kmx git

Commit	Date	Message
e9478640	2019-09-15T21:45:26	https-client: load certificates from the system cert store on Windows (cherry picked from commit 572a565130d40172e1f2b5ac83d0cdffd502105b)
fc51bf2c	2019-09-05T23:31:19	Fix checking return value of the evdns_base_resolv_conf_parse() Reported-by: Maxim Gorbachyov <maxim.gorbachyov@gmail.com> (cherry picked from commit c3f353450e94248ee677a068ed2c4ed29d64f79e)
4a6f1ccf	2019-08-21T01:10:19	sample/http-server: fix parameter parsing argv[1] is currently unconditionally passed as the docroot to send_document_cb(). This is broken if any optional parameters are provided, such as -p <port>. Signed-off-by: David Disseldorp <ddiss@samba.org> (cherry picked from commit 7d71214e02646a31eede66ad5badf695a2ab2058)
f9d7ac0d	2019-08-21T01:00:07	sample/signal-test: fix use of uninitialized variable signal_int is uninitialized in the !base error path. Signed-off-by: David Disseldorp <ddiss@samba.org> (cherry picked from commit a0276292a5e783c30643992897c7597f0db2cc96)
ec52e6af	2019-08-06T18:19:15	Fix typos in comments (sample/test/event-internal.h) (cherry picked from commit 9c151f3c3413c5ee6bad498aca84be481196bbc7)
317b026b	2019-08-08T21:28:20	sample/signal-test: add NULL checks Fixes: #865 (cherry picked from commit 101fbe31005c07cde0fdbdb38a4f6c3499e07edc)
a8a04565	2019-05-30T17:38:49	https-client: correction error checking When connecting to a non-existent HTTPS service, the "req" is not null but the "evhttp_request_get_response_code(req)" is zero. Closes: #822 (cherry-picked) (cherry picked from commit 891dd1880fed8c5e1e98f122daeb1ae8414f6b1c)
faa4e373	2019-05-21T10:59:05	time-test: disable buffering (mostly for windows) (cherry picked from commit 4c774b6ceb94d7c40c459e39c82ae7eb782823f8)
7c4da937	2019-05-12T19:06:43	Merge branch 'issue-807-accept4-getnameinfo-AF_UNIX' * issue-807-accept4-getnameinfo-AF_UNIX: http-server: add usage/help dialog http: avoid use of uninitialized value for AF_UNIX/AF_LOCAL sockaddr http-server: add ability to bind to unix-socket build: struct sockaddr_un detection (sys/un.h, afunix.h) Fixes: #807 (cherry picked from commit 76eded24d3b0c3fc48c5a888906cc9043223101b)
c0adad8f	2019-04-03T23:22:54	https-client: do not try to free not initialized base Otherwise: $ https-client --help Syntax: https-client -url <https-url> [-data data-file.bin] [-ignore-cert] [-retries num] [-timeout sec] [-crt crt] Example: https-client -url https://ip.appspot.com/ [warn] event_base_free_: no base to free (cherry picked from commit 428f36e5dd8f2a45ea5795fb9f35dd27a776e3a8)
2a1e1530	2019-04-18T17:10:33	le-proxy: initiate use of the Winsock DLL Closes: #803 (cherry-picked) (cherry picked from commit 16d8564a2cd2ec665b577f39eea6583d4b651e92)
8eb00842	2019-01-29T01:23:02	s/http-server: fix cleanup routines Fixes: bdd71f18 ("s/http-server: graceful cleanup") (cherry picked from commit afdccee9b3648a76e119fb4d5f922191cd09d748)
84f6fb41	2018-11-13T23:23:09	s/http-server: check for EVTHREAD_USE_WINDOWS_THREADS_IMPLEMENTED (cherry picked from commit 56f3bdefcae915af3107ab20cc7548d048d56421)
b6309bcc	2018-11-13T11:10:25	Merge branch 'sample-http-server' Some improvements for http-server sample: - getopt - persistent port via -p option - IOCP for win32 via -I - disable buffering - enable debug logging via -v/EVENT_DEBUG_LOGGING_ALL - cleanup (by signal and separate error path on errors) * sample-http-server: s/http-server: graceful cleanup s/http-server: enable debug logging if EVENT_DEBUG_LOGGING_ALL env isset s/http-server: turn off buffering (otherwise do output on win32) s/http-server: add an option to use IOCP s/http-server: add options (for persistent port) Refs: #709 (cherry picked from commit 9a4b8ec1b64fab27544f154076261afdf1efac07)
d0cde454	2018-08-09T14:47:17	dns-example: free result in getaddrinfo callback According to evdns.c, the result not freed by libevent after the callback runs: evdns_getaddrinfo_gotresolve() { ... data->user_cb(0, data->pending_result, data->user_data); data->pending_result = NULL; ... } To reproduce, build with -fsanitize=address, add -g to the getopt list in dns-example.c like in the current commit and run dns-example -g google.com Closes: #681 # cherry-picked (cherry picked from commit 855f0804305a545da6880850d16809969ce72edd)
894ca48a	2018-04-02T13:18:27	Fix build with LibreSSL 2.7 LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init() See also: https://bugs.freebsd.org/226900 Signed-off-by: Bernard Spil <brnrd@FreeBSD.org> Closes: #617 (cherry-pick) (cherry picked from commit 28b8075400c70b2d2da2ce07e590c2ec6d11783d)
