profile
viewpoint
Yichun Zhang agentzh OpenResty Inc. San Francisco Bay Area http://agentzh.org The Creator of OpenResty, Founder & CEO of OpenResty Inc.

agentzh/code2ebook 848

Generate pretty ebooks in various formats from source trees in various programming languages

agentzh/chunkin-nginx-module 90

HTTP 1.1 chunked-encoding request body support for Nginx

agentzh/cheater 71

A tool and a language that help generating random complex database instance based on predefined rules

agentzh/amazon-polly-batch 59

Convert large plain text files to MP3 files via Amazon Polly

agentzh/lua-resty-multipart-parser 35

Simple multipart data parser for OpenResty/Lua

agentzh/dns-nginx-module 19

Nginx non-blocking module for talking to DNS name servers directly

agentzh/lua-php-utils 18

PHP-style utility functions for LuaJIT applications

agentzh/aho-corasick-lua 12

Lua implementation of the Aho-Corasick string matching algorithm

agentzh/lua-resty-http 12

Lua HTTP client cosocket driver for OpenResty / ngx_lua.

agentzh/makefile-graphviz-pm 12

Perl CPAN module Makefile::GraphViz - Draw building flowcharts from Makefiles using GraphViz

Pull request review commentopenresty/lua-nginx-module

bugfix: ensured arguments of APIs mutating uri or request/response headers do not contain unsafe characters.

 ngx_http_lua_ngx_req_set_uri(lua_State *L)     return 0; } ++static ngx_inline size_t+ngx_http_lua_safe_uri_len(u_char *str, size_t len)+{+    size_t i;++                    /* %00-%1F, " ", %7F */++    static uint32_t unsafe[] = {+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */++                    /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */+        0x00000001, /* 0000 0000 0000 0000  0000 0000 0000 0001 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */++                    /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */+        0x80000000, /* 1000 0000 0000 0000  0000 0000 0000 0000 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000  /* 0000 0000 0000 0000  0000 0000 0000 0000 */+    };++    for (i = 0; i < len; i++, str++) {+        if (unsafe[*str >> 5] & (1 << (*str & 0x1f))) {+            return i;

Also need debug logging here to show the offensive byte.

doujiang24

comment created time in 30 minutes

Pull request review commentopenresty/lua-nginx-module

bugfix: ensured arguments of APIs mutating uri or request/response headers do not contain unsafe characters.

 ngx_http_lua_safe_header_value_len(u_char *str, size_t len) {     size_t i; +                    /* %00-%1F, %7F */++    static uint32_t unsafe[] = {+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0001 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */++                    /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */+        0x80000000, /* 1000 0000 0000 0000  0000 0000 0000 0000 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000  /* 0000 0000 0000 0000  0000 0000 0000 0000 */+    };+     for (i = 0; i < len; i++, str++) {-        if (*str == '\r' || *str == '\n') {+        if (unsafe[*str >> 5] & (1 << (*str & 0x1f))) {

Ditto. Let's cache the value of *str.

doujiang24

comment created time in 31 minutes

Pull request review commentopenresty/lua-nginx-module

bugfix: ensured arguments of APIs mutating uri or request/response headers do not contain unsafe characters.

 ngx_http_lua_ngx_req_set_uri(lua_State *L)     return 0; } ++static ngx_inline size_t+ngx_http_lua_safe_uri_len(u_char *str, size_t len)+{+    size_t i;++                    /* %00-%1F, " ", %7F */++    static uint32_t unsafe[] = {+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */++                    /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */+        0x00000001, /* 0000 0000 0000 0000  0000 0000 0000 0001 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */++                    /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */+        0x80000000, /* 1000 0000 0000 0000  0000 0000 0000 0000 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000  /* 0000 0000 0000 0000  0000 0000 0000 0000 */+    };++    for (i = 0; i < len; i++, str++) {+        if (unsafe[*str >> 5] & (1 << (*str & 0x1f))) {

For the best performance, let's cache the value of the expression *str into a local C variable like c here.

doujiang24

comment created time in 31 minutes

Pull request review commentopenresty/lua-nginx-module

bugfix: ensured arguments of APIs mutating uri or request/response headers do not contain unsafe characters.

 ngx_http_lua_ngx_req_set_uri(lua_State *L)     return 0; } ++static ngx_inline size_t+ngx_http_lua_safe_uri_len(u_char *str, size_t len)+{+    size_t i;++                    /* %00-%1F, " ", %7F */++    static uint32_t unsafe[] = {+        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */++                    /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */+        0x00000001, /* 0000 0000 0000 0000  0000 0000 0000 0001 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */++                    /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */+        0x80000000, /* 1000 0000 0000 0000  0000 0000 0000 0000 */++        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */+        0x00000000  /* 0000 0000 0000 0000  0000 0000 0000 0000 */+    };++    for (i = 0; i < len; i++, str++) {+        if (unsafe[*str >> 5] & (1 << (*str & 0x1f))) {+            return i;

I think it's safer to return (size_t) -1 here to indicate an error instead of do blind truncation. Blind truncation may still have security implications.

doujiang24

comment created time in 34 minutes

Pull request review commentopenresty/lua-nginx-module

bugfix: ensured arguments of APIs mutating uri or request/response headers do not contain unsafe characters.

 ngx_http_lua_set_input_header(ngx_http_request_t *r, ngx_str_t key,      dd("set header value: %.*s", (int) value.len, value.data); +    key.len = ngx_http_lua_safe_header_value_len(key.data, key.len);++    value.len = ngx_http_lua_safe_header_value_len(value.data, value.len);

Let's check if the return value is (size_t) -1. If yes, then return NGX_ERROR in this function.

doujiang24

comment created time in 33 minutes

Pull request review commentopenresty/lua-nginx-module

bugfix: ensured arguments of APIs mutating uri or request/response headers do not contain unsafe characters.

 ngx_http_lua_ngx_req_set_uri(lua_State *L)         return luaL_error(L, "attempt to use zero-length uri");     } +    len = ngx_http_lua_safe_uri_len(p, len);

Ditto. Let's check the return value if there is unsafe bytes, we should throw out a Lua exception.

doujiang24

comment created time in 32 minutes

issue closedopenresty/openresty

Variables are shared between modules ?

image

why the count ariable is 0 forever ?

test2.lua `local mod2 = require("module2")

if mod2.count == 0 then ngx.say("count_in :",mod2.hello()) ngx.say("count :",mod2.count) else ngx.say("hello world") end `

module2.lua `local count = 0 local function hello() count = count + 1 return count end

local _M ={ hello = hello, count = count } return _M `

closed time in a day

wuchencm

issue commentopenresty/openresty

Variables are shared between modules ?

