|
------------------------------------------------------------------------
r2499 | chemodax | 2015-04-11 17:30:50 +0400 (Sat, 11 Apr 2015) | 26 lines Pass SCHEME argument to all auth plugins callbacks. * auth/auth.c (handle_auth_headers, serf__auth_setup_request): Pass SCHEME to HANDLE_FUNC and SETUP_REQUEST_FUNC. * auth/auth.h (serf__auth_handler_func_t, serf__setup_request_func_t): Add SCHEME parameter. * auth/auth_basic.c (serf__handle_basic_auth): Use provided SCHEME instead of AUTHN_INFO->SCHEME. (serf__setup_request_basic_auth): Add SCHEME argument. * auth/auth_digest.c (serf__handle_digest_auth): Use provided SCHEME instead of AUTHN_INFO->SCHEME. (serf__setup_request_digest_auth): Add SCHEME argument. * auth/auth_spnego.c (do_auth): Use provided SCHEME instead of AUTHN_INFO->SCHEME. (serf__handle_spnego_auth, serf__setup_request_spnego_auth, serf__validate_response_spnego_auth): Add SCHEME argument and pass it to do_auth() call. ------------------------------------------------------------------------ r2498 | chemodax | 2015-04-10 18:05:14 +0400 (Fri, 10 Apr 2015) | 13 lines Add some comments for easier tracking all auth vtable implementations. * auth/auth_basic.c * auth/auth_digest.c * auth/auth_spnego.c (serf__handle_basic_auth, serf__init_basic_connection, serf__setup_request_basic_auth, validate_response_func, serf__handle_digest_auth, serf__init_digest_connection, serf__setup_request_digest_auth, serf__validate_response_digest_auth, serf__init_spnego_connection, serf__handle_spnego_auth, serf__setup_request_spnego_auth, serf__validate_response_spnego_auth): Mention what kind of auth callback function implements. ------------------------------------------------------------------------ r2497 | chemodax | 2015-04-08 22:43:35 +0400 (Wed, 08 Apr 2015) | 3 lines * auth/auth.c (handle_auth_headers): Fix a typo in comment. ------------------------------------------------------------------------ r2496 | chemodax | 2015-04-08 22:38:47 +0400 (Wed, 08 Apr 2015) | 22 lines Remove unused authentication scheme callback for per-context initialization. We may return it back if needed. * auth/auth.c (handle_auth_headers): Do not call init_ctx_func() for authn schemes. * auth/auth.h (serf__init_context_func_t): Remove. (serf__authn_scheme_t): Remove INIT_CTX_FUNC field. * auth/auth_basic.c (serf__init_basic): Remove no-op function. (serf__basic_authn_scheme): Update vtable definition. * auth/auth_digest.c (serf__init_digest): Remove no-op function. (serf__digest_authn_scheme): Update vtable definition. * auth/auth_spnego.c (serf__init_spnego): Remove no-op function. (serf__spnego_authn_scheme, serf__ntlm_authn_scheme): Update vtable definition. ------------------------------------------------------------------------ r2495 | chemodax | 2015-04-08 21:46:40 +0400 (Wed, 08 Apr 2015) | 46 lines More auth framework refactoring: move auth schemes vtable definitions to appropriate file with authn scheme implementation. * auth/auth.c (default_auth_response_handler): Remove. (serf_authn_schemes): Change type to array of pointers to serf__authn_scheme_t structures. (handle_auth_headers): Update code to reflect serf_authn_schemes type change. * auth/auth.h (serf__init_basic, serf__init_basic_connection, serf__handle_basic_auth, serf__setup_request_basic_auth, serf__init_digest, serf__init_digest_connection, serf__handle_digest_auth, serf__setup_request_digest_auth, serf__validate_response_digest_auth, serf__init_spnego, serf__init_spnego_connection, serf__handle_spnego_auth, serf__setup_request_spnego_auth, serf__validate_response_spnego_auth): Remove function declarations -- we use authn scheme vtable to access them. (serf__basic_authn_scheme, serf__digest_authn_scheme, serf__spnego_authn_scheme, serf__ntlm_authn_scheme): Declare authn schemes. * auth/auth_basic.c (serf__handle_basic_auth, serf__init_basic, serf__init_basic_connection, serf__setup_request_basic_auth): Mark as static. (validate_response_func): New. (serf__basic_authn_scheme): Factored out from serf_authn_schemes in auth.c * auth/auth_digest.c (serf__handle_digest_auth, serf__init_digest, serf__init_digest_connection, serf__setup_request_digest_auth, serf__validate_response_digest_auth): Mark as static. (serf__digest_authn_scheme): Factored out from serf_authn_schemes in auth.c * auth/auth_spnego.c (serf__init_spnego_connection, serf__handle_spnego_auth, serf__setup_request_spnego_auth): Mark as static. (serf__spnego_authn_scheme, serf__ntlm_authn_scheme): Factored out from serf_authn_schemes in auth.c ------------------------------------------------------------------------ r2494 | chemodax | 2015-04-08 17:04:15 +0400 (Wed, 08 Apr 2015) | 15 lines Reduce visibility of auth related structures. * serf_private.h (serf__auth_handler_func_t, serf__init_context_func_t, serf__init_conn_func_t, serf__setup_request_func_t, serf__validate_response_func_t, serf__authn_scheme_t): Move to ... * auth/auth.h (serf__auth_handler_func_t, serf__init_context_func_t, serf__init_conn_func_t, serf__setup_request_func_t, serf__validate_response_func_t, serf__authn_scheme_t): ... here. * auth/auth_spnego_sspi.c (): Include "auth.h" ------------------------------------------------------------------------ r2493 | chemodax | 2015-04-08 16:57:39 +0400 (Wed, 08 Apr 2015) | 4 lines * . (svn:auto-props): Configure svn:auto-props Subversion property to add svn:eol-style=native for *.h, *.c, *.py, BRANCH-README and STATUS files. ------------------------------------------------------------------------ r2492 | chemodax | 2015-04-08 16:47:44 +0400 (Wed, 08 Apr 2015) | 8 lines * buckets/copy_buckets.c * buckets/iovec_buckets.c * buckets/log_wrapper_buckets.c * config_store.c * logging.c * ssltunnel.c (): Set svn:eol-style to native. ------------------------------------------------------------------------ r2491 | chemodax | 2015-04-08 16:45:40 +0400 (Wed, 08 Apr 2015) | 19 lines Factor out some auth related code from outgoing.c and ssltunnel.c to auth/auth.c as preparation for more unit testing. * auth/auth.c * serf_private.h (serf__auth_setup_connection): New. Factored out from serf__open_connections(). (serf__auth_setup_request): New. Factored out from serf_request_bucket_request_create() * outgoing.c (serf__open_connections): Use serf__auth_setup_connection() function. (serf_request_bucket_request_create): Use serf__auth_setup_request() function. * ssltunnel.c (setup_request): Use serf__auth_setup_request() function. ------------------------------------------------------------------------ r2490 | chemodax | 2015-04-08 16:15:20 +0400 (Wed, 08 Apr 2015) | 4 lines * test/test_ssl.c (test_ssl_server_cert_with_san_and_empty_cb): Remove unused local variable. ------------------------------------------------------------------------ r2489 | lieven.govaerts | 2015-04-06 13:24:18 +0400 (Mon, 06 Apr 2015) | 27 lines In preparation of serf 1.4.0, remove the get_remaining function from the bucket API. This reverts most of r2008, r2009, r2010 and r2198. From r2008 I kept the read_bucket_v2 function, which is needed for set_config. * buckets/aggregate_buckets.c * buckets/barrier_buckets.c * buckets/chunk_buckets.c * buckets/copy_buckets.c * buckets/dechunk_buckets.c * buckets/deflate_buckets.c * buckets/file_buckets.c * buckets/limit_buckets.c * buckets/log_wrapper_buckets.c * buckets/mmap_buckets.c * buckets/request_buckets.c * buckets/response_body_buckets.c * buckets/response_buckets.c * buckets/simple_buckets.c * buckets/socket_buckets.c * buckets/ssl_buckets.c * serf.h * test/mock_sock_buckets.c * test/test_buckets.c: Remove get_remaining from the bucket API, and its associated declarations. ------------------------------------------------------------------------ r2488 | lieven.govaerts | 2015-04-06 12:58:24 +0400 (Mon, 06 Apr 2015) | 3 lines * serf.h (struct serf_connection_type_t): Move to the commented out v2 block. ------------------------------------------------------------------------ r2487 | lieven.govaerts | 2015-04-06 12:52:48 +0400 (Mon, 06 Apr 2015) | 6 lines * serf.h (serf_connection_type_t, serf_protocol_t, serf_protocol_type_t): comment out some v2 declarations. ------------------------------------------------------------------------ r2486 | lieven.govaerts | 2015-04-06 12:50:17 +0400 (Mon, 06 Apr 2015) | 2 lines * test/MockHTTPinC/MockHTTP_server.c: Fix comment. ------------------------------------------------------------------------ r2485 | chemodax | 2015-03-27 17:12:38 +0400 (Fri, 27 Mar 2015) | 11 lines Add '-c' option to serf_get test utility to specify number of concurrent connections to use. * test/serf_get.c (app_baton_t): Move ssl_ctx member to ... (conn_baton_t): ... new per-connection baton. (closed_connection, conn_setup): Use per-connection baton. (options): Add '-c' option. (main): Parse '-c' option and create create multiple connection if requested. Spread requests across them. ------------------------------------------------------------------------ r2481 | bhuijben | 2015-03-05 13:35:19 +0400 (Thu, 05 Mar 2015) | 13 lines Following up on r2479, return an error when the server starts mindreading by responding before we ask something, instead of preparing to write the request anyway. The changed check resolves a WIN64 specific segfault from Subversion. (Not sure why, but I'm not able to reproduce this double setup from WIN32). * outgoing.c (read_from_connection): Return error instead of setting up request (again??) ------------------------------------------------------------------------ r2480 | bhuijben | 2015-03-05 04:02:23 +0400 (Thu, 05 Mar 2015) | 6 lines Don't apply unnecessary registrations for cleanup on exec. * outgoing.c (serf__open_connections, setup_request): Stop registering for child cleanup. ------------------------------------------------------------------------ r2479 | bhuijben | 2015-03-01 01:19:48 +0400 (Sun, 01 Mar 2015) | 13 lines Avoid segfault on a case where the server somehow replies before we send anything like a request. Reproducable by: $ nc -Sl 127.0.0.1 9001 < response.txt $ serf_get http://127.0.0.1:9001/ Where serf_get is somehow slow (e.g. when debugging) * outgoing.c (read_from_connection): Before accepting a response make sure there is somebody willing to accept it, or we have a segfault. ------------------------------------------------------------------------ r2478 | lieven.govaerts | 2015-02-28 15:29:05 +0400 (Sat, 28 Feb 2015) | 10 lines Merge the branch fix-authn-errors to trunk. This branch fixes the problem of reporting response errors to the application when an authentication callback handler is set. A first attempt to fix it was made in r2360, but with some bad side effects. The approach implemented in this branch is explained in this mail thread (and in the code comments): https://groups.google.com/forum/#!msg/serf-dev/3_HLwF2lVsY/bcR-fatxGB0J ------------------------------------------------------------------------ r2474 | chemodax | 2015-01-15 18:13:11 +0400 (Thu, 15 Jan 2015) | 33 lines Properly initialize FOUND output argument in buckets readline implementation when non-error status code is returned: non-error status code allow some data be returned, so caller may be interested whether end of line found or did not. Discussion: https://groups.google.com/d/topic/serf-dev/9Mr7agcT0vU * buckets/aggregate_buckets.c (serf_aggregate_readline): Initialize *FOUND to SERF_NEWLINE_NONE first -- we may exit early if there is no buckets in list. * buckets/buckets.c (serf_databuf_readline): Initialize *FOUND to SERF_NEWLINE_NONE if common_databuf_prep() returned non-zero status. common_databuf_prep() always returns APR_EOF with *LEN so there is definitely no end of line. * buckets/headers_buckets.c (serf_headers_readline): Initialize *FOUND to SERF_NEWLINE_NONE in READ_DONE state. * buckets/limit_buckets.c (serf_limit_readline): Initialize *FOUND to SERF_NEWLINE_NONE when reached the limit. * buckets/response_body_buckets.c (serf_response_body_readline): Initialize *FOUND to SERF_NEWLINE_NONE when reached end of response body. * buckets/response_buckets.c (serf_response_readline): Intialize *LEN to 0 and *FOUND to SERF_NEWLINE_NONE until we read to response body. ------------------------------------------------------------------------ r2473 | chemodax | 2015-01-15 16:51:46 +0400 (Thu, 15 Jan 2015) | 7 lines Follow-up to r2465: Remove now unnecessary code. * buckets/response_buckets.c (parse_status_line): Do not add unnecessary NUL terminator to serf_linebuf_t.line: since r2465 serf_linebuf_t.line is always NUL terminated string. ------------------------------------------------------------------------ r2472 | chemodax | 2015-01-13 21:28:05 +0400 (Tue, 13 Jan 2015) | 10 lines Another correctness fix: do not pass invalid data pointer for zero length buffer to memcpy() and inflate(). This makes valgrind happy when running test suite. * buckets/deflate_buckets.c (serf_deflate_read): Do not call memcpy() with zero length buffer and invalid data pointer. Explicitly initialize ctx->zstream.next_in to Z_NULL for zero length buffer, because zlib checks for next_in *before* checking length, triggering valgrind check. ------------------------------------------------------------------------ r2471 | b.huijben | 2015-01-13 21:19:58 +0400 (Tue, 13 Jan 2015) | 1 line Revert r2470: Ignore test/server directory ------------------------------------------------------------------------ r2470 | b.huijben | 2015-01-13 18:16:58 +0400 (Tue, 13 Jan 2015) | 1 line Ignore server directory ------------------------------------------------------------------------ r2469 | chemodax | 2015-01-13 17:23:45 +0400 (Tue, 13 Jan 2015) | 8 lines Correctness fix in serf_linebuf_fetch(). * buckets/buckets.c (serf_linebuf_fetch): Do not call memcpy() with zero length and possibly invalid pointer. The C99 standard (7.21.1/2) requires valid data pointer even for zero length array for all functions unless explicitly stated otherwise. ------------------------------------------------------------------------ r2468 | bhuijben | 2015-01-13 17:01:14 +0400 (Tue, 13 Jan 2015) | 5 lines * test/test_ssl.c (test_ssl_renegotiate): Don't schedule the same serf request twice, in the same test as that assumes that it is allocated (and can be freed) twice. I'm guessing that this is left over test code. ------------------------------------------------------------------------ r2467 | bhuijben | 2015-01-13 16:34:02 +0400 (Tue, 13 Jan 2015) | 13 lines Following up on r2466, add more missing config initializations. * buckets/chunk_buckets.c (serf_bucket_chunk_create): * buckets/deflate_buckets.c (serf_bucket_deflate_create): * buckets/request_buckets.c (serf_bucket_request_create): * buckets/response_buckets.c (serf_bucket_response_create): * buckets/ssl_buckets.c (ssl_init_context): Explicitly initialize config in ctx. ------------------------------------------------------------------------ r2466 | bhuijben | 2015-01-13 16:29:51 +0400 (Tue, 13 Jan 2015) | 5 lines * buckets/log_wrapper_buckets.c (serf__bucket_log_wrapper_create): Properly initialize config. Found by: Philip Martin <philip{_AT_}codematters.co.uk> ------------------------------------------------------------------------ r2465 | chemodax | 2015-01-13 15:02:34 +0400 (Tue, 13 Jan 2015) | 16 lines Make sure that LINE structure member of serf_linebuf_t is always NUL terminated string. * serf.h (serf_linebuf_t): Document that LINE member is always NUL terminated since serf 2.0. * buckets/buckets.c (serf_linebuf_init): Initialize linebuf->line to empty string. (serf_linebuf_fetch): Append NUL terminator when LINE in serf_linebuf_t is modified. * test/test_buckets.c (test_linebuf_fetch_crlf): Basic test for serf_linebuf_t. (test_buckets): Add test_linebuf_fetch_crlf test to test suite. ------------------------------------------------------------------------ r2464 | bhuijben | 2015-01-12 21:16:51 +0400 (Mon, 12 Jan 2015) | 3 lines * buckets/response_buckets.c (parse_status_line): Following up on r2463, fix comment syntax. ------------------------------------------------------------------------ r2463 | bhuijben | 2015-01-12 21:13:09 +0400 (Mon, 12 Jan 2015) | 18 lines Following up on r2455, allow reading responses that are not strictly valid (accoring to the HTTP/1.0 RFC) in the whitespace after the http status code. This resolves the regression for 'IIS status codes' in the form "HTTP/1.1 401.1 Logon failed." (tested via test_response_bucket_iis_status_code) And this now also allows "HTTP/1.1 401" * buckets/response_buckets.c (parse_status_line): Remove unneeded check and re-allow empty reasons. * test/test_buckets.c (test_response_bucket_no_reason): New test. (test_buckets): Add new test. ------------------------------------------------------------------------ r2462 | bhuijben | 2015-01-12 20:04:23 +0400 (Mon, 12 Jan 2015) | 5 lines * SConstruct On Windows: Suppress warnings that microsoft uses to recommend using 'more secure' versions of certain (posix) functions. This makes the real warnings more visible. ------------------------------------------------------------------------ r2461 | bhuijben | 2015-01-12 19:44:33 +0400 (Mon, 12 Jan 2015) | 12 lines Fix some minor issues in the MockHTTP engine. * test/MockHTTPinC/MockHTTP.c (mhMatchAny): Fix return type. * test/MockHTTPinC/MockHTTP.h (mhMatchAny): Fix return type. * test/MockHTTPinC/MockHTTP_server.c (readChunked): Properly initialize status, as the value is directly returned (because read errors trigger an assertion). ------------------------------------------------------------------------ r2460 | bhuijben | 2015-01-12 19:34:01 +0400 (Mon, 12 Jan 2015) | 5 lines * test/MockHTTPinC/MockHTTP_server.c (buffSktPeek): Properly handle *len as an output only argument. This resolves a valgrind error, that behavior depends on an unitialized value. ------------------------------------------------------------------------ r2459 | bhuijben | 2015-01-12 18:17:10 +0400 (Mon, 12 Jan 2015) | 7 lines Properly check for test setup errors to avoid spending time researching segfaults. * test/MockHTTPinC/MockHTTP_server.c (initClientCtx): Return status code to allow diagnosing errors. (_mhRunServerLoop): Verify result of initialization. ------------------------------------------------------------------------ r2458 | stsp@elego.de | 2015-01-12 17:50:40 +0400 (Mon, 12 Jan 2015) | 6 lines * buckets/buckets.c (serf_linebuf_fetch): Serf values performance more than NUL terminated strings, so revert r2450. Requested by Bert and Ivan. ------------------------------------------------------------------------ r2457 | b.huijben | 2015-01-11 03:27:55 +0400 (Sun, 11 Jan 2015) | 13 lines Properly pass the right baton value to the pollset_rm() functions. Currently this value is unused, but we should pass the proper value anyway. Found by: Philip Martin <philip{_AT_}codematters.co.uk> * context.c (serf_event_trigger): * outgoing.c (serf__conn_update_pollset, remove_connection): Pass the right baton value (the value that we expect when polling). Luckily this function makes sure we don't get a result on poll. ------------------------------------------------------------------------ r2456 | b.huijben | 2015-01-11 03:15:27 +0400 (Sun, 11 Jan 2015) | 8 lines Cast the client data from the baton to the proper type before passing it to serf_event_trigger(). Found by: Philip Martin <philip{_AT_}codematters.co.uk> * context.c (serf_context_run): Correctness fix. The value is directly passed as void*. ------------------------------------------------------------------------ r2455 | b.huijben | 2015-01-09 21:51:46 +0400 (Fri, 09 Jan 2015) | 6 lines Avoid reading beyond the data on the http status line. * buckets/response_buckets.c (parse_status_line): Return a proper parser error for several cases that used to be parsed as valid, and then caused invalid states. ------------------------------------------------------------------------ r2454 | stsp@elego.de | 2015-01-06 20:12:01 +0400 (Tue, 06 Jan 2015) | 5 lines Follow-up to r2453: * buckets/buckets.c (serf_linebuf_fetch): Indentation / whitespace fix. ------------------------------------------------------------------------ r2453 | stsp@elego.de | 2015-01-06 20:08:46 +0400 (Tue, 06 Jan 2015) | 5 lines * buckets/buckets.c (serf_linebuf_fetch): Don't ever allow len to go negative when a split CRLF has been detected. A zero length might be returned from serf_util_readline() in this case, so decrementing blindly is probably unsafe. ------------------------------------------------------------------------ r2452 | stsp@elego.de | 2015-01-06 19:56:32 +0400 (Tue, 06 Jan 2015) | 7 lines Include appropriate APR headers where needed for memcpy(). * buckets/headers_buckets.c, buckets/simple_buckets.c, test/MockHTTPinC/MockHTTP_server.c, test/serf_spider.c, test/test_util.c: These files were using memcpy() without pulling in the appropriate header file. ------------------------------------------------------------------------ r2451 | stsp@elego.de | 2015-01-06 19:41:34 +0400 (Tue, 06 Jan 2015) | 5 lines Pull in the appropriate APR header file wherever memset() is used. * buckets/allocator.c, buckets/deflate_buckets.c, buckets/ssl_buckets.c, test/test_buckets.c: These files use memset(). ------------------------------------------------------------------------ r2450 | stsp@elego.de | 2015-01-06 19:37:21 +0400 (Tue, 06 Jan 2015) | 3 lines * buckets/buckets.c (serf_linebuf_fetch): Zero the line buffer before fetching new data. ------------------------------------------------------------------------ r2449 | stsp@elego.de | 2015-01-06 18:45:19 +0400 (Tue, 06 Jan 2015) | 2 lines Revert r2448, the reason string will be freed, so should always be allocated. ------------------------------------------------------------------------ r2448 | stsp@elego.de | 2015-01-06 18:42:58 +0400 (Tue, 06 Jan 2015) | 3 lines * buckets/response_buckets.c (parse_status_line): Don't bother copying an empty reason string. ------------------------------------------------------------------------ r2447 | stsp@elego.de | 2015-01-06 18:40:46 +0400 (Tue, 06 Jan 2015) | 4 lines * buckets/response_buckets.c (parse_status_line): Skip any leading space characters in front of the reason string, not just one space character. ------------------------------------------------------------------------ r2446 | stsp@elego.de | 2015-01-06 18:37:20 +0400 (Tue, 06 Jan 2015) | 4 lines * buckets/response_buckets.c (parse_status_line): In the unlikely event that the status code cannot be parsed from the status line, return SERF_ERROR_BAD_HTTP_RESPONSE. ------------------------------------------------------------------------ r2445 | chemodax | 2014-10-23 20:15:22 +0400 (Thu, 23 Oct 2014) | 6 lines Reduce memory usage by deflate buckets test. * test/test_buckets.c (deflate_buckets): Add POOL argument and use it instead of tb->pool. (test_deflate_buckets): Use iterpool for deflate_buckets() call. ------------------------------------------------------------------------ r2444 | chemodax | 2014-10-23 20:09:35 +0400 (Thu, 23 Oct 2014) | 7 lines Configure APR pool abort function in test suite for better diagnostic of out of memory issues. * test/test_util.c (pool_abort_func): New. (test_setup): Set APR pool abort function for testpool. ------------------------------------------------------------------------ r2443 | andreas.stieger@gmx.de | 2014-10-22 01:42:56 +0400 (Wed, 22 Oct 2014) | 7 lines Follow-up to r2419: Correct comment style * test/test_buckets.c (deflate_compress): Correct comment style not supported by strict compilers, fails on /branches/1.3.x ------------------------------------------------------------------------ r2439 | lieven.govaerts | 2014-10-20 23:06:28 +0400 (Mon, 20 Oct 2014) | 1 line * CHANGES: set 1.3.8 release date to today. ------------------------------------------------------------------------ r2437 | lieven.govaerts | 2014-10-19 22:48:50 +0400 (Sun, 19 Oct 2014) | 1 line * CHANGES: add section for 1.3.8. ------------------------------------------------------------------------ r2433 | stsp@elego.de | 2014-10-15 17:13:35 +0400 (Wed, 15 Oct 2014) | 5 lines Disable SSLv3 support (POODLE). * buckets/ssl_buckets.c (ssl_init_context): Disable SSLv3, like