| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
Changes in release 0.32.1:
* Fix configure CFLAGS handling in Kerberos detection.
* Various spelling fixes.
Changes in release 0.32.0:
* Interface changes:
- API and ABI backwards-compatible with 0.27.x and later
- NE_AUTH_DIGEST now only enables RFC 2617/7616 auth by default;
to enable weaker RFC 2069 Digest, use NE_AUTH_LEGACY_DIGEST
(treated as a security enhancement, not an API/ABI break)
* Interface clarifications:
- ne_auth.h: use of non-ASCII usernames with the ne_auth_creds
callback type is now rejected for Digest auth since the
encoding is not specified. ne_add_auth() can be used instead.
- ne_request.h: the ne_create_request_fn callback is passed the
request-target using RFC 7230 terminology
* New interfaces and features:
- ne_string.h: added ne_strhash(), ne_vstrhash(), ne_strparam()
- ne_auth.h: added RFC 7616 (Digest authentication) support,
including userhash=, username*= and SHA-2 algorithms
(SHA-2 requires GnuTLS/OpenSSL). added NE_AUTH_LEGACY_DIGEST
- ne_auth.h: added ne_add_auth() unified auth callback interface,
accepts (only) UTF-8 usernames, uses a larger password buffer,
and has different/improved attempt counter semantics.
- RFC 7617 scoping rules are now applied for Basic authentication.
- ne_ssl.h: added ne_ssl_cert_hdigest()
- ne_socket.h: added ne_sock_shutdown()
- sendmsg()/send() are used with the MSG_NOSIGNAL flag to write to
sockets on Unix, rather than write()/writev(), avoiding SIGPIPE
- explicit_bzero() is used where available to clear credentials
* Bug fixes:
- fixed TLS connection shutdown handling for OpenSSL 3
- fix various Coverity and cppcheck warnings (Sebastian Reschke)
- Kerberos library detection uses pkg-config where possible.
- fix some configure checks on Win32 (Christopher Degawa)
- fix some configure errors on MacOS (Ryan Schmidt)
|
|
Changes in release 0.30.1:
* Fix memory leak with GnuTLS (Werner Baumann, Patrick Ohly).
* Fix possible crash after DNS lookup errors on Windows (Olivier Goffart).
* Don't fail if the SSL cert changes between connections with OpenSSL,
behaviour now matches that with GnuTLS.
* Fix PKCS#11 support under OpenSSL with TLS 1.2.
* Fix static linking with pkg-config file (Alan H).
|
|
Changes in release 0.30.0:
* Interface changes:
- none, API and ABI backwards-compatible with 0.27.x and later
* New interfaces and features:
- ne_ssl.h: added ne_ssl_clicert_import, ne_ssl_context_get_flag
- ne_session.h: added ne_set_addrlist2
- ne_socket.h: added ne_addr_canonical
- ne_auth.h: added NE_AUTH_GSSAPI_ONLY, NE_AUTH_SSPI (Nathanael Rensen)
- ne_basic.h: added NE_CAP_EXT_MKCOL options test
- ne_request.h: support chunked bodies with negative length passed to
ne_set_request_body_provider (Julien Reichel)
* Bug fixes:
- ne_path_escape: fix excessive memory allocation (Pierre Crokaert)
- SSPI auth: use canonical server hostname, clear SSPI context after
successful auth (Nathanael Rensen)
- build fixes for Open Watcom compiler (NormW)
- fix Win32 error code handling for local ne_sock_prebind bind failure
- Win32: support LFS, thread-safe OpenSSL (Diego Santa Cruz)
- GnuTLS: fix GnuTLS 3.x support (Matthias Petschick, Bartosz Brachaczek)
|
|
changes:
-bugfixes (mostly SSL releated)
-docs updates
|
|
* Interface changes:
o none, API and ABI backwards-compatible with 0.28.x and 0.27.x
* New interfaces and features:
o added NTLM auth support for Unix builds (Kai Sommerfeld,
Daniel Stenberg)
o ne_auth.h: added NE_AUTH_GSSAPI and NE_AUTH_NTLM auth protocol codes
o added ne_acl3744.h, updated WebDAV ACL support (Henrik Holst)
o added built-in SOCKS v4/v4a/v5 support: ne_socket.h:ne_sock_proxy(),
and ne_session.h:ne_session_socks_proxy()
o added support for system-default proxies: ne_session_system_proxy(),
implemented using libproxy where available
o ne_session.h: added NE_SESSFLAG_EXPECT100 session flag,
SSL verification failure bits extended by NE_SSL_BADCHAIN and
NE_SSL_REVOKED, better handling of failures within the cert chain
(thanks to Ludwig Nussel)
o ne_socket.h: ne_sock_writev() (Julien Reichel), ne_sock_set_error(),
ne_iaddr_raw(), ne_iaddr_parse()
o ne_string.h: ne_buffer_qappend(), ne_strnqdup()
* Deprecated interfaces:
o ne_acl.h is obsoleted by ne_acl3744.h (but is still present)
o obsolete feature "NE_FEATURE_SOCKS" now never marked present
* Other changes:
o fix handling of "stale" flag in RFC2069-style Digest auth challenge
o ne_free() implemented as a function on Win32 (thanks to Helge Hess)
o symbol versioning used for new symbols, where supported
o ensure SSL connections are closed cleanly with OpenSSL
o fix build with OpenSSL 1.0 beta
o updated Polish (pl) translation (Arfrever Frehtes Taifersar Arahesis)
* SECURITY (CVE-2009-2473): Fix "billion laughs" attack against expat;
could allow a Denial of Service attack by a malicious server.
