Hi all!
I've just kicked out OpenResty 1.7.4.1 RC1 for testing:
http://openresty.org/download/ngx_openresty-1.7.4.1rc1.tar.gz
The highlights of this release are 1) SSL/TLS cosocket support in
ngx_lua, and 2) SSL support in lua-resty-mysql.
Changes since the last (formal) release, 1.7.2.1:
* upgraded the Nginx core to 1.7.4.
* see the changes here: <http://nginx.org/en/CHANGES>
* optimize: now we use the C compiler option "-O2" for everything
by default (we used to use "-O1" which is too conservative).
* upgraded PostgresNginxModule to 1.0rc4.
* bugfix: segmentation fault might happen in
"ngx_destroy_pool" when debug logging was enabled in the
nginx build. thanks buddy-ekb for the report.
* upgraded the ngx_echo module to 0.55.
* bugfix: reading $echo_client_request_headers would return
garbled data when LF instead of CRLF is used as the line
terminator in the original header.
* bugfix: reading $echo_client_request_headers could lead to
buffer overflow due to misuse of "r->header_end" while
modules like ngx_fastcgi and ngx_proxy can change
"r->header_end" to point to buffers of their own.
* upgraded the ngx_form_input module to 0.10.
* bugfix: "pcre_exec -2" error might happen when the standard
"if" directive is used to test the empty value nginx
variables set by this module with a regex. (Jiale)
* bugfix: we incorrectly overrode "r->read_event_handler" with
"ngx_http_request_empty_handler" in our "post read" callback
for client request body reading, which could waste CPU time
in level-triggered event models like poll and select. thanks
chen for the catch.
* upgraded SetMiscNginxModule 0.25.
* change: set_escape_uri: use uppercase hexadecimal digits for
percent-encoding as per RFC 3986. thanks splitice for the
original patch.
* bugfix: fixed source and test files' permission. they should
not be executable at all. thanks Christos Kontas for the
report.
* upgraded LuaJIT to v2.1-20140805:
https://github.com/openresty/luajit2/tags
* imported Mike Pall's latest bug fixes:
* FFI: Fix "__index"/"__newindex" metamethod resolution
for ctypes.
* Invalidate backpropagation cache after DCE.
* upgraded the ngx_lua module to 0.9.11.
* feature: implemented the SSL/TLS cosocket API.
* added new method sslhandshake() to the stream-typed
cosocket objects.
* added new configuration directives
lua_ssl_trusted_certificate, lua_ssl_verify_depth,
lua_ssl_crl, lua_ssl_protocols, and lua_ssl_ciphers.
thanks aviramc for the original patch.
* feature: the standard coroutine API is now enabled in the
context of header_filter_by_lua* and body_filter_by_lua*.
thanks ngo for the request.
* feature: for content/rewrite/access_by_lua_file directives,
we now return 404 status code instead of 500 in case that
the specified .lua file cannot be opened. thanks Sam Lee for
the suggestion.
* feature: added pure C API function for FFI-based
implementation of reading ngx.header.HEADER.
* feature: now we also explicitly check the Lua ABI/language
version in our feature test of the "./configure" phase for a
usable Lua lib.
* feature: added pure C API functions for FFI-based
implementations of ngx.worker.pid() and
ngx.worker.exiting().
* bugfix: ngx.req.raw_header() could lead to buffer overflow
and the "userdata length overflow" error due to misuse of
"r->header_end" while modules like ngx_fastcgi and ngx_proxy
can change "r->header_end" to point to buffers of their own.
thanks sadmedved for the report.
* bugfix: ngx.req.raw_header() would return garbled data when
LF instead of CRLF is used as the line terminator in the
original header.
* bugfix: body_filter_by_lua*: reading "ngx.arg[1]" after
clearing "ngx.arg[1]" (by assigning nil or "") could lead to
segmentation faults. this regression had appeared in
v0.9.10. thanks Jason Stangroome for the report.
* bugfix: init_worker_by_lua* would conflict with some other
nginx C modules (like ngx_proxy) when their "merge_loc_conf"
callbacks (or alike) produce side-effects in "cf->cycle".
thanks Ruoshan Huang for the report.
* bugfix: stream-typed cosocket might read uninitialized
memory bytes when logging errors due to sending to or
receiving from a closed socket.