@wuchencm Because you never update the count field in the Lua module table (_M). You only upvalue the upvalue count (declared by local) for function hello. You seem to assume the line count = count establishes a reference relationship between these two count values, but it doesn't.

wuchencm

comment created time in a day

push eventopenresty/openresty.org

Yichun Zhang (agentzh)

commit sha d49abd0ab96b9d345bd925b6687e86f12dc35533

linux-packages: added official yum repos for centos 8 and fedora 31, as well as apt repos for ubuntu 19.10.

view details

push time in a day

PR closed openresty/openresty

Reviewers
Adding support for s390x builds

I hereby granted the copyright of the changes in this pull request to the authors of this openresty project. As Travis CI officially supports s390x builds, adding support for same.

+49 -1

2 comments

1 changed file

namrata-ibm

pr closed time in 3 days

pull request commentopenresty/openresty

Adding support for s390x builds

Rebased and merged. Thanks.

namrata-ibm

comment created time in 3 days

push eventopenresty/openresty

Namrata Bhave

commit sha 56bfefd625246ce4a69d3db537d2bd3cc288bb25

Adding support for s390x builds

view details

push time in 3 days

issue commentopenresty/lua-cjson

undefined symbol: lua_rotate

The biggest point of OpenResty is to avoid such things in the first place.

satscreate

comment created time in 3 days

issue commentopenresty/lua-cjson

undefined symbol: lua_rotate

@satscreate I said the easiest way is to use OpenResty directly. If you really want to compile lua-cjson yourself, you'll have to fiddle with the Makefile variables to point the header file path to OpenResty's LuaJIT header file directory.

satscreate

comment created time in 3 days

issue commentopenresty/openresty

Cannot add dynamic module into openresty - nginx

Hmm, this is a bug in nginx's build system that does not escape special characters in the value for the CFLAGS shell variable assignment. We need to work out a patch for it (cc @doujiang24 ). Thanks for the report.

satscreate

comment created time in 3 days

issue closedopenresty/openresty

Make fail for version v1.15.8.2

Due to simplresty-ngx_devel_kit-* not found

--2020-02-21 06:08:56--  https://github.com/simplresty/ngx_devel_kit/tarball/v0.3.1rc1
Resolving github.com (github.com)... 52.74.223.119
Connecting to github.com (github.com)|52.74.223.119|:443... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://github.com/vision5/ngx_devel_kit/tarball/v0.3.1rc1 [following]
--2020-02-21 06:08:56--  https://github.com/vision5/ngx_devel_kit/tarball/v0.3.1rc1
Reusing existing connection to github.com:443.
HTTP request sent, awaiting response... 302 Found
Location: https://codeload.github.com/vision5/ngx_devel_kit/legacy.tar.gz/v0.3.1rc1 [following]
--2020-02-21 06:08:57--  https://codeload.github.com/vision5/ngx_devel_kit/legacy.tar.gz/v0.3.1rc1
Resolving codeload.github.com (codeload.github.com)... 13.229.189.0
Connecting to codeload.github.com (codeload.github.com)|13.229.189.0|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [application/x-gzip]
Saving to: ‘ngx_devel_kit-0.3.1rc1.tar.gz’

    [ <=>                                                                                                                                                               ] 66,492      --.-K/s   in 0.004s  

2020-02-21 06:08:57 (15.2 MB/s) - ‘ngx_devel_kit-0.3.1rc1.tar.gz’ saved [66492]

mv: cannot stat ‘simplresty-ngx_devel_kit-*’: No such file or directory
make: *** [all] Error 1

closed time in 3 days

valpa

issue commentopenresty/openresty

Make fail for version v1.15.8.2

Fixed. Try again.

valpa

comment created time in 3 days

push eventopenresty/openresty

Yichun Zhang (agentzh)

commit sha a89a0a54b81e357dee9bd13667f98b287db8ca88

mirror-tarballs: we must remove any existing ngx_devel_kit* tarballs from local cache directories.

view details

push time in 3 days

issue closedopenresty/lua-cjson

undefined symbol: lua_rotate

I had done below steps, downloaded lua-cjson-2.1.0.7 from this repo,

make install
mkdir -p /usr/local/lib/lua/5.1
rm -f /usr/local/lib/lua/5.1/cjson.so
cp cjson.so /usr/local/lib/lua/5.1
chmod 755 /usr/local/lib/lua/5.1/cjson.so

Then, sudo systemctl restart nginx.service

Error:

2020/02/19 06:59:52 [error] 29524#29524: *1 lua entry thread aborted: runtime error: error loading module 'cjson' from file '/usr/local/lib/lua/5.1/cjson.so':
        /usr/local/lib/lua/5.1/cjson.so: undefined symbol: lua_rotate
stack traceback:
coroutine 0:
        [C]: in function 'require'

What am i missing!!!!

closed time in 5 days

satscreate

issue commentopenresty/lua-cjson

undefined symbol: lua_rotate

@satscreate Your cjson.so was compiled against the Lua 5.3 interpreter's header files I believe. You should try our OpenResty instead to avoid such things (lua-cjson is part of the OpenResty build):

https://openresty.org/en/download.html

satscreate

comment created time in 5 days

issue commentopenresty/lua-cjson

undefined symbol: lua_rotate

And there's no lua_rorate symbol in LuaJIT. It seems to be part of the Lua 5.3 ABI.

satscreate

comment created time in 5 days

issue commentopenresty/lua-cjson

undefined symbol: lua_rotate

Are you sure? This repo has no "lua_rotate" call at all on the master branch. You can try grepping the word "rotate" yourself.

satscreate

comment created time in 5 days

issue commentopenresty/lua-resty-core

nginx/lua-nginx-module/lua-resty-core compatibility matrix

We only publish good enough test reports to that site. We're still working on the 1.17.8.1 version. The best we have right now is

https://openresty.org/download/openresty-1.17.8.1rc0.tar.gz

Hsn723

comment created time in 6 days

issue commentopenresty/lua-resty-core

nginx/lua-nginx-module/lua-resty-core compatibility matrix

BTW, OpenResty 1.17.8.1 RC1 is around the corner with the latest Nginx 1.17.8 core. We already pushed out a preview version for it:

https://openresty.org/download/openresty-1.17.8.1rc0.tar.gz

Hsn723

comment created time in 6 days

issue closedopenresty/lua-resty-core

nginx/lua-nginx-module/lua-resty-core compatibility matrix

The Nginx compatibility section in lua-nginx-module indicates support for 1.17.x, however the Prerequisites section of lua-resty-core warns about potential compatibility issues if using incompatible library versions. Currently OpenResty is at Nginx core 1.15.x, and we'd like to use 1.17.x by building it with lua-nginx-module and lua-resty-core since starting with lua-nginx-module v0.10.16 lua-resty-core will apparently be mandatory.

