File nghttp2.changes of Package nghttp2

-------------------------------------------------------------------
Wed Jun 25 10:43:02 UTC 2025 - Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>

- Ship manpages together with binaries
- Ship documentation in previously dangling doc subpackage

-------------------------------------------------------------------
Mon Jun 23 05:49:03 UTC 2025 - Dirk Müller <dmueller@suse.com>

- update to 1.66.0:
  * Bump github.com/quic-go/quic-go to v0.50.0
  * build(deps): bump golang.org/x/net from 0.35.0 to 0.37.0
  * h2load: Check the return value from OBJ_nid2sn
  * build(deps): bump golang.org/x/net from 0.37.0 to 0.38.0
  * Remove go toolchain
  * build(deps): bump github.com/quic-go/quic-go from 0.50.0 to
    0.50.1
  * nghttpx: Close h1 connection on CONNECT failure
  * doc:rubydomain: Fix build failure with rubydomain namespace
  * Update integration tests
  * quic: Use secure random generator for ngtcp2_rand
  * Revert "quic: Use secure random generator for ngtcp2_rand"
  * quic: Use secure random generator for ngtcp2_rand
  * GHA: Replace macos-13 with macos-15
  * build(deps): bump golang.org/x/net from 0.38.0 to 0.39.0
  * Bump ngtcp2
  * nghttpx: Refactor QUIC packet write
  * h2load: Refactor QUIC packet write path
  * nghttpx: Adopt std::span::first
  * Rewrite util::quote_string
  * Rewrite util::utos functions
  * Rewrite util::decode_hex
  * Make util::format_hex constexpr
  * Remove util::inp_strlower in favor of util::tolower
  * Refactor util::make_http_hostport and util::make_hostport
  * Refine output iterator requirements
  * Make base64 encoder/decoder constexpr
  * Optimize util::utos
  * Optimize util::format_hex
  * Optimize util::utox
  * Disallow array to substitute R &&
  * Revert "nghttpx: No need to capitalize HTTP/1.1 field name"
  * Refactor http2::capitalize
  * Bump quic-go to v0.52.0
  * nghttpx: Fix integral logging is always done in 64 bits
    integer

-------------------------------------------------------------------
Sun Jun 22 13:45:05 UTC 2025 - Georg Pfuetzenreuter <mail+rpm@georg-pfuetzenreuter.net>

- Build with HTTP/3 support
- Tidy up spec file

-------------------------------------------------------------------
Sat Apr  5 13:58:34 UTC 2025 - Friedrich Haubensak <hsk17@mail.de>

- version update to 1.65.0
  * Change clang-format options by @tatsuhiro-t in #2240
  * build(deps): bump github.com/quic-go/quic-go from 0.46.0 to 0.47.0 by @dependabot in #2243
  * build(deps): bump golang.org/x/net from 0.28.0 to 0.29.0 by @dependabot in #2244
  * nghttp2_map: Port ngtcp2 changes by @tatsuhiro-t in #2245
  * h2load: Fix UDP datagram send/recv metric by @tatsuhiro-t in #2248
  * build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 by @dependabot in #2252
  * fix race condition on h1 connection close by @TuxInvader in #2249
  * Gha ubuntu 24.04 by @tatsuhiro-t in #2254
  * GHA: Run tests for i686-w64-mingw32 host by @tatsuhiro-t in #2255
  * cmake: Fix c-ares v1.34.0 version detection failure by @tatsuhiro-t in #2256
  * fix: -Wextra-semi errors in nghttp2_helper.h by @codebytere in #2258
  * clang-format macros that do not need semicolon at the end by @tatsuhiro-t in #2259
  * Remove extra semicolons by @tatsuhiro-t in #2260
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2261
  * Do not allow '@' in :authority or host field values by @tatsuhiro-t in #2262
  * h2load: GRO buffer size should be 64KiB by @tatsuhiro-t in #2263
  * Bump libbpf to v1.4.6 by @tatsuhiro-t in #2264
  * Update nghttp2_check_authority doc by @tatsuhiro-t in #2265

-------------------------------------------------------------------
Tue Nov 12 10:57:02 UTC 2024 - pgajdos@suse.com

- version update to 1.64.0
  1.64.0
  * Change clang-format options by @tatsuhiro-t in #2240
  * build(deps): bump github.com/quic-go/quic-go from 0.46.0 to 0.47.0 by @dependabot in #2243
  * build(deps): bump golang.org/x/net from 0.28.0 to 0.29.0 by @dependabot in #2244
  * nghttp2_map: Port ngtcp2 changes by @tatsuhiro-t in #2245
  * h2load: Fix UDP datagram send/recv metric by @tatsuhiro-t in #2248
  * build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0 by @dependabot in #2252
  * fix race condition on h1 connection close by @TuxInvader in #2249
  * Gha ubuntu 24.04 by @tatsuhiro-t in #2254
  * GHA: Run tests for i686-w64-mingw32 host by @tatsuhiro-t in #2255
  * cmake: Fix c-ares v1.34.0 version detection failure by @tatsuhiro-t in #2256
  * fix: -Wextra-semi errors in nghttp2_helper.h by @codebytere in #2258
  * clang-format macros that do not need semicolon at the end by @tatsuhiro-t in #2259
  * Remove extra semicolons by @tatsuhiro-t in #2260
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2261
  * Do not allow '@' in :authority or host field values by @tatsuhiro-t in #2262
  * h2load: GRO buffer size should be 64KiB by @tatsuhiro-t in #2263
  * Bump libbpf to v1.4.6 by @tatsuhiro-t in #2264
  * Update nghttp2_check_authority doc by @tatsuhiro-t in #2265
  1.63.0
  * Bump libbpf to v1.4.2 by @tatsuhiro-t in #2191
  * build(deps): bump golang.org/x/net from 0.24.0 to 0.25.0 by @dependabot in #2193
  * nghttpx: Fix batch UDP QUIC packet dropped on GRO read by @tatsuhiro-t in #2196
  * CMakeLists.txt: allow to compile the C only lib without CXX compiler by @ThomasDevoogdt in #2200
  * build(deps): bump github.com/quic-go/quic-go from 0.43.1 to 0.44.0 by @dependabot in #2197
  * Fix compiler versions in readme by @ryandesign in #2203
  * build(deps): bump golang.org/x/net from 0.25.0 to 0.26.0 by @dependabot in #2205
  * build(deps): bump github.com/quic-go/quic-go from 0.44.0 to 0.45.0 by @dependabot in #2206
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2207
  * build(deps): bump docker/build-push-action from 5 to 6 by @dependabot in #2208
  * Add wolfSSL support by @tatsuhiro-t in #2209
  * Append --shallow-submodules to git clone --recursive by @tatsuhiro-t in #2210
  * Always append options to extra options by @tatsuhiro-t in #2211
  * build(deps): bump github.com/quic-go/quic-go from 0.45.0 to 0.45.1 by @dependabot in #2213
  * Disable dependency tracking by @tatsuhiro-t in #2214
  * Fix Dockerfile.android build failure by @tatsuhiro-t in #2215
  * Fix UDP_GRO struct cmsghdr data type by @tatsuhiro-t in #2216
  * GHA: Suppress warnings by @tatsuhiro-t in #2217
  * Fix levenshtein initialization by @tatsuhiro-t in #2218
  * build(deps): bump golang.org/x/net from 0.26.0 to 0.27.0 by @dependabot in #2220
  * Undefine NGHTTP2_NO_SSIZE_T if BUILDING_NGHTTP2 is defined by @tatsuhiro-t in #2224
  * Bump clang format by @tatsuhiro-t in #2226
  * Suppress old compiler error by @tatsuhiro-t in #2228
  * build(deps): bump github.com/quic-go/quic-go from 0.45.1 to 0.45.2 by @dependabot in #2229
  * build(deps): bump golang.org/x/net from 0.27.0 to 0.28.0 by @dependabot in #2231
  * build(deps): bump github.com/quic-go/quic-go from 0.45.2 to 0.46.0 by @dependabot in #2232
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #2236
  * Bump libbpf to v1.4.5 by @tatsuhiro-t in #2237
  * Update go by @tatsuhiro-t in #2238
  * levenshtein: Use size_t by @tatsuhiro-t in #2239

-------------------------------------------------------------------
Mon Jun 17 18:02:25 UTC 2024 - Dirk Müller <dmueller@suse.com>

- update to 1.62.1:
  * nghttpx: Fix batch UDP QUIC packet dropped on GRO read
- update to 1.62.0:
  * nghttpx: Fix QUIC stateless reset stack buffer overflow
  * Require c-ares >= 1.16.0 for ares_getaddrinfo
  * Require C++20 compiler
  * Adopt std::to_array and remove make_array
  * nghttpx: Define APIEndpoints separately
  * nghttpx: Do not send error/status body when method is HEAD
  * nghttpx: Fix alignment issues in BlockAllocator
  * nghttpx: Simplify parameter declaration for ipc_fd functions
  * nghttpx: Add extent to ipc_fd explicitly
  * Make make_byte_ref return std::span
  * Make util::decode_hex return std::span
  * Rewrite util::parse_uint
  * Let base64::decode return std::span
  * Refactor StringRef
  * Stringref refactor c str and str
  * Add StringRef literal operator and remove StringRef::from_lit
  * Make StringRef(const std::string&) implicit
  * Add http2::make_field family functions
  * Remove std::string conversion operator from StringRef
  * Optimize StringRef comparisons against c-string
  * Pack more quic pkt
  * nghttpx: Dynamic GSO failover
  * Refactor ImmutableString
  * nghttpx: Refactor QUIC data path
  * nghttpx: Fix inherited TCP port comparison
  * make_websocket_accept_token: Lesser conversions
  * Add http3::make_field family functions
  * Remove unnecessary namespace qualifications
  * Refactor http utils
  * Refactor streq
  * Remove util::streq and let StringRef operator== deal with it
  * Update the link for the Prefix.pdf document. fix #2178
  * Introduce typed nghttp2_min and nghttp2_max
- drop gcc7.patch (obsolete, we require C++20 now)

-------------------------------------------------------------------
Thu Apr  4 09:47:27 UTC 2024 - pgajdos@suse.com

- version update to 1.61.0
  * Fixes CVE-2024-28182 [bsc#1221399]
  * nghttpx: Shutdown h3 stream read with trailer as well by @tatsuhiro-t in #2087
  * Checkout with submodules by @jonaski in #2093
  * Respect BUILD_STATIC_LIBS and add option for tests by @jonaski in #2092
  * build(deps): bump golang.org/x/net from 0.21.0 to 0.22.0 by @dependabot in #2097
  * Workaround llvm issue on github ubuntu runner by @tatsuhiro-t in #2098
  * docker: Use copy --link by @tatsuhiro-t in #2099
  * Nghttpx header idle timeout by @tatsuhiro-t in #2100
  * nghttpx: Fix frontend-header-timeout does not work in config file by @tatsuhiro-t in #2101
  * Rewrite hexdump by @tatsuhiro-t in #2102
  * Switch to distroless/base-nossl by @tatsuhiro-t in #2103
  * Bump ngtcp2 by @tatsuhiro-t in #2105
  * nghttpx: Simplify quic connection close handling by @tatsuhiro-t in #2106
  * build(deps): bump github.com/quic-go/quic-go from 0.41.0 to 0.42.0 by @dependabot in #2107
  * autotools: Use tar-ustar automake option by @tatsuhiro-t in #2108
  * Automate release process by @tatsuhiro-t in #2109
  * autotools: Switch to tar-pax by @tatsuhiro-t in #2110
  * nghttpx: Drop a UDP datagram from well-known port by @tatsuhiro-t in #2111
  * nghttpx: Fix port byte order by @tatsuhiro-t in #2112
  * h2load: Allow host header to be overridden by @tatsuhiro-t in #2113
  * nghttpx: Rework QUIC stateless reset packet size by @tatsuhiro-t in #2114
  * nghttpx: More QUIC prohibited ports by @tatsuhiro-t in #2115
  * Add actions/stale by @tatsuhiro-t in #2116
  * nghttpx: Discard UDP datagram that is too short to be a valid QUIC packet by @tatsuhiro-t in #2117
  * nghttp: Support SSLKEYLOGFILE by @tatsuhiro-t in #2119
  * No rfc7540 priority fix by @tatsuhiro-t in #2120
  * Further reduce Stateless reset emission by @tatsuhiro-t in #2122
  * nghttpx: Rework Connection ID construction by @tatsuhiro-t in #2124
  * Nghttpx faster worker lookup by @tatsuhiro-t in #2125
  * nghttpx: Split thread into worker_process and thread by @tatsuhiro-t in #2126
  * bpf: Drop bad QUIC packet by @tatsuhiro-t in #2127
  * cmake: check SSL_provide_quic_data when ENABLE_HTTP3 is ON by @jimmy-park in #2128
  * nghttpx: Allocate 3 bits for QUIC configuration in Connection ID by @tatsuhiro-t in #2129
  * nghttpx: Migrate to ares_getaddrinfo by @tatsuhiro-t in #2132
  * Bump munit by @tatsuhiro-t in #2131
  * nghttpx: Fix error message by @tatsuhiro-t in #2133
  * nghttpd: Fix read stall by @tatsuhiro-t in #2134

