http-access/2.0.7 RC

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I posted a release candidate version of http-access/2.0.7.
(named 2.0.6.99.20070430)
http://dev.ctor.org/http-access2/wiki#a2007-04-29:version2.0.7-rc

http-access2 users, would you please check if the version works with
your application? I'll post 2.0.7 in a week.

/ / /

Here're changes in version 2.0.7. Many fixes and a little feature
improvement. The biggest improvement is a bundle of SSL trust anchor
certificates. No more 'verify_mode = nil' which means no security in SSL.

Almost all fixes are based on patches/reports from users. Thank you
very much!

* HTTP
* added proxyauth support. (#6)
* let developer allow to rescue a redirect with relative URI. (#28)
* changed last-chunk condition statement to allow "0000\r\n" marker
from WebLogic Server 7.0 SP5 instead of "0\r\n". (#30)
* fixed multipart form submit. (#29, #116)
* use http_date format as a date in a request header. (#35)
* avoid duplicated Date header when running under mod_ruby. (#127)
* reason phrase in Message#reason contains \r. (#122)
* trim "\n"s in base64 encoded BasicAuth value for interoperability.
(#149)
* let retry_connect return a Message not a content. (#119)
* rescue SocketError and dump a message when a wrong address given.
(#152)

* HTTP-Cookies
* changed "domain" parameter matching condition statement to allow
followings; (#24, #32, #118, #147)
* [host, domain] = [rubyforge.com, .rubyforge.com]
* [host, domain] = [reddit.com, reddit.com]

* SSL
* bundles CA certificates as trust anchors.
* allow user to get peer_cert. (#117, #123)
* added wildcard certificate support. (#151)
* SSL + HTTP keep-alive + long wait causes uncaught exception.
fixed. (#120)

* Connection
* fixed a loop condition bug that caused intermittent empty response.
(#150, #26, #125)

Regards,
// NaHi

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (Cygwin)

iQEVAwUBRjYF7x9L2jg5EEGlAQKH9AgAiLIz2/9v8pvaItpymlE0Z9r/rlj4SjHq
GyhHUknPqpl+gwNhCAOPurA4nGQuYZ8oNIfQWwHeCwF5S272eORCzDMW3ck3tCHO
5wzb7FUa107MtL/Mg0hmaNZHEUfS31L5wA4ZXTSlUNcO3JToHFwui59X22qi11hl
lHEQY5mEXlJbenjj6vev/TkUrAewA3ZIncLmwCwzwBrpRbaezPRewnKyNk9ANZic
c01qu3ttxGuHDy+Fiw0iSMkP5Dn3p0HuJwdU4gcMi3xO8O/EwBgk7Iw5Qc4mqgeW
nK6J5nE+OaLmxE8yv3xOr3WsI6FxehjWc80isGOISj3e4afHCf8Muw==
=at2m
-----END PGP SIGNATURE-----

.

Relevant Pages

  • Re: [Lit.] Buffer overruns
    ... http://www.garlic.com/~lynn/2001e.html#39 Can I create my own SSL key? ... http://www.garlic.com/~lynn/2001g.html#19 Root certificates ...
    (sci.crypt)
  • Re: SSL certificate modification
    ... > That's only one reason for the existance of SSL server ... > that certificates contains certified public keys which are used during ... implication then the domain name infrastructure is a trusted server ...
    (comp.security.misc)
  • Re: Web service Security
    ... Direct Authentication thru SSL ... X.509 certificates ... we need to secure the soap header as well as message itself. ... Is there any effective & secure solution which doesnt use SSL ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Setting up Push Mail in SBS 2003
    ... there are problems with the SSL certificates. ... Generally the first hits you'll get in Google will be SSL cert related. ... Outlook Mobile access on SBS 2003. ...
    (microsoft.public.windows.server.sbs)
  • Re: Development Environment w/ssl
    ... > sensitive, private user data. ... > would like to use ssl for the pages that display/edit this data. ... > machines - all the code is stored in a single Visual Source Safe server. ... If you need to issue certificates for the dev machines, ...
    (microsoft.public.dotnet.security)