Kutulutsidwa kwa nthambi yayikulu ya nginx 1.29.2 kwasindikizidwa, momwe chitukuko cha zinthu zatsopano chikupitilira. Mofananamo, nthambi yokhazikika 1.28.x imathandizidwa, kusintha kokha kokhudzana ndi kuthetsa zolakwika zazikulu ndi zofooka zimapangidwa. M'tsogolomu, nthambi yokhazikika 1.29 idzakhazikitsidwa pamaziko a nthambi yaikulu 1.30.x. Khodi ya projekitiyo imalembedwa mu C ndipo imagawidwa pansi pa layisensi ya BSD.
M'kutulutsa kwatsopano:
- Anawonjezera luso lomanga ndi laibulale ya cryptographic ya AWS-LC, yopangidwa ndi Amazon.
- Vuto la malangizo a "ssl_protocols" lathetsedwa. seva yeniyeni, kupatula seva yokhazikika. Vutoli lidachitika pogwiritsa ntchito OpenSSL 1.1.1 ndi ma installs ena omwe akubwera pambuyo pake.
- Tinakonza kulephera kolankhulirana kwa TLSv1.3 pamasinthidwe ndi OpenSSL ndi ma satifiketi a kasitomala. Kulephera kunachitika poyambiranso gawo ndi mtengo wosiyana wa SNI.
- Tinakonza cholakwika chomwe chinapangitsa kuti "kunyalanyaza zolakwika zapadziko lonse za SSL" kulowetsedwa mukamagwiritsa ntchito protocol ya QUIC ndi malangizo a "ssl_reject_handshake".
- Tinakonza vuto ndikusamalira zotengera nthawi mu Cache-Control HTTP mutu wobwezedwa ndi backend.
- Kugwiritsa ntchito xtext encoding mu lamulo la XCLIENT kwakhazikitsidwa.
- Konzani vuto la caching Zikalata za TLS panthawi yokonzanso.
Kuphatikiza apo, ndikofunikira kudziwa kutulutsidwa kwa FreeNginx 1.29.2, mphanda wa Nginx. Kukula kwa foloko kumatsogozedwa ndi a Maxim Dunin, m'modzi mwa oyambitsa ma Nginx. FreeNginx imadziyika ngati pulojekiti yosachita malonda, kuwonetsetsa kuti Nginx codebase ikukula popanda kusokonezedwa ndi makampani. Khodi ya FreeNginx ikupitilizabe kukhala ndi chilolezo pansi pa layisensi ya BSD. Zosintha mu FreeNginx 1.29.2 zikuphatikizanso kuwonjezera kwa chithandizo cha ECH (Encrypted Client Hello) TLS extension.
Source: opennet.ru
