kmx git

Commit	Date	Message
d5b24cc0	2019-03-05T21:34:31	sample/becat: bufferevent cat, ncat/nc/telnet analog
afdccee9	2019-01-29T01:23:02	s/http-server: fix cleanup routines Fixes: bdd71f18 ("s/http-server: graceful cleanup")
56f3bdef	2018-11-13T23:23:09	s/http-server: check for EVTHREAD_USE_WINDOWS_THREADS_IMPLEMENTED
bdd71f18	2018-11-13T10:48:41	s/http-server: graceful cleanup
41b6b279	2018-11-13T10:26:17	s/http-server: enable debug logging if EVENT_DEBUG_LOGGING_ALL env isset
3c8ded5c	2018-11-08T11:19:16	s/http-server: turn off buffering (otherwise do output on win32)
5d3f9d4d	2018-11-08T11:13:21	s/http-server: add an option to use IOCP
ed705ba7	2018-11-13T10:33:24	s/http-server: add options (for persistent port)
855f0804	2018-08-09T14:47:17	dns-example: free result in getaddrinfo callback According to evdns.c, the result not freed by libevent after the callback runs: evdns_getaddrinfo_gotresolve() { ... data->user_cb(0, data->pending_result, data->user_data); data->pending_result = NULL; ... } To reproduce, build with -fsanitize=address, add -g to the getopt list in dns-example.c like in the current commit and run dns-example -g google.com Closes: #681 # cherry-picked
28b80754	2018-04-02T13:18:27	Fix build with LibreSSL 2.7 LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init() See also: https://bugs.freebsd.org/226900 Signed-off-by: Bernard Spil <brnrd@FreeBSD.org> Closes: #617 (cherry-pick)
c2c08e02	2017-11-22T10:33:15	Add missing includes into openssl-compat.h Before it depends from the caller #include appropriate headers (at least for OPENSSL_VERSION_NUMBER), but let's make it independent. Fixes: #574
33e363f3	2017-11-20T02:07:54	Free dns/event bases in dns-example to avoid leaks
0ec5edde	2017-08-21T01:08:15	autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550
74a2f593	2017-05-29T16:24:48	le-proxy: fix compiling under win32 (because of no "inline" in C) Include <util-internal.h> for regular "inline", since it is used everywhere.
d22e12ee	2017-05-28T16:38:20	http-connect: exit on error
00ae45fe	2017-04-25T23:10:13	le-proxy: add missing return statement (UAF) Refs: #501501501501501501501501501
05318f13	2017-03-05T11:33:44	sample/https-client: use ERR_remove_*state() when we have them ERR_remove_thread_state: - openssl 0.9.8 does not have - openssl 1.0/libressl has - openssl 1.1 deprecates
5d18d879	2017-03-02T21:09:32	Do not check for ERR_remove_thread_state() (do not link ssl into every library) This reverts commit c4e9d9bd662de7f575f2172c160795d452ebe709 ("sample/https-client: check for ERR_remove_thread_state() existence"). Calling AC_SEARCH_LIBS() modifies LIBS - -lcrypto incorrectly ends up in LIBS, and thus linked to by libevent_core.so. Checking for ERR_remove_thread_state should no longer be needed because it was introduced in openssl 1.0.0, and the previous line 0.9.8 had support discontinued at the end of 2015. Fixes: #473
55cadb2b	2017-02-20T16:55:57	sample/dns-example: fix compiler warning (getopt() returns an int) Signed-off-by: David Disseldorp <ddiss@suse.de> Closes: #449
e139cbac	2017-02-20T14:47:59	sample/https-client: use host SSL certificate store by default Currently a static (Debian) certificate path is used by default, which can be overridden using the -crt parameter. This commit changes the default behaviour such that the openssl default certificate store is used, unless overridden by -crt. Signed-off-by: David Disseldorp <ddiss@suse.de>
d057c45e	2017-01-28T16:42:13	Unbreak build with LibreSSL after openssl 1.1 support added Fixes: 3e9e0a0d46e4 ("Make it build using OpenSSL 1.1.0") Fixes: #445
23f9a20e	2016-12-13T11:54:09	Fix incorrect MIME type
fa58cb1d	2016-11-16T01:16:30	sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)
122bf144	2016-11-14T02:17:38	le-proxy: fix building under openssl 1.1 (init functions has been deprecated) Refs: #397
13a4acda	2016-12-06T13:26:09	https-cilent: fix compilation warnings about unused vars/functions on win32