already done for SSLv2. ------------------------------------------------------------------------ r2432 | chemodax | 2014-09-08 13:51:28 +0400 (Mon, 08 Sep 2014) | 5 lines * serf.h (SERF_CONFIG_HOST_NAME, SERF_CONFIG_HOST_PORT, SERF_CONFIG_CONN_LOCALIP, SERF_CONFIG_CONN_REMOTEIP, SERF_CONFIG_CONN_PIPELINING, SERF_CONFIG_CTX_LOGBATON): Add brackets to macro value to protect unsafe macro expansion. ------------------------------------------------------------------------ r2427 | lieven.govaerts | 2014-09-07 18:10:22 +0400 (Sun, 07 Sep 2014) | 6 lines Fix some compiler warnings. * test/MockHTTPinC/MockHTTP.c (initResponse): Move all declarations to the top. (mhNewResponseForRequest): Initialize local variable. ------------------------------------------------------------------------ r2426 | lieven.govaerts | 2014-09-07 18:01:22 +0400 (Sun, 07 Sep 2014) | 8 lines Fix some compiler warnings. * test/test_buckets.c (deflate_buckets): Initialize local variables. (create_gzip_deflate_bucket): Move all declarations to the top. (test_deflate_4GBplus_buckets): Use large enough memory for the expected size value. ------------------------------------------------------------------------ r2425 | lieven.govaerts | 2014-09-07 12:57:03 +0400 (Sun, 07 Sep 2014) | 7 lines Remove test logging. * test/MockHTTPinC/MockHTTP_server.c (sslSocketRead, appendSSLErrMessage, sslHandshake): Log ssl errors only when MH_VERBOSE is enabled. ------------------------------------------------------------------------ r2424 | lieven.govaerts | 2014-09-07 12:49:37 +0400 (Sun, 07 Sep 2014) | 8 lines Fix compiler warnings. * buckets/iovec_buckets.c (serf_bucket_iovec_create): Add explicit cast to (struct iovec *). * buckets/ssl_buckets.c (get_subject_alt_names): Cast unsigned char * to const char * for strlen. ------------------------------------------------------------------------ r2423 | chemodax | 2014-09-01 17:34:30 +0400 (Mon, 01 Sep 2014) | 8 lines Fix memory leak/double free error in SSPI authentication (issue 153). Found by: Michael Osipov <1982-01-06 at gmx.net> * auth/auth_spnego_sspi.c (cleanup_ctx): Free proper SSPI credentials handle, instead of deleting SSPI context handle twice. ------------------------------------------------------------------------ r2422 | chemodax | 2014-09-01 17:27:25 +0400 (Mon, 01 Sep 2014) | 6 lines SSPI authentication correctness fix. See issue #147. * auth/auth_spnego_sspi.c (serf__spnego_init_sec_context): Do not use ISC_REQ_CONFIDENTIALITY since we're not going to encrypt anything. ------------------------------------------------------------------------ r2421 | lieven.govaerts | 2014-08-31 18:37:18 +0400 (Sun, 31 Aug 2014) | 21 lines Keep track of the number of pending requests, both written and unwritten. Add two functions to the API to get these numbers per connection, which the application can use to select the fastest connection. * serf.h (serf_connection_queued_requests, serf_connection_pending_requests): New API declarations. * outgoing.c (req_list_length): Helper function, calculates the length of a linked list. (reset_connection, write_to_connection, read_from_connection, serf_connection_request_create, priority_request_create): Keep track of the number of unwritten and written reqests. (serf_connection_queued_requests, serf_connection_pending_requests): New function definitions. * serf_private.h (serf_connection_t): Add nr_of_written_reqs, nr_of_unwritten_reqs fields. ------------------------------------------------------------------------ r2420 | lieven.govaerts | 2014-08-21 21:35:53 +0400 (Thu, 21 Aug 2014) | 39 lines Add a workaround for issue #135: SSL renegotiation over a connection that uses HTTP pipelining will fail with OpenSSL. The workaround: when a connection has pipelining enabled, detect when a server initiates a SSL renegotiation via the SSL alert info callback, reset the connection, disable pipelining on the connection and reconnect to the server. * serf.h (SERF_ERROR_SSL_NEGOTIATE_IN_PROGRESS): New error code. (SERF_CONFIG_CONN_PIPELINING): New config key, its value is "Y" or "N" to indicate if HTTP pipelining is enabled on the connection. (SERF_CONFIG_*) Renumber to clarify that their code is per category. * buckets/ssl_buckets.c (struct serf_ssl_context_t): New flag renegotiation. (detect_renegotiate): New OpenSSL state callback, listens for the "SSL renegotiate ciphers" alert and raises an error flag. (bio_bucket_read, bio_bucket_write): When the renegotiation flag is raised bailed out immediately. (ssl_init_context): Initiate the renegotiation flag. (serf_ssl_set_config): When the SERF_CONFIG_CONN_PIPELINING key is set to "Y", detect renegotiation events. * outgoing.c (serf__open_connections): Set the SERF_CONFIG_CONN_PIPELINING config value to "Y" if HTTP pipelining is enabled on the connection. (read_from_connection): Handle SERF_ERROR_SSL_NEGOTIATE_IN_PROGRESS errors. TODO: we probably have to do this in write_to_connection as well. * test/test_ssl.c (test_ssl_renegotiate): Enable and finish the already written test for this issue. * test/MockHTTPinC/MockHTTP_server.c (setupTCPServer, _mhRunServerLoop): Handle sudden connection aborts initiated by the client. (initSSLCtx): Add some logging. ------------------------------------------------------------------------ r2419 | lieven.govaerts | 2014-08-20 20:09:48 +0400 (Wed, 20 Aug 2014) | 21 lines Fix issue #152: when inflating a gzip-encoded file larger than 4GB, its length stored in the trailer is stored module 2^32 (IOW, in 4 bytes). When comparing the expected length from the trailer with the actual length, we also have to use the actual length module 2^32. * test/test_buckets.c (deflate_compress): Update to handle larger data buffers. (deflate_buckets, test_deflate_buckets): Extract the test code to deflate_buckets, so that the test can be run with different amounts of data. (discard_data, hold_open, put_32bit, create_gzip_deflate_bucket, test_deflate_4GBplus_buckets): Add a new test the creates a 4GB+ buffer and runs it to the compression/decompression filters. (test_buckets): Add the test in comments, but don't actually run it as it takes too long (couple of minutes). * buckets/deflate_buckets.c (serf_deflate_read): Reduce the scope of some variables. Compare the actual inflated length module 2^32 with the expected length. ------------------------------------------------------------------------ r2418 | lieven.govaerts | 2014-08-20 18:33:39 +0400 (Wed, 20 Aug 2014) | 8 lines Follow up to r2417: cover some extra cases where inflate() needs to write more data than there's place available in the buffer. * buckets/deflate_buckets.c (serf_deflate_read): Keep inflating data as long as zlib returns Z_OK, even if no data is on the in buffer. Provide data to the application when the output buffer is full, or zlib tells us that it needs more space. ------------------------------------------------------------------------ r2417 | lieven.govaerts | 2014-08-20 14:42:56 +0400 (Wed, 20 Aug 2014) | 15 lines Fix an issue in the deflate_buckets: when the last data read from the stream inflates to more than 8096 bytes, deflate_buckets would incorrectly assume there's something wrong with the incoming data (EOF from the stream but not Z_STREAM_END from zlib). * buckets/deflate_buckets.c (serf_deflate_read): make the application read more data when the input stream is empty but inflation isn't finished yet. * test/test_buckets.c (deflate_compress, read_bucket_and_check_pattern, test_deflate_buckets): Add a new test case and helper functions. (test_buckets): Run the new test. ------------------------------------------------------------------------ r2416 | lieven.govaerts | 2014-08-19 12:18:03 +0400 (Tue, 19 Aug 2014) | 47 lines In the config store, use a linked list instead of a hash table to store the configuration values. Since we are only storing one or two values per category this improves the performance, especially during logging when the log_baton is retrieved from the per-context configuration object. The global store still uses hash tables to store the config objects per host & per connection, but these are only used when setting up a new serf connection, so they aren't a bottleneck. * config_store.c (struct serf__config_hdr_t, struct config_entry_t, create_config_hdr, add_or_replace_entry): Implementation of a linked list. (serf__config_store_init, serf__config_store_get_config, serf_config_set_string, serf_config_set_stringc, serf_config_set_stringf, serf_config_set_object, serf_config_get_string, serf_config_get_object, serf_config_remove_value): Replace the config hash table with the custom linked list. As a result we don't have to use pointers to keys anymore, so replace serf_config_key_ptr_t by serf_config_key_t. * serf.h (serf_config_key_ptr_t): Remove declaration. (SERF_CONFIG_*): Define directly as integer, no need for pointers in the linked list. (serf__config_store_init, serf__config_store_get_config, serf_config_set_string, serf_config_set_stringc, serf_config_set_stringf, serf_config_set_object, serf_config_get_string, serf_config_get_object, serf_config_remove_value): Replace serf_config_key_ptr_t by serf_config_key_t. * serf_private.h (serf__config_hdr_t): New declaration. (struct serf_config_t, struct serf__config_store_t): Use the linked list instead of a hash table. * test/test_internal.c (PER__*): Define directly as integer, no need for pointers in the linked list. ------------------------------------------------------------------------ r2415 | lieven.govaerts | 2014-08-18 17:40:57 +0400 (Mon, 18 Aug 2014) | 1 line * serf.h: Update table of values stored in the configuration store. ------------------------------------------------------------------------ r2414 | lieven.govaerts | 2014-08-18 17:25:38 +0400 (Mon, 18 Aug 2014) | 25 lines Introduce an internal method to disable HTTP pipeling, so that authn schemes don't have to fiddle with the application-set max_outstanding_requests (and even worse, overwrite its value). * auth/auth_digest.c (serf__handle_digest_auth, serf__init_digest_connection): Use serf__connection_set_pipelining instead of serf_connection_set_max_outstanding_requests. * auth/auth_spnego.c (do_auth, serf__init_spnego_connection, serf__validate_response_spnego_auth): Use serf__connection_set_pipelining instead of serf_connection_set_max_outstanding_requests. * outgoing.c (write_to_connection): Introduce temp. variable for the number of unanswered requests. Don't send new requests when pipeling is disabled an already one response is pending. (serf_connection_create): Enable pipelining by default. * serf_private.h (struct serf_connection_t): Add pipelining variable. (serf__connection_set_pipelining): New declaration. ------------------------------------------------------------------------ r2413 | lieven.govaerts | 2014-08-18 15:01:39 +0400 (Mon, 18 Aug 2014) | 7 lines Fix issue 151: SCons env['LIBPATH'] sometimes is a string and that breaks RPATH. Patch by: mgorny at gentoo.org (slightly modified). * SConstruct: Always append a list to environment variables, to guarantee that the outcome is a list so further appends will add the new values to a list. ------------------------------------------------------------------------ r2409 | breser@gmail.com | 2014-08-11 19:16:26 +0400 (Mon, 11 Aug 2014) | 2 lines * CHANGES: Bump revision for 1.3.7 so it'll be right this time. ------------------------------------------------------------------------ r2405 | breser@gmail.com | 2014-08-11 19:04:50 +0400 (Mon, 11 Aug 2014) | 2 lines * CHANGES: Fix an unintentional change and bump revision for 1.3.7 by one. ------------------------------------------------------------------------ r2404 | breser@gmail.com | 2014-08-11 19:02:45 +0400 (Mon, 11 Aug 2014) | 2 lines * CHANGES: Set revision number for 1.3.7 ------------------------------------------------------------------------ r2403 | lieven.govaerts | 2014-08-10 13:32:56 +0400 (Sun, 10 Aug 2014) | 3 lines * buckets/ssl_buckets.c (get_subject_alt_names): Add comment. ------------------------------------------------------------------------ r2402 | lieven.govaerts | 2014-08-10 13:22:47 +0400 (Sun, 10 Aug 2014) | 11 lines Add a test to validate that serf can handle a X509 certificate with subjectAltName (DNS) extension and empty CN. * test/test_ssl.c (test_ssl_server_cert_with_san_and_empty_cb): New test. (test_ssl): Run the new test. * test/certs/create_certs.py (main): create the new certificate. * test/certs/serfserver_san_nocn_cert.pem: certificate with DNS san and no CN. ------------------------------------------------------------------------ r2400 | breser@gmail.com | 2014-08-06 06:25:14 +0400 (Wed, 06 Aug 2014) | 2 lines * CHANGES: Update 1.3.7 to include r2399. ------------------------------------------------------------------------ r2398 | breser@gmail.com | 2014-08-06 06:19:01 +0400 (Wed, 06 Aug 2014) | 3 lines * buckets/ssl_buckets.c: (get_subject_alt_names): Initialize the san_arr when we're expected to fill it. ------------------------------------------------------------------------ r2395 | breser@gmail.com | 2014-08-04 22:07:59 +0400 (Mon, 04 Aug 2014) | 2 lines * CHANGES: Add entry for 1.3.7 ------------------------------------------------------------------------ r2394 | breser@gmail.com | 2014-08-04 22:06:37 +0400 (Mon, 04 Aug 2014) | 2 lines * CHANGES: Fill in revision numbers of 1.3.5 and 1.3.6 ------------------------------------------------------------------------ r2392 | breser@gmail.com | 2014-08-04 21:56:46 +0400 (Mon, 04 Aug 2014) | 31 lines Deal with NUL bytes in fields of an X.509 cert. * buckets/ssl_buckets.c: (pstrdup_escape_nul_bytes, get_subject_alt_names, validate_cert_hostname): New functions. (validate_server_certificate): Use validate_cert_hostname() to return SERF_SSL_CERT_INVALID_HOST if CommonName or SubjectAltNames include a NUL byte. (convert_X509_NAME_to_table): Use pstrdup_escape_nul_bytes() to escape NUL bytes before adding fields to the hash table. (serf_ssl_cert_certificate): Replace some code with a call to get_subject_alt_names() where we factored out the code to. * serf_bucket_types.h (SERF_SSL_CERT_INVALID_HOST): New error. * test/test_ssl.c (test_ssl_server_cert_with_cn_nul_byte, test_ssl_server_cert_with_san_nul_byte, test_ssl_server_cert_with_cnsan_nul_byte): New test functions. (test_ssl): Add the new tests. * test/certs/cacert_nul.pem, test/certs/servercert_cn_nul.key, test/certs/servercert_cn_nul.pem, test/certs/servercert_cnsan_nul.key, test/certs/servercert_cnsan_nul.pem, test/certs/servercert_san_nul.key, test/certs/servercert_san_nul.pem: New certificate files for the new tests. ------------------------------------------------------------------------ r2391 | lieven.govaerts | 2014-07-13 13:08:13 +0400 (Sun, 13 Jul 2014) | 13 lines In the testsuite, move the HTTPS tests to test_ssl.c. * test/test_context.c * test/test_ssl.c: Move all test_ssl* tests from test_context.c to test_ssl.c, including all needed helper functions. * test/test_util.c * test/test_serf.h (create_large_response_message, create_large_request_message_body, dummy_authn_callback): Share these helper functions between test_ssl and test_context tests. ------------------------------------------------------------------------ r2390 | lieven.govaerts | 2014-07-11 23:16:22 +0400 (Fri, 11 Jul 2014) | 7 lines Fix compiler warnings and remove unneeded includes. * test/MockHTTPinC/MockHTTP_server.c: Fix a few compiler variables. * test/test_context.c * test/mock_sock_buckets.c: Don't include serf_private.h ------------------------------------------------------------------------ r2389 | lieven.govaerts | 2014-07-07 23:56:50 +0400 (Mon, 07 Jul 2014) | 11 lines Fix compiler warnings. * auth/auth_spnego_gss.c (serf__spnego_init_sec_context): Use a dummy variable of the correct type. * test/test_util.c: include apr_env.h * test/test_internal.c (per_host_unknown_key, PER_HOST_UNKNOWN_KEY): Comment out some currently unused definitions. ------------------------------------------------------------------------ r2388 | lieven.govaerts | 2014-07-07 23:33:59 +0400 (Mon, 07 Jul 2014) | 7 lines Fix an issue in the test framework, that caused test_connection_large_response to hang. * test/MockHTTPinC/MockHTTP_server.c (readFromSocket, buffSktPeek): Handle requests > than BUFSIZE. (initClientCtx): Add (unrelated) TODO. ------------------------------------------------------------------------ r2387 | lieven.govaerts | 2014-07-05 00:03:31 +0400 (Sat, 05 Jul 2014) | 4 lines * buckets/ssl_buckets.c (serf_ssl_set_hostname): Raise error when the TLS SNI extension is requested but not available. ------------------------------------------------------------------------ r2386 | lieven.govaerts | 2014-07-04 02:08:54 +0400 (Fri, 04 Jul 2014) | 31 lines Implement first part of OCSP stapling support. When the feature is activated by the application, serf will ask the HTTPS server to validate the server certificate with the CA and include its response with that certificate. This is a cleaned up portion of Justin's patch on @serf-dev. The remainder will be added when the test suite grows full OCSP responder functionality. * buckets/ssl_buckets.c (ocsp_callback): New function. (serf_ssl_check_cert_status_request): New function, enables OCSP stapling. * serf_bucket_types.h (SERF_SSL_CERT_*): Rewrite values in hex. (SERF_SSL_OCSP_RESPONDER_): New error codes. (serf_ssl_need_server_cert_t): Add comment, this callback will take a NULL *cert argument in case of a OCSP response. * test/test_context.c (ocsp_response_cb_expect_failures, test_ssl_ocsp_response_error_and_override): New test. (test_context): Run the new test. * test/test_serf.h (struct test_baton_t): Add enable_ocsp_stapling flag. (TEST_RESULT_OCSP_CHECK_SUCCESSFUL): New test result flag. * test/test_util.c (default_https_conn_setup): Enable ocsp stapling when its flag is set. * test/MockHTTPinC/*: update to latest version, implements partial OCSP support. ------------------------------------------------------------------------ r2385 | lieven.govaerts | 2014-06-28 23:41:51 +0400 (Sat, 28 Jun 2014) | 11 lines Update the MockHTTP test framework to v0.1.0, fix some tests in response to the changed API. * test/test_context.c (test_request_timeout, test_connection_large_response, test_ssl_large_response, test_connect_to_non_http_server): WithRawData now requires a size parameter. * test/MockHTTPinC/*: update to v0.1.0. ------------------------------------------------------------------------ r2384 | lieven.govaerts | 2014-06-28 13:10:04 +0400 (Sat, 28 Jun 2014) | 6 lines Fix memory leaks in the SPNEGO authn scheme implementation using GSSAPI. * auth/auth_spnego_gss.c (log_error): Release status text buffer. (serf__spnego_init_sec_context): Release hostname buffer. ------------------------------------------------------------------------ r2383 | lieven.govaerts | 2014-06-22 23:35:40 +0400 (Sun, 22 Jun 2014) | 2 lines * serf.h: Comment out the serf 2.0 connection API. ------------------------------------------------------------------------ r2382 | chemodax | 2014-06-16 21:26:07 +0400 (Mon, 16 Jun 2014) | 8 lines Fix problems with NTLM authentication when accessing local server using alias hostname on Windows due strict loopback checks [1] [1] http://support.microsoft.com/kb/896861/en-us * auth/auth_spnego_sspi.c (get_canonical_host): Try use reverse DNS to resolve canonical name for SPN. Most GSSAPI implementation already doing the same on other platforms. ------------------------------------------------------------------------ r2381 | chemodax | 2014-06-16 20:44:27 +0400 (Mon, 16 Jun 2014) | 6 lines Follow-up to r2376: Fix Windows build. * buckets/iovec_buckets.c (serf_bucket_iovec_create): Add cast to char pointer since void pointer has unknown size. ------------------------------------------------------------------------ r2380 | lieven.govaerts | 2014-06-15 19:29:33 +0400 (Sun, 15 Jun 2014) | 33 lines When the application sends many pipelined requests faster than the server can respond, the connection will build up a queue of written but unanswered requests. On each call to request_or_data_pending(), serf will iterate over that queue, resulting in quite a bottleneck. This change introduces a separate linked list to keep the written requests, so that serf has access to the first unwritten request directly. * serf_private.h (struct serf_connection_t): Split requests and requests_tail in written_reqs, written_reqs_tail and unwritten_reqs, unwritten_reqs_tail. * outgoing.c (request_or_data_pending): Don't iterator over requests, use the unwritten queue directly. (serf__conn_update_pollset): Poll for READ event if either written or unwritten request is pending. (Note: this might be a good occassion to fix the long-standing TODO.) (serf__open_connections): Update renamed conn->requests. (reset_connection): Reimplement to handle both written and unwritten queue. (write_to_connection): When a request is completely written, move it from the unwritten to the written queue. Update renamed conn->requests. (serf__provide_credentials): Update the ssltunnel hack to find the first application request. (read_from_connection): Find request for which a response is arriving on the written or unwritten queue (resp. complete or partially sent request). In line with the change to serf__conn_update_pollset, update the pollset only f either written or unwritten request is pending. (serf_connection_request_create): Append the request to the unwritten queue. (priority_request_create): Prepend the request to the unwritten queue. (serf_request_cancel): Find the request on either unwritten or written queue to remove it from the right queue. ------------------------------------------------------------------------ r2379 | lieven.govaerts | 2014-06-15 14:49:46 +0400 (Sun, 15 Jun 2014) | 5 lines Follow up 2378 with a better comment. * outgoing.c (read_from_connection): Improve comment. ------------------------------------------------------------------------ r2378 | lieven.govaerts | 2014-06-15 14:37:46 +0400 (Sun, 15 Jun 2014) | 7 lines Drastically reduce the amount of pollset_add/pollset_remove calls when the application keeps the outgoing queue filled with requests. * outgoing.c (read_from_connection): No need to update the pollset after a received response, when there's more responses expected (aka requests pending). ------------------------------------------------------------------------ r2377 | lieven.govaerts | 2014-06-14 19:51:06 +0400 (Sat, 14 Jun 2014) | 15 lines Optimize creation and use of a barrier_bucket. * buckets/barrier_buckets.c (struct barrier_context_t): This structure with only one pointer is not needed, we can store the pointer value directly in the data member of serf_bucket_t. (serf_bucket_barrier_create, serf_barrier_read, serf_barrier_read_iovec, serf_barrier_readline, serf_barrier_peek, serf_barrier_destroy, serf_barrier_get_remaining, serf_barrier_set_config): Update to not use barrier_context_t. ------------------------------------------------------------------------ r2376 | lieven.govaerts | 2014-06-14 19:17:07 +0400 (Sat, 14 Jun 2014) | 8 lines Optimize creation of an iovec_bucket. * buckets/iovec_buckets.c (serf_bucket_iovec_create): Avoid the separate allocation of the iovec array. (serf_iovec_destroy): Remove, not needed anymore. (serf_bucket_type_iovec): Use serf_default_destroy_and_data instead of serf_iovec_destroy. ------------------------------------------------------------------------ r2375 | lieven.govaerts | 2014-06-14 19:01:25 +0400 (Sat, 14 Jun 2014) | 6 lines Optimize creation of the request bucket. * buckets/request_buckets.c (serialize_data): Avoid copying the request line components to a new string by using an iovec_bucket. ------------------------------------------------------------------------ r2374 | bhuijben | 2014-06-11 15:53:38 +0400 (Wed, 11 Jun 2014) | 3 lines * SConstruct Allow building with the Visual Studio '14' CTP. ------------------------------------------------------------------------ r2370 | lieven.govaerts | 2014-06-09 20:03:18 +0400 (Mon, 09 Jun 2014) | 2 lines * CHANGES: update 1.3.6 description and set release date to