-------------------------------------------------------------------
Wed Apr  3 10:31:13 UTC 2024 - Adam Majer <adam.majer@suse.de>

- gcc7.patch: Fix compilation for SLE-15 (jsc#PED-8206)

-------------------------------------------------------------------
Mon Mar 18 12:59:00 UTC 2024 - Martin Pluskal <mpluskal@suse.com>

- Update keyring with current key

-------------------------------------------------------------------
Mon Mar 18 08:35:17 UTC 2024 - pgajdos@suse.com

- version update to 1.60.0
  * makerelease.sh: Speed up git submodule
  * Speed up git clone
  * build(deps): bump actions/cache from 3 to 4
  * Fixing the build and install trees
  * build(deps): bump microsoft/setup-msbuild from 1 to 2
  * nghttpx: Set ocsp response to SSL in case of boringssl
  * Run with python3
  * src: Certificate Compression with boringssl
  * Fix missing newline
  * Switch to aws lc
  * Libbrotli fixup
  * Deprecate RFC 7540 priorities (aka stream dependencies)
  * Let dependabot manage go modules
  * build(deps): bump golang.org/x/net from 0.20.0 to 0.21.0
  * integration-tests: Omit unused parameters
  * Munit
  * Introduce nghttp2_ssize API
  * Move deprecated warning upfront
  * Describe RFC 7540 priorities deprecation plan
  * Apps migrate nghttp2 ssize
  * src: Remove unused functions
  * Reconsider ssize t usage in src
  * Use GitHub private vulnerability reporting
  * Move security policy to GitHub standard location
  * Bump mruby to 3.3.0
  * Bump llhttp to 48588093ca4219b5f689acfc9ebea9e4c8c37663
  * h2load: Add --sni option
  * Bump ngtcp2 dependencies
  * mruby: Adopt deprecation of mrbc_ prefix
  * neverbleed: Define _GNU_SOURCE for pthread_setaffinity_np
  * bpf: Pre-expand aes key
  * mruby: Exclude mrdb gem which causes nghttpx to crash
  * nghttpx: Reuse EVP_CIPHER_CTX for QUIC connection ID encryption
  * Run apt-get update before install
  * src: Deal with the case that send_quantum < max_udp_payload_size
  * nghttpx: Remove SHRPX_QUIC_MAX_UDP_PAYLOAD_SIZE
  * Fix build when AI_NUMERICSERV is undefined
- remove dependency on /usr/bin/python3 using
  %python3_fix_shebang_path macro, [bsc#1212476]

-------------------------------------------------------------------
Sun Jan 28 17:01:52 UTC 2024 - Dirk Müller <dmueller@suse.com>

- update to 1.59.0:
  * Update bash_completion
  * h2load: Fix bug that ttfb is not recorded if h3 stream
    has no data
  * h2load: Consider all h2 HEADERS when counting bytes and
    recording ttfb
  * h2load: Ignore 1xx status code
  * nghttpd: Free SSL_CTX on exit
  * nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data
  * nghttpx: OpenSSL needs SSL_CTX_set_recv_max_early_data
  * cmake: Require OpenSSL >= 1.1.1
  * Add nghttp2_select_alpn and deprecate
    nghttp2_select_next_protocol
  * nghttpx: Add --alpn-list and deprecate --npn-list
  * h2load: Add --alpn-list and deprecate --npn-list
  * Remove NPN
  * src: Support building with aws-lc
  * Avoid detecting OpenSSL 3.2 as quictls
  * Use nghttp3_pri_parse_priority added since nghttp3 v1.1.0
  * h2load: Fix IPv6 address in :authority
  * h2load: Fix IPv6 address in :authority
  * nghttpx: Propagate stream priority from backend to
    frontend
  * nghttpx: Propagate stream priority from backend to
    frontend
  * Merge pull request #1991 from nghttp2/get-and-parse-
    extpri
  * Add API to get and parse RFC 9218 priority
  * nghttpx: Prefer __FILE_NAME__ if defined

-------------------------------------------------------------------
Sat Nov 25 22:23:00 UTC 2023 - Dirk Müller <dmueller@suse.com>

- update to 1.58.0:
  * Update manual pages
  * Bump neverbleed
  * Bump ngtcp2
  * Prefer clock_gettime if __CYGWIN__ defined
  * Do not require strict c++ mode
  * nghttpx: Stricter transfer-encoding checks
  * Refactor character comparison
  * Integration servertester h3
  * integration: Enable http3 test with cmake

-------------------------------------------------------------------
Tue Nov 21 11:53:04 UTC 2023 - Dirk Müller <dmueller@suse.com>

- fix unversioned provides to be in sync with nghttp3

-------------------------------------------------------------------
Tue Nov  7 12:54:09 UTC 2023 - Dirk Müller <dmueller@suse.com>

- add keyring for gpg validation
- spec file cleanups

-------------------------------------------------------------------
Mon Oct 16 10:24:50 UTC 2023 - pgajdos@suse.com

- version update to 1.57.0 [bsc#1216174]
  1.57.0
  * Fixes CVE-2023-44487 (bsc#1216123)
  * Bump ngtcp2 by @tatsuhiro-t in #1944
  * Add dependabot to update actions by @tatsuhiro-t in #1946
  * Bump golang.org/x/net to v0.15.0 by @tatsuhiro-t in #1950
  * Bump actions/setup-go from 3 to 4 by @dependabot in #1948
  * Bump actions/checkout from 3 to 4 by @dependabot in #1949
  * Bump actions/upload-artifact from 1 to 3 by @dependabot in #1947
  * docker: Bump base image to debian 12 by @tatsuhiro-t in #1951
  * nghttpx: Header field name must be lowercase by @tatsuhiro-t in #1953
  * Bump quictls by @tatsuhiro-t in #1945
  * Apps fix by @tatsuhiro-t in #1957
  * nghttpx: Fix bug that --single-process does not work by @tatsuhiro-t in #1958
  * Fix clang-format by @tatsuhiro-t in #1959
  * Rework session management by @tatsuhiro-t in #1961
  1.56.0
  * doc: Bump boringssl by @tatsuhiro-t in #1928
  * Fix memory leak by @tatsuhiro-t in #1930
  * Return void by @tatsuhiro-t in #1931
  * nghttpx: Rework sending and receiving ECN bits by @tatsuhiro-t in #1934
  * CMSG_DATA does not necessarily return an aligned pointer by @tatsuhiro-t in #1935
  * Bump quictls by @tatsuhiro-t in #1937
  * Bump ngtcp2 and its dependencies by @tatsuhiro-t in #1939
  * nghttpx: Simplify std::unique_ptr get and release by @tatsuhiro-t in #1940
  * Bump llhttp to 926c982942eb53a13f01c1e9e6b19bd3b196e7dd by @tatsuhiro-t in #1941
  * Bump libbpf to v1.2.2 by @tatsuhiro-t in #1942
  * Update Dockerfile by @tatsuhiro-t in #1943

-------------------------------------------------------------------
Sat Jul 15 15:11:52 UTC 2023 - Dirk Müller <dmueller@suse.com>

- update to 1.55.1:
  * Fix memory leak (bsc#1215713)
    This commit fixes memory leak that happens when
    PUSH_PROMISE or HEADERS frame cannot be sent, and
    nghttp2_on_stream_close_callback fails with a fatal error.
    For example, if GOAWAY frame has been received, a
    HEADERS frame that opens new stream cannot be sent.
    This issue has already been made public via CVE-2023-35945
    by envoyproxy/envoy project.  During embargo period, the
    patch to fix this bug was accidentally submitted to
    nghttp2/nghttp2 repository [2]. And they decided to
    disclose CVE early.  I was notified just 1.5 hours
    before disclosure.  I had no time to respond.
    PoC described in [1] is quite simple, but I think it is
    not enough to trigger this bug.  While it is true that
    receiving GOAWAY prevents a client from opening new stream,
    and nghttp2 enters error handling branch, in order to cause
    the memory leak, nghttp2_session_close_stream function
    must return a fatal error.
    NGHTTP2_ERR_NOMEM, as its name suggests, indicates out of
    memory.  It is unlikely that a process gets short of
    memory with this simple PoC scenario unless application
    does something memory heavy processing.
  * NGHTTP2_ERR_CALLBACK_FAILURE is returned from application
    defined callback function (nghttp2_on_stream_close_callback, in
    this case), which indicates something fatal happened inside a
    callback, and a connection must be closed immediately without
    any further action.  As nghttp2_on_stream_close_error_callback
    documentation says, any error code other than 0 or
    NGHTTP2_ERR_CALLBACK_FAILURE is treated as fatal
    error code.  More specifically, it is treated as if
    NGHTTP2_ERR_CALLBACK_FAILURE is returned.  I guess that
    envoy returns
    NGHTTP2_ERR_CALLBACK_FAILURE or other error code which is
    translated into NGHTTP2_ERR_CALLBACK_FAILURE.
    https://github.com/envoyproxy/envoy/security/advisories/GHSA-
    jfxv-29pc-x22r

-------------------------------------------------------------------
Tue Jun 20 20:48:11 UTC 2023 - Dirk Müller <dmueller@suse.com>

- update to 1.54.0:
  * nghttpx: Consistent error handling and use of high-level API
  * h2load: Fix http3 upload stall
  * h2load: Use std::chrono::steady_clock for quic timestamp

-------------------------------------------------------------------
Thu May 18 04:53:42 UTC 2023 - Martin Pluskal <mpluskal@suse.com>

- Update to version 1.53.0:
  * https://nghttp2.org/blog/2023/05/10/nghttp2-v1-53-0/

-------------------------------------------------------------------
Tue Mar 14 09:33:48 UTC 2023 - Dirk Müller <dmueller@suse.com>

- update to 1.52.0:
  * https://nghttp2.org/blog/2023/02/13/nghttp2-v1-52-0/
  * sphinx_rtd_theme has been removed from the repository
    and archive.
  * The deprecated Python bindings has been removed.
  * The deprecated libnghttp2_asio has been removed.
  * llhttp and neverbleed have been updated.
  * This release fixes the bug that stalls TLS connection.
  * This release adds more http3 integration tests.
- drop nghttp2-remove-python-build.patch: obsolete as the code got removed

-------------------------------------------------------------------
Thu Nov 17 16:35:21 UTC 2022 - Dirk Müller <dmueller@suse.com>

- update to 1.51.0:
  * https://nghttp2.org/blog/2022/11/13/nghttp2-v1-51-0/
  This release fixes affinity-cookie-stickiness parameter handling.

