246 changed files with 3962 additions and 45268 deletions
--- a/.github/DISCUSSION_TEMPLATE/general.yml
+++ b/.github/DISCUSSION_TEMPLATE/general.yml
@ -1,15 +0,0 @@
 ---
 body:
  - type: markdown
    attributes:
      value: |
        For NGINX troubleshooting/technical help, please visit our community forum instead of asking your questions here. We will politely redirect these types of questions to the forum.
  - type: textarea
    id: general
    attributes:
      label: What would you like to discuss?
      description: Please provide as much context as possible. Remember that only general discussions related to the NGINX codebase will be addressed on GitHub. For anything else, please visit our [community forum](https://community.nginx.org/).
      value: |
        I would like to discuss...
    validations:
      required: true
--- a/.github/DISCUSSION_TEMPLATE/ideas.yml
+++ b/.github/DISCUSSION_TEMPLATE/ideas.yml
@ -1,15 +0,0 @@
 ---
 body:
  - type: markdown
    attributes:
      value: |
        For NGINX troubleshooting/technical help, please visit our community forum instead of asking your questions here. We will politely redirect these types of questions to the forum.
  - type: textarea
    id: ideas
    attributes:
      label: What idea would you like to discuss?
      description: Please provide as much context as possible. Remember that only ideas related to the NGINX codebase will be addressed on GitHub. For anything else, please visit our [community forum](https://community.nginx.org/).
      value: |
        I have an idea for...
    validations:
      required: true
--- a/.github/DISCUSSION_TEMPLATE/q-a.yml
+++ b/.github/DISCUSSION_TEMPLATE/q-a.yml
@ -1,15 +0,0 @@
 ---
 body:
  - type: markdown
    attributes:
      value: |
        For NGINX troubleshooting/technical help, please visit our community forum instead of asking your questions here. We will politely redirect these types of questions to the forum.
  - type: textarea
    id: q-a
    attributes:
      label: What question do you have?
      description: Please provide as much context as possible. Remember that only questions related to the NGINX codebase will be addressed on GitHub. For anything else, please visit our [community forum](https://community.nginx.org/).
      value: |
        I would like to know...
    validations:
      required: true
--- a/.github/ISSUE_TEMPLATE/bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/bug_report.yml
@ -1,106 +0,0 @@
 ---
 name: 🐛 Bug report
 description: Create a report to help us improve
 labels: bug
 body:
  - type: markdown
    attributes:
      value: |
        Thanks for taking the time to fill out this bug report!
        Before you continue filling out this report, please take a moment to check that your bug has not been [already reported on GitHub][issue search], is reproducible with the latest version of nginx, and does not involve any third-party modules 🙌
        Remember to redact any sensitive information such as authentication credentials and/or license keys!
        **Note:** If you are seeking community support, please start a new topic in the [NGINX Community forum][forum]. If you wish to discuss the codebase, please start a new thread via [GitHub discussions][discussions].
        [issue search]: https://github.com/nginx/nginx/search?q=is%3Aissue&type=issues
        [discussions]: https://github.com/nginx/nginx/discussions
        [forum]: https://community.nginx.org
  - type: textarea
    id: overview
    attributes:
      label: Bug Overview
      description: A clear and concise overview of the bug.
      placeholder: When I do "X", "Y" happens instead of "Z".
    validations:
      required: true
  - type: textarea
    id: behavior
    attributes:
      label: Expected Behavior
      description: A clear and concise description of what you expected to happen.
      placeholder: When I do "X", I expect "Z" to happen.
    validations:
      required: true
  - type: textarea
    id: steps
    attributes:
      label: Steps to Reproduce the Bug
      description: Detail the series of steps required to reproduce the bug.
      placeholder: When I run "X" using [...], "X" fails with "Y" error message. If I check the terminal outputs and/or logs, I see the following info.
    validations:
      required: true
  - type: textarea
    id: configuration
    attributes:
      label: NGINX Configuration
      description: Please provide your NGINX configuration. Minimize it to the smallest possible configuration that reproduces the issue.
      value: |
        ```
        # Your NGINX configuration
        ```
    validations:
      required: true
  - type: textarea
    id: version
    attributes:
      label: NGINX version and build configuration options
      description: Please provide details about your NGINX build.
      value: |
        The output of `nginx -V`: [...]
    validations:
      required: true
  - type: textarea
    id: environment
    attributes:
      label: Environment where NGINX is being built and/or deployed
      description: Please provide details about your environment.
      value: |
        - Target deployment platform: [e.g. AWS/GCP/local cluster/etc...]
        - Target OS: [e.g. RHEL 9/Ubuntu 24.04/etc...]
    validations:
      required: true
  - type: textarea
    id: architecture
    attributes:
      label: Architecture where NGINX is being built and/or deployed
      description: Please provide details about your deployment environment.
      value: |
        The output of `uname -a`: [...]
    validations:
      required: true
  - type: textarea
    id: logs
    attributes:
      label: NGINX Debug Log
      description: Please provide your NGINX debug log. See this [doc](http://nginx.org/en/docs/debugging_log.html) for details on how to enable it.
      value: |
        ```
        # Your NGINX debug log
        ```
  - type: textarea
    id: context
    attributes:
      label: Additional Context
      description: Add any other context about the problem here.
      placeholder: Feel free to add any other context/information/screenshots/etc... that you think might be relevant to this issue in here.
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@ -1,12 +0,0 @@
 ---
 blank_issues_enabled: false
 contact_links:
  - name: 💬 Talk to the NGINX community!
    url: https://community.nginx.org
    about: A community forum for NGINX users, developers, and contributors
  - name: 📝 Code of Conduct
    url: https://www.contributor-covenant.org/version/2/1/code_of_conduct
    about: NGINX follows the Contributor Covenant Code of Conduct to ensure a safe and inclusive community
  - name: 💼 For commercial & enterprise users
    url: https://www.f5.com/products/nginx
    about: F5 offers a wide range of NGINX products for commercial & enterprise users
--- a/.github/ISSUE_TEMPLATE/feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/feature_request.yml
@ -1,40 +0,0 @@
 ---
 name: ✨ Feature request
 description: Suggest an idea for this project
 labels: enhancement
 body:
  - type: markdown
    attributes:
      value: |
        Thanks for taking the time to fill out this feature request!
        Before you continue filling out this request, please take a moment to check that your feature has not been [already requested on GitHub][issue search] 🙌
        **Note:** If you are seeking community support, please start a new topic in the [NGINX Community forum][forum]. If you wish to discuss the codebase, please start a new thread via [GitHub discussions][discussions].
        [issue search]: https://github.com/nginx/nginx/search?q=is%3Aissue&type=issues
        [discussions]: https://github.com/nginx/nginx/discussions
        [forum]: https://community.nginx.org
  - type: textarea
    id: overview
    attributes:
      label: Feature Overview
      description: A clear and concise description of what the feature request is.
      placeholder: I would like this project to be able to do "X".
    validations:
      required: true
  - type: textarea
    id: alternatives
    attributes:
      label: Alternatives Considered
      description: Detail any potential alternative solutions/workarounds you've used or considered.
      placeholder: I have done/might be able to do "X" in this project by doing "Y".
  - type: textarea
    id: context
    attributes:
      label: Additional Context
      description: Add any other context about the problem here.
      placeholder: Feel free to add any other context/information/screenshots/etc... that you think might be relevant to this feature request here.
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@ -1,10 +0,0 @@
 ### Proposed changes
 Describe the use case and detail of the change. If this PR addresses an issue on GitHub, make sure to include a link to that issue using one of the [supported keywords](https://docs.github.com/en/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue) in this PR's description or commit message.
 ### Checklist
 Before creating a PR, run through this checklist and mark each as complete:
 - [ ] I have read the [contributing guidelines](/CONTRIBUTING.md).
 - [ ] I have checked that NGINX compiles and runs after adding my changes.
--- a/.github/workflows/buildbot.yml
+++ b/.github/workflows/buildbot.yml
@ -1,11 +0,0 @@
 name: buildbot
 on:
  push:
    branches:
      - master
      - 'stable-1.*'
 jobs:
  buildbot:
    uses: nginx/ci-self-hosted/.github/workflows/nginx-buildbot.yml@main
--- a/.github/workflows/check-pr.yml
+++ b/.github/workflows/check-pr.yml
@ -1,8 +0,0 @@
 name: check-pr
 on:
  pull_request:
 jobs:
  check-pr:
    uses: nginx/ci-self-hosted/.github/workflows/nginx-check-pr.yml@main
--- a/.github/workflows/f5_cla.yml
+++ b/.github/workflows/f5_cla.yml
@ -1,41 +0,0 @@
 ---
 name: F5 CLA
 on:
  issue_comment:
    types: [created]
  pull_request_target:
    types: [opened, closed, synchronize]
 permissions: read-all
 jobs:
  f5-cla:
    name: F5 CLA
    runs-on: ubuntu-24.04
    permissions:
      actions: write
      pull-requests: write
      statuses: write
    steps:
      - name: Run F5 Contributor License Agreement (CLA) assistant
        if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have hereby read the F5 CLA and agree to its terms') || github.event_name == 'pull_request_target'
        uses: contributor-assistant/github-action@ca4a40a7d1004f18d9960b404b97e5f30a505a08 # v2.6.1
        with:
          # Path to the CLA document.
          path-to-document: https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md
          # Custom CLA messages.
          custom-notsigned-prcomment: '🎉 Thank you for your contribution! It appears you have not yet signed the [F5 Contributor License Agreement (CLA)](https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md), which is required for your changes to be incorporated into an F5 Open Source Software (OSS) project. Please kindly read the [F5 CLA](https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md) and reply on a new comment with the following text to agree:'
          custom-pr-sign-comment: 'I have hereby read the F5 CLA and agree to its terms'
          custom-allsigned-prcomment: '✅ All required contributors have signed the F5 CLA for this PR. Thank you!'
          # Remote repository storing CLA signatures.
          remote-organization-name: f5
          remote-repository-name: f5-cla-data
          # Branch where CLA signatures are stored.
          branch: main
          path-to-signatures: signatures/signatures.json
          # Comma separated list of usernames for maintainers or any other individuals who should not be prompted for a CLA.
          # NOTE: You will want to edit the usernames to suit your project needs.
          allowlist: bot*
          # Do not lock PRs after a merge.
          lock-pullrequest-aftermerge: false
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
          PERSONAL_ACCESS_TOKEN: ${{ secrets.F5_CLA_TOKEN }}
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +0,0 @@
 /Makefile
 /objs/
 /tmp/
--- a/.hgtags
+++ b/.hgtags
@ -0,0 +1,469 @@
 551102312e19b704cd22bd7254a9444b9ea14e96 release-0.1.0
 23fb87bddda14ce9faec90f774085634106aded4 release-0.1.1
 295d97d70c698585705345f1a8f92b02e63d6d0d release-0.1.2
 ded1284520cc939ad5ae6ddab39925375e64237d release-0.1.3
 0491b909ef7612d8411f1f59054186c1f3471b52 release-0.1.4
 a88a3e4e158fade0aaa6f3eb25597d5ced2c1075 release-0.1.5
 1f31dc6d33a3a4e65240b08066bf186df9e33b79 release-0.1.6
 5aecc125bc33d81d6214c91d73eb44230a903dde release-0.1.7
 bbd6b0b4a2b15ef8c8f1aaf7b027b6da47303524 release-0.1.8
 2ff194b74f1e60cd04670986973e3b1a6aa3bece release-0.1.9
 31ee1b50354fb829564b81a6f34e8d6ceb2d3f48 release-0.1.10
 8e8f3af115b5b903b2b8f3335de971f18891246f release-0.1.11
 c3c2848fc081e19aec5ffa97e468ad20ddb81df0 release-0.1.12
 ad1e9ebf93bb5ae4c748d471fad2de8a0afc4d2a release-0.1.13
 c5240858380136a67bec261c59b1532560b57885 release-0.1.14
 fd661d14a7fad212e326a7dad6234ea0de992fbf release-0.1.15
 621229427cba1b0af417ff2a101fc4f17a7d93c8 release-0.1.16
 4ebe09b07e3021f1a63b459903ec58f162183b26 release-0.1.17
 31ff3e943e1675a2caf745ba7a981244445d4c98 release-0.1.18
 45a460f82aec80b0f61136aa09f412436d42203a release-0.1.19
 0f836f0288eee4980f57736d50a7a60fa082d8e9 release-0.1.20
 975f62e77f0244f1b631f740be77c72c8f2da1de release-0.1.21
 fc9909c369b2b4716304ac8e38da57b8fb781211 release-0.1.22
 d7c90bb5ce83dab08715e98f9c7b81c7df4b37be release-0.1.23
 64d9afb209da0cd4a917202b7b77e51cc23e2229 release-0.1.24
 d4ea69372b946dc4ec37fc3f5ddd93ff7c3da675 release-0.1.25
 b1648294f6935e993e436fd8a68bca75c74c826d release-0.1.26
 ee66921ecd47a7fa459f70f4a9d660f91f6a1b94 release-0.1.27
 cd3117ad9aab9c58c6f7e677e551e1adbdeaba54 release-0.1.28
 9b8c906f6e63ec2c71cecebfff35819a7d32227d release-0.1.29
 c12967aadd8726daf2d85e3f3e622d89c42db176 release-0.1.30
 fbbf16224844e7d560c00043e8ade8a560415bba release-0.1.31
 417a087c9c4d9abb9b0b9b3f787aff515c43c035 release-0.1.32
 dadfa78d227027348d7f9d1e7b7093d06ba545a0 release-0.1.33
 12234c998d83bfbbaa305273b3dd1b855ca325dc release-0.1.34
 6f00349b98e5f706b82115c6e4dc84456fc0d770 release-0.1.35
 2019117e6b38cc3e89fe4f56a23b271479c627a6 release-0.1.36
 09b42134ac0c42625340f16628e29690a04f8db5 release-0.1.37
 7fa11e5c6e9612ecff5eb58274cc846ae742d1d2 release-0.1.38
 e5d7d0334fdb946133c17523c198800142ac9fe9 release-0.1.39
 c3bd8cdabb8f73e5600a91f198eb7df6fac65e92 release-0.1.40
 d6e48c08d718bf5a9e58c20a37e8ae172bff1139 release-0.1.41
 563ad09abf5042eb41e8ecaf5b4e6c9deaa42731 release-0.1.42
 c9ad0d9c7d59b2fa2a5fe669f1e88debd03e6c04 release-0.1.43
 371c1cee100d7a1b0e6cad4d188e05c98a641ee7 release-0.1.44
 b09ee85d0ac823e36861491eedfc4dfafe282997 release-0.1.45
 511a89da35ada16ae806667d699f9610b4f8499a release-0.2.0
 0148586012ab3dde69b394ec5a389d44bb11c869 release-0.2.1
 818fbd4750b99d14d2736212c939855a11b1f1ef release-0.2.2
 e16a8d574da511622b97d6237d005f40f2cddb30 release-0.2.3
 483cca23060331f2078b1c2984870d80f288ad41 release-0.2.4
 45033d85b30e3f12c407b7cfc518d76e0eda0263 release-0.2.5
 7bd37aef1e7e87858c12b124e253e98558889b50 release-0.2.6
 ecd9c160f25b7a7075dd93383d98a0fc8d8c0a41 release-0.3.0
 c1f965ef97188fd7ef81342dcf8719da18c554d2 release-0.3.1
 e48ebafc69393fc94fecfdf9997c4179fd1ce473 release-0.3.2
 9c2f3ed7a24711d3b42b124d5f831155c8beff95 release-0.3.3
 7c1369d37c7eb0017c28ebcaa0778046f5aafdcc release-0.3.4
 1af2fcb3be8a63796b6b23a488049c92a6bc12f4 release-0.3.5
 174f1e853e1e831b01000aeccfd06a9c8d4d95a2 release-0.3.6
 458b6c3fea65a894c99dd429334a77bb164c7e83 release-0.3.7
 58475592100cb792c125101b6d2d898f5adada30 release-0.3.8
 fcd6fc7ff7f9b132c35193d834e6e7d05026c716 release-0.3.9
 4d9ea73a627a914d364e83e20c58eb1283f4031d release-0.3.10
 4c5c2c55975c1152b5ca5d5d55b32d4dd7945f7a release-0.3.11
 326634fb9d47912ad94221dc2f8fa4bec424d40c release-0.3.12
 4e296b7d25bf62390ca2afb599e395426b94f785 release-0.3.13
 401de5a43ba5a8acdb9c52465193c0ea7354afe7 release-0.3.14
 284cc140593bb16ac71094acd509ab415ff4837d release-0.3.15
 d4e858a5751a7fd08e64586795ed7d336011fbc0 release-0.3.16
 8c0cdd81580eb76d774cfc5724de68e7e5cbbdc2 release-0.3.17
 425af804d968f30eeff01e33b808bc2e8c467f2c release-0.3.18
 ebc68d8ca4962fe3531b7e13444f7ac4395d9c6e release-0.3.19
 9262f520ce214d3d5fd7c842891519336ef85ca6 release-0.3.20
 869b6444d2341a587183859d4df736c7f3381169 release-0.3.21
 77f77f53214a0e3a68fef8226c15532b54f2c365 release-0.3.22
 858700ae46b453ea111b966b6d03f2c21ddcb94e release-0.3.23
 5dac8c7fb71b86aafed8ea352305e7f85759f72e release-0.3.24
 77cdfe394a94a625955e7585e09983b3af9b889b release-0.3.25
 608cf78b24ef7baaf9705e4715a361f26bb16ba9 release-0.3.26
 3f8a2132b93d66ac19bec006205a304a68524a0b release-0.3.27
 c73c5c58c619c22dd3a5a26c91bb0567a62c6930 release-0.3.28
 5ef026a2ac7481f04154f29ab49377bf99aaf96f release-0.3.29
 51b27717f140b71a2e9158807d79da17c888ce4c release-0.3.30
 7a16e281c01f1c7ab3b79c64b43ddb754ea7935e release-0.3.31
 93e85a79757c49d502e42a1cb8264a0f133b0b00 release-0.3.32
 0216fd1471f386168545f772836156761eddec08 release-0.3.33
 fbed40ce7cb4fd7203fecc22a617b9ce5b950fb3 release-0.3.34
 387450de0b4d21652f0b6242a5e26a31e3be8d8c release-0.3.35
 65bf042c0b4f39f18a235464c52f980e9fa24f6b release-0.3.36
 5d2b8078c1c2593b95ec50acfeeafbefa65be344 release-0.3.37
 f971949ffb585d400e0f15508a56232a0f897c80 release-0.3.38
 18268abd340cb351e0c01b9c44e9f8cc05492364 release-0.3.39
 e60fe4cf1d4ea3c34be8c49047c712c6d46c1727 release-0.3.40
 715d243270806d38be776fc3ed826d97514a73d6 release-0.3.41
 5e8fb59c18c19347a5607fb5af075fe1e2925b9a release-0.3.42
 947c6fd27699e0199249ad592151f844c8a900b0 release-0.3.43
 4946078f0a79e6cc952d3e410813aac9b8bda650 release-0.3.44
 95d7da23ea5315a6e9255ce036ed2c51f091f180 release-0.3.45
 1e720b0be7ecd92358da8a60944669fa493e78cd release-0.3.46
 39b7d7b33c918d8f4abc86c4075052d8c19da3c7 release-0.3.47
 7cbef16c71a1f43a07f8141f02e0135c775f0f5b release-0.3.48
 4c8cd5ae5cc100add5c08c252d991b82b1838c6b release-0.3.49
 400711951595aef7cd2ef865b84b31df52b15782 release-0.3.50
 649c9063d0fda23620eaeaf0f6393be0a672ebe7 release-0.3.51
 9079ee4735aefa98165bb2cb26dee4f58d58c1d7 release-0.3.52
 6d5c1535bb9dcd891c5963971f767421a334a728 release-0.3.53
 5fd7a5e990477189c40718c8c3e01002a2c20b81 release-0.3.54
 63a820b0bc6ca629c8e45a069b52d622ddc27a2d release-0.3.55
 562806624c4afb1687cba83bc1852f5d0fecbac3 release-0.3.56
 cec32b3753acf610ac1a6227d14032c1a89d6319 release-0.3.57
 b80f94fa2197b99db5e033fec92e0426d1fe5026 release-0.3.58
 e924670896abe2769ea0fcfd2058b405bed8e8ec release-0.3.59
 921a7ce4baf42fd1091b7e40f89c858c6b23053e release-0.3.60
 df95dcff753a6dc5e94257302aea02c18c7a7c87 release-0.3.61
 7e24168b0853ee7e46c9c7b943ef077dc64f17f5 release-0.4.0
 8183d4ba50f8500465efb27e66dd23f98775dd21 release-0.4.1
 610267a772c7bf911b499d37f66c21ce8f2ebaf7 release-0.4.2
 39dd0b045441e21512e0a6061a03d0df63414d8b release-0.4.3
 5e42c1615f4de0079bd4d8913886d588ce6a295d release-0.4.4
 40266f92b829a870808b3d4ee54c8fccdecbd2d6 release-0.4.5
 56e33c6efee7ff63cdc52bd1cf172bde195079df release-0.4.6
 119bad43bfd493400c57a05848eada2c35a46810 release-0.4.7
 0f404f82a1343cb4e4b277a44e3417385798e5e5 release-0.4.8
 d24a717314365c857b9f283d6072c2a427d5e342 release-0.4.9
 d6f0a00015fdef861fd67fb583b9690638650656 release-0.4.10
 e372368dadd7b2ecd0182b2f1b11db86fc27b2c3 release-0.4.11
 fd57967d850d2361072c72562d1ed03598473478 release-0.4.12
 979045fdcbd20cf7188545c1c589ff240251f890 release-0.4.13
 93c94cfa9f78f0a5740595dde4466ec4fba664f8 release-0.4.14
 589ee12e8d7c2ae5e4f4676bcc7a1279a76f9e8e release-0.5.0
 13416db8a807e5acb4021bc3c581203de57e2f50 release-0.5.1
 06c58edc88831fb31c492a8eddcf2c6056567f18 release-0.5.2
 e2ac5fa41bcba14adbbb722d45c083c30c07bb5c release-0.5.3
 393dbc659df15ccd411680b5c1ce87ed86d4c144 release-0.5.4
 38cc7bd8e04f2c519fd4526c12841a876be353cb release-0.5.5
 6d1fcec2ea79101c756316c015f72e75f601a5ab release-0.5.6
 aed8a9de62456c4b360358bc112ccca32ce02e8d release-0.5.7
 7642f45af67d805452df2667486201c36efaff85 release-0.5.8
 779216610662c3a459935d506f66a9b16b9c9576 release-0.5.9
 9eeb585454f3daa30cf768e95c088a092fe229b9 release-0.5.10
 bb491c8197e38ca10ae63b1f1ecb36bf6fdaf950 release-0.5.11
 613369e08810f36bbcc9734ef1059a03ccbf5e16 release-0.5.12
 bd796ef5c9c9dd34bfac20261b98685e0410122a release-0.5.13
 8a730c49f906d783b47e4b44d735efd083936c64 release-0.5.14
 cb447039152d85e9145139ff2575a6199b9af9d4 release-0.5.15
 64854c7c95d04f838585ca08492823000503fa61 release-0.5.16
 d1ffcf84ea1244f659145c36ff28de6fcdf528b2 release-0.5.17
 796a6e30ca9d29504195c10210dbc8deced0ae83 release-0.5.18
 1f81c711d2a039e1f93b9b515065a2235372d455 release-0.5.19
 8e8f6082654aedb4438c8fca408cfc316c7c5a2a release-0.5.20
 e9551132f7dd40da5719dd5bcf924c86f1436f85 release-0.5.21
 533a252896c4d1cff1586ae42129d610f7497811 release-0.5.22
 f461a49b6c747e0b67f721f2be172902afea5528 release-0.5.23
 2d5ef73671f690b65bf6d9e22e7155f68f484d5a release-0.5.24
 77bf42576050862c268e267ef3e508b145845a25 release-0.5.25
 2aefee4d4ed69eb7567680bf27a2efd212232488 release-0.6.0
 7ac0fe9bec9a2b5f8e191f6fdd6922bfd916a6cb release-0.6.1
 4882735ebc71eeec0fbfe645bdfdb31306872d82 release-0.6.2
 b94731c73d0922f472ff938b9d252ba29020f20c release-0.6.3
 13e649b813d6ccba5db33a61e08ebe09d683cd5b release-0.6.4
 80de622646b0059fd4c553eff47c391bf7503b89 release-0.6.5
 3b05edb2619d5935023b979ee7a9611b61b6c9e5 release-0.6.6
 1dcfd375100c4479611f71efb99271d0a3059215 release-0.6.7
 0228185d4c5772947b842e856ad74cf7f7fd52f3 release-0.6.8
 d1879c52326ecac45c713203670f54220879911e release-0.6.9
 5a80c6ccbe2ad24fa3d4ff6f9fe4a2b07408d19d release-0.6.10
 f88a8b0b39601b19cd740e4db614ab0b5b874686 release-0.6.11
 5557460a7247a1602ae96efd1d0ccf781344cb58 release-0.6.12
 451b02cc770a794cd41363461b446948ae1d8bc8 release-0.6.13
 537b6ef014c4a133e0ab0b7dc817508e0647e315 release-0.6.14
 5e68764f0d6e91a983170fa806e7450a9e9b33fe release-0.6.15
 158aa4e8cc46fcf9504a61469d22daf3476b17bf release-0.6.16
 d8fcca555542619228d9fab89e1665b993f8c3ee release-0.6.17
 60707ebc037086cf004736a0d4979e2a608da033 release-0.6.18
 3c2a99d3a71af846855be35e62edb9a12f363f44 release-0.6.19
 3e0a27f9358ffc1b5249e0ea2311ce7da5c8967e release-0.6.20
 143f4d65b1c875d6563ccb7f653d9157afc72194 release-0.6.21
 95e6160d2b7d0af8ffd1b95a23cadadf8f0b3f6d release-0.6.22
 69a03d5e3b6e6660079ef1ef172db7ac08d8370e release-0.6.23
 3e2a58fb48f1e1a99ebf851e0d47a7034c52ae22 release-0.6.24
 3b8607c05a8bebcfa59235c2126a70d737f0ccf5 release-0.6.25
 07ad5b2606614c4be4ee720c46cf4af126059d31 release-0.6.26
 be531addfabe5214f409d457140c1038af10d199 release-0.6.27
 58f05255d3a345d04baef5cff0ca1ae0ac7ecebb release-0.6.28
 eb2bd21dc8d03f6c94016f04ffb9adaf83a2b606 release-0.6.29
 55408deb3cd171efa9b81d23d7a1dd1ccde0b839 release-0.6.30
 d4288915bba73c4c3c9cf5d39d34e86879eb2b45 release-0.6.31
 0a189588830b8629c4dfea68feb49af36b59e4a9 release-0.7.0
 6ab27a06f3346cf9ec8737f5dbcc82dd4031e30f release-0.7.1
 a07e258cef3b0a0b6e76a6ff4ba4651c5facc85a release-0.7.2
 9992c4583513d2804fc2e7fec860fbc7ab043009 release-0.7.3
 4dc24d50230fbadfc037a414a86390db2de69dd2 release-0.7.4
 9527137b4354a648a229c7169850c7c65272c00d release-0.7.5
 c2f0f7cf306f302254beae512bda18713922375c release-0.7.6
 bbcf6d75556fdcee8bd4aba8f6c27014be9920ee release-0.7.7
 43bde71f0bbe5a33b161760d7f9f980d50386597 release-0.7.8
 769f0dd7081e9011394f264aa22aa66fd79730d8 release-0.7.9
 511edfa732da637f5f0c9476335df7dca994706d release-0.7.10
 0e7023bf6b2461309c29885935443449a41be807 release-0.7.11
 9ad1bd2b21d93902863807528e426862aedee737 release-0.7.12
 d90ea21e24ea35379aef50c5d70564158e110a15 release-0.7.13
 c07d2d20d95c83d804079bbdcecbce4a0c8282f0 release-0.7.14
 0cd7bb051f67eac2b179fb9f9cc988b9ba18ed76 release-0.7.15
 eab2e87deba73ae6abd9cc740e8d4365bed96322 release-0.7.16
 91d7a9eb8ade90e9421d7b1e3c2e47a6bc427876 release-0.7.17
 fc10f7b5cb1305fb930f8ac40b46882d0828d61e release-0.7.18
 9dba9779e37e5969a2d408c792084fd7acfec062 release-0.7.19
 61838d1bcbddc7bc4dd9f30d535573a6fddca8f9 release-0.7.20
 5f665d0fa6a5f6e748157f2ccbc445b2db8125d0 release-0.7.21
 24763afa5efe91e54f00b2ae5b87666eb6c08c3b release-0.7.22
 0562fb355a25266150cbe8c8d4e00f55e3654df3 release-0.7.23
 19c452ecd083550816873a8a31eb3ed9879085e6 release-0.7.24
 46b68faf271d6fdcaaf3ad2c69f6167ea9e9fa28 release-0.7.25
 d04bfca0c7e3ae2e4422bc1d383553139d6f0a19 release-0.7.26
 9425d9c7f8ead95b00a3929a9a5e487e0e3c8499 release-0.7.27
 fbc3e7e8b3ee756568a875f87d8a954a2f9d3bf6 release-0.7.28
 5176dfdf153fc785b18604197d58806f919829ad release-0.7.29
 87e07ccdf0a4ec53458d9d7a4ea66e1239910968 release-0.7.30
 9fddd7e1a7a27f8463867f41a461aad57df461b2 release-0.7.31
 780b2ba1ec6daf6e3773774e26b05b9ff0d5483e release-0.7.32
 83027471a25385b1c671968be761e9aa7a8591a7 release-0.7.33
 1e9a362c3dcee221ca6e34308c483ed93867aca2 release-0.7.34
 c7ee9e15717b54ead5f4a554686e74abe66c6b07 release-0.7.35
 b84548abe9b9d4f4e203f848696e52c8c82c308f release-0.7.36
 3286f0bab8e77dbc7ebb370b1dc379592ccff123 release-0.7.37
 11a4e2ed5b166b9c9f119171aa399a9e3aa4684a release-0.7.38
 f822655d4120629977794c32d3b969343b6c30db release-0.7.39
 8a350e49d2b6751296db6d8e27277ccf63ed412a release-0.7.40
 c4a56c197eeafd71fc1caef7a9d890a330e3c23d release-0.7.41
 a9575a57a5443df39611774cf3840e9088132b0e release-0.7.42
 7503d95d6eadad14c28b2db183ba09848265274b release-0.7.43
 9be652e9114435fc6f1fdec84c0458d56702db91 release-0.7.44
 797e070d480a34b31ddac0d364784773f1bbbcf9 release-0.7.45
 9b5037e7ec7db25875c40f9d1cf20a853388b124 release-0.7.46
 d1d0e6d7ff0ca3c0dd1be1ef1cfff2e3fd0b4e1c release-0.7.47
 9816fb28eda599bfd53940e6d3b6617d1ecb6323 release-0.7.48
 452b9d09df8e3f2fb04b2a33d04d2f3a6436eb34 release-0.7.49
 e4350efa7cf7a0e868c2236a1137de8a33bd8ec6 release-0.7.50
 f51f2bec766c8b6d7e1799d904f18f8ea631bd44 release-0.7.51
 18e39e566781c9c187e2eb62bebd9d669d68f08c release-0.7.52
 b073eaa1dcea296a3488b83d455fab6621a73932 release-0.7.53
 01c6fe6c2a55998434cd3b05dd10ca487ac3fb6c release-0.7.54
 3ed9377e686f2521e6ec15873084381033fb490d release-0.7.55
 a1e44954549c35023b409f728c678be8bf898148 release-0.7.56
 fbb1918a85e38a7becdb1a001dbaf5933f23a919 release-0.7.57
 87f4a49a9cc34a5b11c8784cc5ea89e97b4b2bd8 release-0.7.58
 0c22cb4862c8beb4ee1b9e4627125162a29a5304 release-0.7.59
 82d56c2425ef857cd430b8530a3f9e1127145a67 release-0.8.0
 f4acb784b53cd952559567971b97dde1e818a2b6 release-0.8.1
 b3503597c1a0f0f378afdc5e5e5b85e2c095a4be release-0.8.2
 c98da980514a02ba81c421b25bf91803ffffddf3 release-0.8.3
 db34ec0c53c4b9dec12ffdf70caf89a325ab9577 release-0.8.4
 0914802433b8678ba2cdf91280766f00f4b9b76e release-0.8.5
 ff52ee9e6422f3759f43a442b7ba615595b3a3d4 release-0.8.6
 7607237b4829fff1f60999f4663c50ed9d5182f7 release-0.8.7
 1cef1807bc12cb05ac52fb0e7a0f111d3760b569 release-0.8.8
 a40f8475511d74a468ade29c1505e8986600d7a3 release-0.8.9
 2d9faf2260df6c3e5d4aa1781493c31f27a557d0 release-0.8.10
 d0d61c32331a6505381b5218318f7b69db167ca8 release-0.8.11
 ca7a1c6c798a7eb5b294d4ac3179ec87ecf297d3 release-0.8.12
 81c8277cd8ed55febcb2dd9d9213076f6c0ccb09 release-0.8.13
 3089486a8dc5844b5b6e9f78d536b4b26f7ffa16 release-0.8.14
 d364c2c12dd9723a2dfac3f096f5e55d4cfe6838 release-0.8.15
 52163a1027c3efd6b4c461b60a2ca6266c23e193 release-0.8.16
 06564e9a2d9ec5852132c212e85eda0bf1300307 release-0.8.17
 7aaa959da85e09e29bcac3b1cadec35b0a25b64d release-0.8.18
 4bc73c644329a510da4e96b7241b80ead7772f83 release-0.8.19
 ea3d168fb99c32a5c3545717ecc61e85a375e5dd release-0.8.20
 27951ca037e63dae45ff5b6279124c224ae1255a release-0.8.21
 d56c8b5df517c2bf6e7bc2827b8bf3e08cda90e1 release-0.8.22
 3c6ac062b379b126212cbb27e98a3c8275ef381a release-0.8.23
 89b9173476de14688b1418fbf7df10f91d1719ef release-0.8.24
 aa550cb4159ae0d566006e091fb1c7a888771050 release-0.8.25
 06ce92293f6a65651b08c466f90f55bd69984b98 release-0.8.26
 ea50b0d79ef1d7d901cd0e4dcd7373447849d719 release-0.8.27
 e68b1c35cad86105ff1c5b240f53442f4c36356e release-0.8.28
 78d3582a30afe63fc0adb17c3ac8891a64e47146 release-0.8.29
 9852c5965a3292a1b6127dbb4da9fce4912d898a release-0.8.30
 4f84115914490e572bcbee5069157b7334df2744 release-0.8.31
 59dee6f7f3afeb1fad6ed5983756e48c81ad2a5c release-0.8.32
 a4456378d234c07038456cf32bfe3c651f1d5e82 release-0.8.33
 21cb50799a20575a42f9733342d37a426f79db4d release-0.8.34
 7cb3cb8d78ef7ae63561733ed91fd07933896bc8 release-0.8.35
 aed68639d4eb6afe944b7fb50499c16f7f3f503c release-0.8.36
 265b7fd2ae21c75bbffa5115b83a0123d6c4acb4 release-0.8.37
 fa5f1ca353c0c5aa5415f51d72fd7bbcc02d1ed7 release-0.8.38
 af10bf9d4c6532850aa1f70cdf7504bd109b284c release-0.8.39
 4846ec9f83cb5bc4c8519d5641b35fb9b190430c release-0.8.40
 718b4cb3faf7efe4e0648140f064bf7a92c3f7e8 release-0.8.41
 b5a3065749093282ddd19845e0b77ffc2e54333e release-0.8.42
 34df9fb22fed415cdad52def04095dc6d4b48222 release-0.8.43
 00ec8cd76fb89af27363b76c40d9f88bf4679c3b release-0.8.44
 e16dd52a0d226c23dcae9a11252564a04753bbed release-0.8.45
 f034d9173df0a433e0bbcf5974f12ea9eb9076c0 release-0.8.46
 4434dc967087315efcd0658206a67fe6c85528f3 release-0.8.47
 0b65c962e0cd6783a854877b52c903cb058eec8c release-0.8.48
 a2b7e94b9807e981866bf07e37b715847d1b7120 release-0.8.49
 e7bdb8edc1bab2bc352a9fb6ce765c46575c35bf release-0.8.50
 21dacebd12f65cb57ceb8d2688db5b07fad6e06d release-0.8.51
 67dd7533b99c8945b5b8b5b393504d4e003a1c50 release-0.8.52
 010468d890dbac33a4cae6dfb2017db70721b2fe release-0.8.53
 62b599022a2fa625b526c2ad1711dc6db7d66786 release-0.9.0
 71281dd73b17a0ead5535d531afaee098da723cb release-0.9.1
 16cff36b0e49fc9fdeee13b2e92690286bcc1b3d release-0.9.2
 b7b306325972661117694879d3e22faf4cf0df32 release-0.9.3
 fe671505a8ea86a76f0358b3ec4de84a9037ac2b release-0.9.4
 70542931bc5436d1bbd38f152245d93ac063968d release-0.9.5
 27e2f3b7a3db1819c5d0ba28327ceaba84a13c4e release-0.9.6
 657d05d63915ce2f6c4d763091059f5f85bb10e5 release-0.9.7
 e0fd9f36005923b8f98d1ba1ea583cb7625f318f release-1.0.0
 f8f89eb4e0c27e857ec517d893d4f9a454985084 release-1.0.1
 c50df367648e53d55e80b60a447c9c66caa0d326 release-1.0.2
 80d586db316512b5a9d39f00fe185f7f91523f52 release-1.0.3
 c9c2805ac9245cc48ce6efeba2b4a444f859d6aa release-1.0.4
 fa2c37b1122c2c983b6e91d1188e387d72dde4d6 release-1.0.5
 f31aea5b06654c9163be5acd6d9b7aaf0fdf6b33 release-1.1.0
 44bf95f670656fae01ccb266b3863843ea13d324 release-1.1.1
 da1289482a143dfa016769649bdff636c26f53c8 release-1.1.2
 bac8ba08a6570bac2ecd3bf2ad64b0ac3030c903 release-1.1.3
 911060bc8221d4113a693ae97952a1fa88663ca8 release-1.1.4
 e47531dfabbf8e5f8b8aff9ff353642ea4aa7abb release-1.1.5
 f9ddecfe331462f870a95e4c1c3ba1bb8f19f2d3 release-1.1.6
 378c297bb7459fb99aa9c77decac0d35391a3932 release-1.1.7
 71600ce67510af093d4bc0117a78b3b4678c6b3a release-1.1.8
 482d7d907f1ab92b78084d8b8631ed0eb7dd08f7 release-1.1.9
 c7e65deabf0db5109e8d8f6cf64cd3fb7633a3d1 release-1.1.10
 9590f0cf5aab8e6e0b0c8ae59c70187b2b97d886 release-1.1.11
 ade8fc136430cfc04a8d0885c757968b0987d56c release-1.1.12
 6a6836e65827fd3cb10a406e7bbbe36e0dad8736 release-1.1.13
 6845f4ac909233f5a08ed8a51de137713a888328 release-1.1.14
 2397e9c72f1bc5eac67006e12ad3e33e0ea9ba74 release-1.1.15
 7b7c49639a7bceecabf4963c60b26b65a77d6ce0 release-1.1.16
 f7e1113a9a1648cad122543e7080e895cf2d88f4 release-1.1.17
 2b22743c3079b41233ded0fc35af8aa89bcfab91 release-1.1.18
 0f0b425659e0b26f5bc8ea14a42dbf34de2eaba6 release-1.1.19
