OpenResty 1.9.7.4 released

Hi folks

I am happy to announce the new formal release, 1.9.7.4, of the
OpenResty web platform based on NGINX and LuaJIT:

https://openresty.org/#Download

Both the (portable) source code distribution and the Win32 binary
distribution are provided on this Download page.

The highlights of this version are

  1. New Lua API functions for reverse DNS queries in the lua-resty-dns
    library.

  2. New options to insert custom nginx.conf configuration snippets in
    the “resty” command-line utility.

  3. Various important bug fixes in recently-added new features like
    balancer_by_lua* and ssl_certificate_by_lua*.

Special thanks go to all our developers and contributors!

Complete change log since the last (formal) release, 1.9.7.3:

  • bugfix: “./configure”: use of relative paths like “./nginx” in
    “–prefix=PATH” led to compilation errors. thanks Tao Huang for
    the report.

  • upgraded the ngx_lua module to 0.10.2.

    • feature: the C implementation for set SSL private keys now
      supports non-RSA private keys as well. thanks Alessandro
      Ghedini for the patch.

    • feature: ngx.log() and print() now accept Lua tables with
      the “__tostring” metamethod.

    • feature: added new API, ngx.config.subsystem, which always
      takes the Lua string value “http” in this module.

    • feature: added new API function ngx.socket.stream() which is
      an alias to ngx.socket.tcp().

    • feature: added HTTP 2.0 support to ngx.req.http_version().

    • feature: this module can now be built as a “dynamic module”
      with NGINX 1.9.11+ via the “–add-dynamic-module=PATH”
      option of “./configure”.

    • bugfix: balancer_by_lua* did not respect “lua_code_cache
      off”. thanks XI WANG for the report and Dejiang Zhu for the
      patch.

    • bugfix: hot loop might happen when balancer_by_lua* was used
      with the keepalive directive. thanks GhostZch for the
      report.

    • bugfix: balancer_by_lua* might crash the nginx worker when
      SSL (https) is used for upstream connections. thanks
      Alistair Wooldrige for the report.

    • bugfix: stream-typed cosockets: we did not set the “error”
      field of the “ngx_connection_t” object which MIGHT lead to
      socket leaks.

    • bugfix: avoided a potential memory issue when the request
      handler is aborted prematurely (via ngx.exit, for example)
      while a light thread is still waiting on ngx.flush(true).

    • bugfix: we might not respond to client abort events when
      lua_check_client_abort is on.

    • bugfix: fixed the compiler warning “unused variable” when
      compiling with nginx cores older than 1.7.5 (exclusive).
      thanks Marc Neudert for the patch.

    • bugfix: fixed compilation errors with LibreSSL by disabling
      ssl_certificiate_by_lua* and some ngx.ssl API functions that
      are not supported by LibreSSL. thanks George Liu and Bret
      for the reports.

    • bugfix: fixed compilation errors with nginx 1.9.11+. thanks
      Charles R. Portwood II and Tomas Kvasnicka for the reports.

    • bugfix: fixed compatibility issues with other nginx modules
      loaded as “dynamic modules” in NGINX 1.9.11+.

    • bugfix: SSL: set error message on “i2d_X509()” failure as
      well. thanks Alessandro Ghedini for the patch.

    • bugfix: SSL: remove leading white space from error messages.
      thanks Alessandro Ghedini for the patch.

    • optimize: use “lua_pushliteral()” for string literals.
      thanks Tatsuhiko Kubo for the patch.

    • change: unmatched submatch captures are now set to “false”
      instead of “nil” in the captures table (named captures are
      not affected). thanks Julien Desgats for the patch.

    • change: ngx.req.get_post_args: returns error message instead
      of raising an exception when request body is in temp file.
      thanks yejingx for the patch.

    • change: ngx.shared.DICT: throws a Lua error when the
      “exptime” argument is invalid.

    • doc: documented that ngx.req.get_body_data() is available in
      the context of log_by_lua*. thanks YuanSheng Wang for the
      patch.

    • doc: added balancer_by_lua* and ssl_certificate_by_lua* to
      the context of some Lua API functions. thanks Dejiang Zhu
      for the patch.

    • doc: fixed the documentation of log_by_lua* which actually
      runs after nginx’s access log handler.

