The official NGINX Open Source repository.

Roman Arutyunyan 0c0f340554 QUIC: ignore duplicate PATH_CHALLENGE frames. ... According to RFC 9000, an endpoint SHOULD NOT send multiple PATH_CHALLENGE frames in a single packet. The change adds a check to enforce this claim to optimize server behavior. Previously each PATH_CHALLENGE always resulted in a single response datagram being sent to client. The effect of this was however limited by QUIC flood protection. Also, PATH_CHALLENGE is explicitly disabled in Initial and Handshake levels, see RFC 9000, Table 3. However, technically it may be sent by client in 0-RTT over a new path without actual migration, even though the migration itself is prohibited during handshake. This allows client to coalesce multiple 0-RTT packets each carrying a PATH_CHALLENGE and end up with multiple PATH_CHALLENGEs per datagram. This again leads to suboptimal behavior, see above. Since the purpose of sending PATH_CHALLENGE frames in 0-RTT is unclear, these frames are now only allowed in 1-RTT. For 0-RTT they are silently ignored.		2023-11-22 14:48:12 +04:00
auto	SSL: avoid using OpenSSL config in build directory (ticket #2404).	2023-06-21 01:29:53 +03:00
conf	MIME: added image/avif type.	2021-10-25 20:49:15 +03:00
contrib	Contrib: vim syntax, update core and 3rd party module directives.	2023-07-24 18:04:41 +03:00
docs	nginx-1.25.3-RELEASE	2023-10-24 16:46:46 +03:00
misc	Updated OpenSSL and zlib used for win32 builds.	2023-10-23 21:50:26 +03:00
src	QUIC: ignore duplicate PATH_CHALLENGE frames.	2023-11-22 14:48:12 +04:00
.hgtags	release-1.25.3 tag	2023-10-24 16:46:47 +03:00