today. ------------------------------------------------------------------------ r2369 | lieven.govaerts | 2014-06-07 12:05:58 +0400 (Sat, 07 Jun 2014) | 2 lines * CHANGES: add section for serf 1.3.6. ------------------------------------------------------------------------ r2366 | lieven.govaerts | 2014-05-31 00:09:23 +0400 (Sat, 31 May 2014) | 17 lines Add a test to validate that serf always calls the application's handle_response handler when a response arrives, even if an authn callback is set and the response can't be read. There's a TODO here: handle_response is currently called with response == NULL, as if the request got cancelled. I don't think this is right, and it's the cause of the issues we're trying to fix in r2360. * test/test_serf.h (TEST_RESULT_AUTHNCB_CALLED): Fix flag value. (TEST_RESULT_HANDLE_RESPONSECB_CALLED): New flag. * test/test_context.c (handle_response_set_flag, test_connect_to_non_http_server): New test. (test_context): Run the new test. ------------------------------------------------------------------------ r2365 | lieven.govaerts | 2014-05-30 23:25:59 +0400 (Fri, 30 May 2014) | 4 lines * auth/auth.c: (serf__handle_auth_response): document how the CONSUMED_RESPONSE parameter is used. ------------------------------------------------------------------------ r2364 | lieven.govaerts | 2014-05-30 13:01:03 +0400 (Fri, 30 May 2014) | 28 lines Add tests for the r2319,r2360 group: test tha a request is only reported as cancelled to the application once in case of a shut down/reset/aborted connection. * SConstruct (testall_files): Add test/mock_sock_buckets.c. * test/mock_sock_buckets.c: New file. Implements bucket that wraps around a socket bucket to replace any APR_EOF status with a preset status (e.g. APR_ECONNABORTED). * test/test_context.c (dummy_authn_callback, http_conn_setup_mock_socket, send_more_requests_than_keepalive_of_server, test_eof_connection, test_eof_connection_with_authn_cb, test_aborted_connection, test_aborted_connection_with_authn_cb, test_reset_connection, test_reset_connection_with_authn_cb): New tests and their helper functions. (test_context): Run the new tests. * test/test_serf.h (struct test_baton_t): Add user_baton_l member variable. (serf_bucket_type_mock_socket, SERF_BUCKET_IS_MOCK_SOCKET, serf_bucket_mock_sock_create): New declarations. ------------------------------------------------------------------------ r2363 | lieven.govaerts | 2014-05-29 14:43:00 +0400 (Thu, 29 May 2014) | 6 lines In the test suite, update the MockHTTPinC library to the latest version. * test/MockHTTPinC/MockHTTP_server.c (processServer): Follow up to r2362: break out of the loop when no more data can be written to the network. Reset logging flags. ------------------------------------------------------------------------ r2362 | lieven.govaerts | 2014-05-29 14:31:10 +0400 (Thu, 29 May 2014) | 6 lines In the test suite, update the MockHTTPinC library to the latest version. This fixes spurious failures of test_closed_connection. * test/MockHTTPinC/MockHTTP_server.c (processServer): Send all pending responses in the queue, not only the first. ------------------------------------------------------------------------ r2361 | b.huijben | 2014-05-28 13:14:36 +0400 (Wed, 28 May 2014) | 3 lines * trunk/outgoing.c (handle_response): Following up on r2360, fix compilation. ------------------------------------------------------------------------ r2360 | b.huijben | 2014-05-28 12:48:40 +0400 (Wed, 28 May 2014) | 10 lines Don't report requests as 'died/cancelled' to the application if our caller will requeue the request under the assumption that we hit the max requests per connection limit. * trunk/outgoing.c (APR_STATUS_IMPLIES_HANGUP): New macro. (handle_response): Don't report requests as cancelled if the status implies a hangup. (read_from_connection): Add comment. Use APR_STATUS_IMPLIES_HANGUP. ------------------------------------------------------------------------ r2359 | lieven.govaerts | 2014-05-27 23:29:40 +0400 (Tue, 27 May 2014) | 9 lines In the test suite, update the MockHTTPinC library to the latest version. * test/MockHTTPinC/*: Update to the latest version. * test/test_context.c (*): Stop passing the HTTP method directly as parameter in the HTTPRequest call, this is not supported anymore. Instead, use either MethodEqualTo or switch to GETRequest(). ------------------------------------------------------------------------ r2358 | lieven.govaerts | 2014-05-10 12:32:31 +0400 (Sat, 10 May 2014) | 5 lines Rename the python bindings folder, to make place for a extension module implementation. * bindings/python -> bindings/python_ctypes ------------------------------------------------------------------------ r2357 | lieven.govaerts | 2014-05-02 12:38:07 +0400 (Fri, 02 May 2014) | 11 lines Improve performance a tiny bit by ensuring often used struct member variables are read from and written to cache. * buckets/dechunk_buckets.c (struct dechunk_context_t): Move the large serf_linebuf_t to the end of the struct. * buckets/response_buckets.c (struct response_context_t): Move the large serf_linebuf_t to the end of the struct. ------------------------------------------------------------------------ r2350 | lieven.govaerts | 2014-04-28 00:29:55 +0400 (Mon, 28 Apr 2014) | 1 line * CHANGES: remove empty line and set 1.3.5 release date. ------------------------------------------------------------------------ r2349 | lieven.govaerts | 2014-04-27 22:09:04 +0400 (Sun, 27 Apr 2014) | 1 line * certs/private/serfclientkey.pem: Add client cert private key. ------------------------------------------------------------------------ r2347 | lieven.govaerts | 2014-04-25 01:20:54 +0400 (Fri, 25 Apr 2014) | 1 line * CHANGES: add fixes for 1.3.5. ------------------------------------------------------------------------ r2346 | lieven.govaerts | 2014-04-24 01:33:53 +0400 (Thu, 24 Apr 2014) | 13 lines Testsuite improvements. * test/test_context.c (test_ssl_handshake_nosslv2): Set the private key passphrase (which was previously hardcded in the MockHTTP test framework). * test/test_util.c (setup_test_mock_https_server): Set the private key passphrase here too. * test/MockHTTPinC/*: Update to the latest version to fix C89 violations resulting in gcc compile errors. ------------------------------------------------------------------------ r2342 | lieven.govaerts | 2014-04-20 03:09:05 +0400 (Sun, 20 Apr 2014) | 17 lines In the test suite, use the new OnConditionThat macro to pass conditional arguments to server and response setup. This removes the currently used hack based on knowledge of the MockHTTPinC internals. * test/MockHTTPinC/*: Update to the latest version. * test/test_context.c: (ssltunnel_basic_auth): Replace ternary op with OnConditionThat macro. * test/test_auth.c: (basic_authentication, digest_authentication): Replace ternary op with OnConditionThat macro. * test/test_util.c: (setup_test_mock_https_server): And do the same here. ------------------------------------------------------------------------ r2341 | lieven.govaerts | 2014-04-20 01:32:08 +0400 (Sun, 20 Apr 2014) | 5 lines Improve ssl error logging. * buckets/ssl_buckets.c (validate_server_certificate): Log depth of cert in case of unknown failures. ------------------------------------------------------------------------ r2340 | justin.erenkrantz | 2014-04-20 01:30:29 +0400 (Sun, 20 Apr 2014) | 7 lines Set encrypt's config if we create it, but don't worry about decrypt bucket as we don't create it. * buckets/ssl_buckets.c (serf_bucket_ssl_encrypt_create): If we have a config, set it. (serf_ssl_set_config): Update comment. ------------------------------------------------------------------------ r2339 | lieven.govaerts | 2014-04-20 01:29:41 +0400 (Sun, 20 Apr 2014) | 12 lines Recreate all test certificates using the new script (r2337). This was needed because the intermediate CA certificate expired yesterday thereby breaking all ssl tests. * test/certs/*.pem, *.p12: recreated certificates. * test/certs/private/*.key: New folder with the private keys. * test/certs/serfserverkey.pem: Remove, new version is now in ./private/ * test/test_context.c (server_key): New const that specifies the path of the server cert private key file. (test_ssl_*): Replace hardcoded server cert key file with const server_key. ------------------------------------------------------------------------ r2338 | justin.erenkrantz | 2014-04-20 01:26:29 +0400 (Sun, 20 Apr 2014) | 10 lines Rename config_store's fields to clearly indicate it's different from config hashtables. * serf_private.h (serf__config_store_t): Use global prefix for these hashtables. * config_store.c (serf__config_store_init): Use global prefix for hashtables. (serf__config_store_get_config): Use new prefix. (serf_config_set_stringc): Fix whitespace. ------------------------------------------------------------------------ r2337 | lieven.govaerts | 2014-04-20 01:22:12 +0400 (Sun, 20 Apr 2014) | 5 lines Add a script to create the certificates used by the test suite. * test/certs/create_certs.py: New script, creates the root ca, ca, server certs, crl file, expired and future server certs and client .p12. ------------------------------------------------------------------------ r2336 | lieven.govaerts | 2014-04-12 07:09:25 +0400 (Sat, 12 Apr 2014) | 14 lines Add a test to simulate a server closing connections after X requests. * test/MockHTTPinC/*: Update to the latest version. * test/test_context.c (test_max_keepalive_requests): New test. (test_context): Run the new test. * test/test_util.c (setup_test_mock_server, setup_test_mock_proxy, setup_test_mock_https_server): Give the servers and ID so we can configure them later. ------------------------------------------------------------------------ r2335 | lieven.govaerts | 2014-04-12 00:51:19 +0400 (Sat, 12 Apr 2014) | 5 lines Follow up to 2334: fix the test. * test/test_context.c (https_load_crl_conn_setup): Rename serf_ssl_load_crl_file. ------------------------------------------------------------------------ r2334 | lieven.govaerts | 2014-04-11 21:14:12 +0400 (Fri, 11 Apr 2014) | 9 lines Rename serf_ssl_load_crl_file API to avoid confusion: the similarly named serf_ssl_load_cert_file only loads a cert from file, whereas serf_ssl_load_crl_file not only loads the file, but also tells OpenSSL to use it. * buckets/ssl_buckets.c * serf_bucket_types.h (serf_ssl_load_crl_file): Rename to ... (serf_ssl_add_crl_from_file): ... this. ------------------------------------------------------------------------ r2333 | lieven.govaerts | 2014-04-11 21:08:53 +0400 (Fri, 11 Apr 2014) | 11 lines Finalize initial CRL support for serf. Add an API to enable or disable CRL checking. * buckets/ssl_buckets.c (serf_ssl_check_crl): New definition. (serf_ssl_load_crl_file): Use serf_ssl_check_crl to enable CRL checking. * serf_bucket_types.h (serf_ssl_check_crl): New declaration. (serf_ssl_load_crl_file): Add comments. ------------------------------------------------------------------------ r2332 | lieven.govaerts | 2014-04-11 20:37:35 +0400 (Fri, 11 Apr 2014) | 18 lines Continue on add CRL support to serf. When OpenSSL can't open the CRL url as specified in the certificate (if there's one specified), it'll return an error during validation for that certificate. Pass this error back to the application to let it decide what to do with it. * buckets/ssl_buckets.c (validate_server_certificate): Restrict declaration of err to a smaller scope. Handle failure X509_V_ERR_UNABLE_TO_GET_CRL. * serf_bucket_types.h (SERF_SSL_CERT_UNABLE_TO_GET_CRL): New error code. * test/test_context.c (ssl_server_cert_cb_log_failures, test_ssl_revoked_server_cert): Log all failures per depth first and then validate at each depth after the handshake is finished. (test_context): The test is now supposed to pass, so run it. ------------------------------------------------------------------------ r2331 | justin.erenkrantz | 2014-04-11 16:44:32 +0400 (Fri, 11 Apr 2014) | 7 lines Make logging.c more readable by splitting up logging not implemented code path. * logging.c (serf__log_init, serf__log_nopref, serf__log, serf_logging_create_stream_output, serf_logging_add_output): Define empty public functions when logging is not compiled-in. ------------------------------------------------------------------------ r2330 | justin.erenkrantz | 2014-04-11 07:10:23 +0400 (Fri, 11 Apr 2014) | 3 lines * test/serf_get.c (print_ssl_cert_errors): Print error for revoked cert. ------------------------------------------------------------------------ r2329 | lieven.govaerts | 2014-04-10 17:16:16 +0400 (Thu, 10 Apr 2014) | 4 lines Follow up to r2328: add the CRL file to run the test. * test/certs/serfservercrl.pem: New file, CRL that revokes serfservercert.pem. ------------------------------------------------------------------------ r2328 | lieven.govaerts | 2014-04-10 02:38:43 +0400 (Thu, 10 Apr 2014) | 19 lines Add an API to pass a CRL (certificate revocation list) file to serf. WIP: correctly revokes a certificate in the CRL, but will file on all other certificates in the chain. * buckets/ssl_buckets.c (validate_server_certificate): Add loggin. (ssl_need_client_cert): Add TODO: this function can hang. (serf_ssl_load_cert_file): Add commented out debug logging. (serf_ssl_load_crl_file): New function, takes a file name of a CRL file, passes it to OpenSSL. * serf_bucket_types.h (serf_ssl_load_crl_file): New declaration. * test/test_context.c (https_load_crl_conn_setup, test_ssl_revoked_server_cert): New test. (test_context): Add the new test but don't run it yet. ------------------------------------------------------------------------ r2327 | justin.erenkrantz | 2014-04-10 00:56:30 +0400 (Thu, 10 Apr 2014) | 9 lines Get test_context working with VPATH-style builds. * test/test_context.c (test_ssl_handshake_nosslv2): Set cert prefix correctly. (https_set_root_ca_conn_setup, client_cert_cb, client_cert_pw_cb): Use srcdir helper. * test/test_util.c (setup_test_mock_https_server): Set cert prefix correctly. ------------------------------------------------------------------------ r2326 | lieven.govaerts | 2014-04-10 00:37:49 +0400 (Thu, 10 Apr 2014) | 15 lines In the testsuite, add an API to set a prefix where the MockHTTP test suite will load all certificates and key files from. * test/test_util.c (setup_test_mock_https_server): Set the certificate file prefix. * test/test_context.c (server_certs, all_server_certs, test_ssl_*): Where a key or certificate file is passed to the MockHTTP framework, drop the "test/certs" prefix. * test/MockHTTPinC/*: Update to latest version, adds the WithCertificateFilesPrefix macro. ------------------------------------------------------------------------ r2325 | justin.erenkrantz | 2014-04-10 00:08:46 +0400 (Thu, 10 Apr 2014) | 13 lines Fix up SSL tests in VPATH builds by looking at srcdir env var. (While I'm not sure I agree with that approach...it's been there since 2011.) * test/test_util.c (test_ssl_load_cert_file, test_ssl_cert_subject, test_ssl_cert_issuer, test_ssl_cert_certificate, test_ssl_cert_export): Update for rename. (get_ca_file): Move... * test/test_util.c (get_srcdir_file): ...to here and rename. * test/test_serf.h (get_srcdir_file): Declare. ------------------------------------------------------------------------ r2324 | justin.erenkrantz | 2014-04-09 23:56:22 +0400 (Wed, 09 Apr 2014) | 5 lines Fix build of 'check' target when using VPATH-style builds (builddir != srcdir). * SConstruct: Correct 'check' target to understand builddir != srcdir. * build/check.py: Take a third arg to specify the build dir for binaries. ------------------------------------------------------------------------ r2323 | justin.erenkrantz | 2014-04-09 23:50:24 +0400 (Wed, 09 Apr 2014) | 6 lines Allow serf_get tester to emit new debug logging. * test/serf_get.c (options): Add debug/d flag. (main): Make printing of debug info conditional on new flag ------------------------------------------------------------------------ r2320 | b.huijben | 2014-03-07 22:32:01 +0400 (Fri, 07 Mar 2014) | 6 lines * test/test_buckets.c (test_aggregate_buckets): Assert value instead of boolean and add a huge comment on what is really happening if this function returns -1 instead of a real value. ------------------------------------------------------------------------ r2319 | bhuijben | 2014-03-07 21:30:30 +0400 (Fri, 07 Mar 2014) | 15 lines Following up on r2258, handle response handling errors during auth handling in a single location to avoid discarding requests without telling the application about it. This resolves the segfault reported by philipm on dev@subversion.a.o, by properly reporting requests as cancelled if the status line can't be read while having a auth callback hooked. * auth/auth.c (serf__handle_auth_response): Remove request discard callbacks here, to move them to the single caller... * outgoing.c (handle_response): ... here. ------------------------------------------------------------------------ r2318 | bhuijben | 2014-03-07 00:23:59 +0400 (Fri, 07 Mar 2014) | 9 lines Make implementation of a few bio file handlers really do what openssl expects us to do. * buckets/ssl_buckets.c (bio_file_read): Stop updating unused retry flags. (bio_file_gets): Really implement gets() behavior by calling the right apr function to really stop reading at the end of a line, instead of only at the end of the buffer. ------------------------------------------------------------------------ r2317 | lieven.govaerts | 2014-03-07 00:21:08 +0400 (Fri, 07 Mar 2014) | 6 lines Fix some valgrind errors in the test suite. * test/MockHTTPinC/MockHTTP_server.c (readLine, readBody, readChunk): Use memmove instead of memcpy when dest and src buffers are overlapping. ------------------------------------------------------------------------ r2316 | lieven.govaerts | 2014-03-03 00:08:17 +0400 (Mon, 03 Mar 2014) | 19 lines Fix a crash caused by incorrect reuse of the ssltunnel CONNECT request. Reported by Stefan Kueng on the svn-dev list: http://svn.haxx.se/dev/archive-2014-02/0289.shtml * test/MockHTTPinC/*: Latest version introduces HeaderNotSet and the CloseConnection action. * ssltunnel.c (handle_response): When a CONNECT request is cancelled during reset of the connection, don't retry it as a non-tunnel request. Instead don't do anything, as a new CONNECT request will be setup when a new socket gets initialized. * test/test_context.c (basic_authn_callback_2ndtry, test_ssltunnel_basic_auth_2ndtry): New test. (test_context): Run the new test. ------------------------------------------------------------------------ r2315 | bhuijben | 2014-02-27 05:04:19 +0400 (Thu, 27 Feb 2014) | 4 lines * buckets/ssl_buckets.c (ssl_need_client_cert): Following up on r2314, resolve a small memory leak in a similar usage of the bio infrastructure. ------------------------------------------------------------------------ r2314 | bhuijben | 2014-02-27 04:58:40 +0400 (Thu, 27 Feb 2014) | 8 lines Resolve an error in the new 'svn auth' feature of Subversion that is caused by a library entry point in serf not initializing openssl properly. * buckets\ssl_buckets.c (serf_ssl_load_cert_file): Initialize serf when reading a certificate. Avoid APP_Link problems by reading the certificate as bio file. Add todo for resolving a remaining memory leak. ------------------------------------------------------------------------ r2313 | lieven.govaerts | 2014-02-25 02:55:16 +0400 (Tue, 25 Feb 2014) | 13 lines Disable the use of deprecated and broken SSL 2.0. * buckets/ssl_buckets.c (ssl_init_context): Disable SSLv2. * test/MockHTTPinC/*: Upgrade to the latest version, which introduces flags to specify the supported protocol versions. * test/test_context.c (test_ssl_handshake_nosslv2): New test. Sets up a server to only accept SSLv2, and then test that the handshake fails. (test_context): Run the new test. ------------------------------------------------------------------------ r2312 | lieven.govaerts | 2014-02-25 00:19:48 +0400 (Tue, 25 Feb 2014) | 7 lines Fix issue #125: don't do a reverse lookup during initialization of the Negotiate authn scheme for proxies. * auth/auth_spnego.c (do_auth): Remove apr_getnameinfo, use ip address or proxy hostname provided by the application. ------------------------------------------------------------------------ r2308 | lieven.govaerts | 2014-02-08 23:54:36 +0400 (Sat, 08 Feb 2014) | 1 line * CHANGES: fill in 1.3.4 release data + add spacer. ------------------------------------------------------------------------ r2307 | lieven.govaerts | 2014-02-08 15:31:10 +0400 (Sat, 08 Feb 2014) | 18 lines Add a test for missing client certificate scenario. * test/test_util.c (run_client_and_mock_servers_loops): In case of error reported by the server, read the server response first before bailing out. (setup_test_mock_https_server): Update client cn argument. Implement the tristate no / optional / mandatory client cert. * test/test_serf.h (enum test_verify_clientcert_t): New enum. (setup_test_mock_https_server): Change client cn argument to enum. * test/test_context.c (test_ssl_*): Update calls to setup_test_mock_https_server. (test_ssl_renegotiate): New WIP test, not activated. (test_ssl_missing_client_certificate): New test. (test_context): Run the new test. ------------------------------------------------------------------------ r2306 | lieven.govaerts | 2014-02-08 14:38:31 +0400 (Sat, 08 Feb 2014) | 10 lines In the test suite, make the mock server's request for a client certificate optional or mandatory. * test/MockHTTPinC/*: Latest version introduces WithOptionalClientCertificate and WithRequiredClientCertificate, and SSL session renegotiation. * test/test_util.c: (setup_test_mock_https_server): Update to use the changed mock API for SSL client certificates. ------------------------------------------------------------------------ r2305 | lieven.govaerts | 2014-02-08 14:31:33 +0400 (Sat, 08 Feb 2014) | 3 lines * test/test_util.c: (run_client_and_mock_servers_loops_expect_ok): Log error description. ------------------------------------------------------------------------ r2304 | lieven.govaerts | 2014-02-07 04:17:54 +0400 (Fri, 07 Feb 2014) | 5 lines Make the code compile again. * bucket/ssl_buckets.c: (ssl_decrypt, ssl_encrypt): Add missing bracket. ------------------------------------------------------------------------ r2303 | lieven.govaerts | 2014-02-06 23:51:22 +0400 (Thu, 06 Feb 2014) | 1 line * CHANGES: add changes included in serf 1.3.4. ------------------------------------------------------------------------ r2302 | bhuijben | 2014-02-05 18:07:57 +0400 (Wed, 05 Feb 2014) | 4 lines * buckets/ssl_buckets.c (ssl_decrypt): Following up on r2301, also return the error instead of only returning it for all future calls. ------------------------------------------------------------------------ r2301 | bhuijben | 2014-02-05 17:13:45 +0400 (Wed, 05 Feb 2014) | 13 lines Provide a different error for ssl handshake failures (e.g. for missing client certificates) than for ssl failures when transferring actual data. * buckets/ssl_buckets.c (ssl_decrypt, ssl_encrypt): Determine status before returning ssl failure. * context.c (serf_error_string): Add error text. * serf.h (SERF_ERROR_SSL_SETUP_FAILED): Define new error code. ------------------------------------------------------------------------ r2300 | bhuijben | 2014-02-05 17:04:50 +0400 (Wed, 05 Feb 2014) | 4 lines * buckets/ssl_buckets.c (ssl_decrypt): Remove a logging of error 0, location 0, etc. Add comment explaining why logging in this location doesn't make sense. ------------------------------------------------------------------------ r2299 | lieven.govaerts | 2014-02-05 11:16:50 +0400 (Wed, 05 Feb 2014) | 8 lines Fix the 'ssltunnel with KeepAlive Off' tests. * test/test_context.c (ssltunnel_basic_auth): Don't test for requests received once and in order, because the CONNECT request will be received twice (once on the second connection). (test_ssltunnel_digest_auth): Add comment. ------------------------------------------------------------------------ r2294 | lieven.govaerts | 2014-02-03 20:26:34 +0400 (Mon, 03 Feb 2014) | 