nghttp2 1.62.1 released

nghttp2 1.62.1 rpms released and added to EL7, EL8 and EL9 platforms.

At the same time please note that we already build nghttp2 for EL7 and EL8 since 1.61.0 with patches that allow c-ares 1.10 usage, as c-ares 1.16 is the minimum supported version.

nghttp2 requires C++-20 and is built with GCC 13 on EL8 and EL9.

UPD. EL7 platform is built with clang 15.

nghttp2 1.62.0 released

nghttp2 1.62.0 rpms released and added to EL8 and EL9 platforms.

EL7 platform is excluded as GCC 13 is minimum supported version.

At the same time please note that we already build nghttp2 for EL7 and EL8 since 1.61.0 with patches that allow c-ares 1.10 usage, as c-ares 1.16 is the minimum supported version.

nghttp2 requires C++-20 and is built with GCC 13 on EL8 and EL9.

nghttp2 1.61.0 released fixing CVE-2024-28182

nghttp2 1.61.0 rpms released and added to all platforms. UPD. EL7 and EL8 also updated with the added patch reverting migrate-to-ares_getaddrinfo changes. Fixes CVE-2024-28182 nghttpx: Shutdown h3 stream read with trailer as well by @tatsuhiro-t in #2087 Checkout with submodules by @jonaski in #2093 Respect BUILD_STATIC_LIBS and add option for tests by @jonaski in #2092 build(deps): bump from 0.21.0 to 0.22.0 by @dependabot in #2097 Workaround llvm issue on github ubuntu runner by @tatsuhiro-t in #2098 docker: Use copy –link by @tatsuhiro-t in #2099 Nghttpx header idle timeout by @tatsuhiro-t in #2100 nghttpx: Fix frontend-header-timeout does not work in config file by @tatsuhiro-t in #2101 Rewrite hexdump by @tatsuhiro-t in #2102 Switch to distroless/base-nossl by @tatsuhiro-t in #2103 Bump ngtcp2 by @tatsuhiro-t in #2105 nghttpx: Simplify quic connection close handling by @tatsuhiro-t in #2106 build(deps): bump from 0.41.0 to 0.42.0 by @dependabot in #2107 autotools: Use tar-ustar automake option by @tatsuhiro-t in #2108 Automate release process by @tatsuhiro-t in #2109 autotools: Switch to tar-pax by @tatsuhiro-t in #2110 nghttpx: Drop a UDP datagram from well-known port by @tatsuhiro-t in #2111 nghttpx: Fix port byte order by @tatsuhiro-t in #2112 h2load: Allow host header to be overridden by @tatsuhiro-t in #2113 nghttpx: Rework QUIC stateless reset packet size by @tatsuhiro-t in #2114 nghttpx: More QUIC prohibited ports by @tatsuhiro-t in #2115 Add actions/stale by @tatsuhiro-t in #2116 nghttpx: Discard UDP datagram that is too short to be a valid QUIC packet by @tatsuhiro-t in #2117 nghttp: Support SSLKEYLOGFILE by @tatsuhiro-t in #2119 No rfc7540 priority fix by @tatsuhiro-t in #2120 Further reduce Stateless reset emission by @tatsuhiro-t in #2122 nghttpx: Rework Connection ID construction by @tatsuhiro-t in #2124 Nghttpx faster worker lookup by @tatsuhiro-t in #2125 nghttpx: Split thread into worker_process and thread by @tatsuhiro-t in #2126 bpf: Drop bad QUIC packet by @tatsuhiro-t in #2127 cmake: check SSL_provide_quic_data when ENABLE_HTTP3 is ON by @jimmy-park in #2128 nghttpx: Allocate 3 bits for QUIC configuration in Connection ID by @tatsuhiro-t in #2129 nghttpx: Migrate to ares_getaddrinfo by @tatsuhiro-t in #2132 Bump munit by @tatsuhiro-t in #2131 nghttpx: Fix error message by @tatsuhiro-t in #2133 nghttpd: Fix read stall by @tatsuhiro-t in #2134

