OpenResty® Scalable Web Platform by Extending NGINX with Lua

ChangeLog 1.2.8

Yichun Zhang , 10 Jun 2013 (created 26 Apr 2013)

Stable Release 1.2.8.6 - 10 June 2013

  • upgraded LuaJIT to 2.0.2.
  • LuaJIT-2.0.2
  • array-var-nginx-module-0.03rc1
  • auth-request-nginx-module-0.2
  • drizzle-nginx-module-0.1.5
  • echo-nginx-module-0.45
  • encrypted-session-nginx-module-0.03
  • form-input-nginx-module-0.07
  • headers-more-nginx-module-0.20
  • iconv-nginx-module-0.10
  • lua-5.1.5
  • lua-cjson-1.0.3
  • lua-rds-parser-0.05
  • lua-redis-parser-0.10
  • lua-resty-dns-0.09
  • lua-resty-memcached-0.11
  • lua-resty-mysql-0.13
  • lua-resty-redis-0.15
  • lua-resty-string-0.08
  • lua-resty-upload-0.08
  • memc-nginx-module-0.13rc3
  • nginx-1.2.8
  • ngx_coolkit-0.2rc1
  • ngx_devel_kit-0.2.18
  • ngx_lua-0.8.2
  • ngx_postgres-1.0rc2
  • rds-csv-nginx-module-0.05rc2
  • rds-json-nginx-module-0.12rc10
  • redis-nginx-module-0.3.6
  • redis2-nginx-module-0.10
  • set-misc-nginx-module-0.22rc8
  • srcache-nginx-module-0.21
  • xss-nginx-module-0.03rc9

Mainline Version 1.2.8.5 - 23 May 2013

  • upgraded Lua Nginx Module to 0.8.2.
    • feature: added ngx.HTTP_MKCOL, ngx.HTTP_COPY, ngx.HTTP_MOVE, and other WebDAV request method constants; also added corresponding support to ngx.req.set_method and ngx.location.capture. thanks Adallom Roy for the patch.
    • feature: allow injecting new user Lua APIs (and overriding existing Lua APIs) in the "ngx" table.
    • bugfix: ngx.req.set_body_file() always enabled Direct I/O which caused the alert message "fcntl(O_DIRECT) ... Invalid argument" in error logs on file systems lacking the Direct I/O support. thanks Matthieu Tourne for reporting this issue.
    • bugfix: buffer corruption might happen in ngx.req.set_body_file() when Nginx upstream modules were used later because ngx.req.set_body_file() incorrectly set r->request_body->buf to the in-file buffer which could get reused by ngx_http_upstream for its own purposes.
    • bugfix: no longer automatically turn underscores (_) to dashes (-) in header names for ngx.req.set_header and ngx.req.clear_header. thanks aviramc for the report.
    • bugfix: segmentation fault might happen in nginx 1.4.x when calling ngx.req.set_header on the Cookie request headers because recent versions of Nginx no longer always initialize r->headers_in.cookies. thanks Rob W for reporting this issue.
    • bugfix: fixed the C compiler warning "argument 'nret' might be clobbered by 'longjmp' or 'vfork'" when compiling with Ubuntu 13.04's gcc 4.7.3. thanks jacky and Rajeev's reports.
    • bugfix: temporary memory leaks might happen when using ngx.escape_uri, ngx.unescape_uri, ngx.quote_sql_str, ngx.decode_base64, and ngx.encode_base64 in tight Lua loops because we allocated memory in nginx's request memory pool for these methods.
    • optimize: ngx.escape_uri now runs faster when the input string contains no special bytes to be escaped.
    • testing: added custom test scaffold t::TestNginxLua which subclasses Test::Nginx::Socket. it supports the environment TEST_NGINX_INIT_BY_LUA which can be used to add more custom Lua code to the value of the init_by_lua directive in the Nginx configuration.
  • upgraded Srcache Nginx Module to 0.21.
    • bugfix: responses with a status code smaller than all the status codes specified in the srcache_store_statuses directive were not skipped as expected. thanks Lanshun Zhou for the patch.
  • feature: applied the invalid_referer_hash patch to the Nginx core to make the $invalid_referer variable accessible in embedded dynamic languages like Perl and Lua. thanks Fry-kun for requesting this.
  • updated the dtrace patch for the Nginx core.
    • print out more info about the Nginx in-file bufs in the tapset function ngx_chain_dump.

Mainline Version 1.2.8.3 - 13 May 2013

  • applied the official patch for the nginx core to address the recent nginx security vulnerability CVE-2013-2070.

Mainline Version 1.2.8.1 - 26 April 2013