diff --git a/CHANGES.cn b/CHANGES.cn index 399a4b640f..1af7a9ccba 100644 --- a/CHANGES.cn +++ b/CHANGES.cn @@ -1,3 +1,28 @@ +Tengine 3.1.0 [2023-10-27] +* Security: 修复HTTP2安全漏洞CVE-2023-44487 (lianglli) +* Feature: 基于tengine-ingress,允许动态配置不同域名的多个TLS协议版本 (lianglli) +* Feature: 基于tengine-ingress,允许动态配置基于多个Header值的高级路由 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许动态配置基于多个Cookie值的高级路由 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许动态配置基于多个Query参数值的高级路由 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许动态配置基于Header取模的高级路由 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许动态配置基于Cookie取模的高级路由 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许动态配置基于Query取模的高级路由 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许高级路由动态配置流量染色,请求消息增加Header (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许高级路由动态配置流量染色,请求消息追加Header (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许高级路由动态配置流量染色,请求消息增加Query参数 (lianglli, dreamwind1985) +* Feature: 基于tengine-ingress,允许高级路由动态配置流量染色,响应消息增加Header (lianglli, dreamwind1985) +* Feature: 新增listen选项https_allow_http,允许TLS端口处理HTTP请求 (drawing) +* Feature: 新增ngx_http_debug_conn_module模块,调试连接信息 (hongxiaolong) +* Bugfix: 修复HTTP/3 Lua模块证书回调问题 (drawing) +* Bugfix: 修复HTTP/3 XQUIC模块连接句柄泄漏问题 (dreamwind1985) +* Bugfix: 修复HTTP/3 XQUIC模块静态证书匹配问题 (lurker-Chen) +* Bugfix: 修复HTTP/3 XQUIC模块调用ngx_http_find_virtual_server的crash问题 (morf) +* Bugfix: 修复异步SSL模块使用thread_pool的crash问题 (zhsnew) +* Bugfix: 修复ngx_http_grpc_module模块使用ngx_tongsuo_ntls的编译问题 (dongbeiouba) +* Bugfix: 修复ngx_http_debug_conn_module模块的单元测试问题 (chobits) +* Bugfix: 修复ngx_getcpuinfo的日志问题 (fuchencong) + + Tengine 3.0.0 [2023-07-06] * Feature: 支持域名,证书,路由的动态无损生效 [tengine-ingress] (drawing, lianglli) * Feature: 支持HTTP/3 (QUIC v1和draft-29)[XQUIC] (lurker-Chen, Kulsk, lianglli) diff --git a/CHANGES.te b/CHANGES.te index a51854a9bb..62bf47c380 100644 --- a/CHANGES.te +++ b/CHANGES.te @@ -1,3 +1,50 @@ +Changes with Tengine 3.1.0 27 Oct 2023 + + *) Security: fixed HTTP2 CVE-2023-44487 [lianglli] + + *) Feature: dynamically configure different TLS protocols for different server names without tengine reload based on tengine-ingress [lianglli] + + *) Feature: dynamically configure HTTP routes based on multiple values of a specific header without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes based on multiple values of a specific cookie without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes based on multiple values of a specific query parameter without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes based on the modulo operation for a specific header without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes based on the modulo operation for a specific cookie without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes based on the modulo operation for a specific query parameter without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes to add custom headers to the HTTP request without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes to append custom headers to the HTTP request without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes to add query parameter to the HTTP request without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: dynamically configure HTTP routes to add custom headers to the HTTP response without tengine reload based on tengine-ingress [lianglli, dreamwind1985] + + *) Feature: add new option https_allow_http of listen for receiving HTTP traffic on the TLS listener (drawing) + + *) Feature: add new module ngx_http_debug_conn_module for debugging connection info (hongxiaolong) + + *) Bugfix: fixed HTTP/3 Lua callback issue (drawing) + + *) Bugfix: fixed FD leak issue in HTTP/3 XQUIC module (dreamwind1985) + + *) Bugfix: fixed certificate matching issue with static configuration file in HTTP/3 XQUIC module (lurker-Chen) + + *) Bugfix: fixed crash for calling ngx_http_find_virtual_server in the HTTP/3 XQUIC module (morf) + + *) Bugfix: fixed crash for using thread_pool in SSL asynchronous mode (zhsnew) + + *) Bugfix: fixed compilation error of ngx_http_grpc_module with ngx_tongsuo_ntls (dongbeiouba) + + *) Bugfix: fixed test case issues of new module ngx_http_debug_conn_module (chobits) + + *) Bugfix: fixed log error of ngx_getcpuinfo (fuchencong) + + Changes with Tengine 3.0.0 06 Jul 2023 *) Feature: dynamically reconfigure the servers, locations and upstreams without reloading or restarting worker processes [tengine-ingress] (drawing, lianglli) diff --git a/README.markdown b/README.markdown index 750c789447..f2398a095e 100644 --- a/README.markdown +++ b/README.markdown @@ -22,11 +22,15 @@ Tengine has been an open source project since December 2011. It is being activel ## Features * All features of nginx-1.24.0 are inherited, i.e., it is 100% compatible with nginx. -* Dynamically reconfigure the servers, locations and upstreams without reloading or restarting worker processes with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure the servers, locations and upstreams without reloading or restarting worker processes with [tengine-ingress](https://github.com/alibaba/tengine-ingress). * HTTP/3 support (QUIC v1 and draft-29) with [xquic](https://github.com/alibaba/xquic). * High-speed UDP transmission with kernel-bypass. -* Dynamically reconfigure routing based on standard and custom HTTP headers, header value, and weights with [tengine-ingress](https://github.com/alibaba/tengine-ingress). -* Dynamically reconfigure timeout setting, SSL Redirects, CORS and enabling/disabling robots for the server and location with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure different TLS protocols for different server names with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure timeout setting, SSL Redirects, CORS and enabling/disabling robots for the server and location with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure HTTP routing based on multiple values of a specific header, cookie or query parameter with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure HTTP routing based on multiple upstream according to weight with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure HTTP routing to add/append custom header or add query parameter in the HTTP request to the upstream with [tengine-ingress](https://github.com/alibaba/tengine-ingress). +* Dynamically configure HTTP routing to add custom header in the HTTP response to the client with [tengine-ingress](https://github.com/alibaba/tengine-ingress). * Support the CONNECT HTTP method for forward proxy. * Support asynchronous OpenSSL, using hardware such as QAT for HTTPS acceleration. * Enhanced operations monitoring, such as asynchronous log & rollback, DNS caching, memory usage, etc. @@ -45,6 +49,8 @@ Tengine has been an open source project since December 2011. It is being activel * Enhanced diagnostic information makes it easier to troubleshoot errors. * More user-friendly command lines, e.g., showing all compiled-in modules and supported directives. * Expiration times can be specified for certain MIME types. +* Receives HTTP traffic on the TLS listener with option. +* Debugging HTTP connection usage. * ... ## Installation diff --git a/src/core/nginx.h b/src/core/nginx.h index 9323d977dd..c63fabfe2f 100644 --- a/src/core/nginx.h +++ b/src/core/nginx.h @@ -14,8 +14,8 @@ #define NGINX_VER "nginx/" NGINX_VERSION #define TENGINE "Tengine" -#define tengine_version 3000000 -#define TENGINE_VERSION "3.0.0" +#define tengine_version 3001000 +#define TENGINE_VERSION "3.1.0" #define TENGINE_VER TENGINE "/" TENGINE_VERSION #ifdef NGX_BUILD