+1 .. I second adding back the = and - characters to safe_url handling in http.c. Currently we have to patch all the releases since we use them in some of our urls.
Thanks, Tony On Tue, Dec 9, 2014 at 12:14 PM, Joe Gooch <[email protected]> wrote: > stage_for_upstream/v2.7f has been created on github. > > https://github.com/goochjj/pound/tree/stage_for_upstream/v2.7f > https://github.com/goochjj/pound/archive/stage_for_upstream/v2.7f.zip > > I feel there's a strong case to add the = and - characters back to > safe_url handling in http.c. (redirect_reply) It's here: > Pretty: > > https://github.com/goochjj/pound/commit/a2863b0248d4809771be54518ec6a8a6ebc9db8b > Raw: > > https://github.com/goochjj/pound/commit/a2863b0248d4809771be54518ec6a8a6ebc9db8b.patch > > And I say "add back" because 2.6 allowed these characters, while 2.7 > does not. We've had multiple requests related to this. (github + > mailing list) > > Personally, I like all the changes in my branch and I think they should > all be considered. We've had mailing list issues requesting IncludeDir, > ThreadModel, CertDir, and OrURLs, all of which people are using but > don't exist in the official 2.7 branch. But if nothing else, the patch > above should be added. > > Also, given the DH implementation in pound official 2.7e (Looks like > 2048 bit was added)... Could someone please test this against ssllabs? > I implemented my DH patch the way I did because it seemed like no matter > what I threw at pound, the dh_tmp_callback never returns a bits value > >1024. That's why I skipped the callback entirely when I implemented it > in pcidss/v2.6 and the stage_for_upstream branches. SSL labs was still > showing 1024bit, even when I made 2048bit keys available. > > > Joe > > On 12/8/14, 8:58 AM, Robert Segall wrote: > > This is to announce the release of Pound v2.7e. This is an experimental > > version. Changes since version 2.7d: > > > > Enhancements: > > - added support for elliptical curve encryption > > - added support for larger DH keys > > - added protocol version in X-SSL-cipher (Tom Fitzhenry) > > > > Bug fixes: > > - fixed potential memory leak on client certificates (Frank > Schmirler) > > - fixed alt names problem (Joe Gooch) > > - removed debugging messages > > > > Many thanks to all contributors. > > > > The software is at version 2.7e (beta quality). Further testing > > (especially under heavy loads), improvements and suggestions are > > welcome. > > > > Unless somebody comes up with some urgent changes, this should be > considered > > a 2.7 release candidate > > > -- > To unsubscribe send an email with subject unsubscribe to [email protected]. > Please contact [email protected] for questions. > -- Anthony Tarlano | Chief Cloud Architect | Exablox | http://www.exablox.com <http://exablox.com/> | (m) 650-283-0488 | (skype) tarlano
