3rd party module move: nginx-openssl-version

This is about a third-party module: nginx-openssl-version and its sudden new home. Back when HeartBleed struck, I wrote an nginx module to provide for configuration to be able to specify a minimum acceptable version of the OpenSSL library and turn non-matches into fatal configuration errors, tradi

New module: Nginx OpenSSL version check

wing which file was _actually_ mmap'd into your address space. Like many others, my Monday night was _fun_. Regards, and may you sleep more soundly, -Phil Pennock, Apcera Inc. ___ nginx mailing list nginx@nginx.org http://mailman.nginx.org/mailman

Re: Worker process is not getting killed , when master is killed using -9

On 2013-08-08 at 06:29 +, Vivek Goel wrote: > I am facing one problem with nginx. I am waiting for nginx to stop withing > 30 seconds. If it is not getting stopped, I am firing command to kill > master process using > pkill -9 > > But, Killing master is not killing the worker process. Due to

Re: GPG error on Nginx repository - NO_PUBKEY

On 2013-06-27 at 11:41 -0400, B.R. wrote: > The Nginx website's page on Linux > packages provides you with the key file address: > http://nginx.org/en/linux_packages.html You mean: http://nginx.org/keys/nginx_signing.key (And if you import a file retrie

Re: Mail proxy with SNI

On 2013-03-30 at 02:24 +0400, Valentin V. Bartenev wrote: > On Saturday 30 March 2013 01:30:21 lblankers wrote: > > I would like to use nginx 1.2.1 with TLS SNI support to proxy SMTP > > submission for several different domains over SSL. I would expect that if I > > configure multiple servers with

Re: SPDY68 / POST to proxy / nginx worker segfault

On 2013-03-13 at 03:14 +0400, Valentin V. Bartenev wrote: > Thank you for the report. This issue should be fixed now in: > http://nginx.org/patches/spdy/patch.spdy-69_1.3.14.txt Fix confirmed, works for me. Thanks for the prompt fix! -Phil ___ nginx ma

SPDY68 / POST to proxy / nginx worker segfault

nginx 1.3.14, SPDY patch version 68. Sitting in front of a PGP keyserver, with configuration as below, if I have "spdy" on the "listen" lines, then Chrome gets an error for no data returned and I get errors in errorlog: 2013/03/12 18:08:43 [alert] 8546#0: worker process 8815 exited on signal 11 2

Re: nginx/KQUEUE+SPDY breaks proxy_ignore_client_abort

On 2013-03-05 at 19:33 +0400, Valentin V. Bartenev wrote: > Done. > > http://nginx.org/patches/spdy/patch.spdy-66_1.3.14.txt Thanks; I deployed this a day and a half ago; I could no longer trigger the conneciton drops from another box on the same network, where I could do so fairly reliably befor

Re: nginx mailing-list and sender filtering (vs BATV)

On 2013-03-03 at 02:11 +0400, Maxim Dounin wrote: > You probably didn't understand the problem deep enough: content I'm one of the maintainers of the MTA which runs a plurality of the MTA installs out there. Of course, I have crazy days and moments of pure stupidity, but in general I have a dece

nginx mailing-list and sender filtering (vs BATV)

On 2013-03-01 at 17:12 +0400, Maxim Dounin wrote: > On Fri, Mar 01, 2013 at 03:22:51AM -0500, Phil Pennock wrote: > > PS: nginx mail-server configuration is broken; it's checking SMTP Envelope > > Sender against the subscription list, not the RFC5322.From: header, so >

nginx/KQUEUE+SPDY breaks proxy_ignore_client_abort

[fixed Subject: to help others with issue track it] On 2013-03-01 at 17:12 +0400, Maxim Dounin wrote: > It looks like you are running nginx with experimental SPDY patch, > and it broke things here. Try recompiling nginx without SPDY > patch to see if it helps. That fixed things, thank you. So

nginx/KQUEUE breaks proxy_ignore_client_abort

Folks, If nginx is built on FreeBSD, "proxy_ignore_client_abort on;" has no/little effect, because TCP half-closes cause a connection drop even if not speaking to a proxy backend. Situation: PGP clients talk to PGP keyservers using the HKP protocol, which is a very light layer over HTTP. In GnuP