* SECURITY (CVE-2009-2474): Fix handling of an embedded NUL byte in a
certificate subject name; could allow an undetected MITM attack against
an SSL server if a trusted CA issues such a cert.
Tested by Daniel Horecki with SVN client.
|
|
|
|
Remove comment about checking subversion for neon > 0.27 as 0.28.3 is
in fact the prefered version for the current subversion.
Several years of bug fixes.
|
|
* Fix buffer under-read in URI parser (Laszlo Boszormenyi, CVE-2007-0157)
* Fix regression in handling of "attempt" argument passed to auth callbacks;
ensure the value only increments for each invocation of the callback
* Fix handling of "nextnonce" parameter in Digest authentication
Changes 0.26.2:
* Fix error reported for LOCK responses lacking a Lock-Token header.
* Use Libs.private in neon.pc for newer versions of pkg-config.
* Build fix for platforms without libintl.h.
* Build fixes for MinGW.
* Build fix for h_errno detection on HP-UX 10.
* Win32: enable debugging; build fixes with some SDKs.
Changes 0.26.1:
* Build fixes for Win32 (D.J. Heap) and OS X.
* Add Simplified Chinese translation
Changes in release 0.26.0:
* Added internationalization support:
* Added support for GnuTLS
* Changes and additions to URI support:
* Changed results callbacks for ne_lock_discover, PROPFIND interfaces:
* Added functions which give control over authentication protocol use:
* Added ne_unhook_* functions to remove hooks
* Added ne_set_session_flags()/ne_get_session_flags() functions:
* Added ne_set_request_flags()/ne_get_request_flags() functions:
* Change ne_md5.h interface to make struct ne_md5_ctx opaque:
* Fixed ne_get_range(), added ne_get_range64()
* Removed NE_FREE() macro from ne_alloc.h
* Added ne_strcasecmp(), ne_strncasecmp(), ne_tolower() functions
* Changed ne_sock_init()/ne_sock_exit() such that ne_sock_exit()
* Added "--enable-threadsafe-ssl=posix" configure flag, to enable
* The manual is now licensed under the GPL rather than the GFDL
|
|
Changes in release 0.25.4:
* GSSAPI fixes for non-MIT implementations (Mikhail Teterin).
* Fix ne_print_request_header() et al to use 8K buffer size on all
platforms (fixes issue with long Destination: URLs on Win32).
* Win32 build fix for !USE_GETADDRINFO configuration.
* Documentation updates.
Changes in release 0.25.3:
* ne_lock() and ne_unlock(): fix cases where NE_ERROR would be returned
instead of e.g. NE_AUTH on auth failure.
* Prevent use of poll() on Darwin.
* Fix gethostbyname-based resolver on LP64 platforms (Matthew Sanderson).
Changes in release 0.25.2:
* Really fix the Win32 build.
Changes in release 0.25.1:
* ne_get_content_type(): fix cases where the charset field was not set
to NULL after successful return (Johannes Schneider)
* Compressed response handling fixes:
- fix double invocation of reader callback with len=0
- fix cases where the reader callback return value was ignored
* Cache the new SSL session if the old one was expired (Robert Eiglmaier)
* Win32: fix build issues.