Would it be possible to have some compatibility matrix between nginx, lua-nginx-module and lua-resty-core for people looking into building the latest themselves? Preferably stable versions.

closed time in 6 days

Hsn723

issue commentopenresty/lua-resty-core

nginx/lua-nginx-module/lua-resty-core compatibility matrix

@Hsn723 We cannot do the full matrix since we cannot test the matrix ourselves. It's just too big. We already have a big test matrix which takes huge amount of computing resources and time:

http://qa.openresty.org/

We highly recommend using our OpenResty releases. That's the only thing we test thoroughly and support fully. Other combinations are mostly at the user's own risk. And this is actually the whole point of OpenResty releases anyway. To solve the compatibility pain among so many components and libraries, at least to a good enough extend. Similarly, if one really wants to build their own Nginx, then they should look at the version combinations for those components in those OpenResty releases.

Hsn723

comment created time in 6 days

Pull request review commentopenresty/lua-nginx-module

improve: clearify the missing the closing long bracket may due to the lua code is too long.

 As noted earlier, PCRE sequences presented within <code>*_by_lua_block {}</code>     # evaluates to "1234" </geshi> +'''NOTE''' You are recommended to use `by_lua_file` when the lua code very long.

Ditto.

doujiang24

comment created time in 8 days

Pull request review commentopenresty/lua-nginx-module

improve: clearify the missing the closing long bracket may due to the lua code is too long.

 ngx_http_lua_conf_read_lua_token(ngx_conf_t *cf,     for ( ;; ) {          if (b->pos >= b->last-            || (b->last - b->pos < (b->end - b->start) / 3+            || (b->last - b->pos < (b->end - b->start) / 2

Like below.

doujiang24

comment created time in 8 days

Pull request review commentopenresty/lua-nginx-module

improve: clearify the missing the closing long bracket may due to the lua code is too long.

 As noted earlier, PCRE sequences presented within `*_by_lua_block {}` directives  # evaluates to "1234" ``` +**NOTE** You are recommended to use `by_lua_file` when there is a very long lua code.

Better be "... when the Lua code is very long".

doujiang24

comment created time in 8 days

Pull request review commentopenresty/lua-nginx-module

improve: clearify the missing the closing long bracket may due to the lua code is too long.

 ngx_http_lua_conf_read_lua_token(ngx_conf_t *cf,             }              if (len) {-                ngx_memcpy(b->start, b->pos, len);+                ngx_memmove(b->start, b->pos, len);

We should mention this fix in the commit log message.

doujiang24

comment created time in 8 days

Pull request review commentopenresty/lua-nginx-module

improve: clearify the missing the closing long bracket may due to the lua code is too long.

 ngx_http_lua_conf_read_lua_token(ngx_conf_t *cf,             if (q == NULL) {                 ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,                                    "Lua code block missing the closing "-                                   "long bracket \"%*s\"",+                                   "long bracket \"%*s\", "+                                   "probably too long lua code block",

Better be "(maybe the lua code is too long?)"

doujiang24

comment created time in 8 days

pull request commentopenresty/test-nginx

bugfix: ensured we do not remove some files when using HUP mode.

I'm worried that the html/ files created by earlier test cases may leave unwanted side effects to subsequent test cases. Maybe it's better to create a separate directory, say, sockets/ for unix domain socket files exclusively?

thibaultcha

comment created time in 11 days

issue commentopenresty/openresty

segfault in ngx_stream_lua_req_socket_rev_handler

@tfsdev Will you provide a minimal example that we can easily reproduce the crash? Thanks!

Also, it'll be great if you can try our 1.17.8.1 RC0 preview version on your side if it's still reproducible with the latest version of the code:

https://openresty.org/download/openresty-1.17.8.1rc0.tar.gz

tfsdev

comment created time in 12 days

issue commentopenresty/openresty

when can support centos 8

Yeah, it's on our TODO list. We'll take care of it soon. Thanks.

lebronjs

comment created time in 13 days

issue closedopenresty/lua-resty-redis

Redis 500 internal error

Hello,

Our websites have been randomly receiving this error /etc/nginx/lua/cache_update.lua:137: in main chunk, client: x.x.x.x, server: _, request: "GET / HTTP/1.1", host: "www.xxxx.com" that causes a 500 Internal Server Error in the website.

Here is the connection code:

local redis_connection_timeout = 100             
function connect_redis(red, host, auth)
  local redis_host = assert(host, "no redis host")
  local redis_port = 6379

  red:set_timeout(redis_connect_timeout)

  local ok, err = red:connect(redis_host, redis_port)

  if not ok then
    print("Redis connection error while connecting to redis: ", err)
    return false, err
  end
  return ok, err
end

Cache_update.lua code (line 137 calls the run() function):

...
some code here
...

function run()
  local update_skip = tonumber(ngx.var.cache_update_skip or "0")
  local skip_header = ngx.var.cache_skip_header or "X-Skip-Fetch"
  local header_skip = ngx.var["http_" .. skip_header:lower():gsub("-", "_")]

  -- Bail if skip header
  if header_skip or update_skip == 1 then return end

  local ttl = ttl(cache_key)

  -- Key is fresh, no action needed
  if ttl > stale_time then return end

  local cache_methods = ngx.var.cache_methods or "GET"
  local method = ngx.var.request_method

  -- Bail if method not cached
  if not cache_methods:find(method) then return end

  -- local fullurl = ngx.var.scheme .. "://" .. ngx.var.server_addr .. ":" .. ngx.var.server_port .. ngx.var.request_uri
  -- Use loopback
  local fullurl = "http://127.0.0.1:" .. ngx.var.server_port .. ngx.var.request_uri
  local lock_key = "cache.lock/" .. cache_key

  if ttl == -2 then
    -- expired
    -- sync request
    miss_request(http, fullurl, method, ngx.req.get_headers(), ngx.req.get_body_data(), skip_header, lock_key)
  else
    -- just stale
    -- async request to update cache
    update_cache(http, fullurl, method, ngx.req.get_headers(), ngx.req.get_body_data(), skip_header, lock_key, ttl)
  end
end

run()

I'm not completely sure what's going on since our ElasticCache redis instance is running with no issues, no high CPU or memory usage.