12 lines In the test suite, rename the server folder to certs. * test/server/* -> test/certs/* * test/test_context.c (server_certs, all_server_certs, validate_servercert, https_set_root_ca_conn_setup, client_cert_cb, client_cert_pw_cb, ssltunnel_basic_auth, test_ssl_*): Update path for test key and certificates. ------------------------------------------------------------------------ r2293 | lieven.govaerts | 2014-02-03 20:02:47 +0400 (Mon, 03 Feb 2014) | 20 lines Finalize the migration to the mock test framework, by removing all test-server related code. * test/server/test_server.c * test/server/test_server.h * test/server/test_sslserver.c: Remove. * SConstruct (test): Remove test_server.c and test_sslserver.c. * test/test_buckets.c (test_response_no_body_expected): Stop using test_server_message_t. * test/test_context.c: Don't include test_server.h. * test/test_serf.h: Remove all now obsolete declarations and define's. Copy some of the new removed test_server.h * test/test_util.c: Don't include test_server.h. Remove obsolete functions. ------------------------------------------------------------------------ r2292 | cmpilato@gmail.com | 2014-02-03 19:51:43 +0400 (Mon, 03 Feb 2014) | 11 lines Fix some compiler warnings. * test/test_context.c (test_ssltunnel_digest_auth): Remove unused variable 'status'. * test/MockHTTPinC/MockHTTP.c (log_time): Add 'void' argument list. * test/test_util.c (log_time): Add 'void' argument list. ------------------------------------------------------------------------ r2291 | lieven.govaerts | 2014-02-03 19:24:05 +0400 (Mon, 03 Feb 2014) | 8 lines Migrate the last remaining test to the new test framework. * test/test_context.c (proxy_digest_authn_callback): Match realm using actual host/port. (test_ssltunnel_digest_auth): Rewrite using mock server/proxy and macro's. (test_ssltunnel_spnego_authn): Fix comment. (test_context): Reorder tests. ------------------------------------------------------------------------ r2290 | lieven.govaerts | 2014-02-03 13:40:51 +0400 (Mon, 03 Feb 2014) | 4 lines Fix compiler warning. * test/MockHTTPinC/MockHTTP.h: Remove unused variable. ------------------------------------------------------------------------ r2289 | lieven.govaerts | 2014-02-03 13:33:03 +0400 (Mon, 03 Feb 2014) | 22 lines Migrate the authentication + SSL tunnel tests to the new test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_context.c (ssltunnel_basic_authn_callback): Match realm using actual host/port. (test_ssltunnel_no_creds_cb, ssltunnel_basic_auth): Rewrite using mock server/proxy and macro's, update definition to take flags for the Connection:close headers. (test_ssltunnel_basic_auth, test_ssltunnel_basic_auth_server_has_keepalive_off, test_ssltunnel_basic_auth_proxy_has_keepalive_off, test_ssltunnel_basic_auth_proxy_close_conn_on_200resp): Update calls to ssltunnel_basic_auth. (test_context): Reorder tests. * test/test_serf.h (struct test_baton_t): Add proxy_port. * test/test_util.c (setup_test_mock_proxy): Set proxy_port value. ------------------------------------------------------------------------ r2288 | lieven.govaerts | 2014-02-02 18:16:15 +0400 (Sun, 02 Feb 2014) | 15 lines Migrate the first SSL tunnel test to the new test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_context.c (test_setup_ssltunnel): Rewrite using mock server/proxy and macro's. (test_context): Reorder tests. * test/test_serf.h (setup_serf_https_context_with_proxy): New declaration. * test/test_util.c (setup_test_client_context_with_proxy): Remove TODO. (setup_serf_https_context_with_proxy): New function definition. ------------------------------------------------------------------------ r2287 | lieven.govaerts | 2014-02-02 18:01:26 +0400 (Sun, 02 Feb 2014) | 1 line * auth/auth_spnego.c: Add TODO comment. ------------------------------------------------------------------------ r2286 | lieven.govaerts | 2014-01-31 01:00:14 +0400 (Fri, 31 Jan 2014) | 7 lines Add OpenSSL error logging at every location where serf returns error SERF_ERROR_SSL_COMM_FAILED. * buckets/ssl_buckets.c (log_ssl_error): New function. (ssl_decrypt, ssl_encrypt): Add logging in case of I/O error. ------------------------------------------------------------------------ r2285 | lieven.govaerts | 2014-01-31 00:13:52 +0400 (Fri, 31 Jan 2014) | 10 lines Add some minimum tests for Negotiate authentication. These tests don't test the full handshake, but merely verify that serf doesn't hang or crash in the initial handshake steps (see issue #119 for a example of what this test will catch). * test/test_context.c (test_setup_ssltunnel_kerbauthn): Rename to ... (test_ssltunnel_spnego_authn): ... this new test. (test_server_spnego_authn): New test. (test_context.c): Run the new tests. ------------------------------------------------------------------------ r2284 | lieven.govaerts | 2014-01-30 23:54:26 +0400 (Thu, 30 Jan 2014) | 7 lines Follow up to r2282: keep the fix for the Negotiate proxy, but now without making serf crash when connecting to a Negotiate server. * auth/auth.c (serf__setup_request_spnego_auth): Use peer to check for host or proxy, not http code (yes this is very confusing). ------------------------------------------------------------------------ r2283 | lieven.govaerts | 2014-01-30 23:27:39 +0400 (Thu, 30 Jan 2014) | 9 lines Fix error handling in the test suite. * test/MockHTTPinC/MockHTTP.c (mhRunServerLoop): Return a generic error code in case of server error. * test/test_util.c (run_client_and_mock_servers_loops): If there's an error, break out of the loop. ------------------------------------------------------------------------ r2282 | lieven.govaerts | 2014-01-30 02:13:22 +0400 (Thu, 30 Jan 2014) | 24 lines Fix issue #119: Endless loop with ssl tunnel over proxy with KeepAlive off and Negotiate. The root cause is that proxy authentication info was stored per connection. Combined with the proxy killing the connection after a 407 response, serf never got to initiate the Negotiate handshake. The solution is to store the Negotiate proxy authentication info per serf context instead. * serf_private.h (struct serf_connection_t): Remove proxy_authn_baton because no authn scheme stores it info per connection anymore. Remove authn_baton and replace it with a authn_info object for consistency with serf_context_t. * auth/auth_spnego.c (serf__init_spnego_connection): Store the gss_info object (contains the SSPI & GSSAPI secure context object) used for proxy authentication per serf context instead of per connection. This enables reuse of this context between multiple connections, and makes serf send the initial Negotiate headers on the first request on a new connection to the proxy. (serf__handle_spnego_auth, serf__validate_response_spnego_auth): Update to new location of gss_info *. ------------------------------------------------------------------------ r2281 | lieven.govaerts | 2014-01-29 23:59:10 +0400 (Wed, 29 Jan 2014) | 36 lines Some refactoring in the test suite, to prepare for proxy tests using the new mock test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_serf.h (setup_test_client_context, setup_test_client_https_context, setup_test_client_context_with_proxy): Remove unused argument. * test/test_util.c (initTestCtx): New function. (setup): Extract test ctx init code to initTestCtx. (test_setup, test_teardown): Initialize and cleanup the test context now resp. before and after running the test. (clean_mh): Remove, integrated in test_teardown. (setup_test_client_context, setup_test_client_https_context, setup_test_client_context_with_proxy): When these functions are called, test context and server setup will already be done, so we can dynamically fetch proxy and server info from the test context instead of hardcoding this info. Remove unused argument (init array with fixed capacity). (setup_test_mock_server, setup_test_mock_https_server): Store the actual server url. * test/test_auth.c * test/test_buckets.c * test/test_context.c * test/test_internal.c * test/test_ssl.c (test_*): The test_baton * with a pool is now created during test setup. Setup server and/or proxy first before creating the serf context. This enables using dynamically assigned port numbers. Drop the 'nr of messages' argument in the function calls to setup the client ctx. (test_setup_ssltunnel_kerbauthn): Work in progress test, disabled for now. ------------------------------------------------------------------------ r2280 | lieven.govaerts | 2014-01-28 23:14:53 +0400 (Tue, 28 Jan 2014) | 20 lines Migrate the proxy setup test to the new test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_serf.h (setup_test_client_context_with_proxy, setup_test_mock_proxy): New declarations. * test/test_util.c (setup_test_client_context): Improve comment. (setup_test_client_context_with_proxy): New function. (setup_test_mock_server, setup_test_mock_https_server): Update initialization to follow changes in the mock test library. (setup_test_mock_proxy): New function. * test/test_context.c (test_setup_proxy): Migrate to use the mock proxy/server and macro's. (test_context): Reorder tests. ------------------------------------------------------------------------ r2279 | lieven.govaerts | 2014-01-27 00:00:51 +0400 (Mon, 27 Jan 2014) | 1 line * test/test_util.c: add some comments. ------------------------------------------------------------------------ r2278 | lieven.govaerts | 2014-01-26 15:14:09 +0400 (Sun, 26 Jan 2014) | 11 lines Migrate the SSL client certificate to the new test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_util.c (setup_test_mock_https_server): Make the server request a client certificate. * test/test_context.c (test_ssl_client_certificate): Migrate to use the mock server and macro's. (test_context): Reorder tests. ------------------------------------------------------------------------ r2277 | lieven.govaerts | 2014-01-25 16:22:00 +0400 (Sat, 25 Jan 2014) | 12 lines Migrate more ssl certificate tests to the new test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_context.c (test_ssl_large_response, test_ssl_large_request, test_ssl_expired_server_cert, test_ssl_future_server_cert): Migrate these tests to use the mock server and macro's. (test_context): Reorder tests. ------------------------------------------------------------------------ r2276 | lieven.govaerts | 2014-01-25 15:27:55 +0400 (Sat, 25 Jan 2014) | 8 lines Code cleanup. * test/MockHTTPinC/MockHTTP_server.c (initSSLCtx): Fix C90 violation. * test/test_context.c (test_ssl_no_servercert_callback_fail): Remove now unused variables. ------------------------------------------------------------------------ r2275 | lieven.govaerts | 2014-01-25 15:20:30 +0400 (Sat, 25 Jan 2014) | 28 lines Migrate the ssl certificate tests to the new test framework. * test/MockHTTPinC/*: Update to latest version. * test/test_context.c (ssl_server_cert_cb_reject): Set _CALLED flag. (test_ssl_handshake, test_ssl_trust_rootca, test_ssl_application_rejects_cert, test_ssl_certificate_chain_with_anchor, test_ssl_certificate_chain_all_from_server, test_ssl_no_servercert_callback_allok, test_ssl_no_servercert_callback_fail): Migrate these tests to use the mock server and macro's. (test_context): Reorder tests. * test/test_util.c (setup_test_client_https_context): New function. (setup_test_mock_server): Update macro to new MockHTTPinC API. (setup_test_mock_https_server): New function. * test/test_serf.h (setup_test_client_https_context, setup_test_mock_https_server): New declarations. * SConstruct: (test suite): Define MOCKHTTP_OPENSSL ------------------------------------------------------------------------ r2274 | breser@gmail.com | 2014-01-23 06:59:31 +0400 (Thu, 23 Jan 2014) | 10 lines Make unix build work with APR-2 (aka trunk) * SConstruct: (): Move all the APR detection inside a CALLOUT_OKAY block since we don't use any of the results anywhere else that would matter outside of the CALLOUT_OKAY paths. Look for an apr-2-config program and if it doesn't exist fall back to apr-1-config. Use --version with our apr-?