Changes in release 0.25.0:
* New interfaces:
- ne_get_response_header() replaces ne_add_response_header_handler
- ne_read_response_to_fd() and ne_discard_response() for use with
ne_begin_request/ne_end_request style response handling
- ne_xmlreq.h: ne_xml_parse_response() and ne_xml_dispatch_request()
- ne_has_support() for feature detection, replaces ne_support_ssl()
- ne_set_addrlist() can be used to bypass normal DNS hostname resolver
- ne_buffer_czappend(), convenience wrapper for ne_buffer_append.
- ne_iaddr_typeof() returns type of a socket object
- ne_get_content_type() replaces ne_content_type_handler()
- ne_set_request_expect100() replaces ne_set_expect100()
* New interfaces on LFS systems for large file support:
- ne_set_request_body_fd64() call for using an fd opened using O_LARGEFILE
- ne_set_request_body_provider64(), takes an off64_t length argument
* Interface changes:
- ne_set_request_body_fd takes offset and length arguments and returns void
- ne_set_request_body_provider takes length as off_t rather than size_t;
provider callbacks now MUST set session error string if returning an error
- response body reader callback returns an integer and can abort the response
- ne_decompress_destroy() returns void; errors are caught earlier
- ne_xml_failed() replaces ne_xml_valid(), with different return value logic
- ne_xml_parse() can return an error; ne_xml_parse_v() aborts the response if
the parse either fails or is aborted by a handler returning NE_XML_ABORT
- ne_path_escape() now escapes all but unreserved characters
- ne_ssl_clicert_name() and ne_ssl_cert_identity() clarified to return UTF-8
- ne_ssl_clicert_name() clicert object argument is now const
- ne_uri_parse()/ne_uri_free() memory handling clarified
- removed the buffer length requirement for ne_read_response_block()
* Bug fixes:
- properly handle multiple Authentication challenges per request
- fixes and improvements to the Negotiate auth implementation
- handle proxies which send a 401 auth challenge to a CONNECT request
- XML: handle the UTF-8 BOM even if the underlying parser does not
- Win32: Fix timezone handling (Jiang Lei)
- ne_lock_refresh() works and will update timeout of passed-in lock
- persistent connection timeout handling fixes for CygWin et al
- impose hard limit of 1024 props per resource in ne_props.h response parsing
* New platform-specific features:
- Win32: Negotiate/NTLM support using SSPI (Vladimir Berezniker)
- Win32: Add IPv6 support using ENABLE_IPV6 neon.mak flag (Kai Sommerfeld)
* Removed features:
- the cookies interface has been removed
- removed functions: ne_service_lookup(), ne_put_if_unmodified()
- "qop=auth-int" support removed from Digest auth implementation
* Default XML parser search changed to check for expat before libxml2.
|
|
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:
lib/libfoo.a
lib/libfoo.la
lib/libfoo.so
lib/libfoo.so.0
lib/libfoo.so.0.1
one simply needs:
lib/libfoo.la
and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.
Also make LIBTOOLIZE_PLIST default to "yes".
|
|
Changes in release 0.24.7:
* Compression interface fixes:
- fix issues handling content decoding and request retries from
authentication challenges (Justin Erenkrantz)
- fix places where reader callback would receive spurious size=0 calls
- fix to pass user-supplied userdata to user-supplied acceptance callback
* Fix for RFC2617-style digest authentication (Hideaki Takahashi).
* Fix to pick up gethostbyname() on QNX 6.2.
|
|
Security fix release
|
|
Changes in release 0.24.5:
* SECURITY (CVE CAN-2004-0179): Fix format string vulnerabilities in
XML/207 response handling, reported by greuff@void.at.
* Performance fix: avoid seeding the SSL PRNG if not creating an SSL socket.
* ne_ssl_readable_dname() is now defined to return UTF-8 strings.
* Fix case where gssapi/gssapi_generic.h was included but not present.
* Fix ne_utils.c build on platforms where zlib does "#define const".
* Fix use of ne_proppatch_operation with some C++ compilers.
* Update libtool for fix to --enable-shared on Darwin.
* BeOS: check for gethostbyname in -lbind (David Reid).
|
|
* Ignore unclean SSL closure when response body is delimited by EOF
("Could not read response body: Secure connection truncated" errors
with some buggy SSL servers).
* Fix test/ssl.c syntax errors with C89 compilers (Radu Greab).
* Respect configure's --datadir argument (Max Bowsher).
* Fix build on Windows when OpenSSL is not used.
* Fix use of SSLv2 (spurious "Server did not present certificate" error).
