nginx-0.3.8-RELEASE importrelease-0.3.8

    *) Security: nginx now checks URI got from a backend in
       "X-Accel-Redirect" header line or in SSI file for the "/../" paths
       and zeroes.

    *) Change: nginx now does not treat the empty user name in the
       "Authorization" header line as valid one.

    *) Feature: the "ssl_session_timeout" directives of the
       ngx_http_ssl_module and ngx_imap_ssl_module.

    *) Feature: the "auth_http_header" directive of the
       ngx_imap_auth_http_module.

    *) Feature: the "add_header" directive.

    *) Feature: the ngx_http_realip_module.

    *) Feature: the new variables to use in the "log_format" directive:
       $bytes_sent, $apache_bytes_sent, $status, $time_gmt, $uri,
       $request_time, $request_length, $upstream_status,
       $upstream_response_time, $gzip_ratio, $uid_got, $uid_set,
       $connection, $pipe, and $msec. The parameters in the "%name" form
       will be canceled soon.

    *) Change: now the false variable values in the "if" directive are the
       empty string "" and string starting with "0".

    *) Bugfix: while using proxied or FastCGI-server nginx may leave
       connections and temporary files with client requests in open state.

    *) Bugfix: the worker processes did not flush the buffered logs on
       graceful exit.

    *) Bugfix: if the request URI was changes by the "rewrite" directive
       and the request was proxied in location given by regular expression,
       then the incorrect request was transferred to backend; the bug had
       appeared in 0.2.6.

    *) Bugfix: the "expires" directive did not remove the previous
       "Expires" header.

    *) Bugfix: nginx may stop to accept requests if the "rtsig" method and
       several worker processes were used.

    *) Bugfix: the "\"" and "\'" escape symbols were incorrectly handled in
       SSI commands.

    *) Bugfix: if the response was ended just after the SSI command and
       gzipping was used, then the response did not transferred complete or
       did not transferred at all.

4 files changed, 45 insertions, 8 deletions

diff --git a/src/core/nginx.h b/src/core/nginx.h
index 78ae2a78a..966d405b0 100644
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@@ -8,7 +8,7 @@
 #define _NGINX_H_INCLUDED_
 
 
-#define NGINX_VER          "nginx/0.3.7"
+#define NGINX_VER          "nginx/0.3.8"
 
 #define NGINX_VAR          "NGINX"
 #define NGX_OLDPID_EXT     ".oldbin"
diff --git a/src/core/ngx_conf_file.h b/src/core/ngx_conf_file.h
index b09d8cc6a..adf203a6f 100644
--- a/src/core/ngx_conf_file.h
+++ b/src/core/ngx_conf_file.h
@@ -82,7 +82,7 @@ struct ngx_command_s {
     void                 *post;
 };
 
-#define ngx_null_command   { ngx_null_string, 0, NULL, 0, 0, NULL }
+#define ngx_null_command  { ngx_null_string, 0, NULL, 0, 0, NULL }
 
 
 struct ngx_open_file_s {
diff --git a/src/core/ngx_string.c b/src/core/ngx_string.c
index 1164cc445..a236654d7 100644
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@@ -190,7 +190,9 @@ ngx_vsnprintf(u_char *buf, size_t max, const char *fmt, va_list args)
             case 'V':
                 s = va_arg(args, ngx_str_t *);
 
-                len = (buf + s->len < last) ? s->len : (size_t) (last - buf);
+                len = s->len & 0xffff;
+                len = (buf + len < last) ? len : (size_t) (last - buf);
+
                 buf = ngx_cpymem(buf, s->data, len);
                 fmt++;
 
diff --git a/src/core/ngx_string.h b/src/core/ngx_string.h
index 545c6cc85..b019e3357 100644
--- a/src/core/ngx_string.h
+++ b/src/core/ngx_string.h
@@ -46,7 +46,7 @@ typedef struct {
 #define ngx_strncmp(s1, s2, n)  strncmp((const char *) s1, (const char *) s2, n)
 
 
-/* msvc and icc compile strcmp() to inline loop */
+/* msvc and icc7 compile strcmp() to inline loop */
 #define ngx_strcmp(s1, s2)  strcmp((const char *) s1, (const char *) s2)
 
 
@@ -55,20 +55,55 @@ typedef struct {
 
 
 /*
- * msvc and icc compile memset() to the inline "rep stos"
+ * msvc and icc7 compile memset() to the inline "rep stos"
  * while ZeroMemory() and bzero() are the calls.
- * icc may also inline several mov's of a zeroed register for small blocks.
+ * icc7 may also inline several mov's of a zeroed register for small blocks.
  */
 #define ngx_memzero(buf, n)       (void) memset(buf, 0, n)
 #define ngx_memset(buf, c, n)     (void) memset(buf, c, n)
 
 
-/* msvc and icc compile memcpy() to the inline "rep movs" */
+/*
+ * gcc3, msvc, and icc7 compile memcpy() to the inline "rep movs".
+ * gcc3 compiles memcpy(d, s, 4) to the inline "mov"es.
+ * icc8 compile memcpy(d, s, 4) to the inline "mov"es or XMM moves.
+ */
 #define ngx_memcpy(dst, src, n)   (void) memcpy(dst, src, n)
 #define ngx_cpymem(dst, src, n)   ((u_char *) memcpy(dst, src, n)) + (n)
 
 
-/* msvc and icc compile memcmp() to the inline loop */
+#if ( __INTEL_COMPILER >= 800 )
+
+/*
+ * the simple inline cycle copies the variable length strings up to 16
+ * bytes faster than icc8 autodetecting _intel_fast_memcpy()
+ */
+
+static ngx_inline u_char *
+ngx_copy(u_char *dst, u_char *src, size_t len)
+{
+    if (len < 17) {
+
+        while (len) {
+            *dst++ = *src++;
+            len--;
+        }
+
+        return dst;
+
+    } else {
+        return ngx_cpymem(dst, src, len);
+    }
+}
+
+#else
+
+#define ngx_copy                  ngx_cpymem
+
+#endif
+
+
+/* msvc and icc7 compile memcmp() to the inline loop */
 #define ngx_memcmp                memcmp