-------------------------------------------------------------------
Sat Sep 24 11:21:43 UTC 2022 - Dirk Müller <dmueller@suse.com>

- update to 1.50.0:
  * https://nghttp2.org/blog/2022/09/21/nghttp2-v1-50-0/
  This release adds
  nghttp2_option_set_no_rfc9113_leading_and_trailing_ws_validation which disables
  checking leading and trailing white spaces against HTTP field value.

-------------------------------------------------------------------
Fri Sep 23 15:38:24 UTC 2022 - Dirk Müller <dmueller@suse.com>

- disable asio by default as it is deprecated by upstream and
  will be removed in the next release

-------------------------------------------------------------------
Mon Aug 22 21:23:42 UTC 2022 - Dirk Müller <dmueller@suse.com>

- update to 1.49.0:
  * https://nghttp2.org/blog/2022/08/22/nghttp2-v1-49-0/

-------------------------------------------------------------------
Mon Jul 11 19:43:07 UTC 2022 - Dirk Müller <dmueller@suse.com>

- update to 1.48.0:
  * lib: Allow server to override RFC 9218 stream priority
  * lib: Add a server option to fallback to RFC 7540 priorities
  * lib: Add PRIORITY_UPDATE frame support
  * lib: Implement RFC 9218 extensible prioritization scheme
  * lib: Do not verify host field specific characters for response field
  * lib: No rfc7540 priorities
  * lib: Fix stream stall when initial window size is decreased
  * doc: Document how to change stream prioritization scheme
  * build: Compile with libressl 3.5
  * build: EXTRA_DIST: List mruby files explicitly
  * build: Bump ngtcp2 and nghttp3
  * build: Do not check application libraries if --enable-lib-only is given
  * src: Update default TLS cipher suites
  * nghttpx, h2load: Better pack UDP packets in one GSO write
  * nghttpx, h2load: Quic error handling
  * nghttpx, h2load: Fix QUIC performance regression
  * nghttp, nghttpd, nghttpx: Add ktls support
  * h2load: Send more packets without GSO per event loop
  * h2load: Add ktls support
  * nghttpd: Fix TLS read stall
  * nghttpx: Disable RFC 7540 priorities
  * nghttpx: Client always uses simpler TLS handshake
  * nghttpx: Add affinity-cookie-stickiness backend parameter
  * nghttpx: Fix broken session affinity
  * nghttpx: Limit CONNECTION_CLOSE and Retry under server amplification limit
  * integration: Go update
  * integration: Add go.mod
  * third-party: Bump llhttp to 75b45129db961e1fb3c56044e1b8f7721bfaee5d
  * third-party: Bump libbpf to v0.8.0
  * third-party: Bump mruby to 3.1.0
  * third-party: Bump neverbleed based on the latest head (GH-1708)

-------------------------------------------------------------------
Sun Mar 20 21:13:42 UTC 2022 - Dirk Müller <dmueller@suse.com>

- update to 1.47.0:
  * see https://nghttp2.org/blog/2022/02/23/nghttp2-v1-47-0/

-------------------------------------------------------------------
Sat Dec 18 19:24:21 UTC 2021 - Dirk Müller <dmueller@suse.com>

- update to 1.46.0:
  * see https://nghttp2.org/blog/2021/07/18/nghttp2-v1-44-0/
  * see https://nghttp2.org/blog/2021/09/20/nghttp2-v1-45-0/
  * see https://nghttp2.org/blog/2021/10/19/nghttp2-v1-46-0/

-------------------------------------------------------------------
Thu Feb  4 11:22:06 UTC 2021 - Dirk Müller <dmueller@suse.com>

- update to 1.43.0:
  * doc: Make doc generation work with sphinx v3.3
  * python: Require python3 for python bindings
  * python: Require python3 for python scripts
  * nghttpx: Make sure that Pool gets cleared when all buffers are returned
  * nghttpx: Choose ECDSA cert if compatible signature algorithm available
  * nghttpx: Add workaround to include ':' in backend pattern

-------------------------------------------------------------------
Wed Jan  6 12:22:21 UTC 2021 - Dirk Müller <dmueller@suse.com>

- update to 1.42.0:
  * lib: fix ubsan errors (Patch from Asra Ali) (GH-1468)
  * lib: Don't send RST_STREAM to idle stream (GH-1477)
  * lib: nghttp2_map backed by nghttp2_ksl
  * doc: Update sphinx_rtd_theme
  * doc: nghttp2_session_send is also affected by max concurrent streams (Patch from Tomas Krizek) (GH-1489)
  * doc: clarify flow control behaviour for nghttp2_session_send() (Patch from Tomas Krizek) (GH-1488)
  * build: Add missing cmake/FindSystemd.cmake to dist (GH-1526)
  * third-party: Bump llhttp to 2.2.0
  * third-party: Bump mruby to 2.1.2
  * nghttpx: Deal with the case when h2 backend is retired before it is initialized
  * nghttpx: Add accesslog variables to record request path without query (GH-1511)
  * nghttpx: Fix stall when TLS follows after proxy protocol
  * nghttpx: Fix logging integer

-------------------------------------------------------------------
Wed Jun  3 11:45:25 UTC 2020 - Paolo Stivanin <info@paolostivanin.com>

- Update to 1.41.0
  * Fix CVE-2020-11080 (bsc#1181358)
  * lib: Implement max settings option (Patch from James M Snell)
  * lib: Earlier check for settings flood (Patch from James M Snell)
  * lib: Fix receiving stream data stall (GH-1444)
  * build: cmake: Make hard-coded static lib suffix optional (Patch from Viktor Szakats) (GH-1418)
  * third-party: Bump llhttp to 2.0.4 (GH-1442)
  * nghttpx: Add PROXY-protocol v2 support (GH-1452)
  * nghttpx: Fix get_x509_serial for long serial numbers (Patch from Jacky Tian) (GH-1455)
  * h2load: Allow port in --connect-to
  * h2load: add --connect-to option (Patch from Lucas Pardue) (GH-1426)

-------------------------------------------------------------------
Tue Jan 14 18:01:52 UTC 2020 - Michał Rostecki <mrostecki@opensuse.org>

- Update to version 1.40.0 to fix CVE-2019-18802 in envoy-proxy and
  cilium-proxy (bsc#1166481)
  * lib: Add nghttp2_check_authority as public API
  * lib: Fix the bug that stream is closed with wrong error code
  * lib: Faster huffman encoding and decoding
  * build: Avoid filename collision of static and dynamic lib
  * build: Add new flag ENABLE_STATIC_CRT for Windows
  * build: cmake: Support building nghttpx with systemd
  * third-party: Update neverbleed to fix memory leak
  * nghttpx: Fix bug that mruby is incorrectly shared between
    backends
  * nghttpx: Reconnect h1 backend if it lost connection before
    sending headers
  * nghttpx: Returns 408 if backend timed out before sending
    headers
  * nghttpx: Fix request stal

-------------------------------------------------------------------
Fri Aug 30 02:45:32 UTC 2019 - Martin Pluskal <mpluskal@suse.com>

- Conditionally remove dependecy on jemalloc for SLE-12

-------------------------------------------------------------------
Mon Aug 19 12:27:38 UTC 2019 - Martin Pluskal <mpluskal@suse.com>

- Require correct library from devel package - boo#1125689

-------------------------------------------------------------------
Mon Aug 19 12:02:09 UTC 2019 - Adam Majer <adam.majer@suse.de>

- Update to version 1.39.2 (bsc#1146184, bsc#1146182):
  * This release fixes CVE-2019-9511 “Data Dribble” and CVE-2019-9513
  “Resource Loop” vulnerability in nghttpx and nghttpd. Specially crafted HTTP/2
  frames cause Denial of Service by consuming CPU time. Check out
  https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
  for details. For nghttpx, additionally limiting inbound traffic by
  --read-rate and --read-burst options is quite effective against
  this kind of attack.

  * Add nghttp2_option_set_max_outbound_ack API function
  * nghttpx: Fix request stall

-------------------------------------------------------------------
Tue Aug 13 13:22:01 UTC 2019 - Martin Pluskal <mpluskal@suse.com>

- Update to version 1.39.1:
  * This release fixes the bug that log-level is not set with
    cmd-line or configuration file. It also fixes FPE with default
    backend.
- Changes for version 1.39.0:
  * libnghttp2 now ignores content-length in 200 response to
    CONNECT request as per RFC 7230.
  * mruby has been upgraded to 2.0.1.
  * libnghttp2-asio now supports boost-1.70.
  * http-parser has been replaced with llhttp.
  * nghttpx now ignores Content-Length and Transfer-Encoding in 1xx
    or 200 to CONNECT.
- Drop no longer needed boost170.patch

-------------------------------------------------------------------
Fri May 10 08:24:23 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>

- Update to 1.38.0:
  * This release fixes the bug that authority and path altered by per-pattern mruby script can affect backend selection on retry.
  * It also fixes the bug that HTTP/1.1 chunked request stalls.
  * Now nghttpx does not log authorization request header field value with -LINFO.
  * This release fixes possible backend stall when header and request body are sent in their own packets.
  * The backend option gets weight parameter to influence backend selection.
  * This release fixes compile error with BoringSSL.
- Add patch from upstream to build with new boost bsc#1134616:
  * boost170.patch

-------------------------------------------------------------------
Fri Jan 18 16:42:34 UTC 2019 - seanlew@opensuse.org

- Update to 1.36.0
  * build: disable shared library if ENABLE_SHARED_LIB is off
  * third-party: use http-parser to v2.9.0 (GH-1294)
  * third-party: Update mruby to 2.0.0
  * nghttpx: Pool h1 backend connection per address (GH-1292)
  * nghttpx: Randomize backend address round robin order per thread
    (GH-1291)
  * nghttpx: Fix getting long SNs for openssl < 1.1 (GH-1287)
  * h2load: add an option to write per-request logs (GH-1256)
  * asio: added access to # of the current server port (GH-1257)

-------------------------------------------------------------------
Fri Jan 18 14:35:14 UTC 2019 - Tomáš Chvátal <tchvatal@suse.com>

- Use multibuild to not pull in python3 in first build, nghttp2
  is low in the system

-------------------------------------------------------------------
Fri Jan 11 14:24:40 UTC 2019 - Martin Pluskal <mpluskal@suse.com>

- Update to version 1.35.1:
  * nghttpx: Fix broken trailing slash handling (GH-1276)
- Changes for version 1.35:
  * build: cmake: Fix libevent version detection (Patch from Jan Kundrát) (GH-1238)
  * lib: Use __has_declspec_attribute for shared builds (Patch from Don) (GH-1222)
  * src: Require C++14 language feature
  * nghttpx: Write mruby send_info early
  * nghttpx: Fix assertion failure on mruby send_info with HTTP/1 frontend
  * h2load: Handle HTTP/1 non-final response (GH-1259)
  * h2load: Clarify that time for connect includes TLS handshake

-------------------------------------------------------------------
Mon Oct  8 19:46:51 UTC 2018 - adam.majer@suse.de

- Update to version 1.34.0: (bsc#1112438, FATE#326776)
  * lib: Implement RFC 8441 :protocol support
  * nghttpx: Add read/write-timeout parameters to backend option
  * nghttpx: Fix mruby parameter validation in backend option
  * nghttpx: Implement RFC 8441 Bootstrapping WebSocket with HTTP/2
  * nghttpx: Update neverbleed to fix OpenSSL 1.1.1 issues
  * nghttpx: Update mruby 1.4.1
  * nghttpx: Add mruby env.tls_handshake_finished
  * nghttpx: Add --tls13-ciphers and --tls-client-ciphers options
  * nghttpx: Add RFC 8470 Early-Data header field support
  * nghttpx: Add RFC 8446 TLSv1.3 0-RTT early data support

