]>
granicus.if.org Git - libevent/log
Mark Ellzey [Thu, 24 Dec 2015 03:03:57 +0000 (19:03 -0800)]
Address issue #306 - use misalign instead of evbuffer_remove
when evbuffer_add_file is called and mmap is used, if the offset
argument is >0, a mistake happens: add_file removes "offset" byts
from the front of the evbuffer.
So that means any data that was previously on the buffer is trimmed
off by "offset" bytes. Whoops.
A onelinter fix: don't use evbuffer_drain for the offset, instead,
just modify the misalign variable on the newly created chain.
Azat Khuzhin [Thu, 8 Oct 2015 08:50:53 +0000 (11:50 +0300)]
Merge branch 'fix-http-for-ipv6-backport-for-2.0' into patches-2.0
This patchset is just a backport from upstream (with minor fixes to function
names in tests) of
2ecd894725e167dcc1f22f9292f98e41299df6cc ("Merge pull
request #39 from azat/fix-http-for-ipv6")
* fix-http-for-ipv6-backport-for-2.0:
Add regress test ipv6_for_domain.
Fix ipv6 support for http. When URL contain domain, not IP address.
Fixes #287
Azat Khuzhin [Sat, 26 Jan 2013 22:17:02 +0000 (02:17 +0400)]
Add regress test ipv6_for_domain.
Written for commit
71e709c7829275a594f767b27468b1b52e8b5bb9 .
Fix ipv6 support for http. When URL contain domain, not IP address.
backporting to 2.0: fix conflicts with the name of the main function --
_http_connection_test().
Azat Khuzhin [Tue, 22 Jan 2013 22:45:32 +0000 (02:45 +0400)]
Fix ipv6 support for http. When URL contain domain, not IP address.
Before this patch socket created before domain was resolved, and it
always create with AF_INET (ipv4), but we must create socket only after
domain was resolved to understad which protocol family have domain
address.
Thank to Patrick Pelletier, who found this bug.
Mark Ellzey [Tue, 28 Apr 2015 02:59:42 +0000 (22:59 -0400)]
Fix potential fd leak in listener_read_cb()
As pointed out by harlan_ in #libevent after running a coverity sweep.
If the listener is free'd, 'new_fd' is never closed.
Nick Mathewson [Mon, 5 Jan 2015 15:17:40 +0000 (10:17 -0500)]
Update changelog
Nick Mathewson [Mon, 5 Jan 2015 14:31:12 +0000 (09:31 -0500)]
Update changelog.
Nick Mathewson [Mon, 5 Jan 2015 14:30:02 +0000 (09:30 -0500)]
Merge branch '20_cve_2014_6272_v2' into patches-2.0
Nick Mathewson [Mon, 5 Jan 2015 14:18:59 +0000 (09:18 -0500)]
Increment version to 2.0.22-stable
Nick Mathewson [Mon, 5 Jan 2015 13:46:22 +0000 (08:46 -0500)]
Update changelog for 2.0
Nick Mathewson [Mon, 5 Jan 2015 13:42:32 +0000 (08:42 -0500)]
Fix CVE-2014-6272 in Libevent 2.0
For this fix, we need to make sure that passing too-large inputs to
the evbuffer functions can't make us do bad things with the heap.
Also, lower the maximum chunk size to the lower of off_t, size_t maximum.
This is necessary since otherwise we could get into an infinite loop
if we make a chunk that 'misalign' cannot index into.
Nick Mathewson [Sun, 30 Nov 2014 16:05:40 +0000 (11:05 -0500)]
Fix evbuffer_peek() with len==-1 and start_at non-NULL.
Nick Mathewson [Mon, 1 Dec 2014 02:02:25 +0000 (21:02 -0500)]
Merge branch 'patches-2.0' of github.com:libevent/libevent into patches-2.0
Nick Mathewson [Mon, 1 Dec 2014 00:38:23 +0000 (19:38 -0500)]
Work on the changelog for 2.0.22
vjpai [Mon, 22 Sep 2014 19:19:37 +0000 (12:19 -0700)]
Fix race caused by event_active
There is a race between manual event_active and natural event activation. If both happen at the same time on the same FD, they would both be protected by the same event base lock except for 1 LoC where the fields of struct event are read without any kind of lock. This commit does those reads into local variables inside the lock and then invokes the callback with those local arguments outside the lock. In 2.0-stable, none of this is inside the lock; in HEAD, only the callback is read inside the lock. This gets the callback and all 3 arguments inside the lock before calling it outside the lock.