01bc36c1	2017-11-22T10:33:15	Add missing includes into openssl-compat.h Before it depends from the caller #include appropriate headers (at least for OPENSSL_VERSION_NUMBER), but let's make it independent. Fixes: #574 (cherry picked from commit c2c08e0203da93938fe35234fa3a1be4d1c3c2e1)
27b59783	2017-11-20T02:07:54	Free dns/event bases in dns-example to avoid leaks (cherry picked from commit 33e363f3dfcd21f5125134395e4a7b3531bc3066)
c2495265	2017-08-21T01:08:15	autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550 (cherry picked from commit 0ec5edde503096a81831f36441a4115574ac45f0)
449f5a57	2017-05-29T16:24:48	le-proxy: fix compiling under win32 (because of no "inline" in C) Include <util-internal.h> for regular "inline", since it is used everywhere. (cherry picked from commit 74a2f5935abc78cc9479f649e96c2e090623aa84)
c544222f	2017-05-28T16:38:20	http-connect: exit on error (cherry picked from commit d22e12eefa11aab34b95e8b07b823f3ad0597239)
56a52003	2017-04-25T23:10:13	le-proxy: add missing return statement (UAF) Refs: #501501501501501501501501501 (cherry picked from commit 00ae45fe53e9e01f61f97c90deba1deb6ac1bc9f)
e7bd9e03	2017-03-06T02:46:23	Merge branch 'fix-openssl-linking' * fix-openssl-linking: sample/https-client: use ERR_remove_*state() when we have them Do not check for ERR_remove_thread_state() (do not link ssl into every library) Closes: #476 (cherry picked from commit 98faf19895bd6aa41c68f7da050179e207f05ae1)
d3e1c440	2017-02-20T16:55:57	sample/dns-example: fix compiler warning (getopt() returns an int) Signed-off-by: David Disseldorp <ddiss@suse.de> Closes: #449 (cherry picked from commit 55cadb2b03c95505f6adbb836f0e975772d80bce)
5c0132f3	2017-02-20T14:47:59	sample/https-client: use host SSL certificate store by default Currently a static (Debian) certificate path is used by default, which can be overridden using the -crt parameter. This commit changes the default behaviour such that the openssl default certificate store is used, unless overridden by -crt. Signed-off-by: David Disseldorp <ddiss@suse.de> (cherry picked from commit e139cbac0a277cc4eff58bff345fbbcaf0858903)
230af9f0	2017-01-28T16:42:13	Unbreak build with LibreSSL after openssl 1.1 support added Fixes: 3e9e0a0d46e4 ("Make it build using OpenSSL 1.1.0") Fixes: #445 (cherry picked from commit d057c45e8f48aa90d8b340cac4c8ae4cc8b5d0ac)
23f9a20e	2016-12-13T11:54:09	Fix incorrect MIME type
fa58cb1d	2016-11-16T01:16:30	sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)
122bf144	2016-11-14T02:17:38	le-proxy: fix building under openssl 1.1 (init functions has been deprecated) Refs: #397
13a4acda	2016-12-06T13:26:09	https-cilent: fix compilation warnings about unused vars/functions on win32
253e7fa9	2016-12-06T12:08:32	util-internal: fix __func__ redefinition (netbsd) ==> netbsd: In file included from ../listener.c:57:0: ==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default] ==> netbsd: #define __func__ EVENT____func__ ==> netbsd: ^ ==> netbsd: In file included from /usr/include/amd64/types.h:39:0, ==> netbsd: from /usr/include/sys/types.h:45, ==> netbsd: from ../listener.c:30: ==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition ==> netbsd: #define __func__ __PRETTY_FUNCTION__
0abe4eba	2016-12-06T09:54:13	sample/http-connect: fix compilation with VS2010 Fixes: nmathewson/Libevent#137
e9837124	2014-12-13T19:42:42	use ev_uint16_t instead of unsigned short for port Like in `sockaddr_in` structure in /usr/include/netinet/in.h @azat: convert all other users (bench, compat, ..) and tweak message Fixes: #178 Fixes: #196 Refs: 6bf1ca78 Link: https://codereview.appspot.com/156040043/#msg4
3e9e0a0d	2016-09-19T22:05:15	Make it build using OpenSSL 1.1.0 Rebased (azat): - tabs instead of whitespaces - make openssl-compat.h safe for complex expressions - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) TODO: - clean methods_bufferevent Closes: #397 (cherry-picked)
666db91a	2016-06-29T15:11:50	Fix memory leak in signal-test.c
2d3cd353	2016-03-04T19:18:18	sample/hello-world: exAmple, not eXMple Fixes: #334
1bf75956	2016-01-12T02:03:12	http-connect: make it win32 compilable Fixes: commit 1d34498ea31134bd7a8fcadcb95910b30a479e19 ("sample: add HTTP CONNECT tunnelling example using libevent http layer")
fdf713a0	2015-11-24T01:35:25	sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt
c4e9d9bd	2015-11-23T18:44:03	sample/https-client: check for ERR_remove_thread_state() existence Fixes: freebsd 9.2 build
77ad68a6	2015-11-10T20:29:33	sample/https-client: replace ERR_remove_state() by ERR_remove_thread_state() Since ERR_remove_state() is deprecated: $ git log --grep ERR_remove_thread_state commit 2ecd2ededece66bf090fefc93ef3ddb672d9e71a Author: Bodo Möller <bodo@openssl.org> Date: Wed Aug 13 19:30:01 2008 +0000 Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). Link: https://www.openssl.org/docs/manmaster/crypto/ERR_remove_state.html