-------------------------------------------------------------------
Wed Sep 26 08:00:27 UTC 2018 - adam.majer@suse.de

- Update to version 1.33.0:
  * lib: Tweak nghttp2_session_set_stream_user_data
  * lib: Fix handling of SETTINGS_MAX_CONCURRENT_STREAMS.
  * lib: Implement ORIGIN frame
  * asio: support definition of local endpoint for cleartext
    client session
  * integration: Remove remaining SPDY code from the integration tests
  * nghttpx: Fix worker process crash with neverbleed write error
  * nghttpx: Support per-backend mruby script
  * nghttpx: Fix stream reset if data from client is arrived before
    dconn is attached

-------------------------------------------------------------------
Mon Jul  9 15:04:12 UTC 2018 - mpluskal@suse.com

- Update to version 1.32.0:
  * lib: Ignore all input after calling session_terminate_session
  * lib: Fix treatment of padding
  * lib: Don't allow 101 HTTP status code because HTTP/2 removes
    HTTP Upgrade
  * build: add ENABLE_STATIC_LIB option to build static lib
  * third-party: Upgrade neverbleed to the latest master
  * asio: Support client side SNI
  * src: Compile with libressl 2.7.2
  * src: Allow building without NPN
  * h2load: -r and --duration are mutually exclusive

-------------------------------------------------------------------
Fri Apr 13 08:40:38 UTC 2018 - tchvatal@suse.com

- Version umpdate to 1.31.1:
  * Fix bsc#1088639 CVE-2018-1000168
  * https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/

-------------------------------------------------------------------
Mon Apr  9 10:16:47 UTC 2018 - tchvatal@suse.com

- Version update to 1.31.0:
  * lib: Add nghttp2_session_set_user_data() public API function (GH-1137)
  * src: Define nghttp2_inet_pton wrapper to avoid inet_pton macro (GH-1128)
  * nghttpx: Close listening socket on graceful shutdown
  * nghttpx: Add an option to accept expired client certificate (GH-1126)
  * nghttpx: Add mruby tls_client_not_before, and tls_client_not_after (GH-1123)
  * nghttpx: Fix potential memory leak
  * lib: Allow PING frame to be sent after GOAWAY (GH-1103)
  * nghttpx: Fix bug that h1 backend idle timeout expires sooner
  * nghttpx: Stop overwrite of first header on mruby call to env.req.set_header(..) (Patch from Dylan Plecki) (GH-1119)
  * nghttpx: Add upgrade-scheme parameter to backend option (GH-1099)
  * nghttpx: Fix missing ALPN validation (--npn-list) (GH-1094)
  * nghttpx: Remember which resource is pushed for RFC 8297 (GH-1101)

-------------------------------------------------------------------
Mon Apr  9 08:59:52 UTC 2018 - tchvatal@suse.com

- Drop spdylay dependency as it is deprecated since version 1.28.0
  and removed from cofnigure.ac since 1.29.0

-------------------------------------------------------------------
Thu Feb 22 15:10:41 UTC 2018 - fvogt@suse.com

- Use %license (boo#1082318)

-------------------------------------------------------------------
Fri Jan  5 13:21:33 UTC 2018 - mpluskal@suse.com

- Update to version 1.29.0:
  * lib: Use NGHTTP2_REFUSED_STREAM for streams which are closed by
    GOAWAY
  * build: Remove SPDY
  * build: Fix CMAKE_MODULE_PATH
  * nghttpx: Revert "nghttpx: Use an existing h2 backend connection
    as much as possible"
  * nghttpx: Write API request body in temporary file
  * nghttpx: Increase api-max-request-body
  * nghttpx: Faster configuration loading with lots of backends
  * nghttpx: Fix crash with --backend-http-proxy-uri option

-------------------------------------------------------------------
Mon Dec 11 16:53:16 UTC 2017 - dimstar@opensuse.org

- Export PYTHON=/usr/bin/python3 before running configure: allow to
  build without (comnplete) python2 in the buildroot. In any case
  we only ship python3-bindings already.

-------------------------------------------------------------------
Wed Dec  6 16:35:46 UTC 2017 - mpluskal@suse.com

- Upodate to version 1.28.0:
  * lib: Add nghttp2_error_callback2
  * build: Add deprecation warning when spdylay support is enabled
  * Switch to clang-format-5.0
  * examples: Make client and server work with libevent-2.1.8
  * third-party: Update neverbleed
  * integration: Fix issues reported by the go vet tool.
  * nghttpx: Fix affinity retry
  * nghttpx: Fix stalled backend connection on retry
  * nghttpx: Cookie based session affinity
  * nghttpx: Expose additional TLS related variables to mruby and
    accesslog

-------------------------------------------------------------------
Wed Nov  8 16:54:59 UTC 2017 - mpluskal@suse.com

- Drop forgotten python2 build dependency

-------------------------------------------------------------------
Thu Oct 26 10:28:19 UTC 2017 - mpluskal@suse.com

- Update to version 1.27.0:
  * h2load: Print out h2 header fields with --verbose option
  * nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client
    only
- Changes for version 1.26.0:
  * docs: Fix some typos in the nghttpx how-to
  * h2load: Fix bug that timing script stalls with -m1
  * h2load: Reservoir sampling (GH-984)
  * h2load: Add timing-based load-testing in h2load
- Switch to python3 support

-------------------------------------------------------------------
Mon Oct  9 10:14:26 UTC 2017 - schwab@suse.de

- Don't use jemalloc on ppc or %arm, where it is broken.

-------------------------------------------------------------------
Mon Aug 28 10:58:52 UTC 2017 - mpluskal@suse.com

- Update to version 1.25.0:
  * lib: add nghttp2_rcbuf_is_static() (Patch from Anna Henningsen) (GH-983)
  * nghttpx: Fix bug that forwarded for is not affected by proxy protocol (GH-979)
  * nghttpx: Update mruby to 1.3.0 (GH-957)

-------------------------------------------------------------------
Mon Jul 17 19:45:59 UTC 2017 - mpluskal@suse.com

- Drop doc building
- Rename python subpackage to python2

-------------------------------------------------------------------
Mon Jul 10 14:35:59 UTC 2017 - mpluskal@suse.com

- Update to version 1.24.0:
  * doc: README.rst: fix typo (Patch from Simone Basso) (GH-947)
  * doc: fix up grammar in submit_trailer docs (Patch from Benjamin Peterson) (GH-945)
  * doc: fix cleaning in out-of-tree builds (Patch from Benjamin Peterson) (GH-938)
  * nghttp: Fix bug that upgrade fails if reason-phrase is missing (GH-949)
  * nghttpx: Verify OCSP response using trusted CA certificates (GH-943)
  * nghttpx: Set default minimum TLS version to TLSv1.2 (GH-937)
- Changes for version 1.23.1:
  * nghttpx: Fix crash in OCSP response verification
- Changes for version 1.23.0:
  * lib: nghttp2_session: Allow for compiling library with -DNDEBUG set (Patch from Angus Gratton) (GH-919)
  * lib: Treat incoming invalid regular header field as stream error (GH-900)
  * lib: Call nghttp2_on_invalid_frame_callback if altsvc validation fails (GH-904)
  * doc: spelling mistake in arguments to build nghttp apps (Patch from Soham Sinha) (GH-925)
  * doc: Add notes for installation on linux systems (Patch from Tapanito) (GH-917)
  * doc: Clarify the effect of nghttp2_option_set_no_http_messaging
  * nghttpx: Verify OCSP response (GH-929)
  * nghttpx: Fix certificate selection based on pub key algorithm (GH-924)
  * nghttpx: Fix certificate indexing bug
  * nghttpx: Run OCSP at startup (GH-922)
  * nghttpx: Wildcard path matching (GH-914)
  * nghttpx: Forward multiple via, xff, and xfp header fields (GH-903)
  * nghttp: Add -y, --no-verify-peer option to suppress peer verify warn (GH-906)

-------------------------------------------------------------------
Wed May 10 12:03:35 UTC 2017 - mpluskal@suse.com

- Update to version 1.22.0:
  * lib: Add missing free call on error in inflight_settings_new() (Patch from lstefani) (GH-884)
  * asio: Support specifying stream priority via session::submit() (Patch from Matt Way) (GH-881)
  * nghttpx: Clarify --conf option behaviour
  * nghttpx: Add $tls_sni access log variable (GH-896)
  * nghttpx: Rename ssl_* log variables as tls_* (GH-895)
  * nghttpx: Fix path matching bug (GH-894)
  * nghttpx: SNI based backend server selection (GH-892)
  * nghttpx: Enable signed_certificate_timestamp extension for TLSv1.3 (GH-878)
  * nghttpx: Add options for X-Forwarded-Proto header field (GH-872)
  * nghttpx: Add --single-process option (GH-869)
  * nghttpx: Use 502 as server error code
  * nghttpx: Use SSL_CTX_set_early_data_enabled with boringssl
  * nghttp: Verify server certificate and show warning if it fails (GH-870)
  * integration: Use nip.io instead of xip.io

-------------------------------------------------------------------
Fri Apr 21 10:27:41 UTC 2017 - mpluskal@suse.com

- Update to version 1.21.1:
  * asio: Fix crash if connect takes longer time than ping interval (GH-866)
  * nghttpx: Fix bug that 204 from h1 backend is always treated as error (GH-871)
- Changes for version 1.21.0:
  * lib: Fix nghttp2_session_want_write (GH-832)
  * doc: Document pkg-config path usage
  * build: Eliminate U macro; Instead use (void)VAR for better compiler compatibility.
  * src: BoringSSL supports SSL_CTX_set_{min,max}_proto_version. (Patch from Piotr Sikora) (GH-853)
  * src: Use Mozilla's "Modern compatibility" ciphers by default
  * src: nghttp2_gzip: fix this statement may fall through [-Werror=implicit-fallthrough=] found by gcc7 (Patch from Alexis La Goutte) (GH-823)
  * nghttpx: Print version number with -v option
  * nghttpx: Enable X25519 with boringssl
  * nghttpx: Retry getaddrinfo without AI_ADDRCONFIG (GH-858)
  * nghttpx: Failing to listen on server socket is fatal error
  * nghttpx: Escape certain characters in access log (GH-856)
  * nghttpx: Ignore further input if connection is going to close
  * nghttpx: Don't call functions which are not async-signal-safe after fork but before execv in multithreaded process.
  * nghttpx: Enable backend pattern matching with http2-proxy (GH-733)
  * asio: client: Send PING after 30 seconds idle (GH-847)


-------------------------------------------------------------------
Thu Mar 23 18:53:19 UTC 2017 - mpluskal@suse.com

