ -1242,8 +1272,7 @@ init_by_lua **phase:** *loading-config* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [init_by_lua_block](#init_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [init_by_lua_block](#init_by_lua_block) directive instead. Runs the Lua code specified by the argument `` on the global Lua VM level when the Nginx master process (if any) is loading the Nginx config file. @@ -1359,7 +1388,7 @@ init_worker_by_lua **phase:** *starting-worker* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; use the new [init_worker_by_lua_block](#init_worker_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [init_worker_by_lua_block](#init_worker_by_lua_block) directive instead. Runs the specified Lua code upon every Nginx worker process's startup when the master process is enabled. When the master process is disabled, this hook will just run after [init_by_lua*](#init_by_lua). @@ -1448,7 +1477,7 @@ set_by_lua **phase:** *rewrite* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; use the new [set_by_lua_block](#set_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [set_by_lua_block](#set_by_lua_block) directive instead. Executes code specified in `` with optional input arguments `$arg1 $arg2 ...`, and returns string output to `$res`. The code in `` can make [API calls](#nginx-api-for-lua) and can retrieve input arguments from the `ngx.arg` table (index starts from `1` and increases sequentially). @@ -1562,8 +1591,7 @@ content_by_lua **phase:** *content* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [content_by_lua_block](#content_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [content_by_lua_block](#content_by_lua_block) directive instead. Acts as a "content handler" and executes Lua code string specified in `` for every request. The Lua code may make [API calls](#nginx-api-for-lua) and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). @@ -1623,7 +1651,7 @@ Nginx variables are supported in the file path for dynamic dispatch, for example ```nginx - # WARNING: contents in nginx var must be carefully filtered, + # CAUTION: contents in nginx var must be carefully filtered, # otherwise there'll be great security risk! location ~ ^/app/([-_a-zA-Z0-9/]+) { set $path $1; @@ -1644,8 +1672,7 @@ rewrite_by_lua **phase:** *rewrite tail* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [rewrite_by_lua_block](#rewrite_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [rewrite_by_lua_block](#rewrite_by_lua_block) directive instead. Acts as a rewrite phase handler and executes Lua code string specified in `` for every request. The Lua code may make [API calls](#nginx-api-for-lua) and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). @@ -1821,8 +1848,7 @@ access_by_lua **phase:** *access tail* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [access_by_lua_block](#access_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [access_by_lua_block](#access_by_lua_block) directive instead. Acts as an access phase handler and executes Lua code string specified in `` for every request. The Lua code may make [API calls](#nginx-api-for-lua) and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). @@ -1951,8 +1977,7 @@ header_filter_by_lua **phase:** *output-header-filter* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [header_filter_by_lua_block](#header_filter_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [header_filter_by_lua_block](#header_filter_by_lua_block) directive instead. Uses Lua code specified in `` to define an output header filter. @@ -2030,8 +2055,7 @@ body_filter_by_lua **phase:** *output-body-filter* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [body_filter_by_lua_block](#body_filter_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [body_filter_by_lua_block](#body_filter_by_lua_block) directive instead. Uses Lua code specified in `` to define an output body filter. @@ -2167,8 +2191,7 @@ log_by_lua **phase:** *log* -**WARNING** Since the `v0.9.17` release, use of this directive is *discouraged*; -use the new [log_by_lua_block](#log_by_lua_block) directive instead. +**NOTE** Use of this directive is *discouraged* following the `v0.9.17` release. Use the [log_by_lua_block](#log_by_lua_block) directive instead. Runs the Lua source code inlined as the `` at the `log` request processing phase. This does not replace the current access logs, but runs before. @@ -2952,7 +2975,7 @@ lua_check_client_abort This directive controls whether to check for premature client connection abortion. -When this directive is turned on, the ngx_lua module will monitor the premature connection close event on the downstream connections. And when there is such an event, it will call the user Lua function callback (registered by [ngx.on_abort](#ngxon_abort)) or just stop and clean up all the Lua "light threads" running in the current request's request handler when there is no user callback function registered. +When this directive is on, the ngx_lua module will monitor the premature connection close event on the downstream connections and when there is such an event, it will call the user Lua function callback (registered by [ngx.on_abort](#ngxon_abort)) or just stop and clean up all the Lua "light threads" running in the current request's request handler when there is no user callback function registered. According to the current implementation, however, if the client closes the connection before the Lua code finishes reading the request body data via [ngx.req.socket](#ngxreqsocket), then ngx_lua will neither stop all the running "light threads" nor call the user callback (if [ngx.on_abort](#ngxon_abort) has been called). Instead, the reading operation on [ngx.req.socket](#ngxreqsocket) will just return the error message "client aborted" as the second return value (the first return value is surely `nil`). @@ -3281,7 +3304,7 @@ Setting `ngx.var.Foo` to a `nil` value will unset the `$Foo` Nginx variable. ngx.var.args = nil ``` -**WARNING** When reading from an Nginx variable, Nginx will allocate memory in the per-request memory pool which is freed only at request termination. So when you need to read from an Nginx variable repeatedly in your Lua code, cache the Nginx variable value to your own Lua variable, for example, +**CAUTION** When reading from an Nginx variable, Nginx will allocate memory in the per-request memory pool which is freed only at request termination. So when you need to read from an Nginx variable repeatedly in your Lua code, cache the Nginx variable value to your own Lua variable, for example, ```lua @@ -3550,7 +3573,7 @@ Because of the metamethod magic, never "local" the `ngx.ctx` table outside your local _M = {} -- the following line is bad since ngx.ctx is a per-request - -- data while this `ctx` variable is on the Lua module level + -- data while this ctx variable is on the Lua module level -- and thus is per-nginx-worker. local ctx = ngx.ctx @@ -5253,7 +5276,7 @@ ngx.eof Explicitly specify the end of the response output stream. In the case of HTTP 1.1 chunked encoded output, it will just trigger the Nginx core to send out the "last chunk". -When you disable the HTTP 1.1 keep-alive feature for your downstream connections, you can rely on descent HTTP clients to close the connection actively for you when you call this method. This trick can be used do back-ground jobs without letting the HTTP clients to wait on the connection, as in the following example: +When you disable the HTTP 1.1 keep-alive feature for your downstream connections, you can rely on well written HTTP clients to close the connection actively for you when you call this method. This trick can be used do back-ground jobs without letting the HTTP clients to wait on the connection, as in the following example: ```nginx @@ -5261,7 +5284,7 @@ When you disable the HTTP 1.1 keep-alive feature for your downstream connections keepalive_timeout 0; content_by_lua_block { ngx.say("got the task!") - ngx.eof() -- a descent HTTP client will close the connection at this point + ngx.eof() -- well written HTTP clients will close the connection at this point -- access MySQL, PostgreSQL, Redis, Memcached, and etc here... } } @@ -6497,7 +6520,7 @@ Fetch a list of the keys from the dictionary, up to ``. By default, only the first 1024 keys (if any) are returned. When the `` argument is given the value `0`, then all the keys will be returned even there is more than 1024 keys in the dictionary. -**WARNING** Be careful when calling this method on dictionaries with a really huge number of keys. This method may lock the dictionary for quite a while and block all the nginx worker processes that are trying to access the dictionary. +**CAUTION** Avoid calling this method on dictionaries with a very large number of keys as it may lock the dictionary for significant amount of time and block Nginx worker processes trying to access the dictionary. This feature was first introduced in the `v0.7.3` release. @@ -7282,7 +7305,7 @@ Then it will generate the output 4 -"Light threads" are mostly useful for doing concurrent upstream requests in a single Nginx request handler, kinda like a generalized version of [ngx.location.capture_multi](#ngxlocationcapture_multi) that can work with all the [Nginx API for Lua](#nginx-api-for-lua). The following example demonstrates parallel requests to MySQL, Memcached, and upstream HTTP services in a single Lua handler, and outputting the results in the order that they actually return (very much like the Facebook BigPipe model): +"Light threads" are mostly useful for making concurrent upstream requests in a single Nginx request handler, much like a generalized version of [ngx.location.capture_multi](#ngxlocationcapture_multi) that can work with all the [Nginx API for Lua](#nginx-api-for-lua). The following example demonstrates parallel requests to MySQL, Memcached, and upstream HTTP services in a single Lua handler, and outputting the results in the order that they actually return (similar to Facebook's BigPipe model): ```lua diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index f9b98a4ee5..71912d8796 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -96,7 +96,7 @@ This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/t } # use nginx var in code path - # WARNING: contents in nginx var must be carefully filtered, + # CAUTION: contents in nginx var must be carefully filtered, # otherwise there'll be great security risk! location ~ ^/app/([-_a-zA-Z0-9/]+) { set $path $1; @@ -237,14 +237,14 @@ Build the source with this module: == Building as a dynamic module == -Starting from NGINX 1.9.11, you can also compile this module as a dynamic module, by using the `--add-dynamic-module=PATH` option instead of `--add-module=PATH` on the -`./configure` command line above. And then you can explicitly load the module in your `nginx.conf` via the [load_module](http://nginx.org/en/docs/ngx_core_module.html#load_module) +Starting from NGINX 1.9.11, you can also compile this module as a dynamic module, by using the --add-dynamic-module=PATH option instead of --add-module=PATH on the +./configure command line above. And then you can explicitly load the module in your nginx.conf via the [load_module](http://nginx.org/en/docs/ngx_core_module.html#load_module) directive, for example, -```nginx + load_module /path/to/modules/ndk_http_module.so; # assuming NDK is built as a dynamic module too load_module /path/to/modules/ngx_http_lua_module.so; -``` + == C Macro Configurations == @@ -520,15 +520,28 @@ instead of the old deprecated form: Here is the reason: by design, the global environment has exactly the same lifetime as the Nginx request handler associated with it. Each request handler has its own set of Lua global variables and that is the idea of request isolation. The Lua module is actually loaded by the first Nginx request handler and is cached by the require() built-in in the package.loaded table for later reference, and the module() builtin used by some Lua modules has the side effect of setting a global variable to the loaded module table. But this global variable will be cleared at the end of the request handler, and every subsequent request handler all has its own (clean) global environment. So one will get Lua exception for accessing the nil value. -Generally, use of Lua global variables is a really really bad idea in the context of ngx_lua because +The use of Lua global variables is a generally inadvisable in the ngx_lua context as: + +# the misuse of Lua globals has detrimental side effects on concurrent requests when such variables should instead be local in scope, +# Lua global variables require Lua table look-ups in the global environment which is computationally expensive, and +# some Lua global variable references may include typing errors which make such difficult to debug. + +It is therefore *highly* recommended to always declare such within an appropriate local scope instead. + + + -- Avoid + foo = 123 + -- Recomended + local foo = 123 -# misuse of Lua globals has very bad side effects for concurrent requests when these variables are actually supposed to be local only, -# Lua global variables require Lua table look-up in the global environment (which is just a Lua table), which is kinda expensive, and -# some Lua global variable references are just typos, which are hard to debug. + -- Avoid + function foo() return 123 end + -- Recomended + local function foo() return 123 end + -It's *highly* recommended to always declare them via "local" in the scope that is reasonable. -To find out all the uses of Lua global variables in your Lua code, you can run the [https://github.com/openresty/nginx-devel-utils/blob/master/lua-releng lua-releng tool] across all your .lua source files: +To find all instances of Lua global variables in your Lua code, run the [https://github.com/openresty/nginx-devel-utils/blob/master/lua-releng lua-releng tool] across all .lua source files: $ lua-releng Checking use of Lua global variables in file lib/foo/bar.lua ... @@ -565,24 +578,23 @@ will not work as expected. == Cosockets Not Available Everywhere == -Due the internal limitations in the nginx core, the cosocket API are disabled in the following contexts: [[#set_by_lua|set_by_lua*]], [[#log_by_lua|log_by_lua*]], [[#header_filter_by_lua|header_filter_by_lua*]], and [[#body_filter_by_lua|body_filter_by_lua]]. +Due to internal limitations in the nginx core, the cosocket API is disabled in the following contexts: [[#set_by_lua|set_by_lua*]], [[#log_by_lua|log_by_lua*]], [[#header_filter_by_lua|header_filter_by_lua*]], and [[#body_filter_by_lua|body_filter_by_lua]]. The cosockets are currently also disabled in the [[#init_by_lua|init_by_lua*]] and [[#init_worker_by_lua|init_worker_by_lua*]] directive contexts but we may add support for these contexts in the future because there is no limitation in the nginx core (or the limitation might be worked around). -There exists a work-around, however, when the original context does *not* need to wait for the cosocket results. That is, creating a 0-delay timer via the [[#ngx.timer.at|ngx.timer.at]] API and do the cosocket results in the timer handler, which runs asynchronously as to the original context creating the timer. +There exists a work-around, however, when the original context does *not* need to wait for the cosocket results. That is, creating a zero-delay timer via the [[#ngx.timer.at|ngx.timer.at]] API and do the cosocket results in the timer handler, which runs asynchronously as to the original context creating the timer. == Special Escaping Sequences == -'''WARNING''' We no longer suffer from this pitfall since the introduction of the -*_by_lua_block {} configuration directives. +'''NOTE''' Following the v0.9.17 release, this pitfall can be avoided by using the *_by_lua_block {} configuration directives. -PCRE sequences such as \d, \s, or \w, require special attention because in string literals, the backslash character, \, is stripped out by both the Lua language parser and by the Nginx config file parser before processing. So the following snippet will not work as expected: +PCRE sequences such as \d, \s, or \w, require special attention because in string literals, the backslash character, \, is stripped out by both the Lua language parser and by the nginx config file parser before processing if not within a *_by_lua_block {} directive. So the following snippet will not work as expected: # nginx.conf ? location /test { ? content_by_lua ' - ? local regex = "\d+" -- THIS IS WRONG!! + ? local regex = "\d+" -- THIS IS WRONG OUTSIDE OF A *_by_lua_block DIRECTIVE ? local m = ngx.re.match("hello, 1234", regex) ? if m then ngx.say(m[0]) else ngx.say("not matched!") end ? '; @@ -658,6 +670,21 @@ Within external script files, PCRE sequences presented as long-bracketed Lua str -- evaluates to "1234" +As noted earlier, PCRE sequences presented within *_by_lua_block {} directives (available following the v0.9.17 release) do not require modification. + + + # nginx.conf + location /test { + content_by_lua_block { + local regex = "\d+" + local m = ngx.re.match("hello, 1234", regex) + if m then ngx.say(m[0]) else ngx.say("not matched!") end + } + } + # evaluates to "1234" + + + == Mixing with SSI Not Supported == Mixing SSI with ngx_lua in the same Nginx request is not supported at all. Just use ngx_lua exclusively. Everything you can do with SSI can be done atop ngx_lua anyway and it can be more efficient when using ngx_lua. @@ -716,7 +743,7 @@ servers in Lua. For example, = Changes = -The changes of every release of this module can be obtained from the OpenResty bundle's change logs: +The changes made in every release of this module are listed in the change logs of the OpenResty bundle: http://openresty.org/#Changes @@ -771,7 +798,7 @@ To run specific test files: prove -I/path/to/test-nginx/lib t/002-content.t t/003-errors.t -To run a specific test block in a particular test file, add the line --- ONLY to the test block you want to run, and then use the `prove` utility to run that .t file. +To run a specific test block in a particular test file, add the line --- ONLY to the test block you want to run, and then use the prove utility to run that .t file. There are also various testing modes based on mockeagain, valgrind, and etc. Refer to the [http://search.cpan.org/perldoc?Test::Nginx Test::Nginx documentation] for more details for various advanced testing modes. See also the test reports for the Nginx test cluster running on Amazon EC2: http://qa.openresty.org. @@ -833,7 +860,7 @@ how the result will be used. Below is a diagram showing the order in which direc '''context:''' ''http, server, location, location if'' -Specifies whether to use the MIME type specified by the [http://nginx.org/en/docs/http/ngx_http_core_module.html#default_type default_type] directive for the default value of the Content-Type response header. If you do not want a default Content-Type response header for your Lua request handlers, then turn this directive off. +Specifies whether to use the MIME type specified by the [http://nginx.org/en/docs/http/ngx_http_core_module.html#default_type default_type] directive for the default value of the Content-Type response header. Deactivate this directive if a default Content-Type response header for Lua request handlers is not desired. This directive is turned on by default. @@ -898,7 +925,7 @@ Apache mod_lua module (yet). Disabling the Lua code cache is strongly discouraged for production use and should only be used during -development as it has a significant negative impact on overall performance. For example, the performance a "hello world" Lua example can drop by an order of magnitude after disabling the Lua code cache. +development as it has a significant negative impact on overall performance. For example, the performance of a "hello world" Lua example can drop by an order of magnitude after disabling the Lua code cache. == lua_regex_cache_max_entries == '''syntax:''' ''lua_regex_cache_max_entries '' @@ -917,7 +944,7 @@ The default number of entries allowed is 1024 and when this limit is reached, ne 2011/08/27 23:18:26 [warn] 31997#0: *1 lua exceeding regex cache max entries (1024), ... -If you are using the `ngx.re.*` implementation of [lua-resty-core](https://github.com/openresty/lua-resty-core) by loading the `resty.core.regex` module (or just the `resty.core` module), then an LRU cache is used for the regex cache being used here. +If you are using the ngx.re.* implementation of [lua-resty-core](https://github.com/openresty/lua-resty-core) by loading the resty.core.regex module (or just the resty.core module), then an LRU cache is used for the regex cache being used here. Do not activate the o option for regular expressions (and/or replace string arguments for [[#ngx.re.sub|ngx.re.sub]] and [[#ngx.re.gsub|ngx.re.gsub]]) that are generated ''on the fly'' and give rise to infinite variations to avoid hitting the specified limit. @@ -972,8 +999,7 @@ As from the v0.5.0rc29 release, the special notation $prefix< '''phase:''' ''loading-config'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#init_by_lua_block|init_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#init_by_lua_block|init_by_lua_block]] directive instead. Runs the Lua code specified by the argument on the global Lua VM level when the Nginx master process (if any) is loading the Nginx config file. @@ -1042,7 +1068,7 @@ This directive was first introduced in the v0.5.5 release. Similar to the [[#init_by_lua|init_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1077,7 +1103,7 @@ This directive was first introduced in the v0.5.5 release. '''phase:''' ''starting-worker'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; use the new [[#init_worker_by_lua_block|init_worker_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#init_worker_by_lua_block|init_worker_by_lua_block]] directive instead. Runs the specified Lua code upon every Nginx worker process's startup when the master process is enabled. When the master process is disabled, this hook will just run after [[#init_by_lua|init_by_lua*]]. @@ -1122,7 +1148,7 @@ This directive was first introduced in the v0.9.5 release. Similar to the [[#init_worker_by_lua|init_worker_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1155,7 +1181,7 @@ This directive was first introduced in the v0.9.5 release. '''phase:''' ''rewrite'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; use the new [[#set_by_lua_block|set_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#set_by_lua_block|set_by_lua_block]] directive instead. Executes code specified in with optional input arguments $arg1 $arg2 ..., and returns string output to $res. The code in can make [[#Nginx API for Lua|API calls]] and can retrieve input arguments from the ngx.arg table (index starts from 1 and increases sequentially). @@ -1214,7 +1240,7 @@ This directive requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_ki Similar to the [[#set_by_lua|set_by_lua]] directive except that # this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping), and # this directive does not support extra arguments after the Lua script as in [[#set_by_lua|set_by_lua]]. @@ -1257,8 +1283,7 @@ This directive requires the [https://github.com/simpl/ngx_devel_kit ngx_devel_ki '''phase:''' ''content'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#content_by_lua_block|content_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#content_by_lua_block|content_by_lua_block]] directive instead. Acts as a "content handler" and executes Lua code string specified in for every request. The Lua code may make [[#Nginx API for Lua|API calls]] and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). @@ -1275,7 +1300,7 @@ Do not use this directive and other content handler directives in the same locat Similar to the [[#content_by_lua|content_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1310,7 +1335,7 @@ switching [[#lua_code_cache|lua_code_cache]] off in nginx.con Nginx variables are supported in the file path for dynamic dispatch, for example: - # WARNING: contents in nginx var must be carefully filtered, + # CAUTION: contents in nginx var must be carefully filtered, # otherwise there'll be great security risk! location ~ ^/app/([-_a-zA-Z0-9/]+) { set $path $1; @@ -1328,8 +1353,7 @@ But be very careful about malicious user inputs and always carefully validate or '''phase:''' ''rewrite tail'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#rewrite_by_lua_block|rewrite_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#rewrite_by_lua_block|rewrite_by_lua_block]] directive instead. Acts as a rewrite phase handler and executes Lua code string specified in for every request. The Lua code may make [[#Nginx API for Lua|API calls]] and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). @@ -1448,7 +1472,7 @@ The rewrite_by_lua code will always run at the end of the rew Similar to the [[#rewrite_by_lua|rewrite_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1489,8 +1513,7 @@ Nginx variables are supported in the file path for dynamic dispatch just as in [ '''phase:''' ''access tail'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#access_by_lua_block|access_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#access_by_lua_block|access_by_lua_block]] directive instead. Acts as an access phase handler and executes Lua code string specified in for every request. The Lua code may make [[#Nginx API for Lua|API calls]] and is executed as a new spawned coroutine in an independent global environment (i.e. a sandbox). @@ -1565,7 +1588,7 @@ of NGINX. Similar to the [[#access_by_lua|access_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1606,8 +1629,7 @@ Nginx variables are supported in the file path for dynamic dispatch just as in [ '''phase:''' ''output-header-filter'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#header_filter_by_lua_block|header_filter_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#header_filter_by_lua_block|header_filter_by_lua_block]] directive instead. Uses Lua code specified in to define an output header filter. @@ -1639,7 +1661,7 @@ This directive was first introduced in the v0.2.1rc20 release. Similar to the [[#header_filter_by_lua|header_filter_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1674,8 +1696,7 @@ This directive was first introduced in the v0.2.1rc20 release. '''phase:''' ''output-body-filter'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#body_filter_by_lua_block|body_filter_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#body_filter_by_lua_block|body_filter_by_lua_block]] directive instead. Uses Lua code specified in to define an output body filter. @@ -1762,7 +1783,7 @@ This directive was first introduced in the v0.5.0rc32 release. Similar to the [[#body_filter_by_lua|body_filter_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -1797,8 +1818,7 @@ This directive was first introduced in the v0.5.0rc32 release. '''phase:''' ''log'' -'''WARNING''' Since the v0.9.17 release, use of this directive is ''discouraged''; -use the new [[#log_by_lua_block|log_by_lua_block]] directive instead. +'''NOTE''' Use of this directive is ''discouraged'' following the v0.9.17 release. Use the [[#log_by_lua_block|log_by_lua_block]] directive instead. Runs the Lua source code inlined as the at the log request processing phase. This does not replace the current access logs, but runs before. @@ -1863,7 +1883,7 @@ This directive was first introduced in the v0.5.0rc31 release. Similar to the [[#log_by_lua|log_by_lua]] directive except that this directive inlines the Lua source directly -inside a pair of curly braces (`{}`) instead of in an NGINX string literal (which requires +inside a pair of curly braces ({}) instead of in an NGINX string literal (which requires special character escaping). For instance, @@ -2487,7 +2507,7 @@ This directive was first introduced in the v0.5.0rc32 release. This directive controls whether to check for premature client connection abortion. -When this directive is turned on, the ngx_lua module will monitor the premature connection close event on the downstream connections. And when there is such an event, it will call the user Lua function callback (registered by [[#ngx.on_abort|ngx.on_abort]]) or just stop and clean up all the Lua "light threads" running in the current request's request handler when there is no user callback function registered. +When this directive is on, the ngx_lua module will monitor the premature connection close event on the downstream connections and when there is such an event, it will call the user Lua function callback (registered by [[#ngx.on_abort|ngx.on_abort]]) or just stop and clean up all the Lua "light threads" running in the current request's request handler when there is no user callback function registered. According to the current implementation, however, if the client closes the connection before the Lua code finishes reading the request body data via [[#ngx.req.socket|ngx.req.socket]], then ngx_lua will neither stop all the running "light threads" nor call the user callback (if [[#ngx.on_abort|ngx.on_abort]] has been called). Instead, the reading operation on [[#ngx.req.socket|ngx.req.socket]] will just return the error message "client aborted" as the second return value (the first return value is surely nil). @@ -2647,7 +2667,7 @@ Setting ngx.var.Foo to a nil value will unset the -'''WARNING''' When reading from an Nginx variable, Nginx will allocate memory in the per-request memory pool which is freed only at request termination. So when you need to read from an Nginx variable repeatedly in your Lua code, cache the Nginx variable value to your own Lua variable, for example, +'''CAUTION''' When reading from an Nginx variable, Nginx will allocate memory in the per-request memory pool which is freed only at request termination. So when you need to read from an Nginx variable repeatedly in your Lua code, cache the Nginx variable value to your own Lua variable, for example, local val = ngx.var.some_var @@ -2656,7 +2676,7 @@ Setting ngx.var.Foo to a nil value will unset the nil while uninitialized (but defined) NGINX variables are evaluated to an empty Lua string. This API requires a relatively expensive metamethod call and it is recommended to avoid using it on hot code paths. @@ -2884,7 +2904,7 @@ Because of the metamethod magic, never "local" the ngx.ctx table ou local _M = {} -- the following line is bad since ngx.ctx is a per-request --- data while this `ctx` variable is on the Lua module level +-- data while this ctx variable is on the Lua module level -- and thus is per-nginx-worker. local ctx = ngx.ctx @@ -2908,7 +2928,7 @@ end return _M -That is, let the caller pass the `ctx` table explicitly via a function argument. +That is, let the caller pass the ctx table explicitly via a function argument. == ngx.location.capture == '''syntax:''' ''res = ngx.location.capture(uri, options?)'' @@ -4380,14 +4400,14 @@ an asynchronous operation and will return immediately. This behavior may change Explicitly specify the end of the response output stream. In the case of HTTP 1.1 chunked encoded output, it will just trigger the Nginx core to send out the "last chunk". -When you disable the HTTP 1.1 keep-alive feature for your downstream connections, you can rely on descent HTTP clients to close the connection actively for you when you call this method. This trick can be used do back-ground jobs without letting the HTTP clients to wait on the connection, as in the following example: +When you disable the HTTP 1.1 keep-alive feature for your downstream connections, you can rely on well written HTTP clients to close the connection actively for you when you call this method. This trick can be used do back-ground jobs without letting the HTTP clients to wait on the connection, as in the following example: location = /async { keepalive_timeout 0; content_by_lua_block { ngx.say("got the task!") - ngx.eof() -- a descent HTTP client will close the connection at this point + ngx.eof() -- well written HTTP clients will close the connection at this point -- access MySQL, PostgreSQL, Redis, Memcached, and etc here... } } @@ -5345,7 +5365,7 @@ The value argument and init argument can be any valid This method was first introduced in the v0.3.1rc22 release. -The optional `init` parameter was first added in the v0.10.6 release. +The optional init parameter was first added in the v0.10.6 release. See also [[#ngx.shared.DICT|ngx.shared.DICT]]. @@ -5447,7 +5467,7 @@ Fetch a list of the keys from the dictionary, up to . By default, only the first 1024 keys (if any) are returned. When the argument is given the value 0, then all the keys will be returned even there is more than 1024 keys in the dictionary. -'''WARNING''' Be careful when calling this method on dictionaries with a really huge number of keys. This method may lock the dictionary for quite a while and block all the nginx worker processes that are trying to access the dictionary. +'''CAUTION''' Avoid calling this method on dictionaries with a very large number of keys as it may lock the dictionary for significant amount of time and block Nginx worker processes trying to access the dictionary. This feature was first introduced in the v0.7.3 release. @@ -5726,7 +5746,7 @@ session userdata returned by a previous sslhandshake call for exactly the same target. For short-lived connections, reusing SSL sessions can usually speed up the handshake by one order by magnitude but it is not so useful if the connection pool is enabled. This argument defaults to -`nil`. If this argument takes the boolean `false` value, no SSL session +nil. If this argument takes the boolean false value, no SSL session userdata would return by this call and only a Lua boolean will be returned as the first return value; otherwise the current SSL session will always be returned as the first argument in case of successes. @@ -5739,7 +5759,7 @@ also used to validate the server name specified in the server certificate sent f the remote. The optional ssl_verify argument takes a Lua boolean value to -control whether to perform SSL verification. When set to `true`, the server +control whether to perform SSL verification. When set to true, the server certificate will be verified according to the CA certificates specified by the [[#lua_ssl_trusted_certificate|lua_ssl_trusted_certificate]] directive. You may also need to adjust the [[#lua_ssl_verify_depth|lua_ssl_verify_depth]] @@ -6150,7 +6170,7 @@ Then it will generate the output 4 -"Light threads" are mostly useful for doing concurrent upstream requests in a single Nginx request handler, kinda like a generalized version of [[#ngx.location.capture_multi|ngx.location.capture_multi]] that can work with all the [[#Nginx API for Lua|Nginx API for Lua]]. The following example demonstrates parallel requests to MySQL, Memcached, and upstream HTTP services in a single Lua handler, and outputting the results in the order that they actually return (very much like the Facebook BigPipe model): +"Light threads" are mostly useful for making concurrent upstream requests in a single Nginx request handler, much like a generalized version of [[#ngx.location.capture_multi|ngx.location.capture_multi]] that can work with all the [[#Nginx API for Lua|Nginx API for Lua]]. The following example demonstrates parallel requests to MySQL, Memcached, and upstream HTTP services in a single Lua handler, and outputting the results in the order that they actually return (similar to Facebook's BigPipe model): -- query mysql, memcached, and a remote http service at the same time, @@ -6483,8 +6503,8 @@ This directive was first introduced in the v0.9.20 release. '''context:''' ''set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, init_by_lua*, init_worker_by_lua*'' -This string field indicates the current NGINX subsystem the current Lua environment is based on. For this module, this field always takes the string value `"http"`. For -[https://github.com/openresty/stream-lua-nginx-module#readme ngx_stream_lua_module], however, this field takes the value `"stream"`. +This string field indicates the current NGINX subsystem the current Lua environment is based on. For this module, this field always takes the string value "http". For +[https://github.com/openresty/stream-lua-nginx-module#readme ngx_stream_lua_module], however, this field takes the value "stream". This field was first introduced in the 0.10.1. @@ -6565,7 +6585,7 @@ This API was first introduced in the 0.9.5 release. Returns the total number of the Nginx worker processes (i.e., the value configured by the [http://nginx.org/en/docs/ngx_core_module.html#worker_processes worker_processes] -directive in `nginx.conf`). +directive in nginx.conf). This API was first introduced in the 0.9.20 release. @@ -6577,11 +6597,11 @@ This API was first introduced in the 0.9.20 release. Returns the ordinal number of the current Nginx worker processes (starting from number 0). -So if the total number of workers is `N`, then this method may return a number between 0 -and `N - 1` (inclusive). +So if the total number of workers is N, then this method may return a number between 0 +and N - 1 (inclusive). This function returns meaningful values only for NGINX 1.9.1+. With earlier versions of NGINX, it -always returns `nil`. +always returns nil. See also [[#ngx.worker.count|ngx.worker.count]]. From 7f9387cedc5161e14c3b7fe01559b94c0a33e678 Mon Sep 17 00:00:00 2001 From: soul11201 Date: Wed, 15 Feb 2017 17:35:38 +0800 Subject: [PATCH 057/136] doc: fixed a typo. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index c13f2dacc2..349dbed7f8 100644 --- a/README.markdown +++ b/README.markdown @@ -3565,7 +3565,7 @@ When being used in the context of [init_worker_by_lua*](#init_worker_by_lua), th The `ngx.ctx` lookup requires relatively expensive metamethod calls and it is much slower than explicitly passing per-request data along by your own function arguments. So do not abuse this API for saving your own function arguments because it usually has quite some performance impact. -Because of the metamethod magic, never "local" the `ngx.ctx` table outside your Lua function scope on the Lua module level level due to [worker-level data sharing](#data-sharing-within-an-nginx-worker). For example, the following is bad: +Because of the metamethod magic, never "local" the `ngx.ctx` table outside your Lua function scope on the Lua module level due to [worker-level data sharing](#data-sharing-within-an-nginx-worker). For example, the following is bad: ```lua diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 71912d8796..8bc2acb6ee 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -2897,7 +2897,7 @@ When being used in the context of [[#init_worker_by_lua|init_worker_by_lua*]], t The ngx.ctx lookup requires relatively expensive metamethod calls and it is much slower than explicitly passing per-request data along by your own function arguments. So do not abuse this API for saving your own function arguments because it usually has quite some performance impact. -Because of the metamethod magic, never "local" the ngx.ctx table outside your Lua function scope on the Lua module level level due to [[#Data_Sharing_within_an_Nginx_Worker|worker-level data sharing]]. For example, the following is bad: +Because of the metamethod magic, never "local" the ngx.ctx table outside your Lua function scope on the Lua module level due to [[#Data_Sharing_within_an_Nginx_Worker|worker-level data sharing]]. For example, the following is bad: -- mymodule.lua From 32fea9e665e5acd14d8d0348bfb0d53c666ea076 Mon Sep 17 00:00:00 2001 From: YuanSheng Date: Thu, 16 Feb 2017 10:35:37 +0800 Subject: [PATCH 058/136] util/reindex: trims the extra newline characters at the end of the test file. Signed-off-by: Yichun Zhang (agentzh) --- util/reindex | 2 ++ 1 file changed, 2 insertions(+) diff --git a/util/reindex b/util/reindex index bd54c9dfe1..f094a43dd4 100755 --- a/util/reindex +++ b/util/reindex @@ -44,7 +44,9 @@ sub reindex { push @lines, $_; } close $in; + my $text = join '', @lines; + $text =~ s/\n+\z/\n/sm; $text =~ s/(?x) \n+ === \s+ TEST/\n\n\n\n=== TEST/ixsg; $text =~ s/__(DATA|END)__\n+=== TEST/__${1}__\n\n=== TEST/; #$text =~ s/\n+$/\n\n/s; From 772e6fdaa99baa9a0dd2dd1a20dbdd80b35c7896 Mon Sep 17 00:00:00 2001 From: YuanSheng Date: Thu, 16 Feb 2017 15:20:33 +0800 Subject: [PATCH 059/136] tests: removed superfluous empty lines at the end of the test files. Signed-off-by: Yichun Zhang (agentzh) --- t/000--init.t | 1 - t/000-sanity.t | 1 - t/001-set.t | 1 - t/002-content.t | 1 - t/003-errors.t | 1 - t/004-require.t | 1 - t/005-exit.t | 1 - t/006-escape.t | 1 - t/007-md5.t | 1 - t/008-today.t | 1 - t/009-log.t | 1 - t/010-request_body.t | 1 - t/012-now.t | 1 - t/014-bugs.t | 1 - t/017-exec.t | 1 - t/018-ndk.t | 1 - t/019-const.t | 1 - t/021-cookie-time.t | 1 - t/023-rewrite/client-abort.t | 1 - t/023-rewrite/exec.t | 1 - t/023-rewrite/exit.t | 1 - t/023-rewrite/mixed.t | 1 - t/023-rewrite/multi-capture.t | 1 - t/023-rewrite/on-abort.t | 1 - t/023-rewrite/redirect.t | 1 - t/023-rewrite/req-body.t | 1 - t/023-rewrite/req-socket.t | 1 - t/023-rewrite/request_body.t | 1 - t/023-rewrite/sanity.t | 1 - t/023-rewrite/sleep.t | 1 - t/023-rewrite/socket-keepalive.t | 1 - t/023-rewrite/subrequest.t | 1 - t/023-rewrite/tcp-socket-timeout.t | 1 - t/023-rewrite/tcp-socket.t | 1 - t/023-rewrite/unix-socket.t | 1 - t/023-rewrite/uthread-redirect.t | 1 - t/023-rewrite/uthread-spawn.t | 1 - t/024-access/auth.t | 1 - t/024-access/client-abort.t | 1 - t/024-access/exit.t | 1 - t/024-access/multi-capture.t | 1 - t/024-access/on-abort.t | 1 - t/024-access/redirect.t | 1 - t/024-access/req-body.t | 1 - t/024-access/request_body.t | 1 - t/024-access/sanity.t | 1 - t/024-access/satisfy.t | 1 - t/024-access/sleep.t | 1 - t/024-access/subrequest.t | 1 - t/024-access/uthread-exec.t | 1 - t/024-access/uthread-exit.t | 1 - t/024-access/uthread-redirect.t | 1 - t/024-access/uthread-spawn.t | 1 - t/025-codecache.t | 1 - t/027-multi-capture.t | 1 - t/029-http-time.t | 1 - t/030-uri-args.t | 1 - t/032-iolist.t | 1 - t/033-ctx.t | 1 - t/035-gmatch.t | 1 - t/038-match-o.t | 1 - t/039-sub-o.t | 1 - t/040-gsub-o.t | 1 - t/041-header-filter.t | 1 - t/042-crc32.t | 1 - t/045-ngx-var.t | 1 - t/046-hmac.t | 1 - t/047-match-jit.t | 1 - t/048-match-dfa.t | 1 - t/049-gmatch-jit.t | 1 - t/051-sub-jit.t | 1 - t/053-gsub-jit.t | 1 - t/055-subreq-vars.t | 1 - t/056-flush.t | 1 - t/057-flush-timeout.t | 1 - t/060-lua-memcached.t | 1 - t/061-lua-redis.t | 1 - t/063-abort.t | 1 - t/064-pcall.t | 1 - t/065-tcp-socket-timeout.t | 1 - t/066-socket-receiveuntil.t | 1 - t/067-req-socket.t | 1 - t/069-null.t | 1 - t/071-idle-socket.t | 1 - t/072-conditional-get.t | 1 - t/073-backtrace.t | 1 - t/074-prefix-var.t | 1 - t/075-logby.t | 1 - t/077-sleep.t | 1 - t/078-hup-vars.t | 1 - t/079-unused-directives.t | 1 - t/080-hup-shdict.t | 1 - t/083-bad-sock-self.t | 1 - t/084-inclusive-receiveuntil.t | 1 - t/085-if.t | 1 - t/087-udp-socket.t | 1 - t/088-req-method.t | 1 - t/089-phase.t | 1 - t/091-coroutine.t | 1 - t/092-eof.t | 1 - t/093-uthread-spawn.t | 1 - t/094-uthread-exit.t | 1 - t/095-uthread-exec.t | 1 - t/096-uthread-redirect.t | 1 - t/097-uthread-rewrite.t | 1 - t/098-uthread-wait.t | 1 - t/100-client-abort.t | 1 - t/101-on-abort.t | 1 - t/102-req-start-time.t | 1 - t/103-req-http-ver.t | 1 - t/104-req-raw-header.t | 1 - t/105-pressure.t | 1 - t/106-timer.t | 1 - t/107-timer-errors.t | 1 - t/108-timer-safe.t | 1 - t/109-timer-hup.t | 1 - t/110-etag.t | 1 - t/111-req-header-ua.t | 1 - t/112-req-header-conn.t | 1 - t/113-req-header-cookie.t | 1 - t/115-quote-sql-str.t | 1 - t/116-raw-req-socket.t | 1 - t/117-raw-req-socket-timeout.t | 1 - t/119-config-prefix.t | 1 - t/121-version.t | 1 - t/122-worker.t | 1 - t/123-lua-path.t | 1 - t/125-configure-args.t | 1 - t/126-shdict-frag.t | 1 - t/127-uthread-kill.t | 1 - t/128-duplex-tcp-socket.t | 1 - t/130-internal-api.t | 1 - t/137-req-misc.t | 1 - 133 files changed, 133 deletions(-) diff --git a/t/000--init.t b/t/000--init.t index 364334f5f0..ad2d70e76d 100644 --- a/t/000--init.t +++ b/t/000--init.t @@ -84,4 +84,3 @@ GET /flush --- timeout: 10 --- no_error_log [error] - diff --git a/t/000-sanity.t b/t/000-sanity.t index 3f667522c1..87854ef99e 100644 --- a/t/000-sanity.t +++ b/t/000-sanity.t @@ -31,4 +31,3 @@ GET /lua GET /lua --- response_body helloworld - diff --git a/t/001-set.t b/t/001-set.t index 2295a2d7d9..ba8f22cb68 100644 --- a/t/001-set.t +++ b/t/001-set.t @@ -795,4 +795,3 @@ GET /lua?a=1&b=2 --- error_code: 500 --- error_log eval qr/failed to load external Lua file ".*?test2\.lua": cannot open .*? No such file or directory/ - diff --git a/t/002-content.t b/t/002-content.t index e6cb62d1d0..3f2460e676 100644 --- a/t/002-content.t +++ b/t/002-content.t @@ -836,4 +836,3 @@ GET /lua --- error_code: 500 --- error_log eval qr/failed to load inlined Lua code: / - diff --git a/t/003-errors.t b/t/003-errors.t index 764300a8ca..ad3a506da0 100644 --- a/t/003-errors.t +++ b/t/003-errors.t @@ -126,4 +126,3 @@ GET /main GET /main --- response_body 500 - diff --git a/t/004-require.t b/t/004-require.t index 3250b2f012..ec74116647 100644 --- a/t/004-require.t +++ b/t/004-require.t @@ -208,4 +208,3 @@ GET /ndk GET /ndk --- response_body %20 - diff --git a/t/005-exit.t b/t/005-exit.t index 781531f38a..a5a28b3e28 100644 --- a/t/005-exit.t +++ b/t/005-exit.t @@ -723,4 +723,3 @@ GET /t --- response_body --- no_error_log [error] - diff --git a/t/006-escape.t b/t/006-escape.t index 7b26bba7a1..0fb67a30f1 100644 --- a/t/006-escape.t +++ b/t/006-escape.t @@ -180,4 +180,3 @@ GET /t GET /t --- response_body [32] - diff --git a/t/007-md5.t b/t/007-md5.t index 501e3afab8..2ae9efb257 100644 --- a/t/007-md5.t +++ b/t/007-md5.t @@ -100,4 +100,3 @@ d41d8cd98f00b204e9800998ecf8427e GET /md5 --- response_body 6c8349cc7260ae62e3b1396831a8398f - diff --git a/t/008-today.t b/t/008-today.t index 54bd949e45..ec2f4338e4 100644 --- a/t/008-today.t +++ b/t/008-today.t @@ -36,4 +36,3 @@ GET /today --- request GET /today --- response_body_like: ^\d{4}-\d{2}-\d{2}$ - diff --git a/t/009-log.t b/t/009-log.t index 0c6a9a5e19..68c057f82d 100644 --- a/t/009-log.t +++ b/t/009-log.t @@ -542,4 +542,3 @@ ok [error] --- error_log eval "2: hello\0world, client: " - diff --git a/t/010-request_body.t b/t/010-request_body.t index 2640a544bf..e669d9480e 100644 --- a/t/010-request_body.t +++ b/t/010-request_body.t @@ -270,4 +270,3 @@ Expect: 100-Continue http finalize request: 500, "/echo_body?" a:1, c:2 http finalize request: 500, "/echo_body?" a:1, c:0 --- log_level: debug - diff --git a/t/012-now.t b/t/012-now.t index abcb735431..58851879db 100644 --- a/t/012-now.t +++ b/t/012-now.t @@ -116,4 +116,3 @@ GET /time --- request GET /time --- response_body_like: ^\d{10,}(\.\d{1,3})?$ - diff --git a/t/014-bugs.t b/t/014-bugs.t index 8e5ee3f7f2..9aadff0e25 100644 --- a/t/014-bugs.t +++ b/t/014-bugs.t @@ -1018,4 +1018,3 @@ write timer set: 1 --- no_error_log [error] [alert] - diff --git a/t/017-exec.t b/t/017-exec.t index 4c7a918fd7..535c4ab8ee 100644 --- a/t/017-exec.t +++ b/t/017-exec.t @@ -572,4 +572,3 @@ hello, bah ["dummy", "dummy"] --- no_error_log [error] - diff --git a/t/018-ndk.t b/t/018-ndk.t index d68306bcd8..14293772d6 100644 --- a/t/018-ndk.t +++ b/t/018-ndk.t @@ -171,4 +171,3 @@ ok foo = a b --- no_error_log [error] - diff --git a/t/019-const.t b/t/019-const.t index fe79bfb651..4f9c7640c7 100644 --- a/t/019-const.t +++ b/t/019-const.t @@ -44,4 +44,3 @@ GET /read GET /read --- response_body 504 - diff --git a/t/021-cookie-time.t b/t/021-cookie-time.t index c00bbeac05..b05e401884 100644 --- a/t/021-cookie-time.t +++ b/t/021-cookie-time.t @@ -43,4 +43,3 @@ Thu, 18-Nov-10 11:27:35 GMT GET /lua --- response_body Thu, 18-Nov-10 11:27:35 GMT - diff --git a/t/023-rewrite/client-abort.t b/t/023-rewrite/client-abort.t index e9708023e3..117d17e5ef 100644 --- a/t/023-rewrite/client-abort.t +++ b/t/023-rewrite/client-abort.t @@ -848,4 +848,3 @@ delete thread 1 --- no_error_log [error] [alert] - diff --git a/t/023-rewrite/exec.t b/t/023-rewrite/exec.t index a063b5b22f..bd97968bc7 100644 --- a/t/023-rewrite/exec.t +++ b/t/023-rewrite/exec.t @@ -376,4 +376,3 @@ ngx.exec("@proxy") GET /main --- response_body hello, bah - diff --git a/t/023-rewrite/exit.t b/t/023-rewrite/exit.t index 9d292f7546..39ea5cbd62 100644 --- a/t/023-rewrite/exit.t +++ b/t/023-rewrite/exit.t @@ -595,4 +595,3 @@ F(ngx_http_send_header) { --- error_code: 204 --- no_error_log [error] - diff --git a/t/023-rewrite/mixed.t b/t/023-rewrite/mixed.t index 1156567605..0f742b255a 100644 --- a/t/023-rewrite/mixed.t +++ b/t/023-rewrite/mixed.t @@ -167,4 +167,3 @@ world\x03\x04\xff hello\x00\x01\x02 world\x03\x04\xff " - diff --git a/t/023-rewrite/multi-capture.t b/t/023-rewrite/multi-capture.t index 44629b079f..083ec78c90 100644 --- a/t/023-rewrite/multi-capture.t +++ b/t/023-rewrite/multi-capture.t @@ -392,4 +392,3 @@ res4.status = 201 res4.body = STORED\r " - diff --git a/t/023-rewrite/on-abort.t b/t/023-rewrite/on-abort.t index aca2ab6b13..336b7ce4b5 100644 --- a/t/023-rewrite/on-abort.t +++ b/t/023-rewrite/on-abort.t @@ -654,4 +654,3 @@ delete thread 2 --- no_error_log [error] - diff --git a/t/023-rewrite/redirect.t b/t/023-rewrite/redirect.t index 8843f1a7ee..99f3fd4f70 100644 --- a/t/023-rewrite/redirect.t +++ b/t/023-rewrite/redirect.t @@ -122,4 +122,3 @@ GET /read --- raw_response_headers_like: Location: /foo\r\n --- response_body_like: 302 Found --- error_code: 302 - diff --git a/t/023-rewrite/req-body.t b/t/023-rewrite/req-body.t index 2f42e0aeaf..13bdcb2511 100644 --- a/t/023-rewrite/req-body.t +++ b/t/023-rewrite/req-body.t @@ -221,4 +221,3 @@ hiya, world"] --- no_error_log [error] [alert] - diff --git a/t/023-rewrite/req-socket.t b/t/023-rewrite/req-socket.t index 34aedaab8c..87cbbbef26 100644 --- a/t/023-rewrite/req-socket.t +++ b/t/023-rewrite/req-socket.t @@ -532,4 +532,3 @@ Expect: 100-Continue \breceived: hello\b.*?\breceived: worl\b --- no_error_log [error] - diff --git a/t/023-rewrite/request_body.t b/t/023-rewrite/request_body.t index 0594001f48..b867d3a82c 100644 --- a/t/023-rewrite/request_body.t +++ b/t/023-rewrite/request_body.t @@ -170,4 +170,3 @@ Expect: 100-Continue http finalize request: 500, "/echo_body?" a:1, c:2 http finalize request: 500, "/echo_body?" a:1, c:0 --- log_level: debug - diff --git a/t/023-rewrite/sanity.t b/t/023-rewrite/sanity.t index 20b00e29ec..b90aa0e167 100644 --- a/t/023-rewrite/sanity.t +++ b/t/023-rewrite/sanity.t @@ -799,4 +799,3 @@ test test --- no_error_log [alert] - diff --git a/t/023-rewrite/sleep.t b/t/023-rewrite/sleep.t index 1719784bd9..8d4c2da2ea 100644 --- a/t/023-rewrite/sleep.t +++ b/t/023-rewrite/sleep.t @@ -219,4 +219,3 @@ hello world hello world --- no_error_log [error] - diff --git a/t/023-rewrite/socket-keepalive.t b/t/023-rewrite/socket-keepalive.t index 50de0b39cf..489a70fc93 100644 --- a/t/023-rewrite/socket-keepalive.t +++ b/t/023-rewrite/socket-keepalive.t @@ -1007,4 +1007,3 @@ Not found, dear... --- error_code: 404 --- no_error_log [error] - diff --git a/t/023-rewrite/subrequest.t b/t/023-rewrite/subrequest.t index a307388ece..5d1e8f0839 100644 --- a/t/023-rewrite/subrequest.t +++ b/t/023-rewrite/subrequest.t @@ -639,4 +639,3 @@ the nginx core requires the patch https://github.com/agentzh/ngx_openresty/blob/ GET /t --- response_body done - diff --git a/t/023-rewrite/tcp-socket-timeout.t b/t/023-rewrite/tcp-socket-timeout.t index 68a27059a7..15bec7fad7 100644 --- a/t/023-rewrite/tcp-socket-timeout.t +++ b/t/023-rewrite/tcp-socket-timeout.t @@ -612,4 +612,3 @@ failed to send: timeout lua tcp socket send timeout: 102 lua tcp socket connect timeout: 60000 lua tcp socket write timed out - diff --git a/t/023-rewrite/tcp-socket.t b/t/023-rewrite/tcp-socket.t index e84734cca6..bff69a5876 100644 --- a/t/023-rewrite/tcp-socket.t +++ b/t/023-rewrite/tcp-socket.t @@ -2390,4 +2390,3 @@ qr/runtime error: rewrite_by_lua\(nginx\.conf:\d+\):16: bad request/ --- no_error_log [alert] - diff --git a/t/023-rewrite/unix-socket.t b/t/023-rewrite/unix-socket.t index 098dd673aa..8a5f00019b 100644 --- a/t/023-rewrite/unix-socket.t +++ b/t/023-rewrite/unix-socket.t @@ -150,4 +150,3 @@ received: received: foo failed to receive a line: closed close: 1 nil - diff --git a/t/023-rewrite/uthread-redirect.t b/t/023-rewrite/uthread-redirect.t index 0f125e0913..83de1a36ed 100644 --- a/t/023-rewrite/uthread-redirect.t +++ b/t/023-rewrite/uthread-redirect.t @@ -186,4 +186,3 @@ free request --- error_code: 302 --- no_error_log [error] - diff --git a/t/023-rewrite/uthread-spawn.t b/t/023-rewrite/uthread-spawn.t index 58af7d064b..5552107e39 100644 --- a/t/023-rewrite/uthread-spawn.t +++ b/t/023-rewrite/uthread-spawn.t @@ -1449,4 +1449,3 @@ status: 204 --- no_error_log [error] --- timeout: 3 - diff --git a/t/024-access/auth.t b/t/024-access/auth.t index 5da09cbf0c..56e9862621 100644 --- a/t/024-access/auth.t +++ b/t/024-access/auth.t @@ -107,4 +107,3 @@ Location: /terms_of_use\.html GET /lua --- response_body_like: 403 Forbidden --- error_code: 403 - diff --git a/t/024-access/client-abort.t b/t/024-access/client-abort.t index a94f822d09..c16f4eaab7 100644 --- a/t/024-access/client-abort.t +++ b/t/024-access/client-abort.t @@ -850,4 +850,3 @@ delete thread 1 --- no_error_log [error] [alert] - diff --git a/t/024-access/exit.t b/t/024-access/exit.t index 8470ab9cef..d6d66b8cfe 100644 --- a/t/024-access/exit.t +++ b/t/024-access/exit.t @@ -545,4 +545,3 @@ Not found, dear... --- response_body Not found, dear... --- error_code: 404 - diff --git a/t/024-access/multi-capture.t b/t/024-access/multi-capture.t index 368d40154e..930b74dad9 100644 --- a/t/024-access/multi-capture.t +++ b/t/024-access/multi-capture.t @@ -392,4 +392,3 @@ res4.status = 201 res4.body = STORED\r " - diff --git a/t/024-access/on-abort.t b/t/024-access/on-abort.t index 0c17b55fee..5bb948bb68 100644 --- a/t/024-access/on-abort.t +++ b/t/024-access/on-abort.t @@ -649,4 +649,3 @@ delete thread 2 --- no_error_log [error] - diff --git a/t/024-access/redirect.t b/t/024-access/redirect.t index c7ce512eb0..b45fac718b 100644 --- a/t/024-access/redirect.t +++ b/t/024-access/redirect.t @@ -122,4 +122,3 @@ GET /read --- raw_response_headers_like: Location: /foo\r\n --- response_body_like: 302 Found --- error_code: 302 - diff --git a/t/024-access/req-body.t b/t/024-access/req-body.t index fd33aff37e..70db85c1c2 100644 --- a/t/024-access/req-body.t +++ b/t/024-access/req-body.t @@ -218,4 +218,3 @@ hiya, world"] --- no_error_log [error] [alert] - diff --git a/t/024-access/request_body.t b/t/024-access/request_body.t index a6fead207d..fa03195272 100644 --- a/t/024-access/request_body.t +++ b/t/024-access/request_body.t @@ -170,4 +170,3 @@ Expect: 100-Continue http finalize request: 500, "/echo_body?" a:1, c:2 http finalize request: 500, "/echo_body?" a:1, c:0 --- log_level: debug - diff --git a/t/024-access/sanity.t b/t/024-access/sanity.t index de63a68ef7..7ff177fcf7 100644 --- a/t/024-access/sanity.t +++ b/t/024-access/sanity.t @@ -741,4 +741,3 @@ test test --- no_error_log [alert] - diff --git a/t/024-access/satisfy.t b/t/024-access/satisfy.t index 10d3ecef39..7902f4938e 100644 --- a/t/024-access/satisfy.t +++ b/t/024-access/satisfy.t @@ -209,4 +209,3 @@ something important --- error_code: 200 --- no_error_log [error] - diff --git a/t/024-access/sleep.t b/t/024-access/sleep.t index 2eb08227af..fc1fc024b5 100644 --- a/t/024-access/sleep.t +++ b/t/024-access/sleep.t @@ -219,4 +219,3 @@ hello world hello world --- no_error_log [error] - diff --git a/t/024-access/subrequest.t b/t/024-access/subrequest.t index bfe96d6a91..b6ccf11990 100644 --- a/t/024-access/subrequest.t +++ b/t/024-access/subrequest.t @@ -599,4 +599,3 @@ the nginx core requires the patch https://github.com/agentzh/ngx_openresty/blob/ GET /t --- response_body done - diff --git a/t/024-access/uthread-exec.t b/t/024-access/uthread-exec.t index d7c23213eb..7add3d4218 100644 --- a/t/024-access/uthread-exec.t +++ b/t/024-access/uthread-exec.t @@ -344,4 +344,3 @@ free request end --- error_log attempt to abort with pending subrequests - diff --git a/t/024-access/uthread-exit.t b/t/024-access/uthread-exit.t index da4a9dbfe4..7c146ae7ec 100644 --- a/t/024-access/uthread-exit.t +++ b/t/024-access/uthread-exit.t @@ -1311,4 +1311,3 @@ free request end --- error_log attempt to abort with pending subrequests - diff --git a/t/024-access/uthread-redirect.t b/t/024-access/uthread-redirect.t index 8b030ac317..4eb4759585 100644 --- a/t/024-access/uthread-redirect.t +++ b/t/024-access/uthread-redirect.t @@ -187,4 +187,3 @@ free request --- error_code: 302 --- no_error_log [error] - diff --git a/t/024-access/uthread-spawn.t b/t/024-access/uthread-spawn.t index 415e4c0c4c..7c7ba3b931 100644 --- a/t/024-access/uthread-spawn.t +++ b/t/024-access/uthread-spawn.t @@ -1116,4 +1116,3 @@ body: hello world)$ --- no_error_log [error] - diff --git a/t/025-codecache.t b/t/025-codecache.t index f33452a780..0b02a2722f 100644 --- a/t/025-codecache.t +++ b/t/025-codecache.t @@ -1244,4 +1244,3 @@ qr/\[alert\] \S+ lua_code_cache is off; this will hurt performance/, "decrementing the reference count for Lua VM: 1", "lua close the global Lua VM", ] - diff --git a/t/027-multi-capture.t b/t/027-multi-capture.t index 3588c69f45..9227fe5329 100644 --- a/t/027-multi-capture.t +++ b/t/027-multi-capture.t @@ -752,4 +752,3 @@ proxy_cache_path conf/cache levels=1:2 keys_zone=STATIC:10m inactive=10m max_siz GET /foo --- response_body ok - diff --git a/t/029-http-time.t b/t/029-http-time.t index 71a7758cad..ecef4921a7 100644 --- a/t/029-http-time.t +++ b/t/029-http-time.t @@ -85,4 +85,3 @@ GET /lua GET /lua --- response_body nil - diff --git a/t/030-uri-args.t b/t/030-uri-args.t index 8ee8401688..30d66d0401 100644 --- a/t/030-uri-args.t +++ b/t/030-uri-args.t @@ -1389,4 +1389,3 @@ GET /lua GET /foo?world --- response_body_like ^HTTP/1.0 (a=3&b|b&a=3)$ - diff --git a/t/032-iolist.t b/t/032-iolist.t index ddf3d7f073..3c56032892 100644 --- a/t/032-iolist.t +++ b/t/032-iolist.t @@ -76,4 +76,3 @@ GET /lua GET /lua --- response_body_like: 500 Internal Server Error --- error_code: 500 - diff --git a/t/033-ctx.t b/t/033-ctx.t index eefb21661b..8fc50aa7a0 100644 --- a/t/033-ctx.t +++ b/t/033-ctx.t @@ -440,4 +440,3 @@ lua release ngx.ctx at ref --- response_body --- no_error_log [error] - diff --git a/t/035-gmatch.t b/t/035-gmatch.t index cbc673385e..5b63ae45a2 100644 --- a/t/035-gmatch.t +++ b/t/035-gmatch.t @@ -901,4 +901,3 @@ end GET /re --- response_body failed to match - diff --git a/t/038-match-o.t b/t/038-match-o.t index 628e27f558..d61ff1fdaa 100644 --- a/t/038-match-o.t +++ b/t/038-match-o.t @@ -740,4 +740,3 @@ false hello false false - diff --git a/t/039-sub-o.t b/t/039-sub-o.t index a861b6cce8..580a67161e 100644 --- a/t/039-sub-o.t +++ b/t/039-sub-o.t @@ -578,4 +578,3 @@ a [b c] [b] [c] [] [] d --- response_body a [b c] [b] [c] d 1 - diff --git a/t/040-gsub-o.t b/t/040-gsub-o.t index 90619b06ee..534726611d 100644 --- a/t/040-gsub-o.t +++ b/t/040-gsub-o.t @@ -198,4 +198,3 @@ hello, world --- response_body [hello,h], [world,w] 2 - diff --git a/t/041-header-filter.t b/t/041-header-filter.t index 553ee432e2..9cca3b749f 100644 --- a/t/041-header-filter.t +++ b/t/041-header-filter.t @@ -790,4 +790,3 @@ GET /t --- error_code: 302 --- no_error_log [error] - diff --git a/t/042-crc32.t b/t/042-crc32.t index 86d9201212..73aa1f433d 100644 --- a/t/042-crc32.t +++ b/t/042-crc32.t @@ -54,4 +54,3 @@ GET /test GET /test --- response_body 0 - diff --git a/t/045-ngx-var.t b/t/045-ngx-var.t index 8f2dcb38ac..b5fcc8107b 100644 --- a/t/045-ngx-var.t +++ b/t/045-ngx-var.t @@ -226,4 +226,3 @@ GET /test?hello --- error_log variable "query_string" not changeable --- error_code: 500 - diff --git a/t/046-hmac.t b/t/046-hmac.t index 686b479e11..32e222ba72 100644 --- a/t/046-hmac.t +++ b/t/046-hmac.t @@ -29,4 +29,3 @@ __DATA__ GET /lua --- response_body R/pvxzHC4NLtj7S+kXFg/NePTmk= - diff --git a/t/047-match-jit.t b/t/047-match-jit.t index 077ebb6684..2417a63ad3 100644 --- a/t/047-match-jit.t +++ b/t/047-match-jit.t @@ -212,4 +212,3 @@ end GET /re --- response_body failed to match - diff --git a/t/048-match-dfa.t b/t/048-match-dfa.t index 8a0a328f43..28b5a604c3 100644 --- a/t/048-match-dfa.t +++ b/t/048-match-dfa.t @@ -207,4 +207,3 @@ exec opts: 0 你 --- no_error_log [error] - diff --git a/t/049-gmatch-jit.t b/t/049-gmatch-jit.t index 614c440388..5134d526b5 100644 --- a/t/049-gmatch-jit.t +++ b/t/049-gmatch-jit.t @@ -226,4 +226,3 @@ qr/pcre JIT compiling result: \d+/ error: pcre_compile() failed: missing ) in "(abc" --- no_error_log [error] - diff --git a/t/051-sub-jit.t b/t/051-sub-jit.t index 789e897aa2..c8a49c0516 100644 --- a/t/051-sub-jit.t +++ b/t/051-sub-jit.t @@ -147,4 +147,3 @@ error: pcre_compile() failed: missing ) in "(abc" error: pcre_compile() failed: missing ) in "(abc" --- no_error_log [error] - diff --git a/t/053-gsub-jit.t b/t/053-gsub-jit.t index 3a2a1aa4e5..3efc0a24a5 100644 --- a/t/053-gsub-jit.t +++ b/t/053-gsub-jit.t @@ -147,4 +147,3 @@ error: pcre_compile() failed: missing ) in "(abc" error: pcre_compile() failed: missing ) in "(abc" --- no_error_log [error] - diff --git a/t/055-subreq-vars.t b/t/055-subreq-vars.t index 2fc696033b..eb5e24d447 100644 --- a/t/055-subreq-vars.t +++ b/t/055-subreq-vars.t @@ -336,4 +336,3 @@ dog = hiya cat = 56 parent dog: blah parent cat: foo - diff --git a/t/056-flush.t b/t/056-flush.t index d189cd5837..6b697a4233 100644 --- a/t/056-flush.t +++ b/t/056-flush.t @@ -520,4 +520,3 @@ qr/lua flush requires waiting: buffered 0x[0-9a-f]+, delayed:1/, --- no_error_log [error] --- timeout: 4 - diff --git a/t/057-flush-timeout.t b/t/057-flush-timeout.t index d6e0f868ef..a04653991e 100644 --- a/t/057-flush-timeout.t +++ b/t/057-flush-timeout.t @@ -318,4 +318,3 @@ qr/failed to flush: client aborted/, --- timeout: 0.2 --- abort --- wait: 1 - diff --git a/t/060-lua-memcached.t b/t/060-lua-memcached.t index e1ebb92b84..0751238627 100644 --- a/t/060-lua-memcached.t +++ b/t/060-lua-memcached.t @@ -166,4 +166,3 @@ some_key: hello 1234 [error] --- error_log lua reuse free buf memory - diff --git a/t/061-lua-redis.t b/t/061-lua-redis.t index d7b1876849..ebfa6d1997 100644 --- a/t/061-lua-redis.t +++ b/t/061-lua-redis.t @@ -182,4 +182,3 @@ abort: function msg type: nil --- no_error_log [error] - diff --git a/t/063-abort.t b/t/063-abort.t index c112ee10a2..411a07eee9 100644 --- a/t/063-abort.t +++ b/t/063-abort.t @@ -1017,4 +1017,3 @@ foo --- no_error_log [error] --- timeout: 2 - diff --git a/t/064-pcall.t b/t/064-pcall.t index cf90a07ae3..3011f3e46a 100644 --- a/t/064-pcall.t +++ b/t/064-pcall.t @@ -104,4 +104,3 @@ $/ --- no_error_log [error] - diff --git a/t/065-tcp-socket-timeout.t b/t/065-tcp-socket-timeout.t index 6f903e89f1..212766ecf6 100644 --- a/t/065-tcp-socket-timeout.t +++ b/t/065-tcp-socket-timeout.t @@ -994,4 +994,3 @@ close: 1 nil --- no_error_log [error] - diff --git a/t/066-socket-receiveuntil.t b/t/066-socket-receiveuntil.t index 3bf5229694..ffe74aa354 100644 --- a/t/066-socket-receiveuntil.t +++ b/t/066-socket-receiveuntil.t @@ -1329,4 +1329,3 @@ this exposed a memory leak in receiveuntil ok --- no_error_log [error] - diff --git a/t/067-req-socket.t b/t/067-req-socket.t index 30a653ad21..229d5ccf41 100644 --- a/t/067-req-socket.t +++ b/t/067-req-socket.t @@ -1096,4 +1096,3 @@ done --- grep_error_log_out lua finalize socket GC cycle done - diff --git a/t/069-null.t b/t/069-null.t index 7761c917cf..e4c26afb90 100644 --- a/t/069-null.t +++ b/t/069-null.t @@ -93,4 +93,3 @@ done ngx.null: null --- no_error_log [error] - diff --git a/t/071-idle-socket.t b/t/071-idle-socket.t index 55d25c650e..c9002be8ea 100644 --- a/t/071-idle-socket.t +++ b/t/071-idle-socket.t @@ -431,4 +431,3 @@ failed to set keepalive: unread data in buffer } --- no_error_log [error] - diff --git a/t/072-conditional-get.t b/t/072-conditional-get.t index 4bb567a9e7..7cf2dcd22d 100644 --- a/t/072-conditional-get.t +++ b/t/072-conditional-get.t @@ -88,4 +88,3 @@ delete thread 1 say failed: nginx output filter error --- no_error_log [error] - diff --git a/t/073-backtrace.t b/t/073-backtrace.t index aae4bae8a5..6c5469218d 100644 --- a/t/073-backtrace.t +++ b/t/073-backtrace.t @@ -187,4 +187,3 @@ probe process("$LIBLUA_PATH").function("lua_concat") { :79: in function 'func20' :83: in function 'func21' ... - diff --git a/t/074-prefix-var.t b/t/074-prefix-var.t index 3cc4587d05..c116d8465a 100644 --- a/t/074-prefix-var.t +++ b/t/074-prefix-var.t @@ -64,4 +64,3 @@ GET /t Greetings from module foo. --- no_error_log [error] - diff --git a/t/075-logby.t b/t/075-logby.t index f987c8ee58..520c62e314 100644 --- a/t/075-logby.t +++ b/t/075-logby.t @@ -581,4 +581,3 @@ qr{log_by_lua\(nginx\.conf:\d+\):1: content-type: text/plain} --- no_error_log [error] - diff --git a/t/077-sleep.t b/t/077-sleep.t index a7c251a500..7d295c2b5d 100644 --- a/t/077-sleep.t +++ b/t/077-sleep.t @@ -404,4 +404,3 @@ ok --- no_error_log [error] [alert] - diff --git a/t/078-hup-vars.t b/t/078-hup-vars.t index 8acc346d21..5072c4d292 100644 --- a/t/078-hup-vars.t +++ b/t/078-hup-vars.t @@ -62,4 +62,3 @@ GET /t localhost --- no_error_log [error] - diff --git a/t/079-unused-directives.t b/t/079-unused-directives.t index cba0e414c6..aacd0d31d5 100644 --- a/t/079-unused-directives.t +++ b/t/079-unused-directives.t @@ -340,4 +340,3 @@ GET /t sub: sub --- no_error_log [error] - diff --git a/t/080-hup-shdict.t b/t/080-hup-shdict.t index f9a0278f45..c7625568ce 100644 --- a/t/080-hup-shdict.t +++ b/t/080-hup-shdict.t @@ -82,4 +82,3 @@ GET /test 10502 number --- no_error_log [error] - diff --git a/t/083-bad-sock-self.t b/t/083-bad-sock-self.t index b93849f055..7a76752d9f 100644 --- a/t/083-bad-sock-self.t +++ b/t/083-bad-sock-self.t @@ -136,4 +136,3 @@ bad argument #1 to 'close' (table expected, got number) --- error_code: 500 --- error_log bad argument #1 to 'setkeepalive' (table expected, got number) - diff --git a/t/084-inclusive-receiveuntil.t b/t/084-inclusive-receiveuntil.t index c96601582b..f7d5d3d189 100644 --- a/t/084-inclusive-receiveuntil.t +++ b/t/084-inclusive-receiveuntil.t @@ -743,4 +743,3 @@ close: 1 nil } --- no_error_log [error] - diff --git a/t/085-if.t b/t/085-if.t index e08b43caec..33f57caf7e 100644 --- a/t/085-if.t +++ b/t/085-if.t @@ -198,4 +198,3 @@ GET /proxy-pass-uri --- response_body_like: It works! --- no_error_log [error] - diff --git a/t/087-udp-socket.t b/t/087-udp-socket.t index c618fd7ad0..a58709b5a7 100644 --- a/t/087-udp-socket.t +++ b/t/087-udp-socket.t @@ -1102,4 +1102,3 @@ qr/runtime error: content_by_lua\(nginx\.conf:\d+\):14: bad request/ --- no_error_log [alert] - diff --git a/t/088-req-method.t b/t/088-req-method.t index 9ced40ccd6..198b3b3492 100644 --- a/t/088-req-method.t +++ b/t/088-req-method.t @@ -262,4 +262,3 @@ method: PATCH method: TRACE --- no_error_log [error] - diff --git a/t/089-phase.t b/t/089-phase.t index 57921fc55e..94b7619ec9 100644 --- a/t/089-phase.t +++ b/t/089-phase.t @@ -176,4 +176,3 @@ GET /lua init_worker --- no_error_log [error] - diff --git a/t/091-coroutine.t b/t/091-coroutine.t index 5f348c2950..bceb512460 100644 --- a/t/091-coroutine.t +++ b/t/091-coroutine.t @@ -1315,4 +1315,3 @@ co yield: 2 --- no_error_log [error] - diff --git a/t/092-eof.t b/t/092-eof.t index a75711f36d..86778dedbf 100644 --- a/t/092-eof.t +++ b/t/092-eof.t @@ -80,4 +80,3 @@ GET /t --- error_log hello, tom hello, jim - diff --git a/t/093-uthread-spawn.t b/t/093-uthread-spawn.t index 772e866c00..b622d30123 100644 --- a/t/093-uthread-spawn.t +++ b/t/093-uthread-spawn.t @@ -1672,4 +1672,3 @@ delete thread 2 f --- no_error_log [error] - diff --git a/t/094-uthread-exit.t b/t/094-uthread-exit.t index cd678c0727..a62377392f 100644 --- a/t/094-uthread-exit.t +++ b/t/094-uthread-exit.t @@ -1648,4 +1648,3 @@ free request [alert] [error] [warn] - diff --git a/t/095-uthread-exec.t b/t/095-uthread-exec.t index 4459360ca6..56156c48a8 100644 --- a/t/095-uthread-exec.t +++ b/t/095-uthread-exec.t @@ -423,4 +423,3 @@ attempt to abort with pending subrequests --- no_error_log [alert] [warn] - diff --git a/t/096-uthread-redirect.t b/t/096-uthread-redirect.t index b0258fb75e..003c6423de 100644 --- a/t/096-uthread-redirect.t +++ b/t/096-uthread-redirect.t @@ -277,4 +277,3 @@ attempt to abort with pending subrequests --- no_error_log [alert] [warn] - diff --git a/t/097-uthread-rewrite.t b/t/097-uthread-rewrite.t index 178a3749ce..a93adc8604 100644 --- a/t/097-uthread-rewrite.t +++ b/t/097-uthread-rewrite.t @@ -344,4 +344,3 @@ free request end --- error_log attempt to abort with pending subrequests - diff --git a/t/098-uthread-wait.t b/t/098-uthread-wait.t index aaf020a0ef..4948596f91 100644 --- a/t/098-uthread-wait.t +++ b/t/098-uthread-wait.t @@ -1321,4 +1321,3 @@ $s; --- no_error_log [error] [alert] - diff --git a/t/100-client-abort.t b/t/100-client-abort.t index cd4685933e..89c1f6ac08 100644 --- a/t/100-client-abort.t +++ b/t/100-client-abort.t @@ -1064,4 +1064,3 @@ GET /t eof succeeded --- error_log eof failed: nginx output filter error - diff --git a/t/101-on-abort.t b/t/101-on-abort.t index 81cec78eb0..182d12c546 100644 --- a/t/101-on-abort.t +++ b/t/101-on-abort.t @@ -846,4 +846,3 @@ done client prematurely closed connection on abort called main handler done - diff --git a/t/102-req-start-time.t b/t/102-req-start-time.t index 1d5fe288aa..3b041afda7 100644 --- a/t/102-req-start-time.t +++ b/t/102-req-start-time.t @@ -113,4 +113,3 @@ true$ --- no_error_log [error] --- SKIP - diff --git a/t/103-req-http-ver.t b/t/103-req-http-ver.t index 6ded75a68a..e6de2388c5 100644 --- a/t/103-req-http-ver.t +++ b/t/103-req-http-ver.t @@ -46,4 +46,3 @@ GET /t HTTP/1.0 1 --- no_error_log [error] - diff --git a/t/104-req-raw-header.t b/t/104-req-raw-header.t index 439b9def3e..efea03cb27 100644 --- a/t/104-req-raw-header.t +++ b/t/104-req-raw-header.t @@ -876,4 +876,3 @@ Foo: bar\r --- no_error_log [error] --- timeout: 5 - diff --git a/t/105-pressure.t b/t/105-pressure.t index 10f495e79a..9d1ba1ff1a 100644 --- a/t/105-pressure.t +++ b/t/105-pressure.t @@ -51,4 +51,3 @@ $::Id = int rand 10000; --- no_error_log [error] - diff --git a/t/106-timer.t b/t/106-timer.t index d0f6f36bdf..04a532e91c 100644 --- a/t/106-timer.t +++ b/t/106-timer.t @@ -2193,4 +2193,3 @@ ok --- error_log Bad bad bad --- skip_nginx: 4: < 1.7.1 - diff --git a/t/107-timer-errors.t b/t/107-timer-errors.t index 9ed1334d54..32016125cf 100644 --- a/t/107-timer-errors.t +++ b/t/107-timer-errors.t @@ -1420,4 +1420,3 @@ qr/\[error\] .*? runtime error: content_by_lua\(nginx\.conf:\d+\):3: API disable "lua ngx.timer expired", "http lua close fake http connection" ] - diff --git a/t/108-timer-safe.t b/t/108-timer-safe.t index 19c9f6d438..2795998a51 100644 --- a/t/108-timer-safe.t +++ b/t/108-timer-safe.t @@ -1395,4 +1395,3 @@ registered timer lua ngx.timer expired http lua close fake http connection trace: [m][f][g] - diff --git a/t/109-timer-hup.t b/t/109-timer-hup.t index 15aaa0ea5d..0864046361 100644 --- a/t/109-timer-hup.t +++ b/t/109-timer-hup.t @@ -500,4 +500,3 @@ ok --- grep_error_log_out lua found 8191 pending timers --- timeout: 20 - diff --git a/t/110-etag.t b/t/110-etag.t index 351fec44f2..0a94d3d4f0 100644 --- a/t/110-etag.t +++ b/t/110-etag.t @@ -81,4 +81,3 @@ If-Modified-Since: Thu, 10 May 2012 07:50:59 GMT --- no_error_log [error] --- skip_nginx: 3: < 1.3.3 - diff --git a/t/111-req-header-ua.t b/t/111-req-header-ua.t index 7c980d00fa..9e501e3c08 100644 --- a/t/111-req-header-ua.t +++ b/t/111-req-header-ua.t @@ -673,4 +673,3 @@ content: konqueror: 1 User-Agent: Mozilla/5.0 (compatible; Konqueror/3.5; Linux) KHTML/3.5.10 (like Gecko) (Kubuntu) --- no_error_log [error] - diff --git a/t/112-req-header-conn.t b/t/112-req-header-conn.t index 51df730dc2..51bc8a4319 100644 --- a/t/112-req-header-conn.t +++ b/t/112-req-header-conn.t @@ -146,4 +146,3 @@ content: conn type: 0 connection: bad --- no_error_log [error] - diff --git a/t/113-req-header-cookie.t b/t/113-req-header-cookie.t index b26b7095f9..4a9305342b 100644 --- a/t/113-req-header-cookie.t +++ b/t/113-req-header-cookie.t @@ -247,4 +247,3 @@ Cookie: boo=123; foo=bar --- no_error_log [error] - diff --git a/t/115-quote-sql-str.t b/t/115-quote-sql-str.t index 0c20dfb9b9..66553b1341 100644 --- a/t/115-quote-sql-str.t +++ b/t/115-quote-sql-str.t @@ -74,4 +74,3 @@ GET /set 'a\Zb\Z' --- no_error_log [error] - diff --git a/t/116-raw-req-socket.t b/t/116-raw-req-socket.t index 6518f0e5e7..ab06ee4a31 100644 --- a/t/116-raw-req-socket.t +++ b/t/116-raw-req-socket.t @@ -876,4 +876,3 @@ request body: hey, hello world --- no_error_log [error] [alert] - diff --git a/t/117-raw-req-socket-timeout.t b/t/117-raw-req-socket-timeout.t index 4e3929b260..07abadcc6a 100644 --- a/t/117-raw-req-socket-timeout.t +++ b/t/117-raw-req-socket-timeout.t @@ -114,4 +114,3 @@ lua tcp socket write timed out server: failed to send: timeout --- no_error_log [alert] - diff --git a/t/119-config-prefix.t b/t/119-config-prefix.t index 4581aa1209..3f793206e4 100644 --- a/t/119-config-prefix.t +++ b/t/119-config-prefix.t @@ -30,4 +30,3 @@ GET /lua ^prefix: \/\S+$ --- no_error_log [error] - diff --git a/t/121-version.t b/t/121-version.t index 2b7a306e50..9000eb3708 100644 --- a/t/121-version.t +++ b/t/121-version.t @@ -46,4 +46,3 @@ GET /lua ^version: \d+$ --- no_error_log [error] - diff --git a/t/122-worker.t b/t/122-worker.t index fa42b1d9ad..b74c81fbcd 100644 --- a/t/122-worker.t +++ b/t/122-worker.t @@ -79,4 +79,3 @@ worker pid: \d+ worker pid is correct\. --- no_error_log [error] - diff --git a/t/123-lua-path.t b/t/123-lua-path.t index da9790968d..23681a9dbb 100644 --- a/t/123-lua-path.t +++ b/t/123-lua-path.t @@ -68,4 +68,3 @@ GET /lua [error] --- error_log eval qr/\[alert\] .