Nick Mathewson [Thu, 9 Oct 2014 14:14:12 +0000 (10:14 -0400)]
Fix a typo in a doxygen comment. Reported by 亦得.
ufo2243 [Fri, 12 Sep 2014 06:19:14 +0000 (14:19 +0800)]
[Bugfix] fix bufferevent setwatermark suspend_read
Maks Naumov [Tue, 25 Mar 2014 11:35:13 +0000 (13:35 +0200)]
regress_buffer: fix 'memcmp' compare size
Nick Mathewson [Fri, 29 Aug 2014 18:59:17 +0000 (14:59 -0400)]
Consistently check for failure from evbuffer_pullup()
Closes issue #148.
Nick Mathewson [Fri, 29 Aug 2014 18:31:07 +0000 (14:31 -0400)]
Use FindClose for handle from FindFirstFile in http-server.c
Noted by Miles Chan as issue #145
Pierre Phaneuf [Wed, 13 Aug 2014 22:17:52 +0000 (23:17 +0100)]
Add a few files created by "make verify" to .gitignore.
Nick Mathewson [Fri, 21 Mar 2014 18:08:17 +0000 (14:08 -0400)]
Fix a crash in evdns related to shutting down evdns
(Improved version to deal correctly with probe requests)
Patch from YASUOKA Masahiko; fix for libevent github issue #113.
Nick Mathewson [Fri, 21 Mar 2014 18:08:17 +0000 (14:08 -0400)]
Fix a crash in evdns related to shutting down evdns
Patch from YASUOKA Masahiko; fix for libevent github issue #113.
Trond Norbye [Wed, 19 Feb 2014 05:49:31 +0000 (06:49 +0100)]
Add -Qunused-arguments for clang on macos
The clang compiler provided with macosx emits warnings like:
CC bufferevent.lo
clang: warning: argument unused during compilation: '-I .'
clang: warning: argument unused during compilation: '-I ./compat'
clang: warning: argument unused during compilation: '-I ./include'
clang: warning: argument unused during compilation: '-I ./include'
for each file being compiled. This generates a lot of noise during
compilation making it hard to see "real" errors. This patch mute
those warnings.
Nick Mathewson [Sun, 9 Feb 2014 18:29:26 +0000 (13:29 -0500)]
bufferevent_pair: don't call downcast(NULL)
Marcin Juszkiewicz [Wed, 22 Jan 2014 10:17:35 +0000 (11:17 +0100)]
Check does arch have the epoll_create and __NR_epoll_wait syscalls.
Some architectures (like AArch64) do not have deprecated syscalls.
Signed-off-by: Marcin Juszkiewicz <mjuszkiewicz@redhat.com>
Nick Mathewson [Fri, 20 Dec 2013 18:37:04 +0000 (13:37 -0500)]
Merge remote-tracking branch 'sourceforge/patches-2.0' into patches-2.0
Conflicts:
include/event2/event.h
Nick Mathewson [Fri, 20 Dec 2013 18:31:29 +0000 (13:31 -0500)]
Typo fixes from Linus Nordberg
Nick Mathewson [Fri, 20 Dec 2013 18:31:29 +0000 (13:31 -0500)]
Typo fixes from Linus Nordberg
Nick Mathewson [Mon, 16 Dec 2013 17:02:21 +0000 (12:02 -0500)]
Clarify event_base_loop exit conditions
Nick Mathewson [Thu, 5 Dec 2013 22:14:05 +0000 (17:14 -0500)]
update the 2.0 changelog
Nick Mathewson [Fri, 1 Nov 2013 18:20:25 +0000 (14:20 -0400)]
Avoid redundant invocations of init_extension_functions for IOCP
Nick Mathewson [Thu, 19 Sep 2013 14:48:09 +0000 (10:48 -0400)]
Fix another arc4random_buf-related warning
Nick Mathewson [Thu, 19 Sep 2013 14:43:54 +0000 (10:43 -0400)]
Fix a compiler warning when checking for arc4random_buf linker breakage.
Patch by Ralph Castain.
Nate Rosenblum [Tue, 3 Sep 2013 21:46:47 +0000 (14:46 -0700)]
Avoid racy bufferevent activation
The evhttp_send_reply method invokes evhttp_write_buffer with a
callback that may release the underlying request object and
bufferevent upon completion. This cleanup callback is invoked by the
underlying bufferevent's write callback. Improperly enabling write
events before referencing the bufferevent could lead to use after free
and memory corruption.
