Skip to content

Commit

Permalink
Update ruby-httpclient to 2.8.2.4.
Browse files Browse the repository at this point in the history
Changes in 2.8.2

Aug 15, 2016 - version 2.8.2

  * Bug

    o 2.8.1 introduced JRuby + SSL connection problem; in some cases it cannot
      connect to trusted TLS server. 2.8.1 failed to load multiple CA
      certificates in a file. #327.

Aug 16, 2016 - version 2.8.2.1

  * Bug

    o 2.8.1 introduced another bug that causes NPE from JRuby when JRuby
      program loads httpclient and uses OpenSSL::X509::Store outside of
      httpclient. 2.8.3 fixed this problem. #325

Aug 28, 2016 - version 2.8.2.3

  * Bug

    o 2.8.2 fixed VERIFY_NONE at JRuby but the fix was not enough.

Sep 11, 2016 - version 2.8.2.4

  * Bug

    o 2.8.2 caused unexpected resulting value change of
      OpenSSL::X509::Store#add_cert method. Fixed.

Changes in 2.8.1

Aug 8, 2016 - version 2.8.1

* Changes

    o Use TLSv1.2 always on JRuby #320
    o Do not reset keep-alive connection by configuration change #315
    o Add strict_response_size_check option #316 false by default, meaning it
      behavies like browsers by default.
    o Add MIME type for XML #308

* Bug

    o Direct access to SSLConfig#cert_store in JRuby was broken from 2.7
      #276 #317
    o OpenSSL::SSL::VERIFY_NONE does not work in JRuby #319
    o Allow receiving response body in block when follow_redirects => true. #304
    o Fix blocking issue with request_async when Encoding.default_internal is
      set. #307
    o Apply timeouts for chunked transfer encoding #309

Changes in 2.8.0

Apr 24, 2016 - version 2.8.0

* Changes

    o Force using RSA 2048bit CA cert set

      Use RSA 2048bit CA cert set every time if it runs with OpenSSL (==
      except JRuby.)

      Old openssl (<1.0.1p or <1.0.2d) cannot handle this CA set and causes
      SSL connection failure against some SSL servers including AWS S3
      API. For such case you can manually specify RSA 1024bit CA cert set as a
      workaround.

	c = HTTPClient.new { |c| c.ssl_config.add_trust_ca("cacert1024.pem") }
	c.get("https://www.ruby-lang.org/")

      RSA 1024bit CA cert set is not maintained over years so you should
      consider updating OpenSSL version so that HTTPClient uses RSA 2048 bit
      CA cert set.

Changes in 2.7.2

Apr 22, 2016 - version 2.7.2

* Changes

    o Use RSA 1024bit CA cert when linked to old openssl

      Based on comments to #297 this commit silently (without warning) accepts
      RSA 1024bit certificate set when runtime ruby is liked with old OpenSSL
      (<1.0.1p or <1.0.2d.)

      If you're unsure that your OpenSSL is patched or not, and want to make
      sure to use RSA 2048bit certificate set, please call
      HTTPClient::SSLConfig#add_trust_ca("cacert.pem").

	c = HTTPClient.new { |c| c.ssl_config.add_trust_ca("cacert.pem") }
	c.get("https://www.ruby-lang.org/")

      I'm going to remove RSA 1024bit certificate set and bump httpclient
      version to 2.8.0 soon after I release this as 2.7.2. I believe almost
      all OpenSSL installation is patched quickly these days so it should not
      cause SSL connectivity problem.
  • Loading branch information
taca committed Oct 18, 2016
1 parent 4287647 commit e73ea47
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 7 deletions.
4 changes: 2 additions & 2 deletions www/ruby-httpclient/Makefile
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# $NetBSD: Makefile,v 1.20 2016/01/03 08:12:11 taca Exp $
# $NetBSD: Makefile,v 1.21 2016/10/18 15:36:34 taca Exp $
#

DISTNAME= httpclient-2.7.1
DISTNAME= httpclient-2.8.2.4
CATEGORIES= www

MAINTAINER= [email protected]
Expand Down
10 changes: 5 additions & 5 deletions www/ruby-httpclient/distinfo
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
$NetBSD: distinfo,v 1.19 2016/01/03 08:12:11 taca Exp $
$NetBSD: distinfo,v 1.20 2016/10/18 15:36:34 taca Exp $

SHA1 (httpclient-2.7.1.gem) = 5d0a605e42a7f591734c05c494b9b58aba162a5c
RMD160 (httpclient-2.7.1.gem) = 293321725112a038f78f727cfe757c3b46db291a
SHA512 (httpclient-2.7.1.gem) = 11b2d7a17a89d40139641586b3257384b695fc8041a91584a8f86c8ccb81fdc64aea5f5947a5982fb0e8bd27a3d52ead1d7ec302ee85c28a184be7055f9500a1
Size (httpclient-2.7.1.gem) = 378880 bytes
SHA1 (httpclient-2.8.2.4.gem) = 93267ceec80e940b5d3842517db6760e7e1b696d
RMD160 (httpclient-2.8.2.4.gem) = 1b68ab208cff6ef162d8623482769fb05ea1df80
SHA512 (httpclient-2.8.2.4.gem) = 725da86ded85f198ef10acd210340fe9ad103ab87295873438acf85980e0c1c687859ba43c7de2aa4fc271c2a706bc8e6c441bca2a608404d703df7182504514
Size (httpclient-2.8.2.4.gem) = 384000 bytes

0 comments on commit e73ea47

Please sign in to comment.