Comments (7)
@skrlance client side QUIC support in recent releases of OpenSSL has nothing to do with NGINX, because it's a web server, not a client. If you must use packages, I'd recommend looking into GetPageSpeed's NGINX Extras. It's a paid repo overall, but I'm using Fedora Linux and it's free. They use QuicTLS for full QUIC support.
from nginx-more.
Hello,
nginx-more is based on last version of OpenSSL which isn't supporting HTTP/3 yet.
I would have to switch to BoringSSL but I prefer to stay with OpenSSL.. for now.
I will implement it as soon as it supported, soon hopefully!
from nginx-more.
looks like openssl 3.4 will have full QUIC, no dates on when this will be tho. but it progress.
https://www.openssl.org/roadmap.html
from nginx-more.
Karl, why don't we now compile nginx-more with Openssl 3.2 that has client side QUIC support?
from nginx-more.
Hi @skrlance sure, I pushed a build with OpenSSL 3.2, seems to works. Although I think full implementation will be done with 3.4.
from nginx-more.
As per the info, upcoming NGINX 1.26 stable possibly on April will support http3 without requiring OpenSSL to support it. Till then Karl why don't you compile one now with OpenSSL 3.2 just to experiment. Although, I am not sure how client side QUIC works on NGINX!
from nginx-more.
Hi @skrlance, I pushed a build with OpenSSL 3.2.1 in aeris-testing repo;
Installed Packages
Name : nginx-more
Version : 1.24.0
Release : 5.el8
Architecture : x86_64
Size : 19 M
Source : nginx-more-1.24.0-5.el8.src.rpm
Repository : @System
From repo : aeris-testing
Summary : A high performance web server and reverse proxy server
URL : http://nginx.org/
nginx version: nginx/1.24.0
custom build maintained on github.com/karljohns0n/nginx-more
built by gcc 8.5.0 20210514 (Red Hat 8.5.0-20) (GCC)
built with OpenSSL 3.2.1 30 Jan 2024
TLS SNI support enabled
configure arguments: --prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/cache/client_body --http-proxy-temp-path=/var/lib/nginx/cache/proxy --http-fastcgi-temp-path=/var/lib/nginx/cache/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/cache/uwsgi --http-scgi-temp-path=/var/lib/nginx/cache/scgi --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --user=nginx --group=nginx --with-compat --with-file-aio --with-http_ssl_module --with-http_realip_module --with-http_addition_module --with-http_image_filter_module --with-http_sub_module --with-http_dav_module --with-http_flv_module --with-http_mp4_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_geoip_module --with-http_random_index_module --with-http_secure_link_module --with-http_degradation_module --with-http_stub_status_module --with-http_auth_request_module --with-http_xslt_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-threads --with-stream --with-stream_ssl_module --with-stream_realip_module --with-http_slice_module --with-stream_ssl_preread_module --with-debug --with-cc-opt='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -DTCP_FASTOPEN=23' --with-openssl=modules/openssl-3.2.1 --with-openssl-opt=enable-ktls --with-http_v2_hpack_enc --add-dynamic-module=modules/ngx_modsecurity-1.0.3 --add-module=modules/ngx_pagespeed-1.13.35.2 --add-module=modules/ngx_headers_more-0.37 --add-module=modules/ngx_cache_purge-2.3 --add-module=modules/ngx_brotli-1.0.0rc-2-g6e97 --add-module=modules/ngx_module_vts-0.2.2 --add-module=modules/ngx_http_geoip2_module-3.4 --add-module=modules/ngx_echo-0.63
from nginx-more.
Related Issues (20)
- Nginx-more on Debian 10 - Not an issue, more of a question. HOT 3
- arm support HOT 4
- Rocky Linux HOT 2
- add the spec file for modsecurity-ngix HOT 1
- Bump to Nginx 1.21.4 HOT 1
- Enable kTLS HOT 4
- ModSecurity Module and Configuration
- Cannot configurable limit on depth of JSON parsing HOT 3
- Consider Updating HOT 4
- el9 support HOT 9
- SSL handshake failed
- nginx-more docker image HOT 4
- how can i enable TLSv1.0 and TLSv 1.1 on nginx-more-1.22? HOT 5
- Pagespeed Module Not Updated
- nginx-more-1.22.1-1.el8.x86_64 breaks ngx_cache_purge HOT 6
- Unable to build as public sources are not referenced in the spec file HOT 5
- NGINX-more v1.24 Stable Update HOT 12
- Support for Debian HOT 1
- 1.26.0 Update Required
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from nginx-more.