nginx 1.25.2 changes draft

Maxim Dounin mdounin at mdounin.ru
Tue Aug 15 16:44:13 UTC 2023 

Hello!

On Tue, Aug 15, 2023 at 07:48:05PM +0400, Sergey Kandaurov wrote:

> 
> > On 15 Aug 2023, at 19:32, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > 
> > Hello!
> > 
> > 
> > Changes with nginx 1.25.2                                        15 Aug 2023
> > 
> >    *) Feature: path MTU discovery when using HTTP/3.
> > 
> >    *) Change: now nginx uses appname "nginx" when loading OpenSSL
> >       configuration.
> > 
> >    *) Change: now nginx does not try to load OpenSSL configuration if the
> >       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
> >       environment variable is not set.
> > 
> >    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.
> > 
> 
> There were bugfixes in QUIC, which may deserve a separate line.

Added "Bugfix: in HTTP/3" to cover anything not specifically 
mentioned, thnx.

> Also I'd add TLS_AES_128_CCM_SHA256 cipher suite support in QUIC,
> and a switch to using AEAD-encrypted QUIC address validation tokens,
> which essentially provides now authenticated encryption.

Agreed about TLS_AES_128_CCM_SHA256, added.

Not sure AEAD worth mentioning though, it's more an internal 
change hardly visible to users.

Updated:


Changes with nginx 1.25.2                                        15 Aug 2023

    *) Feature: path MTU discovery when using HTTP/3.

    *) Feature: TLS_AES_128_CCM_SHA256 cipher suite support when using
       HTTP/3.

    *) Change: now nginx uses appname "nginx" when loading OpenSSL
       configuration.

    *) Change: now nginx does not try to load OpenSSL configuration if the
       --with-openssl option was used to built OpenSSL and the OPENSSL_CONF
       environment variable is not set.

    *) Bugfix: in the $body_bytes_sent variable when using HTTP/3.

    *) Bugfix: in HTTP/3.


Изменения в nginx 1.25.2                                          15.08.2023

    *) Добавление: path MTU discovery при использовании HTTP/3.

    *) Добавление: поддержка шифра TLS_AES_128_CCM_SHA256 при использовании
       HTTP/3.

    *) Изменение: теперь при загрузке конфигурации OpenSSL nginx использует
       appname "nginx".

    *) Изменение: теперь nginx не пытается загружать конфигурацию OpenSSL,
       если для сборки OpenSSL использовался параметр --with-openssl и
       переменная окружения OPENSSL_CONF не установлена.

    *) Исправление: в переменной $body_bytes_sent при использовании HTTP/3.

    *) Исправление: в HTTP/3.


-- 
Maxim Dounin
http://mdounin.ru/

More information about the nginx-devel mailing list