Environment: OpenResty version: 1.15.8.2 Kubernetes version: 1.15.3 OS image: Debian GNU/Linux 9 (stretch)

Any help is really appreciated.

closed time in 13 days

javierlga

issue commentopenresty/lua-resty-redis

Redis 500 internal error

@javierlga This error is documented in the official documentation in detail. It's your Lua code's usage mistake. Never share cosocket objects across different requests! They surely will have access conflicts.

javierlga

comment created time in 13 days

issue commentopenresty/lua-resty-redis

Redis 500 internal error

@javierlga Just check the error log messages corresponding to those 500 responses. It doesn't matter how you generate and collect your nginx error log data.

javierlga

comment created time in 14 days

issue commentopenresty/lua-resty-redis

Redis 500 internal error

@javierlga Every time you see a 500 error page, you should really check out your nginx's error log file for details.

javierlga

comment created time in 14 days

issue commentopenresty/openresty

Unable to use valid_referers if server_name is set by a env. variable

@venomone You can use the ngx.var API to fetch the Referer request header and then check it against the dynamic value you set. It should be trivial enough. Consult the ngx_lua manual for more details about these API functions and directives. I don't have the time to prepare example code for every open source user. Sorry. You may also ask in the openresty-en mailing list for further assistant for example. This place is for bug report only.

venomone

comment created time in 14 days

issue commentopenresty/lua-resty-redis

High concurrency throws runtime error: bad request

@rushi47 Please do not cross-post. It's annoying. Thanks for your cooperation.

lasrado

comment created time in 15 days

issue commentopenresty/lua-resty-redis

Bad Request : in function 'send'

@rushi47 Also, you called the connect() method in your top-level code, but it is never defined in your "eg-modules.redis_extended" module.

rushi47

comment created time in 15 days

issue commentopenresty/lua-resty-redis

Bad Request : in function 'send'

@rushi47 Your example is incomplete. We need something that we can directly run and reproduce the problem easily on our side. It's still not clear for example that how your Lua code snippets are run (in what contexts).

You are getting that error because the redis object was created in a different request context than the one using the redis object.

BTW, nginx has no coroutines. Coroutines are a Lua thing. Specifically OpenResty implements the "light thread" atop Lua's coroutines. What really matter here is "light threads".

rushi47

comment created time in 15 days

issue closedopenresty/openresty

Unable to use valid_referers if server_name is set by a env. variable

Hello,

im currently facing an issue, imagin the following nginx.conf:

env NGINX_SERVERNAMES;
...
server {
        set_by_lua $curr_server_name 'return os.getenv("NGINX_SERVERNAMES")';
        server_name $curr_server_name;
        valid_referers none blocked server_names;

i would expect that "server_names" is using server_name which i again load by a env. variable "env NGINX_SERVERNAMES;" but for some reason NGINX openresty/nginx returns the following error at the log:

2020/02/05 12:23:59 [emerg] 151#151: conflicting parameter "$curr_server_name" in /etc/nginx/nginx.conf:185

So how can i use valid_referers together with my server_name variable on openresty?

I also tryd the following:

valid_referers none blocked server_names $curr_server_name; valid_referers none blocked $curr_server_name;

Which is also not working as expected.

closed time in 15 days

venomone

issue commentopenresty/openresty

Unable to use valid_referers if server_name is set by a env. variable

@venomone Easy. For your purposes, you can just do the “Referer” request header check all in Lua, like, say, in rewrite_by_lua_block.

venomone

comment created time in 15 days

issue closedopenresty/headers-more-nginx-module

Build error

Its error /usr/bin/ld: objs/addon/src/ngx_http_headers_more_util.o: in function ngx_http_headers_more_parse_types': /tmp/build/openresty-1.15.8.2/../headers-more-nginx-module-master/src/ngx_http_headers_more_util.c:229: multiple definition ofngx_http_headers_more_parse_types'; objs/addon/src/ngx_http_headers_more_util.o:/tmp/build/openresty-1.15.8.2/../headers-more-nginx-module-master/src/ngx_http_headers_more_util.c:229: first defined here/usr/bin/ld: objs/addon/src/ngx_http_headers_more_util.o: in function ngx_http_headers_more_rm_header_helper': /tmp/build/openresty-1.15.8.2/../headers-more-nginx-module-master/src/ngx_http_headers_more_util.c:268: multiple definition ofngx_http_headers_more_rm_header_helper'; objs/addon/src/ngx_http_headers_more_util.o:/tmp/build/openresty-1.15.8.2/../headers-more-nginx-module-master/src/ngx_http_headers_more_util.c:268: first defined here collect2: error: ld returned 1 exit status make[2]: *** [objs/Makefile:512: objs/nginx] Error 1 make[2]: Leaving directory '/tmp/build/openresty-1.15.8.2/build/nginx-1.15.8' make[1]: *** [Makefile:8: build] Error 2 make[1]: Leaving directory '/tmp/build/openresty-1.15.8.2/build/nginx-1.15.8' make: *** [Makefile:9: all] Error 2

closed time in 15 days

khaiphan9x

issue commentopenresty/headers-more-nginx-module

Build error

@khaiphan9x OpenResty already ships with this headers more module. Why are you trying to add your own? That's why you are getting the error "multiple definition of ...", which clearly indicates duplications here.

khaiphan9x

comment created time in 15 days

issue commentopenresty/openresty

mysql should read max_allowed_packet from server

@chenbo72 Mind to contribute a pull request for that? But I still think we need a client-side hard limit to avoid malicious mysql servers from crashing the clients.