*? lua_code_cache is off/ - diff --git a/t/125-configure-args.t b/t/125-configure-args.t index adec12923c..4160d4e3a9 100644 --- a/t/125-configure-args.t +++ b/t/125-configure-args.t @@ -29,4 +29,3 @@ GET /configure_args ^\s*\-\-[^-]+ --- no_error_log [error] - diff --git a/t/126-shdict-frag.t b/t/126-shdict-frag.t index 94422fb8c8..5a2aff8202 100644 --- a/t/126-shdict-frag.t +++ b/t/126-shdict-frag.t @@ -1264,4 +1264,3 @@ ok --- no_error_log [error] --- timeout: 60 - diff --git a/t/127-uthread-kill.t b/t/127-uthread-kill.t index 7e7d3dd6af..cc43c62764 100644 --- a/t/127-uthread-kill.t +++ b/t/127-uthread-kill.t @@ -505,4 +505,3 @@ thread created: zombie [alert] lua tcp socket abort resolver --- error_log - diff --git a/t/128-duplex-tcp-socket.t b/t/128-duplex-tcp-socket.t index d3ef3f5926..d64ae6a106 100644 --- a/t/128-duplex-tcp-socket.t +++ b/t/128-duplex-tcp-socket.t @@ -623,4 +623,3 @@ close: 1 nil --- no_error_log [error] - diff --git a/t/130-internal-api.t b/t/130-internal-api.t index d641ab5083..eba0980f8f 100644 --- a/t/130-internal-api.t +++ b/t/130-internal-api.t @@ -47,4 +47,3 @@ content req=0x[a-f0-9]{4,} $ --- no_error_log [error] - diff --git a/t/137-req-misc.t b/t/137-req-misc.t index 20ada3c138..d56f80e6fd 100644 --- a/t/137-req-misc.t +++ b/t/137-req-misc.t @@ -59,4 +59,3 @@ not internal GET /test --- response_body internal - From 2e7031f01dd5bffa09a98773ad649c9e4930706d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 16 Feb 2017 09:51:32 -0800 Subject: [PATCH 060/136] util/reindex: fixed the author and copyright notice. --- util/reindex | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/util/reindex b/util/reindex index f094a43dd4..3e9aebc9b9 100755 --- a/util/reindex +++ b/util/reindex @@ -1,8 +1,7 @@ #!/usr/bin/perl #: reindex.pl #: reindex .t files for Test::Base based test files -#: Copyright (c) 2006 Agent Zhang -#: 2006-04-27 2006-05-09 +#: Copyright (c) Yichun Zhang use strict; use warnings; From 3217a078164fe4af806150bc7fdc6af58f92e50b Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 16 Feb 2017 09:53:08 -0800 Subject: [PATCH 061/136] util/reindex: fixed the shebang line. --- util/reindex | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/util/reindex b/util/reindex index 3e9aebc9b9..ffc053e7be 100755 --- a/util/reindex +++ b/util/reindex @@ -1,6 +1,6 @@ -#!/usr/bin/perl -#: reindex.pl -#: reindex .t files for Test::Base based test files +#!/usr/bin/env perl + +#: reindexes .t files for Test::Base based test files #: Copyright (c) Yichun Zhang use strict; From 11495c28a045e3f5b4b3a574f71579db1c497125 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 16 Feb 2017 10:22:03 -0800 Subject: [PATCH 062/136] util/reindex: tweaked the regex to avoid useless substitutions. this is a followup fix for commit 772e6fd. --- util/reindex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/util/reindex b/util/reindex index ffc053e7be..d0a0927603 100755 --- a/util/reindex +++ b/util/reindex @@ -45,7 +45,7 @@ sub reindex { close $in; my $text = join '', @lines; - $text =~ s/\n+\z/\n/sm; + $text =~ s/\n\n+\z/\n/sm; $text =~ s/(?x) \n+ === \s+ TEST/\n\n\n\n=== TEST/ixsg; $text =~ s/__(DATA|END)__\n+=== TEST/__${1}__\n\n=== TEST/; #$text =~ s/\n+$/\n\n/s; From e86dd9662841cdf0e5cc5b800dd9506eb7a785dd Mon Sep 17 00:00:00 2001 From: SmirnovW Date: Thu, 16 Feb 2017 23:04:31 +0400 Subject: [PATCH 063/136] doc: added more hints as comments to installation commands. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 6 ++++++ doc/HttpLuaModule.wiki | 6 ++++++ 2 files changed, 12 insertions(+) diff --git a/README.markdown b/README.markdown index 349dbed7f8..826b1e9510 100644 --- a/README.markdown +++ b/README.markdown @@ -298,6 +298,12 @@ Build the source with this module: --add-module=/path/to/ngx_devel_kit \ --add-module=/path/to/lua-nginx-module + # Note that you may also want to add `./configure` options which are used in your + # current nginx build. + # You can get usually those options using command nginx -V + + # you can change the parallism number 2 below to fit the number of spare CPU cores in your + # machine. make -j2 make install ``` diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 8bc2acb6ee..fec84cd00d 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -231,6 +231,12 @@ Build the source with this module: --add-module=/path/to/ngx_devel_kit \ --add-module=/path/to/lua-nginx-module + # Note that you may also want to add `./configure` options which are used in your + # current nginx build. + # You can get usually those options using command nginx -V + + # you can change the parallism number 2 below to fit the number of spare CPU cores in your + # machine. make -j2 make install From fdbfdaecf8b38d6d498c28e01b03975b23706d2e Mon Sep 17 00:00:00 2001 From: spacewander Date: Fri, 24 Feb 2017 22:27:06 +0800 Subject: [PATCH 064/136] semaphore: fixed a typo in a code comment. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_semaphore.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngx_http_lua_semaphore.c b/src/ngx_http_lua_semaphore.c index 8a3f832806..604d943471 100644 --- a/src/ngx_http_lua_semaphore.c +++ b/src/ngx_http_lua_semaphore.c @@ -387,8 +387,8 @@ ngx_http_lua_ffi_sema_wait(ngx_http_request_t *r, return NGX_ERROR; } - /* we keep the order, will resume the older waited firtly - * in ngx_http_lua_sema_handler + /* we keep the order, will first resume the thread waiting for the + * longest time in ngx_http_lua_sema_handler */ if (ngx_queue_empty(&sem->wait_queue) && sem->resource_count > 0) { From 2fd7daa69816be7ac2298a789cb3b819e0d12052 Mon Sep 17 00:00:00 2001 From: Robert Paprocki Date: Thu, 16 Feb 2017 09:39:31 -0800 Subject: [PATCH 065/136] bugfix: typo fix in C POST args handler debug log. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_args.c | 2 +- t/031-post-args.t | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngx_http_lua_args.c b/src/ngx_http_lua_args.c index 0c307d6ab7..b43697c7a1 100644 --- a/src/ngx_http_lua_args.c +++ b/src/ngx_http_lua_args.c @@ -184,7 +184,7 @@ ngx_http_lua_ngx_req_get_post_args(lua_State *L) if (r->request_body->temp_file) { lua_pushnil(L); - lua_pushliteral(L, "requesty body in temp file not supported"); + lua_pushliteral(L, "request body in temp file not supported"); return 2; } diff --git a/t/031-post-args.t b/t/031-post-args.t index c2b6b8f372..62c88c1ec7 100644 --- a/t/031-post-args.t +++ b/t/031-post-args.t @@ -351,6 +351,6 @@ CORE::join("", @k); POST /lua a=3&b=4&c --- response_body -requesty body in temp file not supported +request body in temp file not supported --- no_error_log [error] From 38dd154a78a4291d2cffba4f23ace56f3b59f2c4 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 11 Mar 2017 17:59:18 -0800 Subject: [PATCH 066/136] doc: ngx.exit() also returns immediately in the balancer_by_lua* context. thanks Jinhua Tan for the patch in #1012. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 826b1e9510..dd47e9cb0a 100644 --- a/README.markdown +++ b/README.markdown @@ -5268,7 +5268,7 @@ Note that while this method accepts all [HTTP status constants](#http-status-con Also note that this method call terminates the processing of the current request and that it is recommended that a coding style that combines this method call with the `return` statement, i.e., `return ngx.exit(...)` be used to reinforce the fact that the request processing is being terminated. -When being used in the contexts of [header_filter_by_lua](#header_filter_by_lua) and +When being used in the contexts of [header_filter_by_lua*](#header_filter_by_lua), [balancer_by_lua*](#balancer_by_lua_block), and [ssl_session_store_by_lua*](#ssl_session_store_by_lua_block), `ngx.exit()` is an asynchronous operation and will return immediately. This behavior may change in future and it is recommended that users always use `return` in combination as suggested above. diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index fec84cd00d..0598d5787a 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -4395,7 +4395,7 @@ Note that while this method accepts all [[#HTTP status constants|HTTP status con Also note that this method call terminates the processing of the current request and that it is recommended that a coding style that combines this method call with the return statement, i.e., return ngx.exit(...) be used to reinforce the fact that the request processing is being terminated. -When being used in the contexts of [[#header_filter_by_lua|header_filter_by_lua]] and +When being used in the contexts of [[#header_filter_by_lua|header_filter_by_lua*]], [[#balancer_by_lua_block|balancer_by_lua*]], and [[#ssl_session_store_by_lua_block|ssl_session_store_by_lua*]], ngx.exit() is an asynchronous operation and will return immediately. This behavior may change in future and it is recommended that users always use return in combination as suggested above. From 8a6448a3906af265083848306bd49b1cc87a2c8d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 19 Mar 2017 19:20:59 -0700 Subject: [PATCH 067/136] travis-ci: upgraded pcre to 8.40. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index c935543265..eb0748c138 100644 --- a/.travis.yml +++ b/.travis.yml @@ -34,7 +34,7 @@ env: - LUAJIT_LIB=$LUAJIT_PREFIX/lib - LUAJIT_INC=$LUAJIT_PREFIX/include/luajit-2.1 - LUA_INCLUDE_DIR=$LUAJIT_INC - - PCRE_VER=8.39 + - PCRE_VER=8.40 - PCRE_PREFIX=/opt/pcre - PCRE_LIB=$PCRE_PREFIX/lib - PCRE_INC=$PCRE_PREFIX/include From 312bf3ed18be3031a5ac1e423f5ca47d118737b6 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 25 Mar 2017 14:56:28 -0700 Subject: [PATCH 068/136] tests: avoided flooding google dns servers in the check leak test mode. --- t/087-udp-socket.t | 2 ++ 1 file changed, 2 insertions(+) diff --git a/t/087-udp-socket.t b/t/087-udp-socket.t index a58709b5a7..a847031aec 100644 --- a/t/087-udp-socket.t +++ b/t/087-udp-socket.t @@ -596,6 +596,7 @@ received a good response. --- log_level: debug --- error_log lua udp socket receive buffer size: 8192 +--- no_check_leak @@ -662,6 +663,7 @@ received a good response. --- log_level: debug --- error_log lua udp socket receive buffer size: 8192 +--- no_check_leak From 743a10ab0712dda5cdf6b4f1a7c6f6aed4da7b7b Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 25 Mar 2017 14:57:22 -0700 Subject: [PATCH 069/136] travis-ci: avoided installing the Test::Nginx perl module; just use it right away. --- .travis.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.travis.yml b/.travis.yml index eb0748c138..7534c3c658 100644 --- a/.travis.yml +++ b/.travis.yml @@ -99,7 +99,6 @@ script: - make libdrizzle-1.0 -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) - sudo make install-libdrizzle-1.0 > build.log 2>&1 || (cat build.log && exit 1) - cd ../mockeagain/ && make CC=$CC -j$JOBS && cd .. - - cd test-nginx/ && sudo cpanm . && cd .. - cd lua-cjson/ && make -j$JOBS && sudo make install && cd .. - tar zxf download-cache/pcre-$PCRE_VER.tar.gz - cd pcre-$PCRE_VER/ @@ -125,4 +124,4 @@ script: - export TEST_NGINX_RESOLVER=8.8.4.4 - dig +short @$TEST_NGINX_RESOLVER openresty.org || exit 0 - dig +short @$TEST_NGINX_RESOLVER agentzh.org || exit 0 - - prove -r t + - prove -Itest-nginx/lib -r t From 6b01840dc97887cecbb15853bf1702a4dbe986fb Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 30 Mar 2017 10:32:02 -0700 Subject: [PATCH 070/136] change: disabled the mmap(sbrk(0)) memory trick since glibc leaks memory when it is forced to use mmap to fulfill malloc(). --- config | 27 ----------------------- src/ngx_http_lua_module.c | 45 --------------------------------------- t/141-luajit.t | 3 ++- t/146-malloc-trim.t | 41 +++++++++++++++++++---------------- 4 files changed, 25 insertions(+), 91 deletions(-) diff --git a/config b/config index 01a6b3c3cc..5d2ee659d9 100644 --- a/config +++ b/config @@ -472,33 +472,6 @@ ngx_feature_test='setsockopt(1, SOL_SOCKET, SO_PASSCRED, NULL, 0);' . auto/feature -ngx_feature="mmap(sbrk(0))" -ngx_feature_libs= -ngx_feature_name="NGX_HTTP_LUA_HAVE_MMAP_SBRK" -ngx_feature_run=yes -ngx_feature_incs="#include -#include -#include -#include -#define align_ptr(p, a) \ - (u_char *) (((uintptr_t) (p) + ((uintptr_t) a - 1)) & ~((uintptr_t) a - 1)) -" -ngx_feature_test=" -#if defined(__x86_64__) -exit(mmap(align_ptr(sbrk(0), getpagesize()), 1, PROT_READ, - MAP_FIXED|MAP_PRIVATE|MAP_ANON, -1, 0) < (void *) 0x40000000LL - ? 0 : 1); -#else -exit(1); -#endif -" -SAVED_CC_TEST_FLAGS="$CC_TEST_FLAGS" -CC_TEST_FLAGS="-Werror -Wall $CC_TEST_FLAGS" - -. auto/feature - -CC_TEST_FLAGS="$SAVED_CC_TEST_FLAGS" - ngx_feature="__attribute__(constructor)" ngx_feature_libs= ngx_feature_name="NGX_HTTP_LUA_HAVE_CONSTRUCTOR" diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index 6e93c8eed7..3dc2817bb0 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -45,14 +45,6 @@ static char *ngx_http_lua_lowat_check(ngx_conf_t *cf, void *post, void *data); static ngx_int_t ngx_http_lua_set_ssl(ngx_conf_t *cf, ngx_http_lua_loc_conf_t *llcf); #endif -#if (NGX_HTTP_LUA_HAVE_MMAP_SBRK) && (NGX_LINUX) -/* we cannot use "static" for this function since it may lead to compiler - * warnings */ -void ngx_http_lua_limit_data_segment(void); -# if !(NGX_HTTP_LUA_HAVE_CONSTRUCTOR) -static ngx_int_t ngx_http_lua_pre_config(ngx_conf_t *cf); -# endif -#endif static char *ngx_http_lua_malloc_trim(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); @@ -592,13 +584,7 @@ static ngx_command_t ngx_http_lua_cmds[] = { ngx_http_module_t ngx_http_lua_module_ctx = { -#if (NGX_HTTP_LUA_HAVE_MMAP_SBRK) \ - && (NGX_LINUX) \ - && !(NGX_HTTP_LUA_HAVE_CONSTRUCTOR) - ngx_http_lua_pre_config, /* preconfiguration */ -#else NULL, /* preconfiguration */ -#endif ngx_http_lua_init, /* postconfiguration */ ngx_http_lua_create_main_conf, /* create main configuration */ @@ -1267,37 +1253,6 @@ ngx_http_lua_set_ssl(ngx_conf_t *cf, ngx_http_lua_loc_conf_t *llcf) #endif /* NGX_HTTP_SSL */ -#if (NGX_HTTP_LUA_HAVE_MMAP_SBRK) \ - && (NGX_LINUX) \ - && !(NGX_HTTP_LUA_HAVE_CONSTRUCTOR) -static ngx_int_t -ngx_http_lua_pre_config(ngx_conf_t *cf) -{ - ngx_http_lua_limit_data_segment(); - return NGX_OK; -} -#endif - - -/* - * we simply assume that LuaJIT is used. it does little harm when the - * standard Lua 5.1 interpreter is used instead. - */ -#if (NGX_HTTP_LUA_HAVE_MMAP_SBRK) && (NGX_LINUX) -# if (NGX_HTTP_LUA_HAVE_CONSTRUCTOR) -__attribute__((constructor)) -# endif -void -ngx_http_lua_limit_data_segment(void) -{ - if (sbrk(0) < (void *) 0x40000000LL) { - mmap(ngx_align_ptr(sbrk(0), getpagesize()), 1, PROT_READ, - MAP_FIXED|MAP_PRIVATE|MAP_ANON, -1, 0); - } -} -#endif - - static char * ngx_http_lua_malloc_trim(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { diff --git a/t/141-luajit.t b/t/141-luajit.t index be03fe3927..36418d102c 100644 --- a/t/141-luajit.t +++ b/t/141-luajit.t @@ -1,6 +1,7 @@ # vim:set ft= ts=4 sw=4 et fdm=marker: -use Test::Nginx::Socket::Lua; +use Test::Nginx::Socket::Lua + skip_all => 'no mmap(sbrk(0)) trick since glibc leaks memory in this case'; #worker_connections(1014); #master_on(); diff --git a/t/146-malloc-trim.t b/t/146-malloc-trim.t index 45fb9f2463..fc425ce72a 100644 --- a/t/146-malloc-trim.t +++ b/t/146-malloc-trim.t @@ -43,8 +43,9 @@ ok ok ok --- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ ---- grep_error_log_out -malloc_trim(1) returned 0 +--- grep_error_log_out eval +qr/\Amalloc_trim\(1\) returned [01] +\z/ --- wait: 0.2 --- no_error_log [error] @@ -76,13 +77,14 @@ ok ok ok --- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ ---- grep_error_log_out -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 +--- grep_error_log_out eval +qr/\Amalloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +\z/ --- wait: 0.2 --- no_error_log [error] @@ -114,10 +116,11 @@ ok ok ok --- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ ---- grep_error_log_out -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 +--- grep_error_log_out eval +qr/\Amalloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +\z/ --- wait: 0.2 --- no_error_log [error] @@ -149,9 +152,10 @@ ok ok ok --- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ ---- grep_error_log_out -malloc_trim(1) returned 0 -malloc_trim(1) returned 0 +--- grep_error_log_out eval +qr/\Amalloc_trim\(1\) returned [01] +malloc_trim\(1\) returned [01] +\z/ --- wait: 0.2 --- no_error_log [error] @@ -330,8 +334,9 @@ ok ok ok --- grep_error_log eval: qr/malloc_trim\(\d+\) returned \d+/ ---- grep_error_log_out -malloc_trim(1) returned 0 +--- grep_error_log_out eval +qr/\Amalloc_trim\(1\) returned [01] +\z/ --- wait: 0.2 --- no_error_log [error] From 113d138096095a5afa7aba59acfca7843138fcd5 Mon Sep 17 00:00:00 2001 From: WenMing Date: Wed, 5 Apr 2017 10:59:47 +0800 Subject: [PATCH 071/136] bugfix: lacking the fix from #936 in the C API for lua-resty-core. #1031 Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_headers.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/src/ngx_http_lua_headers.c b/src/ngx_http_lua_headers.c index a7cfc3c74e..7c6e935b2c 100644 --- a/src/ngx_http_lua_headers.c +++ b/src/ngx_http_lua_headers.c @@ -1298,6 +1298,7 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r, ngx_uint_t i; ngx_table_elt_t *h; ngx_list_part_t *part; + ngx_http_lua_ctx_t *ctx; ngx_http_lua_loc_conf_t *llcf; @@ -1305,6 +1306,21 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r, return NGX_HTTP_LUA_FFI_BAD_CONTEXT; } + ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); + if (ctx == NULL) { + /* *errmsg = "no ctx found"; */ + return NGX_ERROR; + } + + if (!ctx->headers_set) { + if (ngx_http_lua_set_content_type(r) != NGX_OK) { + /* *errmsg = "failed to set default content type"; */ + return NGX_ERROR; + } + + ctx->headers_set = 1; + } + llcf = ngx_http_get_module_loc_conf(r, ngx_http_lua_module); if (llcf->transform_underscores_in_resp_headers && memchr(key, '_', key_len) != NULL) From 844e842cb3d03c3b9b796809bb86102b538fab9e Mon Sep 17 00:00:00 2001 From: Datong Sun Date: Mon, 3 Apr 2017 21:02:50 -0700 Subject: [PATCH 072/136] change: removed the use of luaL_getn() macro as it is no longer available in the latest LuaJIT v2.1. fixes #1029. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_headers.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngx_http_lua_headers.c b/src/ngx_http_lua_headers.c index 7c6e935b2c..2392598495 100644 --- a/src/ngx_http_lua_headers.c +++ b/src/ngx_http_lua_headers.c @@ -754,7 +754,7 @@ ngx_http_lua_ngx_header_set(lua_State *L) ngx_str_null(&value); } else if (lua_type(L, 3) == LUA_TTABLE) { - n = luaL_getn(L, 3); + n = lua_objlen(L, 3); if (n == 0) { ngx_str_null(&value); @@ -888,7 +888,7 @@ ngx_http_lua_ngx_req_header_set_helper(lua_State *L) ngx_str_null(&value); } else if (lua_type(L, 2) == LUA_TTABLE) { - n = luaL_getn(L, 2); + n = lua_objlen(L, 2); if (n == 0) { ngx_str_null(&value); From 94248d64e41d9f3d0864f721c830c8af30568fa6 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 6 Apr 2017 16:28:23 -0700 Subject: [PATCH 073/136] tests: added valgrind suppression rules for false positives in nginx 1.11.11+ and pcre 3.40+'s JIT compiler. --- valgrind.suppress | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/valgrind.suppress b/valgrind.suppress index fe161e8c77..d0bcc56d27 100644 --- a/valgrind.suppress +++ b/valgrind.suppress @@ -149,3 +149,18 @@ fun:main fun:__libc_res_nquerydomain fun:__libc_res_nsearch } +{ + + Memcheck:Leak + match-leak-kinds: definite + fun:malloc + fun:ngx_alloc + fun:ngx_set_environment + fun:ngx_single_process_cycle + fun:main +} +{ + + Memcheck:Cond + obj:* +} From 2ba183d3c2bfe2a370242713ecb94e01244e1a6d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 7 Apr 2017 15:46:27 -0700 Subject: [PATCH 074/136] tests: made a test for duplex cosockets less sensitive to timing error. --- t/128-duplex-tcp-socket.t | 21 +++++++++++++-------- 1 file changed, 13 insertions(+), 8 deletions(-) diff --git a/t/128-duplex-tcp-socket.t b/t/128-duplex-tcp-socket.t index d64ae6a106..c0b8fd9c36 100644 --- a/t/128-duplex-tcp-socket.t +++ b/t/128-duplex-tcp-socket.t @@ -315,19 +315,24 @@ failed to send request: closed)$ local data = "" local ntm = 0 - local done = false + local aborted = false for i = 1, 3 do - local res, err, part = sock:receive(1) - if not res then - ngx.say("failed to receive: ", err) - return - else - data = data .. res + if not aborted then + local res, err, part = sock:receive(1) + if not res then + ngx.say("failed to receive: ", err) + aborted = true + else + data = data .. res + end end + ngx.sleep(0.001) end - ngx.say("received: ", data) + if not aborted then + ngx.say("received: ", data) + end '; } From 385ae4cd15ec57c043372f291b4493b631b552f5 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 8 Apr 2017 00:24:52 -0700 Subject: [PATCH 075/136] tests: a followup fix for the previous commit (2ba183d3). --- t/128-duplex-tcp-socket.t | 1 + 1 file changed, 1 insertion(+) diff --git a/t/128-duplex-tcp-socket.t b/t/128-duplex-tcp-socket.t index c0b8fd9c36..e8434a3f84 100644 --- a/t/128-duplex-tcp-socket.t +++ b/t/128-duplex-tcp-socket.t @@ -355,6 +355,7 @@ F(ngx_http_lua_socket_tcp_finalize_write_part) { --- tcp_query_len: 11 --- no_error_log [error] +--- wait: 0.05 From 975c3f83889f125a2c669af39c55d447e25bcd99 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 8 Apr 2017 14:11:54 -0700 Subject: [PATCH 076/136] bumped version to 0.10.8. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- src/api/ngx_http_lua_api.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.markdown b/README.markdown index dd47e9cb0a..946f002c61 100644 --- a/README.markdown +++ b/README.markdown @@ -62,7 +62,7 @@ Production ready. Version ======= -This document describes ngx_lua [v0.10.7](https://github.com/openresty/lua-nginx-module/tags) released on 4 November 2016. +This document describes ngx_lua [v0.10.8](https://github.com/openresty/lua-nginx-module/tags) released on 8 April 2017. Synopsis ======== diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 0598d5787a..bbf2a2ecd7 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -10,7 +10,7 @@ Production ready. = Version = -This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.7] released on 4 November 2016. +This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.8] released on 8 April 2017. = Synopsis = diff --git a/src/api/ngx_http_lua_api.h b/src/api/ngx_http_lua_api.h index 3737149b2c..b0df5ae031 100644 --- a/src/api/ngx_http_lua_api.h +++ b/src/api/ngx_http_lua_api.h @@ -19,7 +19,7 @@ /* Public API for other Nginx modules */ -#define ngx_http_lua_version 10007 +#define ngx_http_lua_version 10008 typedef struct { From 4b724934231dd67aea07a93390aae72d10760601 Mon Sep 17 00:00:00 2001 From: doujiang24 Date: Thu, 2 Mar 2017 11:30:48 +0800 Subject: [PATCH 077/136] tests: added passing test cases for testing Lua errors thrown in init_by_lua*. Signed-off-by: Yichun Zhang (agentzh) --- t/086-init-by.t | 19 ++++- t/151-initby-hup.t | 168 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 186 insertions(+), 1 deletion(-) create mode 100644 t/151-initby-hup.t diff --git a/t/086-init-by.t b/t/086-init-by.t index 3a474fe82f..bea34a461a 100644 --- a/t/086-init-by.t +++ b/t/086-init-by.t @@ -8,7 +8,7 @@ use Test::Nginx::Socket::Lua; repeat_each(2); -plan tests => repeat_each() * (blocks() * 3 + 3); +plan tests => repeat_each() * (blocks() * 3 + 2); #no_diff(); #no_long_string(); @@ -304,3 +304,20 @@ INIT 2: foo = 3 ", "", ] + + + +=== TEST 12: error in init +--- http_config + init_by_lua_block { + error("failed to init") + } +--- config + location /t { + echo ok; + } +--- must_die +--- error_log +failed to init +--- error_log +[error] diff --git a/t/151-initby-hup.t b/t/151-initby-hup.t new file mode 100644 index 0000000000..f2788670db --- /dev/null +++ b/t/151-initby-hup.t @@ -0,0 +1,168 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: + +our $SkipReason; + +BEGIN { + if ($ENV{TEST_NGINX_CHECK_LEAK}) { + $SkipReason = "unavailable for the hup tests"; + + } else { + $ENV{TEST_NGINX_USE_HUP} = 1; + undef $ENV{TEST_NGINX_USE_STAP}; + } +} + +use Test::Nginx::Socket::Lua 'no_plan'; + +#worker_connections(1014); +#master_on(); +#workers(2); +#log_level('warn'); + +repeat_each(1); + +#plan tests => repeat_each() * (blocks() * 3 + 3); + +#no_diff(); +#no_long_string(); +no_shuffle(); + +run_tests(); + +__DATA__ + +=== TEST 1: no error in init before HUP +--- http_config + init_by_lua_block { + foo = "hello, FOO" + } +--- config + location /lua { + content_by_lua_block { + ngx.say(foo) + } + } +--- request +GET /lua +--- response_body +hello, FOO +--- no_error_log +[error] + + + +=== TEST 2: error in init after HUP (master still alive, worker process still the same as before) +--- http_config + init_by_lua_block { + error("failed to init") + } +--- config + location /lua { + content_by_lua_block { + ngx.say(foo) + } + } +--- request +GET /lua +--- response_body +hello, FOO +--- error_log +failed to init +--- reload_fails + + + +=== TEST 3: no error in init again +--- http_config + init_by_lua_block { + foo = "hello, foo" + } +--- config + location /lua { + content_by_lua_block { + ngx.say(foo) + } + } +--- request +GET /lua +--- response_body +hello, foo +--- no_error_log +[error] + + + +=== TEST 4: no error in init before HUP, used ngx.shared.DICT +--- http_config + lua_shared_dict dogs 1m; + + init_by_lua_block { + local dogs = ngx.shared.dogs + dogs:set("foo", "hello, FOO") + } +--- config + location /lua { + content_by_lua_block { + local dogs = ngx.shared.dogs + local foo = dogs:get("foo") + ngx.say(foo) + } + } +--- request +GET /lua +--- response_body +hello, FOO +--- no_error_log +[error] + + + +=== TEST 5: error in init after HUP, not reloaded but foo have changed. +--- http_config + lua_shared_dict dogs 1m; + + init_by_lua_block { + local dogs = ngx.shared.dogs + dogs:set("foo", "foo have changed") + + error("failed to init") + } +--- config + location /lua { + content_by_lua_block { + ngx.say("HUP reload failed") + } + } +--- request +GET /lua +--- response_body +foo have changed +--- error_log +failed to init +--- reload_fails + + + +=== TEST 6: no error in init again, reload success and foo still have changed. +--- http_config + lua_shared_dict dogs 1m; + + init_by_lua_block { + -- do nothing + } +--- config + location /lua { + content_by_lua_block { + local dogs = ngx.shared.dogs + local foo = dogs:get("foo") + ngx.say(foo) + ngx.say("reload success") + } + } +--- request +GET /lua +--- response_body +foo have changed +reload success +--- no_error_log +[error] From 0459a285ca0159d45e73da8bd1164edb5c57cde3 Mon Sep 17 00:00:00 2001 From: Andrei Belov Date: Wed, 22 Mar 2017 07:50:57 +0300 Subject: [PATCH 078/136] feature: nginx 1.11.11+ can now build with this module. Note: nginx 1.11.11+ are still not an officially supported target yet. More work needed. Closes openresty/lua-nginx-module#1016 See also: http://hg.nginx.org/nginx/rev/e662cbf1b932 --- src/ngx_http_lua_common.h | 6 ++++ src/ngx_http_lua_headers.c | 68 ++++++++++++++++++++++++++++++++++++++ src/ngx_http_lua_headers.h | 3 ++ src/ngx_http_lua_module.c | 13 +++++++- 4 files changed, 89 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h index 079a4dc3b8..f37d776a9e 100644 --- a/src/ngx_http_lua_common.h +++ b/src/ngx_http_lua_common.h @@ -199,6 +199,12 @@ struct ngx_http_lua_main_conf_s { of reqeusts */ ngx_uint_t malloc_trim_req_count; +#if nginx_version >= 1011011 + /* the following 2 fields are only used by ngx.req.raw_headers() for now */ + ngx_buf_t **busy_buf_ptrs; + ngx_int_t busy_buf_ptr_count; +#endif + unsigned requires_header_filter:1; unsigned requires_body_filter:1; unsigned requires_capture_filter:1; diff --git a/src/ngx_http_lua_headers.c b/src/ngx_http_lua_headers.c index 2392598495..6700ce80db 100644 --- a/src/ngx_http_lua_headers.c +++ b/src/ngx_http_lua_headers.c @@ -26,6 +26,9 @@ static int ngx_http_lua_ngx_req_get_headers(lua_State *L); static int ngx_http_lua_ngx_req_header_clear(lua_State *L); static int ngx_http_lua_ngx_req_header_set(lua_State *L); static int ngx_http_lua_ngx_resp_get_headers(lua_State *L); +#if nginx_version >= 1011011 +void ngx_http_lua_ngx_raw_header_cleanup(void *data); +#endif static int @@ -77,6 +80,11 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L) size_t size; ngx_buf_t *b, *first = NULL; ngx_int_t i, j; +#if nginx_version >= 1011011 + ngx_buf_t **bb; + ngx_chain_t *cl; + ngx_http_lua_main_conf_t *lmcf; +#endif ngx_connection_t *c; ngx_http_request_t *r, *mr; ngx_http_connection_t *hc; @@ -93,6 +101,10 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L) return luaL_error(L, "no request object found"); } +#if nginx_version >= 1011011 + lmcf = ngx_http_get_module_main_conf(r, ngx_http_lua_module); +#endif + ngx_http_lua_check_fake_request(L, r); mr = r->main; @@ -109,8 +121,13 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L) dd("hc->nbusy: %d", (int) hc->nbusy); if (hc->nbusy) { +#if nginx_version >= 1011011 + dd("hc->busy: %p %p %p %p", hc->busy->buf->start, hc->busy->buf->pos, + hc->busy->buf->last, hc->busy->buf->end); +#else dd("hc->busy: %p %p %p %p", hc->busy[0]->start, hc->busy[0]->pos, hc->busy[0]->last, hc->busy[0]->end); +#endif } dd("request line: %p %p", mr->request_line.data, @@ -146,9 +163,37 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L) dd("size: %d", (int) size); if (hc->nbusy) { +#if nginx_version >= 1011011 + if (hc->nbusy > lmcf->busy_buf_ptr_count) { + if (lmcf->busy_buf_ptrs) { + ngx_free(lmcf->busy_buf_ptrs); + } + + lmcf->busy_buf_ptrs = ngx_alloc(hc->nbusy * sizeof(ngx_buf_t *), + r->connection->log); + + if (lmcf->busy_buf_ptrs == NULL) { + return luaL_error(L, "no memory"); + } + + lmcf->busy_buf_ptr_count = hc->nbusy; + } + + bb = lmcf->busy_buf_ptrs; + for (cl = hc->busy; cl; cl = cl->next) { + *bb++ = cl->buf; + } +#endif b = NULL; + +#if nginx_version >= 1011011 + bb = lmcf->busy_buf_ptrs; + for (i = hc->nbusy; i > 0; i--) { + b = bb[i - 1]; +#else for (i = 0; i < hc->nbusy; i++) { b = hc->busy[i]; +#endif dd("busy buf: %d: [%.*s]", (int) i, (int) (b->pos - b->start), b->start); @@ -223,8 +268,15 @@ ngx_http_lua_ngx_req_raw_header(lua_State *L) } if (hc->nbusy) { + +#if nginx_version >= 1011011 + bb = lmcf->busy_buf_ptrs; + for (i = hc->nbusy - 1; i >= 0; i--) { + b = bb[i]; +#else for (i = 0; i < hc->nbusy; i++) { b = hc->busy[i]; +#endif if (!found) { if (b != first) { @@ -1431,4 +1483,20 @@ ngx_http_lua_ffi_get_resp_header(ngx_http_request_t *r, #endif /* NGX_LUA_NO_FFI_API */ +#if nginx_version >= 1011011 +void +ngx_http_lua_ngx_raw_header_cleanup(void *data) +{ + ngx_http_lua_main_conf_t *lmcf; + + lmcf = (ngx_http_lua_main_conf_t *) data; + + if (lmcf->busy_buf_ptrs) { + ngx_free(lmcf->busy_buf_ptrs); + lmcf->busy_buf_ptrs = NULL; + } +} +#endif + + /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ diff --git a/src/ngx_http_lua_headers.h b/src/ngx_http_lua_headers.h index 39f1114cdf..ee4d21c1ae 100644 --- a/src/ngx_http_lua_headers.h +++ b/src/ngx_http_lua_headers.h @@ -15,6 +15,9 @@ void ngx_http_lua_inject_resp_header_api(lua_State *L); void ngx_http_lua_inject_req_header_api(lua_State *L); void ngx_http_lua_create_headers_metatable(ngx_log_t *log, lua_State *L); +#if nginx_version >= 1011011 +void ngx_http_lua_ngx_raw_header_cleanup(void *data); +#endif #endif /* _NGX_HTTP_LUA_HEADERS_H_INCLUDED_ */ diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index 3dc2817bb0..875f9334f7 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -28,6 +28,7 @@ #include "ngx_http_lua_ssl_certby.h" #include "ngx_http_lua_ssl_session_storeby.h" #include "ngx_http_lua_ssl_session_fetchby.h" +#include "ngx_http_lua_headers.h" static void *ngx_http_lua_create_main_conf(ngx_conf_t *cf); @@ -624,7 +625,7 @@ ngx_http_lua_init(ngx_conf_t *cf) volatile ngx_cycle_t *saved_cycle; ngx_http_core_main_conf_t *cmcf; ngx_http_lua_main_conf_t *lmcf; -#ifndef NGX_LUA_NO_FFI_API +#if !defined(NGX_LUA_NO_FFI_API) || nginx_version >= 1011011 ngx_pool_cleanup_t *cln; #endif @@ -716,6 +717,16 @@ ngx_http_lua_init(ngx_conf_t *cf) cln->handler = ngx_http_lua_sema_mm_cleanup; #endif +#if nginx_version >= 1011011 + cln = ngx_pool_cleanup_add(cf->pool, 0); + if (cln == NULL) { + return NGX_ERROR; + } + + cln->data = lmcf; + cln->handler = ngx_http_lua_ngx_raw_header_cleanup; +#endif + if (lmcf->lua == NULL) { dd("initializing lua vm"); From e39e4429113737a512ba271314cd10edc20ff8b3 Mon Sep 17 00:00:00 2001 From: spacewander Date: Sun, 16 Apr 2017 00:15:11 +0800 Subject: [PATCH 079/136] bugfix: fixed typos in error messages. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_module.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index 875f9334f7..72f934d015 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -952,7 +952,7 @@ ngx_http_lua_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) #ifdef LIBRESSL_VERSION_NUMBER ngx_log_error(NGX_LOG_EMERG, cf->log, 0, - "LibreSSL does not support ssl_ceritificate_by_lua*"); + "LibreSSL does not support ssl_certificate_by_lua*"); return NGX_CONF_ERROR; #else @@ -964,7 +964,7 @@ ngx_http_lua_merge_srv_conf(ngx_conf_t *cf, void *parent, void *child) # else ngx_log_error(NGX_LOG_EMERG, cf->log, 0, - "OpenSSL too old to support ssl_ceritificate_by_lua*"); + "OpenSSL too old to support ssl_certificate_by_lua*"); return NGX_CONF_ERROR; # endif From 55f91d782b3bbee646a55c41adbb99b7101afa68 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 19 Apr 2017 20:34:51 -0700 Subject: [PATCH 080/136] doc: updated the Installation section to reflect recent changes. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 946f002c61..4e5aca07e8 100644 --- a/README.markdown +++ b/README.markdown @@ -263,7 +263,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. Installation ============ -It is highly recommended to use the [OpenResty bundle](http://openresty.org) that bundles Nginx, ngx_lua, LuaJIT 2.0/2.1 (or the optional standard Lua 5.1 interpreter), as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: `./configure --with-luajit && make && make install`. +It is *highly* recommended to use the [OpenResty bundle](http://openresty.org) that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: `./configure --with-luajit && make && make install`. Do not build this module with nginx yourself since it is tricky to set up exactly right. Alternatively, ngx_lua can be manually compiled into Nginx: diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index bbf2a2ecd7..760087a100 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -197,7 +197,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. = Installation = -It is highly recommended to use the [http://openresty.org OpenResty bundle] that bundles Nginx, ngx_lua, LuaJIT 2.0/2.1 (or the optional standard Lua 5.1 interpreter), as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: ./configure --with-luajit && make && make install. +It is *highly* recommended to use the [http://openresty.org OpenResty bundle] that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: ./configure --with-luajit && make && make install. Do not build this module with nginx yourself since it is tricky to set up exactly right. Alternatively, ngx_lua can be manually compiled into Nginx: From 398db9517c2bd5d577315a3d105fb6c5033434d9 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 19 Apr 2017 20:35:36 -0700 Subject: [PATCH 081/136] doc: more fixes in the Installation section for OpenResty. --- doc/HttpLuaModule.wiki | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 760087a100..9e20a1ce9a 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -197,7 +197,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. = Installation = -It is *highly* recommended to use the [http://openresty.org OpenResty bundle] that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: ./configure --with-luajit && make && make install. Do not build this module with nginx yourself since it is tricky to set up exactly right. +It is *highly* recommended to use the [http://openresty.org OpenResty bundle] that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: ./configure -j2 && make -j2 && make install. Do not build this module with nginx yourself since it is tricky to set up exactly right. Alternatively, ngx_lua can be manually compiled into Nginx: From c7d9691e5bb1e17527a071e02fa3100d517b0f95 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 19 Apr 2017 20:37:38 -0700 Subject: [PATCH 082/136] doc: more tweaks in the Installation section. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 4e5aca07e8..a9e44600ac 100644 --- a/README.markdown +++ b/README.markdown @@ -263,7 +263,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. Installation ============ -It is *highly* recommended to use the [OpenResty bundle](http://openresty.org) that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: `./configure --with-luajit && make && make install`. Do not build this module with nginx yourself since it is tricky to set up exactly right. +It is *highly* recommended to use the [OpenResty bundle](http://openresty.org) that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. Do not build this module with nginx yourself since it is tricky to set up exactly right. Alternatively, ngx_lua can be manually compiled into Nginx: diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 9e20a1ce9a..c9a8f64c15 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -197,7 +197,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. = Installation = -It is *highly* recommended to use the [http://openresty.org OpenResty bundle] that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. The basic installation step is a simple command: ./configure -j2 && make -j2 && make install. Do not build this module with nginx yourself since it is tricky to set up exactly right. +It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Alternatively, ngx_lua can be manually compiled into Nginx: From 6c7ac361f3a41b811a001fae35b8e30a3e47be81 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 19 Apr 2017 20:39:28 -0700 Subject: [PATCH 083/136] doc: more tweaks in the Installation section. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index a9e44600ac..36140c1626 100644 --- a/README.markdown +++ b/README.markdown @@ -263,7 +263,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. Installation ============ -It is *highly* recommended to use the [OpenResty bundle](http://openresty.org) that bundles Nginx, ngx_lua, LuaJIT 2.1, as well as a package of powerful companion Nginx modules. Do not build this module with nginx yourself since it is tricky to set up exactly right. +It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or slower. Alternatively, ngx_lua can be manually compiled into Nginx: diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index c9a8f64c15..a108644ef1 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -197,7 +197,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. = Installation = -It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. +It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or slower. Alternatively, ngx_lua can be manually compiled into Nginx: From 39bec7f40a928ed02cc2acef8eee63210d20fba5 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 19 Apr 2017 20:41:42 -0700 Subject: [PATCH 084/136] doc: minor tweaks. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 36140c1626..e2ee0f2a12 100644 --- a/README.markdown +++ b/README.markdown @@ -263,7 +263,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. Installation ============ -It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or slower. +It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or run slower. Alternatively, ngx_lua can be manually compiled into Nginx: diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index a108644ef1..31b8db2be4 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -197,7 +197,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. = Installation = -It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or slower. +It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or run slower. Alternatively, ngx_lua can be manually compiled into Nginx: From ca8ed0e8cd746c41450b14abff5e40d8f713ccc9 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 19 Apr 2017 20:43:04 -0700 Subject: [PATCH 085/136] doc: minor tweaks. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index e2ee0f2a12..16d56bfe4e 100644 --- a/README.markdown +++ b/README.markdown @@ -263,7 +263,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. Installation ============ -It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or run slower. +It is *highly* recommended to use [OpenResty releases](http://openresty.org) which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features become disabled, not work properly, or run slower. Alternatively, ngx_lua can be manually compiled into Nginx: diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 31b8db2be4..e496672bbb 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -197,7 +197,7 @@ Nginx cores older than 1.6.0 (exclusive) are *not* supported. = Installation = -It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features disabled, not work properly, or run slower. +It is *highly* recommended to use [http://openresty.org OpenResty releases] which integrate Nginx, ngx_lua, LuaJIT 2.1, as well as other powerful companion Nginx modules and Lua libraries. It is discouraged to build this module with nginx yourself since it is tricky to set up exactly right. Also, the stock nginx cores have various limitations and long standing bugs that can make some of this modules' features become disabled, not work properly, or run slower. Alternatively, ngx_lua can be manually compiled into Nginx: From c03462637bc1317da225441dc80dfe2203758622 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 28 Apr 2017 13:51:21 -0700 Subject: [PATCH 086/136] change: removed util/reindex. put it into the openresty/openresty-devel-utils repo instead. --- util/reindex | 65 ---------------------------------------------------- 1 file changed, 65 deletions(-) delete mode 100755 util/reindex diff --git a/util/reindex b/util/reindex deleted file mode 100755 index d0a0927603..0000000000 --- a/util/reindex +++ /dev/null @@ -1,65 +0,0 @@ -#!/usr/bin/env perl - -#: reindexes .t files for Test::Base based test files -#: Copyright (c) Yichun Zhang - -use strict; -use warnings; - -#use File::Copy; -use Getopt::Std; - -my %opts; -getopts('hb:', \%opts); -if ($opts{h} or ! @ARGV) { - die "Usage: reindex [-b 0] t/*.t\n"; -} - -my $init = $opts{b}; -$init = 1 if not defined $init; - -my @files = map glob, @ARGV; -for my $file (@files) { - next if -d $file or $file !~ /\.t_?$/; - reindex($file); -} - -sub reindex { - my $file = $_[0]; - open my $in, $file or - die "Can't open $file for reading: $!"; - my @lines; - my $counter = $init; - my $changed; - while (<$in>) { - s/\r$//; - my $num; - s/ ^ === \s+ TEST \s+ (\d+)/$num=$1; "=== TEST " . $counter++/xie; - next if !defined $num; - if ($num != $counter-1) { - $changed++; - } - } continue { - push @lines, $_; - } - close $in; - - my $text = join '', @lines; - $text =~ s/\n\n+\z/\n/sm; - $text =~ s/(?x) \n+ === \s+ TEST/\n\n\n\n=== TEST/ixsg; - $text =~ s/__(DATA|END)__\n+=== TEST/__${1}__\n\n=== TEST/; - #$text =~ s/\n+$/\n\n/s; - if (! $changed and $text eq join '', @lines) { - warn "reindex: $file:\tskipped.\n"; - return; - } - #File::Copy::copy( $file, "$file.bak" ); - open my $out, "> $file" or - die "Can't open $file for writing: $!"; - binmode $out; - print $out $text; - close $out; - - warn "reindex: $file:\tdone.\n"; -} - From f5633cacc0a7fdd781f18a9864f972af95ba5e8f Mon Sep 17 00:00:00 2001 From: Andreas Lubbe Date: Tue, 31 May 2016 10:23:03 +0200 Subject: [PATCH 087/136] feature: added pure C API for tuning the jit_stack_size option in PCRE. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_common.h | 18 +++++++++ src/ngx_http_lua_module.c | 1 + src/ngx_http_lua_regex.c | 82 +++++++++++++++++++++++++++++++++------ src/ngx_http_lua_regex.h | 2 + 4 files changed, 92 insertions(+), 11 deletions(-) diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h index f37d776a9e..3b0a417963 100644 --- a/src/ngx_http_lua_common.h +++ b/src/ngx_http_lua_common.h @@ -22,6 +22,19 @@ #include +#if (NGX_PCRE) + +#include + +#if (PCRE_MAJOR > 8) || (PCRE_MAJOR == 8 && PCRE_MINOR >= 21) +# define LUA_HAVE_PCRE_JIT 1 +#else +# define LUA_HAVE_PCRE_JIT 0 +#endif + +#endif + + #if !defined(nginx_version) || (nginx_version < 1006000) #error at least nginx 1.6.0 is required but found an older version #endif @@ -168,6 +181,11 @@ struct ngx_http_lua_main_conf_s { ngx_int_t regex_cache_entries; ngx_int_t regex_cache_max_entries; ngx_int_t regex_match_limit; + +#if (LUA_HAVE_PCRE_JIT) + pcre_jit_stack *jit_stack; +#endif + #endif ngx_array_t *shm_zones; /* of ngx_shm_zone_t* */ diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index 72f934d015..7b17ac41ce 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -814,6 +814,7 @@ ngx_http_lua_create_main_conf(ngx_conf_t *cf) * lmcf->running_timers = 0; * lmcf->watcher = NULL; * lmcf->regex_cache_entries = 0; + * lmcf->jit_stack = NULL; * lmcf->shm_zones = NULL; * lmcf->init_handler = NULL; * lmcf->init_src = { 0, NULL }; diff --git a/src/ngx_http_lua_regex.c b/src/ngx_http_lua_regex.c index d882061033..80519ecd15 100644 --- a/src/ngx_http_lua_regex.c +++ b/src/ngx_http_lua_regex.c @@ -17,14 +17,6 @@ #include "ngx_http_lua_script.h" #include "ngx_http_lua_pcrefix.h" #include "ngx_http_lua_util.h" -#include - - -#if (PCRE_MAJOR > 8) || (PCRE_MAJOR == 8 && PCRE_MINOR >= 21) -# define LUA_HAVE_PCRE_JIT 1 -#else -# define LUA_HAVE_PCRE_JIT 0 -#endif #if (PCRE_MAJOR >= 6) @@ -42,6 +34,8 @@ #define NGX_LUA_RE_DFA_MODE_WORKSPACE_COUNT (100) +#define NGX_LUA_RE_MIN_JIT_STACK_SIZE 32 * 1024 + typedef struct { #ifndef NGX_LUA_NO_FFI_API @@ -364,6 +358,10 @@ ngx_http_lua_ngx_re_match_helper(lua_State *L, int wantcaps) sd = pcre_study(re_comp.regex, PCRE_STUDY_JIT_COMPILE, &msg); + if (sd && lmcf->jit_stack) { + pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); + } + ngx_http_lua_pcre_malloc_done(old_pool); # if (NGX_DEBUG) @@ -826,6 +824,10 @@ ngx_http_lua_ngx_re_gmatch(lua_State *L) sd = pcre_study(re_comp.regex, PCRE_STUDY_JIT_COMPILE, &msg); + if (sd && lmcf->jit_stack) { + pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); + } + ngx_http_lua_pcre_malloc_done(old_pool); # if (NGX_DEBUG) @@ -1922,6 +1924,60 @@ ngx_http_lua_ngx_re_sub_helper(lua_State *L, unsigned global) } +ngx_int_t +ngx_http_lua_ffi_set_jit_stack_size(int size, u_char *errstr, + size_t *errstr_size) +{ +#if LUA_HAVE_PCRE_JIT + + ngx_http_lua_main_conf_t *lmcf; + ngx_pool_t *pool, *old_pool; + + lmcf = ngx_http_cycle_get_module_main_conf(ngx_cycle, + ngx_http_lua_module); + + if (size < NGX_LUA_RE_MIN_JIT_STACK_SIZE) { + size = NGX_LUA_RE_MIN_JIT_STACK_SIZE; + } + + pool = lmcf->pool; + + dd("server pool %p", lmcf->pool); + + if (lmcf->jit_stack) { + old_pool = ngx_http_lua_pcre_malloc_init(pool); + + pcre_jit_stack_free(lmcf->jit_stack); + + ngx_http_lua_pcre_malloc_done(old_pool); + } + + old_pool = ngx_http_lua_pcre_malloc_init(pool); + + lmcf->jit_stack = pcre_jit_stack_alloc(NGX_LUA_RE_MIN_JIT_STACK_SIZE, + size); + + ngx_http_lua_pcre_malloc_done(old_pool); + + if (lmcf->jit_stack == NULL) { + *errstr_size = ngx_snprintf(errstr, *errstr_size, + "pcre jit stack allocation failed") + - errstr; + return NGX_ERROR; + } + + return NGX_OK; + +#else /* LUA_HAVE_PCRE_JIT */ + + *errstr_size = ngx_snprintf(errstr, *errstr_size, + "no pcre jit support found") - errstr; + return NGX_ERROR; + +#endif /* LUA_HAVE_PCRE_JIT */ +} + + void ngx_http_lua_inject_regex_api(lua_State *L) { @@ -2170,6 +2226,9 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, goto error; } + lmcf = ngx_http_cycle_get_module_main_conf(ngx_cycle, + ngx_http_lua_module); + #if (LUA_HAVE_PCRE_JIT) if (flags & NGX_LUA_RE_MODE_JIT) { @@ -2205,10 +2264,11 @@ ngx_http_lua_ffi_compile_regex(const unsigned char *pat, size_t pat_len, ngx_http_lua_pcre_malloc_done(old_pool); } -#endif /* LUA_HAVE_PCRE_JIT */ + if (sd && lmcf->jit_stack) { + pcre_assign_jit_stack(sd, NULL, lmcf->jit_stack); + } - lmcf = ngx_http_cycle_get_module_main_conf(ngx_cycle, - ngx_http_lua_module); +#endif /* LUA_HAVE_PCRE_JIT */ if (sd && lmcf && lmcf->regex_match_limit > 0) { sd->flags |= PCRE_EXTRA_MATCH_LIMIT; diff --git a/src/ngx_http_lua_regex.h b/src/ngx_http_lua_regex.h index f5f8e2f875..03dffb80b9 100644 --- a/src/ngx_http_lua_regex.h +++ b/src/ngx_http_lua_regex.h @@ -14,6 +14,8 @@ #if (NGX_PCRE) void ngx_http_lua_inject_regex_api(lua_State *L); +ngx_int_t ngx_http_lua_ffi_set_jit_stack_size(int size, u_char *errstr, + size_t *errstr_size); #endif From b98da9a1914444e86f88ba6f7f2719ba28b16215 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Sun, 16 Apr 2017 21:41:56 +0800 Subject: [PATCH 088/136] feature: added pure C functions ngx_http_lua_ffi_worker_type() & ngx_http_lua_ffi_worker_privileged(). Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_worker.c | 38 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 38 insertions(+) diff --git a/src/ngx_http_lua_worker.c b/src/ngx_http_lua_worker.c index ff09b5b2e4..4af311bc2e 100644 --- a/src/ngx_http_lua_worker.c +++ b/src/ngx_http_lua_worker.c @@ -13,6 +13,9 @@ #include "ngx_http_lua_worker.h" +#define NGX_PROCESS_PRIVILEGED_AGENT 99 + + static int ngx_http_lua_ngx_worker_exiting(lua_State *L); static int ngx_http_lua_ngx_worker_pid(lua_State *L); static int ngx_http_lua_ngx_worker_id(lua_State *L); @@ -130,4 +133,39 @@ ngx_http_lua_ffi_worker_count(void) return (int) ccf->worker_processes; } + + +int +ngx_http_lua_ffi_get_process_type(void) +{ +#ifdef HAVE_PRIVILEGED_PROCESS_PATCH + if (ngx_process == NGX_PROCESS_HELPER) { + if (ngx_is_privileged_agent) { + return NGX_PROCESS_PRIVILEGED_AGENT; + } + } +#endif + + return ngx_process; +} + + +int +ngx_http_lua_ffi_enable_privileged_agent(char **err) +{ +#ifdef HAVE_PRIVILEGED_PROCESS_PATCH + ngx_core_conf_t *ccf; + + ccf = (ngx_core_conf_t *) ngx_get_conf(ngx_cycle->conf_ctx, + ngx_core_module); + + ccf->privileged_agent = 1; + + return NGX_OK; + +#else + *err = "missing privileged agent process patch in the nginx core"; + return NGX_ERROR; +#endif +} #endif From 23cb8e83296f4e586912d32fc9735c72575108d0 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 5 May 2017 23:07:54 -0700 Subject: [PATCH 089/136] travis-ci: enable -msse4.2 when building luajit2. --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 7534c3c658..a0dcec40cb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -91,7 +91,7 @@ before_script: script: - cd luajit2/ - - make -j$JOBS CCDEBUG=-g Q= PREFIX=$LUAJIT_PREFIX CC=$CC XCFLAGS='-DLUA_USE_APICHECK -DLUA_USE_ASSERT' > build.log 2>&1 || (cat build.log && exit 1) + - make -j$JOBS CCDEBUG=-g Q= PREFIX=$LUAJIT_PREFIX CC=$CC XCFLAGS='-DLUA_USE_APICHECK -DLUA_USE_ASSERT -msse4.2' > build.log 2>&1 || (cat build.log && exit 1) - sudo make install PREFIX=$LUAJIT_PREFIX > build.log 2>&1 || (cat build.log && exit 1) - cd .. - tar xzf download-cache/drizzle7-$DRIZZLE_VER.tar.gz && cd drizzle7-$DRIZZLE_VER From edbded4056dae51e2b1e23ebd76e59e22fee2705 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 6 May 2017 18:23:57 -0700 Subject: [PATCH 090/136] change: bumped API version to 0.10.9. --- src/api/ngx_http_lua_api.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/api/ngx_http_lua_api.h b/src/api/ngx_http_lua_api.h index b0df5ae031..5083799a04 100644 --- a/src/api/ngx_http_lua_api.h +++ b/src/api/ngx_http_lua_api.h @@ -19,7 +19,7 @@ /* Public API for other Nginx modules */ -#define ngx_http_lua_version 10008 +#define ngx_http_lua_version 10009 typedef struct { From 6a2b4ff5565d21bf9fd759c8886d470320e35fc9 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 7 May 2017 10:49:46 -0700 Subject: [PATCH 091/136] doc: a typo fix from Oleg Abrosimov. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index 16d56bfe4e..99ac286c35 100644 --- a/README.markdown +++ b/README.markdown @@ -5607,7 +5607,7 @@ ngx.time Returns the elapsed seconds from the epoch for the current time stamp from the nginx cached time (no syscall involved unlike Lua's date library). -Updates of the Nginx time cache an be forced by calling [ngx.update_time](#ngxupdate_time) first. +Updates of the Nginx time cache can be forced by calling [ngx.update_time](#ngxupdate_time) first. [Back to TOC](#nginx-api-for-lua) diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index e496672bbb..f075fa95c5 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -4674,7 +4674,7 @@ This is the local time. Returns the elapsed seconds from the epoch for the current time stamp from the nginx cached time (no syscall involved unlike Lua's date library). -Updates of the Nginx time cache an be forced by calling [[#ngx.update_time|ngx.update_time]] first. +Updates of the Nginx time cache can be forced by calling [[#ngx.update_time|ngx.update_time]] first. == ngx.now == '''syntax:''' ''secs = ngx.now()'' From 1a5a33e61f4d747efa8460555407357ca166eca1 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Thu, 6 Apr 2017 18:31:56 +0800 Subject: [PATCH 092/136] feature: added new config directive lua_intercept_error_log for capturing nginx error logs on Lua land. The corresponding Lua API is provided by the ngx.errlog module in lua-resty-core. Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 4 +- config | 2 + src/ngx_http_lua_common.h | 1 + src/ngx_http_lua_directive.c | 67 +++++++++++ src/ngx_http_lua_directive.h | 3 +- src/ngx_http_lua_log.c | 96 ++++++++++++++++ src/ngx_http_lua_log.h | 4 + src/ngx_http_lua_log_ringbuf.c | 201 +++++++++++++++++++++++++++++++++ src/ngx_http_lua_log_ringbuf.h | 31 +++++ src/ngx_http_lua_module.c | 7 ++ src/ngx_http_lua_util.c | 1 + 11 files changed, 414 insertions(+), 3 deletions(-) create mode 100644 src/ngx_http_lua_log_ringbuf.c create mode 100644 src/ngx_http_lua_log_ringbuf.h diff --git a/.travis.yml b/.travis.yml index a0dcec40cb..359c8cc654 100644 --- a/.travis.yml +++ b/.travis.yml @@ -68,7 +68,7 @@ install: - git clone https://github.com/openresty/test-nginx.git - git clone https://github.com/openresty/openresty.git ../openresty - git clone https://github.com/openresty/no-pool-nginx.git ../no-pool-nginx - - git clone https://github.com/openresty/nginx-devel-utils.git + - git clone https://github.com/openresty/openresty-devel-utils.git - git clone https://github.com/openresty/mockeagain.git - git clone https://github.com/openresty/lua-cjson.git - git clone https://github.com/openresty/lua-upstream-nginx-module.git ../lua-upstream-nginx-module @@ -114,7 +114,7 @@ script: - make -j$JOBS > build.log 2>&1 || (cat build.log && exit 1) - sudo make PATH=$PATH install_sw > build.log 2>&1 || (cat build.log && exit 1) - cd .. - - export PATH=$PWD/work/nginx/sbin:$PWD/nginx-devel-utils:$PATH + - export PATH=$PWD/work/nginx/sbin:$PWD/openresty-devel-utils:$PATH - export NGX_BUILD_CC=$CC - sh util/build.sh $NGINX_VERSION > build.log 2>&1 || (cat build.log && exit 1) - nginx -V diff --git a/config b/config index 5d2ee659d9..044deb974e 100644 --- a/config +++ b/config @@ -360,6 +360,7 @@ HTTP_LUA_SRCS=" \ $ngx_addon_dir/src/ngx_http_lua_ssl_session_storeby.c \ $ngx_addon_dir/src/ngx_http_lua_ssl_session_fetchby.c \ $ngx_addon_dir/src/ngx_http_lua_ssl.c \ + $ngx_addon_dir/src/ngx_http_lua_log_ringbuf.c \ " HTTP_LUA_DEPS=" \ @@ -420,6 +421,7 @@ HTTP_LUA_DEPS=" \ $ngx_addon_dir/src/ngx_http_lua_ssl_session_storeby.h \ $ngx_addon_dir/src/ngx_http_lua_ssl_session_fetchby.h \ $ngx_addon_dir/src/ngx_http_lua_ssl.h \ + $ngx_addon_dir/src/ngx_http_lua_log_ringbuf.h \ " CFLAGS="$CFLAGS -DNDK_SET_VAR" diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h index 3b0a417963..a923aedf02 100644 --- a/src/ngx_http_lua_common.h +++ b/src/ngx_http_lua_common.h @@ -230,6 +230,7 @@ struct ngx_http_lua_main_conf_s { unsigned requires_access:1; unsigned requires_log:1; unsigned requires_shm:1; + unsigned requires_intercept_log:1; }; diff --git a/src/ngx_http_lua_directive.c b/src/ngx_http_lua_directive.c index 862eddaa8a..a92f056d71 100644 --- a/src/ngx_http_lua_directive.c +++ b/src/ngx_http_lua_directive.c @@ -27,6 +27,8 @@ #include "ngx_http_lua_ssl_certby.h" #include "ngx_http_lua_lex.h" #include "api/ngx_http_lua_api.h" +#include "ngx_http_lua_log_ringbuf.h" +#include "ngx_http_lua_log.h" typedef struct ngx_http_lua_block_parser_ctx_s @@ -1700,6 +1702,71 @@ ngx_http_lua_conf_read_lua_token(ngx_conf_t *cf, } +char * +ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf) +{ +#ifndef HAVE_INTERCEPT_ERROR_LOG_PATCH + return "not found: missing the intercept error log patch for nginx"; +#else + ngx_str_t *value; + ssize_t size; + u_char *data; + ngx_cycle_t *cycle; + ngx_http_lua_main_conf_t *lmcf = conf; + ngx_http_lua_log_ringbuf_t *ringbuf; + + value = cf->args->elts; + cycle = cf->cycle; + + if (lmcf->requires_intercept_log) { + return "is duplicate"; + } + + if (value[1].len == 0) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid intercept error log size \"%V\"", + &value[1]); + return NGX_CONF_ERROR; + } + + size = ngx_parse_size(&value[1]); + + if (size < NGX_MAX_ERROR_STR) { + ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, + "invalid intercept error log size \"%V\", " + "minimum size is %d", &value[1], + NGX_MAX_ERROR_STR); + return NGX_CONF_ERROR; + } + + if (cycle->intercept_error_log_handler) { + return "intercept error log handler has been hooked"; + } + + ringbuf = (ngx_http_lua_log_ringbuf_t *) + ngx_palloc(cf->pool, sizeof(ngx_http_lua_log_ringbuf_t)); + if (ringbuf == NULL) { + return NGX_CONF_ERROR; + } + + data = ngx_palloc(cf->pool, size); + if (data == NULL) { + return NGX_CONF_ERROR; + } + + ngx_http_lua_log_ringbuf_init(ringbuf, data, size); + + lmcf->requires_intercept_log = 1; + cycle->intercept_error_log_handler = (ngx_log_intercept_pt) + ngx_http_lua_intercept_log_handler; + cycle->intercept_error_log_data = ringbuf; + + return NGX_CONF_OK; +#endif +} + + /* * ngx_http_lua_strlstrn() is intended to search for static substring * with known length in string until the argument last. The argument n diff --git a/src/ngx_http_lua_directive.h b/src/ngx_http_lua_directive.h index be591f34ee..aabb118994 100644 --- a/src/ngx_http_lua_directive.h +++ b/src/ngx_http_lua_directive.h @@ -67,9 +67,10 @@ ngx_int_t ngx_http_lua_filter_set_by_lua_file(ngx_http_request_t *r, char *ngx_http_lua_rewrite_no_postpone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); - char *ngx_http_lua_conf_lua_block_parse(ngx_conf_t *cf, ngx_command_t *cmd); +char *ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, + void *conf); #endif /* _NGX_HTTP_LUA_DIRECTIVE_H_INCLUDED_ */ diff --git a/src/ngx_http_lua_log.c b/src/ngx_http_lua_log.c index c2b226914b..9e87a590a7 100644 --- a/src/ngx_http_lua_log.c +++ b/src/ngx_http_lua_log.c @@ -13,6 +13,7 @@ #include "ngx_http_lua_log.h" #include "ngx_http_lua_util.h" +#include "ngx_http_lua_log_ringbuf.h" static int ngx_http_lua_print(lua_State *L); @@ -313,4 +314,99 @@ ngx_http_lua_inject_log_consts(lua_State *L) /* }}} */ } + +#ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH +ngx_int_t +ngx_http_lua_intercept_log_handler(ngx_log_t *log, + ngx_uint_t level, void *buf, size_t n) +{ + ngx_http_lua_log_ringbuf_t *ringbuf; + + dd("enter"); + + ringbuf = (ngx_http_lua_log_ringbuf_t *) + ngx_cycle->intercept_error_log_data; + + if (level > ringbuf->filter_level) { + return NGX_OK; + } + + ngx_http_lua_log_ringbuf_write(ringbuf, level, buf, n); + + dd("intercept log: %s\n", buf); + + return NGX_OK; +} +#endif + + +#ifndef NGX_LUA_NO_FFI_API +int +ngx_http_lua_ffi_set_errlog_filter(int level, u_char *err, size_t *errlen) +{ +#ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH + ngx_http_lua_log_ringbuf_t *ringbuf; + + ringbuf = ngx_cycle->intercept_error_log_data; + + if (ringbuf == NULL) { + *errlen = ngx_snprintf(err, *errlen, + "API \"set_errlog_filter\" depends on " + "directive \"lua_intercept_error_log\"") + - err; + return NGX_ERROR; + } + + if (level > NGX_LOG_DEBUG || level < NGX_LOG_STDERR) { + *errlen = ngx_snprintf(err, *errlen, "bad log level: %d", level) + - err; + return NGX_ERROR; + } + + ringbuf->filter_level = level; + return NGX_OK; +#else + *errlen = ngx_snprintf(err, *errlen, + "missing the intercept error log patch for nginx") + - err; + return NGX_ERROR; +#endif +} + + +int +ngx_http_lua_ffi_get_errlog_data(char **log, int *loglevel, u_char *err, + size_t *errlen) +{ +#ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH + ngx_uint_t loglen; + + ngx_http_lua_log_ringbuf_t *ringbuf; + + ringbuf = ngx_cycle->intercept_error_log_data; + + if (ringbuf == NULL) { + *errlen = ngx_snprintf(err, *errlen, + "API \"get_errlog_data\" depends on directive " + "\"lua_intercept_error_log\"") + - err; + return NGX_ERROR; + } + + if (ringbuf->count == 0) { + return NGX_DONE; + } + + ngx_http_lua_log_ringbuf_read(ringbuf, loglevel, (void **)log, &loglen); + return loglen; +#else + *errlen = ngx_snprintf(err, *errlen, + "missing the intercept error log patch for nginx") + - err; + return NGX_ERROR; +#endif +} + +#endif + /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ diff --git a/src/ngx_http_lua_log.h b/src/ngx_http_lua_log.h index 42f1839473..115679af3f 100644 --- a/src/ngx_http_lua_log.h +++ b/src/ngx_http_lua_log.h @@ -13,6 +13,10 @@ void ngx_http_lua_inject_log_api(lua_State *L); +#ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH +ngx_int_t ngx_http_lua_intercept_log_handler(ngx_log_t *log, + ngx_uint_t level, void *buf, size_t n); +#endif #endif /* _NGX_HTTP_LUA_LOG_H_INCLUDED_ */ diff --git a/src/ngx_http_lua_log_ringbuf.c b/src/ngx_http_lua_log_ringbuf.c new file mode 100644 index 0000000000..dca610df56 --- /dev/null +++ b/src/ngx_http_lua_log_ringbuf.c @@ -0,0 +1,201 @@ + +#ifndef DDEBUG +#define DDEBUG 0 +#endif +#include "ddebug.h" + + +#include "ngx_http_lua_common.h" +#include "ngx_http_lua_log_ringbuf.h" + + +typedef struct { + unsigned len:28; /* :24 is big enough if the max log size is 4k */ + unsigned log_level:4; +} ngx_http_lua_log_ringbuf_header_t; + + +enum { + HEADER_LEN = sizeof(ngx_http_lua_log_ringbuf_header_t) +}; + + +static void *ngx_http_lua_log_ringbuf_next_header( + ngx_http_lua_log_ringbuf_t *rb); +static void ngx_http_lua_log_ringbuf_append( + ngx_http_lua_log_ringbuf_t *rb, int sentinel, int log_level, void *buf, + int n); +static size_t ngx_http_lua_log_ringbuf_free_spaces( + ngx_http_lua_log_ringbuf_t *rb); + + +void +ngx_http_lua_log_ringbuf_init(ngx_http_lua_log_ringbuf_t *rb, void *buf, + size_t len) +{ + rb->data = buf; + rb->size = len; + + rb->tail = rb->data; + rb->head = rb->data; + rb->sentinel = rb->data + rb->size; + rb->count = 0; + rb->filter_level = NGX_LOG_DEBUG; + + return; +} + + +void +ngx_http_lua_log_ringbuf_reset(ngx_http_lua_log_ringbuf_t *rb) +{ + rb->tail = rb->data; + rb->head = rb->data; + rb->sentinel = rb->data + rb->size; + rb->count = 0; + + return; +} + + +/* + * get the next data header, it'll skip the useless data space or + * placehold data + */ +static void * +ngx_http_lua_log_ringbuf_next_header(ngx_http_lua_log_ringbuf_t *rb) +{ + /* useless data */ + if (rb->size - (rb->head - rb->data) < HEADER_LEN) + { + rb->head = rb->data; + return rb->head; + } + + /* placehold data */ + if (rb->head >= rb->sentinel) { + rb->head = rb->data; + return rb->head; + } + + return rb->head; +} + + +/* append data to ring buffer directly */ +static void +ngx_http_lua_log_ringbuf_append(ngx_http_lua_log_ringbuf_t *rb, + int sentinel, int log_level, void *buf, int n) +{ + ngx_http_lua_log_ringbuf_header_t *head; + + if (sentinel) { + rb->sentinel = rb->tail; + rb->tail = rb->data; + return; + } + + head = (ngx_http_lua_log_ringbuf_header_t *) rb->tail; + head->len = n; + head->log_level = log_level; + + rb->tail += HEADER_LEN; + ngx_memcpy(rb->tail, buf, n); + rb->tail += n; + rb->count++; + + return; +} + + +/* size of free spaces */ +static size_t +ngx_http_lua_log_ringbuf_free_spaces(ngx_http_lua_log_ringbuf_t *rb) +{ + if (rb->tail == rb->head && rb->tail == rb->data) { + return rb->size; + } + + if (rb->tail > rb->head) { + return rb->data + rb->size - rb->tail; + } + + return rb->head - rb->tail; +} + + +/* + * try to write log data to ring buffer, throw away old data + * if there was not enough free spaces. + */ +ngx_int_t +ngx_http_lua_log_ringbuf_write(ngx_http_lua_log_ringbuf_t *rb, int log_level, + void *buf, size_t n) +{ + size_t free_spaces; + + ngx_http_lua_log_ringbuf_header_t *head; + + if (n + HEADER_LEN > rb->size) { + return NGX_ERROR; + } + + free_spaces = ngx_http_lua_log_ringbuf_free_spaces(rb); + + if (free_spaces < n + HEADER_LEN) { + /* if the right space is not enough, mark it as placehold data */ + if ((size_t)(rb->data + rb->size - rb->tail) < n + HEADER_LEN) { + ngx_http_lua_log_ringbuf_append(rb, 1, 0, NULL, 0); + } + + do { /* throw away old data */ + if (rb->head != ngx_http_lua_log_ringbuf_next_header(rb)) { + break; + } + + head = (ngx_http_lua_log_ringbuf_header_t *) rb->head; + rb->head += HEADER_LEN + head->len; + rb->count--; + + ngx_http_lua_log_ringbuf_next_header(rb); + free_spaces = ngx_http_lua_log_ringbuf_free_spaces(rb); + } while (free_spaces < n + HEADER_LEN); + } + + ngx_http_lua_log_ringbuf_append(rb, 0, log_level, buf, n); + + return NGX_OK; +} + + +/* read log from ring buffer, do reset if all of the logs were readed. */ +ngx_int_t +ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, int *log_level, + void **buf, size_t *n) +{ + ngx_http_lua_log_ringbuf_header_t *head; + + if (rb->count == 0) { + return NGX_ERROR; + } + + head = (ngx_http_lua_log_ringbuf_header_t *) + ngx_http_lua_log_ringbuf_next_header(rb); + + if (rb->head >= rb->sentinel) { + return NGX_ERROR; + } + + *log_level = head->log_level; + *n = head->len; + rb->head += HEADER_LEN; + *buf = rb->head; + rb->head += head->len; + rb->count--; + + if (rb->count == 0) { + ngx_http_lua_log_ringbuf_reset(rb); + } + + return NGX_OK; +} diff --git a/src/ngx_http_lua_log_ringbuf.h b/src/ngx_http_lua_log_ringbuf.h new file mode 100644 index 0000000000..e855e2514a --- /dev/null +++ b/src/ngx_http_lua_log_ringbuf.h @@ -0,0 +1,31 @@ + +#ifndef _NGX_HTTP_LUA_RINGBUF_H_INCLUDED_ +#define _NGX_HTTP_LUA_RINGBUF_H_INCLUDED_ + + +#include "ngx_http_lua_common.h" + + +typedef struct { + ngx_uint_t filter_level; + char *tail; /* writed point */ + char *head; /* readed point */ + char *data; /* buffer */ + char *sentinel; + size_t size; /* buffer total size */ + size_t count; /* count of logs */ +} ngx_http_lua_log_ringbuf_t; + + +void ngx_http_lua_log_ringbuf_init(ngx_http_lua_log_ringbuf_t *rb, + void *buf, size_t len); +void ngx_http_lua_log_ringbuf_reset(ngx_http_lua_log_ringbuf_t *rb); +ngx_int_t ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, + int *log_level, void **buf, size_t *n); +ngx_int_t ngx_http_lua_log_ringbuf_write(ngx_http_lua_log_ringbuf_t *rb, + int log_level, void *buf, size_t n); + + +#endif /* _NGX_HTTP_LUA_RINGBUF_H_INCLUDED_ */ + +/* vi:set ft=c ts=4 sw=4 et fdm=marker: */ diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index 7b17ac41ce..0ad2206911 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -94,6 +94,13 @@ static ngx_command_t ngx_http_lua_cmds[] = { 0, NULL }, + { ngx_string("lua_intercept_error_log"), + NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, + ngx_http_lua_intercept_error_log, + 0, + 0, + NULL }, + #if (NGX_PCRE) { ngx_string("lua_regex_cache_max_entries"), NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, diff --git a/src/ngx_http_lua_util.c b/src/ngx_http_lua_util.c index 7f59833371..ba9c9579e8 100644 --- a/src/ngx_http_lua_util.c +++ b/src/ngx_http_lua_util.c @@ -51,6 +51,7 @@ #include "ngx_http_lua_socket_tcp.h" #include "ngx_http_lua_ssl_certby.h" #include "ngx_http_lua_ssl.h" +#include "ngx_http_lua_log_ringbuf.h" #if 1 From 8d8f2c24a19e0ea2ad60fab04f0f1c3b70f926d6 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 12 May 2017 17:56:47 -0700 Subject: [PATCH 093/136] doc: documented the lua_intercept_error_log directive. --- README.markdown | 37 +++++++++++++++++++++++++++++++++++++ doc/HttpLuaModule.wiki | 34 ++++++++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+) diff --git a/README.markdown b/README.markdown index 99ac286c35..7c040c7ea6 100644 --- a/README.markdown +++ b/README.markdown @@ -1036,6 +1036,7 @@ See Also Directives ========== +* [lua_intercept_error_log](#lua_intercept_error_log) * [lua_use_default_type](#lua_use_default_type) * [lua_malloc_trim](#lua_malloc_trim) * [lua_code_cache](#lua_code_cache) @@ -1109,6 +1110,42 @@ how the result will be used. Below is a diagram showing the order in which direc [Back to TOC](#table-of-contents) +lua_intercept_error_log +----------------------- +**syntax:** *lua_intercept_error_log size* + +**default:** *none* + +**context:** *http* + +Enables a buffer of the specified `size` for capturing all the nginx error log message data (not just those produced +by this module or the nginx http subsystem, but everything) without touching files or disks. + +You can use units like `k` and `m` in the `size` value, as in + +```nginx + + lua_intercept_error_log 100k; +``` + +The buffer never grows. If it is full, new error log messages will replace the oldest ones in the buffer. + +The size of the buffer must be bigger than the maximum length of a single error log message (which is 4K in OpenResty and 2K in stock NGINX). + +You can read the messages in the buffer on the Lua land via the +[get_error_log()](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#get_error_logs) +Lua function of the +[ngx.errlog](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme) +Lua module of the [lua-resty-core](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme) +library. This Lua API function will return the captured error log messages and +also remove these already read from the global capturing buffer, making room +for any new error log data. For this reason, the user should not configure this +buffer to be too big if the user read the buffered error log data fast enough. + +This directive was first introduced in the `v0.10.9` release. + +[Back to TOC](#directives) + lua_use_default_type -------------------- **syntax:** *lua_use_default_type on | off* diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index f075fa95c5..38ad6ca607 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -859,6 +859,40 @@ how the result will be used. Below is a diagram showing the order in which direc ![Lua Nginx Modules Directives](https://cloud.githubusercontent.com/assets/2137369/15272097/77d1c09e-1a37-11e6-97ef-d9767035fc3e.png) +== lua_intercept_error_log == +'''syntax:''' ''lua_intercept_error_log size'' + +'''default:''' ''none'' + +'''context:''' ''http'' + +Enables a buffer of the specified size for capturing all the nginx error log message data (not just those produced +by this module or the nginx http subsystem, but everything) without touching files or disks. + +You can use units like `k` and `m` in the size value, as in + + + lua_intercept_error_log 100k; + + +As a rule of thumb, a 4KB buffer can usually hold about 20 typical error log messages. So do the maths! + +This buffer never grows. If it is full, new error log messages will replace the oldest ones in the buffer. + +The size of the buffer must be bigger than the maximum length of a single error log message (which is 4K in OpenResty and 2K in stock NGINX). + +You can read the messages in the buffer on the Lua land via the +[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#get_error_logs get_error_log()] +Lua function of the +[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme ngx.errlog] +Lua module of the [https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme lua-resty-core] +library. This Lua API function will return the captured error log messages and +also remove these already read from the global capturing buffer, making room +for any new error log data. For this reason, the user should not configure this +buffer to be too big if the user read the buffered error log data fast enough. + +This directive was first introduced in the v0.10.9 release. + == lua_use_default_type == '''syntax:''' ''lua_use_default_type on | off'' From 4ed1f96051c06606ad617c4939c5b39ee125b3f6 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 12 May 2017 18:03:29 -0700 Subject: [PATCH 094/136] doc: added more material on capturing error log filtering. --- README.markdown | 16 +++++++++++++++- doc/HttpLuaModule.wiki | 12 ++++++++++++ 2 files changed, 27 insertions(+), 1 deletion(-) diff --git a/README.markdown b/README.markdown index 7c040c7ea6..59ce1caa1b 100644 --- a/README.markdown +++ b/README.markdown @@ -1128,7 +1128,9 @@ You can use units like `k` and `m` in the `size` value, as in lua_intercept_error_log 100k; ``` -The buffer never grows. If it is full, new error log messages will replace the oldest ones in the buffer. +As a rule of thumb, a 4KB buffer can usually hold about 20 typical error log messages. So do the maths! + +This buffer never grows. If it is full, new error log messages will replace the oldest ones in the buffer. The size of the buffer must be bigger than the maximum length of a single error log message (which is 4K in OpenResty and 2K in stock NGINX). @@ -1142,6 +1144,18 @@ also remove these already read from the global capturing buffer, making room for any new error log data. For this reason, the user should not configure this buffer to be too big if the user read the buffered error log data fast enough. +Note that the log level specified in the standard [error_log](http://nginx.org/r/error_log) directive +has no effect on this capturing facility. It always captures *everything* including those with a log +level below the specified log level in the [error_log](http://nginx.org/r/error_log) directive. +The user can still choose to set a dynamic filtering log level via the Lua API function +[errlog.set_errlog_filter](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#set_errlog_filter). +It is much more flexible than the static [error_log](http://nginx.org/r/error_log) directive. + +It is worth noting that there is no way to capture the debugging logs +without building OpenResty or NGINX with the `./configure` +option `--with-debug`. And enabling debugging logs is +strongly discouraged in production builds due to high overhead. + This directive was first introduced in the `v0.10.9` release. [Back to TOC](#directives) diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 38ad6ca607..debba06dec 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -891,6 +891,18 @@ also remove these already read from the global capturing buffer, making room for any new error log data. For this reason, the user should not configure this buffer to be too big if the user read the buffered error log data fast enough. +Note that the log level specified in the standard [http://nginx.org/r/error_log error_log] directive +has no effect on this capturing facility. It always captures ''everything'' including those with a log +level below the specified log level in the [http://nginx.org/r/error_log error_log] directive. +The user can still choose to set a dynamic filtering log level via the Lua API function +[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#set_errlog_filter errlog.set_errlog_filter]. +It is much more flexible than the static [http://nginx.org/r/error_log error_log] directive. + +It is worth noting that there is no way to capture the debugging logs +without building OpenResty or NGINX with the ./configure +option --with-debug. And enabling debugging logs is +strongly discouraged in production builds due to high overhead. + This directive was first introduced in the v0.10.9 release. == lua_use_default_type == From ab63ba8df2ad0450fe533cf369ab0f6573b3ea00 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Fri, 12 May 2017 18:23:02 -0700 Subject: [PATCH 095/136] change: renamed lua_intercept_error_log directive to lua_capture_error_log. --- README.markdown | 10 +++++----- doc/HttpLuaModule.wiki | 6 +++--- src/ngx_http_lua_common.h | 2 +- src/ngx_http_lua_directive.c | 16 ++++++++-------- src/ngx_http_lua_directive.h | 2 +- src/ngx_http_lua_log.c | 14 +++++++------- src/ngx_http_lua_log.h | 4 ++-- src/ngx_http_lua_module.c | 4 ++-- 8 files changed, 29 insertions(+), 29 deletions(-) diff --git a/README.markdown b/README.markdown index 59ce1caa1b..7cf7bf6366 100644 --- a/README.markdown +++ b/README.markdown @@ -1036,7 +1036,7 @@ See Also Directives ========== -* [lua_intercept_error_log](#lua_intercept_error_log) +* [lua_capture_error_log](#lua_capture_error_log) * [lua_use_default_type](#lua_use_default_type) * [lua_malloc_trim](#lua_malloc_trim) * [lua_code_cache](#lua_code_cache) @@ -1110,9 +1110,9 @@ how the result will be used. Below is a diagram showing the order in which direc [Back to TOC](#table-of-contents) -lua_intercept_error_log ------------------------ -**syntax:** *lua_intercept_error_log size* +lua_capture_error_log +--------------------- +**syntax:** *lua_capture_error_log size* **default:** *none* @@ -1125,7 +1125,7 @@ You can use units like `k` and `m` in the `size` value, as in ```nginx - lua_intercept_error_log 100k; + lua_capture_error_log 100k; ``` As a rule of thumb, a 4KB buffer can usually hold about 20 typical error log messages. So do the maths! diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index debba06dec..50881381ac 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -859,8 +859,8 @@ how the result will be used. Below is a diagram showing the order in which direc ![Lua Nginx Modules Directives](https://cloud.githubusercontent.com/assets/2137369/15272097/77d1c09e-1a37-11e6-97ef-d9767035fc3e.png) -== lua_intercept_error_log == -'''syntax:''' ''lua_intercept_error_log size'' +== lua_capture_error_log == +'''syntax:''' ''lua_capture_error_log size'' '''default:''' ''none'' @@ -872,7 +872,7 @@ by this module or the nginx http subsystem, but everything) without touching fil You can use units like `k` and `m` in the size value, as in - lua_intercept_error_log 100k; + lua_capture_error_log 100k; As a rule of thumb, a 4KB buffer can usually hold about 20 typical error log messages. So do the maths! diff --git a/src/ngx_http_lua_common.h b/src/ngx_http_lua_common.h index a923aedf02..e38978389c 100644 --- a/src/ngx_http_lua_common.h +++ b/src/ngx_http_lua_common.h @@ -230,7 +230,7 @@ struct ngx_http_lua_main_conf_s { unsigned requires_access:1; unsigned requires_log:1; unsigned requires_shm:1; - unsigned requires_intercept_log:1; + unsigned requires_capture_log:1; }; diff --git a/src/ngx_http_lua_directive.c b/src/ngx_http_lua_directive.c index a92f056d71..6a562f47b4 100644 --- a/src/ngx_http_lua_directive.c +++ b/src/ngx_http_lua_directive.c @@ -1703,11 +1703,11 @@ ngx_http_lua_conf_read_lua_token(ngx_conf_t *cf, char * -ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, +ngx_http_lua_capture_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf) { #ifndef HAVE_INTERCEPT_ERROR_LOG_PATCH - return "not found: missing the intercept error log patch for nginx"; + return "not found: missing the capture error log patch for nginx"; #else ngx_str_t *value; ssize_t size; @@ -1719,13 +1719,13 @@ ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, value = cf->args->elts; cycle = cf->cycle; - if (lmcf->requires_intercept_log) { + if (lmcf->requires_capture_log) { return "is duplicate"; } if (value[1].len == 0) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "invalid intercept error log size \"%V\"", + "invalid capture error log size \"%V\"", &value[1]); return NGX_CONF_ERROR; } @@ -1734,14 +1734,14 @@ ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, if (size < NGX_MAX_ERROR_STR) { ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, - "invalid intercept error log size \"%V\", " + "invalid capture error log size \"%V\", " "minimum size is %d", &value[1], NGX_MAX_ERROR_STR); return NGX_CONF_ERROR; } if (cycle->intercept_error_log_handler) { - return "intercept error log handler has been hooked"; + return "capture error log handler has been hooked"; } ringbuf = (ngx_http_lua_log_ringbuf_t *) @@ -1757,9 +1757,9 @@ ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, ngx_http_lua_log_ringbuf_init(ringbuf, data, size); - lmcf->requires_intercept_log = 1; + lmcf->requires_capture_log = 1; cycle->intercept_error_log_handler = (ngx_log_intercept_pt) - ngx_http_lua_intercept_log_handler; + ngx_http_lua_capture_log_handler; cycle->intercept_error_log_data = ringbuf; return NGX_CONF_OK; diff --git a/src/ngx_http_lua_directive.h b/src/ngx_http_lua_directive.h index aabb118994..5abfe4dde2 100644 --- a/src/ngx_http_lua_directive.h +++ b/src/ngx_http_lua_directive.h @@ -69,7 +69,7 @@ char *ngx_http_lua_rewrite_no_postpone(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); char *ngx_http_lua_conf_lua_block_parse(ngx_conf_t *cf, ngx_command_t *cmd); -char *ngx_http_lua_intercept_error_log(ngx_conf_t *cf, ngx_command_t *cmd, +char *ngx_http_lua_capture_error_log(ngx_conf_t *cf, ngx_command_t *cmd, void *conf); diff --git a/src/ngx_http_lua_log.c b/src/ngx_http_lua_log.c index 9e87a590a7..e0ac5a654e 100644 --- a/src/ngx_http_lua_log.c +++ b/src/ngx_http_lua_log.c @@ -317,8 +317,8 @@ ngx_http_lua_inject_log_consts(lua_State *L) #ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH ngx_int_t -ngx_http_lua_intercept_log_handler(ngx_log_t *log, - ngx_uint_t level, void *buf, size_t n) +ngx_http_lua_capture_log_handler(ngx_log_t *log, + ngx_uint_t level, u_char *buf, size_t n) { ngx_http_lua_log_ringbuf_t *ringbuf; @@ -333,7 +333,7 @@ ngx_http_lua_intercept_log_handler(ngx_log_t *log, ngx_http_lua_log_ringbuf_write(ringbuf, level, buf, n); - dd("intercept log: %s\n", buf); + dd("capture log: %s\n", buf); return NGX_OK; } @@ -352,7 +352,7 @@ ngx_http_lua_ffi_set_errlog_filter(int level, u_char *err, size_t *errlen) if (ringbuf == NULL) { *errlen = ngx_snprintf(err, *errlen, "API \"set_errlog_filter\" depends on " - "directive \"lua_intercept_error_log\"") + "directive \"lua_capture_error_log\"") - err; return NGX_ERROR; } @@ -367,7 +367,7 @@ ngx_http_lua_ffi_set_errlog_filter(int level, u_char *err, size_t *errlen) return NGX_OK; #else *errlen = ngx_snprintf(err, *errlen, - "missing the intercept error log patch for nginx") + "missing the capture error log patch for nginx") - err; return NGX_ERROR; #endif @@ -388,7 +388,7 @@ ngx_http_lua_ffi_get_errlog_data(char **log, int *loglevel, u_char *err, if (ringbuf == NULL) { *errlen = ngx_snprintf(err, *errlen, "API \"get_errlog_data\" depends on directive " - "\"lua_intercept_error_log\"") + "\"lua_capture_error_log\"") - err; return NGX_ERROR; } @@ -401,7 +401,7 @@ ngx_http_lua_ffi_get_errlog_data(char **log, int *loglevel, u_char *err, return loglen; #else *errlen = ngx_snprintf(err, *errlen, - "missing the intercept error log patch for nginx") + "missing the capture error log patch for nginx") - err; return NGX_ERROR; #endif diff --git a/src/ngx_http_lua_log.h b/src/ngx_http_lua_log.h index 115679af3f..56cd7719a0 100644 --- a/src/ngx_http_lua_log.h +++ b/src/ngx_http_lua_log.h @@ -14,8 +14,8 @@ void ngx_http_lua_inject_log_api(lua_State *L); #ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH -ngx_int_t ngx_http_lua_intercept_log_handler(ngx_log_t *log, - ngx_uint_t level, void *buf, size_t n); +ngx_int_t ngx_http_lua_capture_log_handler(ngx_log_t *log, + ngx_uint_t level, u_char *buf, size_t n); #endif diff --git a/src/ngx_http_lua_module.c b/src/ngx_http_lua_module.c index 0ad2206911..9d914e86e8 100644 --- a/src/ngx_http_lua_module.c +++ b/src/ngx_http_lua_module.c @@ -94,9 +94,9 @@ static ngx_command_t ngx_http_lua_cmds[] = { 0, NULL }, - { ngx_string("lua_intercept_error_log"), + { ngx_string("lua_capture_error_log"), NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1, - ngx_http_lua_intercept_error_log, + ngx_http_lua_capture_error_log, 0, 0, NULL }, From eb0bb285378f88790630e6723bda6c65ccb04791 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 13 May 2017 19:30:12 -0700 Subject: [PATCH 096/136] lua_capture_error_log: various documentation fixes and API name changes. --- README.markdown | 16 ++++++++-------- doc/HttpLuaModule.wiki | 16 ++++++++-------- src/ngx_http_lua_log.c | 10 ++++------ 3 files changed, 20 insertions(+), 22 deletions(-) diff --git a/README.markdown b/README.markdown index 7cf7bf6366..cb2057bded 100644 --- a/README.markdown +++ b/README.markdown @@ -1135,21 +1135,21 @@ This buffer never grows. If it is full, new error log messages will replace the The size of the buffer must be bigger than the maximum length of a single error log message (which is 4K in OpenResty and 2K in stock NGINX). You can read the messages in the buffer on the Lua land via the -[get_error_log()](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#get_error_logs) -Lua function of the +[get_logs()](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#get_logs) +function of the [ngx.errlog](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme) -Lua module of the [lua-resty-core](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme) +module of the [lua-resty-core](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme) library. This Lua API function will return the captured error log messages and also remove these already read from the global capturing buffer, making room for any new error log data. For this reason, the user should not configure this buffer to be too big if the user read the buffered error log data fast enough. Note that the log level specified in the standard [error_log](http://nginx.org/r/error_log) directive -has no effect on this capturing facility. It always captures *everything* including those with a log -level below the specified log level in the [error_log](http://nginx.org/r/error_log) directive. -The user can still choose to set a dynamic filtering log level via the Lua API function -[errlog.set_errlog_filter](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#set_errlog_filter). -It is much more flexible than the static [error_log](http://nginx.org/r/error_log) directive. +*does* have effect on this capturing facility. It only captures log +messages of a level no lower than the specified log level in the [error_log](http://nginx.org/r/error_log) directive. +The user can still choose to set an even higher filtering log level on the fly via the Lua API function +[errlog.set_filter_level](https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#set_filter_level). +So it is more flexible than the static [error_log](http://nginx.org/r/error_log) directive. It is worth noting that there is no way to capture the debugging logs without building OpenResty or NGINX with the `./configure` diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 50881381ac..c0c73624fe 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -882,21 +882,21 @@ This buffer never grows. If it is full, new error log messages will replace the The size of the buffer must be bigger than the maximum length of a single error log message (which is 4K in OpenResty and 2K in stock NGINX). You can read the messages in the buffer on the Lua land via the -[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#get_error_logs get_error_log()] -Lua function of the +[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#get_logs get_logs()] +function of the [https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme ngx.errlog] -Lua module of the [https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme lua-resty-core] +module of the [https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#readme lua-resty-core] library. This Lua API function will return the captured error log messages and also remove these already read from the global capturing buffer, making room for any new error log data. For this reason, the user should not configure this buffer to be too big if the user read the buffered error log data fast enough. Note that the log level specified in the standard [http://nginx.org/r/error_log error_log] directive -has no effect on this capturing facility. It always captures ''everything'' including those with a log -level below the specified log level in the [http://nginx.org/r/error_log error_log] directive. -The user can still choose to set a dynamic filtering log level via the Lua API function -[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#set_errlog_filter errlog.set_errlog_filter]. -It is much more flexible than the static [http://nginx.org/r/error_log error_log] directive. +''does'' have effect on this capturing facility. It only captures log +messages of a level no lower than the specified log level in the [http://nginx.org/r/error_log error_log] directive. +The user can still choose to set an even higher filtering log level on the fly via the Lua API function +[https://github.com/openresty/lua-resty-core/blob/master/lib/ngx/errlog.md#set_filter_level errlog.set_filter_level]. +So it is more flexible than the static [http://nginx.org/r/error_log error_log] directive. It is worth noting that there is no way to capture the debugging logs without building OpenResty or NGINX with the ./configure diff --git a/src/ngx_http_lua_log.c b/src/ngx_http_lua_log.c index e0ac5a654e..097c544ed3 100644 --- a/src/ngx_http_lua_log.c +++ b/src/ngx_http_lua_log.c @@ -342,7 +342,7 @@ ngx_http_lua_capture_log_handler(ngx_log_t *log, #ifndef NGX_LUA_NO_FFI_API int -ngx_http_lua_ffi_set_errlog_filter(int level, u_char *err, size_t *errlen) +ngx_http_lua_ffi_errlog_set_filter_level(int level, u_char *err, size_t *errlen) { #ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH ngx_http_lua_log_ringbuf_t *ringbuf; @@ -351,8 +351,7 @@ ngx_http_lua_ffi_set_errlog_filter(int level, u_char *err, size_t *errlen) if (ringbuf == NULL) { *errlen = ngx_snprintf(err, *errlen, - "API \"set_errlog_filter\" depends on " - "directive \"lua_capture_error_log\"") + "directive \"lua_capture_error_log\" is not set") - err; return NGX_ERROR; } @@ -375,7 +374,7 @@ ngx_http_lua_ffi_set_errlog_filter(int level, u_char *err, size_t *errlen) int -ngx_http_lua_ffi_get_errlog_data(char **log, int *loglevel, u_char *err, +ngx_http_lua_ffi_errlog_get_logs(char **log, int *loglevel, u_char *err, size_t *errlen) { #ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH @@ -387,8 +386,7 @@ ngx_http_lua_ffi_get_errlog_data(char **log, int *loglevel, u_char *err, if (ringbuf == NULL) { *errlen = ngx_snprintf(err, *errlen, - "API \"get_errlog_data\" depends on directive " - "\"lua_capture_error_log\"") + "directive \"lua_capture_error_log\" is not set") - err; return NGX_ERROR; } From 76e2138975463aa9162f482579b688f0e9e06d54 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sat, 13 May 2017 19:35:25 -0700 Subject: [PATCH 097/136] change: renamed the C API function ngx_http_lua_ffi_errlog_get_logs to ngx_http_lua_ffi_errlog_get_msg. --- src/ngx_http_lua_log.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ngx_http_lua_log.c b/src/ngx_http_lua_log.c index 097c544ed3..5fc79dd232 100644 --- a/src/ngx_http_lua_log.c +++ b/src/ngx_http_lua_log.c @@ -374,7 +374,7 @@ ngx_http_lua_ffi_errlog_set_filter_level(int level, u_char *err, size_t *errlen) int -ngx_http_lua_ffi_errlog_get_logs(char **log, int *loglevel, u_char *err, +ngx_http_lua_ffi_errlog_get_msg(char **log, int *loglevel, u_char *err, size_t *errlen) { #ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH From 2a87704933546b4239ab0ebfa37b9be231d0dc04 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 14 May 2017 11:25:46 -0700 Subject: [PATCH 098/136] feature: added new pure C API ngx_http_lua_ffi_process_signal_graceful_exit() for the signal_graceful_exit() function of the ngx.process module in lua-resty-core. --- src/ngx_http_lua_worker.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/src/ngx_http_lua_worker.c b/src/ngx_http_lua_worker.c index 4af311bc2e..f4425b914a 100644 --- a/src/ngx_http_lua_worker.c +++ b/src/ngx_http_lua_worker.c @@ -168,4 +168,11 @@ ngx_http_lua_ffi_enable_privileged_agent(char **err) return NGX_ERROR; #endif } + + +void +ngx_http_lua_ffi_process_signal_graceful_exit(void) +{ + ngx_quit = 1; +} #endif From 9b16e254e84956cf344750caf29dc7cb66d8e1c9 Mon Sep 17 00:00:00 2001 From: doujiang24 Date: Thu, 1 Sep 2016 10:52:32 +0800 Subject: [PATCH 099/136] feature: implemented the ngx.timer.every() API function for creating recurring timers. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 31 +++- doc/HttpLuaModule.wiki | 27 ++- src/ngx_http_lua_timer.c | 209 ++++++++++++++++++++- t/062-count.t | 2 +- t/152-timer-every.t | 381 +++++++++++++++++++++++++++++++++++++++ 5 files changed, 634 insertions(+), 16 deletions(-) create mode 100644 t/152-timer-every.t diff --git a/README.markdown b/README.markdown index cb2057bded..24f10731da 100644 --- a/README.markdown +++ b/README.markdown @@ -1471,8 +1471,8 @@ This hook is often used to create per-worker reoccurring timers (via the [ngx.ti end end - local ok, err = new_timer(delay, check) - if not ok then + local hdl, err = new_timer(delay, check) + if not hdl then log(ERR, "failed to create timer: ", err) return end @@ -3217,6 +3217,7 @@ Nginx API for Lua * [ngx.thread.kill](#ngxthreadkill) * [ngx.on_abort](#ngxon_abort) * [ngx.timer.at](#ngxtimerat) +* [ngx.timer.every](#ngxtimerevery) * [ngx.timer.running_count](#ngxtimerrunning_count) * [ngx.timer.pending_count](#ngxtimerpending_count) * [ngx.config.subsystem](#ngxconfigsubsystem) @@ -7568,7 +7569,7 @@ See also [lua_check_client_abort](#lua_check_client_abort). ngx.timer.at ------------ -**syntax:** *ok, err = ngx.timer.at(delay, callback, user_arg1, user_arg2, ...)* +**syntax:** *hdl, err = ngx.timer.at(delay, callback, user_arg1, user_arg2, ...)* **context:** *init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** @@ -7594,7 +7595,7 @@ Premature timer expiration happens when the Nginx worker process is trying to shut down, as in an Nginx configuration reload triggered by the `HUP` signal or in an Nginx server shutdown. When the Nginx worker is trying to shut down, one can no longer call `ngx.timer.at` to -create new timers with nonzero delays and in that case `ngx.timer.at` will return `nil` and +create new timers with nonzero delays and in that case `ngx.timer.at` will return a "conditional false" value and a string describing the error, that is, "process exiting". Starting from the `v0.9.3` release, it is allowed to create zero-delay timers even when the Nginx worker process starts shutting down. @@ -7653,6 +7654,9 @@ One can also create infinite re-occurring timers, for instance, a timer getting end ``` +It is recommended, however, to use the [ngx.timer.every](#ngxtimerevery) API function +instead for creating recurring timers since it is more robust. + Because timer callbacks run in the background and their running time will not add to any client request's response time, they can easily accumulate in the server and exhaust system resources due to either @@ -7692,6 +7696,25 @@ This API was first introduced in the `v0.8.0` release. [Back to TOC](#nginx-api-for-lua) +ngx.timer.every +--------------- +**syntax:** *hdl, err = ngx.timer.every(delay, callback, user_arg1, user_arg2, ...)* + +**context:** *init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua** + +Similar to the [ngx.timer.at](#ngxtimerat) API function, but + +1. `delay` *cannot* be zero, +1. timer will be created every `delay` seconds until the current Nginx worker process starts exiting. + +When success, returns a "conditional true" value (but not a `true`). Otherwise, returns a "conditional false" value and a string describing the error. + +This API also respect the [lua_max_pending_timers](#lua_max_pending_timers) and [lua_max_running_timers](#lua_max_running_timers). + +This API was first introduced in the `v0.10.9` release. + +[Back to TOC](#nginx-api-for-lua) + ngx.timer.running_count ----------------------- **syntax:** *count = ngx.timer.running_count()* diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index c0c73624fe..1e8d0295b8 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -1180,8 +1180,8 @@ This hook is often used to create per-worker reoccurring timers (via the [[#ngx. end end - local ok, err = new_timer(delay, check) - if not ok then + local hdl, err = new_timer(delay, check) + if not hdl then log(ERR, "failed to create timer: ", err) return end @@ -6412,7 +6412,7 @@ This API was first introduced in the v0.7.4 release. See also [[#lua_check_client_abort|lua_check_client_abort]]. == ngx.timer.at == -'''syntax:''' ''ok, err = ngx.timer.at(delay, callback, user_arg1, user_arg2, ...)'' +'''syntax:''' ''hdl, err = ngx.timer.at(delay, callback, user_arg1, user_arg2, ...)'' '''context:''' ''init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' @@ -6438,7 +6438,7 @@ Premature timer expiration happens when the Nginx worker process is trying to shut down, as in an Nginx configuration reload triggered by the HUP signal or in an Nginx server shutdown. When the Nginx worker is trying to shut down, one can no longer call ngx.timer.at to -create new timers with nonzero delays and in that case ngx.timer.at will return nil and +create new timers with nonzero delays and in that case ngx.timer.at will return a "conditional false" value and a string describing the error, that is, "process exiting". Starting from the v0.9.3 release, it is allowed to create zero-delay timers even when the Nginx worker process starts shutting down. @@ -6495,6 +6495,9 @@ One can also create infinite re-occurring timers, for instance, a timer getting end +It is recommended, however, to use the [[#ngx.timer.every|ngx.timer.every]] API function +instead for creating recurring timers since it is more robust. + Because timer callbacks run in the background and their running time will not add to any client request's response time, they can easily accumulate in the server and exhaust system resources due to either @@ -6532,6 +6535,22 @@ You can pass most of the standard Lua values (nils, booleans, numbers, strings, This API was first introduced in the v0.8.0 release. +== ngx.timer.every == +'''syntax:''' ''hdl, err = ngx.timer.every(delay, callback, user_arg1, user_arg2, ...)'' + +'''context:''' ''init_worker_by_lua*, set_by_lua*, rewrite_by_lua*, access_by_lua*, content_by_lua*, header_filter_by_lua*, body_filter_by_lua*, log_by_lua*, ngx.timer.*, balancer_by_lua*, ssl_certificate_by_lua*, ssl_session_fetch_by_lua*, ssl_session_store_by_lua*'' + +Similar to the [[#ngx.timer.at|ngx.timer.at]] API function, but + +# delay ''cannot'' be zero, +# timer will be created every delay seconds until the current Nginx worker process starts exiting. + +When success, returns a "conditional true" value (but not a true). Otherwise, returns a "conditional false" value and a string describing the error. + +This API also respect the [[#lua_max_pending_timers|lua_max_pending_timers]] and [[#lua_max_running_timers|lua_max_running_timers]]. + +This API was first introduced in the v0.10.9 release. + == ngx.timer.running_count == '''syntax:''' ''count = ngx.timer.running_count()'' diff --git a/src/ngx_http_lua_timer.c b/src/ngx_http_lua_timer.c index 01b4777896..596b2f77e9 100644 --- a/src/ngx_http_lua_timer.c +++ b/src/ngx_http_lua_timer.c @@ -21,11 +21,6 @@ typedef struct { void **srv_conf; void **loc_conf; - /* event ident must be after 3 words (i.e. 3 pointers' size) as in - * ngx_connection_t. and we use the Lua coroutine reference number as - * the event ident */ - int co_ref; - unsigned premature; /* :1 */ lua_State *co; ngx_pool_t *pool; @@ -36,12 +31,18 @@ typedef struct { ngx_http_lua_main_conf_t *lmcf; ngx_http_lua_vm_state_t *vm_state; + int co_ref; + unsigned delay:31; + unsigned premature:1; } ngx_http_lua_timer_ctx_t; static int ngx_http_lua_ngx_timer_at(lua_State *L); +static int ngx_http_lua_ngx_timer_every(lua_State *L); +static int ngx_http_lua_ngx_timer_helper(lua_State *L, int every); static int ngx_http_lua_ngx_timer_running_count(lua_State *L); static int ngx_http_lua_ngx_timer_pending_count(lua_State *L); +static ngx_int_t ngx_http_lua_timer_copy(ngx_http_lua_timer_ctx_t *old_tctx); static void ngx_http_lua_timer_handler(ngx_event_t *ev); static u_char *ngx_http_lua_log_timer_error(ngx_log_t *log, u_char *buf, size_t len); @@ -51,11 +52,14 @@ static void ngx_http_lua_abort_pending_timers(ngx_event_t *ev); void ngx_http_lua_inject_timer_api(lua_State *L) { - lua_createtable(L, 0 /* narr */, 3 /* nrec */); /* ngx.timer. */ + lua_createtable(L, 0 /* narr */, 4 /* nrec */); /* ngx.timer. */ lua_pushcfunction(L, ngx_http_lua_ngx_timer_at); lua_setfield(L, -2, "at"); + lua_pushcfunction(L, ngx_http_lua_ngx_timer_every); + lua_setfield(L, -2, "every"); + lua_pushcfunction(L, ngx_http_lua_ngx_timer_running_count); lua_setfield(L, -2, "running_count"); @@ -106,6 +110,24 @@ ngx_http_lua_ngx_timer_pending_count(lua_State *L) static int ngx_http_lua_ngx_timer_at(lua_State *L) +{ + return ngx_http_lua_ngx_timer_helper(L, 0); +} + + +/* + * TODO: return a timer handler instead which can be passed to + * the ngx.timer.cancel method to cancel the timer. + */ +static int +ngx_http_lua_ngx_timer_every(lua_State *L) +{ + return ngx_http_lua_ngx_timer_helper(L, 1); +} + + +static int +ngx_http_lua_ngx_timer_helper(lua_State *L, int every) { int nargs, co_ref; u_char *p; @@ -134,6 +156,10 @@ ngx_http_lua_ngx_timer_at(lua_State *L) delay = (ngx_msec_t) (luaL_checknumber(L, 1) * 1000); + if (every && delay == 0) { + return luaL_error(L, "delay cannot be zero"); + } + luaL_argcheck(L, lua_isfunction(L, 2) && !lua_iscfunction(L, 2), 2, "Lua function expected"); @@ -233,7 +259,7 @@ ngx_http_lua_ngx_timer_at(lua_State *L) lua_pushlightuserdata(L, &ngx_http_lua_coroutines_key); lua_rawget(L, LUA_REGISTRYINDEX); - /* L stack: time func [args] thread corountines */ + /* L stack: time func [args] thread coroutines */ lua_pushvalue(L, -2); @@ -265,6 +291,8 @@ ngx_http_lua_ngx_timer_at(lua_State *L) tctx = (ngx_http_lua_timer_ctx_t *) p; + tctx->delay = every ? delay : 0; + tctx->premature = 0; tctx->co_ref = co_ref; tctx->co = co; @@ -338,6 +366,164 @@ ngx_http_lua_ngx_timer_at(lua_State *L) } +static ngx_int_t +ngx_http_lua_timer_copy(ngx_http_lua_timer_ctx_t *old_tctx) +{ + int nargs, co_ref, i; + u_char *p; + lua_State *vm; /* the main thread */ + lua_State *co; + lua_State *L; + ngx_event_t *ev = NULL; + ngx_http_lua_timer_ctx_t *tctx = NULL; + ngx_http_lua_main_conf_t *lmcf; + + /* L stack: func [args] */ + L = old_tctx->co; + + lmcf = old_tctx->lmcf; + + vm = old_tctx->vm_state ? old_tctx->vm_state->vm : lmcf->lua; + + co = lua_newthread(vm); + + lua_createtable(co, 0, 0); /* the new globals table */ + + /* co stack: global_tb */ + + lua_createtable(co, 0, 1); /* the metatable */ + ngx_http_lua_get_globals_table(co); + lua_setfield(co, -2, "__index"); + lua_setmetatable(co, -2); + + /* co stack: global_tb */ + + ngx_http_lua_set_globals_table(co); + + /* co stack: */ + + dd("stack top: %d", lua_gettop(L)); + + lua_xmove(vm, L, 1); /* move coroutine from main thread to L */ + + /* L stack: func [args] thread */ + /* vm stack: empty */ + + lua_pushvalue(L, 1); /* copy entry function to top of L*/ + + /* L stack: func [args] thread func */ + + lua_xmove(L, co, 1); /* move entry function from L to co */ + + /* L stack: func [args] thread */ + /* co stack: func */ + + ngx_http_lua_get_globals_table(co); + lua_setfenv(co, -2); + + /* co stack: func */ + + lua_pushlightuserdata(L, &ngx_http_lua_coroutines_key); + lua_rawget(L, LUA_REGISTRYINDEX); + + /* L stack: func [args] thread coroutines */ + + lua_pushvalue(L, -2); + + /* L stack: func [args] thread coroutines thread */ + + co_ref = luaL_ref(L, -2); + lua_pop(L, 2); + + /* L stack: func [args] */ + + nargs = lua_gettop(L); + if (nargs > 1) { + for (i = 2; i <= nargs; i++) { + lua_pushvalue(L, i); + } + + /* L stack: func [args] [args] */ + + lua_xmove(L, co, nargs - 1); + + /* L stack: func [args] */ + /* co stack: func [args] */ + } + + p = ngx_alloc(sizeof(ngx_event_t) + sizeof(ngx_http_lua_timer_ctx_t), + ngx_cycle->log); + if (p == NULL) { + goto nomem; + } + + ev = (ngx_event_t *) p; + + ngx_memzero(ev, sizeof(ngx_event_t)); + + p += sizeof(ngx_event_t); + + tctx = (ngx_http_lua_timer_ctx_t *) p; + + ngx_memcpy(tctx, old_tctx, sizeof(ngx_http_lua_timer_ctx_t)); + + tctx->co_ref = co_ref; + tctx->co = co; + + tctx->pool = ngx_create_pool(128, ngx_cycle->log); + if (tctx->pool == NULL) { + goto nomem; + } + + if (tctx->client_addr_text.len) { + tctx->client_addr_text.data = ngx_palloc(tctx->pool, + tctx->client_addr_text.len); + if (tctx->client_addr_text.data == NULL) { + goto nomem; + } + + ngx_memcpy(tctx->client_addr_text.data, old_tctx->client_addr_text.data, + tctx->client_addr_text.len); + } + + if (tctx->vm_state) { + tctx->vm_state->count++; + } + + ev->handler = ngx_http_lua_timer_handler; + ev->data = tctx; + ev->log = ngx_cycle->log; + + lmcf->pending_timers++; + + ngx_add_timer(ev, tctx->delay); + + return NGX_OK; + +nomem: + + if (tctx && tctx->pool) { + ngx_destroy_pool(tctx->pool); + } + + if (ev) { + ngx_free(ev); + } + + /* L stack: func [args] */ + + lua_pushlightuserdata(L, &ngx_http_lua_coroutines_key); + lua_rawget(L, LUA_REGISTRYINDEX); + luaL_unref(L, -1, co_ref); + + /* L stack: func [args] coroutines */ + + lua_pop(L, 1); + + return NGX_ERROR; +} + + static void ngx_http_lua_timer_handler(ngx_event_t *ev) { @@ -364,6 +550,15 @@ ngx_http_lua_timer_handler(ngx_event_t *ev) lmcf->pending_timers--; + if (!ngx_exiting && tctx.delay > 0) { + rc = ngx_http_lua_timer_copy(&tctx); + if (rc != NGX_OK) { + ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0, + "failed to create the next timer of delay %ud ms", + (unsigned) tctx.delay); + } + } + if (lmcf->running_timers >= lmcf->max_running_timers) { ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, 0, "%i lua_max_running_timers are not enough", diff --git a/t/062-count.t b/t/062-count.t index c3973adc2f..a69c33edb9 100644 --- a/t/062-count.t +++ b/t/062-count.t @@ -323,7 +323,7 @@ ngx. entry count: 116 --- request GET /test --- response_body -n = 3 +n = 4 --- no_error_log [error] diff --git a/t/152-timer-every.t b/t/152-timer-every.t new file mode 100644 index 0000000000..5026ed086c --- /dev/null +++ b/t/152-timer-every.t @@ -0,0 +1,381 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: +use Test::Nginx::Socket::Lua; + +#worker_connections(1014); +#master_on(); +#workers(2); +#log_level('warn'); + +repeat_each(2); + +plan tests => repeat_each() * (blocks() * 7 + 2); + +#no_diff(); +no_long_string(); + +our $HtmlDir = html_dir; + +$ENV{TEST_NGINX_MEMCACHED_PORT} ||= 11211; +$ENV{TEST_NGINX_HTML_DIR} = $HtmlDir; + +worker_connections(1024); +run_tests(); + +__DATA__ + +=== TEST 1: simple very +--- config + location /t { + content_by_lua_block { + local begin = ngx.now() + local function f(premature) + print("elapsed: ", ngx.now() - begin) + print("timer prematurely expired: ", premature) + end + + local ok, err = ngx.timer.every(0.05, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + + ngx.say("registered timer") + } + } +--- request +GET /t +--- response_body +registered timer +--- wait: 0.11 +--- no_error_log +[error] +[alert] +[crit] +timer prematurely expired: true +--- error_log eval +[ +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: elapsed: 0\.0(?:4[4-9]|5[0-6])\d*, context: ngx\.timer, client: \d+\.\d+\.\d+\.\d+, server: 0\.0\.0\.0:\d+/, +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: elapsed: 0\.(?:09|10)\d*, context: ngx\.timer, client: \d+\.\d+\.\d+\.