nginx-1.1.0

Calomel Org infallibilismindefeasibility at calomel.org
Mon Aug 1 21:48:03 UTC 2011


Elliptic curve Diffie-Hellman (ECDH) key exchange ciphers work
perfectly. Thank you very much Igor and Adrian.

For those interested, the ssl_ecdh_curve directive specifies the type
of curve you want to use. secp521r1 is the 521 bit EC for example.

## Global SSL options
 ssl_ciphers ECDHE-RSA-AES256-SHA:AES256-SHA:CAMELLIA256-SHA:DES-CBC3-SHA

## HTTPS server body
 ssl_ecdh_curve secp521r1;

--
   Calomel @ https://calomel.org
   Open Source Research and Reference


On Mon, Aug 01, 2011 at 11:14:00AM -0400, Igor Sysoev wrote:
>Changes with nginx 1.1.0                                         01 Aug 2011
>
>    *) Feature: cache loader run time decrease.
>
>    *) Feature: "loader_files", "loader_sleep", and "loader_threshold" 
>       options of the "proxy/fastcgi/scgi/uwsgi_cache_path" directives.
>
>    *) Feature: loading time decrease of configuration with large number of 
>       HTTPS sites.
>
>    *) Feature: now nginx supports ECDHE key exchange ciphers.
>       Thanks to Adrian Kotelba.
>
>    *) Feature: the "lingering_close" directive.
>       Thanks to Maxim Dounin.
>
>    *) Bugfix: in closing connection for pipelined requests.
>       Thanks to Maxim Dounin.
>
>    *) Bugfix: nginx did not disable gzipping if client sent "gzip;q=0" in 
>       "Accept-Encoding" request header line.
>
>    *) Bugfix: in timeout in unbuffered proxied mode.
>       Thanks to Maxim Dounin.
>
>    *) Bugfix: memory leaks when a "proxy_pass" directive contains 
>       variables and proxies to an HTTPS backend.
>       Thanks to Maxim Dounin.
>
>    *) Bugfix: in parameter validaiton of a "proxy_pass" directive with 
>       variables.
>       Thanks to Lanshun Zhou.
>
>    *) Bugfix: SSL did not work on QNX.
>       Thanks to Maxim Dounin.
>
>    *) Bugfix: SSL modules could not be built by gcc 4.6 without 
>       --with-debug option.
>
>
>-- 
>Igor Sysoev
>
>_______________________________________________
>nginx mailing list
>nginx at nginx.org
>http://mailman.nginx.org/mailman/listinfo/nginx



More information about the nginx mailing list