* bugfix: the stream-typed and datagram-typed cosockets'
resolver handler did not handle some special errors
correctly.
* bugfix: ngx.resp.get_headers(): sometimes we might omit the
builtin-headers Content-Type, Content-Length, Connection,
and Transfer-Encoding. thanks Jon Keys for the report.
* bugfix: ngx.req.socket(true): it incrrectly returned the
error "chunked request bodies not supported yet" for raw
request sockets with chunked request bodies. thanks Xiaofei
Yang for the report.
* bugfix: we did not check allocation failures while compiling
the pattern for tcpsock:receiveuntil(). thanks Tatsuhiko
Kubo for the patch.
* bugfix: we did not use "lua_checkstack()" to prevent Lua
stack overflow in our own C-land Lua backtrace generator.
* bugfix: fixed an incorrect error message. thanks aviramc for
the patch.
* bugfix: for statically linked LuaJIT, we need to pass "-ldl"
to the linker. thanks cf2012 for the report.
* optimize: we now cache the userdata metatable (for the
"__gc" metamethod) in the lua registry for both the
stream-typed datagram-typed cosockets.
* optimize: reading ngx.header.HEADER: eliminated dynamic
allocations and data copying when there is no need to
ransform "_" to "-" in the header name.
* change: ngx.escape_uri() now uses uppercase hexadecimal
digits for percent-encoding according to the recommendation
in RFC 3986. thanks Piotr Sikora for the suggestion.
* change: use the type "ngx_http_lua_ffi_str_t" instead of
"ngx_str_t" in the pure C API function
"ngx_http_lua_ffi_req_get_headers".
* change: renamed the C macro "NGX_HTTP_LUA_NO_FFI_API" to
"NGX_LUA_NO_FFI_API".
* style: various coding style fixes and minor optimizations
from Tatsuhiko Kubo.
* doc: documented the behavior of init_by_lua* when
lua_code_cache is off.
* doc: fixed a wrong statement regarding "require()" in the
"Lua Variable Scope" section. thanks Hungpu DU for the
report.
* doc: more clarification in the docs for the "res.truncated"
flag returned by ngx.location.capture(). thanks Jon Keys for
asking.
* doc: added missing method name "get_keys" under
"ngx.shared.DICT" and also fixed the method order. thanks
George Bashi for the patch.
* doc: markdown: fixed the "Back to TOC" links for the
sections ("Nginx API for Lua" and "Directives") with inlined
TOC. thanks Pierre-Yves Gérardy and Simon Eskildsen for the
reports.
* doc: improved the wording in the "Lua Coroutine
Yielding/Resuming" section. thanks Hungpu DU for the report.
* doc: improved the wording of the documentation for
ngx.req.clear_header() to prevent ambiguity. thanks
Christophe-Marie Duquesne for the report.
* upgraded the lua-resty-core library to 0.0.9.
* feature: implemented the reading part of ngx.header.HEADER
with FFI.
* feature: implemented ngx.worker.pid() and
ngx.worker.exiting() with FFI.
* upgraded the lua-resty-upstream-healthcheck library to 0.03.
* optimize: timers in different nginx worker processes can go
out of phase as time goes, resulting in duplicate test
requests from different workers in the same check interval.
thanks fancyrabbit for the report and fix.
* upgraded LuaRestyWebSocketLibrary to 0.04.
* feature: resty.websocket.client: added support for the
"origin" option to specify the value of the "Origin" request
header. thanks woo for the original patch.
* bugfix: resty.websocket.client: connection pooling was
broken due to duplicate websocket handshakes. thanks woo for
the patch.
* bugfix: fixed the "Sec-WebSocket-Protocol" header when the
secondary protocols are specified. thanks woo for the
report.
* doc: typo fixes from Laurent Arnoud.
* upgraded the lua-resty-dns library to 0.13.
* bugfix: we did not parse the character-strings in the "TXT"
record data. thanks Kevin Ingersoll for the report.
* upgraded LuaRestyMySQLLibrary to 0.15.
* feature: added new boolean-value options "ssl" and
"ssl_verify" to the connect() method connecting to MySQL via
SSL.
You're very welcome to try out this RC release on your side. Any
feedback will be highly appreciated. Thank you!
Enjoy!
-agentzh