We have released nghttp2 v1.22.0.

libnghttp2

lstefani fixed the bug which results in memory leak because of missing free call on error in inflight_settings_new().

libnghttp2_asio

Matt Way added the functionality to specify a stream priority via session::submit().

integration

Use of xip.io is replaced with nip.io.

nghttp

nghttp now shows a warning if certificate verification fails.

nghttpx

${tls_sni} access log variable has been added.

All ${ssl_*} access log variables have been renamed as ${tls_*}. The old names still work for backward compatibility.

SNI based backend server selection has been added. To enable this feature, use sni-fwd parameter in frontend option. The requests received in that frontend address are forwarded based on server name sent via TLS SNI extension rather than HTTP Host header field.

signed_certificate_timestamp extension has been enabled with TLSv1.3.

Historically, nghttpx always stripped incoming X-Forwarded-Proto header field, and set its own one. In this release, 2 new options have been added to tweak this behaviour. --no-strip-incoming-x-forwarded-proto option prevents nghttpx from stripping the header field from a client. --no-add-x-forwarded-proto option prevents nghttpx from adding X-Forwarded-Proto value.

--single-process option has been added which make nghttpx run in a single process. Note that if neverlbeed is enabled, nghttpx still spawns the new process for it.

SSL_CTX_set_early_data_enabled is enabled for BoringSSL.