Now
MAIN commitmail json YAML
pkgsrc/net/ocamlnet/Makefile@1.25
/
diff
pkgsrc/net/ocamlnet/PLIST@1.11 / diff
pkgsrc/net/ocamlnet/distinfo@1.19 / diff
pkgsrc/net/ocamlnet/options.mk@1.3 / diff
pkgsrc/net/ocamlnet/PLIST@1.11 / diff
pkgsrc/net/ocamlnet/distinfo@1.19 / diff
pkgsrc/net/ocamlnet/options.mk@1.3 / diff
Updated package to newest version, 4.0.4. Changes include:
* GnuTLS: compatibility with GnuTLS-3.4.2
* Nethttpd_plex: the post_add_hook was not called by accident
(since OCamlnet-4); this is now fixed.
* Nethtml: new option case_sensitive
* GnuTLS: initializing the library on-demand. This avoids that
/dev/random is kept open all the time since program start, and
works around incompatibilities with Netplex. (Thomas Calderon
found the problem.)
* GnuTLS: setting DH parameters on certificates (this was forgotten in
previous releases). (Thomas Calderon found the problem.)
* GnuTLS: supporting GnuTLS versions where SRP is disabled.
Supporting GnuTLS-3.4.
* OpenBSD build: fix linker option (Christopher Zimmermann)
* Equeue: There is a new method request_proxy_notification,
which is only used by Uq_engines.qseq_engine (but unfortunately
needs to appear in the public type of the object). This new
method permits that chains of Uq_engines.qseq_engine pairs
can now be arbitrarily long without consuming too much memory
and without the danger of getting stack overflows.
This fixes issues where notification chains got too long. In
particular, we saw a stack overflow when retrieving a video
stream via HTTP. The stream was sent with many chunks, resulting
in a long Uq_engines.qseq_engine chain.
Implementers of engines can simply define request_proxy_notification
as no-ops.
* Nethttp.set_content_range: this function generated an incorrect
header (the "bytes" word was missing). (T旦r旦k Edwin)
* _oasis is generated from _oasis.in
* Netplex: the Netplex socket directory has a different default
if not specified in the config file.
* Netshm: the POSIX specifier has now two args
* IPv6: automatically enabled if there is a global IPv6 address
* Unicode tables: Moved them to a separate netunidata library.
This library needs to be linked in for getting access to the
tables (this is no longer the default).
* Renamings: Http_client, Ftp_client etc. => Nethttp_client,
Netftp_client
Mimestring => Netmime_string
Xdr => Netxdr
* Netmime: moved functions to Netmime_header and Netmime_channels
* Netmech_scram: Removed the check that passwords only consist of
ASCII chars. The user can now call Netsaslprep.saslprep.
* Removed: rpc-auth-dh, nethttpd-for-netcgi2
* Http_client: the authentication mechanisms are now encapsulated
in a first-class module HTTP_MECHANISM. So far, there is Digest
authentication in this form. The signature of HTTP_MECHANISM
is similar to SASL_MECHANISM.
Another visible change is that the insecure Basic authentication
is no longer enabled for non-TLS-secured connections. This can be
changed back by setting flags, though.
Some fixes in the design improve Digest authentication for proxy
connections.
* Netpop: implementating SASL authentication for POP3. Moved Netpop
into netclient.
* Netsmtp: implementing SASL authentication for SMTP. Moved Netsmtp
into netclient.
* Adding a framework for SASL, and a number of mechanisms
(PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1).
* fcgi/scgi/ajp connectors: exporting a handle_connection function,
and unifying existing such functions (Christopher Zimmermann)
* adding support for modular cryptography (symmetric ciphers and
digests)
* SCRAM is now implemented with the new crypto providers
* removing dependency on Cryptokit
* removed library netgssapi; now part of netsys/netstring
* removed library netmech-scram; now part of netstring
Ocamlnet-4 adds:
- new library netgss-system
- new library nettls-gnutls
- removed equeue-ssl and rpc-ssl
- X.500 modules Netasn1, Netdn, Netx509
- Crypto definitions Netsys_crypto_types, Netsys_crypto
- TLS modules Netsys_tls, Nettls_support
- Support for SASL and GSSAPI
- Moved many functions from Uq_engines to new modules in
the equeue library (Uq_client, Uq_server, Uq_multiplex,
Uq_transfer)
* GnuTLS: compatibility with GnuTLS-3.4.2
* Nethttpd_plex: the post_add_hook was not called by accident
(since OCamlnet-4); this is now fixed.
