kmx git

Commit	Date	Message
7d71214e	2019-08-21T01:10:19	sample/http-server: fix parameter parsing argv[1] is currently unconditionally passed as the docroot to send_document_cb(). This is broken if any optional parameters are provided, such as -p <port>. Signed-off-by: David Disseldorp <ddiss@samba.org>
a0276292	2019-08-21T01:00:07	sample/signal-test: fix use of uninitialized variable signal_int is uninitialized in the !base error path. Signed-off-by: David Disseldorp <ddiss@samba.org>
759573c9	2019-08-14T19:47:45	sample: fix 'INFINITY' undeclared error
80009c50	2019-08-13T17:10:37	becat: avoid using anonymous structures It hasn't been part of the C standard until C11, although it is very useful GCC extension it is better to avoid using this in cross platform projects like libevent.
9c151f3c	2019-08-06T18:19:15	Fix typos in comments (sample/test/event-internal.h)
101fbe31	2019-08-08T21:28:20	sample/signal-test: add NULL checks Fixes: #865
2d4ac10e	2019-06-02T21:51:35	becat: remove extra SSL_CTX options usage [ci skip] Because: - this do not affects performance - this breaks builds for with older openssl
891dd188	2019-05-30T17:38:49	https-client: correction error checking When connecting to a non-existent HTTPS service, the "req" is not null but the "evhttp_request_get_response_code(req)" is zero. Closes: #822 (cherry-picked)
4c774b6c	2019-05-21T10:59:05	time-test: disable buffering (mostly for windows)
c4de6024	2019-05-12T18:25:37	http-server: add usage/help dialog
737d1beb	2019-05-11T18:49:28	http-server: add ability to bind to unix-socket Usage example: http-server -u -U /tmp/sock /tmp/no-such-dir curl -v --unix-socket /tmp/sock 127.1:8080/foo
16d8564a	2019-04-18T17:10:33	le-proxy: initiate use of the Winsock DLL Closes: #803 (cherry-picked)
428f36e5	2019-04-03T23:22:54	https-client: do not try to free not initialized base Otherwise: $ https-client --help Syntax: https-client -url <https-url> [-data data-file.bin] [-ignore-cert] [-retries num] [-timeout sec] [-crt crt] Example: https-client -url https://ip.appspot.com/ [warn] event_base_free_: no base to free
2f184f8b	2019-03-26T13:33:57	evwatch: Add "prepare" and "check" watchers. Adds two new callbacks: "prepare" watchers, which fire immediately before we poll for I/O, and "check" watchers, which fire immediately after we finish polling and before we process events. This allows other event loops to be embedded into libevent's, and enables certain performance monitoring. Closes: #710
d5b24cc0	2019-03-05T21:34:31	sample/becat: bufferevent cat, ncat/nc/telnet analog
afdccee9	2019-01-29T01:23:02	s/http-server: fix cleanup routines Fixes: bdd71f18 ("s/http-server: graceful cleanup")
56f3bdef	2018-11-13T23:23:09	s/http-server: check for EVTHREAD_USE_WINDOWS_THREADS_IMPLEMENTED
bdd71f18	2018-11-13T10:48:41	s/http-server: graceful cleanup
41b6b279	2018-11-13T10:26:17	s/http-server: enable debug logging if EVENT_DEBUG_LOGGING_ALL env isset
3c8ded5c	2018-11-08T11:19:16	s/http-server: turn off buffering (otherwise do output on win32)
5d3f9d4d	2018-11-08T11:13:21	s/http-server: add an option to use IOCP
ed705ba7	2018-11-13T10:33:24	s/http-server: add options (for persistent port)
855f0804	2018-08-09T14:47:17	dns-example: free result in getaddrinfo callback According to evdns.c, the result not freed by libevent after the callback runs: evdns_getaddrinfo_gotresolve() { ... data->user_cb(0, data->pending_result, data->user_data); data->pending_result = NULL; ... } To reproduce, build with -fsanitize=address, add -g to the getopt list in dns-example.c like in the current commit and run dns-example -g google.com Closes: #681 # cherry-picked
28b80754	2018-04-02T13:18:27	Fix build with LibreSSL 2.7 LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init() See also: https://bugs.freebsd.org/226900 Signed-off-by: Bernard Spil <brnrd@FreeBSD.org> Closes: #617 (cherry-pick)
c2c08e02	2017-11-22T10:33:15	Add missing includes into openssl-compat.h Before it depends from the caller #include appropriate headers (at least for OPENSSL_VERSION_NUMBER), but let's make it independent. Fixes: #574