253e7fa9	2016-12-06T12:08:32	util-internal: fix __func__ redefinition (netbsd) ==> netbsd: In file included from ../listener.c:57:0: ==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default] ==> netbsd: #define __func__ EVENT____func__ ==> netbsd: ^ ==> netbsd: In file included from /usr/include/amd64/types.h:39:0, ==> netbsd: from /usr/include/sys/types.h:45, ==> netbsd: from ../listener.c:30: ==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition ==> netbsd: #define __func__ __PRETTY_FUNCTION__
0abe4eba	2016-12-06T09:54:13	sample/http-connect: fix compilation with VS2010 Fixes: nmathewson/Libevent#137
e9837124	2014-12-13T19:42:42	use ev_uint16_t instead of unsigned short for port Like in `sockaddr_in` structure in /usr/include/netinet/in.h @azat: convert all other users (bench, compat, ..) and tweak message Fixes: #178 Fixes: #196 Refs: 6bf1ca78 Link: https://codereview.appspot.com/156040043/#msg4
3e9e0a0d	2016-09-19T22:05:15	Make it build using OpenSSL 1.1.0 Rebased (azat): - tabs instead of whitespaces - make openssl-compat.h safe for complex expressions - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) TODO: - clean methods_bufferevent Closes: #397 (cherry-picked)
666db91a	2016-06-29T15:11:50	Fix memory leak in signal-test.c
2d3cd353	2016-03-04T19:18:18	sample/hello-world: exAmple, not eXMple Fixes: #334
1bf75956	2016-01-12T02:03:12	http-connect: make it win32 compilable Fixes: commit 1d34498ea31134bd7a8fcadcb95910b30a479e19 ("sample: add HTTP CONNECT tunnelling example using libevent http layer")
fdf713a0	2015-11-24T01:35:25	sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt
c4e9d9bd	2015-11-23T18:44:03	sample/https-client: check for ERR_remove_thread_state() existence Fixes: freebsd 9.2 build
77ad68a6	2015-11-10T20:29:33	sample/https-client: replace ERR_remove_state() by ERR_remove_thread_state() Since ERR_remove_state() is deprecated: $ git log --grep ERR_remove_thread_state commit 2ecd2ededece66bf090fefc93ef3ddb672d9e71a Author: Bodo Möller <bodo@openssl.org> Date: Wed Aug 13 19:30:01 2008 +0000 Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). Link: https://www.openssl.org/docs/manmaster/crypto/ERR_remove_state.html
3316a210	2015-11-10T20:26:50	Add missing <string.h> for openssl_hostname_validation module Now it included by openssl, but nfter openssl/openssl@master-post-reformat-1494-g6329b60 it will print warning (apparently they dropped <string.h> from the generic headers).
4637aa88	2015-09-02T19:34:52	sample/https-client: add -timeout option
f3d7ff5d	2015-08-19T13:22:49	sample/https-client: don't try to free uninitialized SSL sample/https-client.c:459:3: warning: ‘ssl’ may be used uninitialized in this function [-Wmaybe-uninitialized] SSL_free(ssl);
24a1f25a	2015-08-19T13:19:41	sample/https-client: graceful exit with freeing memory (to make valgrind happy)
29a04825	2015-04-02T20:42:54	https-client: correctly handle URLs with no path (like "https://host:port") path == NULL check removed Fixes: #233 Fixes: #234
6dc71e70	2015-08-18T21:57:28	sample/http-connect: don't use assert() to make it work with NDEBUG Otherwise it will not work for cmake release target type.
f976d436	2015-08-18T21:29:03	sample/http-connect: made it compatible with C90
1d34498e	2015-08-18T12:18:31	sample: add HTTP CONNECT tunnelling example using libevent http layer
620ff243	2015-06-17T08:05:53	Update dns-example. There's somebody out there who is going to have a compiler from 1986 who will complain. Better to fix c99 now.
bde231d7	2015-06-17T08:00:19	Merge pull request #183 from azat/dns-example Some improvements for dns-example
df19a970	2014-11-08T15:51:49	dns-example: allow to set ns from args We can't do this using resolv.conf: $ dns-example -v -c <(echo nameserver 127.0.0.1:10053) ya.ru Because of how evutil_read_file_() works (using fstat()) And actually glibc for example will not use port from nameserver line, and because of inet_aton() it will fail if nameserver will have arbitary port: (gdb) p inet_aton("127.0.0.1", malloc(10000)) $1 = 1 (gdb) p inet_aton("127.0.0.1:53", malloc(10000)) $2 = 0 From glibc/resolv/res_init.c: if (MATCH(buf, "nameserver") && nserv < MAXNS) { struct in_addr a; cp = buf + sizeof("nameserver") - 1; while (cp == ' ' \|\| cp == '\t') cp++; if ((cp != '\0') && (cp != '\n') && __inet_aton(cp, &a)) { statp->nsaddr_list[nservall].sin_addr = a; statp->nsaddr_list[nservall].sin_family = AF_INET; statp->nsaddr_list[nservall].sin_port = htons(NAMESERVER_PORT);
