import UBI nginx-1.20.1-16.el9_4.1
This commit is contained in:
parent
048005a173
commit
911945c717
@ -18,6 +18,7 @@ low tolerance to flooding attempts.
|
||||
src/http/v2/ngx_http_v2.h | 2 ++
|
||||
2 files changed, 17 insertions(+)
|
||||
|
||||
|
||||
diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c
|
||||
index 3611a2e..291677a 100644
|
||||
--- a/src/http/v2/ngx_http_v2.c
|
||||
@ -71,6 +72,3 @@ index 3492297..6a7aaa6 100644
|
||||
ngx_uint_t priority_limit;
|
||||
|
||||
ngx_uint_t pushing;
|
||||
--
|
||||
2.31.1
|
||||
|
||||
|
183
SOURCES/0009-Optimized-chain-link-usage.patch
Normal file
183
SOURCES/0009-Optimized-chain-link-usage.patch
Normal file
@ -0,0 +1,183 @@
|
||||
From f3bcc0bcfb6eda3f4874fe2531d546ba724c518c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Lubo=C5=A1=20Uhliarik?= <luhliari@redhat.com>
|
||||
Date: Wed, 12 Jun 2024 12:49:28 +0200
|
||||
Subject: [PATCH] Optimized chain link usage
|
||||
|
||||
Previously chain links could sometimes be dropped instead of being reused,
|
||||
which could result in increased memory consumption during long requests.
|
||||
---
|
||||
src/core/ngx_output_chain.c | 10 ++++++++--
|
||||
src/http/modules/ngx_http_grpc_module.c | 5 ++++-
|
||||
.../modules/ngx_http_gunzip_filter_module.c | 18 ++++++++++++++----
|
||||
src/http/modules/ngx_http_gzip_filter_module.c | 10 +++++++---
|
||||
src/http/modules/ngx_http_ssi_filter_module.c | 8 ++++++--
|
||||
src/http/modules/ngx_http_sub_filter_module.c | 8 ++++++--
|
||||
6 files changed, 45 insertions(+), 14 deletions(-)
|
||||
|
||||
diff --git a/src/core/ngx_output_chain.c b/src/core/ngx_output_chain.c
|
||||
index 5c3dbe8..4aa1b02 100644
|
||||
--- a/src/core/ngx_output_chain.c
|
||||
+++ b/src/core/ngx_output_chain.c
|
||||
@@ -121,7 +121,10 @@ ngx_output_chain(ngx_output_chain_ctx_t *ctx, ngx_chain_t *in)
|
||||
|
||||
ngx_debug_point();
|
||||
|
||||
- ctx->in = ctx->in->next;
|
||||
+ cl = ctx->in;
|
||||
+ ctx->in = cl->next;
|
||||
+
|
||||
+ ngx_free_chain(ctx->pool, cl);
|
||||
|
||||
continue;
|
||||
}
|
||||
@@ -207,7 +210,10 @@ ngx_output_chain(ngx_output_chain_ctx_t *ctx, ngx_chain_t *in)
|
||||
/* delete the completed buf from the ctx->in chain */
|
||||
|
||||
if (ngx_buf_size(ctx->in->buf) == 0) {
|
||||
- ctx->in = ctx->in->next;
|
||||
+ cl = ctx->in;
|
||||
+ ctx->in = cl->next;
|
||||
+
|
||||
+ ngx_free_chain(ctx->pool, cl);
|
||||
}
|
||||
|
||||
cl = ngx_alloc_chain_link(ctx->pool);
|
||||
diff --git a/src/http/modules/ngx_http_grpc_module.c b/src/http/modules/ngx_http_grpc_module.c
|
||||
index 53bc547..9f13089 100644
|
||||
--- a/src/http/modules/ngx_http_grpc_module.c
|
||||
+++ b/src/http/modules/ngx_http_grpc_module.c
|
||||
@@ -1230,7 +1230,7 @@ ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in)
|
||||
ngx_buf_t *b;
|
||||
ngx_int_t rc;
|
||||
ngx_uint_t next, last;
|
||||
- ngx_chain_t *cl, *out, **ll;
|
||||
+ ngx_chain_t *cl, *out, *ln, **ll;
|
||||
ngx_http_upstream_t *u;
|
||||
ngx_http_grpc_ctx_t *ctx;
|
||||
ngx_http_grpc_frame_t *f;
|
||||
