.
There were several variants of this (diff file attached) which either
leaked tempfiles or broke proxy_no_cache.
On Fri, Jan 31, 2025 at 11:36 AM Maxim Dounin wrote:
> Hello!
>
> On Thu, Jan 30, 2025 at 11:01:32AM +0200, Clima Gabriel wrote:
>
> > Hello Maxim,
> > Hope thi
Hello Maxim,
Hope this helps.
We encounter disk failures fairly often and what the kernel will do most of
the time is re-mount the disk as read-only.
What I did was add this check which checks if the disk is healthy before
hand and executes the proxy_no_cache path if it is.
It doesn't cover all the
If your Nginx is compiled with debug symbols you may see some useful info
`perf top`
On Mon, Aug 12, 2024, 6:24 PM Brad Patton wrote:
> Hi all,
>
> About 2 months ago the CPU usage on 1 of our servers started going crazy.
> All of a sudden, Nginx itself started using about 6x the CPU power to se
>
> On Thu, 7 Mar 2024 08:17:23 +0200
> Clima Gabriel wrote:
>
> > Greetings,
> > I'm investigating a bug, super easy to reproduce.
> > Thought you might be curious.
> >
> > Minimal Nginx config. Create two files. 100M and 1M:
> > dd if=/dev/zer
Greetings,
I'm investigating a bug, super easy to reproduce.
Thought you might be curious.
Minimal Nginx config. Create two files. 100M and 1M:
dd if=/dev/zero of=/var/www/file100M bs=100M count=1
dd if=/dev/zero of=/var/www/file1M bs=1M count=1
Get them files:
curl --limit-rate 10M -o /dev/nul
Thanks you
On Fri, Feb 9, 2024 at 1:58 PM Roman Arutyunyan wrote:
> Hi Gabriel,
>
> On Wed, Feb 07, 2024 at 03:34:42PM +0200, Clima Gabriel wrote:
> > Hello Roman,
> > Thank you. Noted about the mailing list.
> >
> >
> > My function will be called f
y which has no tlsext support,
"
"therefore SNI is not available");
}
#endif
./src/http/modules/ngx_http_ssl_module.c
Regards,
Gabriel
On Wed, Feb 7, 2024 at 11:29 AM Roman Arutyunyan wrote:
> Hi,
>
> On Mon, Feb 05, 2024 at 11:24:39PM +0200, Clima Gabriel
Hello everyone,
(the code is probably clearer and attached below)
This function modifies what ngx_connection_t->data points to.
ngx_connection_t->data is initially *ngx_http_connection_t.
The *ngx_http_connection_t is assigned to
ngx_http_v3_session_t->http_connection
And the *ngx_http_v3_session_
Greetings fellow nginx-devs,
It looks to me as if an attacker could force the server to use up a large
amount of resources doing ngx_http_regex_exec if the server were to be
configured with a relatively large number of regex server_names.
I would appreciate any ideas on the topic, especially sugges
Hello Maxim,
You're right.
Disabling the ssl-ja3 module was sufficient to stop the segfaults.
Thanks!
On Fri, Dec 22, 2023 at 4:14 PM Maxim Dounin wrote:
> Hello!
>
> On Fri, Dec 22, 2023 at 11:59:22AM +0200, Clima Gabriel wrote:
>
> > Thanks.
> > I ended up using
21, 2023 at 5:03 PM Jeffrey Walton wrote:
> On Thu, Dec 21, 2023 at 7:35 AM Clima Gabriel
> wrote:
> >
> > Hello everyone,
> >
> > My Nginx worker process has frequent segfaults on this codepath.
> (ngx_quic_create_stream)
> > Here are some observations I h
Hello everyone,
My Nginx worker process has frequent segfaults on this codepath.
(ngx_quic_create_stream)
Here are some observations I have made so far.
1. The faults happen with tcmalloc and malloc so this is not the issue.
2. master_process is on
3. 1 worker is enough
4. HTTP3 requests need to c
12 matches
Mail list logo