chenbo72

comment created time in 15 days

issue commentopenresty/lua-resty-core

nginx: [warn] lua_load_resty_core is deprecated (the lua-resty-core library is required since ngx_lua v0.10.16) in /usr/local/nginx/conf/nginx.conf:34 nginx: [alert] failed to load the 'resty.core' module (https://github.com/openresty/lua-resty-core); ensure you are using an OpenResty release from https://openresty.org/en/download.html (reason:

@mgltech You should follow the suggestion and use OpenResty instead. Otherwise you'll have to make sure the correct version of lua-resty-core is installed. The error message you provided already explains it well.

mgltech

comment created time in 15 days

issue commentopenresty/opm

opm failed to index package

@fffonion It might be caused by disk shortage at that time. I just tested a simple package uploading and it was indexed successfully. Will you please try again? Please let me know if the problem still persists. Thanks!

fffonion

comment created time in 15 days

issue closedopenresty/luajit2

error on exdata.lua

Hi,

I'm trying to install manually. However I keep getting error

nginx: [error] failed to run the Lua code for coroutine_api: 2: coroutine_api:2: module 'thread.exdata' not found:
        no field package.preload['thread.exdata']
        no file './thread/exdata.lua'
        no file '/usr/share/luajit-2.1.0-beta3/thread/exdata.lua'
        no file '/usr/local/share/lua/5.1/thread/exdata.lua'
        no file '/usr/local/share/lua/5.1/thread/exdata/init.lua'
        no file '/usr/share/lua/5.1/thread/exdata.lua'
        no file '/usr/share/lua/5.1/thread/exdata/init.lua'
        no file './thread/exdata.so'
        no file '/usr/local/lib/lua/5.1/thread/exdata.so'
        no file '/usr/lib/x86_64-linux-gnu/lua/5.1/thread/exdata.so'
        no file '/usr/local/lib/lua/5.1/loadall.so'
        no file './thread.so'
        no file '/usr/local/lib/lua/5.1/thread.so'
        no file '/usr/lib/x86_64-linux-gnu/lua/5.1/thread.so'
        no file '/usr/local/lib/lua/5.1/loadall.so'

Please kindly advice

closed time in 16 days

midorinet

issue commentopenresty/openresty

Unable to use valid_referers if server_name is set by a env. variable

@venomone It seems that you're having a directive running order issue. Do you know that set_by_lua always runs after server_name even if you put the former before the latter in the nginx.conf file?

venomone

comment created time in 18 days

issue commentopenresty/luajit2

error on exdata.lua

@midorinet Seems like you are not using our OpenResty's LuaJIT. Check the path of the libluajit so file actually loaded into your nginx server. BTW, it's highly recommended to use our OpenResty release tarballs and/or pre-built packages to avoid such things.

midorinet

comment created time in 18 days

push eventopenresty/openresty.org

Yichun Zhang (agentzh)

commit sha 933bee80c28307ca9ac62753c9653b2e146787b6

cn: added new blog post to News.

view details

push time in 19 days

push eventopenresty/openresty.org

Yichun Zhang (agentzh)

commit sha e46a2ed9224172f6b2d2e3f4a1fbfbbdd987c5dd

Resources: added links to our recent blog posts.

view details

Yichun Zhang (agentzh)

commit sha 91ef0ece37143f27ae63b7a4efd826391b80852d

added new blog post to News.

view details

push time in 20 days

push eventopenresty/openresty-systemtap-toolkit

Yichun Zhang (agentzh)

commit sha 45720e9c494932b7a88ecd113c6e6516db1059b9

doc: stated that this project is obsoleted by OpenResty XRay.

view details

push time in 23 days

push eventopenresty/openresty-gdb-utils

Yichun Zhang (agentzh)

commit sha 3742c4adbf3b4e08f83b4db960061f8cdfe595dc

doc: stated that this project is obsoleted by OpenResty XRay.

view details

push time in 23 days

push eventagentzh/perl-systemtap-toolkit

Yichun Zhang (agentzh)

commit sha f9dde7b2c068f7fcccf56d2189877d626860ff88

doc: stated that this project is obsoleted by OpenResty XRay.

view details

push time in 23 days

push eventopenresty/stapxx

Yichun Zhang (agentzh)

commit sha 35e548c8ed977d1609d3c45a26006acbf5cd80f7

doc: stated that this project is obsoleted by OpenResty XRay.

view details

push time in 23 days

issue commentopenresty/openresty

openresty-openssl SSL issue

@5x3 You can unpack and check the src deb package for your Linux distribution (you are using Debian Jessie?). Debian 7 is EOL BTW.

5x3

comment created time in 25 days

pull request commentopenresty/lua-cjson

Update integrated dtoa.c with improved multi-threaded performance

My hunch is that 3rd-party allocators should be enabled in an noninvasive way. There are many choices anyway. It makes our code cleaner.

exjesper

comment created time in 25 days

issue commentopenresty/openresty

openresty-openssl SSL issue

@5x3 Maybe you should check your system openssl's build flags so that we can simply include them in our packages. That'll be much easier.

5x3

comment created time in 25 days

issue commentopenresty/headers-more-nginx-module

Is `more_set_input_headers` safe?

@rnburn Just see how #105 turned out to be an old bug in the nginx core which is completely unrelated to this module. People may blame this module for others' fault. It happens (and I do understand).

rnburn

comment created time in 25 days

issue commentopenresty/headers-more-nginx-module

Is `more_set_input_headers` safe?

"Only in code we trust" :)

rnburn

comment created time in 25 days

issue commentopenresty/headers-more-nginx-module

Is `more_set_input_headers` safe?

There are so many so-called "undefined behaviors" by the nginx team. If we stick with Nginx's own very limited agenda and recommendations, most of our 3rd-party modules wouldn't exit in the first place. We only care about implementation details, not what they are saying. The latter is never really helpful in my years of experience in the nginx world (more than a decade now).

rnburn

comment created time in 25 days

issue commentopenresty/headers-more-nginx-module

Is `more_set_input_headers` safe?

@rnburn It is undefined by the official nginx team but we do work on the C level to make sure things work as expected with the rest of the nginx world. Note that we are also the developers of OpenResty. Nginx is just a component to us.

