Releases: savonet/ocaml-ssl
Releases · savonet/ocaml-ssl
0.6.0
CHANGES:
- Raise an error when
Ssl.flushisn't successful (#104, #120) - Add an API-compatible
Ssl.Runtime_lockmodule. The functions in this module
don't release the OCaml runtime lock. While they don't allow other OCaml
threads to run concurrently, they don't perform any copying in the underlying
data, leading certain workloads to be faster than their counterparts that
release the lock. (#106) - Guarantee
Ssl.output_stringwrites the whole string by retrying the
operation with unwritten bytes (#103, #116) - Fix calls in C stubs that need to call
ERR_clear_errorbefore the underlying
OpenSSL call (#118) - Add a module
Ssl.Errorto retrieve OpenSSL errors in a structured way (#119) - Deprecate Ssl.{SSLv23,SSLv3,TLSv1,TLSv1_1}, which were were formally
deprecated in March 2021 and earlier (#115).
0.5.13
0.5.12
CHANGES:
- Add a few verification functions (#71):
add_extra_chain_certto send additional chain certificates to the peer.add_cert_to_store: to allow verification of the peer certificate CA.set_ip: sets the expected IP address to be verified on a SSL socket.
- Improve
use_certificate_from_string(#71) to read any type of key (rather
than just RSA). - Fix a segmentation fault in the ALPN selection callback under OCaml 5 (#89).
- Audit the C FFI and add
CAMLparamXandCAMLreturncalls (#90).
0.5.11
- Add digest function (#65, #66).
- Restore compatibility with openssl < 1.1.0 (#73).
- Improved compatibility with OCaml 5 (#79).
- Fix client_verify_callback for NO_NAKED_POINTERS mode. A user-provided verification function in C remains an out-of-heap pointer for 4.x for compatibility, but is boxed for OCaml 5.x or 4.x when configured with --disable-naked-pointers. (#83)