- Update to version 1.20.0:
  * lib: nghttp2_session: fix The 'then' statement is equivalent to the subsequent code fragment found by PVS Studio (V523) (Patch from Alexis La Goutte) (GH-814)
  * lib: Add nghttp2_option_set_no_closed_streams (GH-810)
  * build: Disable spdylay detection by default
  * build: Add --with-systemd option to configure
  * fuzz: Add fuzzer for oss-fuzz (GH-799)
  * src: Enable TLSv1.3 if it is supported by OpenSSL (or BoringSSL) (GH-816)
  * src: h2 requires >= TLSv1.2
  * asio: More graceful stop of nghttp2::asio_http2::server::http2 (Patch from Amir Pakdel) (GH-805)
  * asio: Holding more shared_ptrs instead of raw ptrs to make sure called objects don't get deleted. (Patch from clemahieu)
  * asio: Fix infinite loop in acceptor handler (Patch from clemahieu) (GH-794)
  * asio: close_stream erases from streams_ while it's being iterated over. (Patch from clemahieu) (GH-795)
  * nghttpx: Strip version number from server header field
  * nghttpx: Add --single-worker option
  * nghttpx: Fix bug that send_reply does not participate graceful shutdown
  * nghttpx: Add --frontend-max-requests option
  * nghttpx: Enable stream-write-timeout by default
  * nghttpx: Fix stream write timer handling
  * nghttpx: Add configrevision API endpoint (GH-820)
  * nghttpx: Redirect to HTTPS URI with redirect-if-not-tls parameter (GH-819)
  * nghttpx: Update log time stamp in millisecond interval
  * nghttpx: Better error message when private key and certificate are missing
  * nghttpx: Fix bug that old config is used during reloading configuration
  * nghttpx: Specify TLS protocol by version range (GH-809)
  * nghttpx: Send SIGQUIT to the original master process (GH-807)
  * nghttpx: Restrict HTTP major and minor in 0 or 1
  * nghttpx: Drop privilege of neverbleed daemon first
  * nghttpx: add systemd support (Patch from Tomasz Torcz) (GH-802)
  * nghttpx: Fix crash on SIGHUP with multi thread configuration (GH-801)
  * nghttpx: Send 1xx non-final response using mruby script (GH-800)
  * nghttpx: Select certificate by client's supported signature algorithm (GH-792)
  * nghttpx: Recommend POST for backendconfig API request
  * nghttpx: Don't build PSK features with LibreSSL (Patch from Bernard Spil) (GH-789)
  * nghttp: add support for link rel="preload" for --get-assets (Patch from Benedikt Christoph Wolters) (GH-791)
  * h2load: Fix wrong req_stat updates
  * h2load: Explicitly count the number of requests left and inflight
  * integration: Fix deprecation warnings
  * integration: Redirect nghttpx stdout/stderr to test driver's stdout/stderr
- Changes for version 1.19.0:
  * lib: Fix memory leak of nghttp2_stream object in server side nghttp2_session object
  * Fix issues found by PVS Studio (Patch from Alexis La Goutte) (GH-769)
  * doc: Update README file to write about the issue of Alpine Linux's inability to replace malloc (Patch from makovich) (GH-768)
  * build: Compile with Android NDK r13b using clang
  * src: Fix assertion error with boringssl
  * nghttp: Take into account scheme and port when parsing HTML links
  * nghttp: Fix authority for --get-assets if IP address is used in conjunction with user-defined :authority header (Patch from Benedikt Christoph Wolters) (GH-783)
  * nghttpx: Add --accesslog-write-early option (GH-777)
  * nghttpx: Fix access.log timestamp (GH-778)
  * nghttpx: Show default cipher list in -h
  * nghttpx: Add client-ciphers option
  * nghttpx: Add client-no-http2-cipher-black-list option
  * nghttpx: Fix the bug that no-http2-cipher-black-list does not work on backend HTTP/2 connections.
  * nghttpx: Add --client-psk-secret option to enable PSK in backend (GH-612)
  * nghttpx: Add --psk-secret option to enable PSK in frontend connection (GH-612)
  * nghttpx: Enable SCT with OpenSSL 1.1.0
  * nghttpx: Add proxyproto to frontend option to accept PROXY protocol (GH-765)
  * h2load: Show default cipher list in -h
  * h2load: Show custom server temp key such as X25519
  * h2load: Fix incorrect return value from spdylay_send_callback
- Changes for version 1.18.1:
  * nghttpx: Fix assertion error in libev ev_io_start (GH-759)
  * nghttpx: Handle c-ares success without result
  * nghttpx: Fix bug that DNS timeout was erroneously disabled (GH-763)
  * nghttpx: Fix bug that DNS timeout was ignored (GH-763)

-------------------------------------------------------------------
Thu Feb  2 10:21:27 UTC 2017 - adam.majer@suse.de

- use individual libboost-*-devel packages instead of boost-devel

-------------------------------------------------------------------
Tue Jan  3 10:39:12 UTC 2017 - mpluskal@suse.com

- Update to version 1.18.0:
  * lib: Accept and ignore content-length: 0 in 204 response for now
  * build: Use pkg-config to detect libxml2
  * build: Require c-ares to compile applications under src
  * build: Add Windows CI via AppVeyor (Patch from Alexis La Goutte)
  * examples: Delete tiny-nghttpd
  * nghttpx: Retry h1 backend request if first write fails (GH-757)
  * nghttpx: Keep reading after backend write failed (GH-756)
  * nghttpx: Add frontend-keep-alive-timeout option (GH-755)
  * nghttpx: New error log format (GH-749)
  * nghttpx: Fix bug that fetch-ocsp-response does not work with OpenSSL 1.1.0 (GH-742)
  * nghttpx: Backend API call allows non-numeric host with dns parameter (GH-731)
  * nghttpx: Lookup backend host name dynamically (GH-721)
  * nghttpx: Accept and ignore content-length: 0 in 204 response for now (GH-735)
  * nghttpx: Wait for child process to exit

-------------------------------------------------------------------
Wed Dec 14 10:19:51 UTC 2016 - mpluskal@suse.com

- Update to version 1.17.0:
  * lib: Disallow content-length in 1xx, 204, or 200 to a CONNECT request (GH-722)
  * lib: Avoid memcpy against NULL src
  * build: MSVC version resource support (Patch from Remo E) (GH-718)
  * asio: server: Call on_close callback on connection close (GH-729)
  * nghttpx: Fix frequent crash with --backend-http-proxy-uri
  * nghttpx: Robust backend read timeout
  * nghttpx: Fix bug that mishandles response header from h1 backend
  * nghttpx: Fix bug that zero-length POST is not forwarded (GH-726)
  * nghttpx: Remove optional reason-phrase from SPDY :status
  * nghttpx: Header key and value must be string in mruby script
  * nghttpx: Strip content-length with 204 or 200 to CONNECT in mruby (GH-722)
  * nghttpx: Strict handling for Content-Length or Transfer-Encoding in h1 (GH-722)
  * nghttpx: Fix compilation with BoringSSL (Patch from dalf) (GH-717)
  * nghttpd, nghttpx, asio: Add missing mandatory SP after status code

-------------------------------------------------------------------
Thu Nov 24 09:44:32 UTC 2016 - mpluskal@suse.com

- Update to version 1.16.1:
  * lib: Prevent undefined behavior in decode_length
  * nghttpx: Fix bug which may crash nghttpx if non-final response
    is forwarded from origin server to HTTP/1.1 client
- Changes for version 1.16.0:
  * lib: Add nghttp2_set_debug_vprintf_callback to take advantage
    of DEBUGF statements in when building DEBUGBUILD.
  * Update .clang-format for clang-format-3.9
  * build: Make it possible to include nghttp2/CMakeLists.txt in
    another project using add_subdirectory.
  * third-party: Update http-parser to
    feae95a3a69f111bc1897b9048d9acbc290992f9
  * asio: Fix crash when end() is called outside nghttp2 callback
  * nghttpx: Add --backend-connect-timeout option
  * nghttpx: Add TLS signed_certificate_timestamp extension support
  * nghttpx: Add --ecdh-curves option to specify list of named
    curves
  * h2load: Add --header-table-size and --encoder-header-table-size
    options

-------------------------------------------------------------------
Sun Sep 25 09:01:48 UTC 2016 - mpluskal@suse.com

- Update to version 1.15.0:
  * lib: Add nghttp2_option_set_max_deflate_dynamic_table_size()
    API function (GH-684)
  * lib: Allow NGHTTP2_ERR_PAUSE from
    nghttp2_data_source_read_callback (GH-671)
  * lib: Add nghttp2_session_get_hd_deflate_dynamic_table_size()
    and nghttp2_session_get_hd_inflate_dynamic_table_size() API
    functions to get current HPACK dynamic table size (GH-664)
  * lib: Add nghttp2_session_get_local_settings() API function
  * lib: Add nghttp2_session_get_local_window_size() and
    nghttp2_session_get_stream_local_window_size() API functions
  * build: Add -lsocket -lnsl to APPLDFLAGS for solaris build
  * neverbleed: Update neverbleed to support ECDSA certificate
  * doc: Mention --enable-lib-only configure option in README
  * integration: Fix test failure with go1.7.1
  * src: Fix compile error with openssl 1.1.0
  * nghttpx: Improve performance with HTTP/1.1 backend when
    request body is involved
  * nghttpx: Use std::atomic_* overloads for std::shared_ptr if
    available
  * nghttpx: Migrate backend stream to another h2 session on
    graceful shutdown
  * nghttpx: Add option to specify HPACK encoder/decoder dynamic
    table size
  * nghttpx: Log client address
  * nghttpx: Add tls_sni to mruby Nghttpx::Env class
  * nghttpx: Add --frontend-http2-window-size option, and its
    family functions
  * nghttpx: Add experimental TCP optimization for h2 frontend
  * nghttpx: Workaround for std::make_shared bug in Xcode7, 7.1,
    and 7.2 (GH-670)
  * nghttpx: Fix bug that bytes are doubly counted to rate limit
    for TLS connections
  * nghttpx: Add --no-server-rewrite option not to rewrite server
    header field (GH-667)
  * nghttpx: Retry if backend h1 connection cannot be established
    due to timeout
  * nghttpx: Reset stream if invalid header field is received in h2
  * nghttpx: Add --server-name option to change server response
    header field (GH-667)
  * nghttpd: Add --encoder-header-table-size option
  * nghttp: Add --encoder-header-table-size option
  * python: Support ALPN, require Python 3.5

-------------------------------------------------------------------
Thu Sep  8 08:35:52 UTC 2016 - idonmez@suse.com

- Update to version 1.14.0:
  * lib: Make emit_header() return void since it always succeed
  * lib: Add nghttp2_hd_deflate_hd_vec() deflate API to support
    multiple buffer input
  * lib: since hd_inflate_commit_indexed() always return 0,
    remove the return value check in nghttp2_hd_inflate_hd_nv()
  * lib: Use memeq() instead of lstreq() in lookup_token()
  * lib: More strict stream state handling
  * lib: Modify genlibtokenlookup.py to remove redundant header
    comparisons and remove inline qualifier of lookup_token()
    in genlibtokenlookup.py
  * lib: Fix wrong tree operation to avoid cycle
  * lib: Make get_max_index() return the max index in frame,
    so we don't need to do extra calculation
  * lib: Add nghttp2_on_invalid_header_callback
  * lib: Log frame's stream ID for header debug logging
  * doc: Remove old doc about differential encoding in HPACK
  * doc: Document about ALPN in nghttpx howto
  * nghttpx: Log error code from getsockopt(SO_ERROR) on first
    write event
  * nghttpx: Don't change pushed stream's priority
  * nghttpx: Log backend connection failure in WARN level
  * nghttpx: Fix bug that api and healthmon parameters do not work
    with http2 proxy
  * nghttpx: Add access log variable for backend host and port
  * nghttpx: Use copy instead of const reference of backend group
  * nghttpx: Reload configuration with SIGHUP
  * nghttp: Adjust weight according to Firefox stable
  * nghttp: Call error callback when invalid header field is
    received and ignored
  * nghttp: Allow multiple -p option
  * deflatehd: Call nghttp2_hd_deflate_change_table_size only
    if table size is changed from default

-------------------------------------------------------------------
Sun Aug  7 17:23:20 UTC 2016 - mpluskal@suse.com