* When using SSL via a proxy, prevent leaking server auth credentials to the
proxy, or proxy auth credentials to the server.
* Fix name resolver with some old versions of glibc.
* Fix problems with configure's "time_t format string" detection.
* Fix problems when a broken Kerberos installation is found.
* When verifying SSL certificates, check iPaddress names in the subjectAltName
extension.
Update BUILDLINK_DEPENDS to 0.24.4 since there was an XML API change in
0.24.0.
|
|
Changes in release 0.24.1:
* Add support for "GSS-Negotiate" Kerberos authentication scheme (from
Risko Gergely and Burjan Gabor).
* Disable Nagle to improve performance of small requests (thanks to
Jim Whitehead and Teng Xu).
* Fix compatibility with OpenSSL 0.9.6 (broken in 0.24.0).
* Fix prototype mismatch in ne_207.c.
* Define ssize_t from ne_request.h for Win32.
* Prevent segfault on zlib initialization failures.
* ne_sock_init does not fail if PRNG could not be seeded.
* Fix segfault in cookies code (Markus Mueller).
* Documentation updates.
Changes in release 0.24.0:
* Major changes to XML interface:
- have the start-element callback either accept, decline, abort,
or return a state integer.
- remove 'struct ne_xml_elm'; callbacks are passed {nspace, name}
strings along with a state integer.
- dropped "collect", "strip-leading-whitespace" modes
- push responsibility for accumulating cdata onto caller; drop 'cdata'
argument from end-element callback.
- don't abort if no handler accepts a particular element, just ignore
that branch of the tree.
- dropped support for libxml 1.x and expat < 1.95.0.
- guarantee that start_element callback is not passed attrs=NULL
- add ne_xml_doc_encoding() to retrieve encoding of parsed XML document.
* Major changes to SSL interface:
- rewrite of interfaces for handling server and client certificates;
ne_ssl.h: many new functions available.
- only PKCS#12-encoded client certs are supported.
- changes to most names of SSL-related functions operating on an
ne_session, e.g. ne_ssl_load_cert->ne_ssl_trust_cert.
- client cert provider callback is passed the set of acceptable CA
names sent by the server
- the entire chain of certs presented by server is now accessible
* Remove unused ne_register_progress() from socket layer.
* Changes to resolver interface: ne_addr_first and _next return const;
ne_addr_print renamed to ne_iaddr_print; ne_iaddr_make and ne_iaddr_free
have been added.
* ne_request_create() now duplicates the method string passed in.
* ne_redirect_location() will now return NULL in some cases.
* Split socket creation to ne_sock_create() from ne_sock_connect:
- should report connect() error messages properly on Win32.
* Fix several memory leaks in error handling paths.
* Add a pkg-config file, neon.pc.in.
|
|
Changes are basically fixes, among them a security fix.
|
|
changes:
-Fix for handling EINTR during write() call (Sergey N Ushakov).
-When available, use pkg-config to determine compiler flags needed to use
OpenSSL headers and libraries.
|
|
Changes since 0.23.5:
* Fixes for error handling in socket layer on Win32 from Johan Lindh and
Sergey N Ushakov:
* meaningful error messages rather than "No error"
* handle persistent connection timeouts properly
* Fix to use RFC2617-style digest auth when possible (had reverted to
only using RFC2068-style in 0.16.1).
* Fix NULL pointer dereference on certain ill-formed PROPFIND responses.
* Allow ne_sock_init to re-initialize after ne_sock_finish has been
called (Sergey N Ushakov).
Changes in the package:
* Switch to libxml2.
|
|
Excerpt of changes (+portability and bug fixes):
* Add support for `--la-file' argument to neon-config, which prints the
full path of the installed libneon.la file.
* Improved address resolver (ne_addr_*) replacing ne_name_lookup():
- use getaddrinfo() if found; include support for IPv6 (based on work
by Noriaki Takamiya)
* For a hostname with multiple addresses, each address is tried in turn
until a connection is made.
* RFC2818 compliance for certificate identity checks in SSL:
- use `dNSname' values in subjectAltName extension if present
- hostname comparison fixed to not be case-sensitive
* Added NE_DBG_SSL debug channel.
* ne_strerror changed to return the passed-in buffer.
* Added ne_strnzcpy macro to ne_string.h.
* Added reference documentation:
- ne_sock_init, ne_addr_*.
* Remove the const qualifier from the reason_phrase field in ne_status.
