JRuby-OSSL 0.7.2 is out.
It contains fixes for important SSL resource management issues; selector/file descriptor leak and timeout did not work.
- JRUBY-5018 SSLSocket holds selectors, keys, preventing quick cleanup of resources when dereferenced
- JRUBY-5059 Timeouts don't work correctly for https sessions
SSL users are recommended to upgrade to 0.7.2.
Other fixes are;
- JRUBY-5024 HMAC.new with digest name raises an Exception; Now HMAC.new(msg, "SHA1") works as same as HMAC.new(msg, Digest::SHA1.new)
- JRUBY-5023 Certificate#signature_algorithm returns wrong name; Now it returns "md5WithRSAEncryption", "sha1WithRSAEncryption", "dsaWithSHA1" or "dsaWithSHA2" instead of "SHA1" or "SHA2".
- JRUBY-5096 Inconsistent verification behavior; Caling Certificate#verify twice returns true and false for valid certificate.
- JRUBY-4965 OpenSSL::Config not implemented; Now you can use OpenSSL::Config for parsing openssl.cnf
- JRUBY-5060 x509store.PEMInputOutput.writeX509Request causes NullPointerException; Avoid NPE from to_pem for empty X509 Objects
- JRUBY-5125 Cipher#name should return SN(short name) of OpenSSL (uppercase in general); Now Cipher#name for arcfour is 'RC4' not 'rc4' for Net::SSH compatibility.
- JRUBY-5126 Cipher#reset should not reset the internal state for stream cipher; Net::SSH depends on this behavior.
Net::SSH users are also recommended to upgrade.
This release supports following environments. (Not changed from 0.7.1)
- JRuby 1.5.3 and 1.4.0 (1.5.X should run fine, too)
- JRE 6 and 5
- With or without Unlimited Strength policy files for JRE
- Any OS which runs above JRE (I tested against Ubuntu 10.10 and Windows 7)
Please file a ticket at http://bugs.jruby.org with 'Component: OpenSSL' when you find a problem with this release.
No comments:
Post a Comment