    • doc: updated the documentation for ngx.req.discard_body() to
      reflect recent changes. now ignoring request bodies indeed
      trigger discarding the body upon request finalization.

    • doc: updated the docs of ngx.get_phase() for new Lua
      execution contexts. thanks Thibault Charbonnier for the
      patches.

    • doc: typo fix in sample configurations from othree.

    • doc: typo fix in sample configurations from Adam Malone.

    • doc: typo fix from Prayag Verma.

    • doc: typo fix from leemingtian.

  • upgraded the lua-resty-core library to 0.1.5.

    • optimize: ngx.ssl: removed unnecessary request checks from
      the priv_key_pem_to_der and cert_pem_to_der functions to
      allow them to be used in more contexts. thanks Tom Thorogood
      for the patch.

    • bugfix: resty.core.regex: non-string values passed as string
      arguments might throw out Lua errors. thanks Robert P.
      for the patch.

    • change: resty.core.shdict: throws out a Lua error when the
      exptime arg is invalid.

    • change: resty.core.regex: unmatched submatch captures are
      set to “false” instead of “nil” in captures table. thanks
      Julien Desgats for the patch.

    • doc: typo fix from thefosk.

    • doc: typo fix from Anton Ovchinnikov.

  • upgraded the ngx_lua_upstream module to 0.05.

    • feature: expose peer connection count as the “conns” Lua
      table field. thanks Justin Li for the patch.

    • feature: this module can now be built as a “dynamic module”
      with NGINX 1.9.11+ via the “–add-dynamic-module=PATH”
      option of “./configure”. thanks Hiroaki Nakamura for the
      original patch.

    • doc: fixes from Justin Li.

  • upgraded the lua-resty-upstream-healthcheck library to 0.04.

    • feature: added IPv6 address support in upstream peer names.
      thanks szelcsanyi for the patch.

    • feature: status_page(): now we mark those upstream blocks
      without any (live) health checkers so as to avoid potential
      confusions when the checker light threads were aborted due
      to some fatal errors.

    • refactor: various coding refactoring to improve code
      readability. thanks Thijs Schreijer and Dejiang Zhu for the
      patches.

    • optimize: minor Lua code improvements from Aapo Talvensaari.

    • doc: link fixes from Thijs Schreijer.

    • doc: fixed escaping issues in the configuration samples in
      the Synopsis section by migrating to the “*_by_lua_block {}”
      directives. thanks whatacold for the report.

  • upgraded the lua-resty-dns library to 0.15.

    • feature: added reverse DNS utilities: reverse_query,
      arpa_str, and expand_ipv6_addr. thanks bjoe2k4 for the
      patch.
  • upgraded resty-cli to 0.06.

    • feature: resty: added new options “–http-include=PATH” and
      “–main-include=PATH” to include user files in the
      auto-generated “nginx.conf” file. thanks Nils Nordman for
      the patch.
  • upgraded the ngx_set_misc module to 0.30.

    • feature: this module can now be compiled as a dynamic module
      with NGINX 1.9.11+ via the “–with-dynamic-module=PATH”
      option of “./configure”.

    • bugfix: fixed errors and warnings with C compilers without
      variadic macro support.

  • upgraded the ngx_array_var module to 0.05.

    • feature: this module can now be compiled as a dynamic module
      with NGINX 1.9.11+ via the “–with-dynamic-module=PATH”
      option of “./configure”.

    • bugfix: fixed errors and warnings with C compilers without
      variadic macro support.

The HTML version of the change log with lots of helpful hyper-links
can be browsed here:

https://openresty.org/#ChangeLog1009007

OpenResty (aka. ngx_openresty) is a full-fledged web platform
by bundling the standard Nginx core, Lua/LuaJIT, lots of
3rd-party Nginx modules and Lua libraries, as well as most of their
external
dependencies. See OpenResty’s homepage for details:

https://openresty.org/

We have run extensive testing on our Amazon EC2 test cluster and
ensured that all the components (including the Nginx core) play well
together. The latest test report can always be found here:

https://qa.openresty.org

Have fun!
-agentzh

cheers agentzh thanks for that workaround for LibreSSL and
ssl_certificiate_by_lua* incompatibility :slight_smile:

Posted at Nginx Forum: