Azat Khuzhin [Mon, 19 Dec 2016 07:22:51 +0000 (10:22 +0300)]
Fix UB in evutil_date_rfc1123()
As pointed in https://github.com/libevent/libevent/pull/417#issuecomment-267860738
"code is unsafe because in evutil_date_rfc1123() the pointer to the
automatic variable struct tm cur is used outside the scope it defined."
Checked with `clang -fsanitize=address -fsanitize-address-use-after-scope`
and test that call evutil_date_rfc1123() with tm==NULL
Azat Khuzhin [Sun, 18 Dec 2016 22:26:43 +0000 (01:26 +0300)]
Merge branch 'date-rfc1123'
Follow RFC2616 (Date header should be in RFC1123 format).
But to reproduce this bug, program that uses libevent http-server should
call `setlocale(LC_ALL, "")` to properly initliaze locale, so that
strftime() retruns locale-specific dates.
* date-rfc1123:
add tests for evutil_date_rfc1123().
http: do not use local settings for Date header
Azat Khuzhin [Tue, 6 Dec 2016 22:43:35 +0000 (01:43 +0300)]
Merge branch 'be-openssl-fd-reset-fix-v2'
Two issues:
- dirty_shutdown for openssl 1.1
- BEV_CTRL_SET_FD for bufferevent_openssl didn't reset state
* be-openssl-fd-reset-fix-v2:
Fix dirty_shutdown for openssl 1.1
Fix reusing bufferevent_openssl after fd was reseted (i.e. on new connection)
test/https: fix ssl dirty bypass for https_simple
test/https: cover multiple request over the same connection
test/http: sanity check for http_request_empty_done()
Azat Khuzhin [Sat, 19 Nov 2016 14:08:53 +0000 (17:08 +0300)]
Fix reusing bufferevent_openssl after fd was reseted (i.e. on new connection)
For example if you trying to issue multiple requests over the same
evhttp_conneciton, and if connection already closed (IOW it should be
re-connected), than you will get into trouble since it will got wrong
openssl state. This patch addresses this issue by restoring state to
initial if SETFD called with -1 fd.
Azat Khuzhin [Tue, 6 Dec 2016 22:14:24 +0000 (01:14 +0300)]
Merge branch 'openssl-1.1-init-fixes-v2'
* openssl-1.1-init-fixes-v2:
sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)
test: fix building under openssl 1.1 (init functions has been deprecated)
le-proxy: fix building under openssl 1.1 (init functions has been deprecated)
So firstly include our header (config.h) -- <evconfig-private.h>, and
only after it <sys/types.h> since latest has #ifdef guard, while our
config.h is not inteded for this.
And besides all this thing with LARGE_FILE is a abit awkward, since we
don't nefine _LP64/_LP32 anyway, and so we have next error actually (64bit VS
32bit):
==> solaris: In file included from ./util-internal.h:30:0,
==> solaris: from test/regress_ssl.c:49:
==> solaris: ./evconfig-private.h:29:0: warning: "_FILE_OFFSET_BITS" redefined
==> solaris: #define _FILE_OFFSET_BITS 64
==> solaris: ^
==> solaris: In file included from /usr/include/sys/types.h:17:0,
==> solaris: from test/regress_ssl.c:38:
==> solaris: /opt/csw/lib/gcc/i386-pc-solaris2.10/5.2.0/include-fixed/sys/feature_tests.h:196:0: note: this is the location of the previous definition
==> solaris: #define _FILE_OFFSET_BITS 32
==> solaris: ^
Azat Khuzhin [Tue, 6 Dec 2016 10:06:08 +0000 (13:06 +0300)]
vagrant/osx: use make instead of gmake (there is no gmake)
$ make --version
GNU Make 3.81
Copyright (C) 2006 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
Azat Khuzhin [Tue, 6 Dec 2016 09:08:32 +0000 (12:08 +0300)]
util-internal: fix __func__ redefinition (netbsd)
==> netbsd: In file included from ../listener.c:57:0:
==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default]
==> netbsd: #define __func__ EVENT____func__
==> netbsd: ^
==> netbsd: In file included from /usr/include/amd64/types.h:39:0,
==> netbsd: from /usr/include/sys/types.h:45,
==> netbsd: from ../listener.c:30:
==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition
==> netbsd: #define __func__ __PRETTY_FUNCTION__
Tim Hentenaar [Thu, 14 Jul 2016 13:45:01 +0000 (15:45 +0200)]
poll: Prevent libevent from spinning if POLLNVAL occurs
This can happen, for example if libevent is being used to poll fds given
by another library where the other library closes the fds without
notifying the program using it that said fds were closed. In this case,
libevent will simply spin on poll() since there are active fds, but
won't call any event callback to handle the condition.