3316a210	2015-11-10T20:26:50	Add missing <string.h> for openssl_hostname_validation module Now it included by openssl, but nfter openssl/openssl@master-post-reformat-1494-g6329b60 it will print warning (apparently they dropped <string.h> from the generic headers).
4637aa88	2015-09-02T19:34:52	sample/https-client: add -timeout option
f3d7ff5d	2015-08-19T13:22:49	sample/https-client: don't try to free uninitialized SSL sample/https-client.c:459:3: warning: ‘ssl’ may be used uninitialized in this function [-Wmaybe-uninitialized] SSL_free(ssl);
24a1f25a	2015-08-19T13:19:41	sample/https-client: graceful exit with freeing memory (to make valgrind happy)
29a04825	2015-04-02T20:42:54	https-client: correctly handle URLs with no path (like "https://host:port") path == NULL check removed Fixes: #233 Fixes: #234
6dc71e70	2015-08-18T21:57:28	sample/http-connect: don't use assert() to make it work with NDEBUG Otherwise it will not work for cmake release target type.
f976d436	2015-08-18T21:29:03	sample/http-connect: made it compatible with C90
1d34498e	2015-08-18T12:18:31	sample: add HTTP CONNECT tunnelling example using libevent http layer
620ff243	2015-06-17T08:05:53	Update dns-example. There's somebody out there who is going to have a compiler from 1986 who will complain. Better to fix c99 now.
bde231d7	2015-06-17T08:00:19	Merge pull request #183 from azat/dns-example Some improvements for dns-example
df19a970	2014-11-08T15:51:49	dns-example: allow to set ns from args We can't do this using resolv.conf: $ dns-example -v -c <(echo nameserver 127.0.0.1:10053) ya.ru Because of how evutil_read_file_() works (using fstat()) And actually glibc for example will not use port from nameserver line, and because of inet_aton() it will fail if nameserver will have arbitary port: (gdb) p inet_aton("127.0.0.1", malloc(10000)) $1 = 1 (gdb) p inet_aton("127.0.0.1:53", malloc(10000)) $2 = 0 From glibc/resolv/res_init.c: if (MATCH(buf, "nameserver") && nserv < MAXNS) { struct in_addr a; cp = buf + sizeof("nameserver") - 1; while (cp == ' ' \|\| cp == '\t') cp++; if ((cp != '\0') && (cp != '\n') && __inet_aton(cp, &a)) { statp->nsaddr_list[nservall].sin_addr = a; statp->nsaddr_list[nservall].sin_family = AF_INET; statp->nsaddr_list[nservall].sin_port = htons(NAMESERVER_PORT);
32f8592c	2014-11-08T15:41:33	dns-example: convert to getopt()
2e2d18bc	2014-10-09T11:29:17	Merge pull request #170 from azat/https-client-retries https-client: add -retries argument, for connection retries
5c7282f7	2014-09-24T13:46:09	Fix compilation for older OpenSSL versions. For instance OpenSSL 0.9.7 does not have SSL_set_tlsext_host_name. Also add the missing EVENT__DISABLE_SAMPLES CMake option.
d9da8443	2014-09-21T18:36:29	https-client: add -retries argument, for connection retries Using evhttp_connection_set_retries() API.
8bf769c4	2014-08-29T14:32:10	Merge remote-tracking branch 'origin/patches-2.0' Conflicts: sample/http-server.c
6466e88a	2014-08-29T14:31:07	Use FindClose for handle from FindFirstFile in http-server.c Noted by Miles Chan as issue #145
0c492b33	2014-06-13T17:07:50	add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.
6d72bdca	2014-05-30T13:53:27	Make http-server.c output into good html5
462e6b60	2014-03-12T12:45:41	add a cast to https-client.c
e212c548	2014-01-22T13:19:49	Check for OSX when checking for clang.
d7be7887	2014-01-22T11:15:17	Fix https-client compilation on Windows. ssize_t is not defined. But using ssize_t for s in this context makes no sense, since fread returns size_t.
4cb44fdf	2014-01-21T14:26:01	Merge remote-tracking branch 'joakimsoderberg/new_cmake' Conflicts: sample/https-client.c
8b40a5b0	2014-01-21T11:35:21	Check if we're on OSX before disabling deprecation in le-proxy
4e143958	2014-01-21T11:30:27	Change all uses of WIN32 to _WIN32
88ecda3b	2013-12-24T14:37:30	Fix a couple of "#ifdef WIN32" instances
d1976f8e	2013-12-24T14:05:44	Sample HTTPS Client: Set hostname for SNI extension (by f69m) Patch from f69m on SourceForge
90786eb0	2013-12-24T12:59:36	Small tweaks to https-client.c
2fbc3b14	2013-12-24T12:45:22	Merge remote-tracking branch 'resetius/https'
0ef1d04e	2013-12-17T14:32:07	Get rid of unknown pragma warnings.
69c3516b	2013-12-17T13:28:23	Get rid of deprecation warnings for OpenSSL on OSX 10.7+
19222e52	2013-12-13T17:00:23	Added some GCC specific options. - Added sample applications. - Fixed the https-client to work on Windows kind of (No cert validation).
6171e1c2	2013-08-13T18:19:50	sample: drop uri_root from base_url in http-server. By default there is "0.0.0.0", and this address will work only from the same machine, and besides there is no need in uri_root in base_url, because it will be added automatically by browser.
44b2491b	2013-08-06T19:23:36	sample/le-proxy: Fail more gracefully if opening listener fails
eb6b0c1f	2013-04-25T10:47:16	Merge branch '21_evdns_disable_when_inactive'
6b7fa620	2013-03-27T20:15:46	evdns: New flag to make evdns not prevent the event loop from exiting Here is the brief description of problem: When you are use evdns to resolve domains to IP adresses (see ./sample/dns-example) you loop never returns from event_base_dispatch(), and because of this the program will never terminated. Because existing programs may be depending on the old behavior, we only apply the fix when evdns_base_new() is created with a new flag - EVDNS_BASE_DISABLE_WHEN_INACTIVE. (Commit message edited by Nick while squashing the branch.)
29af65eb	2013-04-14T15:41:44	https-client: code cleanup
902bf21e	2013-04-14T15:12:22	Merge branch 'master' of https://github.com/libevent/libevent into https
95acdaa3	2013-04-10T17:56:54	Another tweak to https-client.c
8a90a850	2013-04-10T13:53:44	Remove http_struct.h usage in sample/https-client.c
c5887f73	2013-03-11T18:31:19	POST supported, args supported
4db9da6b	2013-02-27T21:12:53	pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.
6021cb50	2013-02-27T21:19:16	avoid sign mismatch warning in openssl_hostname_validation.c sample/openssl_hostname_validation.c: In function 'matches_common_name': sample/openssl_hostname_validation.c:80: warning: comparison between signed and unsigned integer expressions sample/openssl_hostname_validation.c: In function 'matches_subject_alternative_name': sample/openssl_hostname_validation.c:124: warning: comparison between signed and unsigned integer expressions
64d9f161	2013-02-27T17:16:27	use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for .pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."
aacd674c	2013-02-26T00:06:50	use Debian's default root certificate location as suggested here: http://archives.seul.org/libevent/users/Feb-2013/msg00034.html although curl's acinclude.m4 reveals many other possibilities: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat dnl /usr/local/share/certs/ca-root.crt FreeBSD dnl /etc/ssl/cert.pem OpenBSD dnl /etc/ssl/certs/ (ca path) SUSE And none of these cover Windows :(
5754d96a	2013-02-25T23:43:05	better handling of OpenSSL errors
42d7441a	2013-02-25T23:14:26	https-client was putting newlines at 256-byte boundaries presumably this was meant to put a ">" before every line, but that isn't what it does, since evbuffer_remove is simply returning fixed-size chunks. So, when retrieving a document of more than 256 bytes (e. g. any nontrivial document), we got "> " and newlines thrown in at very arbitrary places.
bf31fa5d	2013-02-27T16:31:17	use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.
be46c99b	2013-02-19T12:22:31	Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>
f324b1df	2013-01-22T17:10:07	Merge remote-tracking branch 'origin/patches-2.0'
c322c207	2013-01-22T16:59:07	Fix a mistake in evbuffer_remove() arguments in example http server code (commit message by nickm)
9e8cdf3d	2012-09-21T08:38:56	Fix comment to refer to sample/include.am correctly
2e6a9850	2012-11-01T18:12:07	Merge remote-tracking branch 'github/20_win64_compilation' into 21_win64_compilation Conflicts: event.c http.c sample/event-read-fifo.c test/regress_bufferevent.c
6810908a	2012-11-01T18:05:27	Fix some warnings found cross-compiling with mingw32
94866c27	2012-11-01T17:38:34	Compile without warnings on mingw64 This is mostly a matter of catching cases where we were still assuming that evutil_socket_t could be used as an int.
6cdfeebe	2012-08-28T16:01:14	Rename subordinate Makefile.ams to include.am
7092f3b6	2012-08-28T15:58:18	Switch to non-recursive makefiles This approach should let Make work better, let libevent build faster (especially when using a parallelized build), and basically make the Makefiles easier to maintain. See http://miller.emu.id.au/pmiller/books/rmch/ for more info on why you'd want to do this. This is due to an idea from Zack Weinberg; the patch is my own.
4b70286e	2012-05-02T17:12:23	Merge remote-tracking branch 'origin/patches-2.0' Conflicts: ChangeLog README evdns.c sample/dns-example.c
6610fa5a	2012-05-01T17:07:50	dns-example.c can now take a resolv.conf file on the commandline
2711cda3	2012-04-20T12:14:20	Split long lists in Makefile.am into one-item-per-line