Your ingress-nginx ticket is not clear enough for the real issue since it has opentracing frames injected into the stack. If you believe there is a bug, please file a ticket here with minimal and standalone example that can reproduce the issue easily.

rnburn

comment created time in 25 days

issue closedopenresty/headers-more-nginx-module

Conflict between more_set_input_headers and map

Hi,

I found a nasty bug in our setup! Better explain by example.

Suppose this configuration:

http {
...
    map $http_x_forwarded_proto $forwarded_proto_final {
      default $scheme;
      "~." $http_x_forwarded_proto;
    }
  error_page 400 403 404     /errordocument/404.html;
  error_page 500 502 503 504 /errordocument/500.html;
...
  server {
    ...
    location ~ ^/errordocument/(.*)$ {
        alias /data/htdocs/errordocument/$1;
    }
    more_set_input_headers 'X-FP: $forwarded_proto_final';
    more_set_headers       'X-FP: $forwarded_proto_final';
    # Forced errors...
    location /404/ {
      return 404;
    }
    location /500/ {
      return 500;
    }
    ...
  }
}

Now, let's do a request:

$ curl -svo /dev/null http://my.host.com/500/test
...
< HTTP/1.1 500 Internal Server Error
...

Perfect! Buf, if instead:

$ curl -svo /dev/null http://my.host.com/500/test -H 'X-Forwarded-Proto: https'
...
< HTTP/1.1 301 Moved Permanently
...
< Location: http://my.host.com/errordocument/500.html/
...

closed time in 25 days

dioni21

issue commentopenresty/headers-more-nginx-module

Conflict between more_set_input_headers and map

@dioni21 Thanks for digging this up and sharing the root cause. I think it's already outside the scope of this module. You need to contact the nginx team for a fix.

BTW, changing the running phase of this module is not an option, more like a hack to me and it would break backward-compatibility for existing users.

dioni21

comment created time in 25 days

issue commentopenresty/openresty

openresty-openssl SSL issue

@5x3 Yeah, please make sure you are using the latest version of the openresty-openssl package in that repository.

5x3

comment created time in a month

issue commentopenresty/openresty

openresty-openssl SSL issue

@5x3 I just checked the deb packaging script and it enables ssl3 at build time as well:

https://github.com/openresty/openresty-packaging/blob/master/deb/openresty-openssl/debian/rules#L31

How exactly are you testing the SSL3 support please?

5x3

comment created time in a month

issue closedopenresty/headers-more-nginx-module

Is `more_set_input_headers` safe?

more_set_input_headers pushes to the request->headers_in.headers list.

While it behaves as expected most of the time, according to this post, you're not allowed to modify headers_in like that.

closed time in a month

rnburn

issue commentopenresty/headers-more-nginx-module

Is `more_set_input_headers` safe?

Yes, it's safe enough. We put a lot of effort here over the years and many people have been using it successfully in production.

@dioni21 That issue is more about the evilness of the map directive, not really a issue in this module.

rnburn

comment created time in a month

issue commentopenresty/headers-more-nginx-module

Conflict between more_set_input_headers and map

Nginx's map directive is known to be evil. I even wrote an article to demonstrate it. In essence, it delays evaluation of the variable to the point of the first reading (and then caches the value, as you have already noticed).

dioni21

comment created time in a month

issue commentopenresty/openresty

openresty-openssl SSL issue

@5x3 Which package are you currently using? IIRC, we already enable ssl3 in our rpm build, for example:

https://github.com/openresty/openresty-packaging/blob/master/rpm/SPECS/openresty-openssl.spec#L73

5x3

comment created time in a month

issue commentopenresty/openresty

OpenResty and Nginx CVE-2019-20372

OpenResty 1.17.8.1 RC1 will be out in the next few days. @thibaultcha is helping with the release engineering work.

keinproblem

comment created time in a month

issue commentopenresty/stream-echo-nginx-module

compile fail

Pull requests welcome. We no longer actively develop this module ourselves but we welcome patches from the community. Thanks.

WinterChen

comment created time in a month

issue commentopenresty/openresty

OpenResty and Nginx CVE-2019-20372

@keinproblem Yes, OpenResty includes Nginx as a component and does include its own nginx core patches. We're about to make a new OpenResty release based on the latest nginx mainline core. cc @thibaultcha

keinproblem

comment created time in a month

issue commentopenresty/replace-filter-nginx-module

GCC >= 8 - build failure

@dvershinin Thanks for the report! Mind to contribute a patch? It looks like an easy fix to just adjust the type declaration of void ....

dvershinin

comment created time in a month

issue commentopenresty/openresty-gdb-utils

not support openresty 1.15.8.1?

This repo is superseded by the new OpenResty XRay platform:

https://openresty.com/en/xray

This repo uses hand-crafted python code which is too painful to maintain and enhance.

shuangxili

comment created time in a month

issue commentopenresty/openresty

错误:Failed to download metadata for repo 'openresty'

@wangning707 What version of Fedora are you using?

wangning707

comment created time in a month

issue commentopenresty/luajit2

Make luajit2 into a fully supported project with releases

@siddhesh OK, your plan sounds good to me. It's just that the moonjit patches still need to go through the pull request/code review process before they can be merged into our repo's mainline branch :)

siddhesh

comment created time in a month

issue commentopenresty/luajit2

Move openresty-specific language extensions under a special configuration?

Ah it seems like I proposed an even better name: LJ_OR_EXT :)

siddhesh

comment created time in a month

pull request commentopenresty/luajit2

Multiple bugfixes cherry-picked from LuaJIT issues and PRs

@siddhesh Thanks for taking care of the remaining patches. We'll look at the new pull requests. Preferably atomic pull requests for each change. That helps the code review and editing process.

I still prefer using Mike's repo as the upstream instead of moonjit.

siddhesh

comment created time in a month

issue commentopenresty/luajit2

Make luajit2 into a fully supported project with releases

@siddhesh Sure, we can do distro package for luajit2. All our extensions can go under a build flag. No problem with that. I prefer a single branch, which makes maintenance easier.

siddhesh

comment created time in a month

MemberEvent

issue commentopenresty/luajit2

Make luajit2 into a fully supported project with releases

@siddhesh Sorry I just saw this one. I agree with formal new releases. We'd think more about release number scheme though. We are currently using version numbers like v2.1-20190510. I'm fine with the branch changes and documentation changes you proposed. We can even have a website for it.

siddhesh

comment created time in a month

pull request commentopenresty/luajit2

Multiple bugfixes cherry-picked from LuaJIT issues and PRs

@XVilka No, we need total control over this branch and I'm not a big fan of a real fork, to be honest.

siddhesh

comment created time in a month

issue commentopenresty/luajit2

Move openresty-specific language extensions under a special configuration?

Yes, we can go with the OPENRESTY_EXT macro (shorter) :)

siddhesh

comment created time in a month

issue commentopenresty/lua-nginx-module

Maybe it's a bug about the ngx_http_lua_init_worker function.

I suggest hold this thing until a new OpenResty release is made. It is nontrivial to fix.

wangfakang

comment created time in a month

issue commentopenresty/lua-nginx-module

Maybe it's a bug about the ngx_http_lua_init_worker function.

@thibaultcha Thanks for the detailed analysis. I don't like the idea of making a new copy of the main conf at all. Since it should be unique by design. Keeping a copy might incur other out-of-sync problems (like a request handler populates a state change in main conf but the timer handler in the init worker context would never see it).

It is really a surprise to see that the merge loc conf handlers cannot run more than once. I think the best way is to make this thing safe to get called repeatedly. Is that possible?

wangfakang

comment created time in a month

IssuesEvent

issue commentopenresty/lua-nginx-module

Maybe it's a bug about the ngx_http_lua_init_worker function.

We should revert #1326 in master before the next release.

wangfakang

comment created time in a month

issue commentopenresty/lua-nginx-module

Maybe it's a bug about the ngx_http_lua_init_worker function.

Cloning the main conf seems to make the issue worse since it's common for 3rd-party modules to use main conf to keep track of global state. Cloning the main conf would make the init worker context go out of sync with the request context (we should keep in mind that the init worker context may have a long life when it fires off recurring timers). So modifying main conf later is indeed expected by design and does not justify the cloning of main conf (but actually go against it). I guess there might be something deeper here. But definitely cloning main conf to make this particular use case pass is going the completely wrong direction.

wangfakang

comment created time in a month

Pull request review commentopenresty/lua-nginx-module

bugfix: Prevent main_conf from being modified, in the ngx_http_lua_init_worker function.

+/*+ * This fake module was used to reproduce a bug in ngx_lua's+ * init_worker_by_lua implementation.+ */+++#include <ngx_config.h>+#include <ngx_core.h>+#include <ngx_http.h>+#include <nginx.h>+++typedef struct {+    ngx_flag_t a;+} ngx_http_fake_merge_main_conf_t;+++typedef struct {+    ngx_flag_t a;+} ngx_http_fake_merge_srv_conf_t;+++typedef struct {+    ngx_flag_t a;+} ngx_http_fake_merge_loc_conf_t;++static ngx_int_t ngx_http_fake_merge_add_variable(ngx_conf_t *cf);+static ngx_int_t ngx_http_fake_merge_var(ngx_http_request_t *r,+    ngx_http_variable_value_t *v, uintptr_t data);+static ngx_int_t ngx_http_fake_merge_init(ngx_conf_t *cf);+static void *ngx_http_fake_merge_create_main_conf(ngx_conf_t *cf);+static void *ngx_http_fake_merge_create_loc_conf(ngx_conf_t *cf);+static char *ngx_http_fake_merge_merge_loc_conf(ngx_conf_t *cf, void *prev,+    void *conf);+++/* flow identify module configure struct */+static ngx_http_module_t  ngx_http_fake_merge_module_ctx = {+    ngx_http_fake_merge_init,             /* preconfiguration */+    NULL,                                 /* postconfiguration */++    ngx_http_fake_merge_create_main_conf, /* create main configuration */+    NULL,                                 /* init main configuration */++    NULL,                                 /* create server configuration */+    NULL,                                 /* merge server configuration */++    ngx_http_fake_merge_create_loc_conf,  /* create location configuration */+    ngx_http_fake_merge_merge_loc_conf    /* merge location configuration */+};++/* flow identify module struct */+ngx_module_t  ngx_http_fake_merge_module = {+    NGX_MODULE_V1,+    &ngx_http_fake_merge_module_ctx,      /* module context */+    NULL,                                 /* module directives */+    NGX_HTTP_MODULE,                      /* module type */+    NULL,                                 /* init master */+    NULL,                                 /* init module */+    NULL,                                 /* init process */+    NULL,                                 /* init thread */+    NULL,                                 /* exit thread */+    NULL,                                 /* exit process */+    NULL,                                 /* exit master */+    NGX_MODULE_V1_PADDING+};+++static ngx_http_variable_t  ngx_http_fake_merge_variables[] = {++    { ngx_string("fake_var"), NULL,+      ngx_http_fake_merge_var, 0,+      NGX_HTTP_VAR_NOCACHEABLE, 0 },++    { ngx_null_string, NULL, NULL, 0, 0, 0 }+};+++static ngx_int_t+ngx_http_fake_merge_var(ngx_http_request_t *r, ngx_http_variable_value_t *v,+    uintptr_t data)+{+    ngx_http_fake_merge_main_conf_t * fmcf;+    static char *str[] = {"0", "1"};++    fmcf = ngx_http_get_module_main_conf(r, ngx_http_fake_merge_module);+    if (fmcf == NULL) {+        ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,+                      "get module main conf failed if fake_var");+        return NGX_ERROR;+    }++    v->len = 1;+    v->data = (u_char *) str[fmcf->a];+    v->valid = 1;+    v->no_cacheable = 0;+    v->not_found = 0;++    return NGX_OK;+}+++static ngx_int_t +ngx_http_fake_merge_add_variable(ngx_conf_t *cf)+{+    ngx_http_variable_t  *var, *v;++    for (v = ngx_http_fake_merge_variables; v->name.len; v++) {+        var = ngx_http_add_variable(cf, &v->name, v->flags);+        if (var == NULL) {+            return NGX_ERROR;+        }+        +        var->get_handler = v->get_handler;+        var->data = v->data;+        v->index = ngx_http_get_variable_index(cf, &v->name);+        if (v->index == (ngx_uint_t) NGX_ERROR) {+            return NGX_ERROR;+        }+    }++    return NGX_OK;++}+++/* postconfiguration init */+static ngx_int_t ngx_http_fake_merge_init(ngx_conf_t *cf)+{+    ngx_http_fake_merge_loc_conf_t   *flcf;++    flcf = ngx_http_conf_get_module_loc_conf(cf,+                                              ngx_http_fake_merge_module);+    if (flcf == NULL) {+        return NGX_ERROR;+    }++    flcf->a = 1;+ +    if (ngx_http_fake_merge_add_variable(cf) != NGX_OK) {+        return NGX_ERROR;+    }+    +    return NGX_OK;+}+++/* create main configure */+static void *ngx_http_fake_merge_create_main_conf(ngx_conf_t *cf)+{+    ngx_http_fake_merge_main_conf_t   *fmcf;++    fmcf = ngx_pcalloc(cf->pool, sizeof(ngx_http_fake_merge_main_conf_t));+    if (fmcf == NULL) {+        ngx_conf_log_error(NGX_LOG_ALERT, cf, 0, "create module main conf");+        return NULL;+    }++    return fmcf;+}+++/* create location configure */+static void *ngx_http_fake_merge_create_loc_conf(ngx_conf_t *cf)

