Skip to content
Snippets Groups Projects
  1. Nov 19, 2013
  2. Nov 18, 2013
    • Maxim Dounin's avatar
      Upstream: cache revalidation with conditional requests. · 1ac2693a
      Maxim Dounin authored
      The following new directives are introduced: proxy_cache_revalidate,
      fastcgi_cache_revalidate, scgi_cache_revalidate, uwsgi_cache_revalidate.
      Default is off.  When set to on, they enable cache revalidation using
      conditional requests with If-Modified-Since for expired cache items.
      
      As of now, no attempts are made to merge headers given in a 304 response
      during cache revalidation with headers previously stored in a cache item.
      Headers in a 304 response are only used to calculate new validity time
      of a cache item.
      1ac2693a
  3. Nov 11, 2013
  4. Nov 05, 2013
  5. Oct 31, 2013
  6. Oct 28, 2013
  7. Oct 31, 2013
  8. Oct 24, 2013
  9. Oct 21, 2013
  10. Oct 18, 2013
  11. Oct 11, 2013
    • Piotr Sikora's avatar
      SSL: added ability to set keys used for Session Tickets (RFC5077). · 79be6a54
      Piotr Sikora authored
      
      In order to support key rollover, ssl_session_ticket_key can be defined
      multiple times. The first key will be used to issue and resume Session
      Tickets, while the rest will be used only to resume them.
      
          ssl_session_ticket_key  session_tickets/current.key;
          ssl_session_ticket_key  session_tickets/prev-1h.key;
          ssl_session_ticket_key  session_tickets/prev-2h.key;
      
      Please note that nginx supports Session Tickets even without explicit
      configuration of the keys and this feature should be only used in setups
      where SSL traffic is distributed across multiple nginx servers.
      
      Signed-off-by: default avatarPiotr Sikora <piotr@cloudflare.com>
      79be6a54
  12. Oct 14, 2013
    • Maxim Dounin's avatar
      SSL: SSL_CTX_set_timeout() now always called. · a8ad0c02
      Maxim Dounin authored
      The timeout set is used by OpenSSL as a hint for clients in TLS Session
      Tickets.  Previous code resulted in a default timeout (5m) used for TLS
      Sessions Tickets if there was no session cache configured.
      
      Prodded by Piotr Sikora.
      a8ad0c02
    • Maxim Dounin's avatar
      SSL: fixed build with OpenSSL 0.9.7. · 87a607a0
      Maxim Dounin authored
      SSL_get_rbio() and SSL_get_wbio() functions used to get non-const pointer
      in OpenSSL 0.9.7, hence an explicit cast added to drop const qualifier.
      87a607a0
  13. Oct 02, 2013
  14. Oct 01, 2013
  15. Sep 30, 2013
  16. Sep 27, 2013