32f8592c	2014-11-08T15:41:33	dns-example: convert to getopt()
2e2d18bc	2014-10-09T11:29:17	Merge pull request #170 from azat/https-client-retries https-client: add -retries argument, for connection retries
5c7282f7	2014-09-24T13:46:09	Fix compilation for older OpenSSL versions. For instance OpenSSL 0.9.7 does not have SSL_set_tlsext_host_name. Also add the missing EVENT__DISABLE_SAMPLES CMake option.
d9da8443	2014-09-21T18:36:29	https-client: add -retries argument, for connection retries Using evhttp_connection_set_retries() API.
8bf769c4	2014-08-29T14:32:10	Merge remote-tracking branch 'origin/patches-2.0' Conflicts: sample/http-server.c
6466e88a	2014-08-29T14:31:07	Use FindClose for handle from FindFirstFile in http-server.c Noted by Miles Chan as issue #145
0c492b33	2014-06-13T17:07:50	add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.
6d72bdca	2014-05-30T13:53:27	Make http-server.c output into good html5
462e6b60	2014-03-12T12:45:41	add a cast to https-client.c
e212c548	2014-01-22T13:19:49	Check for OSX when checking for clang.
d7be7887	2014-01-22T11:15:17	Fix https-client compilation on Windows. ssize_t is not defined. But using ssize_t for s in this context makes no sense, since fread returns size_t.
4cb44fdf	2014-01-21T14:26:01	Merge remote-tracking branch 'joakimsoderberg/new_cmake' Conflicts: sample/https-client.c
8b40a5b0	2014-01-21T11:35:21	Check if we're on OSX before disabling deprecation in le-proxy
4e143958	2014-01-21T11:30:27	Change all uses of WIN32 to _WIN32
88ecda3b	2013-12-24T14:37:30	Fix a couple of "#ifdef WIN32" instances
d1976f8e	2013-12-24T14:05:44	Sample HTTPS Client: Set hostname for SNI extension (by f69m) Patch from f69m on SourceForge
90786eb0	2013-12-24T12:59:36	Small tweaks to https-client.c
2fbc3b14	2013-12-24T12:45:22	Merge remote-tracking branch 'resetius/https'
0ef1d04e	2013-12-17T14:32:07	Get rid of unknown pragma warnings.
69c3516b	2013-12-17T13:28:23	Get rid of deprecation warnings for OpenSSL on OSX 10.7+
19222e52	2013-12-13T17:00:23	Added some GCC specific options. - Added sample applications. - Fixed the https-client to work on Windows kind of (No cert validation).
6171e1c2	2013-08-13T18:19:50	sample: drop uri_root from base_url in http-server. By default there is "0.0.0.0", and this address will work only from the same machine, and besides there is no need in uri_root in base_url, because it will be added automatically by browser.
44b2491b	2013-08-06T19:23:36	sample/le-proxy: Fail more gracefully if opening listener fails
eb6b0c1f	2013-04-25T10:47:16	Merge branch '21_evdns_disable_when_inactive'
6b7fa620	2013-03-27T20:15:46	evdns: New flag to make evdns not prevent the event loop from exiting Here is the brief description of problem: When you are use evdns to resolve domains to IP adresses (see ./sample/dns-example) you loop never returns from event_base_dispatch(), and because of this the program will never terminated. Because existing programs may be depending on the old behavior, we only apply the fix when evdns_base_new() is created with a new flag - EVDNS_BASE_DISABLE_WHEN_INACTIVE. (Commit message edited by Nick while squashing the branch.)
29af65eb	2013-04-14T15:41:44	https-client: code cleanup
902bf21e	2013-04-14T15:12:22	Merge branch 'master' of https://github.com/libevent/libevent into https
95acdaa3	2013-04-10T17:56:54	Another tweak to https-client.c
8a90a850	2013-04-10T13:53:44	Remove http_struct.h usage in sample/https-client.c
c5887f73	2013-03-11T18:31:19	POST supported, args supported
4db9da6b	2013-02-27T21:12:53	pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.
6021cb50	2013-02-27T21:19:16	avoid sign mismatch warning in openssl_hostname_validation.c sample/openssl_hostname_validation.c: In function 'matches_common_name': sample/openssl_hostname_validation.c:80: warning: comparison between signed and unsigned integer expressions sample/openssl_hostname_validation.c: In function 'matches_subject_alternative_name': sample/openssl_hostname_validation.c:124: warning: comparison between signed and unsigned integer expressions