 f582d662cc408eb7a132c21f4b298b71d0701abb release-1.2.0
 9ee68d629722f583d43d92271f2eb84281afc630 release-1.3.0
 61b6a3438afef630774e568eefd89c53e3b93287 release-1.3.1
 7ccd50a0a455f2f2d3b241f376e1193ad956196d release-1.2.1
 0000000000000000000000000000000000000000 release-1.2.1
 50107e2d96bbfc2c59e46f889b1a5f68dd10cf19 release-1.3.2
 2c5e1e88c8cf710caf551c5c67eba00443601efe release-1.3.3
 a43447fb82aa03eabcd85352758ae14606a84d35 release-1.3.4
 90f3b4ea7992a7bf9385851a3e77173363091eea release-1.3.5
 3aeb14f88daeb973e4708310daa3dc68ac1200f7 release-1.3.6
 dafd375f1c882b15fa4a9b7aa7c801c55082395e release-1.3.7
 ab7ce0eb4cf78a656750ab1d8e55ef61f7e535ec release-1.3.8
 1b1a9337a7399ad3cdc5e3a2f9fbaaec990271d5 release-1.3.9
 2c053b2572694eb9cd4aed26a498b6cb1f51bbcc release-1.3.10
 36409ac209872ce53019f084e4e07467c5d9d25e release-1.3.11
 560dc55e90c13860a79d8f3e0d67a81c7b0257bb release-1.3.12
 dc195ffe0965b2b9072f8e213fe74ecce38f6773 release-1.3.13
 e04428778567dd4de329bbbe97ad653e22801612 release-1.3.14
 cd84e467c72967b9f5fb4d96bfc708c93edeb634 release-1.3.15
 23159600bdea695db8f9d2890aaf73424303e49c release-1.3.16
 7809529022b83157067e7d1e2fb65d57db5f4d99 release-1.4.0
 48a84bc3ff074a65a63e353b9796ff2b14239699 release-1.5.0
 99eed1a88fc33f32d66e2ec913874dfef3e12fcc release-1.5.1
 5bdca4812974011731e5719a6c398b54f14a6d61 release-1.5.2
 644a079526295aca11c52c46cb81e3754e6ad4ad release-1.5.3
 376a5e7694004048a9d073e4feb81bb54ee3ba91 release-1.5.4
 60e0409b9ec7ee194c6d8102f0656598cc4a6cfe release-1.5.5
 70c5cd3a61cb476c2afb3a61826e59c7cda0b7a7 release-1.5.6
 9ba2542d75bf62a3972278c63561fc2ef5ec573a release-1.5.7
 eaa76f24975948b0ce8be01838d949122d44ed67 release-1.5.8
 5a1759f33b7fa6270e1617c08d7e655b7b127f26 release-1.5.9
 b798fc020e3a84ef68e6c9f47865a319c826d33c release-1.5.10
 f995a10d4c7e9a817157a6ce7b753297ad32897e release-1.5.11
 97b47d95e4449cbde976657cf8cbbc118351ffe0 release-1.5.12
 fd722b890eabc600394349730a093f50dac31639 release-1.5.13
 d161d68df8be32e5cbf72b07db1a707714827803 release-1.7.0
 0351a6d89c3dbcc7a76295024ba6b70e27b9a497 release-1.7.1
 0bd223a546192fdf2e862f33938f4ec2a3b5b283 release-1.7.2
 fe7cd01828d5ca7491059f0690bb4453645eb28b release-1.7.3
 cbb146b120296852e781079d5138b04495bab6df release-1.7.4
 fe129aa02db9001d220f1db7c3c056f79482c111 release-1.7.5
 a8d111bb68847f61d682a3c8792fecb2e52efa2c release-1.7.6
 6d2fbc30f8a7f70136cf08f32d5ff3179d524873 release-1.7.7
 d5ea659b8bab2d6402a2266efa691f705e84001e release-1.7.8
 34b201c1abd1e2d4faeae4650a21574771a03c0e release-1.7.9
 860cfbcc4606ee36d898a9cd0c5ae8858db984d6 release-1.7.10
 2b3b737b5456c05cd63d3d834f4fb4d3776953d0 release-1.7.11
 3ef00a71f56420a9c3e9cec311c9a2109a015d67 release-1.7.12
 53d850fe292f157d2fb999c52788ec1dc53c91ed release-1.9.0
 884a967c369f73ab16ea859670d690fb094d3850 release-1.9.1
 3a32d6e7404a79a0973bcd8d0b83181c5bf66074 release-1.9.2
 e27a215601292872f545a733859e06d01af1017d release-1.9.3
 5cb7e2eed2031e32d2e5422caf9402758c38a6ad release-1.9.4
 942475e10cb47654205ede7ccbe7d568698e665b release-1.9.5
 b78018cfaa2f0ec20494fccb16252daa87c48a31 release-1.9.6
 54117529e40b988590ea2d38aae909b0b191663f release-1.9.7
 1bdc497c81607d854e3edf8b9a3be324c3d136b6 release-1.9.8
 ef107f3ddc237a3007e2769ec04adde0dcf627fa release-1.9.9
 be00ca08e41a69e585b6aff70a725ed6c9e1a876 release-1.9.10
 fe66cff450a95beed36a2515210eb2d7ef62c9d3 release-1.9.11
 ead3907d74f90a14d1646f1b2b56ba01d3d11702 release-1.9.12
 5936b7ed929237f1a73b467f662611cdc0309e51 release-1.9.13
 4106db71cbcb9c8274700199ac17e520902c6c0f release-1.9.14
 13070ecfda67397985f0e986eb9c42ecb46d05b5 release-1.9.15
 271ee30c6791847980cd139d31807541f5e569bf release-1.11.0
 cb783d9cc19761e14e1285d91c38f4b84d0b8756 release-1.11.1
 4d3b3a13a8cf5fc3351a7f167d1c13325e00f21c release-1.11.2
 b83a067949a3384a49fd3d943eb8d0997b31f87b release-1.11.3
 953512ca02c6f63b4fcbbc3e10d0d9835896bf99 release-1.11.4
 5253015a339aaca0a3111473d3e931b6d4752393 release-1.11.5
 5e371426b3bcba4312ce08606194b89b758927d1 release-1.11.6
 5c8f60faf33ca8926473d2da27b4c3c417bd4630 release-1.11.7
 4591da489a30f790def29bc5987f43409b503cae release-1.11.8
 20a45c768e5ed26b740679d0e22045c98727c3cc release-1.11.9
 1ad0999a7ded3d4fb01c7acf8ff57c80b643da7e release-1.11.10
 d8b321a876d6254e9e98795e3b194ef053290354 release-1.11.11
 7f394e433f0003222aa6531931ecc0b24740d5e4 release-1.11.12
 3d0e8655f897959e48cc74e87670bb5492a58871 release-1.11.13
 3671096a45bce570a2afa20b9faf42c7fb0f7e66 release-1.13.0
 539f7893ecb96bee60965528c8958d7eb2f1ce6b release-1.13.1
 5be2b25bdc65775a85f18f68a4be4f58c7384415 release-1.13.2
 8457ce87640f9bfe6221c4ac4466ced20e03bebe release-1.13.3
 bbc642c813c829963ce8197c0ca237ab7601f3d4 release-1.13.4
 0d45b4cf7c2e4e626a5a16e1fe604402ace1cea5 release-1.13.5
 f87da7d9ca02b8ced4caa6c5eb9013ccd47b0117 release-1.13.6
 47cca243d0ed39bf5dcb9859184affc958b79b6f release-1.13.7
 20ca4bcff108d3e66977f4d97508637093492287 release-1.13.8
 fb1212c7eca4c5328fe17d6cd95b010c67336aac release-1.13.9
 31c929e16910c38492581ef474e72fa67c28f124 release-1.13.10
 64179f242cb55fc206bca59de9bfdc4cf5ebcec7 release-1.13.11
 051e5fa03b92b8a564f6b12debd483d267391e82 release-1.13.12
 990b3e885636d763b97ed02d0d2cfc161a4e0c09 release-1.15.0
 4189160cb946bb38d0bc0a452b5eb4cdd8979fb5 release-1.15.1
 b234199c7ed8a156a6bb98f7ff58302c857c954f release-1.15.2
 28b3e17ca7eba1e6a0891afde0e4bc5bcc99c861 release-1.15.3
 49d49835653857daa418e68d6cbfed4958c78fca release-1.15.4
 f062e43d74fc2578bb100a9e82a953efa1eb9e4e release-1.15.5
 2351853ce6867b6166823bdf94333c0a76633c0a release-1.15.6
 051a039ce1c7e09144de4a4846669ec7116cecea release-1.15.7
 ee551e3f6dba336c0d875e266d7d55385f379b42 release-1.15.8
 d2fd76709909767fc727a5b4affcf1dc9ca488a7 release-1.15.9
 75f5c7f628411c79c7044102049f7ab4f7a246e7 release-1.15.10
 5155d0296a5ef9841f035920527ffdb771076b44 release-1.15.11
 0130ca3d58437b3c7c707cdddd813d530c68da9a release-1.15.12
 054c1c46395caff79bb4caf16f40b331f71bb6dd release-1.17.0
 7816bd7dabf6ee86c53c073b90a7143161546e06 release-1.17.1
 2fc9f853a6b7cd29dc84e0af2ed3cf78e0da6ca8 release-1.17.2
 ed4303aa1b31a9aad5440640c0840d9d0af45fed release-1.17.3
 ce2ced3856909f36f8130c99eaa4dbdbae636ddc release-1.17.4
 9af0dddbddb2c368bfedd2801bc100ffad01e19b release-1.17.5
 de68d0d94320cbf033599c6f3ca37e5335c67fd7 release-1.17.6
 e56295fe0ea76bf53b06bffa77a2d3a9a335cb8c release-1.17.7
 fdacd273711ddf20f778c1fb91529ab53979a454 release-1.17.8
 5e8d52bca714d4b85284ddb649d1ba4a3ca978a8 release-1.17.9
 c44970de01474f6f3e01b0adea85ec1d03e3a5f2 release-1.17.10
 cbe6ba650211541310618849168631ce0b788f35 release-1.19.0
 062920e2f3bf871ef7a3d8496edec1b3065faf80 release-1.19.1
 a7b46539f507e6c64efa0efda69ad60b6f4ffbce release-1.19.2
 3cbc2602325f0ac08917a4397d76f5155c34b7b1 release-1.19.3
 dc0cc425fa63a80315f6efb68697cadb6626cdf2 release-1.19.4
 8e5b068f761cd512d10c9671fbde0b568c1fd08b release-1.19.5
 f618488eb769e0ed74ef0d93cd118d2ad79ef94d release-1.19.6
 3fa6e2095a7a51acc630517e1c27a7b7ac41f7b3 release-1.19.7
 8c65d21464aaa5923775f80c32474adc7a320068 release-1.19.8
 da571b8eaf8f30f36c43b3c9b25e01e31f47149c release-1.19.9
 ffcbb9980ee2bad27b4d7b1cd680b14ff47b29aa release-1.19.10
 df34dcc9ac072ffd0945e5a1f3eb7987e8275375 release-1.21.0
 a68ac0677f8553b1f84d357bc9da114731ab5f47 release-1.21.1
 bfbc52374adcbf2f9060afd62de940f6fab3bba5 release-1.21.2
 2217a9c1d0b86026f22700b3c089545db1964f55 release-1.21.3
 39be8a682c58308d9399cddd57e37f9fdb7bdf3e release-1.21.4
 d986378168fd4d70e0121cabac274c560cca9bdf release-1.21.5
 714eb4b2c09e712fb2572a2164ce2bf67638ccac release-1.21.6
--- a/CODE_OF_CONDUCT.md
+++ b/CODE_OF_CONDUCT.md
@ -1,126 +0,0 @@
 # Contributor Covenant Code of Conduct
 ## Our Pledge
 We as members, contributors, and leaders pledge to make participation in our
 community a harassment-free experience for everyone, regardless of age, body
 size, visible or invisible disability, ethnicity, sex characteristics, gender
 identity and expression, level of experience, education, socio economic status,
 nationality, personal appearance, race, caste, color, religion, or sexual
 identity and orientation.
 We pledge to act and interact in ways that contribute to an open, welcoming,
 diverse, inclusive, and healthy community.
 ## Our Standards
 Examples of behavior that contributes to a positive environment for our
 community include:
 - Demonstrating empathy and kindness toward other people
 - Being respectful of differing opinions, viewpoints, and experiences
 - Giving and gracefully accepting constructive feedback
 - Accepting responsibility and apologizing to those affected by our mistakes
 and learning from the experience
 - Focusing on what is best not just for us as individuals, but for the
 overall community
 Examples of unacceptable behavior include:
 - The use of sexualized language or imagery, and sexual attention or advances
 of any kind
 - Trolling, insulting or derogatory comments, and personal or political attacks
 - Public or private harassment
 - Publishing others' private information, such as a physical or email address,
 without their explicit permission
 - Other conduct which could reasonably be considered inappropriate in a
 professional setting
 ## Enforcement Responsibilities
 Community leaders are responsible for clarifying and enforcing our standards
 of acceptable behavior and will take appropriate and fair corrective action
 in response to any behavior that they deem inappropriate, threatening,
 offensive, or harmful.
 Community leaders have the right and responsibility to remove, edit, or reject
 comments, commits, code, wiki edits, issues, and other contributions that are
 not aligned to this Code of Conduct, and will communicate reasons for
 moderation decisions when appropriate.
 ## Scope
 This Code of Conduct applies within all community spaces, and also applies when
 an individual is officially representing the community in public spaces.
 Examples of representing our community include using an official email address,
 posting via an official social media account, or acting as an appointed
 representative at an online or offline event.
 ## Enforcement
 Instances of abusive, harassing, or otherwise unacceptable behavior may be
 reported to the community leaders responsible for enforcement at
 <nginx-oss-community@f5.com>. All complaints will be reviewed and investigated
 promptly and fairly.
 All community leaders are obligated to respect the privacy and security of the
 reporter of any incident.
 ## Enforcement Guidelines
 Community leaders will follow these Community Impact Guidelines in determining
 the consequences for any action they deem in violation of this Code of Conduct:
 ### 1. Correction
 **Community Impact**: Use of inappropriate language or other behavior deemed
 unprofessional or unwelcome in the community.
 **Consequence**: A private, written warning from community leaders, providing
 clarity around the nature of the violation and an explanation of why the
 behavior was inappropriate. A public apology may be requested.
 ### 2. Warning
 **Community Impact**: A violation through a single incident or series of actions.
 **Consequence**: A warning with consequences for continued behavior. No
 interaction with the people involved, including unsolicited interaction with
 those enforcing the Code of Conduct, for a specified period of time. This
 includes avoiding interactions in community spaces as well as external
 channels like social media. Violating these terms may lead to a temporary or
 permanent ban.
 ### 3. Temporary Ban
 **Community Impact**: A serious violation of community standards, including
 sustained inappropriate behavior.
 **Consequence**: A temporary ban from any sort of interaction or public
 communication with the community for a specified period of time. No public or
 private interaction with the people involved, including unsolicited interaction
 with those enforcing the Code of Conduct, is allowed during this period.
 Violating these terms may lead to a permanent ban.
 ### 4. Permanent Ban
 **Community Impact**: Demonstrating a pattern of violation of community
 standards, including sustained inappropriate behavior, harassment of an
 individual, or aggression toward or disparagement of classes of individuals.
 **Consequence**: A permanent ban from any sort of public interaction within
 the community.
 ## Attribution
 This Code of Conduct is adapted from the
 [Contributor Covenant](https://www.contributor-covenant.org), version 2.1,
 available at
 <https://www.contributor-covenant.org/version/2/1/code_of_conduct.html>.
 Community Impact Guidelines were inspired by
 [Mozilla's code of conduct enforcement ladder](https://github.com/mozilla/inclusion).
 For answers to common questions about this code of conduct, see the FAQ at
 <https://www.contributor-covenant.org/faq>. Translations are available at
 <https://www.contributor-covenant.org/translations>.
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -1,123 +0,0 @@
 # Contributing Guidelines
 The following is a set of guidelines for contributing to nginx project.
 We really appreciate that you are considering contributing!
 ## Table of Contents
 - [Report a Bug](#report-a-bug)
 - [Suggest a Feature or Enhancement](#suggest-a-feature-or-enhancement)
 - [Open a Discussion](#open-a-discussion)
 - [Submit a Pull Request](#submit-a-pull-request)
 - [Issue Lifecycle](#issue-lifecycle)
 ## Report a Bug
 To report a bug, open an issue on GitHub with the label `bug` using the
 available [bug report issue form](/.github/ISSUE_TEMPLATE/bug_report.yml).
 Please ensure the bug has not already been reported. **If the bug is a
 potential security vulnerability, please report it using our
 [security policy](/SECURITY.md).**
 ## Suggest a Feature or Enhancement
 To suggest a feature or enhancement, please create an issue on GitHub with the
 label `enhancement` using the available
 [feature request issue form](/.github/ISSUE_TEMPLATE/feature_request.yml).
 Please ensure the feature or enhancement has not already been suggested.
 ## Open a Discussion
 If you want to engage in a conversation with the community and maintainers,
 we encourage you to use
 [GitHub Discussions](https://github.com/nginx/nginx/discussions) to discuss
 the NGINX codebase or the [NGINX Community forum](https://community.nginx.org)
 to chat anything else NGINX (including troubleshooting).
 ## Submit a Pull Request
 Follow this plan to contribute a change to NGINX source code:
 - Fork the NGINX repository
 - Create a branch
 - Implement your changes in this branch
 - Submit a pull request (PR) when your changes are tested and ready for review
 Refer to
 [NGINX Development Guide](https://nginx.org/en/docs/dev/development_guide.html)
 for questions about NGINX programming.
 ### Formatting Changes
 - Changes should be formatted according to the
 [code style](https://nginx.org/en/docs/dev/development_guide.html#code_style)
 used by NGINX; sometimes, there is no clear rule, in which case examine how
 existing NGINX sources are formatted and mimic this style; changes will more
 likely be accepted if style corresponds to the surrounding code
 - Keep a clean, concise and meaningful commit history on your branch, rebasing
 locally and breaking changes logically into commits before submitting a PR
 - Each commit message should have a single-line subject line followed by verbose
 description after an empty line
 - Limit the subject line to 67 characters, and the rest of the commit message
 to 76 characters
 - Use subject line prefixes for commits that affect a specific portion of the
 code; examples include "Upstream:", "QUIC:", or "Core:"; see the commit history
 to get an idea of the prefixes used
 - Reference issues in the the subject line; if the commit fixes an issue,
 [name it](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue)
 accordingly
 ### Before Submitting
 - The proposed changes should work properly on a wide range of
 [supported platforms](https://nginx.org/en/index.html#tested_os_and_platforms)
 - Try to make it clear why the suggested change is needed, and provide a use
 case, if possible
 - Passing your changes through the test suite is a good way to ensure that they
 do not cause a regression; the repository with tests can be cloned with the
 following command:
 ```bash
 git clone https://github.com/nginx/nginx-tests.git
 ```
 - Submitting a change implies granting project a permission to use it under the
 [BSD-2-Clause license](/LICENSE)
 ### F5 Contributor License Agreement (CLA)
 F5 requires all contributors to agree to the terms of the F5 CLA
 (available [here](https://github.com/f5/f5-cla/blob/main/docs/f5_cla.md))
 before any of their changes can be incorporated into an F5 Open Source
 repository (even contributions to the F5 CLA itself!).
 If you have not yet agreed to the F5 CLA terms and submit a PR to this
 repository, a bot will prompt you to view and agree to the F5 CLA.
 You will have to agree to the F5 CLA terms through a comment in the PR
 before any of your changes can be merged. Your agreement signature
 will be safely stored by F5 and no longer be required in future PRs.
 ## Issue Lifecycle
 To ensure a balance between work carried out by the NGINX engineering team
 while encouraging community involvement on this project, we use the following
 issue lifecycle:
 - A new issue is created by a community member
 - An owner on the NGINX engineering team is assigned to the issue; this
 owner shepherds the issue through the subsequent stages in the issue lifecycle
 - The owner assigns one or more
 [labels](https://github.com/nginx/nginx/issues/labels) to the issue
 - The owner, in collaboration with the wider team (product management and
 engineering), determines what milestone to attach to an issue;
 generally, milestones correspond to product releases
--- a/24
+++ b/24
@ -1,24 +0,0 @@
 Copyright (C) 2002-2021 Igor Sysoev
 Copyright (C) 2011-2025 Nginx, Inc.
 All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions
 are met:
 1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
 2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the following disclaimer in the
   documentation and/or other materials provided with the distribution.
 THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 SUCH DAMAGE.
--- a/README.md
+++ b/README.md
@ -1,232 +0,0 @@
 <picture>
  <source media="(prefers-color-scheme: dark)" srcset="https://github.com/user-attachments/assets/9335b488-ffcc-4157-8364-2370a0b70ad0">
  <source media="(prefers-color-scheme: light)" srcset="https://github.com/user-attachments/assets/3a7eeb08-1133-47f5-859c-fad4f5a6a013">
  <img alt="NGINX Banner">
 </picture>
 [![Project Status: Active – The project has reached a stable, usable state and is being actively developed.](https://www.repostatus.org/badges/latest/active.svg)](https://www.repostatus.org/#active)
 [![Community Forum](https://img.shields.io/badge/community-forum-009639?logo=discourse&link=https%3A%2F%2Fcommunity.nginx.org)](https://community.nginx.org)
 [![License](https://img.shields.io/badge/License-BSD%202--Clause-blue.svg)](/LICENSE)
 [![Code of Conduct](https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg)](/CODE_OF_CONDUCT.md)
 NGINX (pronounced "engine x" or "en-jin-eks") is the world's most popular Web Server, high performance Load Balancer, Reverse Proxy, API Gateway and Content Cache.
 NGINX is free and open source software, distributed under the terms of a simplified [2-clause BSD-like license](LICENSE).
 Enterprise distributions, commercial support and training are available from [F5, Inc](https://www.f5.com/products/nginx).
 > [!IMPORTANT]
 > The goal of this README is to provide a basic, structured introduction to NGINX for novice users. Please refer to the [full NGINX documentation](https://nginx.org/en/docs/) for detailed information on [installing](https://nginx.org/en/docs/install.html), [building](https://nginx.org/en/docs/configure.html), [configuring](https://nginx.org/en/docs/dirindex.html), [debugging](https://nginx.org/en/docs/debugging_log.html), and more. These documentation pages also contain a more detailed [Beginners Guide](https://nginx.org/en/docs/beginners_guide.html), How-Tos, [Development guide](https://nginx.org/en/docs/dev/development_guide.html), and a complete module and [directive reference](https://nginx.org/en/docs/dirindex.html).
 # Table of contents
 - [How it works](#how-it-works)
  - [Modules](#modules)
  - [Configurations](#configurations)
  - [Runtime](#runtime)
 - [Downloading and installing](#downloading-and-installing)
  - [Stable and Mainline binaries](#stable-and-mainline-binaries)
  - [Linux binary installation process](#linux-binary-installation-process)
  - [FreeBSD installation process](#freebsd-installation-process)
  - [Windows executables](#windows-executables)
  - [Dynamic modules](#dynamic-modules)
 - [Getting started with NGINX](#getting-started-with-nginx)
  - [Installing SSL certificates and enabling TLS encryption](#installing-ssl-certificates-and-enabling-tls-encryption)
  - [Load Balancing](#load-balancing)
  - [Rate limiting](#rate-limiting)
  - [Content caching](#content-caching)
 - [Building from source](#building-from-source)
  - [Installing dependencies](#installing-dependencies)
  - [Cloning the NGINX GitHub repository](#cloning-the-nginx-github-repository)
  - [Configuring the build](#configuring-the-build)
  - [Compiling](#compiling)
  - [Location of binary and installation](#location-of-binary-and-installation)
  - [Running and testing the installed binary](#running-and-testing-the-installed-binary)
 - [Asking questions and reporting issues](#asking-questions-and-reporting-issues)
 - [Contributing code](#contributing-code)
 - [Additional help and resources](#additional-help-and-resources)
 - [Changelog](#changelog)
 - [License](#license)
 # How it works
 NGINX is installed software with binary packages available for all major operating systems and Linux distributions. See [Tested OS and Platforms](https://nginx.org/en/#tested_os_and_platforms) for a full list of compatible systems.
 > [!IMPORTANT]
 > While nearly all popular Linux-based operating systems are distributed with a community version of nginx, we highly advise installation and usage of official [packages](https://nginx.org/en/linux_packages.html) or sources from this repository. Doing so ensures that you're using the most recent release or source code, including the latest feature-set, fixes and security patches.
 ## Modules
 NGINX is comprised of individual modules, each extending core functionality by providing additional, configurable features. See "Modules reference" at the bottom of [nginx documentation](https://nginx.org/en/docs/) for a complete list of official modules.
 NGINX modules can be built and distributed as static or dynamic modules. Static modules are defined at build-time, compiled, and distributed in the resulting binaries. See [Dynamic Modules](#dynamic-modules) for more information on how they work, as well as, how to obtain, install, and configure them.
 > [!TIP]
 > You can issue the following command to see which static modules your NGINX binaries were built with:
 ```bash
 nginx -V
 ```
 > See [Configuring the build](#configuring-the-build) for information on how to include specific Static modules into your nginx build.
 ## Configurations
 NGINX is highly flexible and configurable. Provisioning the software is achieved via text-based config file(s) accepting parameters called "[Directives](https://nginx.org/en/docs/dirindex.html)". See [Configuration File's Structure](https://nginx.org/en/docs/beginners_guide.html#conf_structure) for a comprehensive description of how NGINX configuration files work.
 > [!NOTE]
 > The set of directives available to your distribution of NGINX is dependent on which [modules](#modules) have been made available to it.
 ## Runtime
 Rather than running in a single, monolithic process, NGINX is architected to scale beyond Operating System process limitations by operating as a collection of processes. They include:
 - A "master" process that maintains worker processes, as well as, reads and evaluates configuration files.
 - One or more "worker" processes that process data (eg. HTTP requests).
 The number of [worker processes](https://nginx.org/en/docs/ngx_core_module.html#worker_processes) is defined in the configuration file and may be fixed for a given configuration or automatically adjusted to the number of available CPU cores. In most cases, the latter option optimally balances load across available system resources, as NGINX is designed to efficiently distribute work across all worker processes.
 > [!TIP]
 > Processes synchronize data through shared memory. For this reason, many NGINX directives require the allocation of shared memory zones. As an example, when configuring [rate limiting](https://nginx.org/en/docs/http/ngx_http_limit_req_module.html#limit_req), connecting clients may need to be tracked in a [common memory zone](https://nginx.org/en/docs/http/ngx_http_limit_req_module.html#limit_req_zone) so all worker processes can know how many times a particular client has accessed the server in a span of time.
 # Downloading and installing
 Follow these steps to download and install precompiled NGINX binaries. You may also choose to [build NGINX locally from source code](#building-from-source).
 ## Stable and Mainline binaries
 NGINX binaries are built and distributed in two versions: stable and mainline. Stable binaries are built from stable branches and only contain critical fixes backported from the mainline version. Mainline binaries are built from the [master branch](https://github.com/nginx/nginx/tree/master) and contain the latest features and bugfixes. You'll need to [decide which is appropriate for your purposes](https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/#choosing-between-a-stable-or-a-mainline-version).
 ## Linux binary installation process
 The NGINX binary installation process takes advantage of package managers native to specific Linux distributions. For this reason, first-time installations involve adding the official NGINX package repository to your system's package manager. Follow [these steps](https://nginx.org/en/linux_packages.html) to download, verify, and install NGINX binaries using the package manager appropriate for your Linux distribution.
 ### Upgrades
 Future upgrades to the latest version can be managed using the same package manager without the need to manually download and verify binaries.
 ## FreeBSD installation process
 For more information on installing NGINX on FreeBSD system, visit https://nginx.org/en/docs/install.html
 ## Windows executables
 Windows executables for mainline and stable releases can be found on the main [NGINX download page](https://nginx.org/en/download.html). Note that the current implementation of NGINX for Windows is at the Proof-of-Concept stage and should only be used for development and testing purposes. For additional information, please see [nginx for Windows](https://nginx.org/en/docs/windows.html).
 ## Dynamic modules
 NGINX version 1.9.11 added support for [Dynamic Modules](https://nginx.org/en/docs/ngx_core_module.html#load_module). Unlike Static modules, dynamically built modules can be downloaded, installed, and configured after the core NGINX binaries have been built. [Official dynamic module binaries](https://nginx.org/en/linux_packages.html#dynmodules) are available from the same package repository as the core NGINX binaries described in previous steps.
 > [!TIP]
 > [NGINX JavaScript (njs)](https://github.com/nginx/njs), is a popular NGINX dynamic module that enables the extension of core NGINX functionality using familiar JavaScript syntax.
 > [!IMPORTANT]
 > If desired, dynamic modules can also be built statically into NGINX at compile time.
 # Getting started with NGINX
 For a gentle introduction to NGINX basics, please see our [Beginner’s Guide](https://nginx.org/en/docs/beginners_guide.html).
 ## Installing SSL certificates and enabling TLS encryption
 See [Configuring HTTPS servers](https://nginx.org/en/docs/http/configuring_https_servers.html) for a quick guide on how to enable secure traffic to your NGINX installation.
 ## Load Balancing
 For a quick start guide on configuring NGINX as a Load Balancer, please see [Using nginx as HTTP load balancer](https://nginx.org/en/docs/http/load_balancing.html).
 ## Rate limiting
 See our [Rate Limiting with NGINX](https://blog.nginx.org/blog/rate-limiting-nginx) blog post for an overview of core concepts for provisioning NGINX as an API Gateway.
 ## Content caching
 See [A Guide to Caching with NGINX and NGINX Plus](https://blog.nginx.org/blog/nginx-caching-guide) blog post for an overview of how to use NGINX as a content cache (e.g. edge server of a content delivery network).
 # Building from source
 The following steps can be used to build NGINX from source code available in this repository.
 ## Installing dependencies
 Most Linux distributions will require several dependencies to be installed in order to build NGINX. The following instructions are specific to the `apt` package manager, widely available on most Ubuntu/Debian distributions and their derivatives.
 > [!TIP]
 > It is always a good idea to update your package repository lists prior to installing new packages.
 > ```bash
 > sudo apt update
 > ```
 ### Installing compiler and make utility
 Use the following command to install the GNU C compiler and Make utility.
 ```bash
 sudo apt install gcc make
 ```
 ### Installing dependency libraries
 ```bash
 sudo apt install libpcre3-dev zlib1g-dev
 ```
 > [!WARNING]
 > This is the minimal set of dependency libraries needed to build NGINX with rewriting and gzip capabilities. Other dependencies may be required if you choose to build NGINX with additional modules. Monitor the output of the `configure` command discussed in the following sections for information on which modules may be missing. For example, if you plan to use SSL certificates to encrypt traffic with TLS, you'll need to install the OpenSSL library. To do so, issue the following command.
 >```bash
 >sudo apt install libssl-dev
 ## Cloning the NGINX GitHub repository
 Using your preferred method, clone the NGINX repository into your development directory. See [Cloning a GitHub Repository](https://docs.github.com/en/repositories/creating-and-managing-repositories/cloning-a-repository) for additional help.
 ```bash
 git clone https://github.com/nginx/nginx.git
 ```
 ## Configuring the build
 Prior to building NGINX, you must run the `configure` script with [appropriate flags](https://nginx.org/en/docs/configure.html). This will generate a Makefile in your NGINX source root directory that can then be used to compile NGINX with [options specified during configuration](https://nginx.org/en/docs/configure.html).
 From the NGINX source code repository's root directory:
 ```bash
 auto/configure
 ```
 > [!IMPORTANT]
 > Configuring the build without any flags will compile NGINX with the default set of options. Please refer to https://nginx.org/en/docs/configure.html for a full list of available build configuration options.