- ne_parse_statusline() now strdup's the reason_phrase
* Remove the status_line argument from ne_207_end_propstat and _end_response
* Change ne_session_create, ne_session_proxy, ne_sock_connect, and the
'port' field of the ne_uri structure to use an unsigned int for port numbers
* ne_uri_defaultport returns unsigned and '0' on an unknown port (not -1).
* Changes to hooks interface:
- pass an ne_request pointer to per-request hooks
- replace "accessor" hooks with ne_{get,set}_{request,session}_private
* Authentication changes:
- the hooks changes fix a segfault if auth is enabled for an SSL session
through a proxy server
- fix ne_forget_auth segfault if either proxy or server auth are not used
* Improvements to persistent connection retry logic and error handling
in request code; fixing some cases where some errors where incorrectly
treated as a persistent connection timeout
- a TCP RST at the appropriate time is now treated as a persistent
connection timeout.
- handle persistent connection timeouts on SSL connections
* Changes to SSL support:
- improved error handling
- fix for proxy CONNECT tunnelling with some proxies (e.g. Traffic-Server)
- fix potential segfault if client cert. provider callback is used
- fix to use supplied password callback for PEM-encoded client certificates
(Daniel Berlin)
* Remove ne_read_file().
* ne_version_match replaces ne_version_minimum (semantics changed slightly).
* XML request bodies use a content-type of "application/xml" now;
applications can use NE_XML_MEDIA_TYPE from ne_xml.h
|
|
buildlink2.mk files back into the main trunk. This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
|
|
Changes in release 0.21.3:
* Fix segfault if using proxy server with SSL session and server
certificate verification fails.
* Fix leak of proxy hostname once per session (if a proxy is used).
* Add --with-libs configure argument; e.g. --with-libs=/usr/local picks
up any support libraries in /usr/local/{lib,include}
Changes in release 0.21.2:
* Fix 'make install' for VPATH builds.
* Use $(mandir) for installing man pages (Rodney Dawes).
* Follow some simple (yet illegal) relativeURI redirects.
* Always build ne_compress.obj in Win32 build (Branko Èibej).
* Fix decompression logic bug (Justin Erenkrantz <jerenkrantz@apache.org>)
(could give a decompress failure for particular responses)
* Fix ne_proppatch() to submit lock tokens for available locks.
* More optimisation of ne_sock_readline.
Changes in release 0.21.1:
* Don't include default SSL port in Host request header, which can
help interoperability with misbehaving servers (thanks to Rodney Dawes
<dobey@ximian.com>).
* Don't give a "truncated response" error from ne_decompress_destroy if
the acceptance function returns non-zero.
* Fix for Win32 build (Sander Striker <striker@apache.org>).
* Fix for cookie name/value being free()d (thanks to Dan Mullen).
* Optimisation of ne_sock_readline.
Changes in release 0.21.0:
* Socket layer implements read buffering; efficiency and performance
improvement. Based on work by Jeff Johnson <jbj@redhat.com>
* Cleanup of socket interface:
- renamed everything, s/sock_/ne_sock_/, s/SOCK_/NE_SOCK_/
- removed unused and inappropriate interfaces.
- renaming done by Olof Oberg <mill@pedgr571.sn.umu.se>
- see src/ChangeLog for the gory details.
* Fix typoed 'ne_destroy_fn' typedef (Olof Oberg).
* Support OpenSSL/ENGINE branch.
* Bogus ne_utf8_encode/decode functions removed.
* ne_base64() moved to ne_string.[ch].
* ne_token drops 'quotes' parameter; ne_qtoken added.
* ne_buffer_create_sized renamed to ne_buffer_ncreate.
* ne_xml_get_attr takes extra arguments and can resolve namespaces.
* ne_accept_response function type takes const ne_status pointer.
* Drop support for automatically following redirects:
- ne_redirect_register just takes a session pointer
- ne_redirect_location returns an ne_uri pointer
* configure changes: --with-ssl and --with-socks no longer take a directory
argument. To use SOCKS or SSL libraries/headers in non-system locations,
use ./configure CPPFLAGS=-I/... LDFLAGS=-L/...
* Reference documentation included for most of ne_alloc.h and ne_string.h,
and parts of ne_session.h and ne_request.h.
- see installed man pages, HTML documentation.
Changes in release 0.20.0:
* Major changes to DAV lock handling interface (ne_locks.h):
- struct ne_lock uses a full URI structure to identify locked resource
- ne_lock() requires that owner/token fields are malloc-allocated (or NULL)
on entry
- introduce a "lock store" type, ne_lock_store, to replace the lock session;
accessor functions all renamed to ne_lockstore_*.
