b4924689d2
* GnuTLS: compatibility with GnuTLS-3.4.2 * Nethttpd_plex: the post_add_hook was not called by accident (since OCamlnet-4); this is now fixed. * Nethtml: new option case_sensitive * GnuTLS: initializing the library on-demand. This avoids that /dev/random is kept open all the time since program start, and works around incompatibilities with Netplex. (Thomas Calderon found the problem.) * GnuTLS: setting DH parameters on certificates (this was forgotten in previous releases). (Thomas Calderon found the problem.) * GnuTLS: supporting GnuTLS versions where SRP is disabled. Supporting GnuTLS-3.4. * OpenBSD build: fix linker option (Christopher Zimmermann) * Equeue: There is a new method request_proxy_notification, which is only used by Uq_engines.qseq_engine (but unfortunately needs to appear in the public type of the object). This new method permits that chains of Uq_engines.qseq_engine pairs can now be arbitrarily long without consuming too much memory and without the danger of getting stack overflows. This fixes issues where notification chains got too long. In particular, we saw a stack overflow when retrieving a video stream via HTTP. The stream was sent with many chunks, resulting in a long Uq_engines.qseq_engine chain. Implementers of engines can simply define request_proxy_notification as no-ops. * Nethttp.set_content_range: this function generated an incorrect header (the "bytes" word was missing). (Török Edwin) * _oasis is generated from _oasis.in * Netplex: the Netplex socket directory has a different default if not specified in the config file. * Netshm: the POSIX specifier has now two args * IPv6: automatically enabled if there is a global IPv6 address * Unicode tables: Moved them to a separate netunidata library. This library needs to be linked in for getting access to the tables (this is no longer the default). * Renamings: Http_client, Ftp_client etc. => Nethttp_client, Netftp_client Mimestring => Netmime_string Xdr => Netxdr * Netmime: moved functions to Netmime_header and Netmime_channels * Netmech_scram: Removed the check that passwords only consist of ASCII chars. The user can now call Netsaslprep.saslprep. * Removed: rpc-auth-dh, nethttpd-for-netcgi2 * Http_client: the authentication mechanisms are now encapsulated in a first-class module HTTP_MECHANISM. So far, there is Digest authentication in this form. The signature of HTTP_MECHANISM is similar to SASL_MECHANISM. Another visible change is that the insecure Basic authentication is no longer enabled for non-TLS-secured connections. This can be changed back by setting flags, though. Some fixes in the design improve Digest authentication for proxy connections. * Netpop: implementating SASL authentication for POP3. Moved Netpop into netclient. * Netsmtp: implementing SASL authentication for SMTP. Moved Netsmtp into netclient. * Adding a framework for SASL, and a number of mechanisms (PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1). * fcgi/scgi/ajp connectors: exporting a handle_connection function, and unifying existing such functions (Christopher Zimmermann) * adding support for modular cryptography (symmetric ciphers and digests) * SCRAM is now implemented with the new crypto providers * removing dependency on Cryptokit * removed library netgssapi; now part of netsys/netstring * removed library netmech-scram; now part of netstring Ocamlnet-4 adds: - new library netgss-system - new library nettls-gnutls - removed equeue-ssl and rpc-ssl - X.500 modules Netasn1, Netdn, Netx509 - Crypto definitions Netsys_crypto_types, Netsys_crypto - TLS modules Netsys_tls, Nettls_support - Support for SASL and GSSAPI - Moved many functions from Uq_engines to new modules in the equeue library (Uq_client, Uq_server, Uq_multiplex, Uq_transfer) |
||
---|---|---|
.. | ||
patches | ||
buildlink3.mk | ||
DESCR | ||
distinfo | ||
Makefile | ||
options.mk | ||
PLIST |