\d+, server: 0\.0\.0\.0:\d+/, +"lua ngx.timer expired", +"http lua close fake http connection", +"timer prematurely expired: false", +] + + + +=== TEST 2: separated global env +--- config + location /t { + content_by_lua_block { + local begin = ngx.now() + local function f() + foo = 3 + print("foo in timer: ", foo) + end + local ok, err = ngx.timer.every(0.05, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + ngx.sleep(0.11) + ngx.say("foo = ", foo) + } + } +--- request +GET /t +--- response_body +foo = nil +--- wait: 0.12 +--- no_error_log +[error] +[alert] +[crit] +--- error_log eval +[ +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: foo in timer: 3/, +"lua ngx.timer expired", +"http lua close fake http connection" +] + + + +=== TEST 3: lua variable sharing via upvalue +--- config + location /t { + content_by_lua_block { + local begin = ngx.now() + local foo = 0 + local function f() + foo = foo + 3 + print("foo in timer: ", foo) + end + local ok, err = ngx.timer.every(0.05, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + ngx.say("registered timer") + ngx.sleep(0.11) + ngx.say("foo = ", foo) + } + } +--- request +GET /t +--- response_body +registered timer +foo = 6 +--- wait: 0.12 +--- no_error_log +[error] +[alert] +[crit] +--- error_log eval +[ +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: foo in timer: 3/, +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: foo in timer: 6/, +"lua ngx.timer expired", +"http lua close fake http connection" +] + + + +=== TEST 4: create the next timer immediately when timer start running +--- config + location /t { + content_by_lua_block { + local begin = ngx.now() + local foo = 0 + local function f() + foo = foo + 3 + print("foo in timer: ", foo) + + ngx.sleep(0.1) + end + local ok, err = ngx.timer.every(0.05, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + ngx.say("registered timer") + ngx.sleep(0.11) + ngx.say("foo = ", foo) + } + } +--- request +GET /t +--- response_body +registered timer +foo = 6 +--- wait: 0.12 +--- no_error_log +[error] +[alert] +[crit] +--- error_log eval +[ +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: foo in timer: 3/, +qr/\[lua\] content_by_lua\(nginx\.conf:\d+\):\d+: foo in timer: 6/, +"lua ngx.timer expired", +"http lua close fake http connection" +] + + + +=== TEST 5: callback args +--- config + location /t { + content_by_lua_block { + local n = 0 + + local function f(premature, a, b, c) + n = n + 1 + print("the ", n, " time, args: ", a, ", ", b, ", ", c) + + a, b, c = 0, 0, 0 + end + + local ok, err = ngx.timer.every(0.05, f, 1, 2) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + + ngx.say("registered timer") + ngx.sleep(0.11) + } + } +--- request +GET /t +--- response_body +registered timer +--- wait: 0.12 +--- no_error_log +[error] +[alert] +[crit] +--- error_log eval +[ +"the 1 time, args: 1, 2, nil", +"the 2 time, args: 1, 2, nil", +"lua ngx.timer expired", +"http lua close fake http connection" +] + + + +=== TEST 6: memory leak check +--- config + location /t { + content_by_lua_block { + local function f() + local a = 1 + -- do nothing + end + + for i = 1, 100 do + local ok, err = ngx.timer.every(0.1, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + end + + ngx.say("registered timer") + + collectgarbage("collect") + local start = collectgarbage("count") + + ngx.sleep(0.21) + + collectgarbage("collect") + local growth1 = collectgarbage("count") - start + + ngx.sleep(0.51) + + collectgarbage("collect") + local growth2 = collectgarbage("count") - start + + ngx.say("growth1 == growth2: ", growth1 == growth2) + } + } +--- request +GET /t +--- response_body +registered timer +growth1 == growth2: true +--- no_error_log +[error] +[alert] +[crit] + + + +=== TEST 7: respect lua_max_pending_timers +--- http_config + lua_max_pending_timers 10; +--- config + location /t { + content_by_lua_block { + local function f() + local a = 1 + -- do nothing + end + + for i = 1, 11 do + local ok, err = ngx.timer.every(0.1, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + end + + ngx.say("registered 10 timers") + } + } +--- request +GET /t +--- response_body +failed to set timer: too many pending timers +--- no_error_log +[error] +[alert] +[crit] + + + +=== TEST 8: respect lua_max_running_timers +--- http_config + lua_max_pending_timers 100; + lua_max_running_timers 9; +--- config + location /t { + content_by_lua_block { + local function f() + local a = 1 + ngx.sleep(0.02) + -- do nothing + end + + for i = 1, 10 do + local ok, err = ngx.timer.every(0.01, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + end + + ngx.say("registered 10 timers") + + ngx.sleep(0.03) + } + } +--- request +GET /t +--- response_body +registered 10 timers +--- no_error_log +[error] +[crit] +--- error_log +lua_max_running_timers are not enough + + + +=== TEST 9: lua_code_cache off +--- http_config + lua_code_cache off; +--- config + location /t { + content_by_lua_block { + local function f() + local a = 1 + -- do nothing + end + + local ok, err = ngx.timer.every(0.01, f) + if not ok then + ngx.say("failed to set timer: ", err) + return + end + + collectgarbage("collect") + ngx.say("registered timer") + + ngx.sleep(0.03) + + collectgarbage("collect") + + ngx.sleep(0.03) + + collectgarbage("collect") + ngx.say("ok") + } + } +--- request +GET /t +--- response_body +registered timer +ok +--- no_error_log +[error] +[crit] From 2dd44623d7823c89ee081e10cf5346f5a8972ef4 Mon Sep 17 00:00:00 2001 From: Datong Sun Date: Mon, 24 Apr 2017 15:15:08 -0700 Subject: [PATCH 100/136] feature: ngx.sleep(0) now always yield the control to the nginx event loop. This can be used to do voluntary CPU time slicing when running CPU intensive computations on the Lua land and to avoid such computations from blocking the nginx event loop for too long. This feature requires OpenResty's delayed-posted-event patch for the nginx core. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_sleep.c | 30 ++++++++++-- t/077-sleep.t | 100 ++++++++++++++++++++++++++++++++++++++- 2 files changed, 125 insertions(+), 5 deletions(-) diff --git a/src/ngx_http_lua_sleep.c b/src/ngx_http_lua_sleep.c index 4c0d016672..ffee97f84b 100644 --- a/src/ngx_http_lua_sleep.c +++ b/src/ngx_http_lua_sleep.c @@ -72,10 +72,25 @@ ngx_http_lua_ngx_sleep(lua_State *L) coctx->sleep.data = coctx; coctx->sleep.log = r->connection->log; - dd("adding timer with delay %lu ms, r:%.*s", (unsigned long) delay, - (int) r->uri.len, r->uri.data); + if (delay == 0) { +#ifdef HAVE_POSTED_DELAYED_EVENTS_PATCH + dd("posting 0 sec sleep event to head of delayed queue"); + + coctx->sleep.delayed = 1; + ngx_post_event(&coctx->sleep, &ngx_posted_delayed_events); +#else + ngx_log_error(NGX_LOG_WARN, r->connection->log, 0, "ngx.sleep(0)" + " called without delayed events patch, this will" + " hurt performance"); + ngx_add_timer(&coctx->sleep, (ngx_msec_t) delay); +#endif - ngx_add_timer(&coctx->sleep, (ngx_msec_t) delay); + } else { + dd("adding timer with delay %lu ms, r:%.*s", (unsigned long) delay, + (int) r->uri.len, r->uri.data); + + ngx_add_timer(&coctx->sleep, (ngx_msec_t) delay); + } ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0, "lua ready to sleep for %d ms", delay); @@ -147,6 +162,15 @@ ngx_http_lua_sleep_cleanup(void *data) ngx_del_timer(&coctx->sleep); } + +#ifdef HAVE_POSTED_DELAYED_EVENTS_PATCH + if (coctx->sleep.posted) { + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, ngx_cycle->log, 0, + "lua clean up the posted event for pending ngx.sleep"); + + ngx_delete_posted_event(&coctx->sleep); + } +#endif } diff --git a/t/077-sleep.t b/t/077-sleep.t index 7d295c2b5d..96f04bd98e 100644 --- a/t/077-sleep.t +++ b/t/077-sleep.t @@ -9,10 +9,10 @@ log_level('debug'); repeat_each(2); -plan tests => repeat_each() * 63; +plan tests => repeat_each() * 71; #no_diff(); -#no_long_string(); +no_long_string(); run_tests(); __DATA__ @@ -404,3 +404,99 @@ ok --- no_error_log [error] [alert] + + + +=== TEST 16: sleep 0 +--- config + location /t { + content_by_lua_block { + local function f (n) + print("f begin ", n) + ngx.sleep(0) + print("f middle ", n) + ngx.sleep(0) + print("f end ", n) + ngx.sleep(0) + end + + for i = 1, 3 do + assert(ngx.thread.spawn(f, i)) + end + + ngx.say("ok") + } + } +--- request +GET /t +--- response_body +ok +--- no_error_log +[error] +--- grep_error_log eval: qr/\bf (?:begin|middle|end)\b|\bworker cycle$|\be?poll timer: \d+$/ +--- grep_error_log_out eval +qr/f begin +f begin +f begin +worker cycle +e?poll timer: 0 +f middle +f middle +f middle +worker cycle +e?poll timer: 0 +f end +f end +f end +worker cycle +e?poll timer: 0 +/ + + + +=== TEST 17: sleep short times less than 1ms +--- config + location /t { + content_by_lua_block { + local delay = 0.0005 + + local function f (n) + print("f begin ", n) + ngx.sleep(delay) + print("f middle ", n) + ngx.sleep(delay) + print("f end ", n) + ngx.sleep(delay) + end + + for i = 1, 3 do + assert(ngx.thread.spawn(f, i)) + end + + ngx.say("ok") + } + } +--- request +GET /t +--- response_body +ok +--- no_error_log +[error] +--- grep_error_log eval: qr/\bf (?:begin|middle|end)\b|\bworker cycle$|\be?poll timer: \d+$/ +--- grep_error_log_out eval +qr/f begin +f begin +f begin +worker cycle +e?poll timer: 0 +f middle +f middle +f middle +worker cycle +e?poll timer: 0 +f end +f end +f end +worker cycle +e?poll timer: 0 +/ From c1317e412f98c3de6502f3f4be6f5b883971065d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 15 May 2017 15:52:32 -0700 Subject: [PATCH 101/136] travis-ci: we no longer want to cover nginx 1.9.15. --- .travis.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 359c8cc654..14ee63603c 100644 --- a/.travis.yml +++ b/.travis.yml @@ -49,7 +49,6 @@ env: - DRIZZLE_VER=2011.07.21 - TEST_NGINX_SLEEP=0.006 matrix: - - NGINX_VERSION=1.9.15 - NGINX_VERSION=1.11.2 services: From 0c297939930b2f391738a28eca30b1bca015fffa Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Thu, 18 May 2017 10:00:04 -0700 Subject: [PATCH 102/136] doc: made it explicit that shdict methods are all atomic. --- README.markdown | 2 ++ doc/HttpLuaModule.wiki | 2 ++ 2 files changed, 4 insertions(+) diff --git a/README.markdown b/README.markdown index 24f10731da..e7808cd131 100644 --- a/README.markdown +++ b/README.markdown @@ -6199,6 +6199,8 @@ The resulting object `dict` has the following methods: * [flush_expired](#ngxshareddictflush_expired) * [get_keys](#ngxshareddictget_keys) +All these methods are *atomic* operations, that is, safe from concurrent accesses from multiple nginx worker processes for the same `lua_shared_dict` zone. + Here is an example: ```nginx diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 1e8d0295b8..84fd00045f 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -5197,6 +5197,8 @@ The resulting object dict has the following methods: * [[#ngx.shared.DICT.flush_expired|flush_expired]] * [[#ngx.shared.DICT.get_keys|get_keys]] +All these methods are ''atomic'' operations, that is, safe from concurrent accesses from multiple nginx worker processes for the same lua_shared_dict zone. + Here is an example: From 993aec8eb4e60320c47b5bcfac722339f481a301 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 22 May 2017 11:29:42 -0700 Subject: [PATCH 103/136] refactor: removed the obsolete util/gdbinit script script. we have much better tools in openresty-gdb-utils already. --- util/gdbinit | 415 --------------------------------------------------- 1 file changed, 415 deletions(-) delete mode 100644 util/gdbinit diff --git a/util/gdbinit b/util/gdbinit deleted file mode 100644 index 1508c64684..0000000000 --- a/util/gdbinit +++ /dev/null @@ -1,415 +0,0 @@ -# This gdb script provides several useful routines for debugging ngx_lua or -# standalone Lua/LuaJIT. -# -# You need gdb >= v7.3 to make this script working correctly. -# -# Installation: place it at $HOME/.gdbinit -# -# -- chaoslawful gmail com - -#### Lua type defines #### - -set $__LUA_TNONE = -1 -set $__LUA_TNIL = 0 -set $__LUA_TBOOLEAN = 1 -set $__LUA_TLIGHTUSERDATA = 2 -set $__LUA_TNUMBER = 3 -set $__LUA_TSTRING = 4 -set $__LUA_TTABLE = 5 -set $__LUA_TFUNCTION = 6 -set $__LUA_TUSERDATA = 7 -set $__LUA_TTHREAD = 8 - -#### Lua constants #### - -set $__LUA_GLOBALSINDEX = -10002 -set $__LUA_ENVIRONINDEX = -10001 -set $__LUA_REGISTRYINDEX = -10000 - -#### Auxiliary methods #### - -define __lua_debug_instance - if !$__lua_debug_instance - set $__lua_debug_instance = (lua_Debug*)malloc(sizeof(lua_Debug)) - end -end - -define __free_lua_debug_instance - if $__lua_debug_instance - set $rc = free($__lua_debug_instance) - set $__lua_debug_instance = 0 - end -end - -set $__BUCKET_SIZE = 16 -define __set_instance - if !$__set_instance - set $__set_instance = (void*(*(*))[2])malloc($__BUCKET_SIZE*sizeof(void*(*)[2])) - set $rc = memset($__set_instance, 0, $__BUCKET_SIZE*sizeof(void*(*)[2])) - end -end - -define __free_set_instance - if $__set_instance - __set_clean - set $rc = free($__set_instance) - set $__set_instance = 0 - end -end - -define __set_add - set $p = (void*)$arg0 - set $__bkt_idx = (int)$p%$__BUCKET_SIZE - - __set_instance - set $__elem = (void*(*)[2])$__set_instance[$__bkt_idx] - set $__found = 0 - while $__elem - if (*$__elem)[0] == $p - set $__found = 1 - loop_break - end - set $__elem = (void*(*)[2])(*$__elem)[1] - end - if $__found - set $existed_in_set = 1 - else - set $existed_in_set = 0 - - set $rc = (void*(*)[2])calloc(1, sizeof(void*)*2) - set (*$rc)[0] = $p - set (*$rc)[1] = $__set_instance[$__bkt_idx] - set $__set_instance[$__bkt_idx] = $rc - end -end - -define __set_is_exist - set $p = (void*)$arg0 - set $__bkt_idx = (int)$p%$__BUCKET_SIZE - - __set_instance - set $__elem = (void*(*)[2])$__set_instance[$__bkt_idx] - set $__found = 0 - while $__elem - if (*$__elem)[0] == $p - set $__found = 1 - loop_break - end - set $__elem = (void*(*)[2])(*$__elem)[1] - end - if $__found - set $existed_in_set = 1 - else - set $existed_in_set = 0 - end -end - -define __set_clean - __set_instance - - set $__bkt_idx = 0 - while $__bkt_idx < $__BUCKET_SIZE - set $__elem = (void*(*)[2])$__set_instance[$__bkt_idx] - while $__elem - set $__next = (void*(*)[2])(*$__elem)[1] - set $rc = free($__elem) - set $__elem = $__next - end - set $__set_instance[$__bkt_idx] = 0 - set $__bkt_idx = $__bkt_idx+1 - end -end - -define hook-quit - __free_lua_debug_instance - __free_set_instance -end - -define hook-detach - __free_lua_debug_instance - __free_set_instance -end - -define hook-disconnect - __free_lua_debug_instance - __free_set_instance -end - -define _lua_pop - set $l = (lua_State*)$arg0 - set $_n = (int)$arg1 - set $_rc = lua_settop($l, -$_n-1) -end - -define _lua_dump_locals - set $l = (lua_State*)$arg0 - set $dbg = (lua_Debug*)$arg1 - set $idx = 1 - - set $rc = lua_getlocal($l, $dbg, $idx) - if $rc - printf "\t----[[ Locals ]]----\n" - while $rc - printf "\t%d:\t'%s' = ", $idx, $rc - __lua_dump_stack $l -1 - printf "\n" - - _lua_pop $l 1 - set $idx = $idx + 1 - set $rc = lua_getlocal($l, $dbg, $idx) - end - else - printf "\tNo locals!\n" - end - printf "\n" -end - -define _lua_dump_upvalues - set $l = (lua_State*)$arg0 - set $dbg = (lua_Debug*)$arg1 - set $idx = 1 - - set $rc = lua_getinfo($l, "f", $dbg) - if $rc - set $rc = lua_getupvalue($l, -1, $idx) - if $rc - printf "\t----[[ Upvalues ]]----\n" - while $rc - printf "\t%d:\t'%s' = ", $idx, $rc - __lua_dump_stack $l -1 - printf "\n" - - _lua_pop $l 1 - set $idx = $idx + 1 - set $rc = lua_getupvalue($l, -1, $idx) - end - else - printf "\tNo upvalues!\n" - end - _lua_pop $l 1 - else - printf "\tFailed to get function closure!\n" - end - printf "\n" -end - -define __lua_dump_stack - __set_clean - __lua_dump_stack_aux $arg0 $arg1 0 -end - -define __lua_dump_stack_aux - set $l = (lua_State*)$arg0 - set $nidx_$arg2 = (int)$arg1 - set $cidx_$arg2 = (int)$arg2+1 - - # relative stack index to absolute index - if $nidx_$arg2 < 0 && $nidx_$arg2 > $__LUA_REGISTRYINDEX - set $nidx_$arg2 = $nidx_$arg2 + (int)lua_gettop($l) + 1 - end - - set $vt_$arg2 = (int)lua_type($l, $nidx_$arg2) - - if $vt_$arg2 == $__LUA_TNONE - echo - end - if $vt_$arg2 == $__LUA_TNIL - echo (nil) - end - if $vt_$arg2 == $__LUA_TBOOLEAN - printf "(bool) %d", lua_toboolean($l, $nidx_$arg2) - end - if $vt_$arg2 == $__LUA_TLIGHTUSERDATA - printf "(ludata) %p", lua_touserdata($l, $nidx_$arg2) - end - if $vt_$arg2 == $__LUA_TNUMBER - printf "%g", lua_tonumber($l, $nidx_$arg2) - end - if $vt_$arg2 == $__LUA_TSTRING - set $tmplen = (size_t*)malloc(sizeof(size_t)) - set $tmp = lua_pushvalue($l, $nidx_$arg2) - set $tmp = lua_tolstring($l, -1, $tmplen) -#printf "(string:%d) ", *$tmplen - eval "output/r *(const char (*)[%d])$tmp", *$tmplen - _lua_pop $l 1 - set $tmp = free($tmplen) - end - if $vt_$arg2 == $__LUA_TTABLE - set $rc = lua_topointer($l, $nidx_$arg2) -#printf "(table) %p { ", $rc - printf "{ " - __set_add $rc - if $existed_in_set - printf "... " - else - set $rc = lua_pushnil($l) - set $rc = lua_next($l, $nidx_$arg2) - while $rc != 0 - printf "[" - __lua_dump_stack_aux $l -2 $cidx_$arg2 - printf "]" - printf " = " - __lua_dump_stack_aux $l -1 $cidx_$arg2 - printf ", " - _lua_pop $l 1 - set $rc = lua_next($l, $nidx_$arg2) - end - end - printf "}" - end - if $vt_$arg2 == $__LUA_TFUNCTION - printf "(func) %p", lua_topointer($l, $nidx_$arg2) - end - if $vt_$arg2 == $__LUA_TUSERDATA - printf "(udata) %p", lua_topointer($l, $nidx_$arg2) - end - if $vt_$arg2 == $__LUA_TTHREAD - printf "(thread) %p", lua_topointer($l, $nidx_$arg2) - else - if $vt_$arg2 > $__LUA_TTHREAD || $vt_$arg2 < 0 - echo - end - end -end - -#### Command methods #### - -define lbt - if $argc < 1 - echo Please specify Lua state and/or dump flag!\n - else - set $l = (lua_State*)$arg0 - if $argc > 1 - set $dump_local = ($arg1&1)==1 - set $dump_upvalue = ($arg1&2)==2 - else - set $dump_local = 0 - set $dump_upvalue = 0 - end - - __lua_debug_instance - set $dbg = $__lua_debug_instance - - set $level = 0 - set $rc = lua_getstack($l, $level, $dbg) - while $rc > 0 - set $rc = lua_getinfo($l, "Sln", $dbg) - set $name = $dbg->name - if !$name - set $name = "???" - end - - printf "#%d\t%s\t[%s]\tat %s:%d\n", $level, $name, $dbg->what, $dbg->source, $dbg->currentline - - if $dump_local - _lua_dump_locals $l $dbg - end - if $dump_upvalue - _lua_dump_upvalues $l $dbg - end - - set $level = $level+1 - set $rc = lua_getstack($l, $level, $dbg) - end - end -end - -document lbt -lbt []: Dump the backtrace of the specified Lua state. is a mask value, whose bit 1/2 controls the dump of locals/upvalues at each stack frame correspondingly. So set to 1 dumps only locals; set to 2 dumps only upvalues; and set to 3 dumps both locals and upvalues. -end - -define ll - if $argc != 2 - echo Please specify Lua state and stack frame number (0-based)!\n - else - set $l = (lua_State*)$arg0 - set $level = (int)$arg1 - - __lua_debug_instance - set $dbg = $__lua_debug_instance - - set $rc = lua_getstack($l, $level, $dbg) - if $rc > 0 - _lua_dump_locals $l $dbg - else - echo Failed to get Lua stack frame!\n - end - end -end - -document ll -ll : Dump all local vars in the specified Lua stack frame (0-based). -end - -define lu - if $argc != 2 - echo Please specify Lua state and stack frame number (0-based)!\n - else - set $l = (lua_State*)$arg0 - set $level = (int)$arg1 - - __lua_debug_instance - set $dbg = $__lua_debug_instance - - set $rc = lua_getstack($l, $level, $dbg) - if $rc > 0 - _lua_dump_upvalues $l $dbg - else - echo Failed to get Lua stack frame!\n - end - end -end - -document lu -lu : Dump all upvalues in the specified Lua stack frame (0-based). -end - -define lg - if $argc != 1 - echo Please specify Lua state!\n - else - set $l = (lua_State*)$arg0 - __lua_dump_stack $l $__LUA_GLOBALSINDEX - printf "\n" - end -end - -document lg -lg : Dump all entries in Lua global table. -end - -define lr - if $argc != 1 - echo Please specify Lua state!\n - else - set $l = (lua_State*)$arg0 - __lua_dump_stack $l $__LUA_REGISTRYINDEX - printf "\n" - end -end - -document lr -lr : Dump all entries in Lua registry table. -end - -define ls - if $argc != 1 - echo Please specify Lua state!\n - else - set $l = (lua_State*)$arg0 - set $idx = lua_gettop($l) - while $idx >= 1 - printf "#%d ", $idx - __lua_dump_stack $l $idx - printf "\n" - set $idx = $idx - 1 - end - end -end - -document ls -ls : Dump all entries in call stack. -end - -# vi:ft=gdb ts=4 sw=4 - From e80d2925717d57dffadff3b5ec76519467e7494b Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 23 May 2017 22:23:28 -0700 Subject: [PATCH 104/136] tests: ssl: avoided those domains using startcom ssl certificates. --- t/129-ssl-socket.t | 219 ++++++++++++++++++++++--------------------- t/cert/comodo-ca.crt | 29 ++++++ t/cert/startcom.crt | 87 ----------------- 3 files changed, 139 insertions(+), 196 deletions(-) create mode 100644 t/cert/comodo-ca.crt delete mode 100644 t/cert/startcom.crt diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t index 726b4423c9..928701f521 100644 --- a/t/129-ssl-socket.t +++ b/t/129-ssl-socket.t @@ -26,7 +26,7 @@ sub read_file { $cert; } -our $StartComRootCertificate = read_file("t/cert/startcom.crt"); +our $ComodoRootCertificate = read_file("t/cert/comodo-ca.crt"); our $EquifaxRootCertificate = read_file("t/cert/equifax.crt"); our $TestCertificate = read_file("t/cert/test.crt"); our $TestCertificateKey = read_file("t/cert/test.key"); @@ -135,7 +135,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("g.sregex.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -151,7 +151,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: g.sregex.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -180,8 +180,8 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 57 bytes. -received: HTTP/1.1 401 Unauthorized +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -207,12 +207,12 @@ SSL reused session #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; - content_by_lua ' + content_by_lua_block { local sock = ngx.socket.tcp() sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -220,7 +220,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -228,7 +228,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\r\nHost: openresty.org\r\nConnection: close\r\n\r\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -249,7 +249,7 @@ SSL reused session ngx.say("close: ", ok, " ", err) end -- do collectgarbage() - '; + } } --- request @@ -257,8 +257,8 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -268,7 +268,7 @@ qr/^lua ssl save session: ([0-9A-F]+):2 lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" --- no_error_log SSL reused session [error] @@ -281,6 +281,7 @@ SSL reused session --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; + lua_ssl_protocols TLSv1.2; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -293,7 +294,7 @@ SSL reused session local session for i = 1, 2 do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("agentzh.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -301,7 +302,7 @@ SSL reused session ngx.say("connected: ", ok) - session, err = sock:sslhandshake(session, "iscribblet.org") + session, err = sock:sslhandshake(session, "agentzh.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -309,7 +310,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: agentzh.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -340,12 +341,12 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. +sent http request: 56 bytes. received: HTTP/1.1 200 OK close: 1 nil connected: 1 ssl handshake: userdata -sent http request: 59 bytes. +sent http request: 56 bytes. received: HTTP/1.1 200 OK close: 1 nil @@ -371,7 +372,7 @@ lua ssl free session === TEST 5: certificate does not match host name (verify) -The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.org". +The certificate of "openresty.org" does not contain the name "blah.openresty.org". --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -386,7 +387,7 @@ The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.o sock:settimeout(2000) do - local ok, err = sock:connect("agentzh.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -394,14 +395,14 @@ The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.o ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "blah.agentzh.org", true) + local session, err = sock:sslhandshake(nil, "blah.openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) else ngx.say("ssl handshake: ", type(session)) end - local req = "GET / HTTP/1.1\\r\\nHost: agentzh.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -427,7 +428,7 @@ The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.o --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -440,8 +441,8 @@ failed to send http request: closed --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ --- grep_error_log_out --- error_log -lua ssl server name: "blah.agentzh.org" -lua ssl certificate does not match host "blah.agentzh.org" +lua ssl server name: "blah.openresty.org" +lua ssl certificate does not match host "blah.openresty.org" --- no_error_log SSL reused session [alert] @@ -450,7 +451,7 @@ SSL reused session === TEST 6: certificate does not match host name (verify, no log socket errors) -The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.org". +The certificate for "openresty.org" does not contain the name "blah.openresty.org". --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -466,7 +467,7 @@ The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.o sock:settimeout(2000) do - local ok, err = sock:connect("agentzh.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -474,14 +475,14 @@ The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.o ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "blah.agentzh.org", true) + local session, err = sock:sslhandshake(nil, "blah.openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) else ngx.say("ssl handshake: ", type(session)) end - local req = "GET / HTTP/1.1\\r\\nHost: blah.agentzh.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: blah.openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -507,7 +508,7 @@ The certificate for "blah.agentzh.org" does not contain the name "blah.agentzh.o --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -520,7 +521,7 @@ failed to send http request: closed --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ --- grep_error_log_out --- error_log -lua ssl server name: "blah.agentzh.org" +lua ssl server name: "blah.openresty.org" --- no_error_log lua ssl certificate does not match host SSL reused session @@ -542,7 +543,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("agentzh.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -550,7 +551,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "agentzh.org", false) + local session, err = sock:sslhandshake(nil, "openresty.org", false) if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -558,7 +559,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: agentzh.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -587,8 +588,8 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 56 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -599,7 +600,7 @@ lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "agentzh.org" +lua ssl server name: "openresty.org" --- no_error_log SSL reused session [error] @@ -608,7 +609,7 @@ SSL reused session -=== TEST 8: iscribblet.org: passing SSL verify +=== TEST 8: openresty.org: passing SSL verify --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -623,7 +624,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -631,7 +632,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org", true) + local session, err = sock:sslhandshake(nil, "openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -639,7 +640,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -665,15 +666,15 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -684,7 +685,7 @@ lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" --- no_error_log SSL reused session [error] @@ -708,7 +709,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -716,14 +717,14 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org", true) + local session, err = sock:sslhandshake(nil, "openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) else ngx.say("ssl handshake: ", type(session)) end - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -749,7 +750,7 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -762,7 +763,7 @@ failed to send http request: closed --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ --- grep_error_log_out --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" lua ssl certificate verify error: (20: unable to get local issuer certificate) --- no_error_log SSL reused session @@ -787,7 +788,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -795,14 +796,14 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org", true) + local session, err = sock:sslhandshake(nil, "openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) else ngx.say("ssl handshake: ", type(session)) end - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -828,7 +829,7 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -841,7 +842,7 @@ failed to send http request: closed --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ --- grep_error_log_out --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" --- no_error_log lua ssl certificate verify error SSL reused session @@ -1010,7 +1011,7 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -1030,7 +1031,7 @@ SSL reused session -=== TEST 13: iscribblet.org: passing SSL verify with multiple certificates +=== TEST 13: openresty.org: passing SSL verify with multiple certificates --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -1045,7 +1046,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1053,7 +1054,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org", true) + local session, err = sock:sslhandshake(nil, "openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -1061,7 +1062,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -1088,15 +1089,15 @@ SSL reused session --- user_files eval ">>> trusted.crt $::EquifaxRootCertificate -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -1107,7 +1108,7 @@ lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" --- no_error_log SSL reused session [error] @@ -1129,7 +1130,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1137,7 +1138,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -1145,7 +1146,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -1174,8 +1175,8 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -1185,8 +1186,8 @@ qr/^lua ssl save session: ([0-9A-F]+):2 lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" -SSL: TLSv1.2, cipher: "ECDHE-RSA-RC4-SHA SSLv3 +lua ssl server name: "openresty.org" +SSL: TLSv1.2, cipher: "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 --- no_error_log SSL reused session [error] @@ -1199,7 +1200,7 @@ SSL reused session --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; - lua_ssl_ciphers RC4-SHA; + lua_ssl_ciphers ECDHE-RSA-AES256-SHA; location /t { #set $port 5000; set $port $TEST_NGINX_MEMCACHED_PORT; @@ -1209,7 +1210,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1217,7 +1218,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -1225,7 +1226,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -1254,8 +1255,8 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -1265,8 +1266,8 @@ qr/^lua ssl save session: ([0-9A-F]+):2 lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" -SSL: TLSv1.2, cipher: "RC4-SHA SSLv3 +lua ssl server name: "openresty.org" +SSL: TLSv1.2, cipher: "ECDHE-RSA-AES256-SHA --- no_error_log SSL reused session [error] @@ -1289,7 +1290,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1297,7 +1298,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -1305,7 +1306,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -1334,8 +1335,8 @@ GET /t --- response_body connected: 1 ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -1345,8 +1346,8 @@ qr/^lua ssl save session: ([0-9A-F]+):2 lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" -SSL: TLSv1, cipher: "ECDHE-RSA-RC4-SHA SSLv3 +lua ssl server name: "openresty.org" +SSL: TLSv1, cipher: "ECDHE-RSA-AES128-SHA --- no_error_log SSL reused session [error] @@ -1370,7 +1371,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1378,14 +1379,14 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) else ngx.say("ssl handshake: ", type(session)) end - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -1422,7 +1423,7 @@ failed to send http request: closed --- error_log eval [ qr/\[crit\] .*?SSL_do_handshake\(\) failed .*?unsupported protocol/, -'lua ssl server name: "iscribblet.org"', +'lua ssl server name: "openresty.org"', ] --- no_error_log SSL reused session @@ -1432,7 +1433,7 @@ SSL reused session -=== TEST 18: iscribblet.org: passing SSL verify: keepalive (reuse the ssl session) +=== TEST 18: openresty.org: passing SSL verify: keepalive (reuse the ssl session) --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -1450,7 +1451,7 @@ SSL reused session local session for i = 1, 3 do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1458,7 +1459,7 @@ SSL reused session ngx.say("connected: ", ok) - session, err = sock:sslhandshake(session, "iscribblet.org", true) + session, err = sock:sslhandshake(session, "openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -1477,7 +1478,7 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -1509,7 +1510,7 @@ SSL reused session -=== TEST 19: iscribblet.org: passing SSL verify: keepalive (no reusing the ssl session) +=== TEST 19: openresty.org: passing SSL verify: keepalive (no reusing the ssl session) --- config server_tokens off; resolver $TEST_NGINX_RESOLVER ipv6=off; @@ -1526,7 +1527,7 @@ SSL reused session do for i = 1, 3 do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -1534,7 +1535,7 @@ SSL reused session ngx.say("connected: ", ok) - local session, err = sock:sslhandshake(nil, "iscribblet.org", true) + local session, err = sock:sslhandshake(nil, "openresty.org", true) if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -1553,7 +1554,7 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request GET /t @@ -1612,7 +1613,7 @@ SSL reused session --- user_files eval ">>> trusted.crt -$::StartComRootCertificate" +$::ComodoRootCertificate" --- request POST /t @@ -2042,7 +2043,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -2051,7 +2052,7 @@ SSL reused session ngx.say("connected: ", ok) for i = 1, 2 do - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -2060,7 +2061,7 @@ SSL reused session ngx.say("ssl handshake: ", type(session)) end - local req = "GET / HTTP/1.1\\r\\nHost: iscribblet.org\\r\\nConnection: close\\r\\n\\r\\n" + local req = "GET / HTTP/1.1\\r\\nHost: openresty.org\\r\\nConnection: close\\r\\n\\r\\n" local bytes, err = sock:send(req) if not bytes then ngx.say("failed to send http request: ", err) @@ -2090,8 +2091,8 @@ GET /t connected: 1 ssl handshake: userdata ssl handshake: userdata -sent http request: 59 bytes. -received: HTTP/1.1 200 OK +sent http request: 58 bytes. +received: HTTP/1.1 302 Moved Temporarily close: 1 nil --- log_level: debug @@ -2103,7 +2104,7 @@ lua ssl free session: ([0-9A-F]+):2 lua ssl free session: ([0-9A-F]+):1 $/ --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" --- no_error_log SSL reused session [error] @@ -2126,7 +2127,7 @@ SSL reused session sock:settimeout(2000) do - local ok, err = sock:connect("iscribblet.