e9478640

2019-09-15T21:45:26

https-client: load certificates from the system cert store on Windows (cherry picked from commit 572a565130d40172e1f2b5ac83d0cdffd502105b)

fc51bf2c

2019-09-05T23:31:19

Fix checking return value of the evdns_base_resolv_conf_parse() Reported-by: Maxim Gorbachyov <maxim.gorbachyov@gmail.com> (cherry picked from commit c3f353450e94248ee677a068ed2c4ed29d64f79e)

4a6f1ccf

2019-08-21T01:10:19

sample/http-server: fix parameter parsing argv[1] is currently unconditionally passed as the docroot to send_document_cb(). This is broken if any optional parameters are provided, such as -p <port>. Signed-off-by: David Disseldorp <ddiss@samba.org> (cherry picked from commit 7d71214e02646a31eede66ad5badf695a2ab2058)

f9d7ac0d

2019-08-21T01:00:07

sample/signal-test: fix use of uninitialized variable signal_int is uninitialized in the !base error path. Signed-off-by: David Disseldorp <ddiss@samba.org> (cherry picked from commit a0276292a5e783c30643992897c7597f0db2cc96)

ec52e6af

2019-08-06T18:19:15

Fix typos in comments (sample/test/event-internal.h) (cherry picked from commit 9c151f3c3413c5ee6bad498aca84be481196bbc7)

317b026b

2019-08-08T21:28:20

sample/signal-test: add NULL checks Fixes: #865 (cherry picked from commit 101fbe31005c07cde0fdbdb38a4f6c3499e07edc)

a8a04565

2019-05-30T17:38:49

https-client: correction error checking When connecting to a non-existent HTTPS service, the "req" is not null but the "evhttp_request_get_response_code(req)" is zero. Closes: #822 (cherry-picked) (cherry picked from commit 891dd1880fed8c5e1e98f122daeb1ae8414f6b1c)

faa4e373

2019-05-21T10:59:05

time-test: disable buffering (mostly for windows) (cherry picked from commit 4c774b6ceb94d7c40c459e39c82ae7eb782823f8)

7c4da937

2019-05-12T19:06:43

Merge branch 'issue-807-accept4-getnameinfo-AF_UNIX' * issue-807-accept4-getnameinfo-AF_UNIX: http-server: add usage/help dialog http: avoid use of uninitialized value for AF_UNIX/AF_LOCAL sockaddr http-server: add ability to bind to unix-socket build: struct sockaddr_un detection (sys/un.h, afunix.h) Fixes: #807 (cherry picked from commit 76eded24d3b0c3fc48c5a888906cc9043223101b)

c0adad8f

2019-04-03T23:22:54

https-client: do not try to free not initialized base Otherwise: $ https-client --help Syntax: https-client -url <https-url> [-data data-file.bin] [-ignore-cert] [-retries num] [-timeout sec] [-crt crt] Example: https-client -url https://ip.appspot.com/ [warn] event_base_free_: no base to free (cherry picked from commit 428f36e5dd8f2a45ea5795fb9f35dd27a776e3a8)

2a1e1530

2019-04-18T17:10:33

le-proxy: initiate use of the Winsock DLL Closes: #803 (cherry-picked) (cherry picked from commit 16d8564a2cd2ec665b577f39eea6583d4b651e92)

8eb00842

2019-01-29T01:23:02

s/http-server: fix cleanup routines Fixes: bdd71f18 ("s/http-server: graceful cleanup") (cherry picked from commit afdccee9b3648a76e119fb4d5f922191cd09d748)

84f6fb41

2018-11-13T23:23:09

s/http-server: check for EVTHREAD_USE_WINDOWS_THREADS_IMPLEMENTED (cherry picked from commit 56f3bdefcae915af3107ab20cc7548d048d56421)

b6309bcc

2018-11-13T11:10:25

Merge branch 'sample-http-server' Some improvements for http-server sample: - getopt - persistent port via -p option - IOCP for win32 via -I - disable buffering - enable debug logging via -v/EVENT_DEBUG_LOGGING_ALL - cleanup (by signal and separate error path on errors) * sample-http-server: s/http-server: graceful cleanup s/http-server: enable debug logging if EVENT_DEBUG_LOGGING_ALL env isset s/http-server: turn off buffering (otherwise do output on win32) s/http-server: add an option to use IOCP s/http-server: add options (for persistent port) Refs: #709 (cherry picked from commit 9a4b8ec1b64fab27544f154076261afdf1efac07)

d0cde454

2018-08-09T14:47:17

dns-example: free result in getaddrinfo callback According to evdns.c, the result not freed by libevent after the callback runs: evdns_getaddrinfo_gotresolve() { ... data->user_cb(0, data->pending_result, data->user_data); data->pending_result = NULL; ... } To reproduce, build with -fsanitize=address, add -g to the getopt list in dns-example.c like in the current commit and run dns-example -g google.com Closes: #681 # cherry-picked (cherry picked from commit 855f0804305a545da6880850d16809969ce72edd)

894ca48a

2018-04-02T13:18:27

Fix build with LibreSSL 2.7 LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init() See also: https://bugs.freebsd.org/226900 Signed-off-by: Bernard Spil <brnrd@FreeBSD.org> Closes: #617 (cherry-pick) (cherry picked from commit 28b8075400c70b2d2da2ce07e590c2ec6d11783d)

