nginx.git, branch release-1.29.2 nginx nginx-1.29.2-RELEASE 2025-10-07T17:04:07+00:00 Sergey Kandaurov pluknet@nginx.com 2025-10-07T12:46:15+00:00 7f71abdd14769d633457f1e7e182de3dc98c1fb8 






Fixed a typo.
2025-10-07T17:04:07+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-10-07T13:05:09+00:00

9d5cdc616c2411e6a5322eebea53aac85c8b665b












SSL: fixed "key values mismatch" with object cache inheritance.
2025-10-06T08:56:42+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-05-29T13:49:48+00:00

a144d828cb70f788e2f8b06e820af95ae2e28f75

In rare cases, it was possible to get into this error state on reload
with improperly updated file timestamps for certificate and key pairs.

The fix is to retry on X509_R_KEY_VALUES_MISMATCH, similar to 5d5d9adcc.
Additionally, loading SSL certificate is updated to avoid certificates
discarded on retry to appear in ssl->certs and in extra chain.





In rare cases, it was possible to get into this error state on reload
with improperly updated file timestamps for certificate and key pairs.

The fix is to retry on X509_R_KEY_VALUES_MISMATCH, similar to 5d5d9adcc.
Additionally, loading SSL certificate is updated to avoid certificates
discarded on retry to appear in ssl->certs and in extra chain.







Added F5 CLA workflow.
2025-09-30T18:44:52+00:00

Maryna-f5
84339011+Maryna-f5@users.noreply.github.com

2025-09-25T19:51:40+00:00

c2a266fa7859bf4dc242a1b029077b72afe93184












Mail: xtext encoding (RFC 3461) in XCLIENT LOGIN.
2025-09-26T13:04:20+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-09-11T14:23:10+00:00

6f81314a070201afc4e25b975b1f915698cff634

The XCLIENT command uses xtext encoding for attribute values,
as specified in https://www.postfix.org/XCLIENT_README.html.

Reported by Igor Morgenstern of Aisle Research.





The XCLIENT command uses xtext encoding for attribute values,
as specified in https://www.postfix.org/XCLIENT_README.html.

Reported by Igor Morgenstern of Aisle Research.







Upstream: overflow detection in Cache-Control delta-seconds.
2025-09-26T12:50:13+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-09-10T14:39:52+00:00

8255bd29ac9a7bcdc317a8889420554e00d435cb

Overflowing calculations are now aligned to the greatest positive integer
as specified in RFC 9111, Section 1.2.2.





Overflowing calculations are now aligned to the greatest positive integer
as specified in RFC 9111, Section 1.2.2.







SSL: AWS-LC compatibility.
2025-09-25T15:28:36+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-07-30T12:26:21+00:00

93ff1ee12cd33ea978fbc331988ce265b14fbdab












QUIC: a new macro to differentiate BoringSSL specific EVP API.
2025-09-25T15:28:36+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-07-30T12:23:43+00:00

af436c58ca388b9926b17f8c3929ae2b343e4019












QUIC: localized OpenSSL headers used for QUIC protection.
2025-09-25T15:28:36+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-07-30T12:09:21+00:00

4c9ae11dff0da5ae76c0e4b6571ce30f7f8024bc












SNI: support for early ClientHello callback with BoringSSL.
2025-09-25T15:25:08+00:00

Sergey Kandaurov
pluknet@nginx.com

2025-09-22T15:55:16+00:00

7f9ced0ce0d70ae60f46ef3ed759efa75e711db4

This brings feature parity with OpenSSL after the previous change,
making it possible to set SSL protocols per virtual server.





This brings feature parity with OpenSSL after the previous change,
making it possible to set SSL protocols per virtual server.