I would like to highlight a functional change for Windows users now that the SChannel based SSL processing can work the same as for OpenSSL:
Important Windows SSL/TLS functionality change: The Proton SSL/TLS module for 0.8 using the native Microsoft SChannel libraries was not configurable and successful handshakes resulted solely from having the appropriate CA certificate in the official Windows Trusted Root CA store. It is now possible to specify alternate trusted root CA databases and to turn off certificate checking altogether, using the same Proton API conventions as for OpenSSL on Posix systems. In particular, Proton applications in Windows will not check server certificates at all in 0.9 unless the capability is explicitly enabled using the pn_ssl_domain_set_trusted_ca_db() function. To use the system Trusted Root CA store: pn_ssl_domain_set_trusted_ca_db(d, "sys:root") Or to use a file based PKCS#12 certificate store: pn_ssl_domain_set_trusted_ca_db(d, "mycerts.p12") On Wed, Mar 25, 2015 at 8:25 AM, Ken Giusti <[email protected]> wrote: > How about: > > "New Reactor API" > > I think that's a pretty big deal, no? ;) > > > > ----- Original Message ----- >> From: "Rafael Schloming" <[email protected]> >> To: [email protected] >> Sent: Tuesday, March 24, 2015 3:16:52 PM >> Subject: Items for the 0.9 Release notes/announcement >> >> I'm trying to put together a relatively complete set of changes and release >> notes for 0.9. If there is any particular feature be it new or some >> existing behaviour change that is worthy of being mentioned in the release >> notes or release announcement, please follow up with a suitable blurb on >> this thread. >> >> --Rafael >> > > -- > -K