01bc36c1

2017-11-22T10:33:15

Add missing includes into openssl-compat.h Before it depends from the caller #include appropriate headers (at least for OPENSSL_VERSION_NUMBER), but let's make it independent. Fixes: #574 (cherry picked from commit c2c08e0203da93938fe35234fa3a1be4d1c3c2e1)

27b59783

2017-11-20T02:07:54

Free dns/event bases in dns-example to avoid leaks (cherry picked from commit 33e363f3dfcd21f5125134395e4a7b3531bc3066)

c2495265

2017-08-21T01:08:15

autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550 (cherry picked from commit 0ec5edde503096a81831f36441a4115574ac45f0)

449f5a57

2017-05-29T16:24:48

le-proxy: fix compiling under win32 (because of no "inline" in C) Include <util-internal.h> for regular "inline", since it is used everywhere. (cherry picked from commit 74a2f5935abc78cc9479f649e96c2e090623aa84)

c544222f

2017-05-28T16:38:20

http-connect: exit on error (cherry picked from commit d22e12eefa11aab34b95e8b07b823f3ad0597239)

56a52003

2017-04-25T23:10:13

le-proxy: add missing return statement (UAF) Refs: #501501501501501501501501501 (cherry picked from commit 00ae45fe53e9e01f61f97c90deba1deb6ac1bc9f)

e7bd9e03

2017-03-06T02:46:23

Merge branch 'fix-openssl-linking' * fix-openssl-linking: sample/https-client: use ERR_remove_*state() when we have them Do not check for ERR_remove_thread_state() (do not link ssl into every library) Closes: #476 (cherry picked from commit 98faf19895bd6aa41c68f7da050179e207f05ae1)

d3e1c440

2017-02-20T16:55:57

sample/dns-example: fix compiler warning (getopt() returns an int) Signed-off-by: David Disseldorp <ddiss@suse.de> Closes: #449 (cherry picked from commit 55cadb2b03c95505f6adbb836f0e975772d80bce)

5c0132f3

2017-02-20T14:47:59

sample/https-client: use host SSL certificate store by default Currently a static (Debian) certificate path is used by default, which can be overridden using the -crt parameter. This commit changes the default behaviour such that the openssl default certificate store is used, unless overridden by -crt. Signed-off-by: David Disseldorp <ddiss@suse.de> (cherry picked from commit e139cbac0a277cc4eff58bff345fbbcaf0858903)

230af9f0

2017-01-28T16:42:13

Unbreak build with LibreSSL after openssl 1.1 support added Fixes: 3e9e0a0d46e4 ("Make it build using OpenSSL 1.1.0") Fixes: #445 (cherry picked from commit d057c45e8f48aa90d8b340cac4c8ae4cc8b5d0ac)

23f9a20e

2016-12-13T11:54:09

Fix incorrect MIME type

fa58cb1d

2016-11-16T01:16:30

sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)

122bf144

2016-11-14T02:17:38

le-proxy: fix building under openssl 1.1 (init functions has been deprecated) Refs: #397

13a4acda

2016-12-06T13:26:09

https-cilent: fix compilation warnings about unused vars/functions on win32

253e7fa9

2016-12-06T12:08:32

util-internal: fix __func__ redefinition (netbsd) ==> netbsd: In file included from ../listener.c:57:0: ==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default] ==> netbsd: #define __func__ EVENT____func__ ==> netbsd: ^ ==> netbsd: In file included from /usr/include/amd64/types.h:39:0, ==> netbsd: from /usr/include/sys/types.h:45, ==> netbsd: from ../listener.c:30: ==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition ==> netbsd: #define __func__ __PRETTY_FUNCTION__

0abe4eba

2016-12-06T09:54:13

sample/http-connect: fix compilation with VS2010 Fixes: nmathewson/Libevent#137

e9837124

2014-12-13T19:42:42

use ev_uint16_t instead of unsigned short for port Like in `sockaddr_in` structure in /usr/include/netinet/in.h @azat: convert all other users (bench, compat, ..) and tweak message Fixes: #178 Fixes: #196 Refs: 6bf1ca78 Link: https://codereview.appspot.com/156040043/#msg4

3e9e0a0d

2016-09-19T22:05:15

Make it build using OpenSSL 1.1.0 Rebased (azat): - tabs instead of whitespaces - make openssl-compat.h safe for complex expressions - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) TODO: - clean methods_bufferevent Closes: #397 (cherry-picked)

666db91a

2016-06-29T15:11:50

Fix memory leak in signal-test.c

2d3cd353

2016-03-04T19:18:18

sample/hello-world: exAmple, not eXMple Fixes: #334

1bf75956

2016-01-12T02:03:12

http-connect: make it win32 compilable Fixes: commit 1d34498ea31134bd7a8fcadcb95910b30a479e19 ("sample: add HTTP CONNECT tunnelling example using libevent http layer")

fdf713a0

2015-11-24T01:35:25

sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt

c4e9d9bd

2015-11-23T18:44:03

sample/https-client: check for ERR_remove_thread_state() existence Fixes: freebsd 9.2 build

