Added support for quic + http/3

Please read https://github.com/macbre/docker-nginx-brotli#quic--http3-support on how to set up nginx and your browser to talk using quic (http/3).

docker pull macbre/nginx-brotli:1.19.6-http3

(note the -http3 label suffix)

• downgrade to nginx 1.19.6 ⚠️ in order to have http/3 support patch work properly
• use the most recent curl to test http/3 support in our CI / Docker build pipeline
• tested with Firefox 88

See #35 and #32 for more details.

nginx 1.19.10

Changes with nginx 1.19.10                                       13 Apr 2021

    *) Change: the default value of the "keepalive_requests" directive was
       changed to 1000.

    *) Feature: the "keepalive_time" directive.

    *) Feature: the $connection_time variable.

    *) Workaround: "gzip filter failed to use preallocated memory" alerts
       appeared in logs when using zlib-ng.

nginx 1.19.9

Merge pull request #27 from macbre/nginx-1.19.9

Use nginx-1.19.9

nginx 1.19.8

Changes with nginx 1.19.8                                        09 Mar 2021

    *) Feature: flags in the "proxy_cookie_flags" directive can now contain
       variables.

    *) Feature: the "proxy_protocol" parameter of the "listen" directive,
       the "proxy_protocol" and "set_real_ip_from" directives in mail proxy.

    *) Bugfix: HTTP/2 connections were immediately closed when using
       "keepalive_timeout 0"; the bug had appeared in 1.19.7.

    *) Bugfix: some errors were logged as unknown if nginx was built with
       glibc 2.32.

    *) Bugfix: in the eventport method.

nginx 1.19.7

Changes with nginx 1.19.7                                        16 Feb 2021

    *) Change: connections handling in HTTP/2 has been changed to better
       match HTTP/1.x; the "http2_recv_timeout", "http2_idle_timeout", and
       "http2_max_requests" directives have been removed, the
       "keepalive_timeout" and "keepalive_requests" directives should be
       used instead.

    *) Change: the "http2_max_field_size" and "http2_max_header_size"
       directives have been removed, the "large_client_header_buffers"
       directive should be used instead.

    *) Feature: now, if free worker connections are exhausted, nginx starts
       closing not only keepalive connections, but also connections in
       lingering close.

    *) Bugfix: "zero size buf in output" alerts might appear in logs if an
       upstream server returned an incorrect response during unbuffered
       proxying; the bug had appeared in 1.19.1.

    *) Bugfix: HEAD requests were handled incorrectly if the "return"
       directive was used with the "image_filter" or "xslt_stylesheet"
       directives.

    *) Bugfix: in the "add_trailer" directive.

nginx 1.19.6

Changes with nginx 1.19.6                                        15 Dec 2020

    *) Bugfix: "no live upstreams" errors if a "server" inside "upstream"
       block was marked as "down".

    *) Bugfix: a segmentation fault might occur in a worker process if HTTPS
       was used; the bug had appeared in 1.19.5.

    *) Bugfix: nginx returned the 400 response on requests like
       "GET http://example.com?args HTTP/1.0".

    *) Bugfix: in the ngx_http_flv_module and ngx_http_mp4_module.
       Thanks to Chris Newton.

nginx 1.19.5

Changes with nginx 1.19.5                                        24 Nov 2020

    *) Feature: the -e switch.

    *) Feature: the same source files can now be specified in different
       modules while building addon modules.

    *) Bugfix: SSL shutdown did not work when lingering close was used.

    *) Bugfix: "upstream sent frame for closed stream" errors might occur
       when working with gRPC backends.

    *) Bugfix: in request body filters internal API

nginx 1.19.4

Changes with nginx 1.19.4                                        27 Oct 2020

    *) Feature: the "ssl_conf_command", "proxy_ssl_conf_command",
       "grpc_ssl_conf_command", and "uwsgi_ssl_conf_command" directives.

    *) Feature: the "ssl_reject_handshake" directive.

    *) Feature: the "proxy_smtp_auth" directive in mail proxy.

nginx 1.19.3 + missing /etc/ssl/dhparam.pem

/etc/ssl/dhparam.pem: copy it from a previous stage #15

Fixes

nginx_1   | nginx: [emerg] BIO_new_file("/etc/ssl/dhparam.pem") failed (SSL: error:02001002:system library:fopen:No such file or directory:fopen('/etc/ssl/dhparam.pem','r') error:2006D080:BIO routines:BIO_new_file:no such file)

nginx 1.19.3

Changes with nginx 1.19.3                                        29 Sep 2020

    *) Feature: the ngx_stream_set_module.

    *) Feature: the "proxy_cookie_flags" directive.

    *) Feature: the "userid_flags" directive.

    *) Bugfix: the "stale-if-error" cache control extension was erroneously
       applied if backend returned a response with status code 500, 502,
       503, 504, 403, 404, or 429.

    *) Bugfix: "[crit] cache file ... has too long header" messages might
       appear in logs if caching was used and the backend returned responses
       with the "Vary" header line.

    *) Workaround: "[crit] SSL_write() failed" messages might appear in logs
       when using OpenSSL 1.1.1.

    *) Bugfix: "SSL_shutdown() failed (SSL: ... bad write retry)" messages
       might appear in logs; the bug had appeared in 1.19.2.

    *) Bugfix: a segmentation fault might occur in a worker process when
       using HTTP/2 if errors with code 400 were redirected to a proxied
       location using the "error_page" directive.

    *) Bugfix: socket leak when using HTTP/2 and subrequests in the njs
       module.