64d9f161	2013-02-27T17:16:27	use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for .pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."
aacd674c	2013-02-26T00:06:50	use Debian's default root certificate location as suggested here: http://archives.seul.org/libevent/users/Feb-2013/msg00034.html although curl's acinclude.m4 reveals many other possibilities: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat dnl /usr/local/share/certs/ca-root.crt FreeBSD dnl /etc/ssl/cert.pem OpenBSD dnl /etc/ssl/certs/ (ca path) SUSE And none of these cover Windows :(
5754d96a	2013-02-25T23:43:05	better handling of OpenSSL errors
42d7441a	2013-02-25T23:14:26	https-client was putting newlines at 256-byte boundaries presumably this was meant to put a ">" before every line, but that isn't what it does, since evbuffer_remove is simply returning fixed-size chunks. So, when retrieving a document of more than 256 bytes (e. g. any nontrivial document), we got "> " and newlines thrown in at very arbitrary places.
bf31fa5d	2013-02-27T16:31:17	use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.
be46c99b	2013-02-19T12:22:31	Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>
f324b1df	2013-01-22T17:10:07	Merge remote-tracking branch 'origin/patches-2.0'
c322c207	2013-01-22T16:59:07	Fix a mistake in evbuffer_remove() arguments in example http server code (commit message by nickm)
9e8cdf3d	2012-09-21T08:38:56	Fix comment to refer to sample/include.am correctly
2e6a9850	2012-11-01T18:12:07	Merge remote-tracking branch 'github/20_win64_compilation' into 21_win64_compilation Conflicts: event.c http.c sample/event-read-fifo.c test/regress_bufferevent.c
6810908a	2012-11-01T18:05:27	Fix some warnings found cross-compiling with mingw32
94866c27	2012-11-01T17:38:34	Compile without warnings on mingw64 This is mostly a matter of catching cases where we were still assuming that evutil_socket_t could be used as an int.
6cdfeebe	2012-08-28T16:01:14	Rename subordinate Makefile.ams to include.am
7092f3b6	2012-08-28T15:58:18	Switch to non-recursive makefiles This approach should let Make work better, let libevent build faster (especially when using a parallelized build), and basically make the Makefiles easier to maintain. See http://miller.emu.id.au/pmiller/books/rmch/ for more info on why you'd want to do this. This is due to an idea from Zack Weinberg; the patch is my own.
4b70286e	2012-05-02T17:12:23	Merge remote-tracking branch 'origin/patches-2.0' Conflicts: ChangeLog README evdns.c sample/dns-example.c
6610fa5a	2012-05-01T17:07:50	dns-example.c can now take a resolv.conf file on the commandline
2711cda3	2012-04-20T12:14:20	Split long lists in Makefile.am into one-item-per-line
041ca00c	2011-07-12T12:25:41	Add a new libevent_global_shutdown() to free all globals before exiting. Mark Ellzey added a function libevent_shutdown() which calls a set of private functions: * event_free_globals() * event_free_debug_globals() * event_free_debug_globals_locks() * event_free_evsig_globals() * evsig_free_globals() * evsig_free_globals_locks() * evutil_free_globals() * evutil_free_secure_rng_globals() * evutil_free_secure_rng_globals_lock() Nick tweaked this libevent global shutdown code: - rename the function to emphasize that it's for global resources - write more in the doxygen - make function brace style consistent - add a missing void in a function definition.
24dab0b3	2012-03-19T14:39:06	event-read-fifo: Use EV_PERSIST appropriately
a5b370a2	2012-03-19T19:18:46	Rename event-test.c to event-read-fifo.c. Treat it as an example of reading from a named pipe, not an initial teaching tool.
c0dacd23	2012-03-18T08:19:04	On Unix, remove event.fifo left by sample/event-test.c. This fifo would result in grep hanging when doing a recursive grep through the Libevent sources. event.fifo gets removed on SIGINT or normal exit.
19bab4fb	2012-03-12T18:45:00	Fix up sample/event-test.c to use newer interfaces and make it actually work.

