Softpedia >Linux >System >Networking >OpenCA OCSP Responder >  Changelog

OpenCA OCSP Responder Changelog

What's new in OpenCA OCSP Responder 3.1.0

Dec 16, 2014
  • This release provides many new features and fixes over the previous one. Some of which are: updated support for libpki 0.8.7, fixed HTTP GET message handling, leverage the new PKI_MEM encoding interface, enhanced performances (up to 8,000 signatures per second in software).

New in OpenCA OCSP Responder 2.4.2 (Feb 4, 2014)

  • Updated support for libpki 0.8.1 to fix HTTP GET method support
  • Updated support for LibPKI 0.8.0
  • Fixed getting the source IP address of connections
  • Fixed reloading of expired CRLs (was: error in configuration parsing)
  • Fixed memory leaks in response building
  • Optimized network packet managing when sending responses
  • Fixed the usage of the configured Hash algorithm (SHA-1 is needed on CISCO devices)
  • Fixed support for GET HTTP method
  • Updated API for using OCSPD with libpki 0.7.0+
  • Improved logging for startup sequence (better report of errors during token loading)
  • Fixed a memory issue related to inappropriate usage of syslog() instead of PKI_log()
  • Added '-testmode' switch to set the OCSP as a test responder: all signatures are invalidated by flipping the first bit in the signature

New in OpenCA OCSP Responder 2.1.0 (Feb 14, 2011)

  • Updated default configuration files (default passin set to none)
  • Enhanced support for ECDSA support
  • Updated thread management with builtin support from LibPKI 0.6.3
  • Fixed start/stop script
  • Added new method for token configuration passin -> none to avoid password promptin at startup
  • Fixed a memory error in config.c causing segfault on CRL reload
  • Set new requirements for libpki (0.6.3+)
  • Deleted extra two bytes sent out after the DER encoding of the response is written (that was causing Firefox/Thunderbird not to validate the answer)
  • Fixed an error in return code check for PKI_NET_listen.
  • Due to bug fixing in Libpki, new Requirements for libpki is v0.6.2+
  • Fixed error in config parsing when no bind address is provided

New in OpenCA OCSP Responder 2.0.0 (Nov 19, 2010)

  • Extensive support for hardware devices (PKCS#11 and OpenSSL Engine), multiple keypair and certificate support for response signatures, POST and GET support, and IPv6 support.