 ## Compiling
 The `configure` script will generate a `Makefile` in the NGINX source root directory upon successful execution. To compile NGINX into a binary, issue the following command from that same directory:
 ```bash
 make
 ```
 ## Location of binary and installation
 After successful compilation, a binary will be generated at `<NGINX_SRC_ROOT_DIR>/objs/nginx`. To install this binary, issue the following command from the source root directory:
 ```bash
 sudo make install
 ```
 > [!IMPORTANT]
 > The binary will be installed into the `/usr/local/nginx/` directory.
 ## Running and testing the installed binary
 To run the installed binary, issue the following command:
 ```bash
 sudo /usr/local/nginx/sbin/nginx
 ```
 You may test NGINX operation using `curl`.
 ```bash
 curl localhost
 ```
 The output of which should start with:
 ```html
 <!DOCTYPE html>
 <html>
 <head>
 <title>Welcome to nginx!</title>
 ```
 # Asking questions and reporting issues
 See our [Support](SUPPORT.md) guidelines for information on how discuss the codebase, ask troubleshooting questions, and report issues.
 # Contributing code
 Please see the [Contributing](CONTRIBUTING.md) guide for information on how to contribute code.
 # Additional help and resources
 - See the [NGINX Community Blog](https://blog.nginx.org/) for more tips, tricks and HOW-TOs related to NGINX and related projects.
 - Access [nginx.org](https://nginx.org/), your go-to source for all documentation, information and software related to the NGINX suite of projects.
 # Changelog
 See our [changelog](https://nginx.org/en/CHANGES) to keep track of updates.
 # License
 [2-clause BSD-like license](LICENSE)
 ---
 Additional documentation available at: https://nginx.org/en/docs
--- a/SECURITY.md
+++ b/SECURITY.md
@ -1,103 +0,0 @@
 # Security Policy
 This document provides an overview of security concerns related to nginx
 deployments, focusing on confidentiality, integrity, availability, and the
 implications of configurations and misconfigurations.
 ## Reporting a Vulnerability
 Please report any vulnerabilities via one of the following methods
 (in order of preference):
 1. [Report a vulnerability](https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability)
 within this repository. We are using the GitHub workflow that allows us to
 manage vulnerabilities in a private manner and interact with reporters
 securely.
 2. [Report directly to F5](https://www.f5.com/services/support/report-a-vulnerability).
 3. Report via email to security-alert@nginx.org.
 This method will be deprecated in the future.
 ### Vulnerability Disclosure and Fix Process
 The nginx team expects that all suspected vulnerabilities be reported
 privately via the
 [Reporting a Vulnerability](SECURITY.md#reporting-a-vulnerability) guidelines.
 If a publicly released vulnerability is reported, we
 may request to handle it according to the private disclosure process.
 If the reporter agrees, we will follow the private disclosure process.
 Security fixes will be applied to all supported stable releases, as well
 as the mainline version, as applicable. We recommend using the most recent
 mainline or stable release of nginx. Fixes are created and tested by the core
 team using a GitHub private fork for security. If necessary, the reporter
 may be invited to contribute to the fork and assist with the solution.
 The nginx team is committed to responsible information disclosure with
 sufficient detail, such as the CVSS score and vector. Privately disclosed
 vulnerabilities are embargoed by default until the fix is released.
 Communications and fixes remain private until made public. As nginx is
 supported by F5, we generally follow the
 [F5 security vulnerability response policy](https://my.f5.com/manage/s/article/K4602).
 ### Vulnerability Disclosure and Fix Service Level Objectives
 - We will acknowledge all vulnerability reports within 1 to 3 days.
 - Fixes will be developed and released within 90 days from the date of
 disclosure. If an extension is needed, we will work with the disclosing person.
 - Publicly disclosed (i.e., Zero-Day vulnerabilities) will be addressed ASAP.
 ## Confidentiality, Integrity, and Availability
 ### Confidentiality and Integrity
 Vulnerabilities compromising data confidentiality or integrity are considered
 the highest priority. Any issue leading to unauthorized data access, leaks, or
 manipulation will trigger the security release process.
 ### Availability
 Availability issues must meet the following criteria to trigger the security
 release process:
 - Is present in a standard module included with nginx.
 - Arises from traffic that the module is designed to handle.
 - Resource exhaustion issues are not mitigated by existing timeout, rate
 limiting, or buffer size configurations, or applying changes is impractical.
 - Results in highly asymmetric, extreme resource consumption.
 Availability issues excluded from the security release process:
 - Local file content or upstream response content resulting only in worker
 process termination.
 - Issues with experimental features which result only in availability impact.
 ## Trusted Configurations and Misconfigurations
 In nginx, configuration files, modules, certificate/key pairs, nginx JavaScript,
 and local file content are considered trusted sources. Issues arising from
 loading or execution of these trusted components are not considered
 vulnerabilities. Operators are responsible for securing and maintaining the
 integrity of these sources. Misconfigurations can create vulnerabilities, and
 operators should implement configurations according to best practices, review
 them regularly, and apply security updates.
 ## Data Plane vs. Control Plane
 The data plane handles traffic through nginx, directly interacting with user
 data. nginx inherently trusts the content and instructions from upstream
 servers. The control plane governs configuration, management, and orchestration.
 Misconfigurations or vulnerabilities in the control plane can cause improper
 behavior in the data plane.
 ## Modules Under Scope
 The policy applies to all nginx modules included in this repository. Security
 considerations and attack vectors for each module will be identified, with
 recommended configurations to mitigate risks.
 ## Debug Logging and Core Files
 Debug logs and core files produced by nginx may contain un-sanitized data,
 including sensitive information like client requests, server configurations,
 and private key material. These artifacts must be handled carefully to avoid
 exposing confidential data.
--- a/SUPPORT.md
+++ b/SUPPORT.md
@ -1,48 +0,0 @@
 # Support
 ## Ask a Question
 We use GitHub issues for tracking bugs and feature requests
 related to this project.
 If you don't know how something in the codebase works, are curious if NGINX
 is capable of achieving your desired functionality or want to discuss the
 implementation of an existing or in development feature, please start a
 GitHub discussion!
 ## NGINX Specific Questions and/or Issues
 This project isn't the right place to get support for NGINX and/or NGINX
 troubleshooting questions, but the following resources are available below.
 Thanks for your understanding!
 ### Community Forum
 We have a [community forum](https://community.nginx.org/)!
 If you have any NGINX specific questions and/or issues,
 try checking out the [`NGINX category`](https://community.nginx.org/c/projects/nginx/23).
 For general discussions around anything tangentially NGINX related,
 check out the [`General Discussion category`](https://community.nginx.org/c/general-discussion/34).
 Both fellow community members and NGINXers might be able to help you! :)
 ### Documentation
 For a comprehensive list of all NGINX directives, check out <https://nginx.org>.
 For a comprehensive list of administration and deployment guides for all
 NGINX products, check out <https://docs.nginx.com>.
 ## Contributing
 Please see the [contributing guide](/CONTRIBUTING.md) for guidelines
 on how to best contribute to this project.
 ## Commercial Support
 Commercial support for this project is available.
 Please get in touch with [F5 sales](https://www.f5.com/products/get-f5/)
 or check your contract details for more information!
 ## Community Support
 Community support is offered on a best effort basis through any of our active communities.
--- a/auto/cc/clang
+++ b/auto/cc/clang
@ -5,6 +5,15 @@
 # clang
 NGX_CLANG_VER=`$CC -v 2>&1 | grep 'version' 2>&1 \
                           | sed -n -e 's/^.*clang version \(.*\)/\1/p' \
                                    -e 's/^.*LLVM version \(.*\)/\1/p'`
 echo " + clang version: $NGX_CLANG_VER"
 have=NGX_COMPILER value="\"clang $NGX_CLANG_VER\"" . auto/define
 CC_TEST_FLAGS="-pipe"
--- a/auto/cc/conf
+++ b/auto/cc/conf
@ -117,7 +117,7 @@ else
            . auto/cc/acc
        ;;
-        msvc)
+        msvc*)
            # MSVC++ 6.0 SP2, MSVC++ Toolkit 2003
            . auto/cc/msvc
--- a/auto/cc/gcc
+++ b/auto/cc/gcc
@ -8,6 +8,14 @@
 #     4.0.0, 4.0.1, 4.1.0
 NGX_GCC_VER=`$CC -v 2>&1 | grep 'gcc version' 2>&1 \
                         | sed -e 's/^.* version \(.*\)/\1/'`
 echo " + gcc version: $NGX_GCC_VER"
 have=NGX_COMPILER value="\"gcc $NGX_GCC_VER\"" . auto/define
 # Solaris 7's /usr/ccs/bin/as does not support "-pipe"
 CC_TEST_FLAGS="-pipe"
@ -104,7 +112,7 @@ esac
 CC_AUX_FLAGS="$CC_AUX_FLAGS $CPU_OPT"
-case "$NGX_CC_VER" in
+case "$NGX_GCC_VER" in
    2.7*)
        # batch build
        CPU_OPT=
@ -137,7 +145,7 @@ CFLAGS="$CFLAGS -Wall -Wpointer-arith"
 #CFLAGS="$CFLAGS -Winline"
 #CFLAGS="$CFLAGS -Wmissing-prototypes"
-case "$NGX_CC_VER" in
+case "$NGX_GCC_VER" in
    2.*)
        # we have a lot of the unused function arguments
        CFLAGS="$CFLAGS -Wno-unused"
--- a/auto/cc/icc
+++ b/auto/cc/icc
@ -5,6 +5,14 @@
 # Intel C++ compiler 7.1, 8.0, 8.1, 9.0, 11.1
 NGX_ICC_VER=`$CC -V 2>&1 | grep 'Version' 2>&1 \
                         | sed -e 's/^.* Version \([^ ]*\) *Build.*$/\1/'`
 echo " + icc version: $NGX_ICC_VER"
 have=NGX_COMPILER value="\"Intel C Compiler $NGX_ICC_VER\"" . auto/define
 # optimizations
 CFLAGS="$CFLAGS -O"
@ -75,7 +83,7 @@ CFLAGS="$CFLAGS -wd1418"
 # external declaration in primary source file
 CFLAGS="$CFLAGS -wd1419"
-case "$NGX_CC_VER" in
+case "$NGX_ICC_VER" in
    9.*)
        # "cc" clobber ignored, warnings for Linux's htonl()/htons()
        CFLAGS="$CFLAGS -wd1469"
--- a/auto/cc/msvc
+++ b/auto/cc/msvc
@ -11,26 +11,15 @@
 # MSVC 2015 (14.0)                        cl 19.00
-ngx_msvc_ver=`echo $NGX_CC_VER | sed -e 's/^\([0-9]*\).*/\1/'`
+NGX_MSVC_VER=`$NGX_WINE $CC 2>&1 | grep 'Compiler Version' 2>&1 \
                                 | sed -e 's/^.* Version \(.*\)/\1/'`
 echo " + cl version: $NGX_MSVC_VER"
 have=NGX_COMPILER value="\"cl $NGX_MSVC_VER\"" . auto/define
-# detect x64 builds
+ngx_msvc_ver=`echo $NGX_MSVC_VER | sed -e 's/^\([0-9]*\).*/\1/'`
 case "$NGX_CC_VER" in
    *ARM64)
        NGX_MACHINE=arm64
    ;;
    *x64)
        NGX_MACHINE=amd64
    ;;
    *)
        NGX_MACHINE=i386
    ;;
 esac
 # optimizations
--- a/auto/cc/name
+++ b/auto/cc/name
@ -28,13 +28,6 @@ if [ "$CC" = cl ]; then
    NGX_CC_NAME=msvc
    echo " + using Microsoft Visual C++ compiler"
    NGX_CC_VER=`$NGX_WINE $CC 2>&1 \
                | grep 'C/C++.* [0-9][0-9]*\.[0-9]' 2>&1 \
                | sed -e 's/^.* \([0-9][0-9]*\.[0-9].*\)/\1/'`
    echo " + cl version: $NGX_CC_VER"
    have=NGX_COMPILER value="\"cl $NGX_CC_VER\"" . auto/define
 elif [ "$CC" = wcl386 ]; then
    NGX_CC_NAME=owc
    echo " + using Open Watcom C compiler"
@ -47,48 +40,22 @@ elif `$CC -V 2>&1 | grep '^Intel(R) C' >/dev/null 2>&1`; then
    NGX_CC_NAME=icc
    echo " + using Intel C++ compiler"
    NGX_CC_VER=`$CC -V 2>&1 \
                | sed -n -e 's/^.* Version \([^ ]*\) *Build.*$/\1/p'`
    echo " + icc version: $NGX_CC_VER"
    have=NGX_COMPILER value="\"Intel C Compiler $NGX_CC_VER\"" . auto/define
 elif `$CC -v 2>&1 | grep 'gcc version' >/dev/null 2>&1`; then
    NGX_CC_NAME=gcc
    echo " + using GNU C compiler"
    NGX_CC_VER=`$CC -v 2>&1 | sed -n -e 's/^.*gcc version \(.*\)/\1/p'`
    echo " + gcc version: $NGX_CC_VER"
    have=NGX_COMPILER value="\"gcc $NGX_CC_VER\"" . auto/define
 elif `$CC -v 2>&1 | grep 'clang version' >/dev/null 2>&1`; then
    NGX_CC_NAME=clang
    echo " + using Clang C compiler"
    NGX_CC_VER=`$CC -v 2>&1 | sed -n -e 's/^.*clang version \(.*\)/\1/p'`
    echo " + clang version: $NGX_CC_VER"
    have=NGX_COMPILER value="\"clang $NGX_CC_VER\"" . auto/define
 elif `$CC -v 2>&1 | grep 'LLVM version' >/dev/null 2>&1`; then
    NGX_CC_NAME=clang
    echo " + using Clang C compiler"
    NGX_CC_VER=`$CC -v 2>&1 | sed -n -e 's/^.*LLVM version \(.*\)/\1/p'`
    echo " + clang version: $NGX_CC_VER"
    have=NGX_COMPILER value="\"clang $NGX_CC_VER\"" . auto/define
 elif `$CC -V 2>&1 | grep 'Sun C' >/dev/null 2>&1`; then
    NGX_CC_NAME=sunc
    echo " + using Sun C compiler"
    NGX_CC_VER=`$CC -V 2>&1 | sed -n -e 's/^.* Sun C \(.*\)/\1/p'`
    echo " + Sun C version: $NGX_CC_VER"
    have=NGX_COMPILER value="\"Sun C $NGX_CC_VER\"" . auto/define
 elif `$CC -V 2>&1 | grep '^Compaq C' >/dev/null 2>&1`; then
    NGX_CC_NAME=ccc
    echo " + using Compaq C compiler"
--- a/auto/cc/sunc
+++ b/auto/cc/sunc
@ -13,6 +13,13 @@
 # Sun C 5.13 SunOS_i386 2014/10/20        Oracle Solaris Studio 12.4
 # Sun C 5.14 SunOS_i386 2016/05/31        Oracle Developer Studio 12.5
 NGX_SUNC_VER=`$CC -V 2>&1 | grep 'Sun C' 2>&1 \
                          | sed -e 's/^.* Sun C \(.*\)/\1/'`
 echo " + Sun C version: $NGX_SUNC_VER"
 have=NGX_COMPILER value="\"Sun C $NGX_SUNC_VER\"" . auto/define
 cat << END > $NGX_AUTOTEST.c
--- a/auto/configure
+++ b/auto/configure
@ -44,7 +44,6 @@ if test -z "$NGX_PLATFORM"; then
 else
    echo "building for $NGX_PLATFORM"
    NGX_SYSTEM=$NGX_PLATFORM
    NGX_MACHINE=i386
 fi
 . auto/cc/conf
--- a/auto/install
+++ b/auto/install
@ -112,7 +112,7 @@ install:	build $NGX_INSTALL_PERL_MODULES
 	test ! -f '\$(DESTDIR)$NGX_SBIN_PATH' \\
 		|| mv '\$(DESTDIR)$NGX_SBIN_PATH' \\
 			'\$(DESTDIR)$NGX_SBIN_PATH.old'
-	cp $NGX_OBJS/nginx$ngx_binext '\$(DESTDIR)$NGX_SBIN_PATH'
+	cp $NGX_OBJS/nginx '\$(DESTDIR)$NGX_SBIN_PATH'
 	test -d '\$(DESTDIR)$NGX_CONF_PREFIX' \\
 		|| mkdir -p '\$(DESTDIR)$NGX_CONF_PREFIX'
--- a/auto/lib/geoip/conf
+++ b/auto/lib/geoip/conf
@ -64,23 +64,6 @@ if [ $ngx_found = no ]; then
 fi
 if [ $ngx_found = no ]; then
    # Homebrew on Apple Silicon
    ngx_feature="GeoIP library in /opt/homebrew/"
    ngx_feature_path="/opt/homebrew/include"
    if [ $NGX_RPATH = YES ]; then
        ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lGeoIP"
    else
        ngx_feature_libs="-L/opt/homebrew/lib -lGeoIP"
    fi
    . auto/feature
 fi
 if [ $ngx_found = yes ]; then
    CORE_INCS="$CORE_INCS $ngx_feature_path"
--- a/auto/lib/google-perftools/conf
+++ b/auto/lib/google-perftools/conf
@ -46,22 +46,6 @@ if [ $ngx_found = no ]; then
 fi
 if [ $ngx_found = no ]; then
    # Homebrew on Apple Silicon
    ngx_feature="Google perftools in /opt/homebrew/"
    if [ $NGX_RPATH = YES ]; then
        ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lprofiler"
    else
        ngx_feature_libs="-L/opt/homebrew/lib -lprofiler"
    fi
    . auto/feature
 fi
 if [ $ngx_found = yes ]; then
    CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
--- a/auto/lib/libatomic/conf
+++ b/auto/lib/libatomic/conf
@ -7,8 +7,8 @@ if [ $NGX_LIBATOMIC != YES ]; then
    have=NGX_HAVE_LIBATOMIC . auto/have
    CORE_INCS="$CORE_INCS $NGX_LIBATOMIC/src"
-    LINK_DEPS="$LINK_DEPS $NGX_LIBATOMIC/build/lib/libatomic_ops.a"
+    LINK_DEPS="$LINK_DEPS $NGX_LIBATOMIC/src/libatomic_ops.a"
-    CORE_LIBS="$CORE_LIBS $NGX_LIBATOMIC/build/lib/libatomic_ops.a"
+    CORE_LIBS="$CORE_LIBS $NGX_LIBATOMIC/src/libatomic_ops.a"
 else
@ -19,7 +19,7 @@ else
                      #include <atomic_ops.h>"
    ngx_feature_path=
    ngx_feature_libs="-latomic_ops"
-    ngx_feature_test="AO_t  n = 0;
+    ngx_feature_test="long  n = 0;
                      if (!AO_compare_and_swap(&n, 0, 1))
                          return 1;
                      if (AO_fetch_and_add(&n, 1) != 1)
--- a/auto/lib/libatomic/make
+++ b/auto/lib/libatomic/make
@ -3,19 +3,14 @@
 # Copyright (C) Nginx, Inc.
    case $NGX_LIBATOMIC in
        /*) ngx_prefix="$NGX_LIBATOMIC/build" ;;
        *)  ngx_prefix="$PWD/$NGX_LIBATOMIC/build" ;;
    esac
    cat << END                                            >> $NGX_MAKEFILE
-$NGX_LIBATOMIC/build/lib/libatomic_ops.a:	$NGX_LIBATOMIC/Makefile
+$NGX_LIBATOMIC/src/libatomic_ops.a:	$NGX_LIBATOMIC/Makefile
-	cd $NGX_LIBATOMIC && \$(MAKE) && \$(MAKE) install
+	cd $NGX_LIBATOMIC && \$(MAKE)
 $NGX_LIBATOMIC/Makefile:	$NGX_MAKEFILE
 	cd $NGX_LIBATOMIC \\
 	&& if [ -f Makefile ]; then \$(MAKE) distclean; fi \\
-	&& ./configure --prefix=$ngx_prefix
+	&& ./configure
 END
--- a/auto/lib/libgd/conf
+++ b/auto/lib/libgd/conf
@ -65,23 +65,6 @@ if [ $ngx_found = no ]; then
 fi
 if [ $ngx_found = no ]; then
    # Homebrew on Apple Silicon
    ngx_feature="GD library in /opt/homebrew/"
    ngx_feature_path="/opt/homebrew/include"
    if [ $NGX_RPATH = YES ]; then
        ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lgd"
    else
        ngx_feature_libs="-L/opt/homebrew/lib -lgd"
    fi
    . auto/feature
 fi
 if [ $ngx_found = yes ]; then
    CORE_INCS="$CORE_INCS $ngx_feature_path"
--- a/auto/lib/openssl/conf
+++ b/auto/lib/openssl/conf
@ -5,18 +5,12 @@
 if [ $OPENSSL != NONE ]; then
    have=NGX_OPENSSL . auto/have
    have=NGX_SSL . auto/have
    have=NGX_OPENSSL_NO_CONFIG . auto/have
    if [ $USE_OPENSSL_QUIC = YES ]; then
        have=NGX_QUIC . auto/have
    fi
    case "$CC" in
        cl | bcc32)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have
            CFLAGS="$CFLAGS -DNO_SYS_TYPES_H"
            CORE_INCS="$CORE_INCS $OPENSSL/openssl/include"
@ -39,6 +33,9 @@ if [ $OPENSSL != NONE ]; then
        ;;
        *)
            have=NGX_OPENSSL . auto/have
            have=NGX_SSL . auto/have
            CORE_INCS="$CORE_INCS $OPENSSL/.openssl/include"
            CORE_DEPS="$CORE_DEPS $OPENSSL/.openssl/include/openssl/ssl.h"
            CORE_LIBS="$CORE_LIBS $OPENSSL/.openssl/lib/libssl.a"
@ -121,62 +118,11 @@ else
            . auto/feature
        fi
        if [ $ngx_found = no ]; then
            # Homebrew on Apple Silicon
            ngx_feature="OpenSSL library in /opt/homebrew/"
            ngx_feature_path="/opt/homebrew/include"
            if [ $NGX_RPATH = YES ]; then
                ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lssl -lcrypto"
            else
                ngx_feature_libs="-L/opt/homebrew/lib -lssl -lcrypto"
            fi
            ngx_feature_libs="$ngx_feature_libs $NGX_LIBDL $NGX_LIBPTHREAD"
            . auto/feature
        fi
        if [ $ngx_found = yes ]; then
            have=NGX_SSL . auto/have
            CORE_INCS="$CORE_INCS $ngx_feature_path"
            CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
            OPENSSL=YES
            if [ $USE_OPENSSL_QUIC = YES ]; then
                ngx_feature="OpenSSL QUIC API"
                ngx_feature_name="NGX_QUIC"
                ngx_feature_test="SSL_set_quic_tls_cbs(NULL, NULL, NULL)"
                . auto/feature
                if [ $ngx_found = no ]; then
                    ngx_feature="BoringSSL-like QUIC API"
                    ngx_feature_test="SSL_set_quic_method(NULL, NULL)"
                    . auto/feature
                fi
                if [ $ngx_found = no ]; then
                    ngx_feature="OpenSSL QUIC compatibility"
                    ngx_feature_test="SSL_CTX_add_custom_ext(NULL, 0, 0,
                                                 NULL, NULL, NULL, NULL, NULL)"
                    . auto/feature
                fi
                if [ $ngx_found = no ]; then
 cat << END
 $0: error: certain modules require OpenSSL QUIC support.
 You can either do not enable the modules, or install the OpenSSL library with
 QUIC support into the system, or build the OpenSSL library with QUIC support
 statically from the source with nginx by using --with-openssl=<path> option.
 END
                        exit 1
                fi
            fi
        fi
    fi
--- a/auto/lib/openssl/make
+++ b/auto/lib/openssl/make
@ -7,28 +7,11 @@ case "$CC" in
    cl)
        case "$NGX_MACHINE" in
            amd64)
                OPENSSL_TARGET=VC-WIN64A
            ;;
            arm64)
                OPENSSL_TARGET=VC-WIN64-ARM
            ;;
            *)
                OPENSSL_TARGET=VC-WIN32
            ;;
        esac
        cat << END                                            >> $NGX_MAKEFILE
 $OPENSSL/openssl/include/openssl/ssl.h:	$NGX_MAKEFILE
 	\$(MAKE) -f auto/lib/openssl/makefile.msvc			\
-		OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT"		\
+		OPENSSL="$OPENSSL" OPENSSL_OPT="$OPENSSL_OPT"
 		OPENSSL_TARGET="$OPENSSL_TARGET"
 END
--- a/auto/lib/openssl/makefile.msvc
+++ b/auto/lib/openssl/makefile.msvc
@ -6,7 +6,7 @@
 all:
 	cd $(OPENSSL)
-	perl Configure $(OPENSSL_TARGET) no-shared no-threads		\
+	perl Configure VC-WIN32 no-shared				\
 		--prefix="%cd%/openssl" 				\
 		--openssldir="%cd%/openssl/ssl" 			\
 		$(OPENSSL_OPT)
--- a/auto/lib/pcre/conf
+++ b/auto/lib/pcre/conf
@ -182,22 +182,6 @@ else
            . auto/feature
        fi
        if [ $ngx_found = no ]; then
            # Homebrew on Apple Silicon
            ngx_feature="PCRE library in /opt/homebrew/"
            ngx_feature_path="/opt/homebrew/include"
            if [ $NGX_RPATH = YES ]; then
                ngx_feature_libs="-R/opt/homebrew/lib -L/opt/homebrew/lib -lpcre"
            else
                ngx_feature_libs="-L/opt/homebrew/lib -lpcre"
            fi
            . auto/feature
        fi
        if [ $ngx_found = yes ]; then
            CORE_INCS="$CORE_INCS $ngx_feature_path"
            CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
--- a/auto/lib/pcre/make
+++ b/auto/lib/pcre/make
@ -36,10 +36,7 @@ if [ $PCRE_LIBRARY = PCRE2 ]; then
                       pcre2_valid_utf.c \
                       pcre2_xclass.c"
-        ngx_pcre_test="pcre2_chkdint.c \
+        ngx_pcre_test="pcre2_convert.c \
                       pcre2_compile_cgroup.c \
                       pcre2_compile_class.c \
                       pcre2_convert.c \
                       pcre2_extuni.c \
                       pcre2_find_bracket.c \
                       pcre2_script_run.c \
--- a/auto/make
+++ b/auto/make
@ -6,10 +6,9 @@
 echo "creating $NGX_MAKEFILE"
 mkdir -p $NGX_OBJS/src/core $NGX_OBJS/src/event $NGX_OBJS/src/event/modules \
         $NGX_OBJS/src/event/quic \
         $NGX_OBJS/src/os/unix $NGX_OBJS/src/os/win32 \
-         $NGX_OBJS/src/http $NGX_OBJS/src/http/v2 $NGX_OBJS/src/http/v3 \
+         $NGX_OBJS/src/http $NGX_OBJS/src/http/v2 $NGX_OBJS/src/http/modules \
-         $NGX_OBJS/src/http/modules $NGX_OBJS/src/http/modules/perl \
+         $NGX_OBJS/src/http/modules/perl \
         $NGX_OBJS/src/mail \
         $NGX_OBJS/src/stream \
         $NGX_OBJS/src/misc
--- a/auto/modules
+++ b/auto/modules
@ -102,7 +102,7 @@ if [ $HTTP = YES ]; then
    fi
-    if [ $HTTP_V2 = YES -o $HTTP_V3 = YES ]; then
+    if [ $HTTP_V2 = YES ]; then
        HTTP_SRCS="$HTTP_SRCS $HTTP_HUFF_SRCS"
    fi
@ -124,7 +124,6 @@ if [ $HTTP = YES ]; then
    #     ngx_http_header_filter
    #     ngx_http_chunked_filter
    #     ngx_http_v2_filter
    #     ngx_http_v3_filter
    #     ngx_http_range_header_filter
    #     ngx_http_gzip_filter
    #     ngx_http_postpone_filter
@ -157,7 +156,6 @@ if [ $HTTP = YES ]; then
                      ngx_http_header_filter_module \
                      ngx_http_chunked_filter_module \
                      ngx_http_v2_filter_module \
                      ngx_http_v3_filter_module \
                      ngx_http_range_header_filter_module \
                      ngx_http_gzip_filter_module \
                      ngx_http_postpone_filter_module \
@ -219,17 +217,6 @@ if [ $HTTP = YES ]; then
        . auto/module
    fi
    if [ $HTTP_V3 = YES ]; then
        ngx_module_name=ngx_http_v3_filter_module
        ngx_module_incs=
        ngx_module_deps=
        ngx_module_srcs=src/http/v3/ngx_http_v3_filter_module.c
        ngx_module_libs=
        ngx_module_link=$HTTP_V3
        . auto/module
    fi
    if :; then
        ngx_module_name=ngx_http_range_header_filter_module
        ngx_module_incs=
@ -423,6 +410,7 @@ if [ $HTTP = YES ]; then
    if [ $HTTP_V2 = YES ]; then
        have=NGX_HTTP_V2 . auto/have
        have=NGX_HTTP_HEADERS . auto/have
        ngx_module_name=ngx_http_v2_module
        ngx_module_incs=src/http/v2
@ -438,32 +426,6 @@ if [ $HTTP = YES ]; then
        . auto/module
    fi
    if [ $HTTP_V3 = YES ]; then
        USE_OPENSSL_QUIC=YES
        HTTP_SSL=YES
        have=NGX_HTTP_V3 . auto/have
        ngx_module_name=ngx_http_v3_module
        ngx_module_incs=src/http/v3
        ngx_module_deps="src/http/v3/ngx_http_v3.h \
                         src/http/v3/ngx_http_v3_encode.h \
                         src/http/v3/ngx_http_v3_parse.h \
                         src/http/v3/ngx_http_v3_table.h \
                         src/http/v3/ngx_http_v3_uni.h"
        ngx_module_srcs="src/http/v3/ngx_http_v3.c \
                         src/http/v3/ngx_http_v3_encode.c \
                         src/http/v3/ngx_http_v3_parse.c \
                         src/http/v3/ngx_http_v3_table.c \
                         src/http/v3/ngx_http_v3_uni.c \
                         src/http/v3/ngx_http_v3_request.c \
                         src/http/v3/ngx_http_v3_module.c"
        ngx_module_libs=
        ngx_module_link=$HTTP_V3
        . auto/module
    fi
    if :; then
        ngx_module_name=ngx_http_static_module
        ngx_module_incs=
@ -729,7 +691,7 @@ if [ $HTTP = YES ]; then
        ngx_module_name=ngx_http_proxy_module
        ngx_module_incs=
-        ngx_module_deps=src/http/modules/ngx_http_proxy_module.h
+        ngx_module_deps=
        ngx_module_srcs=src/http/modules/ngx_http_proxy_module.c
        ngx_module_libs=
        ngx_module_link=$HTTP_PROXY
@ -781,17 +743,6 @@ if [ $HTTP = YES ]; then
        . auto/module
    fi
    if [ $HTTP_PROXY = YES -a $HTTP_V2 = YES ]; then
        ngx_module_name=ngx_http_proxy_v2_module
        ngx_module_incs=
        ngx_module_deps=
        ngx_module_srcs=src/http/modules/ngx_http_proxy_v2_module.c
        ngx_module_libs=
        ngx_module_link=$HTTP_V2
        . auto/module
    fi
    if [ $HTTP_PERL != NO ]; then
        ngx_module_name=ngx_http_perl_module
        ngx_module_incs=src/http/modules/perl
@ -1177,16 +1128,6 @@ if [ $STREAM != NO ]; then
        . auto/module
    fi
    if [ $STREAM_PASS = YES ]; then
        ngx_module_name=ngx_stream_pass_module
        ngx_module_deps=
        ngx_module_srcs=src/stream/ngx_stream_pass_module.c
        ngx_module_libs=
        ngx_module_link=$STREAM_PASS
        . auto/module
    fi
    if [ $STREAM_SET = YES ]; then
        ngx_module_name=ngx_stream_set_module
        ngx_module_deps=
@ -1318,11 +1259,10 @@ fi
 if [ $USE_OPENSSL = YES ]; then
    ngx_module_type=CORE
-    ngx_module_name="ngx_openssl_module ngx_openssl_cache_module"
+    ngx_module_name=ngx_openssl_module
    ngx_module_incs=
    ngx_module_deps=src/event/ngx_event_openssl.h
    ngx_module_srcs="src/event/ngx_event_openssl.c
                     src/event/ngx_event_openssl_cache.c
                     src/event/ngx_event_openssl_stapling.c"
    ngx_module_libs=
    ngx_module_link=YES
@ -1332,63 +1272,6 @@ if [ $USE_OPENSSL = YES ]; then
 fi
 if [ $USE_OPENSSL_QUIC = YES ]; then
    ngx_module_type=CORE
    ngx_module_name=ngx_quic_module
    ngx_module_incs=
    ngx_module_deps="src/event/quic/ngx_event_quic.h \
                     src/event/quic/ngx_event_quic_transport.h \
                     src/event/quic/ngx_event_quic_protection.h \
                     src/event/quic/ngx_event_quic_connection.h \
                     src/event/quic/ngx_event_quic_frames.h \
                     src/event/quic/ngx_event_quic_connid.h \
                     src/event/quic/ngx_event_quic_migration.h \
                     src/event/quic/ngx_event_quic_streams.h \
                     src/event/quic/ngx_event_quic_ssl.h \
                     src/event/quic/ngx_event_quic_tokens.h \
                     src/event/quic/ngx_event_quic_ack.h \
                     src/event/quic/ngx_event_quic_output.h \
                     src/event/quic/ngx_event_quic_socket.h \
                     src/event/quic/ngx_event_quic_openssl_compat.h"
    ngx_module_srcs="src/event/quic/ngx_event_quic.c \
                     src/event/quic/ngx_event_quic_udp.c \
                     src/event/quic/ngx_event_quic_transport.c \
                     src/event/quic/ngx_event_quic_protection.c \
                     src/event/quic/ngx_event_quic_frames.c \
                     src/event/quic/ngx_event_quic_connid.c \
                     src/event/quic/ngx_event_quic_migration.c \
                     src/event/quic/ngx_event_quic_streams.c \
                     src/event/quic/ngx_event_quic_ssl.c \
                     src/event/quic/ngx_event_quic_tokens.c \
                     src/event/quic/ngx_event_quic_ack.c \
                     src/event/quic/ngx_event_quic_output.c \
                     src/event/quic/ngx_event_quic_socket.c \
                     src/event/quic/ngx_event_quic_openssl_compat.c"
    ngx_module_libs=
    ngx_module_link=YES
    ngx_module_order=
    . auto/module
    if [ $QUIC_BPF = YES -a $SO_COOKIE_FOUND = YES ]; then
        ngx_module_type=CORE
        ngx_module_name=ngx_quic_bpf_module
        ngx_module_incs=
        ngx_module_deps=
        ngx_module_srcs="src/event/quic/ngx_event_quic_bpf.c \
                         src/event/quic/ngx_event_quic_bpf_code.c"
        ngx_module_libs=
        ngx_module_link=YES
        ngx_module_order=
        . auto/module
        have=NGX_QUIC_BPF . auto/have
    fi
 fi
 if [ $USE_PCRE = YES ]; then
    ngx_module_type=CORE
    ngx_module_name=ngx_regex_module
--- a/auto/options
+++ b/auto/options
@ -45,8 +45,6 @@ USE_THREADS=NO
 NGX_FILE_AIO=NO
 QUIC_BPF=NO
 HTTP=YES
 NGX_HTTP_LOG_PATH=
@ -61,7 +59,6 @@ HTTP_CHARSET=YES
 HTTP_GZIP=YES
 HTTP_SSL=NO
 HTTP_V2=NO
 HTTP_V3=NO
 HTTP_SSI=YES
 HTTP_REALIP=NO
 HTTP_XSLT=NO
@ -127,7 +124,6 @@ STREAM_GEOIP=NO
 STREAM_MAP=YES
 STREAM_SPLIT_CLIENTS=YES
 STREAM_RETURN=YES
 STREAM_PASS=YES
 STREAM_SET=YES
 STREAM_UPSTREAM_HASH=YES
 STREAM_UPSTREAM_LEAST_CONN=YES
@ -153,7 +149,6 @@ PCRE_JIT=NO
 PCRE2=YES
 USE_OPENSSL=NO
 USE_OPENSSL_QUIC=NO
 OPENSSL=NONE
 USE_ZLIB=NO
@ -171,8 +166,6 @@ USE_GEOIP=NO
 NGX_GOOGLE_PERFTOOLS=NO
 NGX_CPP_TEST=NO
 SO_COOKIE_FOUND=NO
 NGX_LIBATOMIC=NO
 NGX_CPU_CACHE_LINE=
@ -218,8 +211,6 @@ do
        --with-file-aio)                 NGX_FILE_AIO=YES           ;;
        --without-quic_bpf_module)       QUIC_BPF=NONE              ;;
        --with-ipv6)
            NGX_POST_CONF_MSG="$NGX_POST_CONF_MSG
 $0: warning: the \"--with-ipv6\" option is deprecated"
@ -237,7 +228,6 @@ $0: warning: the \"--with-ipv6\" option is deprecated"
        --with-http_ssl_module)          HTTP_SSL=YES               ;;
        --with-http_v2_module)           HTTP_V2=YES                ;;
        --with-http_v3_module)           HTTP_V3=YES                ;;
        --with-http_realip_module)       HTTP_REALIP=YES            ;;
        --with-http_addition_module)     HTTP_ADDITION=YES          ;;
        --with-http_xslt_module)         HTTP_XSLT=YES              ;;
@ -338,7 +328,6 @@ use the \"--with-mail_ssl_module\" option instead"
        --without-stream_split_clients_module)
                                         STREAM_SPLIT_CLIENTS=NO    ;;
        --without-stream_return_module)  STREAM_RETURN=NO           ;;
        --without-stream_pass_module)    STREAM_PASS=NO             ;;
        --without-stream_set_module)     STREAM_SET=NO              ;;
        --without-stream_upstream_hash_module)
                                         STREAM_UPSTREAM_HASH=NO    ;;
@ -454,11 +443,8 @@ cat << END
  --with-file-aio                    enable file AIO support
  --without-quic_bpf_module          disable ngx_quic_bpf_module
  --with-http_ssl_module             enable ngx_http_ssl_module
  --with-http_v2_module              enable ngx_http_v2_module
  --with-http_v3_module              enable ngx_http_v3_module
  --with-http_realip_module          enable ngx_http_realip_module
  --with-http_addition_module        enable ngx_http_addition_module
  --with-http_xslt_module            enable ngx_http_xslt_module
@ -558,7 +544,6 @@ cat << END
  --without-stream_split_clients_module
                                     disable ngx_stream_split_clients_module
  --without-stream_return_module     disable ngx_stream_return_module
  --without-stream_pass_module       disable ngx_stream_pass_module
  --without-stream_set_module        disable ngx_stream_set_module
  --without-stream_upstream_hash_module
                                     disable ngx_stream_upstream_hash_module
--- a/auto/os/conf