In epoll case after socket closed it automatically removed from epfd, so
IOW it will not spin in epoll* API, just a timeout.
Azat Khuzhin [Tue, 1 Nov 2016 20:33:11 +0000 (23:33 +0300)]
Fix cmake -DEVENT__COVERAGE=ON
- do not use compiler check from the root cmake rules with syntax error,
let CodeCoverage check it
- fix CodeCoverage to check C compiler not CXX
- case insensitive checking of CMAKE_BUILD_TYPE
- replace flags with --coverage, and fix flags with linking with
--coverate, otherwise it will not compile during checking flags and
fails.
Azat Khuzhin [Mon, 31 Oct 2016 09:01:20 +0000 (12:01 +0300)]
autogen.sh: remove all autoconf/automake caches, if any
Otherwise if you for example share root of libevent repository with some
vm (for example windows+cygwin) then if you try to build with configure
on host, and then on guest it will fail, so let's just ignore this since
autogen.sh is just for this -- cleaning all stuff.
Zonr Chang [Wed, 24 Aug 2016 08:19:01 +0000 (16:19 +0800)]
cmake: cleanup
- Remove a redundant check on netdb.h (EVENT__HAVE_NETDB_H).
- Properly setup EVENT__SIZEOF_SSIZE_T for the case where "ssize_t" is
not "int".
- Remove unused EVENT__HAVE_PTHREAD.
- Set EVENT__HAVE_LIBZ instead of EVENT__HAVE_ZLIB (and remove the
latter).
Azat Khuzhin [Tue, 25 Oct 2016 21:51:56 +0000 (00:51 +0300)]
cmake/win32: fix running regress, but fixing finding python2 interpreter
Could not find executable C:/projects/libevent/build/bin/regress
Looked in the following places:
C:/projects/libevent/build/bin/regress
C:/projects/libevent/build/bin/regress.exe
...
9/13 Test #9: regress__WIN32_debug ................***Not Run 0.00 sec
Kurt Roeckx [Mon, 19 Sep 2016 20:05:15 +0000 (22:05 +0200)]
Make it build using OpenSSL 1.1.0
Rebased (azat):
- tabs instead of whitespaces
- make openssl-compat.h safe for complex expressions
- do not call sk_SSL_COMP_free() in 1.1 (fixes double free)
Adam Langley [Thu, 13 Oct 2016 00:49:17 +0000 (17:49 -0700)]
Don't call BIO_number_{read|written} on NULL BIOs.
OpenSSL doesn't document the behaviour of these functions when given a
NULL BIO, and it happens to return zero at the moment. But don't depend
on that.
Adding option to ignore clock_gettime: --disable-clock-gettime
macOS 10.12 introduced `clock_gettime` to libsystem. This means, built
on OS X 10.12 application would crash on earlier versions of OS X
because it will try to call clock_gettime. This options is useful to
make backwards compatible macOS apps.
Zonr Chang [Wed, 24 Aug 2016 09:16:32 +0000 (17:16 +0800)]
Fix evhttp_uriencode() regression.
http_uriencode_test() (in test/regress_http.c) has been failed after 72afe4c as "hello\0world" is encoded to "hello" instead of
"hello%00world". This is because of a misplaced overflow check which
causes the non-negative "size" specified in parameter being ignored in
within-bound URI.
Azat Khuzhin [Thu, 11 Aug 2016 13:15:45 +0000 (16:15 +0300)]
tests: use waitpid(..., WNOWAIT) to fix failing of main/fork under solaris
According to solaris docs:
"One instance of a SIGCHLD signal is queued for each child process whose
status has changed. If waitpid() returns because the status of a child
process is available, and WNOWAIT was not specified in options, any pending
SIGCHLD signal associated with the process ID of that child process is
discarded. Any other pending SIGCHLD signals remain pending."
And interesting thing that it works if you add sleep(1) before waitpid(), and
also if you run with --verbose (some race or what).
But linux doesn't support WNOWAIT in waitpid() so add detection into
cmake/autotools.
Azat Khuzhin [Thu, 11 Aug 2016 10:43:14 +0000 (13:43 +0300)]
test: replace sleeping with syncing pair in main/fork
About this syncing pair:
- read endpoint, must be blocked, to make it a checkpoint or smth like this
- write endpoint, must be nonblocking, to avoid readcb hung
During testing sometimes bufferevent/bufferevent_connect_fail_eventcb fails,
and after some digging I found that this was the case when connect() doesn't
return ECONNREFUSED immediately, and instead next operation will return it (in
our case evbuffer_read()->readv(), needless to say that after this
bufferevent_writecb() called and it checks error with getsockopt() but of
course it doesn't return any error), so this patch checks "errno" after
"readv()" and installs "bufev::connection_refused" flag, to handle this from
writecb and only once.
