Permalink
Commits on Jan 18, 2017
Commits on Dec 23, 2016
  1. hotfix(oauth2) fixing postgres migration

    thefosk committed Dec 23, 2016
Commits on Dec 22, 2016
  1. Merge pull request #1917 from Mashape/release/0.9.7

    release(0.9.7)
    thefosk committed on GitHub Dec 22, 2016
  2. hotfix(cli) add the shm mock hack

    thibaultcha committed Dec 22, 2016
  3. release(0.9.7)

    thefosk committed Dec 22, 2016
Commits on Dec 21, 2016
  1. hotfix(conf) load custom plugins property (#1910)

    Ensure custom_plugins are passed from the config file to the prefix
    config file, and hence down to the runtime OpenResty Kong.
    
    Fix #1906
    thibaultcha committed with Tieske Dec 21, 2016
Commits on Dec 20, 2016
  1. hotfix(galileo) proper empty encoding as empty arr

    Use a workaround until openresty/lua-cjson#16 is
    included in an OpenResty formal release.
    thibaultcha committed Dec 20, 2016
Commits on Dec 6, 2016
  1. hotfix(cli) fix recursive calls to the startup errorhandler

    The `pcall`s used to stop the services seem to inherit the errorhandler
    from the `xpcall` up on the stack. This causes a recursive call if stopping the services
    errors for some reason.
    Thijs Schreijer committed Dec 6, 2016
Commits on Nov 30, 2016
Commits on Nov 29, 2016
  1. fix(cli) honor -c flag even if config exists at default location

    * fix a condition to prevent loading one of the default locations if a
    -c flag has been given
    * add a function to extend the default path, only used in tests
    * new test
    
    Fix #1675
    thibaultcha committed Sep 23, 2016
  2. fix(api) obfuscates sensitive settings from the `/` route

    * new `remove_sensitive()` function clones the configuration and
      replaces sensitive settings with a placeholder
    * unit test for conf_loader and new tests for the Admin API's `/` route
    thibaultcha committed Sep 16, 2016
Commits on Nov 8, 2016
  1. release(0.9.5)

    thefosk committed Nov 8, 2016
  2. Dropping support for 1.9.15.1

    thefosk committed Nov 7, 2016
Commits on Nov 3, 2016
  1. release(0.9.4)

    thefosk committed Nov 3, 2016
Commits on Nov 1, 2016
  1. Merge pull request #1783 from Mashape/refactor/reports-cluster-timers

    refactor(timers) cluster and reports timers use raw shm
    thibaultcha committed on GitHub Nov 1, 2016
Commits on Oct 28, 2016
  1. refactor(timers) cluster and reports timers use raw shm

    This is based on #1748 but adds some cleanup and performance
    improvements. It gets rid of using the database cache module and uses
    the raw 'kong' shared dict.
    thibaultcha committed Oct 28, 2016
  2. hotfix(cli) seed random number generator in CLI

    If spawning multiple nodes at once (making use of the CLI from different
    host machines), we need to make sure none of them are using the same
    seed. To enforce this, we make use of the patched 'math.randomseed()'
    function, which should greatly reduce the probability of seed collision.
    
    To allow for this change, we need a special flag indicating our scripts
    if we are running inside of our CLI, so that out 'math.randomseed()'
      does not complain about being called in resty-cli's 'timer' context.
    
    * add `ngx.RESTY_CLI` flag in `bin/kong`
    * add an edge case in our patched `math.randomseed()`
    * apply `kong.core.globalpatches` to our CLI environment
    
    Fix #1592
    thibaultcha committed with thefosk Sep 15, 2016
Commits on Oct 21, 2016
  1. hotfix(globalpatches) use OpenSSL to seed PRNG

    This changes the seeding technique for LuaJIT's PRNG from using a
    combination of `time (s precision) + worker PID` to using OpenSSL's
    `RAND_bytes()`.
    
    Reasoning: in modern deployment setups such as application containers
    and AWS AMIs (etc...), it is a common practise to deploy from a forked
    VM, resulting in high chances of collision for PIDs at a seconds
    precision. This could result in duplicated PRNG seeds, which is
    ultimately the PRNG used to generate UUIDs in Kong, by the use of
    [lua-resty-jit-uuid](https://github.com/thibaultcha/lua-resty-jit-uuid).
    
    Solution: in order to have a higher entropy when seeding LuaJIT's PRNG,
    a proposed fix was to use `/dev/urandom`. This implementation however
    uses OpenSSL's `RAND_bytes()`, which has the advantage of returning an
    error if the entropy is estimated to be too low. However, this won't
    cover use cases where the VM has been forked, resulting in multiple VM
    clones with a high entropy, but equal to that of the other clones. We
    suggest that such deployment environment increase their cloned VMs
    entropy before starting Kong.
    
    Full changelog:
    * use OpenSSL's `RAND_bytes()` to read random bytes
    * truncate the final seed to 12 digits to prevent integer overflows
    * update fallback seeding technique (time + worker PID) to use ms
    precision, just in case
    * introduce a new `kong` lua shared dict. This dictionary's purpose is
    to hold essential data through Kong's lifecycle, and should eventually
    only be used through `safe_set()` (an abstraction for this could be
    envisaged later on, but is not the purpose of this patch)
    * chosen seeds for each worker are stored in the kong shm, and can be
    consulted via the `/` endpoint. There is currently no way to re-seed all
    the workers at once unless by sending `SIGHUP`, because only 1 worker
    would be receiving such a request through the Kong Admin API.
    * update `debug.traceback()` calls to use lvl 2 of the call stack, to
    show the actual caller of our patched `math.randomseed()`
    * update log messages to be more explicit
    
    Fix #1751 #1739 #1623
    thibaultcha committed Oct 19, 2016
Commits on Oct 12, 2016
  1. wip

    thefosk committed Oct 12, 2016
Commits on Oct 8, 2016
  1. Merge pull request #1724 from Mashape/release/0.9.3

    release: 0.9.3
    thefosk committed on GitHub Oct 8, 2016
  2. release: 0.9.3

    thefosk committed Oct 8, 2016
  3. Merge pull request #1723 from Mashape/hotfix/global-invalidation

    hotfix(invalidation) invalidates global plugins
    thefosk committed on GitHub Oct 8, 2016