Chilkat v9.5.0.98 Release Notes

Previous Version: https://cknotes.com/chilkat-v9-5-0-97-release-notes/

Chilkat v9.5.0.98 Release Notes

• General: Removed all internal usage of the R250 random number generation algorithm and replaced with the more cryptographically secure Fortuna algorithm.
• DNS: Fixed various DNS problems having to do with VPNs or other uncommon situations.
• Ftp2: Fixed situation where CreateRemoteDir is called, but the remote directory already exists. In this case, CreateRemoteDir will now return success.
• DKIM: Fixed a DKIM verification problem which occurs if the same header field is listed more than once in the list of “h” fields.
• XmlDSig: Fixed problem such that an empty xades:UnsignedSignatureProperties tag could get emitted in the signed XML.
• XmlDSig: Fixed a rare ebXml signature verification problem (complicated and difficult to explain).
• Email: Chilkat will now automatically use the quoted-printable Content-Transfer-Encoding (if the application hasn’t explicitly set a Content-Transfer-Encoding) for HTML bodies that have line lengths > 2000 chars, which caused problems with some mail servers.
• SSH: Restored the UncommonOption keyword “ForceUserAuthRsaSha1” for the rare cases where an SSH server supports rsa-sha2-256, rsa-sha2-512, but still requires SHA1 for the userauth algorithm.
• OAuth2: Added the “ExchangeCodeForTokenUsingJson” UncommonOption keyword to allow apps to specify that a JSON POST should be used instead of the typical application/x-www-form-urlencoded request that finishes the OAuth2 authorization flow. Also added the “RefreshTokenUsingJson” to force the OAuth2 refresh to use a JSON POST if needed.
• CertChain (on Windows): Fixed: The CertChain.IsRootTrusted method did not also consult the Windows TrustedRoots registry certificate store, and thus caused IsRootTrusted to return false when it should’ve returned true.
• SSH: Fixed a rare problem that can occur when the SSH client and server negotiate to the ssh-dss host key algorithm, which caused the connection to fail.
• Zip: Fixed a problem with the QuickAppend method, which only occurred on non-Windows systems.
• MacOS C++: Fixed problems having to do with applications using various versions of XCode, Qt, and MacOS. This had to do with the “___darwin_check_fd_set_overflow” symbol.
• TLS 1.3: Fixed a TLS 1.3 session resumption issue (where session resumption wasn’t achieved when it could’ve been).
• HTTP: Now handles cookies with “Partitioned” keys.
• Cert: Fixed a Y2038 problem having to do with certificate that have an expiration date later than year 2038.
• CertChain: Fixed the CertChain.X509PKIPathv1 method. It was returning the base64 ASN.1 with the certs listed in the order that is the reverse as specified by the standard.
• TLS: Added the “brainpool_supported_group” UncommonOption to cause Chilkat to add brainpoolP256r1 to the “supported groups” extension.
• Stream: : Fixed reliability and memory issues having to do with very large streams.
• Stream: : Because of the fixes above, and the extensive work involved, the SetSourceStream, SetSinkStream, and RunStream methods are deprecated and temporarily stubbed out to do nothing. These functions only have to do with chaining streams, and are likely unused by the vast majority of Chilkat users. If you were using one of these methods, contact support@chilkatsoft.com and we’ll suggest a workaround.
• CodeSign: Fixed a problem where the signature did not include the necessary authenticated attributes.