- Update to version 1.13.0:
  * lib: Cancel non-DATA frame transmission from
    nghttp2_before_frame_send_callback
  * doc: Fix warning with Sphinx 1.4
  * build: Work with Android NDK r12b
  * nghttpx: Use consistent hashing for client IP based session
    affinity
  * nghttpx: Fix FTBFS on armel by explicitly including the header
  * nghttpx: Cast to double to fix build with gcc 4.8 on Solaris 11
  * nghttpx: Fix build error with libressl
  * examples: Fix compile error with OpenSSL v1.1.0-beta2

-------------------------------------------------------------------
Thu Jul 14 13:08:52 UTC 2016 - mpluskal@suse.com

- Update to version 1.12.0:
  * Add nghttp2_session_set_local_window_size API function
  * Add nghttp2_option_set_max_send_header_block_length API
    function (GH-613)
  * Fix warning: declaration of 'free' shadows a global declaration
    (Patch from Alexis La Goutte)
  * examples: Add ALPN support to tutorial client/server (GH-614)
  * nghttpx: Reduce TTFB with large number of incoming connections
  * nghttpx: Rewrite read timer handling
  * nghttpx: Clean up neverbleed AF_UNIX socket
  * nghttpx: Add --backend-max-backoff option
  * nghttpx: Use 16KiB buffer for reading to match TLS record size
  * nghttpx: Add healthmon parameter to -f option to enable health
    monitor mode
  * nghttpx: Receive reference of std::mt19937, not making a copy
  * nghttpx: Fix bug that backend never return to online (GH-615)
  * nghttpx: Implement client IP based session affinity
  * nghttpx: Add --api-max-request-body option to set maximum API
    request body size
  * nghttpx: Add api parameter to --frontend option to mark API
    endpoint
  * h2load: Add content-length header field for HTTP/2 and SPDY as
    well
  * h2load: Implement HTTP/1 upload (GH-611)

-------------------------------------------------------------------
Wed Jun  8 09:03:04 UTC 2016 - idonmez@suse.com

- Update to 1.11.1
  * lib: Add nghttp2_hd_inflate_hd2() and deprecate
    nghttp2_hd_inflate_hd()
  * lib: Avoid 0-length DATA if NGHTTP2_DATA_FLAG_NO_END_STREAM is set
  * lib: Fix bug that PING flags are ignored in nghttp2_submit_ping
  * integration: Workaround runtime error: cgo argument has Go pointer
    to Go pointer
  * nghttp: Eliminate zero length DATA frame at the end if possible
  * nghttpd: Set content-length in status response
  * nghttpx: Add sni keyword to --backend option
  * nghttpx: Allow mixed protocol and TLS settings among backends under
    same pattern
  * nghttpx: Don't add 0-length DATA when response HEADERS bears
    END_STREAM flag
  * nghttpx: Don't add chunked encoded response body for HEAD request
  * nghttpx: Don't use CN if we have dNSName or iPAddress field
  * nghttpx: Just call execv instead of execve to pass environ
  * nghttpx: Make SETTINGS timeout value configurable
  * nghttpx: Save PID file after it is ready to accept connections
  * nghttpx: Treat backend failure if SETTINGS is not received within
    timeout
  * nghttpx: Wait for SETTINGS ACK to make sure that backend h2 server
    is alive

-------------------------------------------------------------------
Wed Apr 27 10:04:48 UTC 2016 - mpluskal@suse.com

- Update to 1.10.0
  * Pass unknown SETTINGS values to nghttp2_on_frame_recv_callback
  * Add ALTSVC frame support
  * Run error callback when peer does not send initial SETTINGS
    frame
  * Update http-parser
  * Update sphinx_rtd_theme
  * nghttp: add an --expect-continue option
  * nghttpx: Fix downstream connect callback called early
  * nghttpx: Truncate too long -b option signature
  * nghttpx: Fix bug that server push from mruby script did not
    work
  * nghttpx: Try next HTTP/1 backend address when connection
    cannot be made
  * nghttpx: Retry next HTTP/2 backend address when connection
    cannot be made
  * nghttpx: Enable link header field based push for non-final
    response
  * nghttpx: Detect online/offline state of backend servers
  * nghttpx: Better load balancing between backend HTTP/2 servers
  * nghttpx: Fix crash with backend failure

-------------------------------------------------------------------
Wed Apr 13 18:31:20 UTC 2016 - mpluskal@suse.com

- Update to 1.9.2
  * nghttpx: Fix crash with backend failure
  * nghttpx: Better distribute load to backend h2 servers
  * nghttpx: Fix error messages on deprecated mode
  * nghttpx: Fix bug that logger wrote string which was not
    NULL-terminated
  * nghttpx: Fix bug that proxy with HTTP/1.1 CONNECT did not work

-------------------------------------------------------------------
Sun Mar 27 16:57:17 UTC 2016 - mpluskal@suse.com

- Update to 1.9.1
  * nghttpx: Fix bug that backend tls keyword did not work with -s
    option
  * nghttpx: Fix handing stream after connection check was failed
- Changes for 1.9.0
  * lib: Add nghttp2_error_callback to tell application human
    readable error message
  * lib: Reference counted HPACK name/value pair, adding
  * nghttp2_on_header_callback2
  * lib: Add nghttp2_option_set_no_auto_ping_ack() option
  * lib: Add nghttp2_http2_strerror() to return HTTP/2 error code
    string
  * build: Makefile.msvc enhancements (Patch from Jan-E)
  * build: Lower libev version requirement (Patch from Peter Wu)
  * build: cmake build support (Patch from Peter Wu)
  * asio: Fix bug that server event loop breaks with exception
  * integration: Disable tests that sometimes break randomly on
    travis
  * integration: do not use recursive target (Patch from Peter Wu)
  * h2load: Fix bug that it did not try to connect to server again
  * h2load: Fix bug that initial max concurrent streams was too
    large
  * nghttpx: Memcached connection encryption with tls keyword
  * nghttpx: Enable/disable TLS per frontend address
  * nghttpx: Configure TLS per backend routing pattern
  * nghttpx: Workaround for Ubuntu 15.04 which does not
    value-initialize on std::make_shared.
  * nghttpx: Add --error-page option to set custom error pages
  * nghttpx: Add wildcard host routing
  * nghttpx: Change read timeout reset timing
  * nghttpx: Don't push if Link header field includes nopush
  * nghttpx: Deprecate backend-http1-connections-per-host in favor
    of backend-connections-per-host
  * nghttpx: Restructure mode settings, removing --http2-bridge,
    --client, and --client-proxy options
  * nghttpx: Deprecate backend-http1-connections-per-frontend in
    favor of backend-connections-per-frontend
  * nghttpx: Don't share session which is already in draining
    state
  * nghttpx: Effectively disable backend HTTP/2 connection flow
    control
  * nghttpx: Add --frontend-http2-max-concurrent-streams and
    --backend-http2-max-concurrent-streams, and deprecate
    --http2-max-concurrent-streams option
  * nghttpx: Deprecate --backend-http2-connections-per-worker
    option
  * nghttpx: Share TLS session cache between HTTP/2 and HTTP/1
    backend
  * nghttpx: Rewrite backend HTTP/2 connection coalesce strategy

-------------------------------------------------------------------
Fri Feb 26 13:00:38 UTC 2016 - mpluskal@suse.com

- Update to 1.8.0
	* Add Architecture documents (work in progress)
  * List all contributors in AUTHORS
  * doc: fix out-of-tree doc builds (Patch from Peter Wu)
  * Wrap AM_PATH_XML2 by m4_ifdef to handle the case when
    _PATH_XML2 is not found
  * Fix configure script for non-gcc, clang build
  * Document compiling apps and include h2load in configure (Patch
    from David Beitey)
  * Don't check for dlopen/libdl on *BSD (Patch from Bernard Spil)
  * Don't taint CXXFLAGS from AX_CXX_COMPILE_STDCXX_11
  * Fixing Windows Makefile version detection (Patch from Reza
    Tavakoli)
  * lib: Tokenize extra HTTP header fields
  * lib: Fix typo in HAVE_CONFIG_H name (Patch from Peter Wu)
  * lib: Add HTTP/2 extension framework to send and receive
    non-critical frames
  * tests: remove unused macros (Patch from Peter Wu)
  * src: Update default cipher list
  * src: Fix compile error with gcc-6 which enables C++14 by default
  * asio: client: Fix connect timeout does not work, return from cb
    if session stopped, removing client::session::connect_timeout()
    functon
  * nghttpd: Start SETTINGS timer after it is written to output
    buffer
  * nghttpd: Add trailer header field to status responses
  * nghttpd: Add -w and -W options to change window size
  * nghttpx: Worker wide blocker which is used when socket(2) is
    failed
  * nghttpx: ConnectBlocker per backend address
  * nghttpx: Interleave text/html pushed resources with associated
    resource
  * nghttpx: Add headers given in add-response-headers for mruby
    response
  * nghttpx: Deprecate --backend-ipv4 and --backend-ipv6 in favor
    of --backend-address-family
  * nghttpx: Add options to specify address family of memcached
    connections
  * nghttpx: Add encryption support for TLS ticket key retrieval
  * nghttpx: Add TLS support for session cache memcached connection
  * nghttpx: Refactor blacklisted cipher suite check (Patch from
    Jay Satiro)
  * nghttpx: Add TLS support for HTTP/1 backend
  * nghttpx: Add request-header-field-buffer and
    max-request-header-fields options, deprecating
    header-field-buffer and max-header-fields options.
  * nghttpx: Add --no-http2-cipher-black-list to allow black listed
    cipher suite
  * nghttpx: Limit header fields from backend
  * nghttpx: Fix bug that IPv6 address in Forwarded "for" is not
    quoted-string
  * nghttpx: Support multiple frontend addresses
  * integration-tests: support out-of-tree tests (Patch from Peter
    Wu)
  * examples: fix compile warnings (Patch from Peter Wu)
- Drop upstreamed nghttp2-c++14.patch

-------------------------------------------------------------------
Fri Feb 12 17:21:54 UTC 2016 - mpluskal@suse.com

- Update to 1.7.1
  * Fix CVE-2016-1544 (boo#966514)

-------------------------------------------------------------------
Thu Jan 28 14:43:56 UTC 2016 - rguenther@suse.com

- Add nghttp2-c++14.patch to properly guard make_unique templates.
  [bsc#964140]

-------------------------------------------------------------------
Tue Jan 26 20:02:00 UTC 2016 - mpluskal@suse.com

- Update to 1.7.0
  * Reset (RST_STREAM) stream if flow control window gets overflow
  * Validate :authroity, host, and :scheme value more strictly
  * Check request/response submission error based side of session
  * Strict outgoing idle stream detection
  * Return error from nghttp2_submit_{headers,request} when self
    dependency is made
  * Add -ldl to APPLDFLAGS for static openssl linking
  * asio: Stop acceptor on server::http2::stop
  * asio: Rename http2::get_io_services() as http2::io_services()
  * h2load: Support UNIX domain socket
  * h2load: Improve readability of traffic numbers
  * h2load: Remove "auto" for -m option
  * h2load: Show progress in rate mode
  * h2load: Perform sampling for request and connection timings to
    reduce memory consumption
  * nghttpd: Add --no-content-length option to omit content-length
    in response
  * nghttpx: Interleave pushed streams with the associated stream
    if pushed streams are javascript and CSS resources
  * nghttpx: The initial value of request/response buffer is
    increased to 128K
  * nghttpx: Fix bug that --listener-disable-timeout option is not
    used
  * nghttpx: Don't emit :authority if request does not contain
    authority information
  * nghttpx: Add clarification of quotes in configuration file
  * nghttpx: Don't allow certain characters in host and :scheme
    header field
  * nghttpx: Add RFC 7239 Forwarded header field support
  * nghttpx: Fix crash when running on IPv6 only (Patch from Vernon
    Tang)
  * nghttpx: Take into account of trailers when applying
    max_header_fields
  * nghttpx: Don't apply max_header_fields and header_field_buffer
    limit to response
  * nghttpx: Strict validation for header fields given in
    configuration
  * nghttpx: header value should not be lower-cased (Patch from
    ayanamist)