nghttp2 1.60.0 released

nghttp2 1.60.0 rpms released and added to all supported platforms Speed up git submodule by @tatsuhiro-t in #2043 Speed up git clone by @tatsuhiro-t in #2044 build(deps): bump actions/cache from 3 to 4 by @dependabot in #2046 Fixing the build and install trees by @anthonyalayo in #2051 build(deps): bump microsoft/setup-msbuild from 1 to 2 by @dependabot in #2052 nghttpx: Set ocsp response to SSL in case of boringssl by @tatsuhiro-t in #2055 Run with python3 by @tatsuhiro-t in #2054 src: Certificate Compression with boringssl by @tatsuhiro-t in #2056 Fix missing newline by @tatsuhiro-t in #2057 Switch to aws lc by @tatsuhiro-t in #2058 Libbrotli fixup by @tatsuhiro-t in #2059 Deprecate RFC 7540 priorities (aka stream dependencies) by @tatsuhiro-t in #2060 Let dependabot manage go modules by @tatsuhiro-t in #2061 build(deps): bump from 0.20.0 to 0.21.0 by @dependabot in #2062 integration-tests: Omit unused parameters by @tatsuhiro-t in #2065 Munit by @tatsuhiro-t in #2064 Introduce nghttp2_ssize API by @tatsuhiro-t in #2066 Move deprecated warning upfront by @tatsuhiro-t in #2067 Describe RFC 7540 priorities deprecation plan by @tatsuhiro-t in #2068 Apps migrate nghttp2 ssize by @tatsuhiro-t in #2069 src: Remove unused functions by @tatsuhiro-t in #2070 Reconsider ssize t usage in src by @tatsuhiro-t in #2071 Use GitHub private vulnerability reporting by @tatsuhiro-t in #2072 Move security policy to GitHub standard location by @tatsuhiro-t in #2073 Bump mruby to 3.3.0 by @tatsuhiro-t in #2074 Bump llhttp to 48588093ca4219b5f689acfc9ebea9e4c8c37663 by @tatsuhiro-t in #2075 h2load: Add –sni option by @tatsuhiro-t in #2076 Bump ngtcp2 dependencies by @tatsuhiro-t in #2077 mruby: Adopt deprecation of mrbc_ prefix by @tatsuhiro-t in #2078 neverbleed: Define _GNU_SOURCE for pthread_setaffinity_np by @tatsuhiro-t in #2079 bpf: Pre-expand aes key by @tatsuhiro-t in #2080 mruby: Exclude mrdb gem which causes nghttpx to crash by @tatsuhiro-t in #2081 nghttpx: Reuse EVP_CIPHER_CTX for QUIC connection ID encryption by @tatsuhiro-t in #2082 Run apt-get update before install by @tatsuhiro-t in #2083 src: Deal with the case that send_quantum < max_udp_payload_size by @tatsuhiro-t in #2084 nghttpx: Remove SHRPX_QUIC_MAX_UDP_PAYLOAD_SIZE by @tatsuhiro-t in #2085 Fix build when AI_NUMERICSERV is undefined by @barracuda156 in #2086

ngtcp2 1.2.0, nghttp2 1.59.0 released

ngtcp2 1.2.0, nghttp2 1.59.0 rpms released and added to all supported platforms

ngtcp2 1.2.0:
cmake: Require nghttp3 >= v1.0.0 by @tatsuhiro-t in #1026
examples: Clarify stream limits by @tatsuhiro-t in #1032
Bump actions/stale from 8 to 9 by @dependabot in #1033
Avoid detecting OpenSSL 3.2 as quictls by @tatsuhiro-t in #1035
Clarify the behavior when a stream is not found by @tatsuhiro-t in #1036
Do not recognize boringssl as quictls by @tatsuhiro-t in #1038
Bump github/codeql-action from 2 to 3 by @dependabot in #1037
docker: Switch to bsslclient and bsslserver by @tatsuhiro-t in #1039
interop: Switch to wolfssl by @tatsuhiro-t in #1040
Revert “docker: Switch to bsslclient and bsslserver” by @tatsuhiro-t in #1041
docker: Switch to wolfssl by @tatsuhiro-t in #1042
Use wolfSSL in a README example by @tatsuhiro-t in #1043
Add aws-lc as BoringSSL alternative by @tatsuhiro-t in #1044
wolfSSL: Disable deprecated signature algorithms by @tatsuhiro-t in #1046
Remove use of SSL_set_quic_transport_version by @tatsuhiro-t in #1047
examples: Build with libressl by @tatsuhiro-t in #1048
Fix zero len file by @tatsuhiro-t in #1049
Assert that _BitScanReverse64 never fail by @tatsuhiro-t in #1051
Revert “wolfSSL: Disable deprecated signature algorithms” by @tatsuhiro-t in #1052
wolfssl: Enable –enable-keylog-export by @tatsuhiro-t in #1053
h09client: Fix display ecn bits by @tatsuhiro-t in #1054
Bump wolfSSL to v5.6.6-stable by @tatsuhiro-t in #1055
ngtcp2_pkt_adjust_pkt_num: Take bytes rather than bits by @tatsuhiro-t in #1056
Initial and Handshake packets are immediately acknowledged by @tatsuhiro-t in #1057
Refactor by @tatsuhiro-t in #1058
examples: Print remote HTTP/3 settings by @tatsuhiro-t in #1059
Fix assertion failure on immediate migration by @tatsuhiro-t in #1060
Add ngtcp2_window_filter tests by @tatsuhiro-t in #1061
Fix gcc-13 warning by @tatsuhiro-t in #1062
Fix persistent congestion by @tatsuhiro-t in #1064
Port missing changes to h09server by @tatsuhiro-t in #1065
Fix typo by @tatsuhiro-t in #1066
Update docker by @tatsuhiro-t in #1067
Fix docker build-arg by @tatsuhiro-t in #1069
Revert “Send RESET_STREAM if stream is reset by client” by @tatsuhiro-t in #1071
Return early when STOP_SENDING is received more than once by @tatsuhiro-t in #1072
Do not send STOP_SENDING if RESET_STREAM has been received by @tatsuhiro-t in #1073
Update doc by @tatsuhiro-t in #1074
wolfssl: Just use QUIC v1 transport parameter codepoint by @tatsuhiro-t in #1075
wolfssl: Disable ECH by @tatsuhiro-t in #1076
Bump boringssl by @tatsuhiro-t in #1077
Bump picotls by @tatsuhiro-t in #1078
Remove sample_offset field from ngtcp2_ppe by @tatsuhiro-t in #1079
ci: Build and verify aws-lc flavored builds by @tatsuhiro-t in #1080
Update boringssl build procedure by @tatsuhiro-t in #1081
Bump aws-lc to v1.20.0 by @tatsuhiro-t in #1082
Update doc by @tatsuhiro-t in #1083