* Nethtml: new option case_sensitive
* GnuTLS: initializing the library on-demand. This avoids that
/dev/random is kept open all the time since program start, and
works around incompatibilities with Netplex. (Thomas Calderon
found the problem.)
* GnuTLS: setting DH parameters on certificates (this was forgotten in
previous releases). (Thomas Calderon found the problem.)
* GnuTLS: supporting GnuTLS versions where SRP is disabled.
Supporting GnuTLS-3.4.
* OpenBSD build: fix linker option (Christopher Zimmermann)
* Equeue: There is a new method request_proxy_notification,
which is only used by Uq_engines.qseq_engine (but unfortunately
needs to appear in the public type of the object). This new
method permits that chains of Uq_engines.qseq_engine pairs
can now be arbitrarily long without consuming too much memory
and without the danger of getting stack overflows.
This fixes issues where notification chains got too long. In
particular, we saw a stack overflow when retrieving a video
stream via HTTP. The stream was sent with many chunks, resulting
in a long Uq_engines.qseq_engine chain.
Implementers of engines can simply define request_proxy_notification
as no-ops.
* Nethttp.set_content_range: this function generated an incorrect
header (the "bytes" word was missing). (T旦r旦k Edwin)
* _oasis is generated from _oasis.in
* Netplex: the Netplex socket directory has a different default
if not specified in the config file.
* Netshm: the POSIX specifier has now two args
* IPv6: automatically enabled if there is a global IPv6 address
* Unicode tables: Moved them to a separate netunidata library.
This library needs to be linked in for getting access to the
tables (this is no longer the default).
* Renamings: Http_client, Ftp_client etc. => Nethttp_client,
Netftp_client
Mimestring => Netmime_string
Xdr => Netxdr
* Netmime: moved functions to Netmime_header and Netmime_channels
* Netmech_scram: Removed the check that passwords only consist of
ASCII chars. The user can now call Netsaslprep.saslprep.
* Removed: rpc-auth-dh, nethttpd-for-netcgi2
* Http_client: the authentication mechanisms are now encapsulated
in a first-class module HTTP_MECHANISM. So far, there is Digest
authentication in this form. The signature of HTTP_MECHANISM
is similar to SASL_MECHANISM.
Another visible change is that the insecure Basic authentication
is no longer enabled for non-TLS-secured connections. This can be
changed back by setting flags, though.
Some fixes in the design improve Digest authentication for proxy
connections.
* Netpop: implementating SASL authentication for POP3. Moved Netpop
into netclient.
* Netsmtp: implementing SASL authentication for SMTP. Moved Netsmtp
into netclient.
* Adding a framework for SASL, and a number of mechanisms
(PLAIN, CRAM-MD5, DIGEST-MD5, SCRAM-SHA1).
* fcgi/scgi/ajp connectors: exporting a handle_connection function,
and unifying existing such functions (Christopher Zimmermann)
* adding support for modular cryptography (symmetric ciphers and
digests)
* SCRAM is now implemented with the new crypto providers
* removing dependency on Cryptokit
* removed library netgssapi; now part of netsys/netstring
* removed library netmech-scram; now part of netstring
Ocamlnet-4 adds:
- new library netgss-system
- new library nettls-gnutls
- removed equeue-ssl and rpc-ssl
- X.500 modules Netasn1, Netdn, Netx509
- Crypto definitions Netsys_crypto_types, Netsys_crypto
- TLS modules Netsys_tls, Nettls_support
- Support for SASL and GSSAPI
- Moved many functions from Uq_engines to new modules in
the equeue library (Uq_client, Uq_server, Uq_multiplex,
Uq_transfer)