+++ b/auto/os/conf
@ -115,21 +115,6 @@ case "$NGX_MACHINE" in
        NGX_MACH_CACHE_LINE=64
    ;;
    ppc64* | powerpc64*)
        have=NGX_ALIGNMENT value=16 . auto/define
        NGX_MACH_CACHE_LINE=128
    ;;
    riscv64)
        have=NGX_ALIGNMENT value=16 . auto/define
        NGX_MACH_CACHE_LINE=64
    ;;
    s390x)
        have=NGX_ALIGNMENT value=16 . auto/define
        NGX_MACH_CACHE_LINE=256
    ;;
    *)
        have=NGX_ALIGNMENT value=16 . auto/define
        NGX_MACH_CACHE_LINE=32
--- a/auto/os/darwin
+++ b/auto/os/darwin
@ -118,19 +118,3 @@ ngx_feature_libs=
 ngx_feature_test="int32_t  lock = 0;
                  if (!OSAtomicCompareAndSwap32Barrier(0, 1, &lock)) return 1"
 . auto/feature
 ngx_feature="TCP_KEEPALIVE"
 ngx_feature_name="NGX_HAVE_KEEPALIVE_TUNABLE"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  #include <netinet/in.h>
                  #include <netinet/tcp.h>"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="setsockopt(0, IPPROTO_TCP, TCP_KEEPALIVE, NULL, 0);
                  setsockopt(0, IPPROTO_TCP, TCP_KEEPINTVL, NULL, 0);
                  setsockopt(0, IPPROTO_TCP, TCP_KEEPCNT, NULL, 0)"
 . auto/feature
 NGX_KEEPALIVE_CHECKED=YES
--- a/auto/os/linux
+++ b/auto/os/linux
@ -228,64 +228,17 @@ ngx_feature_test="struct crypt_data  cd;
                  crypt_r(\"key\", \"salt\", &cd);"
 . auto/feature
 if [ $ngx_found = yes ]; then
    CRYPT_LIB="-lcrypt"
 fi
 ngx_include="sys/vfs.h";     . auto/include
 # BPF sockhash
 ngx_feature="BPF sockhash"
 ngx_feature_name="NGX_HAVE_BPF"
 ngx_feature_run=no
 ngx_feature_incs="#include <linux/bpf.h>
                  #include <sys/syscall.h>"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="union bpf_attr attr = { 0 };
                  attr.map_flags = 0;
                  attr.map_type = BPF_MAP_TYPE_SOCKHASH;
                  syscall(__NR_bpf, 0, &attr, 0);"
 . auto/feature
 if [ $ngx_found = yes ]; then
    CORE_SRCS="$CORE_SRCS src/core/ngx_bpf.c"
    CORE_DEPS="$CORE_DEPS src/core/ngx_bpf.h"
    if [ $QUIC_BPF != NONE ]; then
        QUIC_BPF=YES
    fi
 fi
 ngx_feature="SO_COOKIE"
 ngx_feature_name="NGX_HAVE_SO_COOKIE"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  $NGX_INCLUDE_INTTYPES_H"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="socklen_t optlen = sizeof(uint64_t);
                  uint64_t cookie;
                  getsockopt(0, SOL_SOCKET, SO_COOKIE, &cookie, &optlen)"
 . auto/feature
 if [ $ngx_found = yes ]; then
    SO_COOKIE_FOUND=YES
 fi
 # UDP segmentation offloading
 ngx_feature="UDP_SEGMENT"
 ngx_feature_name="NGX_HAVE_UDP_SEGMENT"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  #include <stdint.h>
                  #include <netinet/udp.h>"
 ngx_feature_path=
 ngx_feature_libs=
--- a/auto/os/win32
+++ b/auto/os/win32
@ -18,7 +18,7 @@ ngx_binext=".exe"
 case "$NGX_CC_NAME" in
-    clang | gcc)
+    gcc)
        CORE_LIBS="$CORE_LIBS -ladvapi32 -lws2_32"
        MAIN_LINK="$MAIN_LINK -Wl,--export-all-symbols"
        MAIN_LINK="$MAIN_LINK -Wl,--out-implib=$NGX_OBJS/libnginx.a"
--- a/auto/sources
+++ b/auto/sources
@ -83,7 +83,7 @@ CORE_SRCS="src/core/nginx.c \
 EVENT_MODULES="ngx_events_module ngx_event_core_module"
-EVENT_INCS="src/event src/event/modules src/event/quic"
+EVENT_INCS="src/event src/event/modules"
 EVENT_DEPS="src/event/ngx_event.h \
            src/event/ngx_event_timer.h \
--- a/auto/unix
+++ b/auto/unix
@ -129,8 +129,28 @@ if test -z "$NGX_KQUEUE_CHECKED"; then
 fi
 if [ "$NGX_SYSTEM" = "NetBSD" ]; then
    # NetBSD 2.0 incompatibly defines kevent.udata as "intptr_t"
    cat << END >> $NGX_AUTO_CONFIG_H
 #define NGX_KQUEUE_UDATA_T
 END
 else
    cat << END >> $NGX_AUTO_CONFIG_H
 #define NGX_KQUEUE_UDATA_T  (void *)
 END
 fi
 ngx_feature="crypt()"
-ngx_feature_name="NGX_HAVE_CRYPT"
+ngx_feature_name=
 ngx_feature_run=no
 ngx_feature_incs=
 ngx_feature_path=
@ -142,7 +162,7 @@ ngx_feature_test="crypt(\"test\", \"salt\");"
 if [ $ngx_found = no ]; then
    ngx_feature="crypt() in libcrypt"
-    ngx_feature_name="NGX_HAVE_CRYPT"
+    ngx_feature_name=
    ngx_feature_run=no
    ngx_feature_incs=
    ngx_feature_path=
@ -428,54 +448,6 @@ ngx_feature_test="setsockopt(0, IPPROTO_IPV6, IPV6_RECVPKTINFO, NULL, 0)"
 . auto/feature
 # IP packet fragmentation
 ngx_feature="IP_MTU_DISCOVER"
 ngx_feature_name="NGX_HAVE_IP_MTU_DISCOVER"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  #include <netinet/in.h>"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="(void) IP_PMTUDISC_DO;
                  setsockopt(0, IPPROTO_IP, IP_MTU_DISCOVER, NULL, 0)"
 . auto/feature
 ngx_feature="IPV6_MTU_DISCOVER"
 ngx_feature_name="NGX_HAVE_IPV6_MTU_DISCOVER"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  #include <netinet/in.h>"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="(void) IPV6_PMTUDISC_DO;
                  setsockopt(0, IPPROTO_IPV6, IPV6_MTU_DISCOVER, NULL, 0)"
 . auto/feature
 ngx_feature="IP_DONTFRAG"
 ngx_feature_name="NGX_HAVE_IP_DONTFRAG"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  #include <netinet/in.h>"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="setsockopt(0, IPPROTO_IP, IP_DONTFRAG, NULL, 0)"
 . auto/feature
 ngx_feature="IPV6_DONTFRAG"
 ngx_feature_name="NGX_HAVE_IPV6_DONTFRAG"
 ngx_feature_run=no
 ngx_feature_incs="#include <sys/socket.h>
                  #include <netinet/in.h>"
 ngx_feature_path=
 ngx_feature_libs=
 ngx_feature_test="setsockopt(0, IPPROTO_IP, IPV6_DONTFRAG, NULL, 0)"
 . auto/feature
 ngx_feature="TCP_DEFER_ACCEPT"
 ngx_feature_name="NGX_HAVE_DEFERRED_ACCEPT"
 ngx_feature_run=no
@ -488,20 +460,18 @@ ngx_feature_test="setsockopt(0, IPPROTO_TCP, TCP_DEFER_ACCEPT, NULL, 0)"
 . auto/feature
-if test -z "$NGX_KEEPALIVE_CHECKED"; then
+ngx_feature="TCP_KEEPIDLE"
-    ngx_feature="TCP_KEEPIDLE"
+ngx_feature_name="NGX_HAVE_KEEPALIVE_TUNABLE"
-    ngx_feature_name="NGX_HAVE_KEEPALIVE_TUNABLE"
+ngx_feature_run=no
-    ngx_feature_run=no
+ngx_feature_incs="#include <sys/socket.h>
    ngx_feature_incs="#include <sys/socket.h>
                  #include <netinet/in.h>
                  #include <netinet/tcp.h>"
-    ngx_feature_path=
+ngx_feature_path=
-    ngx_feature_libs=
+ngx_feature_libs=
-    ngx_feature_test="setsockopt(0, IPPROTO_TCP, TCP_KEEPIDLE, NULL, 0);
+ngx_feature_test="setsockopt(0, IPPROTO_TCP, TCP_KEEPIDLE, NULL, 0);
                  setsockopt(0, IPPROTO_TCP, TCP_KEEPINTVL, NULL, 0);
                  setsockopt(0, IPPROTO_TCP, TCP_KEEPCNT, NULL, 0)"
-    . auto/feature
+. auto/feature
 fi
 ngx_feature="TCP_FASTOPEN"
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@ -36,6 +36,8 @@ http {
        listen       80;
        server_name  localhost;
        #charset koi8-r;
        #access_log  logs/host.access.log  main;
        location / {
--- a/conf/win-utf
+++ b/conf/win-utf
@ -37,7 +37,7 @@ charset_map  windows-1251  utf-8 {
    AA  D084 ;   # capital Ukrainian YE
    AB  C2AB ;   # left-pointing double angle quotation mark
    AC  C2AC ;   # not sign
-    AD  C2AD ;   # soft hyphen
+    AD  C2AD ;   # soft hypen
    AE  C2AE ;   # (R)
    AF  D087 ;   # capital Ukrainian YI
--- a/contrib/vim/syntax/nginx.vim
+++ b/contrib/vim/syntax/nginx.vim
@ -65,12 +65,12 @@ syn match ngxListenComment '#.*$'
    \ contained
    \ nextgroup=@ngxListenParams skipwhite skipempty
 syn keyword ngxListenOptions contained
-    \ default_server ssl quic proxy_protocol
+    \ default_server ssl http2 proxy_protocol
    \ setfib fastopen backlog rcvbuf sndbuf accept_filter deferred bind
    \ ipv6only reuseport so_keepalive
    \ nextgroup=@ngxListenParams skipwhite skipempty
 syn keyword ngxListenOptionsDeprecated contained
-    \ http2
+    \ spdy
    \ nextgroup=@ngxListenParams skipwhite skipempty
 syn cluster ngxListenParams
    \ contains=ngxListenParam,ngxListenString,ngxListenComment
@ -90,6 +90,7 @@ syn keyword ngxDirectiveBlock contained if
 syn keyword ngxDirectiveBlock contained geo
 syn keyword ngxDirectiveBlock contained map
 syn keyword ngxDirectiveBlock contained split_clients
 syn keyword ngxDirectiveBlock contained match
 syn keyword ngxDirectiveImportant contained include
 syn keyword ngxDirectiveImportant contained root
@ -112,6 +113,7 @@ syn keyword ngxDirectiveError contained post_action
 syn keyword ngxDirectiveDeprecated contained proxy_downstream_buffer
 syn keyword ngxDirectiveDeprecated contained proxy_upstream_buffer
 syn keyword ngxDirectiveDeprecated contained ssl
 syn keyword ngxDirectiveDeprecated contained http2_idle_timeout
 syn keyword ngxDirectiveDeprecated contained http2_max_field_size
 syn keyword ngxDirectiveDeprecated contained http2_max_header_size
@ -134,6 +136,7 @@ syn keyword ngxDirective contained alias
 syn keyword ngxDirective contained allow
 syn keyword ngxDirective contained ancient_browser
 syn keyword ngxDirective contained ancient_browser_value
 syn keyword ngxDirective contained api
 syn keyword ngxDirective contained auth_basic
 syn keyword ngxDirective contained auth_basic_user_file
 syn keyword ngxDirective contained auth_delay
@ -141,6 +144,15 @@ syn keyword ngxDirective contained auth_http
 syn keyword ngxDirective contained auth_http_header
 syn keyword ngxDirective contained auth_http_pass_client_cert
 syn keyword ngxDirective contained auth_http_timeout
 syn keyword ngxDirective contained auth_jwt
 syn keyword ngxDirective contained auth_jwt_claim_set
 syn keyword ngxDirective contained auth_jwt_header_set
 syn keyword ngxDirective contained auth_jwt_key_cache
 syn keyword ngxDirective contained auth_jwt_key_file
 syn keyword ngxDirective contained auth_jwt_key_request
 syn keyword ngxDirective contained auth_jwt_leeway
 syn keyword ngxDirective contained auth_jwt_require
 syn keyword ngxDirective contained auth_jwt_type
 syn keyword ngxDirective contained auth_request
 syn keyword ngxDirective contained auth_request_set
 syn keyword ngxDirective contained autoindex
@ -181,6 +193,8 @@ syn keyword ngxDirective contained error_log
 syn keyword ngxDirective contained etag
 syn keyword ngxDirective contained eventport_events
 syn keyword ngxDirective contained expires
 syn keyword ngxDirective contained f4f
 syn keyword ngxDirective contained f4f_buffer_size
 syn keyword ngxDirective contained fastcgi_bind
 syn keyword ngxDirective contained fastcgi_buffer_size
 syn keyword ngxDirective contained fastcgi_buffering
@ -197,6 +211,7 @@ syn keyword ngxDirective contained fastcgi_cache_max_range_offset
 syn keyword ngxDirective contained fastcgi_cache_methods
 syn keyword ngxDirective contained fastcgi_cache_min_uses
 syn keyword ngxDirective contained fastcgi_cache_path
 syn keyword ngxDirective contained fastcgi_cache_purge
 syn keyword ngxDirective contained fastcgi_cache_revalidate
 syn keyword ngxDirective contained fastcgi_cache_use_stale
 syn keyword ngxDirective contained fastcgi_cache_valid
@ -280,7 +295,14 @@ syn keyword ngxDirective contained gzip_types
 syn keyword ngxDirective contained gzip_vary
 syn keyword ngxDirective contained gzip_window
 syn keyword ngxDirective contained hash
-syn keyword ngxDirective contained http2
+syn keyword ngxDirective contained health_check
 syn keyword ngxDirective contained health_check_timeout
 syn keyword ngxDirective contained hls
 syn keyword ngxDirective contained hls_buffers
 syn keyword ngxDirective contained hls_forward_args
 syn keyword ngxDirective contained hls_fragment
 syn keyword ngxDirective contained hls_mp4_buffer_size
 syn keyword ngxDirective contained hls_mp4_max_buffer_size
 syn keyword ngxDirective contained http2_body_preread_size
 syn keyword ngxDirective contained http2_chunk_size
 syn keyword ngxDirective contained http2_max_concurrent_pushes
@ -290,10 +312,6 @@ syn keyword ngxDirective contained http2_push
 syn keyword ngxDirective contained http2_push_preload
 syn keyword ngxDirective contained http2_recv_buffer_size
 syn keyword ngxDirective contained http2_streams_index_size
 syn keyword ngxDirective contained http3
 syn keyword ngxDirective contained http3_hq
 syn keyword ngxDirective contained http3_max_concurrent_streams
 syn keyword ngxDirective contained http3_stream_buffer_size
 syn keyword ngxDirective contained if_modified_since
 syn keyword ngxDirective contained ignore_invalid_headers
 syn keyword ngxDirective contained image_filter
@ -324,20 +342,21 @@ syn keyword ngxDirective contained js_filter
 syn keyword ngxDirective contained js_header_filter
 syn keyword ngxDirective contained js_import
 syn keyword ngxDirective contained js_path
 syn keyword ngxDirective contained js_preload_object
 syn keyword ngxDirective contained js_preread
 syn keyword ngxDirective contained js_set
 syn keyword ngxDirective contained js_shared_dict_zone
 syn keyword ngxDirective contained js_var
 syn keyword ngxDirective contained keepalive
 syn keyword ngxDirective contained keepalive_disable
 syn keyword ngxDirective contained keepalive_requests
 syn keyword ngxDirective contained keepalive_time
 syn keyword ngxDirective contained keepalive_timeout
 syn keyword ngxDirective contained keyval
 syn keyword ngxDirective contained keyval_zone
 syn keyword ngxDirective contained kqueue_changes
 syn keyword ngxDirective contained kqueue_events
 syn keyword ngxDirective contained large_client_header_buffers
 syn keyword ngxDirective contained least_conn
 syn keyword ngxDirective contained least_time
 syn keyword ngxDirective contained limit_conn
 syn keyword ngxDirective contained limit_conn_dry_run
 syn keyword ngxDirective contained limit_conn_log_level
@ -381,11 +400,14 @@ syn keyword ngxDirective contained modern_browser
 syn keyword ngxDirective contained modern_browser_value
 syn keyword ngxDirective contained mp4
 syn keyword ngxDirective contained mp4_buffer_size
 syn keyword ngxDirective contained mp4_limit_rate
 syn keyword ngxDirective contained mp4_limit_rate_after
 syn keyword ngxDirective contained mp4_max_buffer_size
 syn keyword ngxDirective contained mp4_start_key_frame
 syn keyword ngxDirective contained msie_padding
 syn keyword ngxDirective contained msie_refresh
 syn keyword ngxDirective contained multi_accept
 syn keyword ngxDirective contained ntlm
 syn keyword ngxDirective contained open_file_cache
 syn keyword ngxDirective contained open_file_cache_errors
 syn keyword ngxDirective contained open_file_cache_events
@ -428,6 +450,7 @@ syn keyword ngxDirective contained proxy_cache_max_range_offset
 syn keyword ngxDirective contained proxy_cache_methods
 syn keyword ngxDirective contained proxy_cache_min_uses
 syn keyword ngxDirective contained proxy_cache_path
 syn keyword ngxDirective contained proxy_cache_purge
 syn keyword ngxDirective contained proxy_cache_revalidate
 syn keyword ngxDirective contained proxy_cache_use_stale
 syn keyword ngxDirective contained proxy_cache_valid
@ -465,6 +488,7 @@ syn keyword ngxDirective contained proxy_requests
 syn keyword ngxDirective contained proxy_responses
 syn keyword ngxDirective contained proxy_send_lowat
 syn keyword ngxDirective contained proxy_send_timeout
 syn keyword ngxDirective contained proxy_session_drop
 syn keyword ngxDirective contained proxy_set_body
 syn keyword ngxDirective contained proxy_set_header
 syn keyword ngxDirective contained proxy_smtp_auth
@ -489,11 +513,7 @@ syn keyword ngxDirective contained proxy_temp_file_write_size
 syn keyword ngxDirective contained proxy_temp_path
 syn keyword ngxDirective contained proxy_timeout
 syn keyword ngxDirective contained proxy_upload_rate
-syn keyword ngxDirective contained quic_active_connection_id_limit
+syn keyword ngxDirective contained queue
 syn keyword ngxDirective contained quic_bpf
 syn keyword ngxDirective contained quic_gso
 syn keyword ngxDirective contained quic_host_key
 syn keyword ngxDirective contained quic_retry
 syn keyword ngxDirective contained random
 syn keyword ngxDirective contained random_index
 syn keyword ngxDirective contained read_ahead
@ -524,6 +544,7 @@ syn keyword ngxDirective contained scgi_cache_max_range_offset
 syn keyword ngxDirective contained scgi_cache_methods
 syn keyword ngxDirective contained scgi_cache_min_uses
 syn keyword ngxDirective contained scgi_cache_path
 syn keyword ngxDirective contained scgi_cache_purge
 syn keyword ngxDirective contained scgi_cache_revalidate
 syn keyword ngxDirective contained scgi_cache_use_stale
 syn keyword ngxDirective contained scgi_cache_valid
@ -562,6 +583,9 @@ syn keyword ngxDirective contained server_name_in_redirect
 syn keyword ngxDirective contained server_names_hash_bucket_size
 syn keyword ngxDirective contained server_names_hash_max_size
 syn keyword ngxDirective contained server_tokens
 syn keyword ngxDirective contained session_log
 syn keyword ngxDirective contained session_log_format
 syn keyword ngxDirective contained session_log_zone
 syn keyword ngxDirective contained set_real_ip_from
 syn keyword ngxDirective contained slice
 syn keyword ngxDirective contained smtp_auth
@ -609,6 +633,11 @@ syn keyword ngxDirective contained ssl_trusted_certificate
 syn keyword ngxDirective contained ssl_verify_client
 syn keyword ngxDirective contained ssl_verify_depth
 syn keyword ngxDirective contained starttls
 syn keyword ngxDirective contained state
 syn keyword ngxDirective contained status
 syn keyword ngxDirective contained status_format
 syn keyword ngxDirective contained status_zone
 syn keyword ngxDirective contained sticky
 syn keyword ngxDirective contained stub_status
 syn keyword ngxDirective contained sub_filter
 syn keyword ngxDirective contained sub_filter_last_modified
@ -651,6 +680,7 @@ syn keyword ngxDirective contained uwsgi_cache_max_range_offset
 syn keyword ngxDirective contained uwsgi_cache_methods
 syn keyword ngxDirective contained uwsgi_cache_min_uses
 syn keyword ngxDirective contained uwsgi_cache_path
 syn keyword ngxDirective contained uwsgi_cache_purge
 syn keyword ngxDirective contained uwsgi_cache_revalidate
 syn keyword ngxDirective contained uwsgi_cache_use_stale
 syn keyword ngxDirective contained uwsgi_cache_valid
@ -714,62 +744,6 @@ syn keyword ngxDirective contained xslt_string_param
 syn keyword ngxDirective contained xslt_stylesheet
 syn keyword ngxDirective contained xslt_types
 syn keyword ngxDirective contained zone
 " nginx-plus commercial extensions directives
 syn keyword ngxDirectiveBlock contained match
 syn keyword ngxDirectiveBlock contained otel_exporter
 syn keyword ngxDirective contained api
 syn keyword ngxDirective contained auth_jwt
 syn keyword ngxDirective contained auth_jwt_claim_set
 syn keyword ngxDirective contained auth_jwt_header_set
 syn keyword ngxDirective contained auth_jwt_key_cache
 syn keyword ngxDirective contained auth_jwt_key_file
 syn keyword ngxDirective contained auth_jwt_key_request
 syn keyword ngxDirective contained auth_jwt_leeway
 syn keyword ngxDirective contained auth_jwt_require
 syn keyword ngxDirective contained auth_jwt_type
 syn keyword ngxDirective contained f4f
 syn keyword ngxDirective contained f4f_buffer_size
 syn keyword ngxDirective contained fastcgi_cache_purge
 syn keyword ngxDirective contained health_check
 syn keyword ngxDirective contained health_check_timeout
 syn keyword ngxDirective contained hls
 syn keyword ngxDirective contained hls_buffers
 syn keyword ngxDirective contained hls_forward_args
 syn keyword ngxDirective contained hls_fragment
 syn keyword ngxDirective contained hls_mp4_buffer_size
 syn keyword ngxDirective contained hls_mp4_max_buffer_size
 syn keyword ngxDirective contained internal_redirect
 syn keyword ngxDirective contained keyval
 syn keyword ngxDirective contained keyval_zone
 syn keyword ngxDirective contained least_time
 syn keyword ngxDirective contained mp4_limit_rate
 syn keyword ngxDirective contained mp4_limit_rate_after
 syn keyword ngxDirective contained mqtt
 syn keyword ngxDirective contained mqtt_preread
 syn keyword ngxDirective contained mqtt_rewrite_buffer_size
 syn keyword ngxDirective contained mqtt_set_connect
 syn keyword ngxDirective contained ntlm
 syn keyword ngxDirective contained otel_service_name
 syn keyword ngxDirective contained otel_span_attr
 syn keyword ngxDirective contained otel_span_name
 syn keyword ngxDirective contained otel_trace
 syn keyword ngxDirective contained otel_trace_context
 syn keyword ngxDirective contained proxy_cache_purge
 syn keyword ngxDirective contained proxy_session_drop
 syn keyword ngxDirective contained queue
 syn keyword ngxDirective contained scgi_cache_purge
 syn keyword ngxDirective contained session_log
 syn keyword ngxDirective contained session_log_format
 syn keyword ngxDirective contained session_log_zone
 syn keyword ngxDirective contained state
 syn keyword ngxDirective contained status
 syn keyword ngxDirective contained status_format
 syn keyword ngxDirective contained status_zone
 syn keyword ngxDirective contained sticky
 syn keyword ngxDirective contained uwsgi_cache_purge
 syn keyword ngxDirective contained zone_sync
 syn keyword ngxDirective contained zone_sync_buffers
 syn keyword ngxDirective contained zone_sync_connect_retry_interval
@ -792,6 +766,7 @@ syn keyword ngxDirective contained zone_sync_ssl_verify
 syn keyword ngxDirective contained zone_sync_ssl_verify_depth
 syn keyword ngxDirective contained zone_sync_timeout
 " 3rd party modules list taken from
 " https://github.com/freebsd/freebsd-ports/blob/main/www/nginx-devel/Makefile.extmod
 " ----------------------------------------------------------------------------------
@ -862,6 +837,52 @@ syn keyword ngxDirectiveThirdParty contained brotli_window
 " https://github.com/torden/ngx_cache_purge
 syn keyword ngxDirectiveThirdParty contained cache_purge_response_type
 " https://github.com/nginx-clojure/nginx-clojure
 syn keyword ngxDirectiveThirdParty contained access_handler_code
 syn keyword ngxDirectiveThirdParty contained access_handler_name
 syn keyword ngxDirectiveThirdParty contained access_handler_property
 syn keyword ngxDirectiveThirdParty contained access_handler_type
 syn keyword ngxDirectiveThirdParty contained always_read_body
 syn keyword ngxDirectiveThirdParty contained auto_upgrade_ws
 syn keyword ngxDirectiveThirdParty contained body_filter_code
 syn keyword ngxDirectiveThirdParty contained body_filter_name
 syn keyword ngxDirectiveThirdParty contained body_filter_property
 syn keyword ngxDirectiveThirdParty contained body_filter_type
 syn keyword ngxDirectiveThirdParty contained content_handler_code
 syn keyword ngxDirectiveThirdParty contained content_handler_name
 syn keyword ngxDirectiveThirdParty contained content_handler_property
 syn keyword ngxDirectiveThirdParty contained content_handler_type
 syn keyword ngxDirectiveThirdParty contained handler_code
 syn keyword ngxDirectiveThirdParty contained handler_name
 syn keyword ngxDirectiveThirdParty contained handler_type
 syn keyword ngxDirectiveThirdParty contained handlers_lazy_init
 syn keyword ngxDirectiveThirdParty contained header_filter_code
 syn keyword ngxDirectiveThirdParty contained header_filter_name
 syn keyword ngxDirectiveThirdParty contained header_filter_property
 syn keyword ngxDirectiveThirdParty contained header_filter_type
 syn keyword ngxDirectiveThirdParty contained jvm_classpath
 syn keyword ngxDirectiveThirdParty contained jvm_classpath_check
 syn keyword ngxDirectiveThirdParty contained jvm_exit_handler_code
 syn keyword ngxDirectiveThirdParty contained jvm_exit_handler_name
 syn keyword ngxDirectiveThirdParty contained jvm_handler_type
 syn keyword ngxDirectiveThirdParty contained jvm_init_handler_code
 syn keyword ngxDirectiveThirdParty contained jvm_init_handler_name
 syn keyword ngxDirectiveThirdParty contained jvm_options
 syn keyword ngxDirectiveThirdParty contained jvm_path
 syn keyword ngxDirectiveThirdParty contained jvm_var
 syn keyword ngxDirectiveThirdParty contained jvm_workers
 syn keyword ngxDirectiveThirdParty contained log_handler_code
 syn keyword ngxDirectiveThirdParty contained log_handler_name
 syn keyword ngxDirectiveThirdParty contained log_handler_property
 syn keyword ngxDirectiveThirdParty contained log_handler_type
 syn keyword ngxDirectiveThirdParty contained max_balanced_tcp_connections
 syn keyword ngxDirectiveThirdParty contained rewrite_handler_code
 syn keyword ngxDirectiveThirdParty contained rewrite_handler_name
 syn keyword ngxDirectiveThirdParty contained rewrite_handler_property
 syn keyword ngxDirectiveThirdParty contained rewrite_handler_type
 syn keyword ngxDirectiveThirdParty contained shared_map
 syn keyword ngxDirectiveThirdParty contained write_page_size
 " https://github.com/AirisX/nginx_cookie_flag_module
 syn keyword ngxDirectiveThirdParty contained set_cookie_flag
@ -911,6 +932,29 @@ syn keyword ngxDirectiveThirdParty contained dns_update
 syn keyword ngxDirectiveThirdParty contained dynamic_state_file
 syn keyword ngxDirectiveThirdParty contained dynamic_upstream
 " https://github.com/ZigzagAK/ngx_dynamic_healthcheck
 syn keyword ngxDirectiveThirdParty contained check
 syn keyword ngxDirectiveThirdParty contained check_disable_host
 syn keyword ngxDirectiveThirdParty contained check_exclude_host
 syn keyword ngxDirectiveThirdParty contained check_persistent
 syn keyword ngxDirectiveThirdParty contained check_request_body
 syn keyword ngxDirectiveThirdParty contained check_request_headers
 syn keyword ngxDirectiveThirdParty contained check_request_uri
 syn keyword ngxDirectiveThirdParty contained check_response_body
 syn keyword ngxDirectiveThirdParty contained check_response_codes
 syn keyword ngxDirectiveThirdParty contained healthcheck
 syn keyword ngxDirectiveThirdParty contained healthcheck_buffer_size
 syn keyword ngxDirectiveThirdParty contained healthcheck_disable_host
 syn keyword ngxDirectiveThirdParty contained healthcheck_get
 syn keyword ngxDirectiveThirdParty contained healthcheck_persistent
 syn keyword ngxDirectiveThirdParty contained healthcheck_request_body
 syn keyword ngxDirectiveThirdParty contained healthcheck_request_headers
 syn keyword ngxDirectiveThirdParty contained healthcheck_request_uri
 syn keyword ngxDirectiveThirdParty contained healthcheck_response_body
 syn keyword ngxDirectiveThirdParty contained healthcheck_response_codes
 syn keyword ngxDirectiveThirdParty contained healthcheck_status
 syn keyword ngxDirectiveThirdParty contained healthcheck_update
 " https://github.com/openresty/encrypted-session-nginx-module
 syn keyword ngxDirectiveThirdParty contained encrypted_session_expires
 syn keyword ngxDirectiveThirdParty contained encrypted_session_iv
@ -960,7 +1004,6 @@ syn keyword ngxDirectiveThirdParty contained auth_gss_map_to_local
 syn keyword ngxDirectiveThirdParty contained auth_gss_realm
 syn keyword ngxDirectiveThirdParty contained auth_gss_service_ccache
 syn keyword ngxDirectiveThirdParty contained auth_gss_service_name
 syn keyword ngxDirectiveThirdParty contained auth_gss_zone_name
 " https://github.com/kvspb/nginx-auth-ldap
 syn keyword ngxDirectiveThirdParty contained auth_ldap
@ -990,7 +1033,6 @@ syn keyword ngxDirectiveThirdParty contained eval_subrequest_in_memory
 " https://github.com/aperezdc/ngx-fancyindex
 syn keyword ngxDirectiveThirdParty contained fancyindex
 syn keyword ngxDirectiveThirdParty contained fancyindex_case_sensitive
 syn keyword ngxDirectiveThirdParty contained fancyindex_css_href
 syn keyword ngxDirectiveThirdParty contained fancyindex_default_sort
 syn keyword ngxDirectiveThirdParty contained fancyindex_directories_first
@ -1079,7 +1121,6 @@ syn keyword ngxDirectiveThirdParty contained nchan_publisher_upstream_request
 syn keyword ngxDirectiveThirdParty contained nchan_pubsub
 syn keyword ngxDirectiveThirdParty contained nchan_pubsub_channel_id
 syn keyword ngxDirectiveThirdParty contained nchan_pubsub_location
 syn keyword ngxDirectiveThirdParty contained nchan_redis_accurate_subscriber_count
 syn keyword ngxDirectiveThirdParty contained nchan_redis_cluster_check_interval
 syn keyword ngxDirectiveThirdParty contained nchan_redis_cluster_check_interval_backoff
 syn keyword ngxDirectiveThirdParty contained nchan_redis_cluster_check_interval_jitter
@ -1097,11 +1138,6 @@ syn keyword ngxDirectiveThirdParty contained nchan_redis_connect_timeout
 syn keyword ngxDirectiveThirdParty contained nchan_redis_discovered_ip_range_blacklist
 syn keyword ngxDirectiveThirdParty contained nchan_redis_fakesub_timer_interval
 syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_cache_timeout
 syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_keepalive_backoff
 syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_keepalive_jitter
 syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_keepalive_max
 syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_keepalive_min
 syn keyword ngxDirectiveThirdParty contained nchan_redis_idle_channel_keepalive_safety_margin
 syn keyword ngxDirectiveThirdParty contained nchan_redis_load_scripts_unconditionally
 syn keyword ngxDirectiveThirdParty contained nchan_redis_namespace
 syn keyword ngxDirectiveThirdParty contained nchan_redis_node_connect_timeout
@ -1137,9 +1173,6 @@ syn keyword ngxDirectiveThirdParty contained nchan_redis_tls_server_name
 syn keyword ngxDirectiveThirdParty contained nchan_redis_tls_trusted_certificate
 syn keyword ngxDirectiveThirdParty contained nchan_redis_tls_trusted_certificate_path
 syn keyword ngxDirectiveThirdParty contained nchan_redis_tls_verify_certificate
 syn keyword ngxDirectiveThirdParty contained nchan_redis_upstream_stats
 syn keyword ngxDirectiveThirdParty contained nchan_redis_upstream_stats_disconnected_timeout
 syn keyword ngxDirectiveThirdParty contained nchan_redis_upstream_stats_enabled
 syn keyword ngxDirectiveThirdParty contained nchan_redis_url
 syn keyword ngxDirectiveThirdParty contained nchan_redis_username
 syn keyword ngxDirectiveThirdParty contained nchan_redis_wait_after_connecting
@ -1290,7 +1323,6 @@ syn keyword ngxDirectiveThirdParty contained upload_progress_jsonp_parameter
 syn keyword ngxDirectiveThirdParty contained upload_progress_template
 " https://github.com/yaoweibin/nginx_upstream_check_module
 syn keyword ngxDirectiveThirdParty contained check
 syn keyword ngxDirectiveThirdParty contained check_fastcgi_param
 syn keyword ngxDirectiveThirdParty contained check_http_expect_alive
 syn keyword ngxDirectiveThirdParty contained check_http_send
@ -1303,7 +1335,6 @@ syn keyword ngxDirectiveThirdParty contained fair
 syn keyword ngxDirectiveThirdParty contained upstream_fair_shm_size
 " https://github.com/ayty-adrianomartins/nginx-sticky-module-ng
 syn keyword ngxDirectiveThirdParty contained sticky_hide_cookie
 syn keyword ngxDirectiveThirdParty contained sticky_no_fallback
 " https://github.com/Novetta/nginx-video-thumbextractor-module
@ -1390,8 +1421,6 @@ syn keyword ngxDirectiveThirdParty contained lua_socket_pool_size
 syn keyword ngxDirectiveThirdParty contained lua_socket_read_timeout
 syn keyword ngxDirectiveThirdParty contained lua_socket_send_lowat
 syn keyword ngxDirectiveThirdParty contained lua_socket_send_timeout
 syn keyword ngxDirectiveThirdParty contained lua_ssl_certificate
 syn keyword ngxDirectiveThirdParty contained lua_ssl_certificate_key
 syn keyword ngxDirectiveThirdParty contained lua_ssl_ciphers
 syn keyword ngxDirectiveThirdParty contained lua_ssl_conf_command
 syn keyword ngxDirectiveThirdParty contained lua_ssl_crl
@ -1805,6 +1834,16 @@ syn keyword ngxDirectiveThirdParty contained slowfs_cache_purge
 syn keyword ngxDirectiveThirdParty contained slowfs_cache_valid
 syn keyword ngxDirectiveThirdParty contained slowfs_temp_path
 " https://github.com/kawakibi/ngx_small_light
 syn keyword ngxDirectiveThirdParty contained small_light
 syn keyword ngxDirectiveThirdParty contained small_light_buffer
 syn keyword ngxDirectiveThirdParty contained small_light_getparam_mode
 syn keyword ngxDirectiveThirdParty contained small_light_imlib2_temp_dir
 syn keyword ngxDirectiveThirdParty contained small_light_material_dir
 syn keyword ngxDirectiveThirdParty contained small_light_pattern_define
 syn keyword ngxDirectiveThirdParty contained small_light_radius_max
 syn keyword ngxDirectiveThirdParty contained small_light_sigma_max
 " https://github.com/openresty/srcache-nginx-module
 syn keyword ngxDirectiveThirdParty contained srcache_buffer
 syn keyword ngxDirectiveThirdParty contained srcache_default_expire
@ -1941,14 +1980,6 @@ syn keyword ngxDirectiveThirdParty contained websockify_pass
 syn keyword ngxDirectiveThirdParty contained websockify_read_timeout
 syn keyword ngxDirectiveThirdParty contained websockify_send_timeout
 " https://github.com/vozlt/nginx-module-sts
 syn keyword ngxDirectiveThirdParty contained stream_server_traffic_status
 syn keyword ngxDirectiveThirdParty contained stream_server_traffic_status_average_method
 syn keyword ngxDirectiveThirdParty contained stream_server_traffic_status_display
 syn keyword ngxDirectiveThirdParty contained stream_server_traffic_status_display_format
 syn keyword ngxDirectiveThirdParty contained stream_server_traffic_status_display_jsonp
 syn keyword ngxDirectiveThirdParty contained stream_server_traffic_status_zone
 " highlight
 hi def link ngxComment Comment
--- a/docs/text/LICENSE
+++ b/docs/text/LICENSE
@ -0,0 +1,26 @@
 /* 
 * Copyright (C) 2002-2021 Igor Sysoev
 * Copyright (C) 2011-2022 Nginx, Inc.