-config script to find out if we have APR 2 or not and if so do nothing with APR-Util since it's part of APR now. ------------------------------------------------------------------------ r2273 | breser@gmail.com | 2014-01-23 06:17:11 +0400 (Thu, 23 Jan 2014) | 9 lines Fix more compiler warnings. * test/MockHTTPinC/MockHTTP.c (serializeArrayOfIovecs, serializeHeaders, serializeRawBody, serializeRequest, serializeRequestMatch): Make them static functions to silence compiler complaining about lack of declartion (technically serializeArrayofIovecs had a forward declaration so it produced no warning but it's not used anywhere else anyway). ------------------------------------------------------------------------ r2272 | breser@gmail.com | 2014-01-23 06:04:23 +0400 (Thu, 23 Jan 2014) | 6 lines Fix compile warnings. * test/test_bucks.c (test_random_eagain_in_response): apr_size_t is not always an int so use the APR_SIZE_T_FMT macro to get the right format code. ------------------------------------------------------------------------ r2271 | breser@gmail.com | 2014-01-23 04:52:12 +0400 (Thu, 23 Jan 2014) | 5 lines Fix compiler warning. * test/MockHTTPinC/MockHTTP_server.c (process): Remove unusued variable. ------------------------------------------------------------------------ r2270 | lieven.govaerts | 2014-01-20 03:43:35 +0400 (Mon, 20 Jan 2014) | 9 lines In the testsuite: Convert the last test that doesn't require a proxy or ssl server (features not yet implemented in MockHTTPinC). * test/MockHTTPinC/*: Update to latest version. * test/test_context.c (test_connection_large_response): Rewrite using the mock server & macro's. (test_context): Reorder tests. ------------------------------------------------------------------------ r2269 | lieven.govaerts | 2014-01-19 17:12:28 +0400 (Sun, 19 Jan 2014) | 8 lines Fix compiler warnings. * test/test_auth.c (authentication_switch_realms): Remove unused variable. * buckets/ssl_buckets.c (serf_ssl_set_config): Don't ignore return value. ------------------------------------------------------------------------ r2268 | lieven.govaerts | 2014-01-19 17:05:02 +0400 (Sun, 19 Jan 2014) | 12 lines In the testsuite: Convert a test. * test/MockHTTPinC/*: Update to latest version. * test/test_context.c (create_large_request_message_body): New function. (create_large_request_message): Refactor out some code to create_large_request_message_body. (test_connection_large_request): Rewrite using the mock server & macro's. (test_ssl_large_request): Update to use create_large_request_message_body. (test_context): Reorder tests. ------------------------------------------------------------------------ r2267 | lieven.govaerts | 2014-01-17 21:20:24 +0400 (Fri, 17 Jan 2014) | 3 lines * test/serf_get.c (options[]): Remove duplicate option. ------------------------------------------------------------------------ r2266 | lieven.govaerts | 2014-01-17 02:40:17 +0400 (Fri, 17 Jan 2014) | 17 lines Fix at least part of issue #123: when a proxy servers returns "Connection: close" header in the successful response to a CONNECT request, don't close the connection from the client side. * ssltunnel.c (handle_response): Remove the Connection: close header from the "200 Connection Established" response. * test/test_context.c (ssltunnel_basic_auth): Add argument and placeholders to fake header on 200 response. (test_ssltunnel_basic_auth, test_ssltunnel_basic_auth_server_has_keepalive_off): Update call to ssltunnel_basic_auth. (test_ssltunnel_basic_auth_proxy_close_conn_on_200resp): New test. (test_context): Run the new test. ------------------------------------------------------------------------ r2265 | lieven.govaerts | 2014-01-17 02:35:10 +0400 (Fri, 17 Jan 2014) | 13 lines Add an internal function to remove headers from a header bucket. (preparing to fix issue #123) * buckets/headers_buckets.c (serf__bucket_headers_remove): New function. * serf_private.h (serf__bucket_headers_remove): New function declaration. * test/test_internal.c (test_header_buckets_remove): New test. (test_internal): Run the new test. ------------------------------------------------------------------------ r2264 | lieven.govaerts | 2014-01-17 01:02:44 +0400 (Fri, 17 Jan 2014) | 9 lines In the testsuite: Convert a test to the new framework. * test/MockHTTPinC/*: update to latest version. * test/test_context.c (REQUEST_BODY_PART1): New definition. (test_request_timeout): Rewrite using the new macro's and mock server. (test_context): Reorder tests. ------------------------------------------------------------------------ r2263 | bhuijben | 2014-01-15 16:16:27 +0400 (Wed, 15 Jan 2014) | 10 lines Resolve a race condition when initializing openssl for ssl buckets from multiple threads. * buckets/ssl_buckets.c (ssl_init_e): New enum. (apr_atomic_cas32): Define if necessary. (have_init_ssl): Add volatile to make some developers happy. (See #svn-dev) (init_ssl_libraries): Wait while another thread is busy initializing instead of just going on as if it is already done. ------------------------------------------------------------------------ r2260 | lieven.govaerts | 2014-01-14 01:04:38 +0400 (Tue, 14 Jan 2014) | 11 lines In the testsuite: Convert 4 more tests. * test/test_context.c (handle_response_keepalive_limit): Update comment. (SENT_REQUESTS): Fix typo. (test_keepalive_limit_one_by_one, test_keepalive_limit_one_by_one_and_burst, test_progress_callback, test_connection_userinfo_in_url): Rewrite tests using mock server & macro's. (test_context): Reorder tests. ------------------------------------------------------------------------ r2259 | lieven.govaerts | 2014-01-13 23:03:06 +0400 (Mon, 13 Jan 2014) | 10 lines In the testsuite: Use DefaultResponse to make the tests easier to write. * test/MockHTTPinC/*: update to latest version. * test/test_context.c (test_serf_connection_priority_request_create, test_closed_connection): ): Define a default response instead of the same response for each message. ------------------------------------------------------------------------ r2258 | bhuijben | 2014-01-13 15:14:48 +0400 (Mon, 13 Jan 2014) | 12 lines The auth layer should properly report discarded application requests to the application as failed. Without this patch, the application will have to wait forever (or until the connection is reset) to be sure it won't be called ever again. As the auth layer creates new requests on behalf of the application the application can't even cancel the request. * auth/auth.c (serf__handle_auth_response): Call the application callback before returning an error code that will just discard the request as finished. ------------------------------------------------------------------------ r2257 | lieven.govaerts | 2014-01-13 03:00:33 +0400 (Mon, 13 Jan 2014) | 8 lines Convert a test to use the mocking library. * test/MockHTTPinC/*: update to latest version. * test/test_context.c (test_closed_connection): Convert to use the stubs and mock server. (test_context): Move the test under the 'converted' comment. ------------------------------------------------------------------------ r2256 | lieven.govaerts | 2014-01-12 20:07:45 +0400 (Sun, 12 Jan 2014) | 21 lines Update MockHTTPinC library to latest version, update tests. * test/MockHTTPinC/*: update to latest version. * test/test_context.c (test_serf_connection_request_create, test_serf_connection_priority_request_create): GetRequest -> GETRequest. * test/test_auth.c (test_authentication_disabled, test_unsupported_authentication, authentication_switch_realms): GetRequest -> GETRequest. (basic_authentication, digest_authentication): GetRequest -> GETRequest. Use WithConnectionCloseHeader to make the mock server close the conn. after sending the response, update function parameters accordingly. (test_digest_authentication, test_digest_authentication_keepalive_off, test_basic_authentication, test_basic_authentication_keepalive_off): Update calls to basic|digest_authentication. ------------------------------------------------------------------------ r2255 | bhuijben | 2014-01-10 20:48:50 +0400 (Fri, 10 Jan 2014) | 94 lines Make my debugger and 'svn diff -x -p' happy by giving unnamed structs a proper name. This allows VS to show the proper name and to cast void* to it in the debugger, which is much nicer than __unnamed_struct_1234, with a mostly random number. * auth/auth.c (auth_baton_t): * auth/auth_spnego.c (get_auth_header_baton_t): * buckets/aggregate_buckets.c (aggregate_context_t): * buckets/allocator.c (read_status_t): * buckets/barrier_buckets.c (barrier_context_t): * buckets/bwtp_buckets.c (frame_context_t, incoming_context_t): * buckets/chunk_buckets.c (chunk_context_t): * buckets/copy_buckets.c (copy_context_t): * buckets/dechunk_buckets.c (dechunk_context_t): * buckets/deflate_buckets.c (deflate_context_t): * buckets/file_buckets.c (file_context_t): * buckets/headers_buckets.c (headers_context_t): * buckets/iovec_buckets.c (iovec_context_t): * buckets/limit_buckets.c (limit_context_t): * buckets/log_wrapper_buckets.c (log_wrapped_context_t, serf_log_wrapped_bucket_t): * buckets/mmap_buckets.c (mmap_context_t): * buckets/request_buckets.c (request_context_t): * buckets/response_body_buckets.c (body_context_t): * buckets/response_buckets.c (response_context_t): * buckets/simple_buckets.c (simple_context_t): * buckets/socket_buckets.c (socket_context_t): * buckets/ssl_buckets.c (ssl_context_t): * serf.h (serf_linebuf_t): * serf_bucket_types.h (serf_status_line): * serf_bucket_util.h (serf_databuf_t): * ssltunnel.c (req_ctx_t): * test/mock_buckets.c * test/serf_bwtp.c * test/serf_get.c * test/serf_response.c * test/serf_server.c * test/serf_spider.c * test/test_context.c * test/test_serf.h And those used in the tests. ------------------------------------------------------------------------ r2254 | bhuijben | 2014-01-10 17:50:58 +0400 (Fri, 10 Jan 2014) | 7 lines Resolve a bucket (aka "memory") leak when a request bucket is destroyed before it is morphed into an aggregate bucket. * buckets/request_buckets.c (serf_request_destroy): New function. (serf_bucket_type_request): Use serf_request_destroy. ------------------------------------------------------------------------ r2253 | lieven.govaerts | 2014-01-09 12:23:21 +0400 (Thu, 09 Jan 2014) | 6 lines Fix another filename-case problem to fix the build of the test suite on Linux. (that's what you get from developing on a Mac). * SConstruct (check): Rename folder MockHTTPInC to MockHTTPinC. ------------------------------------------------------------------------ r2252 | lieven.govaerts | 2014-01-09 12:18:34 +0400 (Thu, 09 Jan 2014) | 6 lines Fix build of the test suite on Linux. * test/test_auth.c * test/test_util.c: Remove include of header MockHttp.h (wrong case) and MockHTTP.h here, it's already included via test/test_serf.h. ------------------------------------------------------------------------ r2251 | lieven.govaerts | 2014-01-09 12:13:31 +0400 (Thu, 09 Jan 2014) | 18 lines Start converting the test_context tests to MockHTTP. * test/test_serf.h (test_baton_t): Add serv_host member. (run_client_and_mock_servers_loops_expect_ok): New helper function decl. * test/test_util.c (setup): Initialize serv_host with the default server hostname/port. (setup_test_mock_server): Initialize serv_host with the default server hostname and port assigned dynamically. (run_client_and_mock_servers_loops_expect_ok): New helper function. * test/test_context.c (test_serf_connection_request_create, test_serf_connection_priority_request_create): Rewrite to use the mock server and stub macro's. (test_context): Reorder tests. ------------------------------------------------------------------------ r2250 | lieven.govaerts | 2014-01-09 02:01:35 +0400 (Thu, 09 Jan 2014) | 8 lines Convert the remaining 3 authentication tests to MockHTTP. * test/test_auth.c (switched_realm_authn_callback): Update to use dynamic server port number. (authentication_switch_realms, test_digest_switch_realms, test_auth_on_HEAD): Rewrite to use the mock server and stub macro's. ------------------------------------------------------------------ ... |