Nick Mathewson [Mon, 19 Aug 2013 14:02:55 +0000 (10:02 -0400)]
Merge remote-tracking branch 'public/20_memclear' into patches-2.0
Nick Mathewson [Mon, 19 Aug 2013 13:52:29 +0000 (09:52 -0400)]
Really remove RNG seeds from the stack
Nick Mathewson [Tue, 13 Aug 2013 15:12:25 +0000 (11:12 -0400)]
Oops; revert testing code
Nick Mathewson [Tue, 13 Aug 2013 14:59:27 +0000 (10:59 -0400)]
Avoid other RNG initialization FS reads when urandom file is specified
Nick Mathewson [Tue, 13 Aug 2013 14:59:20 +0000 (10:59 -0400)]
Finish a sentence
Nick Mathewson [Tue, 6 Aug 2013 21:06:23 +0000 (17:06 -0400)]
Add evutil_secure_rng_set_urandom_device_file
This experimental function is needed for some seccomp2 hackery to
work, and should have no effect for systems that don't use it.
Frank Denis [Sat, 20 Jul 2013 21:02:49 +0000 (14:02 -0700)]
libevent/win32_dealloc() : fix sizeof(pointer) vs sizeof(*pointer)
Nick Mathewson [Mon, 10 Jun 2013 19:16:13 +0000 (15:16 -0400)]
Merge remote-tracking branch 'public/pr/79' into patches-2.0
Nick Mathewson [Mon, 10 Jun 2013 14:38:12 +0000 (10:38 -0400)]
Document that arc4random is not a great cryptographic PRNG.
Nick Mathewson [Mon, 10 Jun 2013 14:33:56 +0000 (10:33 -0400)]
When we seed from /proc/sys/kernel/random/uuid, count it as success
Found by Joseph Spadavecchia
Greg Hazel [Wed, 29 May 2013 21:19:14 +0000 (14:19 -0700)]
restore the comment
Azat Khuzhin [Fri, 10 May 2013 23:53:11 +0000 (03:53 +0400)]
Fix SEGFAULT after evdns_base_resume if no nameservers installed.
If there is no nameservers installed, using
evdns_base_nameserver_ip_add(), than evdns_base_resume() will SEGFAULT,
because of NULL dereference in evdns_requests_pump_waiting_queue()
Conflicts:
evdns.c
Nick Mathewson [Wed, 29 May 2013 17:30:56 +0000 (13:30 -0400)]
Use windows vsnprintf fixup logic on all windows environments
Previously I'd relied on mingw to provide a vsnprintf with a
conformant return value. But it appears that some mingw
environments don't do that.
Belobrov Andrey [Mon, 6 May 2013 14:15:03 +0000 (18:15 +0400)]
Checking request nameserver for NULL, before using it.
Nick Mathewson [Tue, 30 Apr 2013 15:42:53 +0000 (11:42 -0400)]
Start a changelog for Libevent 2.0.22-stable
Nick Mathewson [Thu, 25 Apr 2013 17:43:49 +0000 (13:43 -0400)]
Merge remote-tracking branch 'origin/pr/36' into patches-2.0
Nick Mathewson [Tue, 26 Mar 2013 01:12:49 +0000 (21:12 -0400)]
Fix a typo in a comment in buffer.h. Spotted by Alt_F4
Greg Hazel [Thu, 14 Feb 2013 17:54:56 +0000 (09:54 -0800)]
fix #73 and fix http_connection_fail_test to catch it
Nick Mathewson [Sat, 9 Feb 2013 03:08:18 +0000 (22:08 -0500)]
Avoid using top_srcdir in TESTS-new automakes do not like this
Nick Mathewson [Sat, 9 Feb 2013 03:07:43 +0000 (22:07 -0500)]
Rename configure.in to configure.ac to appease newer autoconfs
Nick Mathewson [Fri, 8 Feb 2013 18:03:29 +0000 (13:03 -0500)]
Use AC_CONFIG_HEADERS in place of AM_CONFIG_HEADERS for autmake 1.13 compat
Patch from cazfi.
Nick Mathewson [Tue, 5 Feb 2013 20:07:32 +0000 (15:07 -0500)]
Fix a locking error in bufferevent_socket_get_dns_error.