d5b24cc0

2019-03-05T21:34:31

sample/becat: bufferevent cat, ncat/nc/telnet analog

afdccee9

2019-01-29T01:23:02

s/http-server: fix cleanup routines Fixes: bdd71f18 ("s/http-server: graceful cleanup")

56f3bdef

2018-11-13T23:23:09

s/http-server: check for EVTHREAD_USE_WINDOWS_THREADS_IMPLEMENTED

bdd71f18

2018-11-13T10:48:41

s/http-server: graceful cleanup

41b6b279

2018-11-13T10:26:17

s/http-server: enable debug logging if EVENT_DEBUG_LOGGING_ALL env isset

3c8ded5c

2018-11-08T11:19:16

s/http-server: turn off buffering (otherwise do output on win32)

5d3f9d4d

2018-11-08T11:13:21

s/http-server: add an option to use IOCP

ed705ba7

2018-11-13T10:33:24

s/http-server: add options (for persistent port)

855f0804

2018-08-09T14:47:17

dns-example: free result in getaddrinfo callback According to evdns.c, the result not freed by libevent after the callback runs: evdns_getaddrinfo_gotresolve() { ... data->user_cb(0, data->pending_result, data->user_data); data->pending_result = NULL; ... } To reproduce, build with -fsanitize=address, add -g to the getopt list in dns-example.c like in the current commit and run dns-example -g google.com Closes: #681 # cherry-picked

28b80754

2018-04-02T13:18:27

Fix build with LibreSSL 2.7 LibreSSL 2.7 implements OpenSSL 1.1 API except for BIO_get_init() See also: https://bugs.freebsd.org/226900 Signed-off-by: Bernard Spil <brnrd@FreeBSD.org> Closes: #617 (cherry-pick)

c2c08e02

2017-11-22T10:33:15

Add missing includes into openssl-compat.h Before it depends from the caller #include appropriate headers (at least for OPENSSL_VERSION_NUMBER), but let's make it independent. Fixes: #574

33e363f3

2017-11-20T02:07:54

Free dns/event bases in dns-example to avoid leaks

0ec5edde

2017-08-21T01:08:15

autotools: pass $(OPENSSL_INCS) for samples (FTBFS macOS) if OpenSSL is in a non standard location, need to pass that information to any sample that needs it Closes: #550

74a2f593

2017-05-29T16:24:48

le-proxy: fix compiling under win32 (because of no "inline" in C) Include <util-internal.h> for regular "inline", since it is used everywhere.

d22e12ee

2017-05-28T16:38:20

http-connect: exit on error

00ae45fe

2017-04-25T23:10:13

le-proxy: add missing return statement (UAF) Refs: #501501501501501501501501501

05318f13

2017-03-05T11:33:44

sample/https-client: use ERR_remove_*state() when we have them ERR_remove_thread_state: - openssl 0.9.8 does not have - openssl 1.0/libressl has - openssl 1.1 deprecates

5d18d879

2017-03-02T21:09:32

Do not check for ERR_remove_thread_state() (do not link ssl into every library) This reverts commit c4e9d9bd662de7f575f2172c160795d452ebe709 ("sample/https-client: check for ERR_remove_thread_state() existence"). Calling AC_SEARCH_LIBS() modifies LIBS - -lcrypto incorrectly ends up in LIBS, and thus linked to by libevent_core.so. Checking for ERR_remove_thread_state should no longer be needed because it was introduced in openssl 1.0.0, and the previous line 0.9.8 had support discontinued at the end of 2015. Fixes: #473

