release 2.4.16.7

Bugfixes

• config: fix OIDCProviderRevocationEndpoint (override) for values other than ""; closes #1301; thanks @tarteens
• config: add a configuration check for public/private keys when using DPoP; closes #1293; thanks @ahus1
• config: avoid NULL pointer dereferencing when no private keys have been configured
• http: avoid potentional memory leak on cURL handle if curl_easy_escape/curl_easy_unescape fails
• proto: correct the check for the optional token_type parameter returned from a token endpoint request
• util: avoid potential crash on non-conformant literal IPv6 addresses
• jose: prevent potential memory leaks when zlib compression (deflate) fails

Features

• add OIDCProfile to configure OpenID Connect profile behaviours e.g. FAPI20, see auth_openidc.conf
• http: report errors when curl_easy_setopt fails in outgoing HTTP requests

Other

• v2.4.16.7 is certified for the FAPI 2.0 Relying Party profiles, see: https://openid.net/certification/#FAPI2-RP .
• minor code changes all over the place to address issues reported by static code analysis software

Commercial

• binary packages for various other platforms such as Microsoft Windows 64bit/32bit, Red Hat Enterprise Linux 6/7, older Ubuntu and Debian distro's, Oracle HTTP Server 11.1/12.1/12.2, IBM HTTP Server 8/9, and IBM AIX 7.x are available under a commercial agreement via [email protected]
• support for Redis/Valkey over TLS, Redis/Valkey (TLS) Sentinel, and Redis/Valkey (TLS) Cluster is available under a commercial license via [email protected]