Patch from Ka-Hing Cheung.
Gyepi Sam [Tue, 22 Jan 2013 16:59:07 +0000 (16:59 +0000)]
Fix a mistake in evbuffer_remove() arguments in example http server code
(commit message by nickm)
Kevin Bowling [Mon, 3 Jan 2011 22:09:21 +0000 (15:09 -0700)]
Backport libevent to vanilla Autoconf 2.59 (as used in RHEL5)
This is a backport of
ad03952 .
Tay Ray Chuan [Tue, 15 Jan 2013 04:52:08 +0000 (12:52 +0800)]
Fix missing AC_PROG_SED on older Autoconfs
For pre-2.59b Autoconfs, AC_PROG_SED is not available [1]; on such
systems, avoid calling AC_PROG_SED, while providing a sensible SED.
This aids backporting to Autoconf 2.59.
[1] http://lists.gnu.org/archive/html/autotools-announce/2004-08/msg00002.html
Nick Mathewson [Thu, 20 Dec 2012 16:48:05 +0000 (11:48 -0500)]
Avoid double-close on getsockname error in evutil_ersatz_socketpair
Found by coverity; CID 739726
Nick Mathewson [Thu, 20 Dec 2012 16:47:09 +0000 (11:47 -0500)]
Avoid leaking fds on evconnlistener with no callback set
There's no way to retrieve an fd from an evconnlistener whose
callback has been cleared, so we had better close any such fd.
Found by coverity; CID 739725.
Nick Mathewson [Tue, 4 Dec 2012 17:01:25 +0000 (12:01 -0500)]
Fix compilation with WIN32_HAVE_CONDITION_VARIABLES enabled
Reported by Xiuqiang Jiang
Nick Mathewson [Mon, 19 Nov 2012 15:56:16 +0000 (10:56 -0500)]
Increment version to 2.0.21-stable-dev
Nick Mathewson [Sun, 18 Nov 2012 06:39:10 +0000 (01:39 -0500)]
Increment libtool version for 2.0.21 too
Nick Mathewson [Sun, 18 Nov 2012 06:38:07 +0000 (01:38 -0500)]
Increment version to 2.0.21-stable
Nick Mathewson [Sun, 18 Nov 2012 06:36:33 +0000 (01:36 -0500)]
Changelog for 2.0.21-stable
Nick Mathewson [Sun, 18 Nov 2012 06:36:03 +0000 (01:36 -0500)]
Make ssl version check in unit tests work
Nick Mathewson [Fri, 16 Nov 2012 16:55:27 +0000 (11:55 -0500)]
Avoid crash when event_pending() called with no event_base set on event
Instead, give a warning and return 0.
Reported by Antony Dovgal on github as
https://github.com/libevent/libevent/issues/19
Patrick Pelletier [Thu, 8 Nov 2012 03:48:22 +0000 (19:48 -0800)]
remove stray 'x' so print_err will compile when uncommented
Nick Mathewson [Fri, 16 Nov 2012 15:28:19 +0000 (10:28 -0500)]
Make rpcgen_wrapper.sh work on systems without a "python2" binary
Nick Mathewson [Thu, 15 Nov 2012 16:43:20 +0000 (11:43 -0500)]
Warn when openssl version in unit test mismatches compiled version.
Nick Mathewson [Thu, 15 Nov 2012 16:42:14 +0000 (11:42 -0500)]
Fix renegotiation test to work around openssl 1.0.1 bug
There's a bug in openssl 1.0.1 where TLS1.1 and TLS1.2 can't
renegotiate with themselves. When testing renegotiation with OpenSSL
>=1.0.1 and <1.0.1d, disable those protocols.
Nick Mathewson [Fri, 2 Nov 2012 15:44:29 +0000 (11:44 -0400)]
Fix compilation on mingw64 with -DUSE_DEBUG
Nick Mathewson [Thu, 1 Nov 2012 21:38:34 +0000 (17:38 -0400)]
Compile without warnings on mingw64
This is mostly a matter of catching cases where we were still
assuming that evutil_socket_t could be used as an int.