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 *
 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 * SUCH DAMAGE.
 */
--- a/docs/text/README
+++ b/docs/text/README
@ -0,0 +1,3 @@
 Documentation is available at http://nginx.org
--- a/docs/xml/nginx/changes.xml
+++ b/docs/xml/nginx/changes.xml
--- a/misc/GNUmakefile
+++ b/misc/GNUmakefile
@ -6,15 +6,17 @@ TEMP =		tmp
 CC =		cl
 OBJS =		objs.msvc8
-OPENSSL =	openssl-3.5.4
+OPENSSL =	openssl-1.1.1p
-ZLIB =		zlib-1.3.1
+ZLIB =		zlib-1.2.12
-PCRE =		pcre2-10.46
+PCRE =		pcre2-10.39
 release: export
 	mv $(TEMP)/$(NGINX)/auto/configure $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/text/LICENSE $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/text/README $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/html $(TEMP)/$(NGINX)
 	mv $(TEMP)/$(NGINX)/docs/man $(TEMP)/$(NGINX)
@ -28,12 +30,12 @@ release: export
 export:
 	rm -rf $(TEMP)
-	git archive --prefix=$(TEMP)/$(NGINX)/ HEAD | tar -x -f - --exclude '.git*'
+	hg archive -X '.hg*' $(TEMP)/$(NGINX)
 RELEASE:
-	git commit -m nginx-$(VER)-RELEASE
+	hg ci -m nginx-$(VER)-RELEASE
-	git tag -m "release-$(VER) tag" release-$(VER)
+	hg tag -m "release-$(VER) tag" release-$(VER)
 	$(MAKE) -f misc/GNUmakefile release
@ -73,11 +75,8 @@ win32:
 		--with-http_slice_module				\
 		--with-mail						\
 		--with-stream						\
 		--with-stream_realip_module				\
 		--with-stream_ssl_preread_module			\
 		--with-openssl=$(OBJS)/lib/$(OPENSSL)			\
-		--with-openssl-opt="no-asm no-tests no-makedepend	\
+		--with-openssl-opt="no-asm no-tests -D_WIN32_WINNT=0x0501" \
 			-D_WIN32_WINNT=0x0501"				\
 		--with-http_ssl_module					\
 		--with-mail_ssl_module					\
 		--with-stream_ssl_module
@ -92,11 +91,8 @@ zip: export
 	sed -i '' -e "s/$$/`printf '\r'`/" $(TEMP)/$(NGINX)/conf/*
-	mv $(TEMP)/$(NGINX)/LICENSE $(TEMP)/$(NGINX)/docs.new
+	mv $(TEMP)/$(NGINX)/docs/text/LICENSE $(TEMP)/$(NGINX)/docs.new
-	mv $(TEMP)/$(NGINX)/README.md $(TEMP)/$(NGINX)/docs.new
+	mv $(TEMP)/$(NGINX)/docs/text/README $(TEMP)/$(NGINX)/docs.new
 	mv $(TEMP)/$(NGINX)/CODE_OF_CONDUCT.md $(TEMP)/$(NGINX)/docs.new
 	mv $(TEMP)/$(NGINX)/CONTRIBUTING.md $(TEMP)/$(NGINX)/docs.new
 	mv $(TEMP)/$(NGINX)/SECURITY.md $(TEMP)/$(NGINX)/docs.new
 	mv $(TEMP)/$(NGINX)/docs/html $(TEMP)/$(NGINX)
 	rm -r $(TEMP)/$(NGINX)/docs
@ -107,10 +103,10 @@ zip: export
 	$(MAKE) -f docs/GNUmakefile changes
 	mv $(TEMP)/$(NGINX)/CHANGES* $(TEMP)/$(NGINX)/docs/
-	cp -p $(OBJS)/lib/$(OPENSSL)/LICENSE.txt			\
+	cp -p $(OBJS)/lib/$(OPENSSL)/LICENSE				\
 		$(TEMP)/$(NGINX)/docs/OpenSSL.LICENSE
-	cp -p $(OBJS)/lib/$(PCRE)/LICENCE.md				\
+	cp -p $(OBJS)/lib/$(PCRE)/LICENCE				\
 		$(TEMP)/$(NGINX)/docs/PCRE.LICENCE
 	sed -ne '/^ (C) 1995-20/,/^  jloup@gzip\.org/p'			\
--- a/misc/README
+++ b/misc/README
@ -3,7 +3,7 @@ make -f misc/GNUmakefile release
 the required tools:
 *) xsltproc to build CHANGES,
-*) xslscript.pl ( https://github.com/nginx/xslscript ) to build XSLTs
+*) xslscript.pl ( http://hg.nginx.org/xslscript ) to build XSLTs
   from XSLScript sources.
--- a/src/core/nginx.c
+++ b/src/core/nginx.c
@ -13,7 +13,6 @@
 static void ngx_show_version_info(void);
 static ngx_int_t ngx_add_inherited_sockets(ngx_cycle_t *cycle);
 static void ngx_cleanup_environment(void *data);
 static void ngx_cleanup_environment_variable(void *data);
 static ngx_int_t ngx_get_options(int argc, char *const *argv);
 static ngx_int_t ngx_process_options(ngx_cycle_t *cycle);
 static ngx_int_t ngx_save_argv(ngx_cycle_t *cycle, int argc, char *const *argv);
@ -519,8 +518,7 @@ ngx_add_inherited_sockets(ngx_cycle_t *cycle)
 char **
 ngx_set_environment(ngx_cycle_t *cycle, ngx_uint_t *last)
 {
-    char                **p, **env, *str;
+    char                **p, **env;
    size_t                len;
    ngx_str_t            *var;
    ngx_uint_t            i, n;
    ngx_core_conf_t      *ccf;
@ -602,34 +600,10 @@ tz_found:
    for (i = 0; i < ccf->env.nelts; i++) {
        if (var[i].data[var[i].len] == '=') {
            if (last) {
            env[n++] = (char *) var[i].data;
            continue;
        }
            cln = ngx_pool_cleanup_add(cycle->pool, 0);
            if (cln == NULL) {
                return NULL;
            }
            len = ngx_strlen(var[i].data) + 1;
            str = ngx_alloc(len, cycle->log);
            if (str == NULL) {
                return NULL;
            }
            ngx_memcpy(str, var[i].data, len);
            cln->handler = ngx_cleanup_environment_variable;
            cln->data = str;
            env[n++] = str;
            continue;
        }
        for (p = ngx_os_environ; *p; p++) {
            if (ngx_strncmp(*p, var[i].data, var[i].len) == 0
@ -671,29 +645,6 @@ ngx_cleanup_environment(void *data)
 }
 static void
 ngx_cleanup_environment_variable(void *data)
 {
    char  *var = data;
    char  **p;
    for (p = environ; *p; p++) {
        /*
         * if an environment variable is still used, as it happens on exit,
         * the only option is to leak it
         */
        if (*p == var) {
            return;
        }
    }
    ngx_free(var);
 }
 ngx_pid_t
 ngx_exec_new_binary(ngx_cycle_t *cycle, char *const *argv)
 {
@ -729,9 +680,6 @@ ngx_exec_new_binary(ngx_cycle_t *cycle, char *const *argv)
    ls = cycle->listening.elts;
    for (i = 0; i < cycle->listening.nelts; i++) {
        if (ls[i].ignore) {
            continue;
        }
        p = ngx_sprintf(p, "%ud;", ls[i].fd);
    }
--- a/src/core/nginx.h
+++ b/src/core/nginx.h
@ -9,8 +9,8 @@
 #define _NGINX_H_INCLUDED_
-#define nginx_version      1029005
+#define nginx_version      1023000
-#define NGINX_VERSION      "1.29.5"
+#define NGINX_VERSION      "1.23.0"
 #define NGINX_VER          "nginx/" NGINX_VERSION
 #ifdef NGX_BUILD
--- a/src/core/ngx_bpf.c
+++ b/src/core/ngx_bpf.c
@ -1,143 +0,0 @@
 /*
 * Copyright (C) Nginx, Inc.
 */
 #include <ngx_config.h>
 #include <ngx_core.h>
 #define NGX_BPF_LOGBUF_SIZE  (16 * 1024)
 static ngx_inline int
 ngx_bpf(enum bpf_cmd cmd, union bpf_attr *attr, unsigned int size)
 {
    return syscall(__NR_bpf, cmd, attr, size);
 }
 void
 ngx_bpf_program_link(ngx_bpf_program_t *program, const char *symbol, int fd)
 {
    ngx_uint_t        i;
    ngx_bpf_reloc_t  *rl;
    rl = program->relocs;
    for (i = 0; i < program->nrelocs; i++) {
        if (ngx_strcmp(rl[i].name, symbol) == 0) {
            program->ins[rl[i].offset].src_reg = 1;
            program->ins[rl[i].offset].imm = fd;
        }
    }
 }
 int
 ngx_bpf_load_program(ngx_log_t *log, ngx_bpf_program_t *program)
 {
    int             fd;
    union bpf_attr  attr;
 #if (NGX_DEBUG)
    char            buf[NGX_BPF_LOGBUF_SIZE];
 #endif
    ngx_memzero(&attr, sizeof(union bpf_attr));
    attr.license = (uintptr_t) program->license;
    attr.prog_type = program->type;
    attr.insns = (uintptr_t) program->ins;
    attr.insn_cnt = program->nins;
 #if (NGX_DEBUG)
    /* for verifier errors */
    attr.log_buf = (uintptr_t) buf;
    attr.log_size = NGX_BPF_LOGBUF_SIZE;
    attr.log_level = 1;
 #endif
    fd = ngx_bpf(BPF_PROG_LOAD, &attr, sizeof(attr));
    if (fd < 0) {
        ngx_log_error(NGX_LOG_ALERT, log, ngx_errno,
                      "failed to load BPF program");
        ngx_log_debug1(NGX_LOG_DEBUG_CORE, log, 0,
                       "bpf verifier: %s", buf);
        return -1;
    }
    return fd;
 }
 int
 ngx_bpf_map_create(ngx_log_t *log, enum bpf_map_type type, int key_size,
    int value_size, int max_entries, uint32_t map_flags)
 {
    int             fd;
    union bpf_attr  attr;
    ngx_memzero(&attr, sizeof(union bpf_attr));
    attr.map_type = type;
    attr.key_size = key_size;
    attr.value_size = value_size;
    attr.max_entries = max_entries;
    attr.map_flags = map_flags;
    fd = ngx_bpf(BPF_MAP_CREATE, &attr, sizeof(attr));
    if (fd < 0) {
        ngx_log_error(NGX_LOG_ALERT, log, ngx_errno,
                      "failed to create BPF map");
        return NGX_ERROR;
    }
    return fd;
 }
 int
 ngx_bpf_map_update(int fd, const void *key, const void *value, uint64_t flags)
 {
    union bpf_attr attr;
    ngx_memzero(&attr, sizeof(union bpf_attr));
    attr.map_fd = fd;
    attr.key = (uintptr_t) key;
    attr.value = (uintptr_t) value;
    attr.flags = flags;
    return ngx_bpf(BPF_MAP_UPDATE_ELEM, &attr, sizeof(attr));
 }
 int
 ngx_bpf_map_delete(int fd, const void *key)
 {
    union bpf_attr attr;
    ngx_memzero(&attr, sizeof(union bpf_attr));
    attr.map_fd = fd;
    attr.key = (uintptr_t) key;
    return ngx_bpf(BPF_MAP_DELETE_ELEM, &attr, sizeof(attr));
 }
 int
 ngx_bpf_map_lookup(int fd, const void *key, void *value)
 {
    union bpf_attr attr;
    ngx_memzero(&attr, sizeof(union bpf_attr));
    attr.map_fd = fd;
    attr.key = (uintptr_t) key;
    attr.value = (uintptr_t) value;
    return ngx_bpf(BPF_MAP_LOOKUP_ELEM, &attr, sizeof(attr));
 }
--- a/src/core/ngx_bpf.h
+++ b/src/core/ngx_bpf.h
@ -1,43 +0,0 @@
 /*
 * Copyright (C) Nginx, Inc.
 */
 #ifndef _NGX_BPF_H_INCLUDED_
 #define _NGX_BPF_H_INCLUDED_
 #include <ngx_config.h>
 #include <ngx_core.h>
 #include <linux/bpf.h>
 typedef struct {
    char                *name;
    int                  offset;
 } ngx_bpf_reloc_t;
 typedef struct {
    char                *license;
    enum bpf_prog_type   type;
    struct bpf_insn     *ins;
    size_t               nins;
    ngx_bpf_reloc_t     *relocs;
    size_t               nrelocs;
 } ngx_bpf_program_t;
 void ngx_bpf_program_link(ngx_bpf_program_t *program, const char *symbol,
    int fd);
 int ngx_bpf_load_program(ngx_log_t *log, ngx_bpf_program_t *program);
 int ngx_bpf_map_create(ngx_log_t *log, enum bpf_map_type type, int key_size,
    int value_size, int max_entries, uint32_t map_flags);
 int ngx_bpf_map_update(int fd, const void *key, const void *value,
    uint64_t flags);
 int ngx_bpf_map_delete(int fd, const void *key);
 int ngx_bpf_map_lookup(int fd, const void *key, void *value);
 #endif /* _NGX_BPF_H_INCLUDED_ */
--- a/src/core/ngx_config.h
+++ b/src/core/ngx_config.h
@ -94,7 +94,7 @@ typedef intptr_t        ngx_flag_t;
 #ifndef NGX_ALIGNMENT
-#define NGX_ALIGNMENT   sizeof(uintptr_t)    /* platform word */
+#define NGX_ALIGNMENT   sizeof(unsigned long)    /* platform word */
 #endif
 #define ngx_align(d, a)     (((d) + (a - 1)) & ~(a - 1))
--- a/src/core/ngx_connection.c
+++ b/src/core/ngx_connection.c
@ -660,7 +660,7 @@ ngx_open_listening_sockets(ngx_cycle_t *cycle)
                /*
                 * on OpenVZ after suspend/resume EADDRINUSE
                 * may be returned by listen() instead of bind(), see
-                 * https://bugs.openvz.org/browse/OVZ-5587
+                 * https://bugzilla.openvz.org/show_bug.cgi?id=2470
                 */
                if (err != NGX_EADDRINUSE || !ngx_test_config) {
@ -765,8 +765,6 @@ ngx_configure_listening_sockets(ngx_cycle_t *cycle)
 #if (NGX_HAVE_KEEPALIVE_TUNABLE)
 #if !(NGX_DARWIN)
        if (ls[i].keepidle) {
            value = ls[i].keepidle;
@ -784,8 +782,6 @@ ngx_configure_listening_sockets(ngx_cycle_t *cycle)
            }
        }
 #endif
        if (ls[i].keepintvl) {
            value = ls[i].keepintvl;
@ -1017,78 +1013,6 @@ ngx_configure_listening_sockets(ngx_cycle_t *cycle)
            }
        }
 #endif
 #if (NGX_HAVE_IP_MTU_DISCOVER)
        if (ls[i].quic && ls[i].sockaddr->sa_family == AF_INET) {
            value = IP_PMTUDISC_DO;
            if (setsockopt(ls[i].fd, IPPROTO_IP, IP_MTU_DISCOVER,
                           (const void *) &value, sizeof(int))
                == -1)
            {
                ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_socket_errno,
                              "setsockopt(IP_MTU_DISCOVER) "
                              "for %V failed, ignored",
                              &ls[i].addr_text);
            }
        }
 #elif (NGX_HAVE_IP_DONTFRAG)
        if (ls[i].quic && ls[i].sockaddr->sa_family == AF_INET) {
            value = 1;
            if (setsockopt(ls[i].fd, IPPROTO_IP, IP_DONTFRAG,
                           (const void *) &value, sizeof(int))
                == -1)
            {
                ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_socket_errno,
                              "setsockopt(IP_DONTFRAG) "
                              "for %V failed, ignored",
                              &ls[i].addr_text);
            }
        }
 #endif
 #if (NGX_HAVE_INET6)
 #if (NGX_HAVE_IPV6_MTU_DISCOVER)
        if (ls[i].quic && ls[i].sockaddr->sa_family == AF_INET6) {
            value = IPV6_PMTUDISC_DO;
            if (setsockopt(ls[i].fd, IPPROTO_IPV6, IPV6_MTU_DISCOVER,
                           (const void *) &value, sizeof(int))
                == -1)
            {
                ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_socket_errno,
                              "setsockopt(IPV6_MTU_DISCOVER) "
                              "for %V failed, ignored",
                              &ls[i].addr_text);
            }
        }
 #elif (NGX_HAVE_IP_DONTFRAG)
        if (ls[i].quic && ls[i].sockaddr->sa_family == AF_INET6) {
            value = 1;
            if (setsockopt(ls[i].fd, IPPROTO_IPV6, IPV6_DONTFRAG,
                           (const void *) &value, sizeof(int))
                == -1)
            {
                ngx_log_error(NGX_LOG_ALERT, cycle->log, ngx_socket_errno,
                              "setsockopt(IPV6_DONTFRAG) "
                              "for %V failed, ignored",
                              &ls[i].addr_text);
            }
        }
 #endif
 #endif
    }
@ -1113,12 +1037,6 @@ ngx_close_listening_sockets(ngx_cycle_t *cycle)
    ls = cycle->listening.elts;
    for (i = 0; i < cycle->listening.nelts; i++) {
 #if (NGX_QUIC)
        if (ls[i].quic) {
            continue;
        }
 #endif
        c = ls[i].connection;
        if (c) {
@ -1587,10 +1505,6 @@ ngx_connection_error(ngx_connection_t *c, ngx_err_t err, char *text)
    }
 #endif
    if (err == NGX_EMSGSIZE && c->log_error == NGX_ERROR_IGNORE_EMSGSIZE) {
        return 0;
    }
    if (err == 0
        || err == NGX_ECONNRESET
 #if (NGX_WIN32)
@ -1608,7 +1522,6 @@ ngx_connection_error(ngx_connection_t *c, ngx_err_t err, char *text)
    {
        switch (c->log_error) {
        case NGX_ERROR_IGNORE_EMSGSIZE:
        case NGX_ERROR_IGNORE_EINVAL:
        case NGX_ERROR_IGNORE_ECONNRESET:
        case NGX_ERROR_INFO:
--- a/src/core/ngx_connection.h
+++ b/src/core/ngx_connection.h
@ -73,7 +73,6 @@ struct ngx_listening_s {
    unsigned            reuseport:1;
    unsigned            add_reuseport:1;
    unsigned            keepalive:2;
    unsigned            quic:1;
    unsigned            deferred_accept:1;
    unsigned            delete_deferred:1;
@ -97,8 +96,7 @@ typedef enum {
    NGX_ERROR_ERR,
    NGX_ERROR_INFO,
    NGX_ERROR_IGNORE_ECONNRESET,
-    NGX_ERROR_IGNORE_EINVAL,
+    NGX_ERROR_IGNORE_EINVAL
    NGX_ERROR_IGNORE_EMSGSIZE
 } ngx_connection_log_error_e;
@ -149,10 +147,6 @@ struct ngx_connection_s {
    ngx_proxy_protocol_t  *proxy_protocol;
 #if (NGX_QUIC || NGX_COMPAT)
    ngx_quic_stream_t     *quic;
 #endif
 #if (NGX_SSL || NGX_COMPAT)
    ngx_ssl_connection_t  *ssl;
 #endif
@ -178,7 +172,6 @@ struct ngx_connection_s {
    unsigned            timedout:1;
    unsigned            error:1;
    unsigned            destroyed:1;
    unsigned            pipeline:1;
    unsigned            idle:1;
    unsigned            reusable:1;
--- a/src/core/ngx_core.h
+++ b/src/core/ngx_core.h
@ -26,9 +26,7 @@ typedef struct ngx_event_aio_s       ngx_event_aio_t;
 typedef struct ngx_connection_s      ngx_connection_t;
 typedef struct ngx_thread_task_s     ngx_thread_task_t;
 typedef struct ngx_ssl_s             ngx_ssl_t;
 typedef struct ngx_ssl_cache_s       ngx_ssl_cache_t;
 typedef struct ngx_proxy_protocol_s  ngx_proxy_protocol_t;
 typedef struct ngx_quic_stream_s     ngx_quic_stream_t;
 typedef struct ngx_ssl_connection_s  ngx_ssl_connection_t;
 typedef struct ngx_udp_connection_s  ngx_udp_connection_t;
@ -84,9 +82,6 @@ typedef void (*ngx_connection_handler_pt)(ngx_connection_t *c);
 #include <ngx_resolver.h>
 #if (NGX_OPENSSL)
 #include <ngx_event_openssl.h>
 #if (NGX_QUIC)
 #include <ngx_event_quic.h>
 #endif
 #endif
 #include <ngx_process_cycle.h>
 #include <ngx_conf_file.h>
@ -96,9 +91,6 @@ typedef void (*ngx_connection_handler_pt)(ngx_connection_t *c);
 #include <ngx_connection.h>
 #include <ngx_syslog.h>
 #include <ngx_proxy_protocol.h>
 #if (NGX_HAVE_BPF)
 #include <ngx_bpf.h>
 #endif
 #define LF     (u_char) '\n'
--- a/src/core/ngx_cycle.c
+++ b/src/core/ngx_cycle.c
@ -38,7 +38,7 @@ static ngx_connection_t  dumb;
 ngx_cycle_t *
 ngx_init_cycle(ngx_cycle_t *old_cycle)
 {
-    void                *rv, *data;
+    void                *rv;
    char               **senv;
    ngx_uint_t           i, n;
    ngx_log_t           *log;
@ -438,8 +438,6 @@ ngx_init_cycle(ngx_cycle_t *old_cycle)
        opart = &old_cycle->shared_memory.part;
        oshm_zone = opart->elts;
        data = NULL;
        for (n = 0; /* void */ ; n++) {
            if (n >= opart->nelts) {
@ -463,13 +461,9 @@ ngx_init_cycle(ngx_cycle_t *old_cycle)
                continue;
            }
            if (shm_zone[i].tag == oshm_zone[n].tag && shm_zone[i].noreuse) {
                data = oshm_zone[n].data;
                break;
            }
            if (shm_zone[i].tag == oshm_zone[n].tag
-                && shm_zone[i].shm.size == oshm_zone[n].shm.size)
+                && shm_zone[i].shm.size == oshm_zone[n].shm.size
                && !shm_zone[i].noreuse)
            {
                shm_zone[i].shm.addr = oshm_zone[n].shm.addr;
 #if (NGX_WIN32)
@ -496,7 +490,7 @@ ngx_init_cycle(ngx_cycle_t *old_cycle)
            goto failed;
        }
-        if (shm_zone[i].init(&shm_zone[i], data) != NGX_OK) {
+        if (shm_zone[i].init(&shm_zone[i], NULL) != NGX_OK) {
            goto failed;
        }
--- a/src/core/ngx_inet.c
+++ b/src/core/ngx_inet.c
@ -507,7 +507,7 @@ ngx_cidr_match(struct sockaddr *sa, ngx_array_t *cidrs)
            p = inaddr6->s6_addr;
-            inaddr = (in_addr_t) p[12] << 24;
+            inaddr = p[12] << 24;
            inaddr += p[13] << 16;
            inaddr += p[14] << 8;
            inaddr += p[15];
@ -639,11 +639,7 @@ ngx_parse_addr_port(ngx_pool_t *pool, ngx_addr_t *addr, u_char *text,
        p = ngx_strlchr(text, last, ']');
-        if (p == last - 1) {
+        if (p == NULL || p == last - 1 || *++p != ':') {
            return ngx_parse_addr(pool, addr, text + 1, len - 2);
        }
        if (p == NULL || *++p != ':') {
            return NGX_DECLINED;
        }
--- a/src/core/ngx_module.h
+++ b/src/core/ngx_module.h
@ -107,12 +107,7 @@
 #endif
 #define NGX_MODULE_SIGNATURE_17  "0"
 #if (NGX_QUIC || NGX_COMPAT)
 #define NGX_MODULE_SIGNATURE_18  "1"
 #else
 #define NGX_MODULE_SIGNATURE_18  "0"
 #endif
 #if (NGX_HAVE_OPENAT)
 #define NGX_MODULE_SIGNATURE_19  "1"
--- a/src/core/ngx_output_chain.c
+++ b/src/core/ngx_output_chain.c
@ -117,10 +117,7 @@ ngx_output_chain(ngx_output_chain_ctx_t *ctx, ngx_chain_t *in)
                ngx_debug_point();
-                cl = ctx->in;
+                ctx->in = ctx->in->next;
                ctx->in = cl->next;
                ngx_free_chain(ctx->pool, cl);
                continue;
            }
@ -206,10 +203,7 @@ ngx_output_chain(ngx_output_chain_ctx_t *ctx, ngx_chain_t *in)
            /* delete the completed buf from the ctx->in chain */
            if (ngx_buf_size(ctx->in->buf) == 0) {
-                cl = ctx->in;
+                ctx->in = ctx->in->next;
                ctx->in = cl->next;
                ngx_free_chain(ctx->pool, cl);
            }
            cl = ngx_alloc_chain_link(ctx->pool);
--- a/src/core/ngx_proxy_protocol.c
+++ b/src/core/ngx_proxy_protocol.c
@ -13,15 +13,7 @@
 #define NGX_PROXY_PROTOCOL_AF_INET6         2
-#define ngx_proxy_protocol_parse_uint16(p)                                    \
+#define ngx_proxy_protocol_parse_uint16(p)  ((p)[0] << 8 | (p)[1])
    ( ((uint16_t) (p)[0] << 8)                                                \
    + (           (p)[1]) )
 #define ngx_proxy_protocol_parse_uint32(p)                                    \
    ( ((uint32_t) (p)[0] << 24)                                               \
    + (           (p)[1] << 16)                                               \
    + (           (p)[2] << 8)                                                \
    + (           (p)[3]) )
 typedef struct {
@ -48,52 +40,12 @@ typedef struct {
 } ngx_proxy_protocol_inet6_addrs_t;
 typedef struct {
    u_char                                  type;
    u_char                                  len[2];
 } ngx_proxy_protocol_tlv_t;
 typedef struct {
    u_char                                  client;
    u_char                                  verify[4];
 } ngx_proxy_protocol_tlv_ssl_t;
 typedef struct {
    ngx_str_t                               name;
    ngx_uint_t                              type;
 } ngx_proxy_protocol_tlv_entry_t;
 static u_char *ngx_proxy_protocol_read_addr(ngx_connection_t *c, u_char *p,
    u_char *last, ngx_str_t *addr);
 static u_char *ngx_proxy_protocol_read_port(u_char *p, u_char *last,
    in_port_t *port, u_char sep);
 static u_char *ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf,
    u_char *last);
 static ngx_int_t ngx_proxy_protocol_lookup_tlv(ngx_connection_t *c,
    ngx_str_t *tlvs, ngx_uint_t type, ngx_str_t *value);
 static ngx_proxy_protocol_tlv_entry_t  ngx_proxy_protocol_tlv_entries[] = {
    { ngx_string("alpn"),       0x01 },
    { ngx_string("authority"),  0x02 },
    { ngx_string("unique_id"),  0x05 },
    { ngx_string("ssl"),        0x20 },
    { ngx_string("netns"),      0x30 },
    { ngx_null_string,          0x00 }
 };
 static ngx_proxy_protocol_tlv_entry_t  ngx_proxy_protocol_tlv_ssl_entries[] = {
    { ngx_string("version"),    0x21 },
    { ngx_string("cn"),         0x22 },
    { ngx_string("cipher"),     0x23 },
    { ngx_string("sig_alg"),    0x24 },
    { ngx_string("key_alg"),    0x25 },
    { ngx_null_string,          0x00 }
 };
 u_char *
@ -109,7 +61,7 @@ ngx_proxy_protocol_read(ngx_connection_t *c, u_char *buf, u_char *last)
    len = last - buf;
    if (len >= sizeof(ngx_proxy_protocol_header_t)
-        && ngx_memcmp(p, signature, sizeof(signature) - 1) == 0)
+        && memcmp(p, signature, sizeof(signature) - 1) == 0)
    {
        return ngx_proxy_protocol_v2_read(c, buf, last);
    }
@ -187,14 +139,8 @@ skip:
 invalid:
    for (p = buf; p < last; p++) {
        if (*p == CR || *p == LF) {
            break;
        }
    }
    ngx_log_error(NGX_LOG_ERR, c->log, 0,
-                  "broken header: \"%*s\"", (size_t) (p - buf), buf);
+                  "broken header: \"%*s\"", (size_t) (last - buf), buf);
    return NULL;
 }
@ -281,9 +227,7 @@ ngx_proxy_protocol_write(ngx_connection_t *c, u_char *buf, u_char *last)
 {
    ngx_uint_t  port, lport;
-    if (last - buf < NGX_PROXY_PROTOCOL_V1_MAX_HEADER) {
+    if (last - buf < NGX_PROXY_PROTOCOL_MAX_HEADER) {
        ngx_log_error(NGX_LOG_ALERT, c->log, 0,
                      "too small buffer for PROXY protocol");
        return NULL;
    }
@ -396,11 +340,11 @@ ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, u_char *last)
        src_sockaddr.sockaddr_in.sin_family = AF_INET;
        src_sockaddr.sockaddr_in.sin_port = 0;
-        ngx_memcpy(&src_sockaddr.sockaddr_in.sin_addr, in->src_addr, 4);
+        memcpy(&src_sockaddr.sockaddr_in.sin_addr, in->src_addr, 4);
        dst_sockaddr.sockaddr_in.sin_family = AF_INET;
        dst_sockaddr.sockaddr_in.sin_port = 0;
-        ngx_memcpy(&dst_sockaddr.sockaddr_in.sin_addr, in->dst_addr, 4);
+        memcpy(&dst_sockaddr.sockaddr_in.sin_addr, in->dst_addr, 4);
        pp->src_port = ngx_proxy_protocol_parse_uint16(in->src_port);
        pp->dst_port = ngx_proxy_protocol_parse_uint16(in->dst_port);
@ -423,11 +367,11 @@ ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, u_char *last)
        src_sockaddr.sockaddr_in6.sin6_family = AF_INET6;
        src_sockaddr.sockaddr_in6.sin6_port = 0;
-        ngx_memcpy(&src_sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16);
+        memcpy(&src_sockaddr.sockaddr_in6.sin6_addr, in6->src_addr, 16);
        dst_sockaddr.sockaddr_in6.sin6_family = AF_INET6;
        dst_sockaddr.sockaddr_in6.sin6_port = 0;
-        ngx_memcpy(&dst_sockaddr.sockaddr_in6.sin6_addr, in6->dst_addr, 16);
+        memcpy(&dst_sockaddr.sockaddr_in6.sin6_addr, in6->dst_addr, 16);
        pp->src_port = ngx_proxy_protocol_parse_uint16(in6->src_port);
        pp->dst_port = ngx_proxy_protocol_parse_uint16(in6->dst_port);
@ -468,147 +412,11 @@ ngx_proxy_protocol_v2_read(ngx_connection_t *c, u_char *buf, u_char *last)
                   &pp->src_addr, pp->src_port, &pp->dst_addr, pp->dst_port);
    if (buf < end) {
-        pp->tlvs.data = ngx_pnalloc(c->pool, end - buf);
+        ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
-        if (pp->tlvs.data == NULL) {
+                       "PROXY protocol v2 %z bytes of tlv ignored", end - buf);
            return NULL;
        }
        ngx_memcpy(pp->tlvs.data, buf, end - buf);
        pp->tlvs.len = end - buf;
    }
    c->proxy_protocol = pp;
    return end;
 }
 ngx_int_t
 ngx_proxy_protocol_get_tlv(ngx_connection_t *c, ngx_str_t *name,
    ngx_str_t *value)
 {
    u_char                          *p;
    size_t                           n;
    uint32_t                         verify;
    ngx_str_t                        ssl, *tlvs;
    ngx_int_t                        rc, type;
    ngx_proxy_protocol_tlv_ssl_t    *tlv_ssl;
    ngx_proxy_protocol_tlv_entry_t  *te;
    if (c->proxy_protocol == NULL) {
        return NGX_DECLINED;
    }
    ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
                   "PROXY protocol v2 get tlv \"%V\"", name);
    te = ngx_proxy_protocol_tlv_entries;
    tlvs = &c->proxy_protocol->tlvs;
    p = name->data;
    n = name->len;
    if (n >= 4 && p[0] == 's' && p[1] == 's' && p[2] == 'l' && p[3] == '_') {
        rc = ngx_proxy_protocol_lookup_tlv(c, tlvs, 0x20, &ssl);
        if (rc != NGX_OK) {
            return rc;
        }
        if (ssl.len < sizeof(ngx_proxy_protocol_tlv_ssl_t)) {
            return NGX_ERROR;
        }
        p += 4;
        n -= 4;
        if (n == 6 && ngx_strncmp(p, "verify", 6) == 0) {
            tlv_ssl = (ngx_proxy_protocol_tlv_ssl_t *) ssl.data;
            verify = ngx_proxy_protocol_parse_uint32(tlv_ssl->verify);
            value->data = ngx_pnalloc(c->pool, NGX_INT32_LEN);
            if (value->data == NULL) {
                return NGX_ERROR;
            }
            value->len = ngx_sprintf(value->data, "%uD", verify)
                         - value->data;
            return NGX_OK;
        }
        ssl.data += sizeof(ngx_proxy_protocol_tlv_ssl_t);
        ssl.len -= sizeof(ngx_proxy_protocol_tlv_ssl_t);
        te = ngx_proxy_protocol_tlv_ssl_entries;
        tlvs = &ssl;
    }
    if (n >= 2 && p[0] == '0' && p[1] == 'x') {
        type = ngx_hextoi(p + 2, n - 2);
        if (type == NGX_ERROR) {
            ngx_log_error(NGX_LOG_ERR, c->log, 0,
                          "invalid PROXY protocol TLV \"%V\"", name);
            return NGX_ERROR;
        }
        return ngx_proxy_protocol_lookup_tlv(c, tlvs, type, value);
    }
    for ( /* void */ ; te->type; te++) {
        if (te->name.len == n && ngx_strncmp(te->name.data, p, n) == 0) {
            return ngx_proxy_protocol_lookup_tlv(c, tlvs, te->type, value);
        }
    }
    ngx_log_error(NGX_LOG_ERR, c->log, 0,
                  "unknown PROXY protocol TLV \"%V\"", name);
    return NGX_DECLINED;
 }
 static ngx_int_t
 ngx_proxy_protocol_lookup_tlv(ngx_connection_t *c, ngx_str_t *tlvs,
    ngx_uint_t type, ngx_str_t *value)
 {
    u_char                    *p;
    size_t                     n, len;
    ngx_proxy_protocol_tlv_t  *tlv;
    ngx_log_debug1(NGX_LOG_DEBUG_CORE, c->log, 0,
                   "PROXY protocol v2 lookup tlv:%02xi", type);
    p = tlvs->data;
    n = tlvs->len;
    while (n) {
        if (n < sizeof(ngx_proxy_protocol_tlv_t)) {
            ngx_log_error(NGX_LOG_ERR, c->log, 0, "broken PROXY protocol TLV");
            return NGX_ERROR;
        }
        tlv = (ngx_proxy_protocol_tlv_t *) p;
        len = ngx_proxy_protocol_parse_uint16(tlv->len);
        p += sizeof(ngx_proxy_protocol_tlv_t);
        n -= sizeof(ngx_proxy_protocol_tlv_t);
        if (n < len) {
            ngx_log_error(NGX_LOG_ERR, c->log, 0, "broken PROXY protocol TLV");
            return NGX_ERROR;
        }
        if (tlv->type == type) {
            value->data = p;
            value->len = len;
            return NGX_OK;
        }
        p += len;
        n -= len;
    }
    return NGX_DECLINED;
 }
--- a/src/core/ngx_proxy_protocol.h
+++ b/src/core/ngx_proxy_protocol.h
@ -13,8 +13,7 @@
 #include <ngx_core.h>
-#define NGX_PROXY_PROTOCOL_V1_MAX_HEADER  107
+#define NGX_PROXY_PROTOCOL_MAX_HEADER  107
 #define NGX_PROXY_PROTOCOL_MAX_HEADER     4096
 struct ngx_proxy_protocol_s {
@ -22,7 +21,6 @@ struct ngx_proxy_protocol_s {
    ngx_str_t           dst_addr;
    in_port_t           src_port;
    in_port_t           dst_port;
    ngx_str_t           tlvs;
 };
@ -30,8 +28,6 @@ u_char *ngx_proxy_protocol_read(ngx_connection_t *c, u_char *buf,
    u_char *last);
 u_char *ngx_proxy_protocol_write(ngx_connection_t *c, u_char *buf,
    u_char *last);
 ngx_int_t ngx_proxy_protocol_get_tlv(ngx_connection_t *c, ngx_str_t *name,
    ngx_str_t *value);
 #endif /* _NGX_PROXY_PROTOCOL_H_INCLUDED_ */
--- a/src/core/ngx_queue.c
+++ b/src/core/ngx_queue.c
@ -9,10 +9,6 @@
 #include <ngx_core.h>
 static void ngx_queue_merge(ngx_queue_t *queue, ngx_queue_t *tail,
    ngx_int_t (*cmp)(const ngx_queue_t *, const ngx_queue_t *));
 /*
 * find the middle queue element if the queue has odd number of elements
 * or the first element of the queue's second part otherwise
@ -49,13 +45,13 @@ ngx_queue_middle(ngx_queue_t *queue)
 }
-/* the stable merge sort */
+/* the stable insertion sort */
 void
 ngx_queue_sort(ngx_queue_t *queue,
    ngx_int_t (*cmp)(const ngx_queue_t *, const ngx_queue_t *))
 {
-    ngx_queue_t  *q, tail;
+    ngx_queue_t  *q, *prev, *next;
    q = ngx_queue_head(queue);
@ -63,44 +59,22 @@ ngx_queue_sort(ngx_queue_t *queue,
        return;
    }
-    q = ngx_queue_middle(queue);
+    for (q = ngx_queue_next(q); q != ngx_queue_sentinel(queue); q = next) {
-    ngx_queue_split(queue, q, &tail);
+        prev = ngx_queue_prev(q);
        next = ngx_queue_next(q);
-    ngx_queue_sort(queue, cmp);
+        ngx_queue_remove(q);
    ngx_queue_sort(&tail, cmp);
-    ngx_queue_merge(queue, &tail, cmp);
+        do {
-}
+            if (cmp(prev, q) <= 0) {
 static void
 ngx_queue_merge(ngx_queue_t *queue, ngx_queue_t *tail,
    ngx_int_t (*cmp)(const ngx_queue_t *, const ngx_queue_t *))
 {
    ngx_queue_t  *q1, *q2;
    q1 = ngx_queue_head(queue);
    q2 = ngx_queue_head(tail);
    for ( ;; ) {
        if (q1 == ngx_queue_sentinel(queue)) {
            ngx_queue_add(queue, tail);
                break;
            }
-        if (q2 == ngx_queue_sentinel(tail)) {
+            prev = ngx_queue_prev(prev);
            break;
        }
-        if (cmp(q1, q2) <= 0) {
+        } while (prev != ngx_queue_sentinel(queue));
            q1 = ngx_queue_next(q1);
            continue;
        }
-        ngx_queue_remove(q2);
+        ngx_queue_insert_after(prev, q);
        ngx_queue_insert_before(q1, q2);
        q2 = ngx_queue_head(tail);
    }
 }
--- a/src/core/ngx_queue.h
+++ b/src/core/ngx_queue.h
@ -47,9 +47,6 @@ struct ngx_queue_s {
    (h)->prev = x
 #define ngx_queue_insert_before   ngx_queue_insert_tail
 #define ngx_queue_head(h)                                                     \
    (h)->next
--- a/src/core/ngx_regex.c
+++ b/src/core/ngx_regex.c
@ -600,8 +600,6 @@ ngx_regex_cleanup(void *data)
     * the new cycle, these will be re-allocated.
