Log Message:
nghttp2: updated to 1.34.0

Nghttp2 v1.34.0

lib

libnghttp2 now supports extended CONNECT method and :protocol pseudo header \ 
field defined in RFC 8441. To enable this functionality on server side, send \ 
NGHTTP2_SETTINGS_ENABLE_CONNECT_PROTOCOL using nghttp2_submit_settings().

nghttpx

nghttpx now supports “Bootstrapping WebSockets with HTTP/2” defined in RFC \ 
8441 for both frontend and backend HTTP/2 connections.

read-timeout and write-timeout parameters have been added to --backend option to \ 
specify read/write timeouts per pattern which override values set by \ 
--backend-read-timeout and --backend-write-timeout options.

This release fixes stability issues in neverbleed with OpenSSL 1.1.1.

mruby has been updated to version 1.4.1.

env.tls_handshake_finished has been added to mruby scripting to know whether TLS \ 
handshake has been completed or not. This might be useful to decide that 0-RTT \ 
data should be processed or not.

--tls13-ciphers and --tls-client-ciphers options have been added to configure \ 
TLSv1.3 ciphers.

nghttpx now adds Early-Data header field to the request header field when \ 
request is included in 0-RTT packet, and TLS handshake has not been completed \ 
yet. Early-Data header field is defined in RFC 8470.

nghttpx now supports TLSv1.3 0-RTT data. By default, it accepts 0-RTT data, but \ 
postpones the request until TLS handshake completes. The new option \ 
--tls-no-postpone-early-data makes nghttpx not to postpone request and adds \ 
Early-Data header field to backend request. It is important to make sure that \ 
all backends must recognize Early-Data header field to mitigate reply attack.

To enable 0-RTT data and most of the TLSv1.3 features, OpenSSL 1.1.1 is required.