www/freenginx-devel: update from 1.27.2 to 1.29.2

Due to changes in freenginx core several third-party modules are
required additional patching.

<ChangeLog>

Changes with freenginx 1.29.2                                    23 Sep 2025

    *) Feature: support for the Encrypted Client Hello (ECH) extension of
       the TLS 1.3 protocol.

Changes with freenginx 1.29.1                                    26 Aug 2025

    *) Change: now responses from proxied servers over HTTP/0.9 are rejected
       as invalid by default; the "proxy_allow_http09" directive allows
       processing of such responses.

    *) Change: stricter syntax checks are now applied to the "Host" request
       header line.

    *) Feature: now interim 1xx responses of proxied servers are ignored.

    *) Feature: certificates for IP addresses are now supported when
       verifying backend SSL certificates.

    *) Feature: the "proxy_allow_duplicate_chunked" directive.
       Thanks to Gennady Bekasov.

    *) Bugfix: when using a host name in the request line, the "_" and some
       other characters were not allowed, as well as zone identifiers in
       IPv6 addresses.

    *) Workaround: "shutdown() failed (22: Invalid argument)" alerts might
       appear in logs on NetBSD.

    *) Bugfix: in the mail proxy module.

Changes with freenginx 1.29.0                                    08 Jul 2025

    *) Change: the "directio" directive now works when returning responses
       from cache.

    *) Change: the "limit_rate" directive now uses the leaky bucket
       algorithm, allowing more accurate enforcement of the specified rate;
       the "limit_rate_after" directive specifies the allowed size of
       traffic bursts.

    *) Change: the $request_time variable now remains correct on system time
       changes.

    *) Feature: the "send_min_rate" and "client_body_min_rate" directives.

    *) Feature: the "limit_rate" and "limit_rate_after" directives in the
       mail proxy module.

    *) Feature: the "lingering_close", "lingering_time", and
       "lingering_timeout" directives in the mail proxy module.

    *) Feature: connection limiting in the mail proxy module.

    *) Workaround: the "send_timeout" directive might not work when the
       kernel TCP memory limit was reached on Linux.

    *) Workaround: gcc 15.1 compatibility.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "proxy_ssl_password_file" directive was used in the stream module;
       the bug had appeared in 1.23.1.

    *) Bugfix: a segmentation fault might occur in a worker process on
       shutdown; the bug had appeared in 1.27.2.

    *) Bugfix: in the "open_file_cache" directive.

Changes with freenginx 1.27.6                                    15 Apr 2025

    *) Workaround: the X25519MLKEM768 group name was not shown in the
       $ssl_curve and $ssl_curves variables when using OpenSSL 3.5.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "proxy_ssl_password_file" directive was used along with variables in
       the "proxy_ssl_certificate" or "proxy_ssl_certificate_key"
       directives; the bug had appeared in 1.23.1.

Changes with freenginx 1.27.5                                    08 Apr 2025

    *) Feature: the "multipath" parameter of the "listen" directive.
       Thanks to Maxime Dourov and Anthony Doeraene.

    *) Change: SSL session reuse is no longer allowed between servers with
       different certificates set by the "ssl_trusted_certificate" directive
       if client SSL certificate verification is enabled.

    *) Workaround: when using TLSv1.3 with OpenSSL 1.1.1e or newer, it was
       possible to reuse an SSL session in a different virtual server
       context, notably with different certificates set by the
       "ssl_client_certificate" directive.

    *) Workaround: "gzip filter failed to use preallocated memory" alerts
       appeared in logs when using zlib-ng.

Changes with freenginx 1.27.4                                    03 Sep 2024

    *) Feature: the $ssl_client_fingerprint_sha256 variable.

    *) Feature: the "Auth-SSL-Fingerprint-SHA256 header line is now passed
       to the mail proxy authentication server.

    *) Change: MIME type for the "js" extension has been changed to
       "text/javascript", the "mjs" extension now uses the "text/javascript"
       MIME type, and the "md" and "markdown" extensions now use the
       "text/markdown" MIME type; the default value of the "charset_types"
       directive now includes "text/javascript" and "text/markdown".

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_mp4_module was used; the bug had appeared in 1.5.13.

    *) Bugfix: a segmentation fault might occur in a worker process when
       handling requests with the "Expect: 100-continue" request header
       line; the bug had appeared in 1.27.0.

Changes with freenginx 1.27.3                                    13 Aug 2024

    *) Change: now the "Age" backend response header line is taken into
       account when caching.
       Thanks to Hiroaki Nakamura.

    *) Feature: the $upstream_cache_age variable.

    *) Change: during graceful shutdown of old worker processes keepalive
       connections are now closed only after timeout specified with the
       "lingering_timeout" directive expires.

    *) Feature: improvements in building on Windows.

</ChangeLog>

0 files changed, 0 insertions, 0 deletions