33e363f3	2017-11-20T02:07:54	Free dns/event bases in dns-example to avoid leaks
0ec5edde	2017-08-21T01:08:15	autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550
74a2f593	2017-05-29T16:24:48	le-proxy: fix compiling under win32 (because of no "inline" in C) Include <util-internal.h> for regular "inline", since it is used everywhere.
d22e12ee	2017-05-28T16:38:20	http-connect: exit on error
00ae45fe	2017-04-25T23:10:13	le-proxy: add missing return statement (UAF) Refs: #501501501501501501501501501
05318f13	2017-03-05T11:33:44	sample/https-client: use ERR_remove_*state() when we have them ERR_remove_thread_state: - openssl 0.9.8 does not have - openssl 1.0/libressl has - openssl 1.1 deprecates
5d18d879	2017-03-02T21:09:32	Do not check for ERR_remove_thread_state() (do not link ssl into every library) This reverts commit c4e9d9bd662de7f575f2172c160795d452ebe709 ("sample/https-client: check for ERR_remove_thread_state() existence"). Calling AC_SEARCH_LIBS() modifies LIBS - -lcrypto incorrectly ends up in LIBS, and thus linked to by libevent_core.so. Checking for ERR_remove_thread_state should no longer be needed because it was introduced in openssl 1.0.0, and the previous line 0.9.8 had support discontinued at the end of 2015. Fixes: #473
55cadb2b	2017-02-20T16:55:57	sample/dns-example: fix compiler warning (getopt() returns an int) Signed-off-by: David Disseldorp <ddiss@suse.de> Closes: #449
e139cbac	2017-02-20T14:47:59	sample/https-client: use host SSL certificate store by default Currently a static (Debian) certificate path is used by default, which can be overridden using the -crt parameter. This commit changes the default behaviour such that the openssl default certificate store is used, unless overridden by -crt. Signed-off-by: David Disseldorp <ddiss@suse.de>
d057c45e	2017-01-28T16:42:13	Unbreak build with LibreSSL after openssl 1.1 support added Fixes: 3e9e0a0d46e4 ("Make it build using OpenSSL 1.1.0") Fixes: #445
23f9a20e	2016-12-13T11:54:09	Fix incorrect MIME type
fa58cb1d	2016-11-16T01:16:30	sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)
122bf144	2016-11-14T02:17:38	le-proxy: fix building under openssl 1.1 (init functions has been deprecated) Refs: #397
13a4acda	2016-12-06T13:26:09	https-cilent: fix compilation warnings about unused vars/functions on win32
253e7fa9	2016-12-06T12:08:32	util-internal: fix __func__ redefinition (netbsd) ==> netbsd: In file included from ../listener.c:57:0: ==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default] ==> netbsd: #define __func__ EVENT____func__ ==> netbsd: ^ ==> netbsd: In file included from /usr/include/amd64/types.h:39:0, ==> netbsd: from /usr/include/sys/types.h:45, ==> netbsd: from ../listener.c:30: ==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition ==> netbsd: #define __func__ __PRETTY_FUNCTION__
0abe4eba	2016-12-06T09:54:13	sample/http-connect: fix compilation with VS2010 Fixes: nmathewson/Libevent#137
e9837124	2014-12-13T19:42:42	use ev_uint16_t instead of unsigned short for port Like in `sockaddr_in` structure in /usr/include/netinet/in.h @azat: convert all other users (bench, compat, ..) and tweak message Fixes: #178 Fixes: #196 Refs: 6bf1ca78 Link: https://codereview.appspot.com/156040043/#msg4
3e9e0a0d	2016-09-19T22:05:15	Make it build using OpenSSL 1.1.0 Rebased (azat): - tabs instead of whitespaces - make openssl-compat.h safe for complex expressions - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) TODO: - clean methods_bufferevent Closes: #397 (cherry-picked)
666db91a	2016-06-29T15:11:50	Fix memory leak in signal-test.c
2d3cd353	2016-03-04T19:18:18	sample/hello-world: exAmple, not eXMple Fixes: #334
1bf75956	2016-01-12T02:03:12	http-connect: make it win32 compilable Fixes: commit 1d34498ea31134bd7a8fcadcb95910b30a479e19 ("sample: add HTTP CONNECT tunnelling example using libevent http layer")
fdf713a0	2015-11-24T01:35:25	sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt
c4e9d9bd	2015-11-23T18:44:03	sample/https-client: check for ERR_remove_thread_state() existence Fixes: freebsd 9.2 build
