Peter Rosin [Wed, 25 May 2011 08:54:06 +0000 (10:54 +0200)]
Link with -lshell32 and -ladvapi32 on Win32.
SHGetSpecialFolderPath is in Shell32.dll and the RegOpenKey (et al) and
CryptGenRandom (et al) functions are in -ladvapi32.dll. MinGW is "nice"
and brings those in automatically, but specify them explicitly for
other tool chains.
Mansour Moufid [Mon, 23 May 2011 22:01:24 +0000 (18:01 -0400)]
Prevent size_t overflow in evhttp_htmlescape.
Modified the `html_replace' function so that it returns the length of
the replacement string instead of the string itself. This is used to
easily check for overflows of the `new_size' variable in the first for
loop of the `evhttp_htmlescape' function, and thus potential out of
bounds writes in the second for loop (if an overflow occurs in
new_size, then new_size < old_size). Also check that new_size + 1
doesn't overflow in mm_malloc(new_size + 1).
Removed the `scratch_space' variable from the `evhttp_htmlescape'
function since it wasn't actually used; also removed the `buf'
variable from the `evhttp_htmlescape' function since it was only used
by `scratch_space'.
"I'm not sure if you'll like my use of the limited broadcast address
for simulating an ENETUNREACH error with a TCP connection, but it's
the best that I could think of. Basically, we want to trigger a
non-EINPROGRESS error in evutil_socket_connect() immediately at the
connect() in order to bring about the assertion in the
evhttp_connection_fail() error handling code."
Patch in question:
- Fix the case when failed evhttp_make_request() leaved request in the queue.
- http://levent.git.sourceforge.net/git/gitweb.cgi?p=levent/libevent;a=commit;h=0d6622e
The above patch introduces a failing assertion in
evhttp_connection_fail(). This happens because the patch defers the
assignment of the outstanding request to the evcon->requests list,
while evhttp_connection_fail() assumes that the request lies in the
list.
One scenario in which this can happen is when the request list is
empty and a connection is made to an unreachable host. The assertion
will then fail after bufferevent_socket_connect() errors out (with
ENETUNREACH in my case).
Sebastian Hahn [Thu, 5 May 2011 16:02:42 +0000 (18:02 +0200)]
Fix a compile warning with zlib 1.2.4 and 1.2.5
I took this fix from Tor (commit 1a52e39c22d5, author Nick Mathewson,
Copyright (c) 2007-2011, The Tor Project, Inc.) and adapted it slightly
for libevent.
Nick Mathewson [Tue, 3 May 2011 17:54:57 +0000 (13:54 -0400)]
Fix a warn-and-fail bug in kqueue by providing kevent() room to report errors
Apparently, kevent fails gracefully if there is not enough space in its
output events array to report every _event_... but it just dies and returns
-1 if there is not enough space to report every _error_.
There are a couple of possible fixes here. One would to handle -1
returns from kevent better by re-growing the array and retrying... but
that seems a little error prone. Instead, I'm just going to say that
the events array must be large enough to handle all the errors.
This patch also adds a unit test designed to make sure that our
many-events-out code works even if not all the events are added at
once.
Nick Mathewson [Wed, 27 Apr 2011 03:42:01 +0000 (23:42 -0400)]
Fix clang warning when resetting connection
This was a regression on 2.0.10-stable: clang was warning about
values that were unused (because event_debug wasn't using them unless
USE_DEBUG was defined). Found by Sebastian Hahn.
Sebastian Hahn [Sun, 10 Apr 2011 15:23:11 +0000 (17:23 +0200)]
Fix compilation under LLVM/clang with --enable-gcc-warnings
When compiling using clang (2.9 or lower) do not enable
-Wnormalized=id or -Woverride-init when --enable-gcc-warnings
or --enable-gcc-warnings-advisory is set as these options
are unsupported.
Nick Mathewson [Tue, 5 Apr 2011 21:21:12 +0000 (17:21 -0400)]
Fix the check for multicast or broadcast addresses in evutil_check_interfaces
First of all, it is totally okay to have an address end with .255,
depending on what your netmask is, so we shouldn't reject a local
address if it ends with .255.