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return @@ -2135,7 +2136,7 @@ SSL reused session ngx.say("connected: ", ok) sock:settimeout(1); -- should timeout immediately - local session, err = sock:sslhandshake(nil, "iscribblet.org") + local session, err = sock:sslhandshake(nil, "openresty.org") if not session then ngx.say("failed to do SSL handshake: ", err) return @@ -2157,7 +2158,7 @@ failed to do SSL handshake: timeout --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ --- grep_error_log_out --- error_log -lua ssl server name: "iscribblet.org" +lua ssl server name: "openresty.org" --- no_error_log SSL reused session [error] @@ -2598,7 +2599,7 @@ SSL reused session local sock = ngx.socket.tcp() sock:settimeout(2000) - local ok, err = sock:connect("g.sregex.org", 443) + local ok, err = sock:connect("openresty.org", 443) if not ok then ngx.say("failed to connect: ", err) return diff --git a/t/cert/comodo-ca.crt b/t/cert/comodo-ca.crt new file mode 100644 index 0000000000..444461b95a --- /dev/null +++ b/t/cert/comodo-ca.crt @@ -0,0 +1,29 @@ +-----BEGIN CERTIFICATE----- +MIIF2DCCA8CgAwIBAgIQTKr5yttjb+Af907YWwOGnTANBgkqhkiG9w0BAQwFADCBhTELMAkGA1UE +BhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgG +A1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlv +biBBdXRob3JpdHkwHhcNMTAwMTE5MDAwMDAwWhcNMzgwMTE4MjM1OTU5WjCBhTELMAkGA1UEBhMC +R0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UE +ChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNVBAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBB +dXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCR6FSS0gpWsawNJN3Fz0Rn +dJkrN6N9I3AAcbxT38T6KhKPS38QVr2fcHK3YX/JSw8Xpz3jsARh7v8Rl8f0hj4K+j5c+ZPmNHrZ +FGvnnLOFoIJ6dq9xkNfs/Q36nGz637CC9BR++b7Epi9Pf5l/tfxnQ3K9DADWietrLNPtj5gcFKt+ +5eNu/Nio5JIk2kNrYrhV/erBvGy2i/MOjZrkm2xpmfh4SDBF1a3hDTxFYPwyllEnvGfDyi62a+pG +x8cgoLEfZd5ICLqkTqnyg0Y3hOvozIFIQ2dOciqbXL1MGyiKXCJ7tKuY2e7gUYPDCUZObT6Z+pUX +2nwzV0E8jVHtC7ZcryxjGt9XyD+86V3Em69FmeKjWiS0uqlWPc9vqv9JWL7wqP/0uK3pN/u6uPQL +OvnoQ0IeidiEyxPx2bvhiWC4jChWrBQdnArncevPDt09qZahSL0896+1DSJMwBGB7FY79tOi4lu3 +sgQiUpWAk2nojkxl8ZEDLXB0AuqLZxUpaVICu9ffUGpVRr+goyhhf3DQw6KqLCGqR84onAZFdr+C +GCe01a60y1Dma/RMhnEw6abfFobg2P9A3fvQQoh/ozM6LlweQRGBY84YcWsr7KaKtzFcOmpH4MN5 +WdYgGq/yapiqcrxXStJLnbsQ/LBMQeXtHT1eKJ2czL+zUdqnR+WEUwIDAQABo0IwQDAdBgNVHQ4E +FgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w +DQYJKoZIhvcNAQEMBQADggIBAArx1UaEt65Ru2yyTUEUAJNMnMvlwFTPoCWOAvn9sKIN9SCYPBMt +rFaisNZ+EZLpLrqeLppysb0ZRGxhNaKatBYSaVqM4dc+pBroLwP0rmEdEBsqpIt6xf4FpuHA1sj+ +nq6PK7o9mfjYcwlYRm6mnPTXJ9OV2jeDchzTc+CiR5kDOF3VSXkAKRzH7JsgHAckaVd4sjn8OoSg +tZx8jb8uk2IntznaFxiuvTwJaP+EmzzV1gsD41eeFPfR60/IvYcjt7ZJQ3mFXLrrkguhxuhoqEwW +sRqZCuhTLJK7oQkYdQxlqHvLI7cawiiFwxv/0Cti76R7CZGYZ4wUAc1oBmpjIXUDgIiKboHGhfKp +pC3n9KUkEEeDys30jXlYsQab5xoq2Z0B15R97QNKyvDb6KkBPvVWmckejkk9u+UJueBPSZI9FoJA +zMxZxuY67RIuaTxslbH9qh17f4a+Hg4yRvv7E491f0yLS0Zj/gA0QHDBw7mh3aZw4gSzQbzpgJHq +ZJx64SIDqZxubw5lT2yHh17zbqD5daWbQOhTsiedSrnAdyGN/4fy3ryM7xfft0kL0fJuMAsaDk52 +7RH89elWsn2/x20Kk4yl0MC2Hb46TpSi125sC8KKfPog88Tk5c0NqMuRkrF8hey1FGlmDoLnzc7I +LaZRfyHBNVOFBkpdn627G190 +-----END CERTIFICATE----- diff --git a/t/cert/startcom.crt b/t/cert/startcom.crt deleted file mode 100644 index a5185ca100..0000000000 --- a/t/cert/startcom.crt +++ /dev/null @@ -1,87 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIHhzCCBW+gAwIBAgIBLTANBgkqhkiG9w0BAQsFADB9MQswCQYDVQQGEwJJTDEW -MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg -Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM3WhcNMzYwOTE3MTk0NjM2WjB9 -MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi -U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh -cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA -A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk -pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf -OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C -Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT -Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi -HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM -Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w -+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+ -Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3 -Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B -26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID -AQABo4ICEDCCAgwwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYD -VR0OBBYEFE4L7xqkQFulF2mHMMo0aEPQQa7yMB8GA1UdIwQYMBaAFE4L7xqkQFul -F2mHMMo0aEPQQa7yMIIBWgYDVR0gBIIBUTCCAU0wggFJBgsrBgEEAYG1NwEBATCC -ATgwLgYIKwYBBQUHAgEWImh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL3BvbGljeS5w -ZGYwNAYIKwYBBQUHAgEWKGh0dHA6Ly93d3cuc3RhcnRzc2wuY29tL2ludGVybWVk -aWF0ZS5wZGYwgc8GCCsGAQUFBwICMIHCMCcWIFN0YXJ0IENvbW1lcmNpYWwgKFN0 -YXJ0Q29tKSBMdGQuMAMCAQEagZZMaW1pdGVkIExpYWJpbGl0eSwgcmVhZCB0aGUg -c2VjdGlvbiAqTGVnYWwgTGltaXRhdGlvbnMqIG9mIHRoZSBTdGFydENvbSBDZXJ0 -aWZpY2F0aW9uIEF1dGhvcml0eSBQb2xpY3kgYXZhaWxhYmxlIGF0IGh0dHA6Ly93 -d3cuc3RhcnRzc2wuY29tL3BvbGljeS5wZGYwEQYJYIZIAYb4QgEBBAQDAgAHMDgG -CWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNTTCBDZXJ0aWZpY2F0aW9uIEF1 -dGhvcml0eTANBgkqhkiG9w0BAQsFAAOCAgEAjo/n3JR5fPGFf59Jb2vKXfuM/gTF -wWLRfUKKvFO3lANmMD+x5wqnUCBVJX92ehQN6wQOQOY+2IirByeDqXWmN3PH/UvS -Ta0XQMhGvjt/UfzDtgUx3M2FIk5xt/JxXrAaxrqTi3iSSoX4eA+D/i+tLPfkpLst -0OcNOrg+zvZ49q5HJMqjNTbOx8aHmNrs++myziebiMMEofYLWWivydsQD032ZGNc -pRJvkrKTlMeIFw6Ttn5ii5B/q06f/ON1FE8qMt9bDeD1e5MNq6HPh+GlBEXoPBKl -CcWw0bdT82AUuoVpaiF8H3VhFyAXe2w7QSlc4axa0c2Mm+tgHRns9+Ww2vl5GKVF -P0lDV9LdJNUso/2RjSe15esUBppMeyG7Oq0wBhjA2MFrLH9ZXF2RsXAiV+uKa0hK -1Q8p7MZAwC+ITGgBF3f0JBlPvfrhsiAhS90a2Cl9qrjeVOwhVYBsHvUwyKMQ5bLm -KhQxw4UtjJixhlpPiVktucf3HMiKf8CdBUrmQk9io20ppB+Fq9vlgcitKj1MXVuE -JnHEhV5xJMqlG2zYYdMa4FTbzrqpMrUi9nNBCV24F10OD5mQ1kfabwo6YigUZ4LZ -8dCAWZvLMdibD4x3TrVoivJs9iQOLWxwxXPR3hTQcY+203sC9uO41Alua551hDnm -fyWl8kgAwKQB2j8= ------END CERTIFICATE----- ------BEGIN CERTIFICATE----- -MIIHyTCCBbGgAwIBAgIBATANBgkqhkiG9w0BAQUFADB9MQswCQYDVQQGEwJJTDEW -MBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMiU2VjdXJlIERpZ2l0YWwg -Q2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3RhcnRDb20gQ2VydGlmaWNh -dGlvbiBBdXRob3JpdHkwHhcNMDYwOTE3MTk0NjM2WhcNMzYwOTE3MTk0NjM2WjB9 -MQswCQYDVQQGEwJJTDEWMBQGA1UEChMNU3RhcnRDb20gTHRkLjErMCkGA1UECxMi -U2VjdXJlIERpZ2l0YWwgQ2VydGlmaWNhdGUgU2lnbmluZzEpMCcGA1UEAxMgU3Rh -cnRDb20gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwggIiMA0GCSqGSIb3DQEBAQUA -A4ICDwAwggIKAoICAQDBiNsJvGxGfHiflXu1M5DycmLWwTYgIiRezul38kMKogZk -pMyONvg45iPwbm2xPN1yo4UcodM9tDMr0y+v/uqwQVlntsQGfQqedIXWeUyAN3rf -OQVSWff0G0ZDpNKFhdLDcfN1YjS6LIp/Ho/u7TTQEceWzVI9ujPW3U3eCztKS5/C -Ji/6tRYccjV3yjxd5srhJosaNnZcAdt0FCX+7bWgiA/deMotHweXMAEtcnn6RtYT -Kqi5pquDSR3l8u/d5AGOGAqPY1MWhWKpDhk6zLVmpsJrdAfkK+F2PrRt2PZE4XNi -HzvEvqBTViVsUQn3qqvKv3b9bZvzndu/PWa8DFaqr5hIlTpL36dYUNk4dalb6kMM -Av+Z6+hsTXBbKWWc3apdzK8BMewM69KN6Oqce+Zu9ydmDBpI125C4z/eIT574Q1w -+2OqqGwaVLRcJXrJosmLFqa7LH4XXgVNWG4SHQHuEhANxjJ/GP/89PrNbpHoNkm+ -Gkhpi8KWTRoSsmkXwQqQ1vp5Iki/untp+HDH+no32NgN0nZPV/+Qt+OR0t3vwmC3 -Zzrd/qqc8NSLf3Iizsafl7b4r4qgEKjZ+xjGtrVcUjyJthkqcwEKDwOzEmDyei+B -26Nu/yYwl/WL3YlXtq09s68rxbd2AvCl1iuahhQqcvbjM4xdCUsT37uMdBNSSwID -AQABo4ICUjCCAk4wDAYDVR0TBAUwAwEB/zALBgNVHQ8EBAMCAa4wHQYDVR0OBBYE -FE4L7xqkQFulF2mHMMo0aEPQQa7yMGQGA1UdHwRdMFswLKAqoCiGJmh0dHA6Ly9j -ZXJ0LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMCugKaAnhiVodHRwOi8vY3Js -LnN0YXJ0Y29tLm9yZy9zZnNjYS1jcmwuY3JsMIIBXQYDVR0gBIIBVDCCAVAwggFM -BgsrBgEEAYG1NwEBATCCATswLwYIKwYBBQUHAgEWI2h0dHA6Ly9jZXJ0LnN0YXJ0 -Y29tLm9yZy9wb2xpY3kucGRmMDUGCCsGAQUFBwIBFilodHRwOi8vY2VydC5zdGFy -dGNvbS5vcmcvaW50ZXJtZWRpYXRlLnBkZjCB0AYIKwYBBQUHAgIwgcMwJxYgU3Rh -cnQgQ29tbWVyY2lhbCAoU3RhcnRDb20pIEx0ZC4wAwIBARqBl0xpbWl0ZWQgTGlh -YmlsaXR5LCByZWFkIHRoZSBzZWN0aW9uICpMZWdhbCBMaW1pdGF0aW9ucyogb2Yg -dGhlIFN0YXJ0Q29tIENlcnRpZmljYXRpb24gQXV0aG9yaXR5IFBvbGljeSBhdmFp -bGFibGUgYXQgaHR0cDovL2NlcnQuc3RhcnRjb20ub3JnL3BvbGljeS5wZGYwEQYJ -YIZIAYb4QgEBBAQDAgAHMDgGCWCGSAGG+EIBDQQrFilTdGFydENvbSBGcmVlIFNT -TCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTANBgkqhkiG9w0BAQUFAAOCAgEAFmyZ -9GYMNPXQhV59CuzaEE44HF7fpiUFS5Eyweg78T3dRAlbB0mKKctmArexmvclmAk8 -jhvh3TaHK0u7aNM5Zj2gJsfyOZEdUauCe37Vzlrk4gNXcGmXCPleWKYK34wGmkUW -FjgKXlf2Ysd6AgXmvB618p70qSmD+LIU424oh0TDkBreOKk8rENNZEXO3SipXPJz -ewT4F+irsfMuXGRuczE6Eri8sxHkfY+BUZo7jYn0TZNmezwD7dOaHZrzZVD1oNB1 -ny+v8OqCQ5j4aZyJecRDjkZy42Q2Eq/3JR44iZB3fsNrarnDy0RLrHiQi+fHLB5L -EUTINFInzQpdn4XBidUaePKVEFMy3YCEZnXZtWgo+2EuvoSoOMCZEoalHmdkrQYu -L6lwhceWD3yJZfWOQ1QOq92lgDmUYMA0yZZwLKMS9R9Ie70cfmu3nZD0Ijuu+Pwq -yvqCUqDvr0tVk+vBtfAii6w0TiYiBKGHLHVKt+V9E9e4DGTANtLJL4YSjCMJwRuC -O3NJo2pXh5Tl1njFmUNj403gdy3hZZlyaQQaRwnmDwFWJPsfvw55qVguucQJAX6V -um0ABj6y6koQOdjQK/W/7HW/lwLFCRsI3FU34oH7N4RDYiDK51ZLZer+bMEkkySh -NOsF/5oirpt9P/FlUQqmMGqz9IgcgA38corog14= ------END CERTIFICATE----- From 7a8798437abf3b36a67c280828354e9b759ad7e8 Mon Sep 17 00:00:00 2001 From: spacewander Date: Wed, 31 May 2017 09:54:03 +0800 Subject: [PATCH 105/136] feature: added pure C API function +ngx_http_lua_ffi_errlog_get_sys_filter_level for ngx.errlog module's get_sys_filter_level() function in the lua-resty-core library. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_log.c | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/src/ngx_http_lua_log.c b/src/ngx_http_lua_log.c index 5fc79dd232..ab5fd9dd13 100644 --- a/src/ngx_http_lua_log.c +++ b/src/ngx_http_lua_log.c @@ -405,6 +405,28 @@ ngx_http_lua_ffi_errlog_get_msg(char **log, int *loglevel, u_char *err, #endif } + +int +ngx_http_lua_ffi_errlog_get_sys_filter_level(ngx_http_request_t *r) +{ + ngx_log_t *log; + int log_level; + + if (r && r->connection && r->connection->log) { + log = r->connection->log; + + } else { + log = ngx_cycle->log; + } + + log_level = log->log_level; + if (log_level == NGX_LOG_DEBUG_ALL) { + log_level = NGX_LOG_DEBUG; + } + + return log_level; +} + #endif /* vi:set ft=c ts=4 sw=4 et fdm=marker: */ From 69d995513b17df9ebb09dd4ea6656e1f78b28a34 Mon Sep 17 00:00:00 2001 From: guanglinlv Date: Sun, 4 Jun 2017 22:59:45 +0800 Subject: [PATCH 106/136] bugfix: the running timer counter might go out of sync when non-timer handlers using fake requests are involved (like ssl_certficate_by_lua* and ssl_session_fetch_by_lua*). Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_util.c | 6 ++- t/139-ssl-cert-by.t | 102 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 107 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_util.c b/src/ngx_http_lua_util.c index ba9c9579e8..d20549e73e 100644 --- a/src/ngx_http_lua_util.c +++ b/src/ngx_http_lua_util.c @@ -919,7 +919,11 @@ ngx_http_lua_request_cleanup(ngx_http_lua_ctx_t *ctx, int forcible) #if 1 if (r->connection->fd == (ngx_socket_t) -1) { /* being a fake request */ - lmcf->running_timers--; + + if (ctx->context == NGX_HTTP_LUA_CONTEXT_TIMER) { + /* being a timer handler */ + lmcf->running_timers--; + } } #endif diff --git a/t/139-ssl-cert-by.t b/t/139-ssl-cert-by.t index b9fd60d431..595e383c9c 100644 --- a/t/139-ssl-cert-by.t +++ b/t/139-ssl-cert-by.t @@ -1574,3 +1574,105 @@ qr/\[error\] .*? send\(\) failed/, --- no_error_log [alert] ssl_certificate_by_lua:1: ssl cert by lua is running! + + + +=== TEST 19: check the count of running timers +--- http_config + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + server_name test.com; + + ssl_certificate_by_lua_block { print("ssl cert by lua is running!") } + ssl_certificate ../../cert/test.crt; + ssl_certificate_key ../../cert/test.key; + + server_tokens off; + location /timers { + default_type 'text/plain'; + content_by_lua_block { + ngx.timer.at(0.1, function() ngx.sleep(0.3) end) + ngx.timer.at(0.11, function() ngx.sleep(0.3) end) + ngx.timer.at(0.09, function() ngx.sleep(0.3) end) + ngx.sleep(0.2) + ngx.say(ngx.timer.running_count()) + } + more_clear_headers Date; + } + } +--- config + server_tokens off; + lua_ssl_trusted_certificate ../../cert/test.crt; + + location /t { + content_by_lua_block { + do + local sock = ngx.socket.tcp() + + sock:settimeout(2000) + + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local sess, err = sock:sslhandshake(nil, "test.com", true) + if not sess then + ngx.say("failed to do SSL handshake: ", err) + return + end + + ngx.say("ssl handshake: ", type(sess)) + + local req = "GET /timers HTTP/1.0\r\nHost: test.com\r\nConnection: close\r\n\r\n" + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send http request: ", err) + return + end + + ngx.say("sent http request: ", bytes, " bytes.") + + while true do + local line, err = sock:receive() + if not line then + -- ngx.say("failed to receive response status line: ", err) + break + end + + ngx.say("received: ", line) + end + + local ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + end -- do + -- collectgarbage() + } + } + +--- request +GET /t +--- response_body +connected: 1 +ssl handshake: userdata +sent http request: 59 bytes. +received: HTTP/1.1 200 OK +received: Server: nginx +received: Content-Type: text/plain +received: Content-Length: 2 +received: Connection: close +received: +received: 3 +close: 1 nil + +--- error_log eval +[ +'ssl_certificate_by_lua:1: ssl cert by lua is running!', +'lua ssl server name: "test.com"', +] +--- no_error_log +[error] +[alert] From 2360565f5fbc9c73ae6c02b8eca4f60a9af05191 Mon Sep 17 00:00:00 2001 From: spacewander Date: Wed, 14 Jun 2017 15:19:38 +0800 Subject: [PATCH 107/136] doc: fixed some typos detected by misspell. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 6 +++--- doc/HttpLuaModule.wiki | 6 +++--- src/ngx_http_lua_ssl_session_fetchby.c | 2 +- src/ngx_http_lua_ssl_session_storeby.c | 4 ++-- t/139-ssl-cert-by.t | 2 +- t/140-ssl-c-api.t | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/README.markdown b/README.markdown index e7808cd131..992aa28558 100644 --- a/README.markdown +++ b/README.markdown @@ -675,12 +675,12 @@ It is therefore *highly* recommended to always declare such within an appropriat -- Avoid foo = 123 - -- Recomended + -- Recommended local foo = 123 -- Avoid function foo() return 123 end - -- Recomended + -- Recommended local function foo() return 123 end ``` @@ -914,7 +914,7 @@ servers in Lua. For example, * add `ignore_resp_headers`, `ignore_resp_body`, and `ignore_resp` options to [ngx.location.capture](#ngxlocationcapture) and [ngx.location.capture_multi](#ngxlocationcapture_multi) methods, to allow micro performance tuning on the user side. * add automatic Lua code time slicing support by yielding and resuming the Lua VM actively via Lua's debug hooks. * add `stat` mode similar to [mod_lua](https://httpd.apache.org/docs/trunk/mod/mod_lua.html). -* cosocket: add client SSL certificiate support. +* cosocket: add client SSL certificate support. [Back to TOC](#table-of-contents) diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 84fd00045f..259874bfa7 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -537,12 +537,12 @@ It is therefore *highly* recommended to always declare such within an appropriat -- Avoid foo = 123 - -- Recomended + -- Recommended local foo = 123 -- Avoid function foo() return 123 end - -- Recomended + -- Recommended local function foo() return 123 end @@ -745,7 +745,7 @@ servers in Lua. For example, * add ignore_resp_headers, ignore_resp_body, and ignore_resp options to [[#ngx.location.capture|ngx.location.capture]] and [[#ngx.location.capture_multi|ngx.location.capture_multi]] methods, to allow micro performance tuning on the user side. * add automatic Lua code time slicing support by yielding and resuming the Lua VM actively via Lua's debug hooks. * add stat mode similar to [https://httpd.apache.org/docs/trunk/mod/mod_lua.html mod_lua]. -* cosocket: add client SSL certificiate support. +* cosocket: add client SSL certificate support. = Changes = diff --git a/src/ngx_http_lua_ssl_session_fetchby.c b/src/ngx_http_lua_ssl_session_fetchby.c index 4c450b56ba..60728f29a4 100644 --- a/src/ngx_http_lua_ssl_session_fetchby.c +++ b/src/ngx_http_lua_ssl_session_fetchby.c @@ -107,7 +107,7 @@ ngx_http_lua_ssl_sess_fetch_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, dd("enter"); - /* must specifiy a content handler */ + /* must specify a content handler */ if (cmd->post == NULL) { return NGX_CONF_ERROR; } diff --git a/src/ngx_http_lua_ssl_session_storeby.c b/src/ngx_http_lua_ssl_session_storeby.c index b5596bc71c..50adf2040c 100644 --- a/src/ngx_http_lua_ssl_session_storeby.c +++ b/src/ngx_http_lua_ssl_session_storeby.c @@ -105,7 +105,7 @@ ngx_http_lua_ssl_sess_store_by_lua(ngx_conf_t *cf, ngx_command_t *cmd, dd("enter"); - /* must specifiy a content handler */ + /* must specify a content handler */ if (cmd->post == NULL) { return NGX_CONF_ERROR; } @@ -386,7 +386,7 @@ ngx_http_lua_ssl_sess_store_by_chunk(lua_State *L, ngx_http_request_t *r) dd("rc == %d", (int) rc); if (rc != 0) { - /* error occured when running loaded code */ + /* error occurred when running loaded code */ err_msg = (u_char *) lua_tolstring(L, -1, &len); if (err_msg == NULL) { diff --git a/t/139-ssl-cert-by.t b/t/139-ssl-cert-by.t index 595e383c9c..e6d0da8a66 100644 --- a/t/139-ssl-cert-by.t +++ b/t/139-ssl-cert-by.t @@ -1383,7 +1383,7 @@ uthread: done -=== TEST 17: simple logging - use ssl_certificiate_by_lua* on the http {} level +=== TEST 17: simple logging - use ssl_certificate_by_lua* on the http {} level GitHub openresty/lua-resty-core#42 --- http_config ssl_certificate_by_lua_block { print("ssl cert by lua is running!") } diff --git a/t/140-ssl-c-api.t b/t/140-ssl-c-api.t index 854ff30aad..8734d1477d 100644 --- a/t/140-ssl-c-api.t +++ b/t/140-ssl-c-api.t @@ -626,7 +626,7 @@ failed to parse PEM priv key: PEM_read_bio_PrivateKey() failed while true do local line, err = sock:receive() if not line then - -- ngx.say("failed to recieve response status line: ", err) + -- ngx.say("failed to receive response status line: ", err) break end @@ -776,7 +776,7 @@ lua ssl server name: "test.com" while true do local line, err = sock:receive() if not line then - -- ngx.say("failed to recieve response status line: ", err) + -- ngx.say("failed to receive response status line: ", err) break end From 6f49242a8feeccecfed33b1225a9b2dc0ff16177 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 20 Jun 2017 12:43:12 -0700 Subject: [PATCH 108/136] fixed tests to reflect recent changes. --- t/129-ssl-socket.t | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t index 928701f521..a8871e5473 100644 --- a/t/129-ssl-socket.t +++ b/t/129-ssl-socket.t @@ -1187,7 +1187,7 @@ lua ssl free session: ([0-9A-F]+):1 $/ --- error_log lua ssl server name: "openresty.org" -SSL: TLSv1.2, cipher: "ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 +SSL: TLSv1.2, cipher: "ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 --- no_error_log SSL reused session [error] @@ -1347,7 +1347,7 @@ lua ssl free session: ([0-9A-F]+):1 $/ --- error_log lua ssl server name: "openresty.org" -SSL: TLSv1, cipher: "ECDHE-RSA-AES128-SHA +SSL: TLSv1, cipher: "ECDHE-RSA-AES256-SHA --- no_error_log SSL reused session [error] From 9cb970978cd9a023606404987075ce671dd28d84 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 26 Jun 2017 12:12:52 -0700 Subject: [PATCH 109/136] tests: updated tests on ssl cosockets to reflect recent changes in our CDN network. --- t/129-ssl-socket.t | 20 ++++++-------------- 1 file changed, 6 insertions(+), 14 deletions(-) diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t index a8871e5473..530406d6ed 100644 --- a/t/129-ssl-socket.t +++ b/t/129-ssl-socket.t @@ -4,7 +4,7 @@ use Test::Nginx::Socket::Lua; repeat_each(2); -plan tests => repeat_each() * 219; +plan tests => repeat_each() * 217; $ENV{TEST_NGINX_HTML_DIR} ||= html_dir(); @@ -179,21 +179,14 @@ SSL reused session GET /t --- response_body connected: 1 -ssl handshake: userdata -sent http request: 58 bytes. -received: HTTP/1.1 302 Moved Temporarily -close: 1 nil +failed to do SSL handshake: handshake failed --- log_level: debug --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ ---- grep_error_log_out eval -qr/^lua ssl save session: ([0-9A-F]+):2 -lua ssl free session: ([0-9A-F]+):1 -$/ +--- grep_error_log_out --- no_error_log lua ssl server name: SSL reused session -[error] [alert] --- timeout: 5 @@ -434,7 +427,7 @@ $::ComodoRootCertificate" GET /t --- response_body connected: 1 -failed to do SSL handshake: certificate host mismatch +failed to do SSL handshake: handshake failed failed to send http request: closed --- log_level: debug @@ -442,7 +435,6 @@ failed to send http request: closed --- grep_error_log_out --- error_log lua ssl server name: "blah.openresty.org" -lua ssl certificate does not match host "blah.openresty.org" --- no_error_log SSL reused session [alert] @@ -514,7 +506,7 @@ $::ComodoRootCertificate" GET /t --- response_body connected: 1 -failed to do SSL handshake: certificate host mismatch +failed to do SSL handshake: handshake failed failed to send http request: closed --- log_level: debug @@ -589,7 +581,7 @@ GET /t connected: 1 ssl handshake: userdata sent http request: 56 bytes. -received: HTTP/1.1 302 Moved Temporarily +received: HTTP/1.1 404 Not Found close: 1 nil --- log_level: debug From 031e0000429e18d3220c0d530fa03b9ba20d9489 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 26 Jun 2017 14:46:20 -0700 Subject: [PATCH 110/136] doc: use the .ljbc file extension instead of .luac for LuaJIT bytecode files. --- README.markdown | 4 ++-- doc/HttpLuaModule.wiki | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.markdown b/README.markdown index 992aa28558..c30944d0ce 100644 --- a/README.markdown +++ b/README.markdown @@ -413,14 +413,14 @@ Please note that the bytecode format used by LuaJIT 2.0/2.1 is not compatible wi ```bash - /path/to/luajit/bin/luajit -b /path/to/input_file.lua /path/to/output_file.luac + /path/to/luajit/bin/luajit -b /path/to/input_file.lua /path/to/output_file.ljbc ``` The `-bg` option can be used to include debug information in the LuaJIT bytecode file: ```bash - /path/to/luajit/bin/luajit -bg /path/to/input_file.lua /path/to/output_file.luac + /path/to/luajit/bin/luajit -bg /path/to/input_file.lua /path/to/output_file.ljbc ``` Please refer to the official LuaJIT documentation on the `-b` option for more details: diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 259874bfa7..ef8ecc3b81 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -315,13 +315,13 @@ As from the v0.5.0rc32 release, all *_by_lua_file conf Please note that the bytecode format used by LuaJIT 2.0/2.1 is not compatible with that used by the standard Lua 5.1 interpreter. So if using LuaJIT 2.0/2.1 with ngx_lua, LuaJIT compatible bytecode files must be generated as shown: - /path/to/luajit/bin/luajit -b /path/to/input_file.lua /path/to/output_file.luac + /path/to/luajit/bin/luajit -b /path/to/input_file.lua /path/to/output_file.ljbc The -bg option can be used to include debug information in the LuaJIT bytecode file: - /path/to/luajit/bin/luajit -bg /path/to/input_file.lua /path/to/output_file.luac + /path/to/luajit/bin/luajit -bg /path/to/input_file.lua /path/to/output_file.ljbc Please refer to the official LuaJIT documentation on the -b option for more details: From df708216cf71082e94a96792306c8cc9d0105e68 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Tue, 27 Jun 2017 05:57:53 +0800 Subject: [PATCH 111/136] feature: errlog capture: now we also record the UNIX timestamp (in sec with msec precision through the decimal part) for each error log entry. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_log.c | 5 +++-- src/ngx_http_lua_log_ringbuf.c | 12 +++++++++++- src/ngx_http_lua_log_ringbuf.h | 2 +- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/ngx_http_lua_log.c b/src/ngx_http_lua_log.c index ab5fd9dd13..c18e6b03ee 100644 --- a/src/ngx_http_lua_log.c +++ b/src/ngx_http_lua_log.c @@ -375,7 +375,7 @@ ngx_http_lua_ffi_errlog_set_filter_level(int level, u_char *err, size_t *errlen) int ngx_http_lua_ffi_errlog_get_msg(char **log, int *loglevel, u_char *err, - size_t *errlen) + size_t *errlen, double *log_time) { #ifdef HAVE_INTERCEPT_ERROR_LOG_PATCH ngx_uint_t loglen; @@ -395,7 +395,8 @@ ngx_http_lua_ffi_errlog_get_msg(char **log, int *loglevel, u_char *err, return NGX_DONE; } - ngx_http_lua_log_ringbuf_read(ringbuf, loglevel, (void **)log, &loglen); + ngx_http_lua_log_ringbuf_read(ringbuf, loglevel, (void **) log, &loglen, + log_time); return loglen; #else *errlen = ngx_snprintf(err, *errlen, diff --git a/src/ngx_http_lua_log_ringbuf.c b/src/ngx_http_lua_log_ringbuf.c index dca610df56..ab1a23dee6 100644 --- a/src/ngx_http_lua_log_ringbuf.c +++ b/src/ngx_http_lua_log_ringbuf.c @@ -10,6 +10,7 @@ typedef struct { + double time; unsigned len:28; /* :24 is big enough if the max log size is 4k */ unsigned log_level:4; } ngx_http_lua_log_ringbuf_header_t; @@ -88,6 +89,7 @@ ngx_http_lua_log_ringbuf_append(ngx_http_lua_log_ringbuf_t *rb, int sentinel, int log_level, void *buf, int n) { ngx_http_lua_log_ringbuf_header_t *head; + ngx_time_t *tp; if (sentinel) { rb->sentinel = rb->tail; @@ -99,6 +101,9 @@ ngx_http_lua_log_ringbuf_append(ngx_http_lua_log_ringbuf_t *rb, head->len = n; head->log_level = log_level; + tp = ngx_timeofday(); + head->time = tp->sec + tp->msec / 1000.0L; + rb->tail += HEADER_LEN; ngx_memcpy(rb->tail, buf, n); rb->tail += n; @@ -171,7 +176,7 @@ ngx_http_lua_log_ringbuf_write(ngx_http_lua_log_ringbuf_t *rb, int log_level, /* read log from ring buffer, do reset if all of the logs were readed. */ ngx_int_t ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, int *log_level, - void **buf, size_t *n) + void **buf, size_t *n, double *log_time) { ngx_http_lua_log_ringbuf_header_t *head; @@ -191,6 +196,11 @@ ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, int *log_level, rb->head += HEADER_LEN; *buf = rb->head; rb->head += head->len; + + if (log_time) { + *log_time = head->time; + } + rb->count--; if (rb->count == 0) { diff --git a/src/ngx_http_lua_log_ringbuf.h b/src/ngx_http_lua_log_ringbuf.h index e855e2514a..4c065393ca 100644 --- a/src/ngx_http_lua_log_ringbuf.h +++ b/src/ngx_http_lua_log_ringbuf.h @@ -21,7 +21,7 @@ void ngx_http_lua_log_ringbuf_init(ngx_http_lua_log_ringbuf_t *rb, void *buf, size_t len); void ngx_http_lua_log_ringbuf_reset(ngx_http_lua_log_ringbuf_t *rb); ngx_int_t ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, - int *log_level, void **buf, size_t *n); + int *log_level, void **buf, size_t *n, double *log_time); ngx_int_t ngx_http_lua_log_ringbuf_write(ngx_http_lua_log_ringbuf_t *rb, int log_level, void *buf, size_t n); From 20d6558b074f1bda3584827412f2e364aeb00b0f Mon Sep 17 00:00:00 2001 From: Datong Sun Date: Fri, 23 Jun 2017 19:07:06 -0700 Subject: [PATCH 112/136] feature: balancer_by_lua*: now the user Lua code can terminate the current request with arbitrary HTTP response status codes via ngx.exit(). Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_balancer.c | 8 +++++++- t/138-balancer.t | 4 ++-- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/src/ngx_http_lua_balancer.c b/src/ngx_http_lua_balancer.c index 03d9eac082..2fa634eb4d 100644 --- a/src/ngx_http_lua_balancer.c +++ b/src/ngx_http_lua_balancer.c @@ -314,7 +314,13 @@ ngx_http_lua_balancer_get_peer(ngx_peer_connection_t *pc, void *data) if (ctx->exited && ctx->exit_code != NGX_OK) { rc = ctx->exit_code; - if (rc == NGX_ERROR || rc == NGX_BUSY || rc == NGX_DECLINED) { + if (rc == NGX_ERROR + || rc == NGX_BUSY + || rc == NGX_DECLINED +#ifdef HAVE_BALANCER_STATUS_CODE_PATCH + || rc >= NGX_HTTP_SPECIAL_RESPONSE +#endif + ) { return rc; } diff --git a/t/138-balancer.t b/t/138-balancer.t index fc2617350a..ddd0da577a 100644 --- a/t/138-balancer.t +++ b/t/138-balancer.t @@ -58,8 +58,8 @@ qr{\[crit\] .*? connect\(\) to 0\.0\.0\.1:80 failed .*?, upstream: "http://0\.0\ } --- request GET /t ---- response_body_like: 500 Internal Server Error ---- error_code: 500 +--- response_body_like: 403 Forbidden +--- error_code: 403 --- error_log [lua] balancer_by_lua:2: hello from balancer by lua! while connecting to upstream, --- no_error_log eval From 66f073128119ba1f1dae1132d72d2d613f94bd84 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Pracha=C5=99?= Date: Tue, 27 Jun 2017 19:42:26 +0200 Subject: [PATCH 113/136] bugfix: fixed several bugs in ngx_http_lua_log_ringbuf.c. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_log_ringbuf.c | 84 ++++++++++++++++++++-------------- 1 file changed, 49 insertions(+), 35 deletions(-) diff --git a/src/ngx_http_lua_log_ringbuf.c b/src/ngx_http_lua_log_ringbuf.c index ab1a23dee6..7ff4ae8414 100644 --- a/src/ngx_http_lua_log_ringbuf.c +++ b/src/ngx_http_lua_log_ringbuf.c @@ -24,8 +24,7 @@ enum { static void *ngx_http_lua_log_ringbuf_next_header( ngx_http_lua_log_ringbuf_t *rb); static void ngx_http_lua_log_ringbuf_append( - ngx_http_lua_log_ringbuf_t *rb, int sentinel, int log_level, void *buf, - int n); + ngx_http_lua_log_ringbuf_t *rb, int log_level, void *buf, int n); static size_t ngx_http_lua_log_ringbuf_free_spaces( ngx_http_lua_log_ringbuf_t *rb); @@ -69,14 +68,12 @@ ngx_http_lua_log_ringbuf_next_header(ngx_http_lua_log_ringbuf_t *rb) /* useless data */ if (rb->size - (rb->head - rb->data) < HEADER_LEN) { - rb->head = rb->data; - return rb->head; + return rb->data; } /* placehold data */ if (rb->head >= rb->sentinel) { - rb->head = rb->data; - return rb->head; + return rb->data; } return rb->head; @@ -86,17 +83,11 @@ ngx_http_lua_log_ringbuf_next_header(ngx_http_lua_log_ringbuf_t *rb) /* append data to ring buffer directly */ static void ngx_http_lua_log_ringbuf_append(ngx_http_lua_log_ringbuf_t *rb, - int sentinel, int log_level, void *buf, int n) + int log_level, void *buf, int n) { ngx_http_lua_log_ringbuf_header_t *head; ngx_time_t *tp; - if (sentinel) { - rb->sentinel = rb->tail; - rb->tail = rb->data; - return; - } - head = (ngx_http_lua_log_ringbuf_header_t *) rb->tail; head->len = n; head->log_level = log_level; @@ -109,6 +100,35 @@ ngx_http_lua_log_ringbuf_append(ngx_http_lua_log_ringbuf_t *rb, rb->tail += n; rb->count++; + if (rb->tail > rb->sentinel) { + rb->sentinel = rb->tail; + } + + return; +} + + +/* throw away data at head */ +static void +ngx_http_lua_log_ringbuf_throw_away(ngx_http_lua_log_ringbuf_t *rb) +{ + ngx_http_lua_log_ringbuf_header_t *head; + + if (rb->count == 0) { + return; + } + + head = (ngx_http_lua_log_ringbuf_header_t *) rb->head; + + rb->head += HEADER_LEN + head->len; + rb->count--; + + if (rb->count == 0) { + ngx_http_lua_log_ringbuf_reset(rb); + } + + rb->head = ngx_http_lua_log_ringbuf_next_header(rb); + return; } @@ -117,7 +137,7 @@ ngx_http_lua_log_ringbuf_append(ngx_http_lua_log_ringbuf_t *rb, static size_t ngx_http_lua_log_ringbuf_free_spaces(ngx_http_lua_log_ringbuf_t *rb) { - if (rb->tail == rb->head && rb->tail == rb->data) { + if (rb->count == 0) { return rb->size; } @@ -137,37 +157,30 @@ ngx_int_t ngx_http_lua_log_ringbuf_write(ngx_http_lua_log_ringbuf_t *rb, int log_level, void *buf, size_t n) { - size_t free_spaces; - - ngx_http_lua_log_ringbuf_header_t *head; - if (n + HEADER_LEN > rb->size) { return NGX_ERROR; } - free_spaces = ngx_http_lua_log_ringbuf_free_spaces(rb); - - if (free_spaces < n + HEADER_LEN) { + if (ngx_http_lua_log_ringbuf_free_spaces(rb) < n + HEADER_LEN) { /* if the right space is not enough, mark it as placehold data */ if ((size_t)(rb->data + rb->size - rb->tail) < n + HEADER_LEN) { - ngx_http_lua_log_ringbuf_append(rb, 1, 0, NULL, 0); - } - do { /* throw away old data */ - if (rb->head != ngx_http_lua_log_ringbuf_next_header(rb)) { - break; + while (rb->head >= rb->tail && rb->count) { + /* head is after tail, so we will throw away all data between + * head and sentinel */ + ngx_http_lua_log_ringbuf_throw_away(rb); } - head = (ngx_http_lua_log_ringbuf_header_t *) rb->head; - rb->head += HEADER_LEN + head->len; - rb->count--; + rb->sentinel = rb->tail; + rb->tail = rb->data; + } - ngx_http_lua_log_ringbuf_next_header(rb); - free_spaces = ngx_http_lua_log_ringbuf_free_spaces(rb); - } while (free_spaces < n + HEADER_LEN); + while (ngx_http_lua_log_ringbuf_free_spaces(rb) < n + HEADER_LEN) { + ngx_http_lua_log_ringbuf_throw_away(rb); + } } - ngx_http_lua_log_ringbuf_append(rb, 0, log_level, buf, n); + ngx_http_lua_log_ringbuf_append(rb, log_level, buf, n); return NGX_OK; } @@ -184,8 +197,7 @@ ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, int *log_level, return NGX_ERROR; } - head = (ngx_http_lua_log_ringbuf_header_t *) - ngx_http_lua_log_ringbuf_next_header(rb); + head = (ngx_http_lua_log_ringbuf_header_t *) rb->head; if (rb->head >= rb->sentinel) { return NGX_ERROR; @@ -207,5 +219,7 @@ ngx_http_lua_log_ringbuf_read(ngx_http_lua_log_ringbuf_t *rb, int *log_level, ngx_http_lua_log_ringbuf_reset(rb); } + rb->head = ngx_http_lua_log_ringbuf_next_header(rb); + return NGX_OK; } From 3294b1dfd0e67a3f8194c36225d109114bc11763 Mon Sep 17 00:00:00 2001 From: goecho Date: Wed, 5 Aug 2015 15:44:06 +0800 Subject: [PATCH 114/136] bugfix: ngx.encode_args() did not escape "|", ",", "$", "@", and "`". now it is now consistent with what Google Chrome's JavaScript API function encodeURIComponent() does. See: https://tools.ietf.org/html/rfc2396. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_util.c | 45 +++++++++++++++++++++++++++++++---------- t/030-uri-args.t | 19 ++++++++++++++++- 2 files changed, 52 insertions(+), 12 deletions(-) diff --git a/src/ngx_http_lua_util.c b/src/ngx_http_lua_util.c index d20549e73e..c7bee3e89a 100644 --- a/src/ngx_http_lua_util.c +++ b/src/ngx_http_lua_util.c @@ -1840,6 +1840,26 @@ ngx_http_lua_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) /* ~}| {zyx wvut srqp onml kjih gfed cba` */ 0x80000000, /* 1000 0000 0000 0000 0000 0000 0000 0000 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + 0xffffffff /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + }; + + /* not ALPHA, DIGIT, "-", ".", "_", "~" */ + + static uint32_t uri_component[] = { + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ + + /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */ + 0xfc00987d, /* 1111 1100 0000 0000 1001 1000 0111 1101 */ + + /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */ + 0x78000001, /* 0111 1000 0000 0000 0000 0000 0000 0001 */ + + /* ~}| {zyx wvut srqp onml kjih gfed cba` */ + 0xb8000001, /* 1011 1000 0000 0000 0000 0000 0000 0001 */ + 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ @@ -1909,8 +1929,7 @@ ngx_http_lua_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) /* mail_auth is the same as memcached */ static uint32_t *map[] = - { uri, args, html, refresh, memcached, memcached }; - + { uri, args, uri_component, html, refresh, memcached, memcached }; escape = map[type]; @@ -2321,7 +2340,7 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, key = (u_char *) lua_tolstring(L, -2, &key_len); key_escape = 2 * ngx_http_lua_escape_uri(NULL, key, key_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT); total_escape += key_escape; switch (lua_type(L, -1)) { @@ -2330,7 +2349,7 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, value = (u_char *) lua_tolstring(L, -1, &value_len); total_escape += 2 * ngx_http_lua_escape_uri(NULL, value, value_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT); len += key_len + value_len + (sizeof("=") - 1); n++; @@ -2371,7 +2390,7 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, total_escape += 2 * ngx_http_lua_escape_uri(NULL, value, value_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT); len += key_len + value_len + (sizeof("=") - 1); } @@ -2428,7 +2447,8 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, if (total_escape) { p = (u_char *) ngx_http_lua_escape_uri(p, key, key_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT + ); } else { dd("shortcut: no escape required"); @@ -2442,7 +2462,8 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, if (total_escape) { p = (u_char *) ngx_http_lua_escape_uri(p, value, value_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT + ); } else { p = ngx_copy(p, value, value_len); @@ -2461,7 +2482,7 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, if (lua_toboolean(L, -1)) { if (total_escape) { p = (u_char *) ngx_http_lua_escape_uri(p, key, key_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT); } else { dd("shortcut: no escape required"); @@ -2489,7 +2510,7 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, if (total_escape) { p = (u_char *) ngx_http_lua_escape_uri(p, key, key_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT); } else { dd("shortcut: no escape required"); @@ -2508,7 +2529,8 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, p = (u_char *) ngx_http_lua_escape_uri(p, key, key_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT + ); } else { dd("shortcut: no escape required"); @@ -2524,7 +2546,8 @@ ngx_http_lua_process_args_option(ngx_http_request_t *r, lua_State *L, p = (u_char *) ngx_http_lua_escape_uri(p, value, value_len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT + ); } else { p = ngx_copy(p, value, value_len); diff --git a/t/030-uri-args.t b/t/030-uri-args.t index 30d66d0401..96e216c15b 100644 --- a/t/030-uri-args.t +++ b/t/030-uri-args.t @@ -9,7 +9,7 @@ log_level('warn'); repeat_each(2); #repeat_each(1); -plan tests => repeat_each() * (blocks() * 2 + 17); +plan tests => repeat_each() * (blocks() * 2 + 18); no_root_location(); @@ -1389,3 +1389,20 @@ GET /lua GET /foo?world --- response_body_like ^HTTP/1.0 (a=3&b|b&a=3)$ + + + +=== TEST 57: ngx.encode_args (escaping) +--- config + location /lua { + content_by_lua_block { + local t = {bar = "-_.!~*'()", foo = ",$@|`"} + ngx.say("args: ", ngx.encode_args(t)) + } + } +--- request +GET /lua +--- response_body +args: foo=%2C%24%40%7C%60&bar=-_.!~*'() +--- no_error_log +[error] From bb30f6d8b6cd022f7acb55c806067025dd1f65d5 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 3 Jul 2017 22:47:00 -0700 Subject: [PATCH 115/136] bugfix: ngx.escape_uri() did not escape "|", ",", "$", "@", and "`". --- src/ngx_http_lua_string.c | 9 +++++---- t/006-escape.t | 21 +++++++++++++++++++-- 2 files changed, 24 insertions(+), 6 deletions(-) diff --git a/src/ngx_http_lua_string.c b/src/ngx_http_lua_string.c index 22b4c00303..239b2322ab 100644 --- a/src/ngx_http_lua_string.c +++ b/src/ngx_http_lua_string.c @@ -125,12 +125,13 @@ ngx_http_lua_ngx_escape_uri(lua_State *L) return 1; } - escape = 2 * ngx_http_lua_escape_uri(NULL, src, len, NGX_ESCAPE_URI); + escape = 2 * ngx_http_lua_escape_uri(NULL, src, len, + NGX_ESCAPE_URI_COMPONENT); if (escape) { dlen = escape + len; dst = lua_newuserdata(L, dlen); - ngx_http_lua_escape_uri(dst, src, len, NGX_ESCAPE_URI); + ngx_http_lua_escape_uri(dst, src, len, NGX_ESCAPE_URI_COMPONENT); lua_pushlstring(L, (char *) dst, dlen); } @@ -751,14 +752,14 @@ size_t ngx_http_lua_ffi_uri_escaped_length(const u_char *src, size_t len) { return len + 2 * ngx_http_lua_escape_uri(NULL, (u_char *) src, len, - NGX_ESCAPE_URI); + NGX_ESCAPE_URI_COMPONENT); } void ngx_http_lua_ffi_escape_uri(const u_char *src, size_t len, u_char *dst) { - ngx_http_lua_escape_uri(dst, (u_char *) src, len, NGX_ESCAPE_URI); + ngx_http_lua_escape_uri(dst, (u_char *) src, len, NGX_ESCAPE_URI_COMPONENT); } #endif diff --git a/t/006-escape.t b/t/006-escape.t index 0fb67a30f1..a21d3cb509 100644 --- a/t/006-escape.t +++ b/t/006-escape.t @@ -3,9 +3,8 @@ use Test::Nginx::Socket::Lua; repeat_each(2); -#repeat_each(1); -plan tests => repeat_each() * (blocks() * 2 + 1); +plan tests => repeat_each() * (blocks() * 2 + 2); no_long_string(); @@ -180,3 +179,21 @@ GET /t GET /t --- response_body [32] + + + +=== TEST 14: reserved chars +--- config + location /lua { + content_by_lua_block { + ngx.say(ngx.escape_uri("-_.!