Bayan shekara guda na ci gaba sabon reshe barga na uwar garken HTTP mai girma da sabar wakili na multiprotocol , wanda ke ɗaukar sauye-sauyen da aka tara a cikin babban reshe 1.15.x. A nan gaba, duk canje-canje a cikin tsayayyen reshe 1.16 za su kasance da alaƙa da kawar da manyan kurakurai da lahani. Ba da daɗewa ba za a kafa babban reshe na nginx 1.17, wanda a ciki za a ci gaba da haɓaka sabbin abubuwa. Ga masu amfani na yau da kullun waɗanda ba su da aikin tabbatar da dacewa da samfuran ɓangare na uku, yi amfani da babban reshe, a kan wanda aka samar da fitar da samfurin kasuwanci Nginx Plus kowane wata uku.
Mafi kyawun ingantaccen haɓakawa da aka ƙara yayin haɓaka reshe na sama na 1.15.x:
- Ƙara ikon yin amfani da masu canji a cikin ' umarni'kuma'', wanda za'a iya amfani dashi don ɗaukar takaddun shaida;
- Ƙara ikon ɗaukar takaddun shaida na SSL da maɓallan sirri daga masu canji ba tare da amfani da fayilolin matsakaici ba;
- A cikin block"» aiwatar da sabon umarni»“, tare da taimakon wanda zaku iya tsara ma'auni na kaya tare da zaɓin bazuwar sabar don tura haɗin;
- A cikin module m aiwatar ,
wanda ke ƙayyade mafi girman sigar SSL/TLS yarjejeniya wanda abokin ciniki ke goyan bayan. Mai canzawa yana ba da izini don samun dama ta amfani da ka'idoji daban-daban tare da kuma ba tare da SSL ta hanyar tashar yanar gizo ɗaya lokacin da ke ba da izinin zirga-zirga ta amfani da samfuran http da rafi. Misali, don tsara hanyar shiga ta hanyar SSH da HTTPS ta tashar jiragen ruwa ɗaya, ana iya tura tashar jiragen ruwa 443 ta tsohuwa zuwa SSH, amma idan an ayyana sigar SSL, tura zuwa HTTPS. - An ƙara sabon maɓalli a cikin tsarin sama"", wanda ke nuna adadin bytes da aka canjawa wuri zuwa uwar garken rukuni;
- Ku module a cikin zama ɗaya, an ƙara ikon aiwatar da bayanai na UDP masu shigowa da yawa daga abokin ciniki;
- Umarni"", yana ƙayyade adadin bayanan da aka karɓa daga abokin ciniki, bayan isa wanda aka cire haɗin tsakanin abokin ciniki da zaman UDP na yanzu. Bayan karɓar ƙayyadadden adadin bayanai, bayanan na gaba da aka karɓa daga wannan abokin ciniki ya fara sabon zama;
- Umarnin sauraron yanzu yana da ikon tantance kewayon tashar jiragen ruwa;
- An ƙara umarni"»don kunna yanayin lokacin amfani da TLSv1.3, wanda ke ba ka damar adana sigogin haɗin TLS da aka yi shawarwari a baya kuma rage adadin RTTs zuwa 2 lokacin da aka ci gaba da haɗin da aka kafa a baya;
- An ƙara sabbin umarni don saita keepalive don haɗin kai masu fita (kunna ko kashe zaɓin SO_KEEPALIVE na soket):
- «"- yana daidaita halayen "TCP keepalive" don haɗin kai mai fita zuwa uwar garken wakili;
- «"- yana daidaita halayen "TCP keepalive" don haɗin kai zuwa uwar garken FastCGI;
- «"- yana daidaita halayen "TCP keepalive" don haɗin kai zuwa uwar garken gRPC;
- «"- yana daidaita halayen "TCP keepalive" don haɗin kai zuwa uwar garken da aka ɓoye;
- «"- yana daidaita halayen "TCP keepalive" don haɗin kai zuwa uwar garken SCGI;
- «"- yana daidaita halayen "TCP keepalive" don haɗin kai mai fita zuwa uwar garken uwsgi.
- A cikin umarnin" ya kara sabon siga "jinkiri", wanda ke saita iyaka bayan haka ana jinkirin buƙatun buƙatun;
- Sabbin umarni "keepalive_timeout" da "keepalive_requests" an ƙara su zuwa "tushe" don saita iyaka don Keepalive;
- An soke umarnin "ssl", wanda aka maye gurbinsa da ma'aunin "ssl" a cikin umarnin "saurara". Ana gano takaddun takaddun SSL da suka ɓace a matakin gwajin sanyi lokacin amfani da umarnin “saurara” tare da sigar “ssl” a cikin saitunan;
- Lokacin amfani da umarnin haɗin reset_timedout_connection, haɗin haɗin yanzu yana rufe tare da lambar 444 lokacin da lokacin ƙarewar ya ƙare;
- Kurakurai SSL "buƙatar http", "buƙatun wakili na https", "ƙa'idar da ba ta da tallafi" da "sigar ta yi ƙasa sosai" yanzu ana nuna su a cikin log ɗin tare da matakin "bayani" maimakon "crit";
- Ƙara goyon baya don hanyar jefa kuri'a akan tsarin Windows lokacin amfani da Windows Vista da kuma daga baya;
- Yiwuwar amfani lokacin gini tare da ɗakin karatu na BoringSSL, ba kawai OpenSSL ba.
source: budenet.ru