nginx.git, branch release-1.27.2

nginx-1.27.2-RELEASE

2024-10-02T15:13:19+00:00

Updated OpenSSL used for win32 builds.

2024-10-02T15:13:19+00:00

SSL: caching CA certificates.

2024-10-01T13:59:24+00:00

This can potentially provide a large amount of savings,
because CA certificates can be quite large.

Based on previous work by Mini Hawthorne.

SSL: caching CRLs.

2024-10-01T13:59:24+00:00

Based on previous work by Mini Hawthorne.

SSL: caching certificate keys.

2024-10-01T13:59:24+00:00

EVP_KEY objects are a reference-counted container for key material, shallow
copies and OpenSSL stack management aren't needed as with certificates.

Based on previous work by Mini Hawthorne.

SSL: caching certificates.

2024-10-01T13:59:24+00:00

Certificate chains are now loaded once.

The certificate cache provides each chain as a unique stack of reference
counted elements.  This shallow copy is required because OpenSSL stacks
aren't reference counted.

Based on previous work by Mini Hawthorne.

SSL: object caching.

2024-10-01T13:59:24+00:00

Added ngx_openssl_cache_module, which indexes a type-aware object cache.
It maps an id to a unique instance, and provides references to it, which
are dropped when the cycle's pool is destroyed.

The cache will be used in subsequent patches.

Based on previous work by Mini Hawthorne.

SSL: moved certificate storage out of exdata.

2024-10-01T13:59:24+00:00

Instead of cross-linking the objects using exdata, pointers to configured
certificates are now stored in ngx_ssl_t, and OCSP staples are now accessed
with rbtree in it.  This allows sharing these objects between SSL contexts.

Based on previous work by Mini Hawthorne.

Fixed a typo of bpf makefile debug option.

2024-09-24T14:58:30+00:00

Added new primary README.md file.

2024-09-20T16:57:11+00:00