Gents, Just a quick note to say thanks for your assistance with maintenance of the pound package in my extended absence; Michael and Joerg for your NMUs and Joey for the security fix.
I would like to see about resolving the last of the bugs; see my comments about each of them below: #263578: SSL is currently completely broken OK to close? SSL_CTX_set_session_id_context is now being set intelligently, identifying an instance by app, process and thread [1] #320220: SSL problem with pound-1.9 and Firefox 1.0.6 1.9 introduced this functionality as a 'bug fix': * added a check for MSIE before forcing SSL shutdown[2] As such I'm unconvinced that the 'fix' requested will make it into the next release as a 'fix fix' (effectively reverting to the previous behaviour so far as I can tell). I think we should ask upstream what they think about the issue. #242066: please enable DAV support Apparently one also needs a config setting, but to be sure I trawled through the code and found that the list of characters matched in regular expressions is more lenient with this option enabled, even when the config file setting is disabled. The functionality seems useful enough to be included in pound proper (eg for subversion support), even if without the extra characters. Ideally they would be separate runtime options. This would no doubt require an amount of work upstream though. Cheers, Sam 1. http://www.openssl.org/docs/ssl/SSL_CTX_set_session_id_context.html snprintf(sess_id, 32, "%d-Pound-%d", getpid(), i); SSL_CTX_set_session_id_context(ctx[i], sess_id, strlen(sess_id)); 2. http://www.openssl.org/docs/ssl/SSL_set_shutdown.html