55cadb2b

2017-02-20T16:55:57

sample/dns-example: fix compiler warning (getopt() returns an int) Signed-off-by: David Disseldorp <ddiss@suse.de> Closes: #449

e139cbac

2017-02-20T14:47:59

sample/https-client: use host SSL certificate store by default Currently a static (Debian) certificate path is used by default, which can be overridden using the -crt parameter. This commit changes the default behaviour such that the openssl default certificate store is used, unless overridden by -crt. Signed-off-by: David Disseldorp <ddiss@suse.de>

d057c45e

2017-01-28T16:42:13

Unbreak build with LibreSSL after openssl 1.1 support added Fixes: 3e9e0a0d46e4 ("Make it build using OpenSSL 1.1.0") Fixes: #445

23f9a20e

2016-12-13T11:54:09

Fix incorrect MIME type

fa58cb1d

2016-11-16T01:16:30

sample/le-proxy: use TLS_method instead of SSLv23_method (latest deprecated)

122bf144

2016-11-14T02:17:38

le-proxy: fix building under openssl 1.1 (init functions has been deprecated) Refs: #397

13a4acda

2016-12-06T13:26:09

https-cilent: fix compilation warnings about unused vars/functions on win32

253e7fa9

2016-12-06T12:08:32

util-internal: fix __func__ redefinition (netbsd) ==> netbsd: In file included from ../listener.c:57:0: ==> netbsd: ../util-internal.h:58:0: warning: "__func__" redefined [enabled by default] ==> netbsd: #define __func__ EVENT____func__ ==> netbsd: ^ ==> netbsd: In file included from /usr/include/amd64/types.h:39:0, ==> netbsd: from /usr/include/sys/types.h:45, ==> netbsd: from ../listener.c:30: ==> netbsd: /usr/include/sys/cdefs.h:394:0: note: this is the location of the previous definition ==> netbsd: #define __func__ __PRETTY_FUNCTION__

0abe4eba

2016-12-06T09:54:13

sample/http-connect: fix compilation with VS2010 Fixes: nmathewson/Libevent#137

e9837124

2014-12-13T19:42:42

use ev_uint16_t instead of unsigned short for port Like in `sockaddr_in` structure in /usr/include/netinet/in.h @azat: convert all other users (bench, compat, ..) and tweak message Fixes: #178 Fixes: #196 Refs: 6bf1ca78 Link: https://codereview.appspot.com/156040043/#msg4

3e9e0a0d

2016-09-19T22:05:15

Make it build using OpenSSL 1.1.0 Rebased (azat): - tabs instead of whitespaces - make openssl-compat.h safe for complex expressions - do not call sk_SSL_COMP_free() in 1.1 (fixes double free) TODO: - clean methods_bufferevent Closes: #397 (cherry-picked)

666db91a

2016-06-29T15:11:50

Fix memory leak in signal-test.c

2d3cd353

2016-03-04T19:18:18

sample/hello-world: exAmple, not eXMple Fixes: #334

1bf75956

2016-01-12T02:03:12

http-connect: make it win32 compilable Fixes: commit 1d34498ea31134bd7a8fcadcb95910b30a479e19 ("sample: add HTTP CONNECT tunnelling example using libevent http layer")

fdf713a0

2015-11-24T01:35:25

sample/https-client: allow to change path to ca-certificates And default to one that linux have, for freebsd you will need: $ https-client -url https://google.com -crt /usr/local/share/certs/ca-root-nss.crt

c4e9d9bd

2015-11-23T18:44:03

sample/https-client: check for ERR_remove_thread_state() existence Fixes: freebsd 9.2 build

77ad68a6

2015-11-10T20:29:33

sample/https-client: replace ERR_remove_state() by ERR_remove_thread_state() Since ERR_remove_state() is deprecated: $ git log --grep ERR_remove_thread_state commit 2ecd2ededece66bf090fefc93ef3ddb672d9e71a Author: Bodo Möller <bodo@openssl.org> Date: Wed Aug 13 19:30:01 2008 +0000 Mention ERR_remove_state() deprecation, and ERR_remove_thread_state(NULL). Link: https://www.openssl.org/docs/manmaster/crypto/ERR_remove_state.html

3316a210

2015-11-10T20:26:50

Add missing <string.h> for openssl_hostname_validation module Now it included by openssl, but nfter openssl/openssl@master-post-reformat-1494-g6329b60 it will print warning (apparently they dropped <string.h> from the generic headers).