Second, our check for ending with .255 was broken. So was our check
for class-d addresses.
Tomash Brechko [Wed, 23 Mar 2011 09:05:33 +0000 (12:05 +0300)]
Reset outgoing connection when read data in idle state.
Imagine server side is buggy and miscalculates Content-Length: in the
reply. Data arriving in idle state shouldn't make us crash, instead we
can just reset the connection.
Dave Hart [Wed, 23 Mar 2011 20:22:57 +0000 (16:22 -0400)]
Fix for --gc-sections on NetBSD
This patch fixes http://bugs.ntp.org/1844, works around
http://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=40401, by
improving the test for support of --gc-sections to run a program which
reads a file using stdio built with --gc-sections, instead of simply
link the binary. This catches the buggy linker as the garbage
collection removes a tag NetBSD uses to distinguish its own elf
binaries from Linux ones, causing it to treat conftest as a Linux
binary and run it with the wrong syscall table.
Dave Hart [Wed, 23 Mar 2011 20:22:24 +0000 (16:22 -0400)]
Fix make distcheck & installation of libevent 1 headers
libevent/Makefile.am corrects a typo (thanks to Harlan for spotting it
once we realized make distcheck was broken when building the libevent
tearoff). The result was the include/ev*.h were not distributed nor
installed whether or not --disable-libevent-install was used. This
was introduced with the final round (3/3) of
--disable-libevent-install patch from me.
Fix incorrect assertions and possible use-after-free in evrpc_free()
Original description:
The following patch fixes incorrect assertions in evrpc_free():
evrpc_unregister_rpc() and evrpc_remove_hook() return 0 for success.
Also, in evrpc_unregister_rpc(), it is better to free RPC structure
at the end: evrpc_free() uses rpc->uri as "name" parameter when
calling evrpc_unregister_rpc(), then rpc->uri is freed, but we have
"registered_uri = evrpc_construct_uri(name)". So at this time "name"
is invalid.
The problem is that bufferevent_disable() doesn't disable EV_WRITE
when 'connecting' flag is set. However from evhttp_connection_reset()
we want to disable EV_WRITE for sure (we are closing the socket next).
So we add bufferevent_disable_hard(), which acts like
bufferevent_disable(), but resets 'connecting' flag before the call to
the actual handler.
TODO: bufferevent_disable_hard() shouldn't be public, remove it from
event2/bufferevent.h.
Nick Mathewson [Tue, 22 Feb 2011 21:20:42 +0000 (16:20 -0500)]
Make -ffunction-sections off-by-default in 2.0.x
I don't see how this can burn anybody, but I don't want to take
chances: new build options are something that should be done in an
alpha. To turn -ffunction-sections on, pass
--enable-function-sections to configure.
Dave Hart [Sun, 13 Feb 2011 07:05:04 +0000 (02:05 -0500)]
Add configure options to disable installation, regression tests
The main reason for disabling installation is if you're building
libevent as a subpackage for embedding: you want to have your main
package's "make all" build libevent, but you don't want your main
package's "make install" to install libevent.
Nick Mathewson [Sun, 13 Feb 2011 06:27:06 +0000 (01:27 -0500)]
NM: Fix sample/http-server ipv6 fixes
Fix 1: Use #include "../xyz" rather than #include <../xyz>
Fix 2: util-internal.h includes ipv6-internal.h, which in turn defines
a replacement AF_INET6 on platforms that don't have it. As such,
the AF_INET6 checks shouldn't be needed. (right?)
Nick Mathewson [Sun, 13 Feb 2011 05:41:22 +0000 (00:41 -0500)]
Make URI parser able to tolerate nonconformant URIs.
If the EVHTTP_URI_NONCONFORMANT flag is passed in (which it is when
parsing URIs we get over the wire), then we relax our checks a lot.
Specifically, we do nothing to check for correct characters in the
path, query, and fragment parts of such a URI.
We could do much more here: we could relax our hostname requirements,
deal with spaces differently/better, trap some errors but not others,
etc. But this should solve the worst user-agent compatibility issues
for now; the other issues can wait for a later release.
projects / libevent / log