We have released nghttp2 v1.34.0.
libnghttp2 now supports extended CONNECT method and
header field defined in RFC 8441.
To enable this functionality on server side, send
nghttpx now supports “Bootstrapping WebSockets with HTTP/2” defined in RFC 8441 for both frontend and backend HTTP/2 connections.
write-timeout parameters have been added to
--backend option to specify read/write timeouts per pattern which
override values set by
This release fixes stability issues in neverbleed with OpenSSL 1.1.1.
mruby has been updated to version 1.4.1.
env.tls_handshake_finished has been added to mruby scripting to know
whether TLS handshake has been completed or not. This might be useful
to decide that 0-RTT data should be processed or not.
--tls-client-ciphers options have been added
to configure TLSv1.3 ciphers.
nghttpx now adds Early-Data header field to the request header field when request is included in 0-RTT packet, and TLS handshake has not been completed yet. Early-Data header field is defined in RFC 8470.
nghttpx now supports TLSv1.3 0-RTT data. By default, it accepts 0-RTT
data, but postpones the request until TLS handshake completes. The
--tls-no-postpone-early-data makes nghttpx not to
postpone request and adds Early-Data header field to backend request.
It is important to make sure that all backends must recognize
Early-Data header field to mitigate reply attack.
To enable 0-RTT data and most of the TLSv1.3 features, OpenSSL 1.1.1 is required.