Nick Mathewson [Fri, 26 Oct 2012 23:36:44 +0000 (19:36 -0400)]
Merge remote-tracking branch 'rosslagerwall/python2-2.0' into patches-2.0
Juan Pablo Fernandez [Fri, 26 Oct 2012 23:33:31 +0000 (19:33 -0400)]
Close IOCP listener socket on free when LEV_OPT_CLOSE_ON_FREE is set
Nick Mathewson [Thu, 25 Oct 2012 02:48:59 +0000 (22:48 -0400)]
Merge remote-tracking branch 'public/20_bev_timeout_semantics' into patches-2.0
Ross Lagerwall [Tue, 23 Oct 2012 12:30:58 +0000 (13:30 +0100)]
Use python2 rather than python
python may refer to either python2 or python3 so rather by explicit by
using python2.
See PEP 394 - http://www.python.org/dev/peps/pep-0394/ for more
details.
Joachim Bauch [Thu, 6 Sep 2012 08:01:10 +0000 (10:01 +0200)]
No need to reserve space if reading is suspended.
Conflicts:
bufferevent_openssl.c
Joachim Bauch [Mon, 3 Sep 2012 19:42:15 +0000 (21:42 +0200)]
Stop looping in "consider_reading" if reading is suspended.
George Danchev [Thu, 13 Sep 2012 00:12:03 +0000 (20:12 -0400)]
FIx another memleak on OOM in evdns
George Danchev [Thu, 13 Sep 2012 00:11:12 +0000 (20:11 -0400)]
Avoid a memory-leak on OOM in evdns.
Nick Mathewson [Fri, 7 Sep 2012 19:53:02 +0000 (15:53 -0400)]
Don't discard SSL read event when timeout and read come close together
Nick Mathewson [Fri, 24 Aug 2012 15:40:46 +0000 (11:40 -0400)]
Increment version to 2.0.20-stable-dev
Nick Mathewson [Thu, 23 Aug 2012 18:39:30 +0000 (14:39 -0400)]
Add a date to the changelog
Nick Mathewson [Thu, 23 Aug 2012 18:38:54 +0000 (14:38 -0400)]
Increment version to 2.0.20-stable
Nick Mathewson [Thu, 23 Aug 2012 14:36:39 +0000 (10:36 -0400)]
Initial changelog and credits for 2.0.20
Nick Mathewson [Wed, 22 Aug 2012 16:30:42 +0000 (12:30 -0400)]
Correctly invoke callbacks when a SSL bufferevent reads some and then blocks.
Based on a patch by Andrew Hochhaus, who correctly diagnosed this bug.
Nick Mathewson [Thu, 2 Aug 2012 15:56:17 +0000 (11:56 -0400)]
Add explicit AC_PROG_SED to configure.in so all autoconfs will expose $(SED)
Nick Mathewson [Thu, 2 Aug 2012 15:38:32 +0000 (11:38 -0400)]
Fix an unused variable warning on *BSD.
Greg Hazel [Mon, 30 Jul 2012 20:52:55 +0000 (16:52 -0400)]
Avoid segfault on weird timeout during name lookup.
If an evdns_getaddrinfo timeout happens while pending_cb is set, and
a callback is about to run, but we get a call to
evdns_getaddrinfo_gotresolve before it finishes.
Github issue #60. Thanks to Greg Hazel for patch and patience.
Nick Mathewson [Thu, 26 Jul 2012 14:39:05 +0000 (10:39 -0400)]
Check more setsockopt return values when binding sockets. Found by coverity
Nick Mathewson [Thu, 26 Jul 2012 14:38:29 +0000 (10:38 -0400)]
memset sockaddr_in before using it. Found by coverity.
Nick Mathewson [Thu, 26 Jul 2012 14:37:47 +0000 (10:37 -0400)]
Move assignment outside tt_assert in ssl unit tests. Appeases coverity.
Nick Mathewson [Thu, 26 Jul 2012 14:37:13 +0000 (10:37 -0400)]
Add checks to various return values in unit tests. Found by coverity
Nick Mathewson [Thu, 26 Jul 2012 14:34:06 +0000 (10:34 -0400)]
Avoid possible needless call to writev. Found by coverity.
Nick Mathewson [Thu, 26 Jul 2012 14:16:47 +0000 (10:16 -0400)]
Remove unused variable; spotted by coverity
Nick Mathewson [Thu, 26 Jul 2012 14:04:43 +0000 (10:04 -0400)]
Avoid more crashes/bad calls in unit tests; found by coverity
Nick Mathewson [Thu, 26 Jul 2012 13:59:47 +0000 (09:59 -0400)]
Add some missing null checks to unit tests; found by coverity