77ad68a6	2015-11-10T20:29:33	sample/https-client: replace ERR_remove_state() by ERR_remove_thread_state() Since ERR_remove_state() is deprecated: $ git log --grep ERR_remove_thread_state commit 2ecd2ededece66bf090fefc93ef3ddb672d9e71a Author: Bodo Möller <bodo@openssl.org> Date: Wed Aug 13 19:30:01 2008 +0000 Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). Link: https://www.openssl.org/docs/manmaster/crypto/ERR_remove_state.html
3316a210	2015-11-10T20:26:50	Add missing <string.h> for openssl_hostname_validation module Now it included by openssl, but nfter openssl/openssl@master-post-reformat-1494-g6329b60 it will print warning (apparently they dropped <string.h> from the generic headers).
4637aa88	2015-09-02T19:34:52	sample/https-client: add -timeout option
f3d7ff5d	2015-08-19T13:22:49	sample/https-client: don't try to free uninitialized SSL sample/https-client.c:459:3: warning: ‘ssl’ may be used uninitialized in this function [-Wmaybe-uninitialized] SSL_free(ssl);
24a1f25a	2015-08-19T13:19:41	sample/https-client: graceful exit with freeing memory (to make valgrind happy)
29a04825	2015-04-02T20:42:54	https-client: correctly handle URLs with no path (like "https://host:port") path == NULL check removed Fixes: #233 Fixes: #234
6dc71e70	2015-08-18T21:57:28	sample/http-connect: don't use assert() to make it work with NDEBUG Otherwise it will not work for cmake release target type.
f976d436	2015-08-18T21:29:03	sample/http-connect: made it compatible with C90
1d34498e	2015-08-18T12:18:31	sample: add HTTP CONNECT tunnelling example using libevent http layer
620ff243	2015-06-17T08:05:53	Update dns-example. There's somebody out there who is going to have a compiler from 1986 who will complain. Better to fix c99 now.
bde231d7	2015-06-17T08:00:19	Merge pull request #183 from azat/dns-example Some improvements for dns-example
df19a970	2014-11-08T15:51:49	dns-example: allow to set ns from args We can't do this using resolv.conf: $ dns-example -v -c <(echo nameserver 127.0.0.1:10053) ya.ru Because of how evutil_read_file_() works (using fstat()) And actually glibc for example will not use port from nameserver line, and because of inet_aton() it will fail if nameserver will have arbitary port: (gdb) p inet_aton("127.0.0.1", malloc(10000)) $1 = 1 (gdb) p inet_aton("127.0.0.1:53", malloc(10000)) $2 = 0 From glibc/resolv/res_init.c: if (MATCH(buf, "nameserver") && nserv < MAXNS) { struct in_addr a; cp = buf + sizeof("nameserver") - 1; while (cp == ' ' \|\| cp == '\t') cp++; if ((cp != '\0') && (cp != '\n') && __inet_aton(cp, &a)) { statp->nsaddr_list[nservall].sin_addr = a; statp->nsaddr_list[nservall].sin_family = AF_INET; statp->nsaddr_list[nservall].sin_port = htons(NAMESERVER_PORT);
32f8592c	2014-11-08T15:41:33	dns-example: convert to getopt()
2e2d18bc	2014-10-09T11:29:17	Merge pull request #170 from azat/https-client-retries https-client: add -retries argument, for connection retries
5c7282f7	2014-09-24T13:46:09	Fix compilation for older OpenSSL versions. For instance OpenSSL 0.9.7 does not have SSL_set_tlsext_host_name. Also add the missing EVENT__DISABLE_SAMPLES CMake option.
d9da8443	2014-09-21T18:36:29	https-client: add -retries argument, for connection retries Using evhttp_connection_set_retries() API.
8bf769c4	2014-08-29T14:32:10	Merge remote-tracking branch 'origin/patches-2.0' Conflicts: sample/http-server.c
6466e88a	2014-08-29T14:31:07	Use FindClose for handle from FindFirstFile in http-server.c Noted by Miles Chan as issue #145
0c492b33	2014-06-13T17:07:50	add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.
6d72bdca	2014-05-30T13:53:27	Make http-server.c output into good html5
462e6b60	2014-03-12T12:45:41	add a cast to https-client.c
e212c548	2014-01-22T13:19:49	Check for OSX when checking for clang.
d7be7887	2014-01-22T11:15:17	Fix https-client compilation on Windows. ssize_t is not defined. But using ssize_t for s in this context makes no sense, since fread returns size_t.
4cb44fdf	2014-01-21T14:26:01	Merge remote-tracking branch 'joakimsoderberg/new_cmake' Conflicts: sample/https-client.c
