SearchVarnish Enterprise 6.0.16r11 is a feature and bug fix release. This release contains important bug fixes and stability improvements, and all users are encouraged to upgrade.
Key highlights include new image processing capabilities in vmod_image,
granular client certificate verification for TLS, and performance
optimizations for vmod_slicer.
The features and optimizations are highlighted below. Please see the changelog for the complete list of changes in this version and previous versions.
vmod_image has expanded its WebP conversion capabilities. The webp()
function now accepts a fit parameter with contain, cover, and crop
modes. This enables source-dimension-aware resizing into a target box defined
by resize_width and resize_height.
You can now configure client certificate verification on a per-certificate
basis using tls.cert.load. This gives greater control over TLS deployments
and is managed via two new arguments:
-V <mode>: Sets the client certificate verification mode
(accepting none, optional, require, or optional-no-ca).-C <file>: Specifies the CA certificate file for client verification.vcl_backend_response,
vmod_slicer will no longer slice responses that fit within a single
segment. This avoids unnecessary overhead for small responses.synthbackend.from_string() and
synthbackend.from_blob() functions can now be invoked from all
vcl_backend_* subroutines. Previously, these were restricted to just
vcl_backend_fetch.obj.can_esi, has been
introduced to easily identify whether a response can undergo ESI processing.For developers writing tests, varnishtest has been updated with two new
commands: tls_renegotiate to perform TLS renegotiation of the current
session, and tls_key_update to schedule a key update.