We released nghttp2 v1.8.0.
This release adds new library APIs to send and receive non-critical HTTP/2 extension frames. It also adds new features to nghttpx and nghttpd, and polishes many rough edges.
We added the APIs to send and receive non-critical HTTP/2 extension frames. “Non-critical” means that it won’t change HTTP/2 standard protocol rules, and those frames may be ignored by a receiver. We have added a set of functions and callbacks for this.
To send HTTP/2 extension frames, implement nghttp2_pack_extension_callback to encode data into wire format, and set it using nghttp2_session_callbacks_set_pack_extension_callback(). If the application wants to send multiple different types of extension frames, it should handle them in this single callback. Then use nghttp2_submit_extension() to submit a frame.
To receive HTTP/2 extension frames, implement 2 callbacks:
nghttp2_unpack_extension_callback implements the way how to decode
how to buffer the incoming extension payload. These callbacks must be
The application also must tell the library which extension frame type
it is willing to receive using
Note that the application has to create
nghttp2_option object for
that purpose, and initialize session with it.
Peter Wu sends many patches to fix various bugs, and rough edges, including out-of-tree documentation build and integration tests.
David Beitey documented how to build h2load, and detect the configuration error.
Bernard Spil fixed configure error related to dlopen/libdl detection on *BSD platform.
Reza Tavakoli fixed nghttp2 package version detection in Windows Makefile.
Jay Satiro refactored the portion of the code to check against HTTP/2 cipher black list. It is pretty neat.
We have updated default cipher list used in bundled applications using Security/Server Side TLS compiled by Mozilla.
We fixed compile error with gcc-6 which enables C++14 by default.
In libnghttp2_asio, we fixed the bug that connect timeout did not
work. In the part of the fix, we removed
nghttp2::asio_http2::client::session::connect_timeout() functon, and
instead added connect timeout parameter to constructor. This will
break backward compatibility.
We fixed bug in nghttpd that
Trailer header field was not added when
non-200 status response was returned.
-W options to nghttpd to change stream-level and
connection-level window size respectively.
nghttpx now supports multiple frontend addresses.
-f) can be used multiple times to specify more than one frontend
We fixed the bug that nghttpx did not add headers given in
add-response-headers to the response generated by mruby.
In nghttpx, we deprecated
favor of new
We have added TLS encryption support for memcached connections. We use memcached for sharing and storing TLS session cache and TLS ticket keys. We also added options to set address family, and client certificates for memcached connections.
We have added TLS encryption support for backend HTTP/1. Unlike
HTTP/2 backend, backend HTTP/1 encryption is disabled by default for
backward compatibility. To enable TLS, use
option. The existing option to specify client certificate is working
with this as well.
We have added
--no-http2-cipher-black-list to allow black listed
In nghttpx, we added
--max-request-header-fields options, and they deprecated
--max-header-fields options. To limit
response headers as well, we added its response side counterparts,