8b40a5b0	2014-01-21T11:35:21	Check if we're on OSX before disabling deprecation in le-proxy
4e143958	2014-01-21T11:30:27	Change all uses of WIN32 to _WIN32
88ecda3b	2013-12-24T14:37:30	Fix a couple of "#ifdef WIN32" instances
d1976f8e	2013-12-24T14:05:44	Sample HTTPS Client: Set hostname for SNI extension (by f69m) Patch from f69m on SourceForge
90786eb0	2013-12-24T12:59:36	Small tweaks to https-client.c
2fbc3b14	2013-12-24T12:45:22	Merge remote-tracking branch 'resetius/https'
0ef1d04e	2013-12-17T14:32:07	Get rid of unknown pragma warnings.
69c3516b	2013-12-17T13:28:23	Get rid of deprecation warnings for OpenSSL on OSX 10.7+
19222e52	2013-12-13T17:00:23	Added some GCC specific options. - Added sample applications. - Fixed the https-client to work on Windows kind of (No cert validation).
6171e1c2	2013-08-13T18:19:50	sample: drop uri_root from base_url in http-server. By default there is "0.0.0.0", and this address will work only from the same machine, and besides there is no need in uri_root in base_url, because it will be added automatically by browser.
44b2491b	2013-08-06T19:23:36	sample/le-proxy: Fail more gracefully if opening listener fails
eb6b0c1f	2013-04-25T10:47:16	Merge branch '21_evdns_disable_when_inactive'
6b7fa620	2013-03-27T20:15:46	evdns: New flag to make evdns not prevent the event loop from exiting Here is the brief description of problem: When you are use evdns to resolve domains to IP adresses (see ./sample/dns-example) you loop never returns from event_base_dispatch(), and because of this the program will never terminated. Because existing programs may be depending on the old behavior, we only apply the fix when evdns_base_new() is created with a new flag - EVDNS_BASE_DISABLE_WHEN_INACTIVE. (Commit message edited by Nick while squashing the branch.)
29af65eb	2013-04-14T15:41:44	https-client: code cleanup
902bf21e	2013-04-14T15:12:22	Merge branch 'master' of https://github.com/libevent/libevent into https
95acdaa3	2013-04-10T17:56:54	Another tweak to https-client.c
8a90a850	2013-04-10T13:53:44	Remove http_struct.h usage in sample/https-client.c
c5887f73	2013-03-11T18:31:19	POST supported, args supported
4db9da6b	2013-02-27T21:12:53	pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.
6021cb50	2013-02-27T21:19:16	avoid sign mismatch warning in openssl_hostname_validation.c sample/openssl_hostname_validation.c: In function 'matches_common_name': sample/openssl_hostname_validation.c:80: warning: comparison between signed and unsigned integer expressions sample/openssl_hostname_validation.c: In function 'matches_subject_alternative_name': sample/openssl_hostname_validation.c:124: warning: comparison between signed and unsigned integer expressions
64d9f161	2013-02-27T17:16:27	use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for .pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."
aacd674c	2013-02-26T00:06:50	use Debian's default root certificate location as suggested here: http://archives.seul.org/libevent/users/Feb-2013/msg00034.html although curl's acinclude.m4 reveals many other possibilities: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat dnl /usr/local/share/certs/ca-root.crt FreeBSD dnl /etc/ssl/cert.pem OpenBSD dnl /etc/ssl/certs/ (ca path) SUSE And none of these cover Windows :(
5754d96a	2013-02-25T23:43:05	better handling of OpenSSL errors
42d7441a	2013-02-25T23:14:26	https-client was putting newlines at 256-byte boundaries presumably this was meant to put a ">" before every line, but that isn't what it does, since evbuffer_remove is simply returning fixed-size chunks. So, when retrieving a document of more than 256 bytes (e. g. any nontrivial document), we got "> " and newlines thrown in at very arbitrary places.
bf31fa5d	2013-02-27T16:31:17	use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.
be46c99b	2013-02-19T12:22:31	Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>
f324b1df	2013-01-22T17:10:07	Merge remote-tracking branch 'origin/patches-2.0'
c322c207	2013-01-22T16:59:07	Fix a mistake in evbuffer_remove() arguments in example http server code (commit message by nickm)