@@ -1458,7 +1458,10 @@ ngx_http_grpc_body_output_filter(void *data, ngx_chain_t *in)
|
||||
last = 1;
|
||||
}
|
||||
|
||||
+ ln = in;
|
||||
in = in->next;
|
||||
+
|
||||
+ ngx_free_chain(r->pool, ln);
|
||||
}
|
||||
|
||||
ctx->in = in;
|
||||
diff --git a/src/http/modules/ngx_http_gunzip_filter_module.c b/src/http/modules/ngx_http_gunzip_filter_module.c
|
||||
index c1341f5..5d170a1 100644
|
||||
--- a/src/http/modules/ngx_http_gunzip_filter_module.c
|
||||
+++ b/src/http/modules/ngx_http_gunzip_filter_module.c
|
||||
@@ -333,6 +333,8 @@ static ngx_int_t
|
||||
ngx_http_gunzip_filter_add_data(ngx_http_request_t *r,
|
||||
ngx_http_gunzip_ctx_t *ctx)
|
||||
{
|
||||
+ ngx_chain_t *cl;
|
||||
+
|
||||
if (ctx->zstream.avail_in || ctx->flush != Z_NO_FLUSH || ctx->redo) {
|
||||
return NGX_OK;
|
||||
}
|
||||
@@ -344,8 +346,11 @@ ngx_http_gunzip_filter_add_data(ngx_http_request_t *r,
|
||||
return NGX_DECLINED;
|
||||
}
|
||||
|
||||
- ctx->in_buf = ctx->in->buf;
|
||||
- ctx->in = ctx->in->next;
|
||||
+ cl = ctx->in;
|
||||
+ ctx->in_buf = cl->buf;
|
||||
+ ctx->in = cl->next;
|
||||
+
|
||||
+ ngx_free_chain(r->pool, cl);
|
||||
|
||||
ctx->zstream.next_in = ctx->in_buf->pos;
|
||||
ctx->zstream.avail_in = ctx->in_buf->last - ctx->in_buf->pos;
|
||||
@@ -374,6 +379,7 @@ static ngx_int_t
|
||||
ngx_http_gunzip_filter_get_buf(ngx_http_request_t *r,
|
||||
ngx_http_gunzip_ctx_t *ctx)
|
||||
{
|
||||
+ ngx_chain_t *cl;
|
||||
ngx_http_gunzip_conf_t *conf;
|
||||
|
||||
if (ctx->zstream.avail_out) {
|
||||
@@ -383,8 +389,12 @@ ngx_http_gunzip_filter_get_buf(ngx_http_request_t *r,
|
||||
conf = ngx_http_get_module_loc_conf(r, ngx_http_gunzip_filter_module);
|
||||
|
||||
if (ctx->free) {
|
||||
- ctx->out_buf = ctx->free->buf;
|
||||
- ctx->free = ctx->free->next;
|
||||
+
|
||||
+ cl = ctx->free;
|
||||
+ ctx->out_buf = cl->buf;
|
||||
+ ctx->free = cl->next;
|
||||
+
|
||||
+ ngx_free_chain(r->pool, cl);
|
||||
|
||||
ctx->out_buf->flush = 0;
|
||||
|
||||
diff --git a/src/http/modules/ngx_http_gzip_filter_module.c b/src/http/modules/ngx_http_gzip_filter_module.c
|
||||
index b8c5ccc..1d17a6d 100644
|
||||
--- a/src/http/modules/ngx_http_gzip_filter_module.c
|
||||
+++ b/src/http/modules/ngx_http_gzip_filter_module.c
|
||||
@@ -978,10 +978,14 @@ static void
|
||||
ngx_http_gzip_filter_free_copy_buf(ngx_http_request_t *r,
|
||||
ngx_http_gzip_ctx_t *ctx)
|
||||
{
|
||||
- ngx_chain_t *cl;
|
||||
+ ngx_chain_t *cl, *ln;
|
||||
+
|
||||
+ for (cl = ctx->copied; cl; /* void */) {
|
||||
+ ln = cl;
|
||||
+ cl = cl->next;
|
||||
|
||||
- for (cl = ctx->copied; cl; cl = cl->next) {
|
||||
- ngx_pfree(r->pool, cl->buf->start);
|
||||
+ ngx_pfree(r->pool, ln->buf->start);
|
||||
+ ngx_free_chain(r->pool, ln);
|
||||
}
|
||||
|
||||
ctx->copied = NULL;
|
||||
diff --git a/src/http/modules/ngx_http_ssi_filter_module.c b/src/http/modules/ngx_http_ssi_filter_module.c
|
||||
index 6737965..a55f6e5 100644
|
||||
--- a/src/http/modules/ngx_http_ssi_filter_module.c
|
||||
+++ b/src/http/modules/ngx_http_ssi_filter_module.c