nghttp2 1.59.0:
Bump clang to 15 by @tatsuhiro-t in #1986
Bump clang format by @tatsuhiro-t in #1987
Bump quictls to 3.1.4+quic by @tatsuhiro-t in #1988
Update ax_cxx_compile_stdcxx.m4 by @tatsuhiro-t in #1989
nghttpx: Prefer FILE_NAME if defined by @tatsuhiro-t in #1990
Add API to get and parse RFC 9218 priority by @tatsuhiro-t in #1991
nghttpx: Propagate stream priority from backend to frontend by @tatsuhiro-t in #1992
Check whether CLOCK_MONOTONIC is declared by @tatsuhiro-t in #1995
Bump go packages by @tatsuhiro-t in #2001
cmake: Remove itprep target by @tatsuhiro-t in #2002
h2load: Fix IPv6 address in :authority by @tatsuhiro-t in #2000
Bump ngtcp2 and nghttp3 by @tatsuhiro-t in #2006
Bump libbpf to v1.3.0 by @tatsuhiro-t in #2007
Use nghttp3_pri_parse_priority added since nghttp3 v1.1.0 by @tatsuhiro-t in #2008
cmake: Set minimum quic package versions by @tatsuhiro-t in #2009
Use #include <windows.h> instead of #include <sysinfoapi.h> by @hrxi in #1997
build(deps): bump actions/setup-go from 4 to 5 by @dependabot in #2010
cmake: bring back ENABLE_STATIC_CRT by @bwncp in #2011
Avoid detecting OpenSSL 3.2 as quictls by @tatsuhiro-t in #2012
build(deps): bump from 0.15.0 to 0.17.0 by @dependabot in #2015
build(deps): bump actions/upload-artifact from 3 to 4 by @dependabot in #2014
src: Support building with aws-lc by @tatsuhiro-t in #2013
boringssl has SSL_CTX_set1_groups_list by @tatsuhiro-t in #2016
Drop old OpenSSL support by @tatsuhiro-t in #2017
Drop old OpenSSL support part 2 by @tatsuhiro-t in #2019
Remove NPN by @tatsuhiro-t in #2020
Remove by @tatsuhiro-t in #2021
cmake: Require OpenSSL >= 1.1.1 by @tatsuhiro-t in #2022
nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data by @tatsuhiro-t in #2023
App fix by @tatsuhiro-t in #2024
nghttpx: Remove a trailing whitespace by @tatsuhiro-t in #2025
H2load header ttfb fix by @tatsuhiro-t in #2026
Not finding packages when ENABLE_LIB_ONLY is set by @anthonyalayo in #2027
Have less stuff in config.h by @hrxi in #1996
Update minimum CMake version to 3.5 by @anthonyalayo in #2030
build(deps): bump from 0.35.1 to 0.37.7 by @dependabot in #2032
Fix typo by @tatsuhiro-t in #2033
Specify DEBIAN_FRONTEND=noninteractive by @tatsuhiro-t in #2034
Revert “nghttpx: Shutdown h3 stream write if reset by a remote endpoint” by @tatsuhiro-t in #2036
ci: Add aws-lc builds by @tatsuhiro-t in #2037
Bump go modules by @tatsuhiro-t in #2038
Bump neverbleed by @tatsuhiro-t in #2039
Bump go-nghttp2 and go mod tidy by @tatsuhiro-t in #2040
Bump ngtcp2 to v1.2.0 by @tatsuhiro-t in #2041
src: Avoid copies by @tatsuhiro-t in #2042