7d71214e

2019-08-21T01:10:19

sample/http-server: fix parameter parsing argv[1] is currently unconditionally passed as the docroot to send_document_cb(). This is broken if any optional parameters are provided, such as -p <port>. Signed-off-by: David Disseldorp <ddiss@samba.org>

a0276292

2019-08-21T01:00:07

sample/signal-test: fix use of uninitialized variable signal_int is uninitialized in the !base error path. Signed-off-by: David Disseldorp <ddiss@samba.org>

759573c9

2019-08-14T19:47:45

sample: fix 'INFINITY' undeclared error

80009c50

2019-08-13T17:10:37

becat: avoid using anonymous structures It hasn't been part of the C standard until C11, although it is very useful GCC extension it is better to avoid using this in cross platform projects like libevent.

9c151f3c

2019-08-06T18:19:15

Fix typos in comments (sample/test/event-internal.h)

101fbe31

2019-08-08T21:28:20

sample/signal-test: add NULL checks Fixes: #865

2d4ac10e

2019-06-02T21:51:35

becat: remove extra SSL_CTX options usage [ci skip] Because: - this do not affects performance - this breaks builds for with older openssl

891dd188

2019-05-30T17:38:49

https-client: correction error checking When connecting to a non-existent HTTPS service, the "req" is not null but the "evhttp_request_get_response_code(req)" is zero. Closes: #822 (cherry-picked)

4c774b6c

2019-05-21T10:59:05

time-test: disable buffering (mostly for windows)

c4de6024

2019-05-12T18:25:37

http-server: add usage/help dialog

737d1beb

2019-05-11T18:49:28

http-server: add ability to bind to unix-socket Usage example: http-server -u -U /tmp/sock /tmp/no-such-dir curl -v --unix-socket /tmp/sock 127.1:8080/foo

16d8564a

2019-04-18T17:10:33

le-proxy: initiate use of the Winsock DLL Closes: #803 (cherry-picked)

428f36e5

2019-04-03T23:22:54

https-client: do not try to free not initialized base Otherwise: $ https-client --help Syntax: https-client -url <https-url> [-data data-file.bin] [-ignore-cert] [-retries num] [-timeout sec] [-crt crt] Example: https-client -url https://ip.appspot.com/ [warn] event_base_free_: no base to free

2f184f8b

2019-03-26T13:33:57

evwatch: Add "prepare" and "check" watchers. Adds two new callbacks: "prepare" watchers, which fire immediately before we poll for I/O, and "check" watchers, which fire immediately after we finish polling and before we process events. This allows other event loops to be embedded into libevent's, and enables certain performance monitoring. Closes: #710

d5b24cc0

2019-03-05T21:34:31

sample/becat: bufferevent cat, ncat/nc/telnet analog

afdccee9

2019-01-29T01:23:02

s/http-server: fix cleanup routines Fixes: bdd71f18 ("s/http-server: graceful cleanup")

56f3bdef

2018-11-13T23:23:09

s/http-server: check for EVTHREAD_USE_WINDOWS_THREADS_IMPLEMENTED

bdd71f18

2018-11-13T10:48:41

s/http-server: graceful cleanup

41b6b279

2018-11-13T10:26:17

s/http-server: enable debug logging if EVENT_DEBUG_LOGGING_ALL env isset

3c8ded5c

2018-11-08T11:19:16

s/http-server: turn off buffering (otherwise do output on win32)

5d3f9d4d

2018-11-08T11:13:21

s/http-server: add an option to use IOCP

ed705ba7

2018-11-13T10:33:24

s/http-server: add options (for persistent port)

855f0804

2018-08-09T14:47:17

dns-example: free result in getaddrinfo callback According to evdns.c, the result not freed by libevent after the callback runs: evdns_getaddrinfo_gotresolve() { ... data->user_cb(0, data->pending_result, data->user_data); data->pending_result = NULL; ... } To reproduce, build with -fsanitize=address, add -g to the getopt list in dns-example.c like in the current commit and run dns-example -g google.com Closes: #681 # cherry-picked

28b80754

2018-04-02T13:18:27

Fix build with LibreSSL 2.7 LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init() See also: https://bugs.freebsd.org/226900 Signed-off-by: Bernard Spil <brnrd@FreeBSD.org> Closes: #617 (cherry-pick)

c2c08e02

2017-11-22T10:33:15

Add missing includes into openssl-compat.h Before it depends from the caller #include appropriate headers (at least for OPENSSL_VERSION_NUMBER), but let's make it independent. Fixes: #574