These functions do not follow the nginx coding style. We should use ngx-releng to check coding style issues in such C source files.

wangfakang

comment created time in a month

issue closedopenresty/stapxx

semantic error: type definition 'size_t' not found in '/usr/lib64/libc-2.26.so'

Problem: Cannot use sample-bt-leaks.sxx

Environment

# uname -a
Linux ip-10-3-0-93.us-west-1.compute.internal 4.14.158-129.185.amzn2.x86_64 #1 SMP Tue Dec 24 03:15:32 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux

# /usr/local/openresty/nginx/sbin/nginx -V
nginx version: openresty/1.15.8.1rc1
built by gcc 7.3.1 20180712 (Red Hat 7.3.1-6) (GCC) 
built with OpenSSL 1.0.2k-fips  26 Jan 2017
TLS SNI support enabled
configure arguments: --prefix=/usr/local/openresty/nginx --with-debug --with-cc-opt='-DNGX_LUA_USE_ASSERT -DNGX_LUA_ABORT_AT_PANIC -O2' --add-module=../ngx_devel_kit-0.3.1rc1 --add-module=../echo-nginx-module-0.61 --add-module=../xss-nginx-module-0.06 --add-module=../ngx_coolkit-0.2 --add-module=../set-misc-nginx-module-0.32 --add-module=../form-input-nginx-module-0.12 --add-module=../encrypted-session-nginx-module-0.08 --add-module=../srcache-nginx-module-0.31 --add-module=../ngx_lua-0.10.14 --add-module=../ngx_lua_upstream-0.07 --add-module=../headers-more-nginx-module-0.33 --add-module=../array-var-nginx-module-0.05 --add-module=../memc-nginx-module-0.19 --add-module=../redis2-nginx-module-0.15 --add-module=../redis-nginx-module-0.3.7 --add-module=../rds-json-nginx-module-0.15 --add-module=../rds-csv-nginx-module-0.09 --add-module=../ngx_stream_lua-0.0.6 --with-ld-opt=-Wl,-rpath,/usr/local/openresty/luajit/lib --with-http_stub_status_module --add-module=/opt/openresty-1.15.8/openresty-1.15.8.1rc1/bundle/nginx-upstream-dynamic-servers --add-module=/opt/openresty-1.15.8/openresty-1.15.8.1rc1/bundle/ngx_http_regular_module --add-module=/opt/openresty-1.15.8/openresty-1.15.8.1rc1/bundle/ngx_camproxy --with-stream --with-stream_ssl_module --with-stream_ssl_preread_module --with-http_ssl_module

The error message I get

# ./samples/sample-bt-leaks.sxx -x 3600 --arg time=5 -D STP_NO_OVERLOAD -D MAXMAPENTRIES=10000 > a.bt
Found exact match for libc: /usr/lib64/libc-2.26.so
WARNING: cannot find module /usr/lib64/libc-2.26.so debuginfo: No DWARF information found [man warning::debuginfo]
semantic error: type definition 'size_t' not found in '/usr/lib64/libc-2.26.so': operator '@cast' at <input>:58:28
        source:                 p = ptr - &@cast(0, "size_t")[1]
                                           ^

Missing separate debuginfos, use: debuginfo-install glibc-2.26-32.amzn2.0.2.x86_64 
Pass 2: analysis failed.  [man error::pass2]
Number of similar error messages suppressed: 8.
Number of similar warning messages suppressed: 35.
Rerun with -v to see them.

closed time in a month

ZedLee

issue commentopenresty/stapxx

semantic error: type definition 'size_t' not found in '/usr/lib64/libc-2.26.so'

@ZedLee Your error message does give you a reason and a suggestion:

"Missing separate debuginfos, use: debuginfo-install glibc-2.26-32.amzn2.0.2.x86_64"

BTW, this toolkit is obsoleted by the new OpenResty XRay platform where we do not have such requirements like installing debuginfos on the target machine:

https://openresty.com/en/xray

ZedLee

comment created time in a month

issue commentopenresty/luajit2

lj_str_new hash conflict is serious when length larger than 128

@funny-falcon Yes, I read the patch. It's quite far reaching, even touched the GC part.

stone-wind

comment created time in a month

issue commentopenresty/luajit2

lj_str_new hash conflict is serious when length larger than 128

This looks very complex and I don't think we should go down this route. My hunch is that it would be very difficult to debug when bad things happen in such a sophisticated implementation.

stone-wind

comment created time in a month

pull request commentopenresty/luajit2

feature: runtime detection of CRC32 and ARM64 support.

@siddhesh I see. Thanks for the clarification. I'm really looking forward to binary-level auto-scheduling for different microarchitectures.

thibaultcha

comment created time in a month

Pull request review commentopenresty/lua-resty-core

feature: implement the `tcpsock:tlshandshake` and `tcpsock:sslhandshake`

 API Implemented  [Back to TOC](#table-of-contents) +## resty.core.socket_tcp

I don't quite like this module name. How about resty.core.socket.tcp?

dndx

comment created time in a month

pull request commentopenresty/luajit2

feature: runtime detection of CRC32 and ARM64 support.

So with this PR the same x64 openresty binary can work on modern intel chips and amd chips at the same time now?

thibaultcha

comment created time in a month

more