     */
    ngx_regex_malloc_init(NULL);
    if (ngx_regex_compile_context) {
        pcre2_compile_context_free(ngx_regex_compile_context);
        ngx_regex_compile_context = NULL;
@ -613,8 +611,6 @@ ngx_regex_cleanup(void *data)
        ngx_regex_match_data_size = 0;
    }
    ngx_regex_malloc_done();
 #endif
 }
@ -710,6 +706,9 @@ ngx_regex_module_init(ngx_cycle_t *cycle)
    ngx_regex_malloc_done();
    ngx_regex_studies = NULL;
 #if (NGX_PCRE2)
    ngx_regex_compile_context = NULL;
 #endif
    return NGX_OK;
 }
@ -733,14 +732,14 @@ ngx_regex_create_conf(ngx_cycle_t *cycle)
        return NULL;
    }
    cln->handler = ngx_regex_cleanup;
    cln->data = rcf;
    rcf->studies = ngx_list_create(cycle->pool, 8, sizeof(ngx_regex_elt_t));
    if (rcf->studies == NULL) {
        return NULL;
    }
    cln->handler = ngx_regex_cleanup;
    cln->data = rcf;
    ngx_regex_studies = rcf->studies;
    return rcf;
--- a/src/core/ngx_resolver.c
+++ b/src/core/ngx_resolver.c
@ -157,8 +157,6 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_str_t *names, ngx_uint_t n)
    cln->handler = ngx_resolver_cleanup;
    cln->data = r;
    r->ipv4 = 1;
    ngx_rbtree_init(&r->name_rbtree, &r->name_sentinel,
                    ngx_resolver_rbtree_insert_value);
@ -227,23 +225,6 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_str_t *names, ngx_uint_t n)
        }
 #if (NGX_HAVE_INET6)
        if (ngx_strncmp(names[i].data, "ipv4=", 5) == 0) {
            if (ngx_strcmp(&names[i].data[5], "on") == 0) {
                r->ipv4 = 1;
            } else if (ngx_strcmp(&names[i].data[5], "off") == 0) {
                r->ipv4 = 0;
            } else {
                ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
                                   "invalid parameter: %V", &names[i]);
                return NULL;
            }
            continue;
        }
        if (ngx_strncmp(names[i].data, "ipv6=", 5) == 0) {
            if (ngx_strcmp(&names[i].data[5], "on") == 0) {
@ -292,14 +273,6 @@ ngx_resolver_create(ngx_conf_t *cf, ngx_str_t *names, ngx_uint_t n)
        }
    }
 #if (NGX_HAVE_INET6)
    if (r->ipv4 + r->ipv6 == 0) {
        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
                           "\"ipv4\" and \"ipv6\" cannot both be \"off\"");
        return NULL;
    }
 #endif
    if (n && r->connections.nelts == 0) {
        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0, "no name servers defined");
        return NULL;
@ -863,7 +836,7 @@ ngx_resolve_name_locked(ngx_resolver_t *r, ngx_resolver_ctx_t *ctx,
        r->last_connection = 0;
    }
-    rn->naddrs = r->ipv4 ? (u_short) -1 : 0;
+    rn->naddrs = (u_short) -1;
    rn->tcp = 0;
 #if (NGX_HAVE_INET6)
    rn->naddrs6 = r->ipv6 ? (u_short) -1 : 0;
@ -1290,7 +1263,7 @@ ngx_resolver_send_query(ngx_resolver_t *r, ngx_resolver_node_t *rn)
        rec->log.action = "resolving";
    }
-    if (rn->query && rn->naddrs == (u_short) -1) {
+    if (rn->naddrs == (u_short) -1) {
        rc = rn->tcp ? ngx_resolver_send_tcp_query(r, rec, rn->query, rn->qlen)
                     : ngx_resolver_send_udp_query(r, rec, rn->query, rn->qlen);
@ -1792,14 +1765,11 @@ ngx_resolver_process_response(ngx_resolver_t *r, u_char *buf, size_t n,
             q = ngx_queue_next(q))
        {
            rn = ngx_queue_data(q, ngx_resolver_node_t, queue);
            if (rn->query) {
            qident = (rn->query[0] << 8) + rn->query[1];
            if (qident == ident) {
                goto dns_error_name;
            }
            }
 #if (NGX_HAVE_INET6)
            if (rn->query6) {
@ -3675,7 +3645,7 @@ ngx_resolver_create_name_query(ngx_resolver_t *r, ngx_resolver_node_t *rn,
    len = sizeof(ngx_resolver_hdr_t) + nlen + sizeof(ngx_resolver_qs_t);
 #if (NGX_HAVE_INET6)
-    p = ngx_resolver_alloc(r, len * (r->ipv4 + r->ipv6));
+    p = ngx_resolver_alloc(r, r->ipv6 ? len * 2 : len);
 #else
    p = ngx_resolver_alloc(r, len);
 #endif
@ -3688,13 +3658,12 @@ ngx_resolver_create_name_query(ngx_resolver_t *r, ngx_resolver_node_t *rn,
 #if (NGX_HAVE_INET6)
    if (r->ipv6) {
-        rn->query6 = r->ipv4 ? (p + len) : p;
+        rn->query6 = p + len;
    }
 #endif
    query = (ngx_resolver_hdr_t *) p;
    if (r->ipv4) {
    ident = ngx_random();
    ngx_log_debug2(NGX_LOG_DEBUG_CORE, r->log, 0,
@ -3702,7 +3671,6 @@ ngx_resolver_create_name_query(ngx_resolver_t *r, ngx_resolver_node_t *rn,
    query->ident_hi = (u_char) ((ident >> 8) & 0xff);
    query->ident_lo = (u_char) (ident & 0xff);
    }
    /* recursion query */
    query->flags_hi = 1; query->flags_lo = 0;
@ -3763,9 +3731,7 @@ ngx_resolver_create_name_query(ngx_resolver_t *r, ngx_resolver_node_t *rn,
    p = rn->query6;
    if (r->ipv4) {
    ngx_memcpy(p, rn->query, rn->qlen);
    }
    query = (ngx_resolver_hdr_t *) p;
--- a/src/core/ngx_resolver.h
+++ b/src/core/ngx_resolver.h
@ -175,10 +175,8 @@ struct ngx_resolver_s {
    ngx_queue_t               srv_expire_queue;
    ngx_queue_t               addr_expire_queue;
    unsigned                  ipv4:1;
 #if (NGX_HAVE_INET6)
-    unsigned                  ipv6:1;
+    ngx_uint_t                ipv6;                 /* unsigned  ipv6:1; */
    ngx_rbtree_t              addr6_rbtree;
    ngx_rbtree_node_t         addr6_sentinel;
    ngx_queue_t               addr6_resend_queue;
--- a/src/core/ngx_string.c
+++ b/src/core/ngx_string.c
@ -1364,12 +1364,7 @@ ngx_utf8_decode(u_char **p, size_t n)
    u = **p;
-    if (u >= 0xf8) {
+    if (u >= 0xf0) {
        (*p)++;
        return 0xffffffff;
    } else if (u >= 0xf0) {
        u &= 0x07;
        valid = 0xffff;
@ -1494,9 +1489,8 @@ ngx_utf8_cpystrn(u_char *dst, u_char *src, size_t n, size_t len)
 uintptr_t
 ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
 {
    u_char          prefix;
    uint32_t       *escape;
    ngx_uint_t      n;
    uint32_t       *escape;
    static u_char   hex[] = "0123456789ABCDEF";
    /*
@ -1634,36 +1628,11 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
                    /* mail_auth is the same as memcached */
                    /* " ", "+", "=", not allowed */
    static uint32_t   mail_xtext[] = {
        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
                    /* ?>=< ;:98 7654 3210  /.-, +*)( '&%$ #"!  */
        0x20000801, /* 0010 0000 0000 0000  0000 1000 0000 0001 */
                    /* _^]\ [ZYX WVUT SRQP  ONML KJIH GFED CBA@ */
        0x00000000, /* 0000 0000 0000 0000  0000 0000 0000 0000 */
                    /*  ~}| {zyx wvut srqp  onml kjih gfed cba` */
        0x80000000, /* 1000 0000 0000 0000  0000 0000 0000 0000 */
        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
        0xffffffff, /* 1111 1111 1111 1111  1111 1111 1111 1111 */
    };
    static uint32_t  *map[] =
-        { uri, args, uri_component, html, refresh, memcached, memcached,
+        { uri, args, uri_component, html, refresh, memcached, memcached };
          mail_xtext };
    static u_char  map_char[] =
        { '%', '%', '%', '%', '%', '%', '%', '+' };
    escape = map[type];
    prefix = map_char[type];
    if (dst == NULL) {
@ -1684,7 +1653,7 @@ ngx_escape_uri(u_char *dst, u_char *src, size_t size, ngx_uint_t type)
    while (size) {
        if (escape[*src >> 5] & (1U << (*src & 0x1f))) {
-            *dst++ = prefix;
+            *dst++ = '%';
            *dst++ = hex[*src >> 4];
            *dst++ = hex[*src & 0xf];
            src++;
--- a/src/core/ngx_string.h
+++ b/src/core/ngx_string.h
@ -145,7 +145,7 @@ ngx_copy(u_char *dst, u_char *src, size_t len)
 /* msvc and icc7 compile memcmp() to the inline loop */
-#define ngx_memcmp(s1, s2, n)     memcmp(s1, s2, n)
+#define ngx_memcmp(s1, s2, n)  memcmp((const char *) s1, (const char *) s2, n)
 u_char *ngx_cpystrn(u_char *dst, u_char *src, size_t n);
@ -203,7 +203,6 @@ u_char *ngx_utf8_cpystrn(u_char *dst, u_char *src, size_t n, size_t len);
 #define NGX_ESCAPE_REFRESH        4
 #define NGX_ESCAPE_MEMCACHED      5
 #define NGX_ESCAPE_MAIL_AUTH      6
 #define NGX_ESCAPE_MAIL_XTEXT     7
 #define NGX_UNESCAPE_URI       1
 #define NGX_UNESCAPE_REDIRECT  2
--- a/src/core/ngx_syslog.c
+++ b/src/core/ngx_syslog.c
@ -18,7 +18,6 @@
 static char *ngx_syslog_parse_args(ngx_conf_t *cf, ngx_syslog_peer_t *peer);
 static ngx_int_t ngx_syslog_init_peer(ngx_syslog_peer_t *peer);
 static void ngx_syslog_cleanup(void *data);
 static u_char *ngx_syslog_log_error(ngx_log_t *log, u_char *buf, size_t len);
 static char  *facilities[] = {
@ -67,9 +66,6 @@ ngx_syslog_process_conf(ngx_conf_t *cf, ngx_syslog_peer_t *peer)
        ngx_str_set(&peer->tag, "nginx");
    }
    peer->hostname = &cf->cycle->hostname;
    peer->logp = &cf->cycle->new_log;
    peer->conn.fd = (ngx_socket_t) -1;
    peer->conn.read = &ngx_syslog_dummy_event;
@ -247,7 +243,7 @@ ngx_syslog_add_header(ngx_syslog_peer_t *peer, u_char *buf)
    }
    return ngx_sprintf(buf, "<%ui>%V %V %V: ", pri, &ngx_cached_syslog_time,
-                       peer->hostname, &peer->tag);
+                       &ngx_cycle->hostname, &peer->tag);
 }
@ -290,19 +286,15 @@ ngx_syslog_send(ngx_syslog_peer_t *peer, u_char *buf, size_t len)
 {
    ssize_t  n;
    if (peer->log.handler == NULL) {
        peer->log = *peer->logp;
        peer->log.handler = ngx_syslog_log_error;
        peer->log.data = peer;
        peer->log.action = "logging to syslog";
    }
    if (peer->conn.fd == (ngx_socket_t) -1) {
        if (ngx_syslog_init_peer(peer) != NGX_OK) {
            return NGX_ERROR;
        }
    }
    /* log syslog socket events with valid log */
    peer->conn.log = ngx_cycle->log;
    if (ngx_send) {
        n = ngx_send(&peer->conn, buf, len);
@ -314,7 +306,7 @@ ngx_syslog_send(ngx_syslog_peer_t *peer, u_char *buf, size_t len)
    if (n == NGX_ERROR) {
        if (ngx_close_socket(peer->conn.fd) == -1) {
-            ngx_log_error(NGX_LOG_ALERT, &peer->log, ngx_socket_errno,
+            ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_socket_errno,
                          ngx_close_socket_n " failed");
        }
@ -332,25 +324,24 @@ ngx_syslog_init_peer(ngx_syslog_peer_t *peer)
    fd = ngx_socket(peer->server.sockaddr->sa_family, SOCK_DGRAM, 0);
    if (fd == (ngx_socket_t) -1) {
-        ngx_log_error(NGX_LOG_ALERT, &peer->log, ngx_socket_errno,
+        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_socket_errno,
                      ngx_socket_n " failed");
        return NGX_ERROR;
    }
    if (ngx_nonblocking(fd) == -1) {
-        ngx_log_error(NGX_LOG_ALERT, &peer->log, ngx_socket_errno,
+        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_socket_errno,
                      ngx_nonblocking_n " failed");
        goto failed;
    }
    if (connect(fd, peer->server.sockaddr, peer->server.socklen) == -1) {
-        ngx_log_error(NGX_LOG_ALERT, &peer->log, ngx_socket_errno,
+        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_socket_errno,
                      "connect() failed");
        goto failed;
    }
    peer->conn.fd = fd;
    peer->conn.log = &peer->log;
    /* UDP sockets are always ready to write */
    peer->conn.write->ready = 1;
@ -360,7 +351,7 @@ ngx_syslog_init_peer(ngx_syslog_peer_t *peer)
 failed:
    if (ngx_close_socket(fd) == -1) {
-        ngx_log_error(NGX_LOG_ALERT, &peer->log, ngx_socket_errno,
+        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_socket_errno,
                      ngx_close_socket_n " failed");
    }
@ -381,30 +372,7 @@ ngx_syslog_cleanup(void *data)
    }
    if (ngx_close_socket(peer->conn.fd) == -1) {
-        ngx_log_error(NGX_LOG_ALERT, &peer->log, ngx_socket_errno,
+        ngx_log_error(NGX_LOG_ALERT, ngx_cycle->log, ngx_socket_errno,
                      ngx_close_socket_n " failed");
    }
 }
 static u_char *
 ngx_syslog_log_error(ngx_log_t *log, u_char *buf, size_t len)
 {
    u_char             *p;
    ngx_syslog_peer_t  *peer;
    p = buf;
    if (log->action) {
        p = ngx_snprintf(buf, len, " while %s", log->action);
        len -= p - buf;
    }
    peer = log->data;
    if (peer) {
        p = ngx_snprintf(p, len, ", server: %V", &peer->server.name);
    }
    return p;
 }
--- a/src/core/ngx_syslog.h
+++ b/src/core/ngx_syslog.h
@ -13,14 +13,8 @@ typedef struct {
    ngx_uint_t        severity;
    ngx_str_t         tag;
    ngx_str_t         *hostname;
    ngx_addr_t        server;
    ngx_connection_t  conn;
    ngx_log_t          log;
    ngx_log_t         *logp;
    unsigned          busy:1;
    unsigned          nohostname:1;
 } ngx_syslog_peer_t;
--- a/src/core/ngx_thread_pool.c
+++ b/src/core/ngx_thread_pool.c
@ -207,7 +207,7 @@ ngx_thread_pool_exit_handler(void *data, ngx_log_t *log)
    *lock = 0;
-    pthread_exit(NULL);
+    pthread_exit(0);
 }
--- a/src/event/modules/ngx_iocp_module.c
+++ b/src/event/modules/ngx_iocp_module.c
@ -231,8 +231,9 @@ ngx_iocp_del_connection(ngx_connection_t *c, ngx_uint_t flags)
 }
-static ngx_int_t
+static
-ngx_iocp_process_events(ngx_cycle_t *cycle, ngx_msec_t timer, ngx_uint_t flags)
+ngx_int_t ngx_iocp_process_events(ngx_cycle_t *cycle, ngx_msec_t timer,
    ngx_uint_t flags)
 {
    int                rc;
    u_int              key;
@ -355,7 +356,7 @@ ngx_iocp_create_conf(ngx_cycle_t *cycle)
    cf = ngx_palloc(cycle->pool, sizeof(ngx_iocp_conf_t));
    if (cf == NULL) {
-        return NULL;
+        return NGX_CONF_ERROR;
    }
    cf->threads = NGX_CONF_UNSET;
--- a/src/event/modules/ngx_kqueue_module.c
+++ b/src/event/modules/ngx_kqueue_module.c
@ -10,15 +10,6 @@
 #include <ngx_event.h>
 /* NetBSD up to 10.0 incompatibly defines kevent.udata as "intptr_t" */
 #if (__NetBSD__ && __NetBSD_Version__ < 1000000000)
 #define NGX_KQUEUE_UDATA_T
 #else
 #define NGX_KQUEUE_UDATA_T  (void *)
 #endif
 typedef struct {
    ngx_uint_t  changes;
    ngx_uint_t  events;
@ -200,7 +191,7 @@ ngx_kqueue_init(ngx_cycle_t *cycle, ngx_msec_t timer)
        kev.flags = EV_ADD|EV_ENABLE;
        kev.fflags = 0;
        kev.data = timer;
-        kev.udata = NGX_KQUEUE_UDATA_T (uintptr_t) 0;
+        kev.udata = 0;
        ts.tv_sec = 0;
        ts.tv_nsec = 0;
@ -246,7 +237,7 @@ ngx_kqueue_notify_init(ngx_log_t *log)
    notify_kev.data = 0;
    notify_kev.flags = EV_ADD|EV_CLEAR;
    notify_kev.fflags = 0;
-    notify_kev.udata = NGX_KQUEUE_UDATA_T (uintptr_t) 0;
+    notify_kev.udata = 0;
    if (kevent(ngx_kqueue, &notify_kev, 1, NULL, 0, NULL) == -1) {
        ngx_log_error(NGX_LOG_ALERT, log, ngx_errno,
--- a/src/event/ngx_event.c
+++ b/src/event/ngx_event.c
@ -267,18 +267,6 @@ ngx_process_events_and_timers(ngx_cycle_t *cycle)
 ngx_int_t
 ngx_handle_read_event(ngx_event_t *rev, ngx_uint_t flags)
 {
 #if (NGX_QUIC)
    ngx_connection_t  *c;
    c = rev->data;
    if (c->quic) {
        return NGX_OK;
    }
 #endif
    if (ngx_event_flags & NGX_USE_CLEAR_EVENT) {
        /* kqueue, epoll */
@ -349,15 +337,9 @@ ngx_handle_write_event(ngx_event_t *wev, size_t lowat)
 {
    ngx_connection_t  *c;
    if (lowat) {
        c = wev->data;
 #if (NGX_QUIC)
    if (c->quic) {
        return NGX_OK;
    }
 #endif
    if (lowat) {
        if (ngx_send_lowat(c, lowat) == NGX_ERROR) {
            return NGX_ERROR;
        }
@ -434,7 +416,6 @@ ngx_event_init_conf(ngx_cycle_t *cycle, void *conf)
 {
 #if (NGX_HAVE_REUSEPORT)
    ngx_uint_t        i;
    ngx_core_conf_t  *ccf;
    ngx_listening_t  *ls;
 #endif
@ -461,9 +442,7 @@ ngx_event_init_conf(ngx_cycle_t *cycle, void *conf)
 #if (NGX_HAVE_REUSEPORT)
-    ccf = (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module);
+    if (!ngx_test_config) {
    if (!ngx_test_config && ccf->master) {
        ls = cycle->listening.elts;
        for (i = 0; i < cycle->listening.nelts; i++) {
@ -831,9 +810,7 @@ ngx_event_process_init(ngx_cycle_t *cycle)
        rev->deferred_accept = ls[i].deferred_accept;
 #endif
-        if (!(ngx_event_flags & NGX_USE_IOCP_EVENT)
+        if (!(ngx_event_flags & NGX_USE_IOCP_EVENT)) {
            && cycle->old_cycle)
        {
            if (ls[i].previous) {
                /*
@ -891,16 +868,8 @@ ngx_event_process_init(ngx_cycle_t *cycle)
 #else
-        if (c->type == SOCK_STREAM) {
+        rev->handler = (c->type == SOCK_STREAM) ? ngx_event_accept
-            rev->handler = ngx_event_accept;
+                                                : ngx_event_recvmsg;
 #if (NGX_QUIC)
        } else if (ls[i].quic) {
            rev->handler = ngx_quic_recvmsg;
 #endif
        } else {
            rev->handler = ngx_event_recvmsg;
        }
 #if (NGX_HAVE_REUSEPORT)
--- a/src/event/ngx_event_accept.c
+++ b/src/event/ngx_event_accept.c
@ -203,23 +203,6 @@ ngx_event_accept(ngx_event_t *ev)
            }
        }
 #if (NGX_HAVE_KEEPALIVE_TUNABLE && NGX_DARWIN)
        /* Darwin doesn't inherit TCP_KEEPALIVE from a listening socket */
        if (ls->keepidle) {
            if (setsockopt(s, IPPROTO_TCP, TCP_KEEPALIVE,
                           (const void *) &ls->keepidle, sizeof(int))
                == -1)
            {
                ngx_log_error(NGX_LOG_ALERT, ev->log, ngx_socket_errno,
                              "setsockopt(TCP_KEEPALIVE, %d) failed, ignored",
                              ls->keepidle);
            }
        }
 #endif
        *log = ls->log;
        c->recv = ngx_recv;
--- a/src/event/ngx_event_connectex.c
+++ b/src/event/ngx_event_connectex.c
@ -127,8 +127,8 @@ void ngx_iocp_wait_events(int main)
    conn[0] = NULL;
    for ( ;; ) {
-        offset = (nevents == WSA_MAXIMUM_WAIT_EVENTS + 1) ? 1 : 0;
+        offset = (nevents == WSA_MAXIMUM_WAIT_EVENTS + 1) ? 1: 0;
-        timeout = (nevents == 1 && !first) ? 60000 : INFINITE;
+        timeout = (nevents == 1 && !first) ? 60000: INFINITE;
        n = WSAWaitForMultipleEvents(nevents - offset, events[offset],
                                     0, timeout, 0);
--- a/src/event/ngx_event_openssl.c
+++ b/src/event/ngx_event_openssl.c
--- a/src/event/ngx_event_openssl.h
+++ b/src/event/ngx_event_openssl.h
@ -19,9 +19,7 @@
 #include <openssl/bn.h>
 #include <openssl/conf.h>
 #include <openssl/crypto.h>
 #ifndef OPENSSL_NO_DH
 #include <openssl/dh.h>
 #endif
 #ifndef OPENSSL_NO_ENGINE
 #include <openssl/engine.h>
 #endif
@ -39,7 +37,7 @@
 #if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
 #undef OPENSSL_VERSION_NUMBER
-#if (LIBRESSL_VERSION_NUMBER >= 0x3050000fL)
+#if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL)
 #define OPENSSL_VERSION_NUMBER  0x1010000fL
 #else
 #define OPENSSL_VERSION_NUMBER  0x1000107fL
@ -77,22 +75,6 @@
 #endif
 #ifdef OPENSSL_NO_DEPRECATED_3_4
 #define SSL_SESSION_get_time(s)      SSL_SESSION_get_time_ex(s)
 #define SSL_SESSION_set_time(s, t)   SSL_SESSION_set_time_ex(s, t)
 #endif
 #ifdef OPENSSL_NO_DEPRECATED_3_0
 #define EVP_CIPHER_CTX_cipher(c)     EVP_CIPHER_CTX_get0_cipher(c)
 #endif
 #if (OPENSSL_VERSION_NUMBER < 0x30000000L)
 #define SSL_group_to_name(s, nid)    NULL
 #endif
 typedef struct ngx_ssl_ocsp_s  ngx_ssl_ocsp_t;
@ -100,11 +82,6 @@ struct ngx_ssl_s {
    SSL_CTX                    *ctx;
    ngx_log_t                  *log;
    size_t                      buffer_size;
    ngx_array_t                 certs;
    ngx_rbtree_t                staple_rbtree;
    ngx_rbtree_node_t           staple_sentinel;
 };
@ -137,13 +114,11 @@ struct ngx_ssl_connection_s {
    unsigned                    no_send_shutdown:1;
    unsigned                    shutdown_without_free:1;
    unsigned                    handshake_buffer_set:1;
    unsigned                    session_timeout_set:1;
    unsigned                    try_early_data:1;
    unsigned                    in_early:1;
    unsigned                    in_ocsp:1;
    unsigned                    early_preread:1;
    unsigned                    write_blocked:1;
    unsigned                    sni_accepted:1;
 };
@ -153,48 +128,41 @@ struct ngx_ssl_connection_s {
 #define NGX_SSL_DFLT_BUILTIN_SCACHE  -5
-#define NGX_SSL_MAX_SESSION_SIZE  8192
+#define NGX_SSL_MAX_SESSION_SIZE  4096
 typedef struct ngx_ssl_sess_id_s  ngx_ssl_sess_id_t;
 struct ngx_ssl_sess_id_s {
    ngx_rbtree_node_t           node;
    u_char                     *id;
    size_t                      len;
    u_char                     *session;
    ngx_queue_t                 queue;
    time_t                      expire;
    u_char                      id[32];
 #if (NGX_PTR_SIZE == 8)
-    u_char                     *session;
+    void                       *stub;
-#else
+    u_char                      sess_id[32];
    u_char                      session[1];
 #endif
 };
 typedef struct {
    u_char                      name[16];
    u_char                      hmac_key[32];
    u_char                      aes_key[32];
    time_t                      expire;
    unsigned                    size:8;
    unsigned                    shared:1;
 } ngx_ssl_ticket_key_t;
 typedef struct {
    ngx_rbtree_t                session_rbtree;
    ngx_rbtree_node_t           sentinel;
    ngx_queue_t                 expire_queue;
    ngx_ssl_ticket_key_t        ticket_keys[3];
    time_t                      fail_time;
 } ngx_ssl_session_cache_t;
-typedef int (*ngx_ssl_servername_pt)(ngx_ssl_conn_t *, int *, void *);
+#ifdef SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB
 typedef struct {
-    ngx_ssl_servername_pt       servername;
+    size_t                      size;
-} ngx_ssl_client_hello_arg;
+    u_char                      name[16];
    u_char                      hmac_key[32];
    u_char                      aes_key[32];
 } ngx_ssl_session_ticket_key_t;
 #endif
 #define NGX_SSL_SSLv2    0x0002
@ -205,27 +173,12 @@ typedef struct {
 #define NGX_SSL_TLSv1_3  0x0040
 #if (defined SSL_OP_NO_TLSv1_2 || defined SSL_OP_NO_TLSv1_3)
 #define NGX_SSL_DEFAULT_PROTOCOLS  (NGX_SSL_TLSv1_2|NGX_SSL_TLSv1_3)
 #else
 #define NGX_SSL_DEFAULT_PROTOCOLS  (NGX_SSL_TLSv1|NGX_SSL_TLSv1_1)
 #endif
 #define NGX_SSL_BUFFER   1
 #define NGX_SSL_CLIENT   2
 #define NGX_SSL_BUFSIZE  16384
 #define NGX_SSL_CACHE_CERT  0
 #define NGX_SSL_CACHE_PKEY  1
 #define NGX_SSL_CACHE_CRL   2
 #define NGX_SSL_CACHE_CA    3
 #define NGX_SSL_CACHE_INVALIDATE  0x80000000
 ngx_int_t ngx_ssl_init(ngx_log_t *log);
 ngx_int_t ngx_ssl_create(ngx_ssl_t *ssl, ngx_uint_t protocols, void *data);
@ -234,10 +187,7 @@ ngx_int_t ngx_ssl_certificates(ngx_conf_t *cf, ngx_ssl_t *ssl,
 ngx_int_t ngx_ssl_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_str_t *cert, ngx_str_t *key, ngx_array_t *passwords);
 ngx_int_t ngx_ssl_connection_certificate(ngx_connection_t *c, ngx_pool_t *pool,
-    ngx_str_t *cert, ngx_str_t *key, ngx_ssl_cache_t *cache,
+    ngx_str_t *cert, ngx_str_t *key, ngx_array_t *passwords);
    ngx_array_t *passwords);
 ngx_int_t ngx_ssl_certificate_compression(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_uint_t enable);
 ngx_int_t ngx_ssl_ciphers(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *ciphers,
    ngx_uint_t prefer_server_ciphers);
@ -254,25 +204,14 @@ ngx_int_t ngx_ssl_ocsp(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *responder,
    ngx_uint_t depth, ngx_shm_zone_t *shm_zone);
 ngx_int_t ngx_ssl_ocsp_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_resolver_t *resolver, ngx_msec_t resolver_timeout);
 ngx_int_t ngx_ssl_ocsp_validate(ngx_connection_t *c);
 ngx_int_t ngx_ssl_ocsp_get_status(ngx_connection_t *c, const char **s);
 void ngx_ssl_ocsp_cleanup(ngx_connection_t *c);
 ngx_int_t ngx_ssl_ocsp_cache_init(ngx_shm_zone_t *shm_zone, void *data);
 ngx_ssl_cache_t *ngx_ssl_cache_init(ngx_pool_t *pool, ngx_uint_t max,
    time_t valid, time_t inactive);
 void *ngx_ssl_cache_fetch(ngx_conf_t *cf, ngx_uint_t index, char **err,
    ngx_str_t *path, void *data);
 void *ngx_ssl_cache_connection_fetch(ngx_ssl_cache_t *cache, ngx_pool_t *pool,
    ngx_uint_t index, char **err, ngx_str_t *path, void *data);
 ngx_array_t *ngx_ssl_read_password_file(ngx_conf_t *cf, ngx_str_t *file);
 ngx_array_t *ngx_ssl_preserve_passwords(ngx_conf_t *cf,
    ngx_array_t *passwords);
 ngx_int_t ngx_ssl_dhparam(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file);
 ngx_int_t ngx_ssl_ech_files(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_array_t *filename);
 ngx_int_t ngx_ssl_ecdh_curve(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *name);
 ngx_int_t ngx_ssl_early_data(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_uint_t enable);
@ -288,15 +227,6 @@ ngx_int_t ngx_ssl_session_ticket_keys(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_array_t *paths);
 ngx_int_t ngx_ssl_session_cache_init(ngx_shm_zone_t *shm_zone, void *data);
 ngx_int_t ngx_ssl_set_client_hello_callback(ngx_ssl_t *ssl,
    ngx_ssl_client_hello_arg *cb);
 #ifdef SSL_CLIENT_HELLO_SUCCESS
 int ngx_ssl_client_hello_callback(ngx_ssl_conn_t *ssl_conn, int *ad, void *arg);
 #elif defined OPENSSL_IS_BORINGSSL
 enum ssl_select_cert_result_t ngx_ssl_select_certificate(
    const SSL_CLIENT_HELLO *client_hello);
 #endif
 ngx_int_t ngx_ssl_create_connection(ngx_ssl_t *ssl, ngx_connection_t *c,
    ngx_uint_t flags);
@ -330,8 +260,6 @@ ngx_int_t ngx_ssl_get_curve(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_curves(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_sigalg(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_session_id(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_session_reused(ngx_connection_t *c, ngx_pool_t *pool,
@ -340,10 +268,6 @@ ngx_int_t ngx_ssl_get_early_data(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_server_name(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_ech_status(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_ech_outer_server_name(ngx_connection_t *c,
    ngx_pool_t *pool, ngx_str_t *s);
 ngx_int_t ngx_ssl_get_alpn_protocol(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_raw_certificate(ngx_connection_t *c, ngx_pool_t *pool,
@ -372,14 +296,9 @@ ngx_int_t ngx_ssl_get_client_v_end(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_client_v_remain(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_get_client_sigalg(ngx_connection_t *c, ngx_pool_t *pool,
    ngx_str_t *s);
 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);
 #if (NGX_DEBUG)
 void ngx_ssl_handshake_log(ngx_connection_t *c);
 #endif
 ssize_t ngx_ssl_recv(ngx_connection_t *c, u_char *buf, size_t size);
 ssize_t ngx_ssl_write(ngx_connection_t *c, u_char *data, size_t size);
 ssize_t ngx_ssl_recv_chain(ngx_connection_t *c, ngx_chain_t *cl, off_t limit);
@ -387,8 +306,6 @@ ngx_chain_t *ngx_ssl_send_chain(ngx_connection_t *c, ngx_chain_t *in,
    off_t limit);
 void ngx_ssl_free_buffer(ngx_connection_t *c);
 ngx_int_t ngx_ssl_shutdown(ngx_connection_t *c);
 void ngx_ssl_connection_error(ngx_connection_t *c, int sslerr, ngx_err_t err,