33e363f3

2017-11-20T02:07:54

Free dns/event bases in dns-example to avoid leaks

0ec5edde

2017-08-21T01:08:15

autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550

74a2f593

2017-05-29T16:24:48

le-proxy: fix compiling under win32 (because of no "inline" in C) Include <util-internal.h> for regular "inline", since it is used everywhere.

d22e12ee

2017-05-28T16:38:20

http-connect: exit on error

00ae45fe

2017-04-25T23:10:13

le-proxy: add missing return statement (UAF) Refs: #501501501501501501501501501

05318f13

2017-03-05T11:33:44

sample/https-client: use ERR_remove_*state() when we have them ERR_remove_thread_state: - openssl 0.9.8 does not have - openssl 1.0/libressl has - openssl 1.1 deprecates

5d18d879

2017-03-02T21:09:32

Do not check for ERR_remove_thread_state() (do not link ssl into every library) This reverts commit c4e9d9bd662de7f575f2172c160795d452ebe709 ("sample/https-client: check for ERR_remove_thread_state() existence"). Calling AC_SEARCH_LIBS() modifies LIBS - -lcrypto incorrectly ends up in LIBS, and thus linked to by libevent_core.so. Checking for ERR_remove_thread_state should no longer be needed because it was introduced in openssl 1.0.0, and the previous line 0.9.8 had support discontinued at the end of 2015. Fixes: #473

55cadb2b

2017-02-20T16:55:57

sample/dns-example: fix compiler warning (getopt() returns an int) Signed-off-by: David Disseldorp <ddiss@suse.de> Closes: #449

e139cbac

2017-02-20T14:47:59

sample/https-client: use host SSL certificate store by default Currently a static (Debian) certificate path is used by default, which can be overridden using the -crt parameter. This commit changes the default behaviour such that the openssl default certificate store is used, unless overridden by -crt. Signed-off-by: David Disseldorp <ddiss@suse.de>

d057c45e

2017-01-28T16:42:13

Unbreak build with LibreSSL after openssl 1.1 support added Fixes: 3e9e0a0d46e4 ("Make it build using OpenSSL 1.1.0") Fixes: #445

23f9a20e

2016-12-13T11:54:09

Fix incorrect MIME type

fa58cb1d

2016-11-16T01:16:30

sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)

122bf144

2016-11-14T02:17:38

le-proxy: fix building under openssl 1.1 (init functions has been deprecated) Refs: #397

13a4acda

2016-12-06T13:26:09

https-cilent: fix compilation warnings about unused vars/functions on win32

253e7fa9

2016-12-06T12:08:32

util-internal: fix __func__ redefinition (netbsd) ==> netbsd: In file included from ../listener.c:57:0: ==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default] ==> netbsd: #define __func__ EVENT____func__ ==> netbsd: ^ ==> netbsd: In file included from /usr/include/amd64/types.h:39:0, ==> netbsd: from /usr/include/sys/types.h:45, ==> netbsd: from ../listener.c:30: ==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition ==> netbsd: #define __func__ __PRETTY_FUNCTION__

0abe4eba

2016-12-06T09:54:13

sample/http-connect: fix compilation with VS2010 Fixes: nmathewson/Libevent#137

e9837124

2014-12-13T19:42:42

use ev_uint16_t instead of unsigned short for port Like in `sockaddr_in` structure in /usr/include/netinet/in.h @azat: convert all other users (bench, compat, ..) and tweak message Fixes: #178 Fixes: #196 Refs: 6bf1ca78 Link: https://codereview.appspot.com/156040043/#msg4

3e9e0a0d

2016-09-19T22:05:15

Make it build using OpenSSL 1.1.0 Rebased (azat): - tabs instead of whitespaces - make openssl-compat.h safe for complex expressions - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) TODO: - clean methods_bufferevent Closes: #397 (cherry-picked)

666db91a

2016-06-29T15:11:50

Fix memory leak in signal-test.c

2d3cd353

2016-03-04T19:18:18

sample/hello-world: exAmple, not eXMple Fixes: #334

1bf75956

2016-01-12T02:03:12

http-connect: make it win32 compilable Fixes: commit 1d34498ea31134bd7a8fcadcb95910b30a479e19 ("sample: add HTTP CONNECT tunnelling example using libevent http layer")

fdf713a0

2015-11-24T01:35:25

sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt

c4e9d9bd

2015-11-23T18:44:03

sample/https-client: check for ERR_remove_thread_state() existence Fixes: freebsd 9.2 build

