v9.5.0.34 Micro Update: SSL/TLS Perfect Forward Secrecy, Minor HTTP and ASN.1 Fixes

The internal Chilkat SSL/TLS implementation now supports the TLS_DHE_RSA_WITH_AES_256_CBC_SHA and TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher suites. These allow for perfect forward secrecy. Note: This is implemented on the client-side for all protocols using SSL/TLS. The SSL/TLS client provides the server with a list of algorithms it supports, and it is the server that decides which is to be used. These new algorithms are now included in the list, and will be used if the server chooses.

Also, a minor problem was fixed in Chilkat HTTP. If a server responds with no Content-Length header, then there was a chance that Chilkat would not return the full response. This does not apply to “chunked” responses — only to non-chunked responses that are lacking the Content-Length header — which is a rare occurrence (and it is poor practice for an HTTP response to omit the Content-Length).

Finally, a minor and rarely encountered ASN.1 problem was fixed. (ASN.1 code is internal to Chilkat and has to do with implementations for PKCS, PFX, etc.