~*'()")) + ngx.say(ngx.escape_uri(",$@|`")) + } + } +--- request +GET /lua +--- response_body +-_.!~*'() +%2C%24%40%7C%60 +--- no_error_log +[error] From 8827a7f8332b9556c04fe91153ba55d677489907 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 3 Jul 2017 23:39:26 -0700 Subject: [PATCH 116/136] bugfix: segmentation fault would occur when several server {} blocks listen on the same port or unix domain socket file path *and* some of them are using ssl_certificate_by_lua* configurations while some are not. thanks petrovich-ua for the report and original patch in #1055. --- src/ngx_http_lua_ssl_certby.c | 11 ++ t/139-ssl-cert-by.t | 192 +++++++++++++++++++++++++++++++++- 2 files changed, 202 insertions(+), 1 deletion(-) diff --git a/src/ngx_http_lua_ssl_certby.c b/src/ngx_http_lua_ssl_certby.c index 84e309316a..5abbe7598e 100644 --- a/src/ngx_http_lua_ssl_certby.c +++ b/src/ngx_http_lua_ssl_certby.c @@ -193,6 +193,7 @@ ngx_http_lua_ssl_cert_handler(ngx_ssl_conn_t *ssl_conn, void *data) ngx_http_lua_srv_conf_t *lscf; ngx_http_core_loc_conf_t *clcf; ngx_http_lua_ssl_ctx_t *cctx; + ngx_http_core_srv_conf_t *cscf; c = ngx_ssl_get_connection(ssl_conn); @@ -298,6 +299,16 @@ ngx_http_lua_ssl_cert_handler(ngx_ssl_conn_t *ssl_conn, void *data) c->log->action = "loading SSL certificate by lua"; + if (lscf->srv.ssl_cert_handler == NULL) { + cscf = ngx_http_get_module_srv_conf(r, ngx_http_core_module); + + ngx_log_error(NGX_LOG_ALERT, c->log, 0, + "no ssl_certificate_by_lua* defined in " + "server %V", &cscf->server_name); + + goto failed; + } + rc = lscf->srv.ssl_cert_handler(r, lscf, L); if (rc >= NGX_OK || rc == NGX_ERROR) { diff --git a/t/139-ssl-cert-by.t b/t/139-ssl-cert-by.t index e6d0da8a66..c13044fc28 100644 --- a/t/139-ssl-cert-by.t +++ b/t/139-ssl-cert-by.t @@ -11,7 +11,7 @@ my $openssl_version = eval { `$NginxBinary -V 2>&1` }; if ($openssl_version =~ m/built with OpenSSL (0|1\.0\.(?:0|1[^\d]|2[a-d]).*)/) { plan(skip_all => "too old OpenSSL, need 1.0.2e, was $1"); } else { - plan tests => repeat_each() * (blocks() * 6 + 10); + plan tests => repeat_each() * (blocks() * 6 + 6); } $ENV{TEST_NGINX_HTML_DIR} ||= html_dir(); @@ -1676,3 +1676,193 @@ close: 1 nil --- no_error_log [error] [alert] + + + +=== TEST 20: some server {} block missing ssl_certificate_by_lua* handlers (literal server name) +--- http_config + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + server_name test.com; + + ssl_certificate_by_lua_block { print("ssl cert by lua is running!") } + ssl_certificate ../../cert/test.crt; + ssl_certificate_key ../../cert/test.key; + + server_tokens off; + location /timers { + default_type 'text/plain'; + content_by_lua_block { + ngx.timer.at(0.1, function() ngx.sleep(0.3) end) + ngx.timer.at(0.11, function() ngx.sleep(0.3) end) + ngx.timer.at(0.09, function() ngx.sleep(0.3) end) + ngx.sleep(0.2) + ngx.say(ngx.timer.running_count()) + } + more_clear_headers Date; + } + } + + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + server_name test2.com; + } +--- config + server_tokens off; + lua_ssl_trusted_certificate ../../cert/test.crt; + + location /t { + content_by_lua_block { + do + local sock = ngx.socket.tcp() + + sock:settimeout(2000) + + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local sess, err = sock:sslhandshake(nil, "test2.com", true) + if not sess then + ngx.say("failed to do SSL handshake: ", err) + return + end + + ngx.say("ssl handshake: ", type(sess)) + + local req = "GET /timers HTTP/1.0\r\nHost: test.com\r\nConnection: close\r\n\r\n" + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send http request: ", err) + return + end + + ngx.say("sent http request: ", bytes, " bytes.") + + while true do + local line, err = sock:receive() + if not line then + -- ngx.say("failed to receive response status line: ", err) + break + end + + ngx.say("received: ", line) + end + + local ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + end -- do + -- collectgarbage() + } + } + +--- request +GET /t +--- response_body +connected: 1 +failed to do SSL handshake: handshake failed + +--- error_log eval +[ +qr/\[alert\] .*? no ssl_certificate_by_lua\* defined in server test2\.com\b/, +qr/\[crit\] .*? SSL_do_handshake\(\) failed\b/, +] + + + +=== TEST 21: some server {} block missing ssl_certificate_by_lua* handlers (regex server name) +--- http_config + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + server_name test.com; + + ssl_certificate_by_lua_block { print("ssl cert by lua is running!") } + ssl_certificate ../../cert/test.crt; + ssl_certificate_key ../../cert/test.key; + + server_tokens off; + location /timers { + default_type 'text/plain'; + content_by_lua_block { + ngx.timer.at(0.1, function() ngx.sleep(0.3) end) + ngx.timer.at(0.11, function() ngx.sleep(0.3) end) + ngx.timer.at(0.09, function() ngx.sleep(0.3) end) + ngx.sleep(0.2) + ngx.say(ngx.timer.running_count()) + } + more_clear_headers Date; + } + } + + server { + listen unix:$TEST_NGINX_HTML_DIR/nginx.sock ssl; + server_name ~test2\.com; + } +--- config + server_tokens off; + lua_ssl_trusted_certificate ../../cert/test.crt; + + location /t { + content_by_lua_block { + do + local sock = ngx.socket.tcp() + + sock:settimeout(2000) + + local ok, err = sock:connect("unix:$TEST_NGINX_HTML_DIR/nginx.sock") + if not ok then + ngx.say("failed to connect: ", err) + return + end + + ngx.say("connected: ", ok) + + local sess, err = sock:sslhandshake(nil, "test2.com", true) + if not sess then + ngx.say("failed to do SSL handshake: ", err) + return + end + + ngx.say("ssl handshake: ", type(sess)) + + local req = "GET /timers HTTP/1.0\r\nHost: test.com\r\nConnection: close\r\n\r\n" + local bytes, err = sock:send(req) + if not bytes then + ngx.say("failed to send http request: ", err) + return + end + + ngx.say("sent http request: ", bytes, " bytes.") + + while true do + local line, err = sock:receive() + if not line then + -- ngx.say("failed to receive response status line: ", err) + break + end + + ngx.say("received: ", line) + end + + local ok, err = sock:close() + ngx.say("close: ", ok, " ", err) + end -- do + -- collectgarbage() + } + } + +--- request +GET /t +--- response_body +connected: 1 +failed to do SSL handshake: handshake failed + +--- error_log eval +[ +qr/\[alert\] .*? no ssl_certificate_by_lua\* defined in server ~test2\\\.com\b/, +qr/\[crit\] .*? SSL_do_handshake\(\) failed\b/, +] From 4527ec0bb8a24f48e297601396f2834ce91782bf Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 4 Jul 2017 10:50:15 -0700 Subject: [PATCH 117/136] tests: relaxed the expected ouptut constraint in tests for testing ssl host name mismatch. --- t/129-ssl-socket.t | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/t/129-ssl-socket.t b/t/129-ssl-socket.t index 530406d6ed..1c3f7cd016 100644 --- a/t/129-ssl-socket.t +++ b/t/129-ssl-socket.t @@ -425,10 +425,11 @@ $::ComodoRootCertificate" --- request GET /t ---- response_body -connected: 1 -failed to do SSL handshake: handshake failed +--- response_body_like chomp +\Aconnected: 1 +failed to do SSL handshake: (?:handshake failed|certificate host mismatch) failed to send http request: closed +\z --- log_level: debug --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ @@ -504,10 +505,11 @@ $::ComodoRootCertificate" --- request GET /t ---- response_body -connected: 1 -failed to do SSL handshake: handshake failed +--- response_body_like chomp +\Aconnected: 1 +failed to do SSL handshake: (?:handshake failed|certificate host mismatch) failed to send http request: closed +\z --- log_level: debug --- grep_error_log eval: qr/lua ssl (?:set|save|free) session: [0-9A-F]+:\d+/ From 81b8e4823d22686810355977e6ab70264fc08648 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 4 Jul 2017 10:56:57 -0700 Subject: [PATCH 118/136] tests: made a test less possible to fail due to timing error. --- t/135-worker-id.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/135-worker-id.t b/t/135-worker-id.t index 3c1f24d462..984f44650a 100644 --- a/t/135-worker-id.t +++ b/t/135-worker-id.t @@ -54,7 +54,7 @@ GET /lua content_by_lua_block { local counters = ngx.shared.counters local ok, c - for i = 1, 45 do + for i = 1, 100 do c = counters:get("c") if c >= 4 then ok = true From e84d69b269f4645dbe17b1780ef10c752ea4c51d Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 4 Jul 2017 11:12:28 -0700 Subject: [PATCH 119/136] tests: made a slow test less possible to time out on slow machines. --- t/152-timer-every.t | 1 + 1 file changed, 1 insertion(+) diff --git a/t/152-timer-every.t b/t/152-timer-every.t index 5026ed086c..a60f7d7613 100644 --- a/t/152-timer-every.t +++ b/t/152-timer-every.t @@ -267,6 +267,7 @@ growth1 == growth2: true [error] [alert] [crit] +--- timeout: 8 From 67664fef0937268e509a7bfc542bb0912064aa31 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 4 Jul 2017 11:33:59 -0700 Subject: [PATCH 120/136] minor coding style fixes. --- src/ngx_http_lua_log_ringbuf.h | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/src/ngx_http_lua_log_ringbuf.h b/src/ngx_http_lua_log_ringbuf.h index 4c065393ca..c9c2c2d148 100644 --- a/src/ngx_http_lua_log_ringbuf.h +++ b/src/ngx_http_lua_log_ringbuf.h @@ -7,13 +7,13 @@ typedef struct { - ngx_uint_t filter_level; - char *tail; /* writed point */ - char *head; /* readed point */ - char *data; /* buffer */ - char *sentinel; - size_t size; /* buffer total size */ - size_t count; /* count of logs */ + ngx_uint_t filter_level; + char *tail; /* writed point */ + char *head; /* readed point */ + char *data; /* buffer */ + char *sentinel; + size_t size; /* buffer total size */ + size_t count; /* count of logs */ } ngx_http_lua_log_ringbuf_t; From c372e1cc0ae2ed497d72d907b7c5f185afcf32e9 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 4 Jul 2017 11:35:00 -0700 Subject: [PATCH 121/136] optimize: made ngx_http_lua_log_ringbuf_header_t have the same size on linux i386 and x64. --- src/ngx_http_lua_log_ringbuf.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/ngx_http_lua_log_ringbuf.c b/src/ngx_http_lua_log_ringbuf.c index 7ff4ae8414..04640697ff 100644 --- a/src/ngx_http_lua_log_ringbuf.c +++ b/src/ngx_http_lua_log_ringbuf.c @@ -11,8 +11,8 @@ typedef struct { double time; - unsigned len:28; /* :24 is big enough if the max log size is 4k */ - unsigned log_level:4; + unsigned len; + unsigned log_level; } ngx_http_lua_log_ringbuf_header_t; From 720bd5dbb9b20cef4f5f2e183d6c50698f87feef Mon Sep 17 00:00:00 2001 From: skyever Date: Thu, 29 Jun 2017 15:39:32 +0800 Subject: [PATCH 122/136] bugfix: the fake requests/connections might leak when memory allocations fail. as discussed in #1098. Signed-off-by: skyever Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_ssl_certby.c | 12 +++++++++--- src/ngx_http_lua_ssl_session_fetchby.c | 12 +++++++++--- src/ngx_http_lua_ssl_session_storeby.c | 4 +++- 3 files changed, 21 insertions(+), 7 deletions(-) diff --git a/src/ngx_http_lua_ssl_certby.c b/src/ngx_http_lua_ssl_certby.c index 5abbe7598e..c3591d1ea3 100644 --- a/src/ngx_http_lua_ssl_certby.c +++ b/src/ngx_http_lua_ssl_certby.c @@ -464,7 +464,9 @@ ngx_http_lua_ssl_cert_by_chunk(lua_State *L, ngx_http_request_t *r) if (ctx == NULL) { ctx = ngx_http_lua_create_ctx(r); if (ctx == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } } else { @@ -481,7 +483,9 @@ ngx_http_lua_ssl_cert_by_chunk(lua_State *L, ngx_http_request_t *r) ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "lua: failed to create new coroutine to handle request"); - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } /* move code closure to new coroutine */ @@ -505,7 +509,9 @@ ngx_http_lua_ssl_cert_by_chunk(lua_State *L, ngx_http_request_t *r) if (ctx->cleanup == NULL) { cln = ngx_http_cleanup_add(r, 0); if (cln == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } cln->handler = ngx_http_lua_request_cleanup_handler; diff --git a/src/ngx_http_lua_ssl_session_fetchby.c b/src/ngx_http_lua_ssl_session_fetchby.c index 60728f29a4..556b73204c 100644 --- a/src/ngx_http_lua_ssl_session_fetchby.c +++ b/src/ngx_http_lua_ssl_session_fetchby.c @@ -468,7 +468,9 @@ ngx_http_lua_ssl_sess_fetch_by_chunk(lua_State *L, ngx_http_request_t *r) if (ctx == NULL) { ctx = ngx_http_lua_create_ctx(r); if (ctx == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } } else { @@ -485,7 +487,9 @@ ngx_http_lua_ssl_sess_fetch_by_chunk(lua_State *L, ngx_http_request_t *r) ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "lua: failed to create new coroutine to handle request"); - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } /* move code closure to new coroutine */ @@ -509,7 +513,9 @@ ngx_http_lua_ssl_sess_fetch_by_chunk(lua_State *L, ngx_http_request_t *r) if (ctx->cleanup == NULL) { cln = ngx_http_cleanup_add(r, 0); if (cln == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } cln->handler = ngx_http_lua_request_cleanup_handler; diff --git a/src/ngx_http_lua_ssl_session_storeby.c b/src/ngx_http_lua_ssl_session_storeby.c index 50adf2040c..bae8273d69 100644 --- a/src/ngx_http_lua_ssl_session_storeby.c +++ b/src/ngx_http_lua_ssl_session_storeby.c @@ -351,7 +351,9 @@ ngx_http_lua_ssl_sess_store_by_chunk(lua_State *L, ngx_http_request_t *r) if (ctx == NULL) { ctx = ngx_http_lua_create_ctx(r); if (ctx == NULL) { - return NGX_HTTP_INTERNAL_SERVER_ERROR; + rc = NGX_ERROR; + ngx_http_lua_finalize_request(r, rc); + return rc; } } else { From ef4a0b1db5b32f7ebf3004ca353b06825c2995ab Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Wed, 5 Jul 2017 18:42:14 -0700 Subject: [PATCH 123/136] tests: skipped the test case for lua_code_cache off + ngx.timer.every in the "check leak" test mode since there is a known memory leak in this case. --- t/152-timer-every.t | 3 +++ 1 file changed, 3 insertions(+) diff --git a/t/152-timer-every.t b/t/152-timer-every.t index a60f7d7613..c8d62e704d 100644 --- a/t/152-timer-every.t +++ b/t/152-timer-every.t @@ -343,6 +343,8 @@ lua_max_running_timers are not enough === TEST 9: lua_code_cache off +FIXME: it is know that this test case leaks memory. +so we skip it in the "check leak" testing mode. --- http_config lua_code_cache off; --- config @@ -380,3 +382,4 @@ ok --- no_error_log [error] [crit] +--- no_check_leak From cc0a793a27af48a364b951a374716b8cd5221487 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 10 Jul 2017 10:22:40 -0700 Subject: [PATCH 124/136] ocsp: removed a useless line of code, which unbreak the libressl build. thanks Kyra Zimmer for the original patch. --- src/ngx_http_lua_ssl_ocsp.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/ngx_http_lua_ssl_ocsp.c b/src/ngx_http_lua_ssl_ocsp.c index 3904aa8ea4..31b4f24382 100644 --- a/src/ngx_http_lua_ssl_ocsp.c +++ b/src/ngx_http_lua_ssl_ocsp.c @@ -490,7 +490,6 @@ ngx_http_lua_ffi_ssl_set_ocsp_status_resp(ngx_http_request_t *r, dd("set ocsp resp: resp_len=%d", (int) resp_len); (void) SSL_set_tlsext_status_ocsp_resp(ssl_conn, p, resp_len); - ssl_conn->tlsext_status_expected = 1; return NGX_OK; From a5094766702d97ab43c742f26d6d55098aa1b1f0 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Mon, 10 Jul 2017 12:01:24 +0800 Subject: [PATCH 125/136] bugfix: ngx.semaphore: when nginx workers exit, the harmless error message "semaphore gc wait queue is not empty" might be logged. Signed-off-by: Yichun Zhang (agentzh) --- .travis.yml | 1 + src/ngx_http_lua_semaphore.c | 7 +- t/153-semaphore-hup.t | 152 +++++++++++++++++++++++++++++++++++ t/154-semaphore.t | 118 +++++++++++++++++++++++++++ 4 files changed, 276 insertions(+), 2 deletions(-) create mode 100644 t/153-semaphore-hup.t create mode 100644 t/154-semaphore.t diff --git a/.travis.yml b/.travis.yml index 14ee63603c..39f9278b80 100644 --- a/.travis.yml +++ b/.travis.yml @@ -83,6 +83,7 @@ install: - git clone https://github.com/openresty/srcache-nginx-module.git ../srcache-nginx-module - git clone https://github.com/openresty/redis2-nginx-module.git ../redis2-nginx-module - git clone https://github.com/openresty/lua-resty-core.git ../lua-resty-core + - git clone https://github.com/openresty/lua-resty-lrucache.git ../lua-resty-lrucache - git clone -b v2.1-agentzh https://github.com/openresty/luajit2.git before_script: diff --git a/src/ngx_http_lua_semaphore.c b/src/ngx_http_lua_semaphore.c index 604d943471..eda0141f71 100644 --- a/src/ngx_http_lua_semaphore.c +++ b/src/ngx_http_lua_semaphore.c @@ -557,8 +557,11 @@ ngx_http_lua_ffi_sema_gc(ngx_http_lua_sema_t *sem) return; } - if (!ngx_queue_empty(&sem->wait_queue)) { - ngx_log_error(NGX_LOG_CRIT, ngx_cycle->log, 0, + if (!ngx_terminate + && !ngx_quit + && !ngx_queue_empty(&sem->wait_queue)) + { + ngx_log_error(NGX_LOG_ERR, ngx_cycle->log, 0, "in lua semaphore gc wait queue is" " not empty while the semaphore %p is being " "destroyed", sem); diff --git a/t/153-semaphore-hup.t b/t/153-semaphore-hup.t new file mode 100644 index 0000000000..f47074c629 --- /dev/null +++ b/t/153-semaphore-hup.t @@ -0,0 +1,152 @@ +# vim:set ft= ts=4 sw=4 et fdm=marker: +use lib 'lib'; +use Test::Nginx::Socket::Lua; + +#worker_connections(10140); +#workers(1); +log_level('warn'); +master_process_enabled(1); +repeat_each(1); + +plan tests => repeat_each() * (blocks() * 3); + +no_long_string(); +#no_diff(); + +add_block_preprocessor(sub { + my $block = shift; + + my $http_config = $block->http_config || ''; + $http_config .= <<'_EOC_'; + lua_package_path "../lua-resty-core/lib/?.lua;../lua-resty-lrucache/lib/?.lua;;"; + lua_shared_dict shdict 4m; + + init_by_lua_block { + require "resty.core" + local process = require "ngx.process" + local ok, err = process.enable_privileged_agent() + if not ok then + ngx.log(ngx.ERR, "failed to enable_privileged_agent: ", err) + end + } + + init_worker_by_lua_block { + local function test(pre) + if pre then + return + end + + local semaphore = require "ngx.semaphore" + local sem = semaphore.new() + + ngx.log(ngx.ERR, "created semaphore object") + + local function sem_wait() + + local ok, err = sem:wait(100) + if not ok then + ngx.log(ngx.ERR, "err: ", err) + else + ngx.log(ngx.ERR, "wait success") + end + end + + while not ngx.worker.exiting() do + local co = ngx.thread.spawn(sem_wait) + ngx.thread.wait(co) + end + end + + local ok, err = ngx.timer.at(0, test) + if not ok then + ngx.log(ngx.ERR, "failed to create semaphore timer err: ", err) + end + + local function reload(pre) + if pre then + return + end + + shdict = ngx.shared.shdict + local success = shdict:add("reloaded", 1) + if not success then + return + end + + ngx.log(ngx.ERR, "try to reload nginx") + + local f, err = io.open(ngx.config.prefix() .. "/logs/nginx.pid", "r") + if not f then + ngx.say("failed to open nginx.pid: ", err) + return + end + + local pid = f:read() + + f:close() + os.execute("kill -HUP " .. pid) + end + + local typ = require "ngx.process".type + if typ() == "privileged agent" then + local ok, err = ngx.timer.at(0.1, reload) + if not ok then + ngx.log(ngx.ERR, "failed to create semaphore timer err: ", err) + end + end + } +_EOC_ + $block->set_value("http_config", $http_config); +}); + +run_tests(); + +__DATA__ + +=== TEST 1: timer + reload +--- config + location /test { + content_by_lua_block { + ngx.sleep(1) + ngx.say("hello") + } + } +--- request +GET /test +--- response_body +hello +--- grep_error_log eval: qr/created semaphore object|try to reload nginx|semaphore gc wait queue is not empty/ +--- grep_error_log_out +created semaphore object +created semaphore object +try to reload nginx +created semaphore object +created semaphore object +--- skip_nginx: 3: < 1.11.2 +--- no_check_leak + + + +=== TEST 2: timer + reload (lua code cache off) +--- http_config + lua_code_cache off; +--- config + location /test { + content_by_lua_block { + ngx.sleep(1) + ngx.say("hello") + } + } +--- request +GET /test +--- response_body +hello +--- grep_error_log eval: qr/created semaphore object|try to reload nginx|semaphore gc wait queue is not empty/ +--- grep_error_log_out +created semaphore object +created semaphore object +try to reload nginx +created semaphore object +created semaphore object +--- skip_nginx: 3: < 1.11.2 +--- no_check_leak diff --git a/t/154-semaphore.t b/t/154-semaphore.t new file mode 100644 index 0000000000..b45de63bfa --- /dev/null +++ b/t/154-semaphore.t @@ -0,0 +1,118 @@ +# vim:set ft=ts=4 sw=4 et fdm=marker: +use lib 'lib'; +use Test::Nginx::Socket::Lua; + +#worker_connections(10140); +#workers(1); +#log_level('warn'); + +repeat_each(2); + +plan tests => repeat_each() * (blocks() * 3) + blocks(); + +no_long_string(); +#no_diff(); + +add_block_preprocessor(sub { + my $block = shift; + + my $http_config = $block->http_config || ''; + $http_config .= <<'_EOC_'; + lua_package_path "../lua-resty-core/lib/?.lua;../lua-resty-lrucache/lib/?.lua;;"; + + init_by_lua_block { + require "resty.core" + } +_EOC_ + $block->set_value("http_config", $http_config); +}); + +run_tests(); + +__DATA__ + +=== TEST 1: timer + shutdown error log +--- config + location /test { + content_by_lua_block { + local function test(pre) + + local semaphore = require "ngx.semaphore" + local sem = semaphore.new() + + local function sem_wait() + + local ok, err = sem:wait(10) + if not ok then + ngx.log(ngx.ERR, "err: ", err) + else + ngx.log(ngx.ERR, "wait success") + end + end + + while not ngx.worker.exiting() do + local co = ngx.thread.spawn(sem_wait) + ngx.thread.wait(co) + end + end + + local ok, err = ngx.timer.at(0, test) + ngx.log(ngx.ERR, "hello, world") + ngx.say("time: ", ok) + } + } +--- request +GET /test +--- response_body +time: 1 +--- grep_error_log eval: qr/hello, world|semaphore gc wait queue is not empty/ +--- grep_error_log_out +hello, world +--- shutdown_error_log +--- no_shutdown_error_log +semaphore gc wait queue is not empty + + + +=== TEST 2: timer + shutdown error log (lua code cache off) +--- http_config + lua_code_cache off; +--- config + location /test { + content_by_lua_block { + local function test(pre) + + local semaphore = require "ngx.semaphore" + local sem = semaphore.new() + + local function sem_wait() + + local ok, err = sem:wait(10) + if not ok then + ngx.log(ngx.ERR, "err: ", err) + else + ngx.log(ngx.ERR, "wait success") + end + end + + while not ngx.worker.exiting() do + local co = ngx.thread.spawn(sem_wait) + ngx.thread.wait(co) + end + end + + local ok, err = ngx.timer.at(0, test) + ngx.log(ngx.ERR, "hello, world") + ngx.say("time: ", ok) + } + } +--- request +GET /test +--- response_body +time: 1 +--- grep_error_log eval: qr/hello, world|semaphore gc wait queue is not empty/ +--- grep_error_log_out +hello, world +--- shutdown_error_log +--- no_shutdown_error_log +semaphore gc wait queue is not empty From 1e71ff2cbac1fe7115fdee6634fbdcfb35341216 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 16 Jul 2017 20:51:47 -0700 Subject: [PATCH 126/136] tests: fixed the vim mode line in a test file. --- t/154-semaphore.t | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/154-semaphore.t b/t/154-semaphore.t index b45de63bfa..3c1f004431 100644 --- a/t/154-semaphore.t +++ b/t/154-semaphore.t @@ -1,4 +1,4 @@ -# vim:set ft=ts=4 sw=4 et fdm=marker: +# vim:set ft= ts=4 sw=4 et fdm=marker: use lib 'lib'; use Test::Nginx::Socket::Lua; From c26854856a84e2a8da8178687f2b572f54dc9bdf Mon Sep 17 00:00:00 2001 From: spacewander Date: Mon, 17 Jul 2017 10:34:53 +0800 Subject: [PATCH 127/136] tests: added a test case to make sure $proxy_add_x_forwarded_for is accessible on the Lua land. Signed-off-by: Yichun Zhang (agentzh) --- t/045-ngx-var.t | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/t/045-ngx-var.t b/t/045-ngx-var.t index b5fcc8107b..6475f1e809 100644 --- a/t/045-ngx-var.t +++ b/t/045-ngx-var.t @@ -154,14 +154,15 @@ invalid referer: 1 -=== TEST 8: $proxy_host & $proxy_port +=== TEST 8: $proxy_host & $proxy_port & $proxy_add_x_forwarded_for --- config location = /t { proxy_pass http://127.0.0.1:$server_port/back; - header_filter_by_lua ' + header_filter_by_lua_block { ngx.header["Proxy-Host"] = ngx.var.proxy_host ngx.header["Proxy-Port"] = ngx.var.proxy_port - '; + ngx.header["Proxy-Add-X-Forwarded-For"] = ngx.var.proxy_add_x_forwarded_for + } } location = /back { @@ -172,6 +173,7 @@ GET /t --- raw_response_headers_like Proxy-Host: 127.0.0.1\:\d+\r Proxy-Port: \d+\r +Proxy-Add-X-Forwarded-For: 127.0.0.1\r --- response_body hello --- no_error_log From 2fd469d468c6b1cdb1561557a0967f6c9b3e8f0c Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 17 Jul 2017 16:08:46 -0700 Subject: [PATCH 128/136] refactor: removed the duplicate C function decelaration for ngx_http_lua_socket_read_handler. --- src/ngx_http_lua_socket_tcp.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c index 49811168d1..fe089638dc 100644 --- a/src/ngx_http_lua_socket_tcp.c +++ b/src/ngx_http_lua_socket_tcp.c @@ -69,8 +69,6 @@ static void ngx_http_lua_socket_dummy_handler(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u); static ngx_int_t ngx_http_lua_socket_tcp_read(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u); -static void ngx_http_lua_socket_read_handler(ngx_http_request_t *r, - ngx_http_lua_socket_tcp_upstream_t *u); static int ngx_http_lua_socket_tcp_receive_retval_handler(ngx_http_request_t *r, ngx_http_lua_socket_tcp_upstream_t *u, lua_State *L); static ngx_int_t ngx_http_lua_socket_read_line(void *data, ssize_t bytes); From 51c14a898138b9d734e7a908b5ca2937cc2cccf1 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Mon, 17 Jul 2017 16:10:57 -0700 Subject: [PATCH 129/136] bugfix: segmentation fault might happen when a stale read event happens after the downstream cosocket object is closed. thanks Dejiang Zhu for the report. --- src/ngx_http_lua_socket_tcp.c | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/ngx_http_lua_socket_tcp.c b/src/ngx_http_lua_socket_tcp.c index fe089638dc..382a94de7c 100644 --- a/src/ngx_http_lua_socket_tcp.c +++ b/src/ngx_http_lua_socket_tcp.c @@ -4418,15 +4418,18 @@ ngx_http_lua_req_socket_rev_handler(ngx_http_request_t *r) ctx = ngx_http_get_module_ctx(r, ngx_http_lua_module); if (ctx == NULL) { + r->read_event_handler = ngx_http_block_reading; return; } u = ctx->downstream; - if (u) { - u->read_event_handler(r, u); + if (u == NULL || u->peer.connection == NULL) { + r->read_event_handler = ngx_http_block_reading; + return; } -} + u->read_event_handler(r, u); +} static int ngx_http_lua_socket_tcp_getreusedtimes(lua_State *L) From 0f0af5094880f94ff4d2185576c1385981a49750 Mon Sep 17 00:00:00 2001 From: WenMing Date: Wed, 19 Jul 2017 11:28:37 +0800 Subject: [PATCH 130/136] doc: fixed a typo in a code example for `ngx.re.match`. Signed-off-by: Yichun Zhang (agentzh) --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/README.markdown b/README.markdown index c30944d0ce..5a6d878148 100644 --- a/README.markdown +++ b/README.markdown @@ -5909,7 +5909,7 @@ The optional fourth argument, `ctx`, can be a Lua table holding an optional `pos local ctx = { pos = 2 } local m, err = ngx.re.match("1234, hello", "[0-9]+", "", ctx) - -- m[0] = "34" + -- m[0] = "234" -- ctx.pos == 5 ``` diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index ef8ecc3b81..1f188b260d 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -4932,7 +4932,7 @@ The optional fourth argument, ctx, can be a Lua table holding an op local ctx = { pos = 2 } local m, err = ngx.re.match("1234, hello", "[0-9]+", "", ctx) - -- m[0] = "34" + -- m[0] = "234" -- ctx.pos == 5 From f170505186ff61af36b3e126772b671793af9428 Mon Sep 17 00:00:00 2001 From: Henry Lee Date: Thu, 27 Jul 2017 14:47:53 +0800 Subject: [PATCH 131/136] bugfix: ngx.escape_uri: we did not escape URI reserved chars. #1124 ngx.escape_uri should also escape RFC 3986 section 2.2 Reserved Characters. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_util.c | 2 +- t/006-escape.t | 2 +- t/030-uri-args.t | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ngx_http_lua_util.c b/src/ngx_http_lua_util.c index c7bee3e89a..b6dfae9530 100644 --- a/src/ngx_http_lua_util.c +++ b/src/ngx_http_lua_util.c @@ -1852,7 +1852,7 @@ ngx_http_lua_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */ - 0xfc00987d, /* 1111 1100 0000 0000 1001 1000 0111 1101 */ + 0xfc009fff, /* 1111 1100 0000 0000 1001 1111 1111 1111 */ /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */ 0x78000001, /* 0111 1000 0000 0000 0000 0000 0000 0001 */ diff --git a/t/006-escape.t b/t/006-escape.t index a21d3cb509..695aaf7060 100644 --- a/t/006-escape.t +++ b/t/006-escape.t @@ -193,7 +193,7 @@ GET /t --- request GET /lua --- response_body --_.!~*'() +-_.%21~%2A%27%28%29 %2C%24%40%7C%60 --- no_error_log [error] diff --git a/t/030-uri-args.t b/t/030-uri-args.t index 96e216c15b..752e0f5cf8 100644 --- a/t/030-uri-args.t +++ b/t/030-uri-args.t @@ -1403,6 +1403,6 @@ GET /lua --- request GET /lua --- response_body -args: foo=%2C%24%40%7C%60&bar=-_.!~*'() +args: foo=%2C%24%40%7C%60&bar=-_.%21~%2A%27%28%29 --- no_error_log [error] From 691370ec274f5e94a095eae0298096a66b04d983 Mon Sep 17 00:00:00 2001 From: spacewander Date: Mon, 31 Jul 2017 09:57:47 +0800 Subject: [PATCH 132/136] Revert "bugfix: ngx.escape_uri: we did not escape URI reserved chars. #1124" Commit f170505186ff61af36b3e126772b671793af9428 breaks the compatibility with RFC 3986. Here is two reasons: 1. Quote from RFC 3986 Section 2.2: > A subset of the reserved characters (gen-delims) is used as delimiters of the generic URI components described in Section 3 Note that RFC 3986 says 'a subset of the reserved characters (gen-delims)', not all the reserved characters. The characters escaped in that commit are 'sub-delims'. They are not required to be escaped according to Section 2.2. 2. Refer to RFC 3986 "Appendix A. Collected ABNF for URI", sub-delims could be used as part of query and other components. This use case shows that sub-delims are valid in some component of URI. Therefore, it would be better if we don't escape them for URI component. Signed-off-by: Yichun Zhang (agentzh) --- src/ngx_http_lua_util.c | 2 +- t/006-escape.t | 2 +- t/030-uri-args.t | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/ngx_http_lua_util.c b/src/ngx_http_lua_util.c index b6dfae9530..c7bee3e89a 100644 --- a/src/ngx_http_lua_util.c +++ b/src/ngx_http_lua_util.c @@ -1852,7 +1852,7 @@ ngx_http_lua_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type) 0xffffffff, /* 1111 1111 1111 1111 1111 1111 1111 1111 */ /* ?>=< ;:98 7654 3210 /.-, +*)( '&%$ #"! */ - 0xfc009fff, /* 1111 1100 0000 0000 1001 1111 1111 1111 */ + 0xfc00987d, /* 1111 1100 0000 0000 1001 1000 0111 1101 */ /* _^]\ [ZYX WVUT SRQP ONML KJIH GFED CBA@ */ 0x78000001, /* 0111 1000 0000 0000 0000 0000 0000 0001 */ diff --git a/t/006-escape.t b/t/006-escape.t index 695aaf7060..a21d3cb509 100644 --- a/t/006-escape.t +++ b/t/006-escape.t @@ -193,7 +193,7 @@ GET /t --- request GET /lua --- response_body --_.%21~%2A%27%28%29 +-_.!~*'() %2C%24%40%7C%60 --- no_error_log [error] diff --git a/t/030-uri-args.t b/t/030-uri-args.t index 752e0f5cf8..96e216c15b 100644 --- a/t/030-uri-args.t +++ b/t/030-uri-args.t @@ -1403,6 +1403,6 @@ GET /lua --- request GET /lua --- response_body -args: foo=%2C%24%40%7C%60&bar=-_.%21~%2A%27%28%29 +args: foo=%2C%24%40%7C%60&bar=-_.!~*'() --- no_error_log [error] From 82b21887127765b43991f0356cccb12882cfbf73 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Sun, 6 Aug 2017 19:48:20 -0700 Subject: [PATCH 133/136] tests: made 2 test cases less possible to fail on slower machines. --- t/153-semaphore-hup.t | 2 ++ 1 file changed, 2 insertions(+) diff --git a/t/153-semaphore-hup.t b/t/153-semaphore-hup.t index f47074c629..c85a21dae4 100644 --- a/t/153-semaphore-hup.t +++ b/t/153-semaphore-hup.t @@ -124,6 +124,7 @@ created semaphore object created semaphore object --- skip_nginx: 3: < 1.11.2 --- no_check_leak +--- wait: 0.2 @@ -150,3 +151,4 @@ created semaphore object created semaphore object --- skip_nginx: 3: < 1.11.2 --- no_check_leak +--- wait: 0.2 From 89de7802227fd97005cb03b5d1fc38b809093b70 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 8 Aug 2017 12:25:45 -0700 Subject: [PATCH 134/136] doc: bumped version to 0.10.9. --- README.markdown | 4 ++-- doc/HttpLuaModule.wiki | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.markdown b/README.markdown index 5a6d878148..0b71c2cc0a 100644 --- a/README.markdown +++ b/README.markdown @@ -62,7 +62,7 @@ Production ready. Version ======= -This document describes ngx_lua [v0.10.8](https://github.com/openresty/lua-nginx-module/tags) released on 8 April 2017. +This document describes ngx_lua [v0.10.9](https://github.com/openresty/lua-nginx-module/tags) released on 8 August 2017. Synopsis ======== @@ -990,7 +990,7 @@ Copyright and License This module is licensed under the BSD license. -Copyright (C) 2009-2016, by Xiaozhe Wang (chaoslawful) . +Copyright (C) 2009-2017, by Xiaozhe Wang (chaoslawful) . Copyright (C) 2009-2017, by Yichun "agentzh" Zhang (章亦春) , OpenResty Inc. diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 1f188b260d..13b3d894b3 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -10,7 +10,7 @@ Production ready. = Version = -This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.8] released on 8 April 2017. +This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.9] released on 8 August 2017. = Synopsis = @@ -812,7 +812,7 @@ There are also various testing modes based on mockeagain, valgrind, and etc. Ref This module is licensed under the BSD license. -Copyright (C) 2009-2016, by Xiaozhe Wang (chaoslawful) . +Copyright (C) 2009-2017, by Xiaozhe Wang (chaoslawful) . Copyright (C) 2009-2017, by Yichun "agentzh" Zhang (章亦春) , OpenResty Inc. From 7b7178a958f33eb5086a4e66c18f13e68a39c859 Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 8 Aug 2017 19:44:12 -0700 Subject: [PATCH 135/136] bugfix: fixed a compilation error on Windows. this regression had appeaered in 0.10.9. --- src/ngx_http_lua_worker.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/ngx_http_lua_worker.c b/src/ngx_http_lua_worker.c index f4425b914a..e1cfec4102 100644 --- a/src/ngx_http_lua_worker.c +++ b/src/ngx_http_lua_worker.c @@ -138,7 +138,7 @@ ngx_http_lua_ffi_worker_count(void) int ngx_http_lua_ffi_get_process_type(void) { -#ifdef HAVE_PRIVILEGED_PROCESS_PATCH +#if defined(HAVE_PRIVILEGED_PROCESS_PATCH) && !NGX_WIN32 if (ngx_process == NGX_PROCESS_HELPER) { if (ngx_is_privileged_agent) { return NGX_PROCESS_PRIVILEGED_AGENT; From cdd2ae921f67bf396c743406493127be496e57ce Mon Sep 17 00:00:00 2001 From: "Yichun Zhang (agentzh)" Date: Tue, 8 Aug 2017 19:51:56 -0700 Subject: [PATCH 136/136] bumped version to 0.10.10. --- README.markdown | 2 +- doc/HttpLuaModule.wiki | 2 +- src/api/ngx_http_lua_api.h | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/README.markdown b/README.markdown index 0b71c2cc0a..fac3a0d79b 100644 --- a/README.markdown +++ b/README.markdown @@ -62,7 +62,7 @@ Production ready. Version ======= -This document describes ngx_lua [v0.10.9](https://github.com/openresty/lua-nginx-module/tags) released on 8 August 2017. +This document describes ngx_lua [v0.10.10](https://github.com/openresty/lua-nginx-module/tags) released on 8 August 2017. Synopsis ======== diff --git a/doc/HttpLuaModule.wiki b/doc/HttpLuaModule.wiki index 13b3d894b3..83930567b6 100644 --- a/doc/HttpLuaModule.wiki +++ b/doc/HttpLuaModule.wiki @@ -10,7 +10,7 @@ Production ready. = Version = -This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.9] released on 8 August 2017. +This document describes ngx_lua [https://github.com/openresty/lua-nginx-module/tags v0.10.10] released on 8 August 2017. = Synopsis = diff --git a/src/api/ngx_http_lua_api.h b/src/api/ngx_http_lua_api.h index 5083799a04..cd64fc8c35 100644 --- a/src/api/ngx_http_lua_api.h +++ b/src/api/ngx_http_lua_api.h @@ -19,7 +19,7 @@ /* Public API for other Nginx modules */ -#define ngx_http_lua_version 10009 +#define ngx_http_lua_version 10010 typedef struct {