4637aa88

2015-09-02T19:34:52

sample/https-client: add -timeout option

f3d7ff5d

2015-08-19T13:22:49

sample/https-client: don't try to free uninitialized SSL sample/https-client.c:459:3: warning: ‘ssl’ may be used uninitialized in this function [-Wmaybe-uninitialized] SSL_free(ssl);

24a1f25a

2015-08-19T13:19:41

sample/https-client: graceful exit with freeing memory (to make valgrind happy)

29a04825

2015-04-02T20:42:54

https-client: correctly handle URLs with no path (like "https://host:port") path == NULL check removed Fixes: #233 Fixes: #234

6dc71e70

2015-08-18T21:57:28

sample/http-connect: don't use assert() to make it work with NDEBUG Otherwise it will not work for cmake release target type.

f976d436

2015-08-18T21:29:03

sample/http-connect: made it compatible with C90

1d34498e

2015-08-18T12:18:31

sample: add HTTP CONNECT tunnelling example using libevent http layer

620ff243

2015-06-17T08:05:53

Update dns-example. There's somebody out there who is going to have a compiler from 1986 who will complain. Better to fix c99 now.

bde231d7

2015-06-17T08:00:19

Merge pull request #183 from azat/dns-example Some improvements for dns-example

df19a970

2014-11-08T15:51:49

dns-example: allow to set ns from args We can't do this using resolv.conf: $ dns-example -v -c <(echo nameserver 127.0.0.1:10053) ya.ru Because of how evutil_read_file_() works (using fstat()) And actually glibc for example will not use port from nameserver line, and because of inet_aton() it will fail if nameserver will have arbitary port: (gdb) p inet_aton("127.0.0.1", malloc(10000)) $1 = 1 (gdb) p inet_aton("127.0.0.1:53", malloc(10000)) $2 = 0 From glibc/resolv/res_init.c: if (MATCH(buf, "nameserver") && nserv < MAXNS) { struct in_addr a; cp = buf + sizeof("nameserver") - 1; while (*cp == ' ' || *cp == '\t') cp++; if ((*cp != '\0') && (*cp != '\n') && __inet_aton(cp, &a)) { statp->nsaddr_list[nservall].sin_addr = a; statp->nsaddr_list[nservall].sin_family = AF_INET; statp->nsaddr_list[nservall].sin_port = htons(NAMESERVER_PORT);

32f8592c

2014-11-08T15:41:33

dns-example: convert to getopt()

2e2d18bc

2014-10-09T11:29:17

Merge pull request #170 from azat/https-client-retries https-client: add -retries argument, for connection retries

5c7282f7

2014-09-24T13:46:09

Fix compilation for older OpenSSL versions. For instance OpenSSL 0.9.7 does not have SSL_set_tlsext_host_name. Also add the missing EVENT__DISABLE_SAMPLES CMake option.

d9da8443

2014-09-21T18:36:29

https-client: add -retries argument, for connection retries Using evhttp_connection_set_retries() API.

8bf769c4

2014-08-29T14:32:10

Merge remote-tracking branch 'origin/patches-2.0' Conflicts: sample/http-server.c

6466e88a

2014-08-29T14:31:07

Use FindClose for handle from FindFirstFile in http-server.c Noted by Miles Chan as issue #145

0c492b33

2014-06-13T17:07:50

add a --disable-samples configure flag For people building & installing libevent in a distro, building all these sample apps are not useful. Add a flag to turn them off.

6d72bdca

2014-05-30T13:53:27

Make http-server.c output into good html5

462e6b60

2014-03-12T12:45:41

add a cast to https-client.c

e212c548

2014-01-22T13:19:49

Check for OSX when checking for clang.

d7be7887

2014-01-22T11:15:17

Fix https-client compilation on Windows. ssize_t is not defined. But using ssize_t for s in this context makes no sense, since fread returns size_t.

4cb44fdf

2014-01-21T14:26:01

Merge remote-tracking branch 'joakimsoderberg/new_cmake' Conflicts: sample/https-client.c

8b40a5b0

2014-01-21T11:35:21

Check if we're on OSX before disabling deprecation in le-proxy

4e143958

2014-01-21T11:30:27

Change all uses of WIN32 to _WIN32

88ecda3b

2013-12-24T14:37:30

Fix a couple of "#ifdef WIN32" instances

d1976f8e

2013-12-24T14:05:44

Sample HTTPS Client: Set hostname for SNI extension (by f69m) Patch from f69m on SourceForge

90786eb0

2013-12-24T12:59:36

Small tweaks to https-client.c

2fbc3b14

2013-12-24T12:45:22

Merge remote-tracking branch 'resetius/https'

0ef1d04e

2013-12-17T14:32:07

Get rid of unknown pragma warnings.