|
||||
@@ -455,9 +455,13 @@ ngx_http_ssi_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
|
||||
while (ctx->in || ctx->buf) {
|
||||
|
||||
if (ctx->buf == NULL) {
|
||||
- ctx->buf = ctx->in->buf;
|
||||
- ctx->in = ctx->in->next;
|
||||
+
|
||||
+ cl = ctx->in;
|
||||
+ ctx->buf = cl->buf;
|
||||
+ ctx->in = cl->next;
|
||||
ctx->pos = ctx->buf->pos;
|
||||
+
|
||||
+ ngx_free_chain(r->pool, cl);
|
||||
}
|
||||
|
||||
if (ctx->state == ssi_start_state) {
|
||||
diff --git a/src/http/modules/ngx_http_sub_filter_module.c b/src/http/modules/ngx_http_sub_filter_module.c
|
||||
index 6d3de59..456bb27 100644
|
||||
--- a/src/http/modules/ngx_http_sub_filter_module.c
|
||||
+++ b/src/http/modules/ngx_http_sub_filter_module.c
|
||||
@@ -335,9 +335,13 @@ ngx_http_sub_body_filter(ngx_http_request_t *r, ngx_chain_t *in)
|
||||
while (ctx->in || ctx->buf) {
|
||||
|
||||
if (ctx->buf == NULL) {
|
||||
- ctx->buf = ctx->in->buf;
|
||||
- ctx->in = ctx->in->next;
|
||||
+
|
||||
+ cl = ctx->in;
|
||||
+ ctx->buf = cl->buf;
|
||||
+ ctx->in = cl->next;
|
||||
ctx->pos = ctx->buf->pos;
|
||||
+
|
||||
+ ngx_free_chain(r->pool, cl);
|
||||
}
|
||||
|
||||
if (ctx->buf->flush || ctx->buf->recycled) {
|
||||
--
|
||||
2.44.0
|
||||
|
@ -41,7 +41,7 @@
|
||||
Name: nginx
|
||||
Epoch: 1
|
||||
Version: 1.20.1
|
||||
Release: 14%{?dist}.1
|
||||
Release: 16%{?dist}.1
|
||||
|
||||
Summary: A high performance web server and reverse proxy server
|
||||
# BSD License (two clause)
|
||||
@ -91,9 +91,12 @@ Patch5: 0006-Fix-ALPACA-security-issue.patch
|
||||
# downstream patch for RHEL - https://bugzilla.redhat.com/show_bug.cgi?id=2028781
|
||||
Patch6: 0007-Enable-TLSv1.3-by-default.patch
|
||||
|
||||
# security fix - https://issues.redhat.com/browse/RHEL-12516
|
||||
# security patch - https://issues.redhat.com/browse/RHEL-12518
|
||||
Patch7: 0008-CVE-2023-44487-HTTP-2-per-iteration-stream-handling.patch
|
||||
|
||||
# upstream patch - https://issues.redhat.com/browse/RHEL-40075
|
||||
Patch8: 0009-Optimized-chain-link-usage.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc
|
||||
BuildRequires: gnupg2
|
||||
@ -605,9 +608,12 @@ fi
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed Oct 11 2023 Luboš Uhliarik <luhliari@redhat.com> - 1:1.20.1-14.1
|
||||
- Resolves: RHEL-12516 - nginx: HTTP/2: Multiple HTTP/2 enabled web
|
||||
servers are vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
|
||||
* Tue Jul 16 2024 Luboš Uhliarik <luhliari@redhat.com> - 1:1.20.1-16.1
|
||||
- Resolves: RHEL-48791 - nginx worker processes memory leak
|
||||
|
||||
* Mon Oct 16 2023 Luboš Uhliarik <luhliari@redhat.com> - 1:1.20.1-16
|
||||
- Resolves: RHEL-12518 - nginx: HTTP/2: Multiple HTTP/2 enabled web servers are
|
||||
vulnerable to a DDoS attack (Rapid Reset Attack) (CVE-2023-44487)
|
||||
|
||||
* Thu Nov 24 2022 Luboš Uhliarik <luhliari@redhat.com> - 1:1.20.1-14
|
||||
- Resolves: #2086527 - Fix logrotate config and nginx log dir permissions
|
||||
|
Loading…
Reference in New Issue
Block a user