-------------------------------------------------------------------
Thu Jan 21 08:28:51 UTC 2016 - pgajdos@suse.com

- fixed typo in libnghttp2_asio1 [bsc#962914]

-------------------------------------------------------------------
Wed Dec 23 17:48:47 UTC 2015 - mpluskal@suse.com

- Update to 1.6.0
	* Fix heap-use-after-free bug when handling idle streams
	* Strict error handling for frames which are not allowed after
    closed (remote)
	* Set max number of outgoing concurrent streams to 100 by
    default
	* Keep incoming streams only at server side
	* Create stream object for pushed resource during
    nghttp2_submit_push_promise()
	* Add nghttp2_session_create_idle_stream() API
	* Handle response in nghttp2_on_begin_frame_callback
	* Add --lib-only configure option
	* Compile with OpenSSL 1.1.0-pre1
	* Fix build when OpenSSL 1.0.2 is not available (patch from
    Sunpoet Po-Chuan Hsieh)
	* asio: Add connect and read timeout to client API
	* asio: Add TLS handshake and read timeout to server API
	* asio: Added access to a requests remote endpoint (patch from
    Andreas Pohl)
	* asio: libnghttp2_asio: Added io_service accessors (patch from
    Andreas Pohl)
	* h2load: Add req/s min, max, mean and sd for clients
	* h2load: Fix broken connection times

-------------------------------------------------------------------
Tue Dec  1 14:13:15 UTC 2015 - mpluskal@suse.com

- Update to 1.5.0
  * Fix bug that nghttp2_session_find_stream(session, 0) returned
		NULL
	* Add nghttp2_session_change_stream_priority() to change stream
		priority without sending PRIORITY frame
	* Add nghttp2_session_check_server_session() API
	* Consider to use CANCEL error code when closing streams with
		GOAWAY
	* Don't send push response if GOAWAY has been received
	* Use error code CANCEL to reset pushed reserved stream from
		remote
	* Add nghttp2_session_upgrade2(), deprecate
		nghttp2_session_upgrade()
	* Workaround HTTP upgrade with HEAD request in
		nghttp2_session_upgrade()
	* Introduce NGHTTP2_NV_FLAG_NO_COPY_NAME and
		NGHTTP2_NV_FLAG_NO_COPY_VALUE
	* Add nghttp2_session_check_request_allowed() API function
	* Switch to clang-format-3.6
	* Update mruby to 1.2.0
	* tests: fix broken linkage with --disable-static (Patch from
		Kamil Dudka)
	* python: Send RST_STREAM if remote side is not closed and
		response finished
	* asio: client: call on_error when connection is dropped
	* asio: ALPN support
	* h2load: Add --h1 option to force http/1.1 for both http and
		https URI
	* h2load: Fix crash when dealing with "connection: close" form
		HTTP/1.1 server
	* h2load: h2load goes into infinite loop when timing script file
		starts with 0.0 in first line (Patch from Kit Chan)
	* h2load: Override user-agent with -H option
	*	h2load: Print "space savings" to measure header compression
		efficiency
	* h2load: Stream error should be counted toward errored
	* h2load: Show application protocol with OpenSSL < 1.0.2
	* nghttpx: Don't send RST_STREAM to h2 backend if backend is
		disconnected state
	* nghttpx: Support server push from HTTP/2 backend
	* nghttpx: Fix bug that causes connection failure with backend
		proxy URI
	* nghttpx: Use --backend-tls-sni-field to verify certificate
		hostname
	* nghttpx: Log :authority as $http_host if available
	* nghttpd: Fix crash with CONNECT request
	* nghttpd: Defered eviction of cached fd using timer
	* nghttpd: Read /etc/mime.types to set content-type header field
	* nghttp: Record request method to output it in har correctly
	* nghttp: Use method given in -H with ":method" in HTTP Upgrade
- Drop nghttp2-1.4.0-fix-tests.patch (now in upstream)

-------------------------------------------------------------------
Mon Nov 16 17:21:15 UTC 2015 - mpluskal@suse.com

- Enable spdy and more example applications

-------------------------------------------------------------------
Sat Oct 31 10:21:56 UTC 2015 - sor.alexei@meowr.ru

- Update to 1.4.0:
  * lib: Don't always expect dynamic table size update.
  * lib: Shrink to the minimum table size seen in local SETTINGS.
  * lib: Add new error code NGHTTP2_ERR_PAUSE to send_data_callback.
  * lib: Avoid excessive WINDOW_UPDATE queuing.
  * lib: Return fatal error if flooding is detected to close
    session immediately.
  * lib: Return type of nghttp2_submit_trailer is int.
  * lib: Don't send WINDOW_UPDATE with 0 increment.
  * lib: Fix bug that headers in CONTINUATION were ignored after
    HEADERS with padding.
  * package: Use -fvisibility=hidden for internal functions.
  * package: Show more information in configure summary.
  * package: Add PIDFile directive to systemd service.
  * package: Fix daemon upgrade when running under systemd.
  * app: Compile with BoringSSL.
  * nghttp: Allow multiple -c option occurrence, and take min and
    last value.
  * nghttpd: Fix leak when server failed to listen to given port.
  * nghttpx: Add TLS dynamic record size behaviour command line
    options.
  * nghttpx: Reduce default timeouts for read sockets to 1m.
  * nghttpx: Fix bug that PUT is replaced with POST.
  * nghttpx: Change mruby script handling.
  * nghttpx: Added support for RFC 7413 (TCP Fast Open) on nghttpx
    proxy listening connections.
  * nghttpx: Add neverbleed support.
  * h2load: Don't DOS our server!
  * h2load: Use duration syntax for timeouts.
  * h2load: Support subsecond rate period.
  * h2load: Simplify rate mode.
  * h2load: Add option for user-definable rate period.
  * h2load: Reuse SSL/TLS session.
  * h2load: Reconnect server on connection: close.
  * h2load: Don't exit in the case of no ALPN protocol overlap.
  * integration: Update go's http2 package URI.
- Add missing baselibs.conf.
- Add nghttp2-1.4.0-fix-tests.patch from commit 4825009.
- Small spec cleanup.

-------------------------------------------------------------------
Sun Sep 27 12:38:17 UTC 2015 - mpluskal@suse.com

- Update to 1.3.4
  * Make traditional init script fail if new config file is broken
    (Patch from Janusz Dziemidowicz)
  * nghttpx-logrotate: Don't use killall since we have multiple
    processes
  * nghttpx: Fix improper signal handling
- Changes for 1.3.3
  * Fix bug in padding handling of DATA frame
  * Use hash table for dynamic table lookup
  * More warning flags for --enable-werror
  * Update mruby
  * h2load: HTTP/1.1 support (Patch from Lucas Pardue)
  * nghttpx: Do not try to set TCP_NODELAY when frontend is an
    UNIX socket (Patch from Janusz Dziemidowicz)
  * nghttpx: Chown UNIX domain socket to user specified as --user
  * nghttpx: Split monolithic one process into control and worker
    processes
  * nghttpx: Handle SSL/TLS data following PROXY protocol line
- Changes for 1.3.2
  * Check header block limit after new stream is opened
  * nghttp: Show error if HEADERS frame cannot be sent for
    whatever reason
  * nghttpx: Fix assertion failure on TLS handshake
  * nghttpx: Add x-http2-push header field for pushed resource
  * nghttpx: Fix compile error with --disable-threads

-------------------------------------------------------------------
Mon Sep 14 13:33:16 UTC 2015 - mpluskal@suse.com

- Update to 1.3.1
  * Avoid usage of typeof and replace __builtin_offsetof with
    offsetof
  * Honor stream->weight even if stream->last_writelen is 0
  * Compile third-party libraries if hpack-tools is enabled
  * nghttpx-init: Start nghttpx with --daemon
  * Bundle sphinxcontrib.rubydomain https://bitbucket.org/birkenfeld/sphinx-contrib/src/default/rubydomain/
  * Bundle mruby
  * h2load: Record TTFB on first byte of response body, rather
    than first socket read
  * h2load: Improve checking for timing script input, prevent
    false positive in certain situations
  * nghttpx: Implement PROXY protocol version 1
    (--accept-proxy-protocol option)
  * nghttpx: Allow link header server push for HTTP/2 backend
    as well
  * nghttpx: Don't initiate push if client disabled push
  * nghttpx: Allow absolute URI in Link header field for push
  * nghttpx: Fix crash with multi workers and QUIT signal
  * nghttpx: Add mruby support which is disabled by default
    (use --with-mruby configure option to enable it)
  * nghttpx: Drop connection before TLS finish if h2 requirement
    is not fulfilled
- Fix typo in previous changelog entry

-------------------------------------------------------------------
Tue Sep  1 06:59:43 UTC 2015 - mpluskal@suse.com

- Update to 1.3.1
  * Limit the number of incoming reserved (remote) streams
  * Add stream public API
  * Rewrite priority tree handling
  * Fix parallel make distcheck
  * Define it and itprep recursive target if
    AM_EXTRA_RECURSIVE_TARGETS is defined
  * fetch-ocsp-response: Handle spurious openssl exist status 0
  * nghttpx: Use nghttp2::ssl::DEFAULT_CIPHER_LIST for backend TLS
    connection
  * nghttpx: Don't allow blacked listed cipher suites for HTTP/2
    connection
  * nghttpx: better handle /dev/stderr and /dev/stdout (Patch from
    Tomasz Buchert)
  * nghttpd: GOAWAY if SSL/TLS requirements for HTTP/2 are not met
  * nghttpd: Return date header field for 304
  * nghttpd: Support HEAD request
  * h2load: Add Timing-script and base URI support (Patch from
    Lucas Pardue)
  * h2load: Add timeout options (Patch from Nora)
- Fix typo in changelog

-------------------------------------------------------------------
Mon Aug 17 10:51:27 UTC 2015 - mpluskal@suse.com

- Update to 1.2.1
  * doc: Reword the HPACK tutorial (Patch from Tom Harwood)
  * nghttpx: Fix stability issues
  * h2load: Fix crash if -r > -n

-------------------------------------------------------------------
Mon Aug 10 14:10:20 UTC 2015 - mpluskal@suse.com

- Update to 1.2.0
  * Fix crash if response or data is submitted to closing stream
  * Header table size UINT32_MAX must be accepted
  * Use PROTOCOL_ERROR against DATA sent to idle stream
  * Allow multiple in-flight SETTINGS
  * Strictly check occurrence of dynamic table size update
  * Fix configure warning that 'missing' is missing or too old
  * Fix rm: cannot remove ‘*.rst’: No such file or directory when
    "make clean" (Patch from Alexis La Goutte)
  * doc: Reword some of the server and client tutorial (Patch
    from Tom Harwood)
  * src: Remove monotonic_clock replacement macro for gcc-4.6
  * nghttpx: Add TLS ticket key sharing among nghttpx instances
    using memcached
  * nghttpx: Add shared session cache using memcached
  * nghttpx: Set SSL/TLS session timeout to 12 hours
  * nghttpx: Enable session resumption on HTTP/2 backend
  * nghttpx: Don't rewrite host header field by default
  * nghttpx: Generate new ticket key every 1hr and its life time
    is now 12hrs
  * nghttpx: Don't reuse backend connection if it is not clean
  * nghttpx: Add AES-256-CBC encryption for TLS session ticket
  * nghttpd: Fix the bug that 304 response has non-empty body
  * h2load: Add -r and -C options to h2load (Patch from
    Nora Shoemaker)
- Changes for 1.1.2
  * Fix linker error with libnghttp2_asio
  * Allow custom installation location for Python bindings
- Drop no longer needed missing_nghttp2_timegm.patch

