Recent Releases

1.4.607 Jun 2017 20:05 minor feature: Typo. More typos. Use -fno-strict-aliasing for libev. Prepare for 4.1.6.
1.4.502 Jun 2017 23:05 minor feature: Asterisk is not a valid node for getaddrinfo(). gettimeofday(2) needs sys/time.h. Another case of gettimeofday(2) needing sys/time.h. unchecked loop situation with shared cache enabled. Make shared cache code work with openssl 1.1. building with libressl. Set SSL_OP_SINGLE_ECDH_USE to force a fresh ECDH key pair per handshake. Merge branch 'listen_all' of into l?. Clean up a few things in the previous patch. Printing invalid cmd args /once/ is sufficient. Add a link to the PROXY spec in the docs. typo in man page. Distribute and preserve lex/yacc droppings. One line per source file. Make sure to always satisfy dependencies. Enable silent rules by default. Redundant. Polish. Move the configuration parser to a static library. Need sys/filio on SunOS for FIONBIO. s/unix/local/. OpenSSL 1.1 does not require locking callbacks. Enhance system libraries detection. Separate foreign sources from hitch. Get _GNU_SOURCE as a system extension. Merge CFLAGS. Polish hitch CFLAGS. Move CFLAGS detection to autoconf. Polish. libnsl detection. Make -Wno-strict-aliasing a flag only for libev. configuration.h includes . Un-break session-cache for OpenSSL 1.1. missing include. Don't export these symbols. a couple of potential overflow situations. It turned out lib conditionals weren't needed. strcasecmp needs this. Can't claim POSIX.1-2008 yet. Can't target C99 yet. Enable and automake warnings. Code style OCD. Allow hitch to bind random ports. Move create_alpn_callback_data up. Macroize options parsing. Avoid leaking a zombie process for the OCSP child. Don't chroot(2) the management process. Avoid C99 dependent for loop syntax. Drop dead lines. build for automake 1.14. Typo in previous commit. Quote the offending line on a parsing error. Kill unused locations. make distcheck. Prepare for 1.4.5. Update changelog references.
1.4.423 Dec 2016 03:15 minor feature: Typo in TLS config warning. Remove special handling of old host format. Improve clarity. Make Hitch compatible with OpenSSL 1.1.0. Make sure we always have a sane refresh_hint set for OCSP refreshes. Force SSL_OP_SINGLE_DH_USE to avoid small subgroup attacks on older. Changelog. Respect OPENSSL_NO_NEXTPROTONEG. 1.4.4.
1.4.318 Nov 2016 15:40 minor feature: OCSP stapling is now enabled by default. Users should create ocsp-dir (default: /var/lib/hitch/) and make it writable for the hitch user. Build error due to man page generation on FreeBSD (most likely non-Linux) has been fixed.