OkHttp v4.2.0 Release Notes

Release Date: 2019-09-10 // 14 days ago
  • 2019-09-10

    • New: API to decode a certificate and private key to create a HeldCertificate. This accepts a string containing both a certificate and PKCS #8-encoded private key.

      val heldCertificate = HeldCertificate.decode("""
          |-----BEGIN CERTIFICATE-----
          |-----END CERTIFICATE-----
          |-----BEGIN PRIVATE KEY-----
          |-----END PRIVATE KEY-----
      val handshakeCertificates = HandshakeCertificates.Builder()
      val server = MockWebServer()
      server.useHttps(handshakeCertificates.sslSocketFactory(), false)

      Get these strings with HeldCertificate.certificatePem() and privateKeyPkcs8Pem().

    • Fix: Handshake now returns peer certificates in canonical order: each certificate is signed by the certificate that follows and the last certificate is signed by a trusted root.

    • Fix: Don't lose HTTP/2 flow control bytes when incoming data races with a stream close. If this happened enough then eventually the connection would stall.

    • Fix: Acknowledge and apply inbound HTTP/2 settings atomically. Previously we had a race where we could use new flow control capacity before acknowledging it, causing strict HTTP/2 servers to fail the call.

Previous changes from v4.1.1

  • 2019-09-05

    • Fix: Don't drop repeated headers when validating cached responses. In our Kotlin upgrade we introduced a regression where we iterated the number of unique header names rather than then number of unique headers. If you're using OkHttp's response cache this may impact you.