Azat Khuzhin [Tue, 9 Aug 2016 12:49:01 +0000 (15:49 +0300)]
Merge branch 'appveyor-cmake-v6'
This patch set introduces matrix for appveyor and fixes bugs related to win32,
during debugging this matrix. This should greatly reduce number of work for
making a release ('check under windows' part only).
Right now tests on appveyor still failes in summary, but we should dig into
problems, not hide them.
Test matrix looks like this:
- autotools
- autotools --disable-openssl
- autotools --disable-thread-support
- autotools --disable-debug-mode
- autotools --disable-malloc-replacement
- cmake
- cmake -DEVENT__DISABLE_OPENSSL=ON
- cmake -DEVENT__DISABLE_THREAD_SUPPORT=ON
- cmake -DEVENT__DISABLE_DEBUG_MODE=ON
- cmake -DEVENT__DISABLE_MM_REPLACEMENT=ON
- cmake -DEVENT__ENABLE_VERBOSE_DEBUG=ON
- cmake -DCMAKE_C_FLAGS='-DUNICODE -D_UNICODE'
And takes 90min (was 7min, and this is the sad part).
* appveyor-cmake-v6:
test/ssl: use send()/recv()/EVUTIL_ERR_RW_RETRIABLE()/EVUTIL_SOCKET_ERROR() to fix win32
test/https_basic: increase timeout for complete write (fixes win32)
cmake: check for ZLIB_INCLUDE_DIR, since we can have only library without headers
autotools/win32: fix searching ssl library
appveyor/autotools: link with openssl by passing LDFLAGS/CFLAGS
appveyor: image already had openssl installed
cmake/win32: do not compile regress_thread on -DEVENT__DISABLE_THREAD_SUPPORT=ON
cmake/win32: do not compile evthread_win32 on -DEVENT__DISABLE_THREAD_SUPPORT=ON
appveyor: check -DUNICODE -D_UNICODE according to ReleaseChecklist (cmake only)
cmake: fix -DEVENT__ENABLE_VERBOSE_DEBUG (typo on -DUSE_DEBUG)
test: fix building with --disable-thread-support under win32
cmake: do not use stderr for notifications/version-info
autoconf: fix --disable-thread-support build under win32
appveyor: ignore failure of mingw-get
appveyor: drop shallow_clone, since we use tags for detecting version in cmake
appveyor: support cmake & autotools using build matrix (like travis-ci has)
Azat Khuzhin [Mon, 8 Aug 2016 14:25:11 +0000 (17:25 +0300)]
appveyor/autotools: link with openssl by passing LDFLAGS/CFLAGS
This never works, hence green tests in production. and now it works:
https://ci.appveyor.com/project/azat/libevent/build/2.1.5.100/job/eib4xqfb7d3ruo16
(look by /"evthread_win32.c")
Azat Khuzhin [Mon, 8 Aug 2016 12:34:57 +0000 (15:34 +0300)]
appveyor: image already had openssl installed
Fixes messages like "Version mismatch for openssl: compiled with 1000201f but
running with 1000208f" [1].
According to next link:
http://help.appveyor.com/discussions/questions/1132-openssl-installation-issues
Refs: appveyor/ci#576
[1]: https://ci.appveyor.com/project/azat/libevent/build/2.1.5.95/job/dcy9cfoj3rfo4gdh
Azat Khuzhin [Sun, 7 Aug 2016 20:07:44 +0000 (23:07 +0300)]
cmake: do not use stderr for notifications/version-info
For all except "STATUS" message() will write to stderr, and this also includes
case when you does not have <mode> at all. Plus for every message in stderr
powershell generates exception and make appveyor fails.
Azat Khuzhin [Sun, 7 Aug 2016 18:30:04 +0000 (21:30 +0300)]
appveyor: ignore failure of mingw-get
Since according to doc [1], appveyour will fail the build on every powershell's
exception:
"PowerShell script is considered successful if it finishes without exception."
Azat Khuzhin [Sun, 19 Jun 2016 11:15:41 +0000 (14:15 +0300)]
appveyor: support cmake & autotools using build matrix (like travis-ci has)
This will allow us to avoid possible compilation regressions, and also some
failures in different environments (for example because of different
sizeof(size_t)).
For example we can avoid next issues:
- #361
- #314
- #311
(And I'm pretty sure that this is not complete list)
And of course it reduce job for maintainers.
But it also have one downside, appveyor doesn't have such concurrency like
travis-ci, so it can take a while to finish the whole build, but we can resolve
this later, or reduce build matrix to only one for autotools and one for cmake.