[JDEV] 1.4.2-test tarball, HTTP proxy, and zero-k auth case sensitivity

Jeremie jeremie at jabber.org
Tue Oct 16 13:31:28 CDT 2001

I'll just roll a few things into one message...

First, anyone interested in helping test the 1.4.2 server before release
to make sure it works on their platform or just for general functionality,
please grab the tarball at:


The only changes in cvs so far is a HUP fix and smart admin auto-reply.
I've tested personally on linux, solaris, and darwin/OSX.  The build is
supposed to work for the latest cygwin on win32 as well, but it's not
quite right, so if you have cygwin and can fix Makefiles and get it to
build many would appreciate it :)

Send any problem reports, platform fixes and warnings, or even if it just
works on a new platform, to jer at jabber.org, and I'll get it into cvs for
the 1.4.2 release.  If your testing functionality, the only major changes
were to the presence management and auth/reg code, so look there for any
oddities.  I'll have a full changelog available soon.

On the HTTP proxy bit, yes the existing hack in 1.4.1 is just that, and
only works with some proxies, as well as it's not in the new CCM running
on jabber.org.  Yes, the only real way to get through any proxy is with
polling HTTP requests, and yes there is experimental support out there for
it, check out "wcs" in cvs (which uses the "http" component as well) or
look at the original announcement at http://jabber.org/?oid=1102 which is
being used in a few places... I'm planning on spending some time upgrading
and doing another release of wcs/http after 1.4.2 is out.

On the 0k auth hash case sensitivity, the spec is to blame, it should make
it very clear that the exact use requires the hashing always to be of the
lower-case hex string.  It can't be case-insensitive since hashing an "A"
isn't the same as hashing an "a", and when validating 0k auth on the
server, it must first re-hash the given hash to validate it.


More information about the JDev mailing list