    char *text);
 void ngx_cdecl ngx_ssl_error(ngx_uint_t level, ngx_log_t *log, ngx_err_t err,
    char *fmt, ...);
 void ngx_ssl_cleanup_ctx(void *data);
@ -397,15 +314,12 @@ void ngx_ssl_cleanup_ctx(void *data);
 extern int  ngx_ssl_connection_index;
 extern int  ngx_ssl_server_conf_index;
 extern int  ngx_ssl_session_cache_index;
-extern int  ngx_ssl_ticket_keys_index;
+extern int  ngx_ssl_session_ticket_keys_index;
 extern int  ngx_ssl_ocsp_index;
-extern int  ngx_ssl_index;
+extern int  ngx_ssl_certificate_index;
 extern int  ngx_ssl_next_certificate_index;
 extern int  ngx_ssl_certificate_name_index;
-extern int  ngx_ssl_certificate_comp_index;
+extern int  ngx_ssl_stapling_index;
 extern int  ngx_ssl_client_hello_arg_index;
 extern u_char  ngx_ssl_session_buffer[NGX_SSL_MAX_SESSION_SIZE];
 #endif /* _NGX_EVENT_OPENSSL_H_INCLUDED_ */
--- a/src/event/ngx_event_openssl_cache.c
+++ b/src/event/ngx_event_openssl_cache.c
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c
@ -15,8 +15,6 @@
 typedef struct {
    ngx_rbtree_node_t            node;
    ngx_str_t                    staple;
    ngx_msec_t                   timeout;
@ -156,7 +154,6 @@ static ngx_int_t ngx_ssl_stapling_responder(ngx_conf_t *cf, ngx_ssl_t *ssl,
 static int ngx_ssl_certificate_status_callback(ngx_ssl_conn_t *ssl_conn,
    void *data);
 static ngx_ssl_stapling_t *ngx_ssl_stapling_lookup(ngx_ssl_t *ssl, X509 *cert);
 static void ngx_ssl_stapling_update(ngx_ssl_stapling_t *staple);
 static void ngx_ssl_stapling_ocsp_handler(ngx_ssl_ocsp_ctx_t *ctx);
@ -199,11 +196,11 @@ ngx_ssl_stapling(ngx_conf_t *cf, ngx_ssl_t *ssl, ngx_str_t *file,
    ngx_str_t *responder, ngx_uint_t verify)
 {
    X509  *cert;
    ngx_uint_t   k;
    for (k = 0; k < ssl->certs.nelts; k++) {
        cert = ((X509 **) ssl->certs.elts)[k];
    for (cert = SSL_CTX_get_ex_data(ssl->ctx, ngx_ssl_certificate_index);
         cert;
         cert = X509_get_ex_data(cert, ngx_ssl_next_certificate_index))
    {
        if (ngx_ssl_stapling_certificate(cf, ssl, cert, file, responder, verify)
            != NGX_OK)
        {
@ -238,9 +235,10 @@ ngx_ssl_stapling_certificate(ngx_conf_t *cf, ngx_ssl_t *ssl, X509 *cert,
    cln->handler = ngx_ssl_stapling_cleanup;
    cln->data = staple;
-    staple->node.key = (ngx_rbtree_key_t) cert;
+    if (X509_set_ex_data(cert, ngx_ssl_stapling_index, staple) == 0) {
-
+        ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0, "X509_set_ex_data() failed");
-    ngx_rbtree_insert(&ssl->staple_rbtree, &staple->node);
+        return NGX_ERROR;
    }
 #ifdef SSL_CTRL_SELECT_CURRENT_CERT
    /* OpenSSL 1.0.2+ */
@ -547,21 +545,14 @@ ngx_int_t
 ngx_ssl_stapling_resolver(ngx_conf_t *cf, ngx_ssl_t *ssl,
    ngx_resolver_t *resolver, ngx_msec_t resolver_timeout)
 {
-    ngx_rbtree_t        *tree;
+    X509                *cert;
    ngx_rbtree_node_t   *node;
    ngx_ssl_stapling_t  *staple;
-    tree = &ssl->staple_rbtree;
+    for (cert = SSL_CTX_get_ex_data(ssl->ctx, ngx_ssl_certificate_index);
-
+         cert;
-    if (tree->root == tree->sentinel) {
+         cert = X509_get_ex_data(cert, ngx_ssl_next_certificate_index))
        return NGX_OK;
    }
    for (node = ngx_rbtree_min(tree->root, tree->sentinel);
         node;
         node = ngx_rbtree_next(tree, node))
    {
-        staple = ngx_rbtree_data(node, ngx_ssl_stapling_t, node);
+        staple = X509_get_ex_data(cert, ngx_ssl_stapling_index);
        staple->resolver = resolver;
        staple->resolver_timeout = resolver_timeout;
    }
@ -576,8 +567,6 @@ ngx_ssl_certificate_status_callback(ngx_ssl_conn_t *ssl_conn, void *data)
    int                  rc;
    X509                *cert;
    u_char              *p;
    SSL_CTX             *ssl_ctx;
    ngx_ssl_t           *ssl;
    ngx_connection_t    *c;
    ngx_ssl_stapling_t  *staple;
@ -594,10 +583,7 @@ ngx_ssl_certificate_status_callback(ngx_ssl_conn_t *ssl_conn, void *data)
        return rc;
    }
-    ssl_ctx = SSL_get_SSL_CTX(ssl_conn);
+    staple = X509_get_ex_data(cert, ngx_ssl_stapling_index);
    ssl = SSL_CTX_get_ex_data(ssl_ctx, ngx_ssl_index);
    staple = ngx_ssl_stapling_lookup(ssl, cert);
    if (staple == NULL) {
        return rc;
@ -627,30 +613,6 @@ ngx_ssl_certificate_status_callback(ngx_ssl_conn_t *ssl_conn, void *data)
 }
 static ngx_ssl_stapling_t *
 ngx_ssl_stapling_lookup(ngx_ssl_t *ssl, X509 *cert)
 {
    ngx_rbtree_key_t    key;
    ngx_rbtree_node_t  *node, *sentinel;
    node = ssl->staple_rbtree.root;
    sentinel = ssl->staple_rbtree.sentinel;
    key = (ngx_rbtree_key_t) cert;
    while (node != sentinel) {
        if (key != node->key) {
            node = (key < node->key) ? node->left : node->right;
            continue;
        }
        return ngx_rbtree_data(node, ngx_ssl_stapling_t, node);
    }
    return NULL;
 }
 static void
 ngx_ssl_stapling_update(ngx_ssl_stapling_t *staple)
 {
@ -931,7 +893,7 @@ ngx_ssl_ocsp_validate(ngx_connection_t *c)
    ocsp->cert_status = V_OCSP_CERTSTATUS_GOOD;
    ocsp->conf = ocf;
-#if OPENSSL_VERSION_NUMBER >= 0x10100000L
+#if (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined LIBRESSL_VERSION_NUMBER)
    ocsp->certs = SSL_get0_verified_chain(c->ssl->connection);
--- a/src/event/ngx_event_pipe.c
+++ b/src/event/ngx_event_pipe.c
@ -57,9 +57,7 @@ ngx_event_pipe(ngx_event_pipe_t *p, ngx_int_t do_write)
        do_write = 1;
    }
-    if (p->upstream
+    if (p->upstream->fd != (ngx_socket_t) -1) {
        && p->upstream->fd != (ngx_socket_t) -1)
    {
        rev = p->upstream->read;
        flags = (rev->eof || rev->error) ? NGX_CLOSE_EVENT : 0;
@ -110,9 +108,7 @@ ngx_event_pipe_read_upstream(ngx_event_pipe_t *p)
    ngx_msec_t    delay;
    ngx_chain_t  *chain, *cl, *ln;
-    if (p->upstream_eof || p->upstream_error || p->upstream_done
+    if (p->upstream_eof || p->upstream_error || p->upstream_done) {
        || p->upstream == NULL)
    {
        return NGX_OK;
    }
--- a/src/event/ngx_event_udp.c
+++ b/src/event/ngx_event_udp.c
@ -12,6 +12,13 @@
 #if !(NGX_WIN32)
 struct ngx_udp_connection_s {
    ngx_rbtree_node_t   node;
    ngx_connection_t   *connection;
    ngx_buf_t          *buffer;
 };
 static void ngx_close_accepted_udp_connection(ngx_connection_t *c);
 static ssize_t ngx_udp_shared_recv(ngx_connection_t *c, u_char *buf,
    size_t size);
@ -417,8 +424,8 @@ ngx_udp_rbtree_insert_value(ngx_rbtree_node_t *temp,
            udpt = (ngx_udp_connection_t *) temp;
            ct = udpt->connection;
-            rc = ngx_memn2cmp(udp->key.data, udpt->key.data,
+            rc = ngx_cmp_sockaddr(c->sockaddr, c->socklen,
-                              udp->key.len, udpt->key.len);
+                                  ct->sockaddr, ct->socklen, 1);
            if (rc == 0 && c->listening->wildcard) {
                rc = ngx_cmp_sockaddr(c->local_sockaddr, c->local_socklen,
@ -471,8 +478,6 @@ ngx_insert_udp_connection(ngx_connection_t *c)
    ngx_crc32_final(hash);
    udp->node.key = hash;
    udp->key.data = (u_char *) c->sockaddr;
    udp->key.len = c->socklen;
    cln = ngx_pool_cleanup_add(c->pool, 0);
    if (cln == NULL) {
--- a/src/event/ngx_event_udp.h
+++ b/src/event/ngx_event_udp.h
@ -23,14 +23,6 @@
 #endif
 struct ngx_udp_connection_s {
    ngx_rbtree_node_t   node;
    ngx_connection_t   *connection;
    ngx_buf_t          *buffer;
    ngx_str_t           key;
 };
 #if (NGX_HAVE_ADDRINFO_CMSG)
 typedef union {
--- a/src/event/quic/bpf/bpfgen.sh
+++ b/src/event/quic/bpf/bpfgen.sh
@ -1,113 +0,0 @@
 #!/bin/bash
 export LANG=C
 set -e
 if [ $# -lt 1 ]; then
    echo "Usage: PROGNAME=foo LICENSE=bar $0 <bpf object file>"
    exit 1
 fi
 self=$0
 filename=$1
 funcname=$PROGNAME
 generate_head()
 {
    cat << END
 /* AUTO-GENERATED, DO NOT EDIT. */
 #include <stddef.h>
 #include <stdint.h>
 #include "ngx_bpf.h"
 END
 }
 generate_tail()
 {
    cat << END
 ngx_bpf_program_t $PROGNAME = {
    .relocs = bpf_reloc_prog_$funcname,
    .nrelocs = sizeof(bpf_reloc_prog_$funcname)
               / sizeof(bpf_reloc_prog_$funcname[0]),
    .ins = bpf_insn_prog_$funcname,
    .nins = sizeof(bpf_insn_prog_$funcname)
            / sizeof(bpf_insn_prog_$funcname[0]),
    .license = "$LICENSE",
    .type = BPF_PROG_TYPE_SK_REUSEPORT,
 };
 END
 }
 process_relocations()
 {
    echo "static ngx_bpf_reloc_t bpf_reloc_prog_$funcname[] = {"
    objdump -r $filename | awk '{
    if (enabled && $NF > 0) {
        off = strtonum(sprintf("0x%s", $1));
        name = $3;
        printf("    { \"%s\", %d },\n", name, off/8);
    }
    if ($1 == "OFFSET") {
        enabled=1;
    }
 }'
    echo "};"
    echo
 }
 process_section()
 {
    echo "static struct bpf_insn bpf_insn_prog_$funcname[] = {"
    echo "    /* opcode dst          src         offset imm */"
    section_info=$(objdump -h $filename --section=$funcname | grep "1 $funcname")
    # dd doesn't know hex
    length=$(printf "%d" 0x$(echo $section_info | cut -d ' ' -f3))
    offset=$(printf "%d" 0x$(echo $section_info | cut -d ' ' -f6))
    for ins in $(dd if="$filename" bs=1 count=$length skip=$offset status=none | xxd -p -c 8)
    do
        opcode=0x${ins:0:2}
        srcdst=0x${ins:2:2}
        # bytes are dumped in LE order
        offset=0x${ins:6:2}${ins:4:2}                        # short
        immedi=0x${ins:14:2}${ins:12:2}${ins:10:2}${ins:8:2} # int
        dst="$(($srcdst & 0xF))"
        src="$(($srcdst & 0xF0))"
        src="$(($src >> 4))"
        opcode=$(printf "0x%x" $opcode)
        dst=$(printf "BPF_REG_%d" $dst)
        src=$(printf "BPF_REG_%d" $src)
        offset=$(printf "%d" $offset)
        immedi=$(printf "0x%x" $immedi)
        printf "    { %4s, %11s, %11s, (int16_t) %6s, %10s },\n" $opcode $dst $src $offset $immedi
    done
 cat << END
 };
 END
 }
 generate_head
 process_relocations
 process_section
 generate_tail
--- a/src/event/quic/bpf/makefile
+++ b/src/event/quic/bpf/makefile
@ -1,30 +0,0 @@
 CFLAGS=-O2 -Wall
 LICENSE=BSD
 PROGNAME=ngx_quic_reuseport_helper
 RESULT=ngx_event_quic_bpf_code
 DEST=../$(RESULT).c
 all: $(RESULT)
 $(RESULT): $(PROGNAME).o
 	LICENSE=$(LICENSE) PROGNAME=$(PROGNAME) bash ./bpfgen.sh $< > $@
 DEFS=-DPROGNAME=\"$(PROGNAME)\"                                               \
     -DLICENSE_$(LICENSE)                                                     \
     -DLICENSE=\"$(LICENSE)\"                                                 \
 $(PROGNAME).o: $(PROGNAME).c
 	clang $(CFLAGS) $(DEFS) -target bpf -c $< -o $@
 install: $(RESULT)
 	cp $(RESULT) $(DEST)
 clean:
 	@rm -f $(RESULT) *.o
 debug: $(PROGNAME).o
 	llvm-objdump -S --no-show-raw-insn $<
 .DELETE_ON_ERROR:
--- a/src/event/quic/bpf/ngx_quic_reuseport_helper.c
+++ b/src/event/quic/bpf/ngx_quic_reuseport_helper.c
@ -1,140 +0,0 @@
 #include <errno.h>
 #include <linux/string.h>
 #include <linux/udp.h>
 #include <linux/bpf.h>
 /*
 * the bpf_helpers.h is not included into linux-headers, only available
 * with kernel sources in "tools/lib/bpf/bpf_helpers.h" or in libbpf.
 */
 #include <bpf/bpf_helpers.h>
 #if !defined(SEC)
 #define SEC(NAME)  __attribute__((section(NAME), used))
 #endif
 #if defined(LICENSE_GPL)
 /*
 * To see debug:
 *
 *  echo 1 > /sys/kernel/debug/tracing/events/bpf_trace/enable
 *  cat /sys/kernel/debug/tracing/trace_pipe
 *  echo 0 > /sys/kernel/debug/tracing/events/bpf_trace/enable
 */
 #define debugmsg(fmt, ...)                                                    \
 do {                                                                          \
    char __buf[] = fmt;                                                       \
    bpf_trace_printk(__buf, sizeof(__buf), ##__VA_ARGS__);                    \
 } while (0)
 #else
 #define debugmsg(fmt, ...)
 #endif
 char _license[] SEC("license") = LICENSE;
 /*****************************************************************************/
 #define NGX_QUIC_PKT_LONG        0x80  /* header form */
 #define NGX_QUIC_SERVER_CID_LEN  20
 #define advance_data(nbytes)                                                  \
    offset += nbytes;                                                         \
    if (start + offset > end) {                                               \
        debugmsg("cannot read %ld bytes at offset %ld", nbytes, offset);      \
        goto failed;                                                          \
    }                                                                         \
    data = start + offset - 1;
 #define ngx_quic_parse_uint64(p)                                              \
    (((__u64)(p)[0] << 56) |                                                  \
     ((__u64)(p)[1] << 48) |                                                  \
     ((__u64)(p)[2] << 40) |                                                  \
     ((__u64)(p)[3] << 32) |                                                  \
     ((__u64)(p)[4] << 24) |                                                  \
     ((__u64)(p)[5] << 16) |                                                  \
     ((__u64)(p)[6] << 8)  |                                                  \
     ((__u64)(p)[7]))
 /*
 * actual map object is created by the "bpf" system call,
 * all pointers to this variable are replaced by the bpf loader
 */
 struct bpf_map_def SEC("maps") ngx_quic_sockmap;
 SEC(PROGNAME)
 int ngx_quic_select_socket_by_dcid(struct sk_reuseport_md *ctx)
 {
    int             rc;
    __u64           key;
    size_t          len, offset;
    unsigned char  *start, *end, *data, *dcid;
    start = ctx->data;
    end = (unsigned char *) ctx->data_end;
    offset = 0;
    advance_data(sizeof(struct udphdr)); /* data at UDP header */
    advance_data(1); /* data at QUIC flags */
    if (data[0] & NGX_QUIC_PKT_LONG) {
        advance_data(4); /* data at QUIC version */
        advance_data(1); /* data at DCID len */
        len = data[0];   /* read DCID length */
        if (len < 8) {
            /* it's useless to search for key in such short DCID */
            return SK_PASS;
        }
    } else {
        len = NGX_QUIC_SERVER_CID_LEN;
    }
    dcid = &data[1];
    advance_data(len); /* we expect the packet to have full DCID */
    /* make verifier happy */
    if (dcid + sizeof(__u64) > end) {
        goto failed;
    }
    key = ngx_quic_parse_uint64(dcid);
    rc = bpf_sk_select_reuseport(ctx, &ngx_quic_sockmap, &key, 0);
    switch (rc) {
    case 0:
        debugmsg("nginx quic socket selected by key 0x%llx", key);
        return SK_PASS;
    /* kernel returns positive error numbers, errno.h defines positive */
    case -ENOENT:
        debugmsg("nginx quic default route for key 0x%llx", key);
        /* let the default reuseport logic decide which socket to choose */
        return SK_PASS;
    default:
        debugmsg("nginx quic bpf_sk_select_reuseport err: %d key 0x%llx",
                 rc, key);
        goto failed;
    }
 failed:
    /*
     * SK_DROP will generate ICMP, but we may want to process "invalid" packet
     * in userspace quic to investigate further and finally react properly
     * (maybe ignore, maybe send something in response or close connection)
     */
    return SK_PASS;
 }
--- a/src/event/quic/ngx_event_quic.c
+++ b/src/event/quic/ngx_event_quic.c
--- a/src/event/quic/ngx_event_quic.h
+++ b/src/event/quic/ngx_event_quic.h
@ -1,145 +0,0 @@
 /*
 * Copyright (C) Nginx, Inc.
 */
 #ifndef _NGX_EVENT_QUIC_H_INCLUDED_
 #define _NGX_EVENT_QUIC_H_INCLUDED_
 #include <ngx_config.h>
 #include <ngx_core.h>
 #if (OPENSSL_VERSION_NUMBER >= 0x30500010L)
 #define NGX_QUIC_OPENSSL_API                 1
 #elif (defined SSL_R_MISSING_QUIC_TRANSPORT_PARAMETERS_EXTENSION)
 #define NGX_QUIC_QUICTLS_API                 1
 #elif (defined OPENSSL_IS_BORINGSSL || defined OPENSSL_IS_AWSLC               \
       || defined LIBRESSL_VERSION_NUMBER)
 #define NGX_QUIC_BORINGSSL_API               1
 #else
 #define NGX_QUIC_BORINGSSL_API               1
 #define NGX_QUIC_OPENSSL_COMPAT              1
 #endif
 #define NGX_QUIC_MAX_UDP_PAYLOAD_SIZE        65527
 #define NGX_QUIC_DEFAULT_ACK_DELAY_EXPONENT  3
 #define NGX_QUIC_DEFAULT_MAX_ACK_DELAY       25
 #define NGX_QUIC_DEFAULT_HOST_KEY_LEN        32
 #define NGX_QUIC_SR_KEY_LEN                  32
 #define NGX_QUIC_AV_KEY_LEN                  32
 #define NGX_QUIC_SR_TOKEN_LEN                16
 #define NGX_QUIC_MIN_INITIAL_SIZE            1200
 #define NGX_QUIC_STREAM_SERVER_INITIATED     0x01
 #define NGX_QUIC_STREAM_UNIDIRECTIONAL       0x02
 typedef ngx_int_t (*ngx_quic_init_pt)(ngx_connection_t *c);
 typedef void (*ngx_quic_shutdown_pt)(ngx_connection_t *c);
 typedef enum {
    NGX_QUIC_STREAM_SEND_READY = 0,
    NGX_QUIC_STREAM_SEND_SEND,
    NGX_QUIC_STREAM_SEND_DATA_SENT,
    NGX_QUIC_STREAM_SEND_DATA_RECVD,
    NGX_QUIC_STREAM_SEND_RESET_SENT,
    NGX_QUIC_STREAM_SEND_RESET_RECVD
 } ngx_quic_stream_send_state_e;
 typedef enum {
    NGX_QUIC_STREAM_RECV_RECV = 0,
    NGX_QUIC_STREAM_RECV_SIZE_KNOWN,
    NGX_QUIC_STREAM_RECV_DATA_RECVD,
    NGX_QUIC_STREAM_RECV_DATA_READ,
    NGX_QUIC_STREAM_RECV_RESET_RECVD,
    NGX_QUIC_STREAM_RECV_RESET_READ
 } ngx_quic_stream_recv_state_e;
 typedef struct {
    uint64_t                       size;
    uint64_t                       offset;
    uint64_t                       last_offset;
    ngx_chain_t                   *chain;
    ngx_chain_t                   *last_chain;
 } ngx_quic_buffer_t;
 typedef struct {
    ngx_ssl_t                     *ssl;
    ngx_flag_t                     retry;
    ngx_flag_t                     gso_enabled;
    ngx_flag_t                     disable_active_migration;
    ngx_msec_t                     handshake_timeout;
    ngx_msec_t                     idle_timeout;
    ngx_str_t                      host_key;
    size_t                         stream_buffer_size;
    ngx_uint_t                     max_concurrent_streams_bidi;
    ngx_uint_t                     max_concurrent_streams_uni;
    ngx_uint_t                     active_connection_id_limit;
    ngx_int_t                      stream_close_code;
    ngx_int_t                      stream_reject_code_uni;
    ngx_int_t                      stream_reject_code_bidi;
    ngx_quic_init_pt               init;
    ngx_quic_shutdown_pt           shutdown;
    u_char                         av_token_key[NGX_QUIC_AV_KEY_LEN];
    u_char                         sr_token_key[NGX_QUIC_SR_KEY_LEN];
 } ngx_quic_conf_t;
 struct ngx_quic_stream_s {
    ngx_rbtree_node_t              node;
    ngx_queue_t                    queue;
    ngx_connection_t              *parent;
    ngx_connection_t              *connection;
    uint64_t                       id;
    uint64_t                       sent;
    uint64_t                       acked;
    uint64_t                       send_max_data;
    uint64_t                       send_offset;
    uint64_t                       send_final_size;
    uint64_t                       recv_max_data;
    uint64_t                       recv_offset;
    uint64_t                       recv_window;
    uint64_t                       recv_last;
    uint64_t                       recv_final_size;
    ngx_quic_buffer_t              send;
    ngx_quic_buffer_t              recv;
    ngx_quic_stream_send_state_e   send_state;
    ngx_quic_stream_recv_state_e   recv_state;
    unsigned                       cancelable:1;
    unsigned                       fin_acked:1;
 };
 void ngx_quic_recvmsg(ngx_event_t *ev);
 void ngx_quic_run(ngx_connection_t *c, ngx_quic_conf_t *conf);
 ngx_connection_t *ngx_quic_open_stream(ngx_connection_t *c, ngx_uint_t bidi);
 void ngx_quic_finalize_connection(ngx_connection_t *c, ngx_uint_t err,
    const char *reason);
 void ngx_quic_shutdown_connection(ngx_connection_t *c, ngx_uint_t err,
    const char *reason);
 ngx_int_t ngx_quic_reset_stream(ngx_connection_t *c, ngx_uint_t err);
 ngx_int_t ngx_quic_shutdown_stream(ngx_connection_t *c, int how);
 void ngx_quic_cancelable_stream(ngx_connection_t *c);
 ngx_int_t ngx_quic_get_packet_dcid(ngx_log_t *log, u_char *data, size_t len,
    ngx_str_t *dcid);
 ngx_int_t ngx_quic_derive_key(ngx_log_t *log, const char *label,
    ngx_str_t *secret, ngx_str_t *salt, u_char *out, size_t len);
 #endif /* _NGX_EVENT_QUIC_H_INCLUDED_ */
--- a/src/event/quic/ngx_event_quic_ack.c
+++ b/src/event/quic/ngx_event_quic_ack.c
--- a/src/event/quic/ngx_event_quic_ack.h
+++ b/src/event/quic/ngx_event_quic_ack.h
@ -1,31 +0,0 @@
 /*
 * Copyright (C) Nginx, Inc.
 */
 #ifndef _NGX_EVENT_QUIC_ACK_H_INCLUDED_
 #define _NGX_EVENT_QUIC_ACK_H_INCLUDED_
 #include <ngx_config.h>
 #include <ngx_core.h>
 ngx_int_t ngx_quic_handle_ack_frame(ngx_connection_t *c,
    ngx_quic_header_t *pkt, ngx_quic_frame_t *f);
 void ngx_quic_congestion_ack(ngx_connection_t *c,
    ngx_quic_frame_t *frame);
 void ngx_quic_congestion_idle(ngx_connection_t *c, ngx_uint_t idle);
 void ngx_quic_resend_frames(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx);
 void ngx_quic_set_lost_timer(ngx_connection_t *c);
 void ngx_quic_pto_handler(ngx_event_t *ev);
 ngx_msec_t ngx_quic_pto(ngx_connection_t *c, ngx_quic_send_ctx_t *ctx);
 ngx_int_t ngx_quic_ack_packet(ngx_connection_t *c,
    ngx_quic_header_t *pkt);
 ngx_int_t ngx_quic_generate_ack(ngx_connection_t *c,
    ngx_quic_send_ctx_t *ctx);
 #endif /* _NGX_EVENT_QUIC_ACK_H_INCLUDED_ */
--- a/src/event/quic/ngx_event_quic_bpf.c
+++ b/src/event/quic/ngx_event_quic_bpf.c
@ -1,657 +0,0 @@
 /*
 * Copyright (C) Nginx, Inc.
 */
 #include <ngx_config.h>
 #include <ngx_core.h>
 #define NGX_QUIC_BPF_VARNAME  "NGINX_BPF_MAPS"
 #define NGX_QUIC_BPF_VARSEP    ';'
 #define NGX_QUIC_BPF_ADDRSEP   '#'
 #define ngx_quic_bpf_get_conf(cycle)                                          \
    (ngx_quic_bpf_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_quic_bpf_module)
 #define ngx_quic_bpf_get_old_conf(cycle)                                      \
    cycle->old_cycle->conf_ctx ? ngx_quic_bpf_get_conf(cycle->old_cycle)      \
                               : NULL
 #define ngx_core_get_conf(cycle)                                              \
    (ngx_core_conf_t *) ngx_get_conf(cycle->conf_ctx, ngx_core_module)
 typedef struct {
    ngx_queue_t           queue;
    int                   map_fd;
    struct sockaddr      *sockaddr;
    socklen_t             socklen;
    ngx_uint_t            unused;     /* unsigned  unused:1; */
 } ngx_quic_sock_group_t;
 typedef struct {
    ngx_flag_t            enabled;
    ngx_uint_t            map_size;
    ngx_queue_t           groups;     /* of ngx_quic_sock_group_t */
 } ngx_quic_bpf_conf_t;
 static void *ngx_quic_bpf_create_conf(ngx_cycle_t *cycle);
 static ngx_int_t ngx_quic_bpf_module_init(ngx_cycle_t *cycle);
 static void ngx_quic_bpf_cleanup(void *data);
 static ngx_inline void ngx_quic_bpf_close(ngx_log_t *log, int fd,
    const char *name);
 static ngx_quic_sock_group_t *ngx_quic_bpf_find_group(ngx_quic_bpf_conf_t *bcf,
    ngx_listening_t *ls);
 static ngx_quic_sock_group_t *ngx_quic_bpf_alloc_group(ngx_cycle_t *cycle,
    struct sockaddr *sa, socklen_t socklen);
 static ngx_quic_sock_group_t *ngx_quic_bpf_create_group(ngx_cycle_t *cycle,
    ngx_listening_t *ls);
 static ngx_quic_sock_group_t *ngx_quic_bpf_get_group(ngx_cycle_t *cycle,
    ngx_listening_t *ls);
 static ngx_int_t ngx_quic_bpf_group_add_socket(ngx_cycle_t *cycle,
    ngx_listening_t *ls);
 static uint64_t ngx_quic_bpf_socket_key(ngx_fd_t fd, ngx_log_t *log);
 static ngx_int_t ngx_quic_bpf_export_maps(ngx_cycle_t *cycle);
 static ngx_int_t ngx_quic_bpf_import_maps(ngx_cycle_t *cycle);
 extern ngx_bpf_program_t  ngx_quic_reuseport_helper;
 static ngx_command_t  ngx_quic_bpf_commands[] = {
    { ngx_string("quic_bpf"),
      NGX_MAIN_CONF|NGX_DIRECT_CONF|NGX_CONF_FLAG,
      ngx_conf_set_flag_slot,
      0,
      offsetof(ngx_quic_bpf_conf_t, enabled),
      NULL },
      ngx_null_command
 };
 static ngx_core_module_t  ngx_quic_bpf_module_ctx = {
    ngx_string("quic_bpf"),
    ngx_quic_bpf_create_conf,
    NULL
 };
 ngx_module_t  ngx_quic_bpf_module = {
    NGX_MODULE_V1,
    &ngx_quic_bpf_module_ctx,              /* module context */
    ngx_quic_bpf_commands,                 /* module directives */
    NGX_CORE_MODULE,                       /* module type */
    NULL,                                  /* init master */
    ngx_quic_bpf_module_init,              /* init module */
    NULL,                                  /* init process */
    NULL,                                  /* init thread */
    NULL,                                  /* exit thread */
    NULL,                                  /* exit process */
    NULL,                                  /* exit master */
    NGX_MODULE_V1_PADDING
 };
 static void *
 ngx_quic_bpf_create_conf(ngx_cycle_t *cycle)
 {
    ngx_quic_bpf_conf_t  *bcf;
    bcf = ngx_pcalloc(cycle->pool, sizeof(ngx_quic_bpf_conf_t));
    if (bcf == NULL) {
        return NULL;
    }
    bcf->enabled = NGX_CONF_UNSET;
    bcf->map_size = NGX_CONF_UNSET_UINT;
    ngx_queue_init(&bcf->groups);
    return bcf;
 }
 static ngx_int_t
 ngx_quic_bpf_module_init(ngx_cycle_t *cycle)
 {
    ngx_uint_t            i;
    ngx_listening_t      *ls;
    ngx_core_conf_t      *ccf;
    ngx_pool_cleanup_t   *cln;
    ngx_quic_bpf_conf_t  *bcf;
    if (ngx_test_config) {
        /*
         * during config test, SO_REUSEPORT socket option is
         * not set, thus making further processing meaningless
         */
        return NGX_OK;
    }
    ccf = ngx_core_get_conf(cycle);
    bcf = ngx_quic_bpf_get_conf(cycle);
    ngx_conf_init_value(bcf->enabled, 0);
    bcf->map_size = ccf->worker_processes * 4;
    cln = ngx_pool_cleanup_add(cycle->pool, 0);
    if (cln == NULL) {
        goto failed;
    }
    cln->data = bcf;
    cln->handler = ngx_quic_bpf_cleanup;
    if (ngx_inherited && ngx_is_init_cycle(cycle->old_cycle)) {
        if (ngx_quic_bpf_import_maps(cycle) != NGX_OK) {
            goto failed;
        }
    }
    ls = cycle->listening.elts;
    for (i = 0; i < cycle->listening.nelts; i++) {
        if (ls[i].quic && ls[i].reuseport) {
            if (ngx_quic_bpf_group_add_socket(cycle, &ls[i]) != NGX_OK) {
                goto failed;
            }
        }
    }
    if (ngx_quic_bpf_export_maps(cycle) != NGX_OK) {
        goto failed;
    }
    return NGX_OK;
 failed:
    if (ngx_is_init_cycle(cycle->old_cycle)) {
        ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
                      "ngx_quic_bpf_module failed to initialize, check limits");
        /* refuse to start */
        return NGX_ERROR;
    }
    /*
     * returning error now will lead to master process exiting immediately
     * leaving worker processes orphaned, what is really unexpected.