77ad68a6

2015-11-10T20:29:33

sample/https-client: replace ERR_remove_state() by ERR_remove_thread_state() Since ERR_remove_state() is deprecated: $ git log --grep ERR_remove_thread_state commit 2ecd2ededece66bf090fefc93ef3ddb672d9e71a Author: Bodo Möller <bodo@openssl.org> Date: Wed Aug 13 19:30:01 2008 +0000 Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). Link: https://www.openssl.org/docs/manmaster/crypto/ERR_remove_state.html

3316a210

2015-11-10T20:26:50

Add missing <string.h> for openssl_hostname_validation module Now it included by openssl, but nfter openssl/openssl@master-post-reformat-1494-g6329b60 it will print warning (apparently they dropped <string.h> from the generic headers).

4637aa88

2015-09-02T19:34:52

sample/https-client: add -timeout option

f3d7ff5d

2015-08-19T13:22:49

sample/https-client: don't try to free uninitialized SSL sample/https-client.c:459:3: warning: ‘ssl’ may be used uninitialized in this function [-Wmaybe-uninitialized] SSL_free(ssl);

24a1f25a

2015-08-19T13:19:41

sample/https-client: graceful exit with freeing memory (to make valgrind happy)

29a04825

2015-04-02T20:42:54

https-client: correctly handle URLs with no path (like "https://host:port") path == NULL check removed Fixes: #233 Fixes: #234

6dc71e70

2015-08-18T21:57:28

sample/http-connect: don't use assert() to make it work with NDEBUG Otherwise it will not work for cmake release target type.

f976d436

2015-08-18T21:29:03

sample/http-connect: made it compatible with C90

1d34498e

2015-08-18T12:18:31

sample: add HTTP CONNECT tunnelling example using libevent http layer

620ff243

2015-06-17T08:05:53

Update dns-example. There's somebody out there who is going to have a compiler from 1986 who will complain. Better to fix c99 now.

bde231d7

2015-06-17T08:00:19

Merge pull request #183 from azat/dns-example Some improvements for dns-example

df19a970

2014-11-08T15:51:49

dns-example: allow to set ns from args We can't do this using resolv.conf: $ dns-example -v -c <(echo nameserver 127.0.0.1:10053) ya.ru Because of how evutil_read_file_() works (using fstat()) And actually glibc for example will not use port from nameserver line, and because of inet_aton() it will fail if nameserver will have arbitary port: (gdb) p inet_aton("127.0.0.1", malloc(10000)) $1 = 1 (gdb) p inet_aton("127.0.0.1:53", malloc(10000)) $2 = 0 From glibc/resolv/res_init.c: if (MATCH(buf, "nameserver") && nserv < MAXNS) { struct in_addr a; cp = buf + sizeof("nameserver") - 1; while (*cp == ' ' || *cp == '\t') cp++; if ((*cp != '\0') && (*cp != '\n') && __inet_aton(cp, &a)) { statp->nsaddr_list[nservall].sin_addr = a; statp->nsaddr_list[nservall].sin_family = AF_INET; statp->nsaddr_list[nservall].sin_port = htons(NAMESERVER_PORT);

32f8592c

2014-11-08T15:41:33

dns-example: convert to getopt()

2e2d18bc

2014-10-09T11:29:17

Merge pull request #170 from azat/https-client-retries https-client: add -retries argument, for connection retries

5c7282f7

2014-09-24T13:46:09

Fix compilation for older OpenSSL versions. For instance OpenSSL 0.9.7 does not have SSL_set_tlsext_host_name. Also add the missing EVENT__DISABLE_SAMPLES CMake option.

d9da8443

2014-09-21T18:36:29

https-client: add -retries argument, for connection retries Using evhttp_connection_set_retries() API.

8bf769c4

2014-08-29T14:32:10

Merge remote-tracking branch 'origin/patches-2.0' Conflicts: sample/http-server.c

6466e88a

2014-08-29T14:31:07

Use FindClose for handle from FindFirstFile in http-server.c Noted by Miles Chan as issue #145

0c492b33

2014-06-13T17:07:50

add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.

6d72bdca

2014-05-30T13:53:27

Make http-server.c output into good html5

462e6b60

2014-03-12T12:45:41

add a cast to https-client.c

e212c548

2014-01-22T13:19:49

Check for OSX when checking for clang.

d7be7887

2014-01-22T11:15:17

Fix https-client compilation on Windows. ssize_t is not defined. But using ssize_t for s in this context makes no sense, since fread returns size_t.

4cb44fdf

2014-01-21T14:26:01

Merge remote-tracking branch 'joakimsoderberg/new_cmake' Conflicts: sample/https-client.c

8b40a5b0

2014-01-21T11:35:21

Check if we're on OSX before disabling deprecation in le-proxy

4e143958

2014-01-21T11:30:27

Change all uses of WIN32 to _WIN32

88ecda3b

2013-12-24T14:37:30

Fix a couple of "#ifdef WIN32" instances

d1976f8e

2013-12-24T14:05:44

Sample HTTPS Client: Set hostname for SNI extension (by f69m) Patch from f69m on SourceForge

90786eb0

2013-12-24T12:59:36

Small tweaks to https-client.c

2fbc3b14

2013-12-24T12:45:22

Merge remote-tracking branch 'resetius/https'

0ef1d04e

2013-12-17T14:32:07

Get rid of unknown pragma warnings.