- ne_lock_iterate replaced with a first/next "cursor"-style interface
- If: headers use an absoluteURI (RFC2518 compliance fix).
- fix for handling shared locks on DAV servers which return many active locks
in the LOCK response (thanks to Keith Wannamaker)
* Moved URI/path manipulation functions under ne_* namespace (ne_uri.h):
- path handling functions renamed to ne_path_*
- URI structure handling to ne_uri_*; struct uri becomes ne_uri.
- ne_uri_parse doesn't take a 'defaults' parameter any more
- if URI port is unspecified, ne_uri_parse sets port to 0 not -1.
- added ne_uri_unparse and ne_uri_defaultport functions.
* New 'ne_fill_server_uri' function to initialize a URI structure with
the server details for a given session (useful with locks interface).
* ne_decompress_{reader,destroy} are defined as passthrough-functions
if zlib support is not enabled.
* API change: ne_ssl_provide_fn returns void not int.
* Added NE_SSL_FAILMASK for verify failure sanity check.
* Removed return codes NE_SERVERAUTH and and NE_AUTHPROXY; correct
documentation, NE_PROXYAUTH is given for proxy auth failure.
* Require zlib >= 1.1.4 to avoid possible vulnerability in earlier versions.
See http://www.gzip.org/zlib/advisory-2002-03-11.txt for more details.
(version check can be skipped by passing --with-force-zlib to configure)
* New 'ne_ssl_readable_dname' function to create a human-readable string
from an X509 distinguished name.
* Fix support for newer versions of libxml2 (thanks to Jon Trowbridge
<trow@gnu.org>).
* Fix corruption of reason_phrase in status object returned by
ne_propset_status.
* More lenient handling of whitespace in response headers.
* ne_content_type_handler will give a charset of "ISO-8859-1" if no charset
parameter is specified for a text/* media type (as per RFC2616).
* Miscellaneous cleanups and fixes (Jeff Johnson <jbj@redhat.com>).
Changes in release 0.19.4:
* Support bundled build of expat 1.95.x (Branko Èibej).
Update submitted by Joel Wilsson <joelw@unix.se> in PR 17812.
|
|
and reviewed by the maintainer, Eric Gillespie <epg@pretzelnet.org>.
Major version changed so that BUILDLINK_DEPENDS.neon bumped.
Part of changes from NEWS:
Changes in release 0.19.1-0.19.3:
* For platforms lacking snprintf or vsnprintf in libc, require trio.
* Add NE_FMT_OFF_T to fix Win32 build (Dan Berlin, Branko Èibej).
* Fix non-SSL build broken in 0.19.1.
* Working SOCKSv5 support (thanks to Torsten Kalix <torsten.kalix@bredex.de>)
* Add missing stubs for ne_ssl_* functions for non-SSL build.
* Fix some error messages in new SSL code.
Changes in release 0.19.0:
* Major API change: ne_session_create now takes (scheme, hostname, port)
arguments: a session is clarified to be "a group of requests to a
certain server".
- removal of ne_session_server, ne_set_secure, and ne_set_proxy_decider
- ne_session_proxy returns void.
- DNS lookups are delayed until request dispatch time.
* Significant improvements to TLS/SSL support:
- SSL is enabled if scheme passed to ne_session_create is "https"
- new interfaces to load CA certs and to load SSL library's bundled CA certs
- add server cert verification callback. An SSL connection to a server
with an unknown CA will now fail unless a verification callback is used.
- enable SSL session caching (performance improvement)
- support for wildcard server certs where commonName is "*.example.com".
- thanks to Tommi Komulainen for the contribution of code from mutt's
IMAP/SSL implementation under the LGPL, from which bits of this were derived.
Changes in release 0.18.4-0.18.5:
* Removed old neon.dsp, neon.dsw.
* Update Win32 build to add OpenSSL and zlib support (Branko Èibej).
* Fixes for Content-Type parsing using ne_content_type_handler (Greg Stein)
- also now parses the charset parameter from header value.
* Removed ne_concat() function, which didn't work and wasn't used.
|
|
neon is an HTTP and WebDAV client library. It provides lower-level
interfaces which directly implement new HTTP methods, and higher-level
interfaces so that you don't have to worry about the lower-level
stuff.
Provided in PR 15222 by "Eric Gillespie, Jr." <epg@pretzelnet.org>.
The only modification was to use pkgsrc's libtool.
|
