pike.git / CHANGES

version» Context lines:

pike.git/CHANGES:23:    - Add delay() to postpone a future.       - Rewrite timeout() to reduce the memory footprint of a future in the    common case.      o SSL       The SSL module now supports session ticket both client and server side.    This functionality has been backported from 8.1/master.    + o Standards.X509 +  +  Standards.X509 now allows the user to select acceptable signature +  algorithms to be used in the verification of certificates. +    o Stdio.PROP_TTY       Stdio.File()->pipe() can now be used to create tty-capable    pipes (aka pseudo-ttys, aka ptys).      Bug fixes   ---------      o ADT.CritBit.IntTree   
pike.git/CHANGES:180:    - Fix the only known deadlock-cause logged in the last year; happened    (rarely) on multiple parallel queries on a single connection.       - Fix the only known race condition logged in the last year; happened    on some queries that store >32KB data per query.       - Cast integers to floats, when floats are desired.      o SSL    -  When verifying the hostname against the certificate, only accept * +  - When verifying the hostname against the certificate, only accept *    (wildcard) for one level, i.e. *.example.com matches foo.example.com,    but not www.foo.example.com. Previously, all levels were matched.    -  +  - No longer accept MD2, MD5, and SHA1 as signature algorithms when +  verification is requested. MD2 and MD5 are outright dangerous at +  this point, and SHA1 should no longer be very relevant as web +  browsers already force CAs for several years to no longer issue any +  SHA1 certs anymore. +  +  Acceptable signature algorithms are however configurable via +  SSL.Context now, in case support of older/insecure algorithms is +  vehemently required by an application. +    o SSL.File       Do not close automatically on write error.       The internal ssl_write_callback() would call shutdown()    on write error, which would cause the object to enter    one of the closed states, without the user actually    having closed the file.       This in turn caused errors like "Not open" from