69c3516b

2013-12-17T13:28:23

Get rid of deprecation warnings for OpenSSL on OSX 10.7+

19222e52

2013-12-13T17:00:23

Added some GCC specific options. - Added sample applications. - Fixed the https-client to work on Windows kind of (No cert validation).

6171e1c2

2013-08-13T18:19:50

sample: drop uri_root from base_url in http-server. By default there is "0.0.0.0", and this address will work only from the same machine, and besides there is no need in uri_root in base_url, because it will be added automatically by browser.

44b2491b

2013-08-06T19:23:36

sample/le-proxy: Fail more gracefully if opening listener fails

eb6b0c1f

2013-04-25T10:47:16

Merge branch '21_evdns_disable_when_inactive'

6b7fa620

2013-03-27T20:15:46

evdns: New flag to make evdns not prevent the event loop from exiting Here is the brief description of problem: When you are use evdns to resolve domains to IP adresses (see ./sample/dns-example) you loop never returns from event_base_dispatch(), and because of this the program will never terminated. Because existing programs may be depending on the old behavior, we only apply the fix when evdns_base_new() is created with a new flag - EVDNS_BASE_DISABLE_WHEN_INACTIVE. (Commit message edited by Nick while squashing the branch.)

29af65eb

2013-04-14T15:41:44

https-client: code cleanup

902bf21e

2013-04-14T15:12:22

Merge branch 'master' of https://github.com/libevent/libevent into https

95acdaa3

2013-04-10T17:56:54

Another tweak to https-client.c

8a90a850

2013-04-10T13:53:44

Remove http_struct.h usage in sample/https-client.c

c5887f73

2013-03-11T18:31:19

POST supported, args supported

4db9da6b

2013-02-27T21:12:53

pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.

6021cb50

2013-02-27T21:19:16

avoid sign mismatch warning in openssl_hostname_validation.c sample/openssl_hostname_validation.c: In function 'matches_common_name': sample/openssl_hostname_validation.c:80: warning: comparison between signed and unsigned integer expressions sample/openssl_hostname_validation.c: In function 'matches_subject_alternative_name': sample/openssl_hostname_validation.c:124: warning: comparison between signed and unsigned integer expressions

64d9f161

2013-02-27T17:16:27

use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for *.pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."

aacd674c

2013-02-26T00:06:50

use Debian's default root certificate location as suggested here: http://archives.seul.org/libevent/users/Feb-2013/msg00034.html although curl's acinclude.m4 reveals many other possibilities: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat dnl /usr/local/share/certs/ca-root.crt FreeBSD dnl /etc/ssl/cert.pem OpenBSD dnl /etc/ssl/certs/ (ca path) SUSE And none of these cover Windows :(

5754d96a

2013-02-25T23:43:05

better handling of OpenSSL errors

42d7441a

2013-02-25T23:14:26

https-client was putting newlines at 256-byte boundaries presumably this was meant to put a ">" before every line, but that isn't what it does, since evbuffer_remove is simply returning fixed-size chunks. So, when retrieving a document of more than 256 bytes (e. g. any nontrivial document), we got "> " and newlines thrown in at very arbitrary places.

bf31fa5d

2013-02-27T16:31:17

use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.

be46c99b

2013-02-19T12:22:31

Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>

f324b1df

2013-01-22T17:10:07

Merge remote-tracking branch 'origin/patches-2.0'

c322c207

2013-01-22T16:59:07

Fix a mistake in evbuffer_remove() arguments in example http server code (commit message by nickm)

9e8cdf3d

2012-09-21T08:38:56

Fix comment to refer to sample/include.am correctly

2e6a9850

2012-11-01T18:12:07

Merge remote-tracking branch 'github/20_win64_compilation' into 21_win64_compilation Conflicts: event.c http.c sample/event-read-fifo.c test/regress_bufferevent.c

6810908a

2012-11-01T18:05:27

Fix some warnings found cross-compiling with mingw32

94866c27

2012-11-01T17:38:34

Compile without warnings on mingw64 This is mostly a matter of catching cases where we were still assuming that evutil_socket_t could be used as an int.

6cdfeebe

2012-08-28T16:01:14

Rename subordinate Makefile.ams to include.am

7092f3b6

2012-08-28T15:58:18

Switch to non-recursive makefiles This approach should let Make work better, let libevent build faster (especially when using a parallelized build), and basically make the Makefiles easier to maintain. See http://miller.emu.id.au/pmiller/books/rmch/ for more info on why you'd want to do this. This is due to an idea from Zack Weinberg; the patch is my own.

4b70286e

2012-05-02T17:12:23

Merge remote-tracking branch 'origin/patches-2.0' Conflicts: ChangeLog README evdns.c sample/dns-example.c

6610fa5a

2012-05-01T17:07:50

dns-example.c can now take a resolv.conf file on the commandline

2711cda3

2012-04-20T12:14:20

Split long lists in Makefile.am into one-item-per-line

kc3-lang/libevent/sample

sample

Log