This is to announce the release of Pound v1.7.

Changes in this version:

- Fixed bug in X-SSL-CIPHER description: the description no longer
causes problems by breaking the request
- Changed README to stx format for consistency
- Addedd X-SSL-certificate with full client certificate contents
- changed the old-style responses to support "streaming" mode. This
should help especially OpenACS users:
	- Improved the response times on HTTP/0.9 (content without 	 
Content-length)
	- Improved response granularity on above - using unbuffered BIO 	 
functions now
- Fixed problem with IE/SSL (SSL_set_shutdown)
- Avoid error messages on premature EOF from client
- Fixed HeadRemove code so all headers are checked without exception
- Improved autoconf detection and fixed various compile-time problems
- Moved from select() to poll() in order to avoid limitations on the
number of descriptors

Enjoy and let me know how it works for you.[...]

> This is to announce the release of Pound v1.7.[...]
Thanks for the new release.

I tried to install the last -current last night and didn't get it to work.
Unfortunately the same happens with 1.7.
The problem is that as soon as I put a ListenHTTPS into the config file,
http on port 80 stops working. My config looks like this:

User nobody
Group nobody
RootJail /usr/share/pound
ListenHTTP *,80
ListenHTTPS *,443 /usr/share/ssl/certs/pound.pem
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ExtendedHTTP 1
LogLevel 2

# Catch-all server(s)
UrlGroup ".*"
BackEnd 10.1.6.25,80,1
EndGroup

https works but not http. Commenting out ListenHTTPS makes http work. The
same config works well with 1.6. This is on Linux RedHat 7.3.

Any ideas?

Simon

On Wed, 2004-03-24 at 13:01, Simon Matter wrote:[...]

I'll need your help to figure this one out - I can't replicate your
problem on any of our machines (admittedly, we don't use RedHat, but 7.3
should not be a problem). What does it mean "HTTP stops working"? What
is it you see?[...]

On Wed, 2004-03-24 at 09:40, Nick Bower wrote:[...]

The way it works: the "official" versions are numbered - the highest
number is latest (currently 1.7). See at the end of the Pound web page
for a list - we keep a few versions listed for historical reasons.

Pound-current is "last known good". This is a bleeding edge version,
absolute newest. We try not to have "testing" versions here, but
something that actually works, though it is somewhat risky.

Which one you use is a matter of personal taste.

As to how you know which version you are using: the "official" versions
are numbered (Pound-1.7.tgz), Pound-current.tgz is the only one which is
not. When in doubt look in any of the source files for the RCS string
(static char *rcs_id = "...") which shows the version number. Given that
-current is not yet checked-in it carries the same version string as the
latest "official" version. Use the file modification times to check if
your -current is the absolute latest.

I hope this clears up any confusion about this matter.

Finally, please keep this on the mailing list, as I'm sure it could
benefit others as well. Use "Reply to list" rather than "Reply" in your
mail client.[...]

> On Wed, 2004-03-24 at 13:01, Simon Matter wrote:[...][...]

Okay, when I restart pound, I get one single page with http on port 80,
then it looks like pound hangs:

Mar 24 15:25:47 dhcp-141-104 pound: starting...
Mar 24 15:25:47 dhcp-141-104 pound: pound startup succeeded
Mar 24 15:26:31 dhcp-141-104 pound: 10.1.200.117 GET
/webmail/src/login.php HTTP/1.0 - HTTP/1.1 200 OK (10.1.6.25:80)

The seconds request does not get any reply from the server and the browser
keep waiting forever. I sniffed the wire with ethereal and I see there is
no replay from the server after the client made its second request.

Simon

On Wed, 2004-03-24 at 14:38, Simon Matter wrote:[...]

I suggest you have a look at the polling code (pound.c, line ~720 and
on). Some debugging printouts there would be helpful.

An additional thought: try not to use HTTP/1.1 (to make sure the
requests are sent to separate threads) and/or leave enough time between
the requests so that the socket is closed.

As I said, we can't duplicate this on any of our machines (Gentoo, Suse,
OpenBSD). Did anybody else observe this problem?[...]

> On Wed, 2004-03-24 at 14:38, Simon Matter wrote:[...][...]

I was already looking at the changes between 1.6 and 1.7 but I'm afraid my
skills are not sufficient for this.
[...]

How? I tried "NoHTTPS11 1" just gessing that's what you mean. It didn't
change anything.
[...]

Interesting because there is really nothing special with RedHat 7.x.
[...]

On Wed, 2004-03-24 at 16:48, Simon Matter wrote:[...]

I meant a 1.0 client (browser, wget, curl, etc).
[...]

That's the puzzling part. Had you said RH9 I would have been suspicious,
as it is I have no idea.[...]

[...]


Hi - I was mis-understood as the above is exactly what is not clear.  I
make the observation in the context of not wanting to know how to
download the most recent version (this is easy - it is pound-current),
but wanting to know version pound-current is.

I would suggest you change the section "OLDER VERSIONS" to something
like "ALL STABLE VERSIONS".  There is nothing obvious about the fact
that the most recent "older version" is actually the current one.  Apart
from being completely ambiguous, it's incorrect because older is, by
definition, not current right?  Perhaps it's obvious to everyone but me
<:-)

Apart from the URI linking above, I'd also suggest a VERSION file and a
-v switch to pound.

Cheers, Nick.

[...]
[...]

> On Wed, 2004-03-24 at 16:48, Simon Matter wrote:[...][...][...][...]

I have just installed a Debian 3.0r1 box from cd and built Pound-1.7 with
exactly the same results.

This works:
------------------------------
User nobody
Group nogroup
#RootJail /usr/share/pound
ListenHTTP *,80
#ListenHTTPS *,443 /usr/local/etc/pound.pem
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ExtendedHTTP 1
LogLevel 2

# Catch-all server(s)
UrlGroup ".*"
BackEnd 10.1.6.25,80,1
EndGroup
------------------------------

This works also:
------------------------------
User nobody
Group nogroup
#RootJail /usr/share/pound
#ListenHTTP *,80
ListenHTTPS *,443 /usr/local/etc/pound.pem
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ExtendedHTTP 1
LogLevel 2

# Catch-all server(s)
UrlGroup ".*"
BackEnd 10.1.6.25,80,1
EndGroup
------------------------------

But here, only https works. http works for one request and then stops.
------------------------------
User nobody
Group nogroup
#RootJail /usr/share/pound
ListenHTTP *,80
ListenHTTPS *,443 /usr/local/etc/pound.pem
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
ExtendedHTTP 1
LogLevel 2

# Catch-all server(s)
UrlGroup ".*"
BackEnd 10.1.6.25,80,1
EndGroup
------------------------------

I'm quite sure exactly the same config doesn't work on Gentoo or Novell
Linux too.

Simon