-------------------------------------------------------------------
Thu Jul 16 06:58:40 UTC 2015 - mpluskal@suse.com

- Update to 1.1.1
  * nghttpx: Fix various stability issues and memory leak bug
- Changes for 1.1.0
  * Fix DATA is not consumed if nghttp2_http_on_data_chunk failed
  * nghttp2_submit_response and nghttp2_submit_headers may return
  * NGHTTP2_ERR_DATA_EXIST
  * msvc build fixes and enchantments (Patch from Gabi Davar)
  * Compile with IRIX gcc-4.7 (Patch from Klaus Ziegler)
  * nghttp: Add --max-concurrent-streams option
  * nghttp: Add comment on HAR on pushed objects (Patch from
    acesso)
  * nghttpx: Add --include option to read additional configuration
    from given file
  * nghttpx: Add backend routing based on request host and path by
    extending -b option
  * nghttpx: Allow log variable to be enclosed by curly braces for
    disambiguation
  * nghttpx: Add log variables related to SSL/TLS connection
  * h2load: Add --ciphers option
- Add patches
  * missing_nghttp2_timegm.patch to fix building of asio library
  * nghttp2-remove-python-build.patch to fix python bindings
    installation when autotools are used

-------------------------------------------------------------------
Tue Jun 30 11:54:06 UTC 2015 - mpluskal@suse.com

- Update to 1.0.5
  * Add STREAM_DEP_DEBUG macro switch to enable runtime validation
    of depedency tree
  * Fix another bug in priority handling; sibling's item is not
    queued when ancestor's item is detached
  * nghttpx: Fix crash with --http2-bridge and both frontend and
    backend TLS

-------------------------------------------------------------------
Wed Jun 24 10:52:12 UTC 2015 - mpluskal@suse.com

- Update to 1.0.4
  * Fix assertion failure in stream_update_dep_on_detach_item
    (GH-264)
- Changes for 1.0.3
  * Fix bug that idle self-depending PRIORITY is not handled
    gracefully
  * Optimize dependency based priority code to Firefox style tree
  * enable third-party for asio_lib too (Patch from Mike
    Frysinger)
  * fetch-ocsp-response: Support LibreSSL, and include port in
    ocsp_host
  * src: Support compile with LibreSSL
  * nghttpx: Fix bug that x-forwarded-proto header field does not
    reflect frontend scheme on HTTP/2 backend
  * nghttpx: Validate :path on SPDY frontend

-------------------------------------------------------------------
Tue Jun 16 08:27:32 UTC 2015 - mpluskal@suse.com

- Update to 1.0.2
  * Fix bug that data are not consumed for connection in race
    condition (GH-253)
  * Define NGHTTP2_EXTERN to __declspec(dllimport) when using
    nghttp2 for Windows build
  * Translate fetch-ocsp-response into Python
  * libevent-client: Fix bug that path is broken if URI does not
    contain path part
  * python: Call on_close callback when connection is lost for
    server session
  * python: Expose client certificate, if available (Patch from
    Fabian Wiesel)
  * python: Catch and log failure to set TCP_NODELAY (Patch from
    Fabian Wiesel)
  * nghttpx: Add --add-request-header option
  * nghttpx: Make WebSocket upgrade work
  * nghttpx: Fix bug that END_STREAM is not set in backend for
    POST with Upgrade
  * nghttpx: Don't send "Expect" header field twice

-------------------------------------------------------------------
Mon May 25 15:13:45 UTC 2015 - mpluskal@suse.com

- Update to 1.0.1
  * Include stdint.h instead of inttypes.h when compiled with MSVC
    < 2013
  * Fix invalid memory free on out-of-memory handling
  * integration: Use our own copy of golang spdy package
  * android: Don't link zlib bundled with android NDK
  * Dockerfile.android: Update NDK ver, and ubuntu; build and link
    zlib
  * src, examples: Fix up OpenSSL initialization
  * nghttpx: Allow HTTP Upgrade from POST request if response
    header has not been sent to the client
  * nghttpx: Fix bug that PUSH_PROMISE is sent after associated
    response HEADERS
  * nghttpd: Close connection after settings timeout and GOAWAY
    was sent
  * h2load: Fix bug that NPN fails if ALPN is enabled

-------------------------------------------------------------------
Thu May 21 06:50:36 UTC 2015 - mpluskal@suse.com

- Update to 1.0.0
  * v1.0.0 introduced backward incompatible changes from 0.7
    series. Read https://nghttp2.org/documentation/package_README.html#migration-from-v0-7-15-or-earlier
    to migrate from older version to this latest version.
- Changes for 0.7.15
  * Hopefully, this is the last release for 0.7.x series.
    Development continues in 1.x series.
  * Access violation in buffers (GH-232) (Patch from Etienne Cimon)
  * Retry finding jemalloc lib by je_malloc_stats_print (GH-233)
  * inflatehd: Fix crash if 'wire' value is not string (GH-235)
  * nghttpx: Revert 585af93 to fix crash with TLS (GH-234)
  * nghttpd: Add --echo-upload option to send back request body

-------------------------------------------------------------------
Wed May 13 13:07:14 UTC 2015 - mpluskal@suse.com

- Update to 0.7.14
  * Fix global-buffer-overflow in HPACK code
  * Fix doc for nghttp2_select_next_protocol
  * Fix bug that promised stream was not reset on decompression
    error
  * Add systemd and upstart configuration file for nghttpx
    (Patch from Zhuoyun Wei)
  * Improve nghttpx logrotate configuration file (Patch from
    Zhuoyun Wei)
  * Update sphinx_rtd_theme
  * h2load: Update h2load to give connect time and ttfb stats
    (Patch from ericcarlschwartz)
  * nghttpd: Add -m, --max-concurrent-streams option
  * nghttpx: Log absolute URI for HTTP/2 or client proxy request
  * nghttpx: Add --header-field-buffer and --max-header-fields
    options
  * nghttp: Fix assertion error if very large value is given to -t

-------------------------------------------------------------------
Fri May  1 13:47:12 UTC 2015 - mpluskal@suse.com

- Update to 0.7.13
  * Fix bug that promised stream was not reset by returning
    NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE from
    nghttp2_on_header_callback. Instead, associated stream was reset.
  * Allow NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE from
    nghttp2_on_begin_headers_callback
  * h2load: Effectively disable flow control by setting large
    window size
  * asio: Graceful shutdown and joinable server (Patch from
    Xiaoguang Sun)

-------------------------------------------------------------------
Mon Apr 20 08:40:33 UTC 2015 - mpluskal@suse.com

- Update to 0.7.12
  * Fix bug that nghttp2_session_set_next_stream_id accepts invalid
    stream_id
  * HPACK: Rewrite static header table handling
  * HPACK: Never index authorization and small cookie header field
  * Don't install libnghttp2_asio headers if they are disabled
  * doc: Specify program directive so that hyperlink to option is
    correctly pointed to the intended location
  * asio: client: Call error_cb on error occurred in do_read and
    do_write (Fixes GH-207)
  * nghttp: Add --no-push option to disable server push
  * nghttp: Show stream ID in statistics output
  * nghttp: Remove --dep-idle option
  * nghttp: Use same priority anchor nodes as Firefox does
  * nghttpx: Don't push resource if link header has non empty
    loadpolicy
  * nghttpx: Add logging for somewhat important events (logs,
    tickets, and ocsp)
  * nghttpx: Set Downstream to stream user data on HTTP Upgrade
    to h2

-------------------------------------------------------------------
Sun Apr 12 17:38:36 UTC 2015 - mpluskal@suse.com

- Update to 0.7.11
  * nghttpx: Fix waitpid race condition in ocsp response update
  * nghttp: Consider user-provided :authority header field for SNI
    as well as host header field
- Changes for 0.7.10
  * Make sure that nghttp2 license is MIT license
  * Add nghttp2_session_consume_{connection,stream} to consume
    bytes independent
  * Add nghttp2_send_data_callback to send DATA payload without
    copying "static inline" fix for build with VS2013 (Patch from
    Remo E)
  * Update lib/Makefile.msvc (Patch from Remo E)
  * Remove dependency on libws2_32 on Windows build
  * Define NGHTTP2_EXTERN macro to export function for Windows
    build
  * doc: Generate API doc per function
  * python: Add async body generation support
  * python: Fix pseudo-header field ordering bug
  * nghttpx: Redirect stderr to errorlog file
  * nghttpx: Fix bug that data buffered in SSL object are not
    read
  * nghttpx: Remove --tls-ctx-per-worker option
  * nghttpx: Add OCSP stapling feature

-------------------------------------------------------------------
Sat Apr  4 16:55:55 UTC 2015 - mpluskal@suse.com

- Enable python bindings
- Update to 0.7.9
  * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14)
  * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09)
  * h2load: Fix crash if -t > -c
  * h2load: Add -d option to upload data to server
  * nghttpx: Forward only "trailers" keyword in te when forwarding HTTP/2 backend
  * nghttpx: Fix PUSH_PROMISE header field corruption [GH-194]
  * nghttpx: Fix te header field is duplicated when forwarding HTTP/2 backend
  * nghttp, nghttpd: Add --hexdump option to hexdump incoming traffic.
  * examples: Place AM_CPPFLAGS first to use in-package header files first [GH-192]
- Changes for 0.7.8
  * Implements h2-14 protocol (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14)
  * Implements HPACK 09 (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09)
  * Validate :path header field for http or https URI scheme
  * NULL-terminate header field name and value presented by callback
  * README.rst: Cleaned up the grammar a bit (Patch from Ross Smith II)
  * h2load: fix for segfault by reserving correct worker count (Patch from Stefan Eissing)

-------------------------------------------------------------------
Wed Mar 18 21:29:49 UTC 2015 - jengelh@inai.de

- Avoid shipping documentation redundantly. Set RPM groups.

-------------------------------------------------------------------
Fri Mar  6 18:19:47 UTC 2015 - mpluskal@suse.com

- Fix rpm group

-------------------------------------------------------------------
Tue Mar  3 22:15:13 UTC 2015 - mpluskal@suse.com

- Update to 0.7.5
  * Implements h2-14 protocol
    (http://tools.ietf.org/html/draft-ietf-httpbis-http2-14)
  * Implements HPACK 09
    (http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09)
  * Validate HTTP semantics by default
  * Add nghttp2_option_set_no_http_messaging() API function
  * Update http-parser
  * nghttp, nghttpd, nghttpx: Use "sensitive" to indicate
    "never indexed" header field
  * nghttp, nghttpd, nghttpx, h2load: Select/announce h2 in
    ALPN/NPN
  * nghttp: Fix unaligned field output in --stat
  * nghttp: Fix -H does not work with -u upgrade request
  * nghttp: Update resource timing terminology according to
    Resource Timing TR
  * nghttpd: Add -a option which takes an address parameter that
    allows nghttpd to bind to a non-default address. Patch
    from Brian Card
  * nghttpx: Use omit minor version in case of HTTP/2 in via
    header and access log
  * nghttpx: Support UNIX domain socket on both frontend and backend
  * nghttpx: Fix crash in http/1 backend when backend returns more
    bytes than CL
  * nghttpx: Cast configuration value to rlim_t to avoid compile
    error on 32bit
  * nghttpx: Fix 1 second delay in HTTP/2 backend connection
  * nghttpx: Fix request re-submission bug in HTTP/2 backend
  * asio-sv2: Fix compile error with OS X

-------------------------------------------------------------------
Sun Feb 15 11:00:12 UTC 2015 - mpluskal@suse.com

- Initial packaging of 0.7.4

openSUSE Build Service is sponsored by