     * Instead, just issue a not about failed initialization and try
     * to cleanup a bit. Still program can be already loaded to kernel
     * for some reuseport groups, and there is no way to revert, so
     * behaviour may be inconsistent.
     */
    ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
                  "ngx_quic_bpf_module failed to initialize properly, ignored."
                  "please check limits and note that nginx state now "
                  "can be inconsistent and restart may be required");
    return NGX_OK;
 }
 static void
 ngx_quic_bpf_cleanup(void *data)
 {
    ngx_quic_bpf_conf_t  *bcf = (ngx_quic_bpf_conf_t *) data;
    ngx_queue_t            *q;
    ngx_quic_sock_group_t  *grp;
    for (q = ngx_queue_head(&bcf->groups);
         q != ngx_queue_sentinel(&bcf->groups);
         q = ngx_queue_next(q))
    {
        grp = ngx_queue_data(q, ngx_quic_sock_group_t, queue);
        ngx_quic_bpf_close(ngx_cycle->log, grp->map_fd, "map");
    }
 }
 static ngx_inline void
 ngx_quic_bpf_close(ngx_log_t *log, int fd, const char *name)
 {
    if (close(fd) != -1) {
        return;
    }
    ngx_log_error(NGX_LOG_EMERG, log, ngx_errno,
                  "quic bpf close %s fd:%d failed", name, fd);
 }
 static ngx_quic_sock_group_t *
 ngx_quic_bpf_find_group(ngx_quic_bpf_conf_t *bcf, ngx_listening_t *ls)
 {
    ngx_queue_t            *q;
    ngx_quic_sock_group_t  *grp;
    for (q = ngx_queue_head(&bcf->groups);
         q != ngx_queue_sentinel(&bcf->groups);
         q = ngx_queue_next(q))
    {
        grp = ngx_queue_data(q, ngx_quic_sock_group_t, queue);
        if (ngx_cmp_sockaddr(ls->sockaddr, ls->socklen,
                             grp->sockaddr, grp->socklen, 1)
            == NGX_OK)
        {
            return grp;
        }
    }
    return NULL;
 }
 static ngx_quic_sock_group_t *
 ngx_quic_bpf_alloc_group(ngx_cycle_t *cycle, struct sockaddr *sa,
    socklen_t socklen)
 {
    ngx_quic_bpf_conf_t    *bcf;
    ngx_quic_sock_group_t  *grp;
    bcf = ngx_quic_bpf_get_conf(cycle);
    grp = ngx_pcalloc(cycle->pool, sizeof(ngx_quic_sock_group_t));
    if (grp == NULL) {
        return NULL;
    }
    grp->socklen = socklen;
    grp->sockaddr = ngx_palloc(cycle->pool, socklen);
    if (grp->sockaddr == NULL) {
        return NULL;
    }
    ngx_memcpy(grp->sockaddr, sa, socklen);
    ngx_queue_insert_tail(&bcf->groups, &grp->queue);
    return grp;
 }
 static ngx_quic_sock_group_t *
 ngx_quic_bpf_create_group(ngx_cycle_t *cycle, ngx_listening_t *ls)
 {
    int                     progfd, failed, flags, rc;
    ngx_quic_bpf_conf_t    *bcf;
    ngx_quic_sock_group_t  *grp;
    bcf = ngx_quic_bpf_get_conf(cycle);
    if (!bcf->enabled) {
        return NULL;
    }
    grp = ngx_quic_bpf_alloc_group(cycle, ls->sockaddr, ls->socklen);
    if (grp == NULL) {
        return NULL;
    }
    grp->map_fd = ngx_bpf_map_create(cycle->log, BPF_MAP_TYPE_SOCKHASH,
                                     sizeof(uint64_t), sizeof(uint64_t),
                                     bcf->map_size, 0);
    if (grp->map_fd == -1) {
        goto failed;
    }
    flags = fcntl(grp->map_fd, F_GETFD);
    if (flags == -1) {
        ngx_log_error(NGX_LOG_EMERG, cycle->log, errno,
                      "quic bpf getfd failed");
        goto failed;
    }
    /* need to inherit map during binary upgrade after exec */
    flags &= ~FD_CLOEXEC;
    rc = fcntl(grp->map_fd, F_SETFD, flags);
    if (rc == -1) {
        ngx_log_error(NGX_LOG_EMERG, cycle->log, errno,
                      "quic bpf setfd failed");
        goto failed;
    }
    ngx_bpf_program_link(&ngx_quic_reuseport_helper,
                         "ngx_quic_sockmap", grp->map_fd);
    progfd = ngx_bpf_load_program(cycle->log, &ngx_quic_reuseport_helper);
    if (progfd < 0) {
        goto failed;
    }
    failed = 0;
    if (setsockopt(ls->fd, SOL_SOCKET, SO_ATTACH_REUSEPORT_EBPF,
                   &progfd, sizeof(int))
        == -1)
    {
        ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_socket_errno,
                      "quic bpf setsockopt(SO_ATTACH_REUSEPORT_EBPF) failed");
        failed = 1;
    }
    ngx_quic_bpf_close(cycle->log, progfd, "program");
    if (failed) {
        goto failed;
    }
    ngx_log_debug1(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
                   "quic bpf sockmap created fd:%d", grp->map_fd);
    return grp;
 failed:
    if (grp->map_fd != -1) {
        ngx_quic_bpf_close(cycle->log, grp->map_fd, "map");
    }
    ngx_queue_remove(&grp->queue);
    return NULL;
 }
 static ngx_quic_sock_group_t *
 ngx_quic_bpf_get_group(ngx_cycle_t *cycle, ngx_listening_t *ls)
 {
    ngx_quic_bpf_conf_t    *bcf, *old_bcf;
    ngx_quic_sock_group_t  *grp, *ogrp;
    bcf = ngx_quic_bpf_get_conf(cycle);
    grp = ngx_quic_bpf_find_group(bcf, ls);
    if (grp) {
        return grp;
    }
    old_bcf = ngx_quic_bpf_get_old_conf(cycle);
    if (old_bcf == NULL) {
        return ngx_quic_bpf_create_group(cycle, ls);
    }
    ogrp = ngx_quic_bpf_find_group(old_bcf, ls);
    if (ogrp == NULL) {
        return ngx_quic_bpf_create_group(cycle, ls);
    }
    grp = ngx_quic_bpf_alloc_group(cycle, ls->sockaddr, ls->socklen);
    if (grp == NULL) {
        return NULL;
    }
    grp->map_fd = dup(ogrp->map_fd);
    if (grp->map_fd == -1) {
        ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
                      "quic bpf failed to duplicate bpf map descriptor");
        ngx_queue_remove(&grp->queue);
        return NULL;
    }
    ngx_log_debug2(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
                   "quic bpf sockmap fd duplicated old:%d new:%d",
                   ogrp->map_fd, grp->map_fd);
    return grp;
 }
 static ngx_int_t
 ngx_quic_bpf_group_add_socket(ngx_cycle_t *cycle,  ngx_listening_t *ls)
 {
    uint64_t                cookie;
    ngx_quic_bpf_conf_t    *bcf;
    ngx_quic_sock_group_t  *grp;
    bcf = ngx_quic_bpf_get_conf(cycle);
    grp = ngx_quic_bpf_get_group(cycle, ls);
    if (grp == NULL) {
        if (!bcf->enabled) {
            return NGX_OK;
        }
        return NGX_ERROR;
    }
    grp->unused = 0;
    cookie = ngx_quic_bpf_socket_key(ls->fd, cycle->log);
    if (cookie == (uint64_t) NGX_ERROR) {
        return NGX_ERROR;
    }
    /* map[cookie] = socket; for use in kernel helper */
    if (ngx_bpf_map_update(grp->map_fd, &cookie, &ls->fd, BPF_ANY) == -1) {
        ngx_log_error(NGX_LOG_EMERG, cycle->log, ngx_errno,
                      "quic bpf failed to update socket map key=%xL", cookie);
        return NGX_ERROR;
    }
    ngx_log_debug4(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
                 "quic bpf sockmap fd:%d add socket:%d cookie:0x%xL worker:%ui",
                 grp->map_fd, ls->fd, cookie, ls->worker);
    /* do not inherit this socket */
    ls->ignore = 1;
    return NGX_OK;
 }
 static uint64_t
 ngx_quic_bpf_socket_key(ngx_fd_t fd, ngx_log_t *log)
 {
    uint64_t   cookie;
    socklen_t  optlen;
    optlen = sizeof(cookie);
    if (getsockopt(fd, SOL_SOCKET, SO_COOKIE, &cookie, &optlen) == -1) {
        ngx_log_error(NGX_LOG_EMERG, log, ngx_socket_errno,
                      "quic bpf getsockopt(SO_COOKIE) failed");
        return (ngx_uint_t) NGX_ERROR;
    }
    return cookie;
 }
 static ngx_int_t
 ngx_quic_bpf_export_maps(ngx_cycle_t *cycle)
 {
    u_char                 *p, *buf;
    size_t                  len;
    ngx_str_t              *var;
    ngx_queue_t            *q;
    ngx_core_conf_t        *ccf;
    ngx_quic_bpf_conf_t    *bcf;
    ngx_quic_sock_group_t  *grp;
    ccf = ngx_core_get_conf(cycle);
    bcf = ngx_quic_bpf_get_conf(cycle);
    len = sizeof(NGX_QUIC_BPF_VARNAME) + 1;
    q = ngx_queue_head(&bcf->groups);
    while (q != ngx_queue_sentinel(&bcf->groups)) {
        grp = ngx_queue_data(q, ngx_quic_sock_group_t, queue);
        q = ngx_queue_next(q);
        if (grp->unused) {
            /*
             * map was inherited, but it is not used in this configuration;
             * do not pass such map further and drop the group to prevent
             * interference with changes during reload
             */
            ngx_quic_bpf_close(cycle->log, grp->map_fd, "map");
            ngx_queue_remove(&grp->queue);
            continue;
        }
        len += NGX_INT32_LEN + 1 + NGX_SOCKADDR_STRLEN + 1;
    }
    len++;
    buf = ngx_palloc(cycle->pool, len);
    if (buf == NULL) {
        return NGX_ERROR;
    }
    p = ngx_cpymem(buf, NGX_QUIC_BPF_VARNAME "=",
                   sizeof(NGX_QUIC_BPF_VARNAME));
    for (q = ngx_queue_head(&bcf->groups);
         q != ngx_queue_sentinel(&bcf->groups);
         q = ngx_queue_next(q))
    {
        grp = ngx_queue_data(q, ngx_quic_sock_group_t, queue);
        p = ngx_sprintf(p, "%ud", grp->map_fd);
        *p++ = NGX_QUIC_BPF_ADDRSEP;
        p += ngx_sock_ntop(grp->sockaddr, grp->socklen, p,
                           NGX_SOCKADDR_STRLEN, 1);
        *p++ = NGX_QUIC_BPF_VARSEP;
    }
    *p = '\0';
    var = ngx_array_push(&ccf->env);
    if (var == NULL) {
        return NGX_ERROR;
    }
    var->data = buf;
    var->len = sizeof(NGX_QUIC_BPF_VARNAME) - 1;
    return NGX_OK;
 }
 static ngx_int_t
 ngx_quic_bpf_import_maps(ngx_cycle_t *cycle)
 {
    int                     s;
    u_char                 *inherited, *p, *v;
    ngx_uint_t              in_fd;
    ngx_addr_t              tmp;
    ngx_quic_bpf_conf_t    *bcf;
    ngx_quic_sock_group_t  *grp;
    inherited = (u_char *) getenv(NGX_QUIC_BPF_VARNAME);
    if (inherited == NULL) {
        return NGX_OK;
    }
    bcf = ngx_quic_bpf_get_conf(cycle);
 #if (NGX_SUPPRESS_WARN)
    s = -1;
 #endif
    in_fd = 1;
    for (p = inherited, v = p; *p; p++) {
        switch (*p) {
        case NGX_QUIC_BPF_ADDRSEP:
            if (!in_fd) {
                ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
                              "quic bpf failed to parse inherited env");
                return NGX_ERROR;
            }
            in_fd = 0;
            s = ngx_atoi(v, p - v);
            if (s == NGX_ERROR) {
                ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
                              "quic bpf failed to parse inherited map fd");
                return NGX_ERROR;
            }
            v = p + 1;
            break;
        case NGX_QUIC_BPF_VARSEP:
            if (in_fd) {
                ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
                              "quic bpf failed to parse inherited env");
                return NGX_ERROR;
            }
            in_fd = 1;
            grp = ngx_pcalloc(cycle->pool,
                              sizeof(ngx_quic_sock_group_t));
            if (grp == NULL) {
                return NGX_ERROR;
            }
            grp->map_fd = s;
            if (ngx_parse_addr_port(cycle->pool, &tmp, v, p - v)
                != NGX_OK)
            {
                ngx_log_error(NGX_LOG_EMERG, cycle->log, 0,
                              "quic bpf failed to parse inherited"
                              " address '%*s'", p - v , v);
                ngx_quic_bpf_close(cycle->log, s, "inherited map");
                return NGX_ERROR;
            }
            grp->sockaddr = tmp.sockaddr;
            grp->socklen = tmp.socklen;
            grp->unused = 1;
            ngx_queue_insert_tail(&bcf->groups, &grp->queue);
            ngx_log_debug3(NGX_LOG_DEBUG_EVENT, cycle->log, 0,
                           "quic bpf sockmap inherited with "
                           "fd:%d address:%*s",
                           grp->map_fd, p - v, v);
            v = p + 1;
            break;
        default:
            break;
        }
    }
    return NGX_OK;
 }
--- a/src/event/quic/ngx_event_quic_bpf_code.c
+++ b/src/event/quic/ngx_event_quic_bpf_code.c
@ -1,88 +0,0 @@
 /* AUTO-GENERATED, DO NOT EDIT. */
 #include <stddef.h>
 #include <stdint.h>
 #include "ngx_bpf.h"
 static ngx_bpf_reloc_t bpf_reloc_prog_ngx_quic_reuseport_helper[] = {
    { "ngx_quic_sockmap", 55 },
 };
 static struct bpf_insn bpf_insn_prog_ngx_quic_reuseport_helper[] = {
    /* opcode dst          src         offset imm */
    { 0x79,   BPF_REG_4,   BPF_REG_1, (int16_t)      0,        0x0 },
    { 0x79,   BPF_REG_3,   BPF_REG_1, (int16_t)      8,        0x0 },
    { 0xbf,   BPF_REG_2,   BPF_REG_4, (int16_t)      0,        0x0 },
    {  0x7,   BPF_REG_2,   BPF_REG_0, (int16_t)      0,        0x8 },
    { 0x2d,   BPF_REG_2,   BPF_REG_3, (int16_t)     54,        0x0 },
    { 0xbf,   BPF_REG_5,   BPF_REG_4, (int16_t)      0,        0x0 },
    {  0x7,   BPF_REG_5,   BPF_REG_0, (int16_t)      0,        0x9 },
    { 0x2d,   BPF_REG_5,   BPF_REG_3, (int16_t)     51,        0x0 },
    { 0xb7,   BPF_REG_5,   BPF_REG_0, (int16_t)      0,       0x14 },
    { 0xb7,   BPF_REG_0,   BPF_REG_0, (int16_t)      0,        0x9 },
    { 0x71,   BPF_REG_6,   BPF_REG_2, (int16_t)      0,        0x0 },
    { 0x67,   BPF_REG_6,   BPF_REG_0, (int16_t)      0,       0x38 },
    { 0xc7,   BPF_REG_6,   BPF_REG_0, (int16_t)      0,       0x38 },
    { 0x65,   BPF_REG_6,   BPF_REG_0, (int16_t)     10, 0xffffffff },
    { 0xbf,   BPF_REG_2,   BPF_REG_4, (int16_t)      0,        0x0 },
    {  0x7,   BPF_REG_2,   BPF_REG_0, (int16_t)      0,        0xd },
    { 0x2d,   BPF_REG_2,   BPF_REG_3, (int16_t)     42,        0x0 },
    { 0xbf,   BPF_REG_5,   BPF_REG_4, (int16_t)      0,        0x0 },
    {  0x7,   BPF_REG_5,   BPF_REG_0, (int16_t)      0,        0xe },
    { 0x2d,   BPF_REG_5,   BPF_REG_3, (int16_t)     39,        0x0 },
    { 0xb7,   BPF_REG_0,   BPF_REG_0, (int16_t)      0,        0xe },
    { 0x71,   BPF_REG_5,   BPF_REG_2, (int16_t)      0,        0x0 },
    { 0xb7,   BPF_REG_6,   BPF_REG_0, (int16_t)      0,        0x8 },
    { 0x2d,   BPF_REG_6,   BPF_REG_5, (int16_t)     35,        0x0 },
    {  0xf,   BPF_REG_5,   BPF_REG_0, (int16_t)      0,        0x0 },
    {  0xf,   BPF_REG_4,   BPF_REG_5, (int16_t)      0,        0x0 },
    { 0x2d,   BPF_REG_4,   BPF_REG_3, (int16_t)     32,        0x0 },
    { 0xbf,   BPF_REG_4,   BPF_REG_2, (int16_t)      0,        0x0 },
    {  0x7,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,        0x9 },
    { 0x2d,   BPF_REG_4,   BPF_REG_3, (int16_t)     29,        0x0 },
    { 0x71,   BPF_REG_4,   BPF_REG_2, (int16_t)      1,        0x0 },
    { 0x67,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,       0x38 },
    { 0x71,   BPF_REG_3,   BPF_REG_2, (int16_t)      2,        0x0 },
    { 0x67,   BPF_REG_3,   BPF_REG_0, (int16_t)      0,       0x30 },
    { 0x4f,   BPF_REG_3,   BPF_REG_4, (int16_t)      0,        0x0 },
    { 0x71,   BPF_REG_4,   BPF_REG_2, (int16_t)      3,        0x0 },
    { 0x67,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,       0x28 },
    { 0x4f,   BPF_REG_3,   BPF_REG_4, (int16_t)      0,        0x0 },
    { 0x71,   BPF_REG_4,   BPF_REG_2, (int16_t)      4,        0x0 },
    { 0x67,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,       0x20 },
    { 0x4f,   BPF_REG_3,   BPF_REG_4, (int16_t)      0,        0x0 },
    { 0x71,   BPF_REG_4,   BPF_REG_2, (int16_t)      5,        0x0 },
    { 0x67,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,       0x18 },
    { 0x4f,   BPF_REG_3,   BPF_REG_4, (int16_t)      0,        0x0 },
    { 0x71,   BPF_REG_4,   BPF_REG_2, (int16_t)      6,        0x0 },
    { 0x67,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,       0x10 },
    { 0x4f,   BPF_REG_3,   BPF_REG_4, (int16_t)      0,        0x0 },
    { 0x71,   BPF_REG_4,   BPF_REG_2, (int16_t)      7,        0x0 },
    { 0x67,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,        0x8 },
    { 0x4f,   BPF_REG_3,   BPF_REG_4, (int16_t)      0,        0x0 },
    { 0x71,   BPF_REG_2,   BPF_REG_2, (int16_t)      8,        0x0 },
    { 0x4f,   BPF_REG_3,   BPF_REG_2, (int16_t)      0,        0x0 },
    { 0x7b,  BPF_REG_10,   BPF_REG_3, (int16_t)  65528,        0x0 },
    { 0xbf,   BPF_REG_3,  BPF_REG_10, (int16_t)      0,        0x0 },
    {  0x7,   BPF_REG_3,   BPF_REG_0, (int16_t)      0, 0xfffffff8 },
    { 0x18,   BPF_REG_2,   BPF_REG_0, (int16_t)      0,        0x0 },
    {  0x0,   BPF_REG_0,   BPF_REG_0, (int16_t)      0,        0x0 },
    { 0xb7,   BPF_REG_4,   BPF_REG_0, (int16_t)      0,        0x0 },
    { 0x85,   BPF_REG_0,   BPF_REG_0, (int16_t)      0,       0x52 },
    { 0xb7,   BPF_REG_0,   BPF_REG_0, (int16_t)      0,        0x1 },
    { 0x95,   BPF_REG_0,   BPF_REG_0, (int16_t)      0,        0x0 },
 };
 ngx_bpf_program_t ngx_quic_reuseport_helper = {
    .relocs = bpf_reloc_prog_ngx_quic_reuseport_helper,
    .nrelocs = sizeof(bpf_reloc_prog_ngx_quic_reuseport_helper)
               / sizeof(bpf_reloc_prog_ngx_quic_reuseport_helper[0]),
    .ins = bpf_insn_prog_ngx_quic_reuseport_helper,
    .nins = sizeof(bpf_insn_prog_ngx_quic_reuseport_helper)
            / sizeof(bpf_insn_prog_ngx_quic_reuseport_helper[0]),
    .license = "BSD",
    .type = BPF_PROG_TYPE_SK_REUSEPORT,
 };
--- a/src/event/quic/ngx_event_quic_connection.h
+++ b/src/event/quic/ngx_event_quic_connection.h
@ -1,324 +0,0 @@
 /*
 * Copyright (C) Nginx, Inc.
 */
 #ifndef _NGX_EVENT_QUIC_CONNECTION_H_INCLUDED_
 #define _NGX_EVENT_QUIC_CONNECTION_H_INCLUDED_
 #include <ngx_config.h>
 #include <ngx_core.h>
 #include <ngx_event.h>
 /* #define NGX_QUIC_DEBUG_PACKETS */  /* dump packet contents */
 /* #define NGX_QUIC_DEBUG_FRAMES */   /* dump frames contents */
 /* #define NGX_QUIC_DEBUG_ALLOC */    /* log frames and bufs alloc */
 /* #define NGX_QUIC_DEBUG_CRYPTO */
 #define NGX_QUIC_ENCRYPTION_INITIAL          0
 #define NGX_QUIC_ENCRYPTION_EARLY_DATA       1
 #define NGX_QUIC_ENCRYPTION_HANDSHAKE        2
 #define NGX_QUIC_ENCRYPTION_APPLICATION      3
 #define NGX_QUIC_ENCRYPTION_LAST             4
 #define NGX_QUIC_SEND_CTX_LAST               (NGX_QUIC_ENCRYPTION_LAST - 1)
 typedef struct ngx_quic_connection_s  ngx_quic_connection_t;
 typedef struct ngx_quic_server_id_s   ngx_quic_server_id_t;
 typedef struct ngx_quic_client_id_s   ngx_quic_client_id_t;
 typedef struct ngx_quic_send_ctx_s    ngx_quic_send_ctx_t;
 typedef struct ngx_quic_socket_s      ngx_quic_socket_t;
 typedef struct ngx_quic_path_s        ngx_quic_path_t;
 typedef struct ngx_quic_keys_s        ngx_quic_keys_t;
 #if (NGX_QUIC_OPENSSL_COMPAT)
 #include <ngx_event_quic_openssl_compat.h>
 #endif
 #include <ngx_event_quic_transport.h>
 #include <ngx_event_quic_protection.h>
 #include <ngx_event_quic_frames.h>
 #include <ngx_event_quic_migration.h>
 #include <ngx_event_quic_connid.h>
 #include <ngx_event_quic_streams.h>
 #include <ngx_event_quic_ssl.h>
 #include <ngx_event_quic_tokens.h>
 #include <ngx_event_quic_ack.h>
 #include <ngx_event_quic_output.h>
 #include <ngx_event_quic_socket.h>
 /* RFC 9002, 6.2.2.  Handshakes and New Paths: kInitialRtt */
 #define NGX_QUIC_INITIAL_RTT                 333 /* ms */
 #define NGX_QUIC_UNSET_PN                    (uint64_t) -1
 /*  0-RTT and 1-RTT data exist in the same packet number space,
 *  so we have 3 packet number spaces:
 *
 *  0 - Initial
 *  1 - Handshake
 *  2 - 0-RTT and 1-RTT
 */
 #define ngx_quic_get_send_ctx(qc, level)                                      \
    ((level) == NGX_QUIC_ENCRYPTION_INITIAL) ? &((qc)->send_ctx[0])           \
        : (((level) == NGX_QUIC_ENCRYPTION_HANDSHAKE) ? &((qc)->send_ctx[1])  \
                                                      : &((qc)->send_ctx[2]))
 #define ngx_quic_get_connection(c)                                            \
    (((c)->udp) ? (((ngx_quic_socket_t *)((c)->udp))->quic) : NULL)
 #define ngx_quic_get_socket(c)               ((ngx_quic_socket_t *)((c)->udp))
 #define ngx_quic_init_rtt(qc)                                                 \
    (qc)->avg_rtt = NGX_QUIC_INITIAL_RTT;                                     \
    (qc)->rttvar = NGX_QUIC_INITIAL_RTT / 2;                                  \
    (qc)->min_rtt = NGX_TIMER_INFINITE;                                       \
    (qc)->first_rtt = NGX_TIMER_INFINITE;                                     \
    (qc)->latest_rtt = 0;
 typedef enum {
    NGX_QUIC_PATH_IDLE = 0,
    NGX_QUIC_PATH_VALIDATING,
    NGX_QUIC_PATH_WAITING,
    NGX_QUIC_PATH_MTUD
 } ngx_quic_path_state_e;
 struct ngx_quic_client_id_s {
    ngx_queue_t                       queue;
    uint64_t                          seqnum;
    size_t                            len;
    u_char                            id[NGX_QUIC_CID_LEN_MAX];
    u_char                            sr_token[NGX_QUIC_SR_TOKEN_LEN];
    ngx_uint_t                        used;  /* unsigned  used:1; */
 };
 struct ngx_quic_server_id_s {
    uint64_t                          seqnum;
    size_t                            len;
    u_char                            id[NGX_QUIC_CID_LEN_MAX];
 };
 struct ngx_quic_path_s {
    ngx_queue_t                       queue;
    struct sockaddr                  *sockaddr;
    ngx_sockaddr_t                    sa;
    socklen_t                         socklen;
    ngx_quic_client_id_t             *cid;
    ngx_quic_path_state_e             state;
    ngx_msec_t                        expires;
    ngx_uint_t                        tries;
    ngx_uint_t                        tag;
    size_t                            mtu;
    size_t                            mtud;
    size_t                            max_mtu;
    off_t                             sent;
    off_t                             received;
    u_char                            challenge[2][8];
    uint64_t                          seqnum;
    uint64_t                          mtu_pnum[NGX_QUIC_PATH_RETRIES];
    ngx_str_t                         addr_text;
    u_char                            text[NGX_SOCKADDR_STRLEN];
    unsigned                          validated:1;
    unsigned                          mtu_unvalidated:1;
 };
 struct ngx_quic_socket_s {
    ngx_udp_connection_t              udp;
    ngx_quic_connection_t            *quic;
    ngx_queue_t                       queue;
    ngx_quic_server_id_t              sid;
    ngx_sockaddr_t                    sockaddr;
    socklen_t                         socklen;
    ngx_uint_t                        used; /* unsigned  used:1; */
 };
 typedef struct {
    ngx_rbtree_t                      tree;
    ngx_rbtree_node_t                 sentinel;
    ngx_queue_t                       uninitialized;
    ngx_queue_t                       free;
    uint64_t                          sent;
    uint64_t                          recv_offset;
    uint64_t                          recv_window;
    uint64_t                          recv_last;
    uint64_t                          recv_max_data;
    uint64_t                          send_offset;
    uint64_t                          send_max_data;
    uint64_t                          server_max_streams_uni;
    uint64_t                          server_max_streams_bidi;
    uint64_t                          server_streams_uni;
    uint64_t                          server_streams_bidi;
    uint64_t                          client_max_streams_uni;
    uint64_t                          client_max_streams_bidi;
    uint64_t                          client_streams_uni;
    uint64_t                          client_streams_bidi;
    ngx_uint_t                        initialized;
                                                 /* unsigned  initialized:1; */
 } ngx_quic_streams_t;
 typedef struct {
    size_t                            in_flight;
    size_t                            window;
    size_t                            ssthresh;
    size_t                            w_max;
    size_t                            w_est;
    size_t                            w_prior;
    size_t                            mtu;
    ngx_msec_t                        recovery_start;
    ngx_msec_t                        idle_start;
    ngx_msec_t                        k;
    ngx_uint_t                        idle; /* unsigned  idle:1; */
 } ngx_quic_congestion_t;
 /*
 * RFC 9000, 12.3.  Packet Numbers
 *
 *  Conceptually, a packet number space is the context in which a packet
 *  can be processed and acknowledged.  Initial packets can only be sent
 *  with Initial packet protection keys and acknowledged in packets that
 *  are also Initial packets.
 */
 struct ngx_quic_send_ctx_s {
    ngx_uint_t                        level;
    ngx_quic_buffer_t                 crypto;
    uint64_t                          crypto_sent;
    uint64_t                          pnum;        /* to be sent */
    uint64_t                          largest_ack; /* received from peer */
    uint64_t                          largest_pn;  /* received from peer */
    ngx_queue_t                       frames;      /* generated frames */
    ngx_queue_t                       sending;     /* frames assigned to pkt */
    ngx_queue_t                       sent;        /* frames waiting ACK */
    uint64_t                          pending_ack; /* non sent ack-eliciting */
    uint64_t                          largest_range;
    uint64_t                          first_range;
    ngx_msec_t                        largest_received;
    ngx_msec_t                        ack_delay_start;
    ngx_uint_t                        nranges;
    ngx_quic_ack_range_t              ranges[NGX_QUIC_MAX_RANGES];
    ngx_uint_t                        send_ack;
 };
 struct ngx_quic_connection_s {
    uint32_t                          version;
    ngx_quic_path_t                  *path;
    ngx_queue_t                       sockets;
    ngx_queue_t                       paths;
    ngx_queue_t                       client_ids;
    ngx_queue_t                       free_sockets;
    ngx_queue_t                       free_paths;
    ngx_queue_t                       free_client_ids;
    ngx_uint_t                        nsockets;
    ngx_uint_t                        nclient_ids;
    uint64_t                          max_retired_seqnum;
    uint64_t                          client_seqnum;
    uint64_t                          server_seqnum;
    uint64_t                          path_seqnum;
    ngx_quic_tp_t                     tp;
    ngx_quic_tp_t                     ctp;
    ngx_quic_send_ctx_t               send_ctx[NGX_QUIC_SEND_CTX_LAST];
    ngx_quic_keys_t                  *keys;
    ngx_quic_conf_t                  *conf;
    ngx_event_t                       push;
    ngx_event_t                       pto;
    ngx_event_t                       close;
    ngx_event_t                       path_validation;
    ngx_event_t                       key_update;
    ngx_msec_t                        last_cc;
    ngx_msec_t                        first_rtt;
    ngx_msec_t                        latest_rtt;
    ngx_msec_t                        avg_rtt;
    ngx_msec_t                        min_rtt;
    ngx_msec_t                        rttvar;
    ngx_uint_t                        pto_count;
    ngx_queue_t                       free_frames;
    ngx_buf_t                        *free_bufs;
    ngx_buf_t                        *free_shadow_bufs;
    ngx_uint_t                        nframes;
    ngx_uint_t                        max_frames;
 #ifdef NGX_QUIC_DEBUG_ALLOC
    ngx_uint_t                        nbufs;
    ngx_uint_t                        nshadowbufs;
 #endif
 #if (NGX_QUIC_OPENSSL_COMPAT)
    ngx_quic_compat_t                *compat;
 #endif
    ngx_quic_streams_t                streams;
    ngx_quic_congestion_t             congestion;
    uint64_t                          rst_pnum;    /* first on validated path */
    off_t                             received;
    ngx_uint_t                        error;
    ngx_uint_t                        error_level;
    ngx_uint_t                        error_ftype;
    const char                       *error_reason;
    ngx_uint_t                        shutdown_code;
    const char                       *shutdown_reason;
    unsigned                          error_app:1;
    unsigned                          send_timer_set:1;
    unsigned                          closing:1;
    unsigned                          shutdown:1;
    unsigned                          draining:1;
    unsigned                          key_phase:1;
    unsigned                          validated:1;
    unsigned                          client_tp_done:1;
 #if (NGX_QUIC_OPENSSL_API)
    unsigned                          read_level:2;
    unsigned                          write_level:2;
 #endif
 };
 ngx_int_t ngx_quic_apply_transport_params(ngx_connection_t *c,
    ngx_quic_tp_t *ctp);
 void ngx_quic_discard_ctx(ngx_connection_t *c, ngx_uint_t level);
 void ngx_quic_close_connection(ngx_connection_t *c, ngx_int_t rc);
 void ngx_quic_shutdown_quic(ngx_connection_t *c);
 #if (NGX_DEBUG)
 void ngx_quic_connstate_dbg(ngx_connection_t *c);
 #else
 #define ngx_quic_connstate_dbg(c)
 #endif
 #endif /* _NGX_EVENT_QUIC_CONNECTION_H_INCLUDED_ */
--- a/Show More
+++ b/Show More
		`@ -0,0 +1,3 @@`

							`Documentation is available at http://nginx.org`