77ad68a6

2015-11-10T20:29:33

sample/https-client: replace ERR_remove_state() by ERR_remove_thread_state() Since ERR_remove_state() is deprecated: $ git log --grep ERR_remove_thread_state commit 2ecd2ededece66bf090fefc93ef3ddb672d9e71a Author: Bodo Möller <bodo@openssl.org> Date: Wed Aug 13 19:30:01 2008 +0000 Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). Link: https://www.openssl.org/docs/manmaster/crypto/ERR_remove_state.html

3316a210

2015-11-10T20:26:50

Add missing <string.h> for openssl_hostname_validation module Now it included by openssl, but nfter openssl/openssl@master-post-reformat-1494-g6329b60 it will print warning (apparently they dropped <string.h> from the generic headers).

4637aa88

2015-09-02T19:34:52

sample/https-client: add -timeout option

f3d7ff5d

2015-08-19T13:22:49

sample/https-client: don't try to free uninitialized SSL sample/https-client.c:459:3: warning: ‘ssl’ may be used uninitialized in this function [-Wmaybe-uninitialized] SSL_free(ssl);

24a1f25a

2015-08-19T13:19:41

sample/https-client: graceful exit with freeing memory (to make valgrind happy)

29a04825

2015-04-02T20:42:54

https-client: correctly handle URLs with no path (like "https://host:port") path == NULL check removed Fixes: #233 Fixes: #234

6dc71e70

2015-08-18T21:57:28

sample/http-connect: don't use assert() to make it work with NDEBUG Otherwise it will not work for cmake release target type.

f976d436

2015-08-18T21:29:03

sample/http-connect: made it compatible with C90

1d34498e

2015-08-18T12:18:31

sample: add HTTP CONNECT tunnelling example using libevent http layer

620ff243

2015-06-17T08:05:53

Update dns-example. There's somebody out there who is going to have a compiler from 1986 who will complain. Better to fix c99 now.

bde231d7

2015-06-17T08:00:19

Merge pull request #183 from azat/dns-example Some improvements for dns-example

df19a970

2014-11-08T15:51:49

dns-example: allow to set ns from args We can't do this using resolv.conf: $ dns-example -v -c <(echo nameserver 127.0.0.1:10053) ya.ru Because of how evutil_read_file_() works (using fstat()) And actually glibc for example will not use port from nameserver line, and because of inet_aton() it will fail if nameserver will have arbitary port: (gdb) p inet_aton("127.0.0.1", malloc(10000)) $1 = 1 (gdb) p inet_aton("127.0.0.1:53", malloc(10000)) $2 = 0 From glibc/resolv/res_init.c: if (MATCH(buf, "nameserver") && nserv < MAXNS) { struct in_addr a; cp = buf + sizeof("nameserver") - 1; while (*cp == ' ' || *cp == '\t') cp++; if ((*cp != '\0') && (*cp != '\n') && __inet_aton(cp, &a)) { statp->nsaddr_list[nservall].sin_addr = a; statp->nsaddr_list[nservall].sin_family = AF_INET; statp->nsaddr_list[nservall].sin_port = htons(NAMESERVER_PORT);

32f8592c

2014-11-08T15:41:33

dns-example: convert to getopt()

2e2d18bc

2014-10-09T11:29:17

Merge pull request #170 from azat/https-client-retries https-client: add -retries argument, for connection retries

5c7282f7

2014-09-24T13:46:09

Fix compilation for older OpenSSL versions. For instance OpenSSL 0.9.7 does not have SSL_set_tlsext_host_name. Also add the missing EVENT__DISABLE_SAMPLES CMake option.

d9da8443

2014-09-21T18:36:29

https-client: add -retries argument, for connection retries Using evhttp_connection_set_retries() API.

8bf769c4

2014-08-29T14:32:10

Merge remote-tracking branch 'origin/patches-2.0' Conflicts: sample/http-server.c

6466e88a

2014-08-29T14:31:07

Use FindClose for handle from FindFirstFile in http-server.c Noted by Miles Chan as issue #145

0c492b33

2014-06-13T17:07:50

add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.

6d72bdca

2014-05-30T13:53:27

Make http-server.c output into good html5

462e6b60

2014-03-12T12:45:41

add a cast to https-client.c

e212c548

2014-01-22T13:19:49

Check for OSX when checking for clang.

d7be7887

2014-01-22T11:15:17

Fix https-client compilation on Windows. ssize_t is not defined. But using ssize_t for s in this context makes no sense, since fread returns size_t.

4cb44fdf

2014-01-21T14:26:01

Merge remote-tracking branch 'joakimsoderberg/new_cmake' Conflicts: sample/https-client.c

8b40a5b0

2014-01-21T11:35:21

Check if we're on OSX before disabling deprecation in le-proxy

4e143958

2014-01-21T11:30:27

Change all uses of WIN32 to _WIN32

88ecda3b

2013-12-24T14:37:30

Fix a couple of "#ifdef WIN32" instances

d1976f8e

2013-12-24T14:05:44

Sample HTTPS Client: Set hostname for SNI extension (by f69m) Patch from f69m on SourceForge

90786eb0

2013-12-24T12:59:36

Small tweaks to https-client.c

2fbc3b14

2013-12-24T12:45:22

Merge remote-tracking branch 'resetius/https'

0ef1d04e

2013-12-17T14:32:07

Get rid of unknown pragma warnings.

69c3516b

2013-12-17T13:28:23

Get rid of deprecation warnings for OpenSSL on OSX 10.7+

19222e52

2013-12-13T17:00:23

Added some GCC specific options. - Added sample applications. - Fixed the https-client to work on Windows kind of (No cert validation).

6171e1c2

2013-08-13T18:19:50

sample: drop uri_root from base_url in http-server. By default there is "0.0.0.0", and this address will work only from the same machine, and besides there is no need in uri_root in base_url, because it will be added automatically by browser.

44b2491b

2013-08-06T19:23:36

sample/le-proxy: Fail more gracefully if opening listener fails

eb6b0c1f

2013-04-25T10:47:16

Merge branch '21_evdns_disable_when_inactive'

6b7fa620

2013-03-27T20:15:46

evdns: New flag to make evdns not prevent the event loop from exiting Here is the brief description of problem: When you are use evdns to resolve domains to IP adresses (see ./sample/dns-example) you loop never returns from event_base_dispatch(), and because of this the program will never terminated. Because existing programs may be depending on the old behavior, we only apply the fix when evdns_base_new() is created with a new flag - EVDNS_BASE_DISABLE_WHEN_INACTIVE. (Commit message edited by Nick while squashing the branch.)

29af65eb

2013-04-14T15:41:44

https-client: code cleanup

902bf21e

2013-04-14T15:12:22

Merge branch 'master' of https://github.com/libevent/libevent into https

95acdaa3

2013-04-10T17:56:54

Another tweak to https-client.c

8a90a850

2013-04-10T13:53:44

Remove http_struct.h usage in sample/https-client.c

c5887f73

2013-03-11T18:31:19

POST supported, args supported

4db9da6b

2013-02-27T21:12:53

pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.

6021cb50

2013-02-27T21:19:16

avoid sign mismatch warning in openssl_hostname_validation.c sample/openssl_hostname_validation.c: In function 'matches_common_name': sample/openssl_hostname_validation.c:80: warning: comparison between signed and unsigned integer expressions sample/openssl_hostname_validation.c: In function 'matches_subject_alternative_name': sample/openssl_hostname_validation.c:124: warning: comparison between signed and unsigned integer expressions

64d9f161

2013-02-27T17:16:27

use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for *.pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."

aacd674c

2013-02-26T00:06:50

use Debian's default root certificate location as suggested here: http://archives.seul.org/libevent/users/Feb-2013/msg00034.html although curl's acinclude.m4 reveals many other possibilities: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat dnl /usr/local/share/certs/ca-root.crt FreeBSD dnl /etc/ssl/cert.pem OpenBSD dnl /etc/ssl/certs/ (ca path) SUSE And none of these cover Windows :(

5754d96a

2013-02-25T23:43:05

better handling of OpenSSL errors

42d7441a

2013-02-25T23:14:26

https-client was putting newlines at 256-byte boundaries presumably this was meant to put a ">" before every line, but that isn't what it does, since evbuffer_remove is simply returning fixed-size chunks. So, when retrieving a document of more than 256 bytes (e. g. any nontrivial document), we got "> " and newlines thrown in at very arbitrary places.

bf31fa5d

2013-02-27T16:31:17

use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.

be46c99b

2013-02-19T12:22:31

Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>

f324b1df

2013-01-22T17:10:07

Merge remote-tracking branch 'origin/patches-2.0'

c322c207

2013-01-22T16:59:07

Fix a mistake in evbuffer_remove() arguments in example http server code (commit message by nickm)

kc3-lang/libevent/sample

sample

Log