69c3516b

2013-12-17T13:28:23

Get rid of deprecation warnings for OpenSSL on OSX 10.7+

19222e52

2013-12-13T17:00:23

Added some GCC specific options. - Added sample applications. - Fixed the https-client to work on Windows kind of (No cert validation).

6171e1c2

2013-08-13T18:19:50

sample: drop uri_root from base_url in http-server. By default there is "0.0.0.0", and this address will work only from the same machine, and besides there is no need in uri_root in base_url, because it will be added automatically by browser.

44b2491b

2013-08-06T19:23:36

sample/le-proxy: Fail more gracefully if opening listener fails

eb6b0c1f

2013-04-25T10:47:16

Merge branch '21_evdns_disable_when_inactive'

6b7fa620

2013-03-27T20:15:46

evdns: New flag to make evdns not prevent the event loop from exiting Here is the brief description of problem: When you are use evdns to resolve domains to IP adresses (see ./sample/dns-example) you loop never returns from event_base_dispatch(), and because of this the program will never terminated. Because existing programs may be depending on the old behavior, we only apply the fix when evdns_base_new() is created with a new flag - EVDNS_BASE_DISABLE_WHEN_INACTIVE. (Commit message edited by Nick while squashing the branch.)

29af65eb

2013-04-14T15:41:44

https-client: code cleanup

902bf21e

2013-04-14T15:12:22

Merge branch 'master' of https://github.com/libevent/libevent into https

95acdaa3

2013-04-10T17:56:54

Another tweak to https-client.c

8a90a850

2013-04-10T13:53:44

Remove http_struct.h usage in sample/https-client.c

c5887f73

2013-03-11T18:31:19

POST supported, args supported

4db9da6b

2013-02-27T21:12:53

pull in wildcard matching code from cURL Now, https-client accepts both: https://ip.appspot.com/ (matching wildcard certificate) https://github.com/ (matching non-wildcard certificate) but still rejects https://www.kegel.com/ (non-matching wildcard certificate) which should match the behavior of these sites in a web browser.

6021cb50

2013-02-27T21:19:16

avoid sign mismatch warning in openssl_hostname_validation.c sample/openssl_hostname_validation.c: In function 'matches_common_name': sample/openssl_hostname_validation.c:80: warning: comparison between signed and unsigned integer expressions sample/openssl_hostname_validation.c: In function 'matches_subject_alternative_name': sample/openssl_hostname_validation.c:124: warning: comparison between signed and unsigned integer expressions

64d9f161

2013-02-27T17:16:27

use iSECPartners code to validate hostname in certificate The problem is that if you go to a website whose certificate does not match its hostname, it should fail. Try this in a web browser for https://www.kegel.com/ for example. Your web browser will say the certificate is for *.pair.com, not for www.kegel.com, and won't let you visit it without clicking through a bunch of scary warnings. However, prior to this commit, https-client was happy to fetch https://www.kegel.com/ without complaining. That is bad. Now, with this commit, it will properly complain, which is good: pelletier@chives:~/src/libevent/sample$ ./https-client https://www.kegel.com/ Got 'MatchNotFound' for hostname 'www.kegel.com' and certificate: /C=US/postalCode=15203/ST=Pennsylvania/L=Pittsburgh/street=Suite 210/street=2403 Sidney Street/O=pair Networks, Inc./OU=Provided by pair Networks, Inc./OU=PairWildcardSSL $250,000/CN=*.pair.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ It will still succeed for sites with an exactly-matching certificate, such as https://github.com/ and that is also good! However, the problem is that the iSECPartners code doesn't handle wildcards, which means we reject https://ip.appspot.com/ even though it is perfectly legitimate, because we don't understand the wildcard: ppelletier@chives:~/src/libevent/sample$ ./https-client https://ip.appspot.com/ Got 'MatchNotFound' for hostname 'ip.appspot.com' and certificate: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=*.appspot.com some request failed - no idea which one though! error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ppelletier@chives:~/src/libevent/sample$ So, we need to fix this. In other words, "to be continued..."

aacd674c

2013-02-26T00:06:50

use Debian's default root certificate location as suggested here: http://archives.seul.org/libevent/users/Feb-2013/msg00034.html although curl's acinclude.m4 reveals many other possibilities: dnl /etc/ssl/certs/ca-certificates.crt Debian systems dnl /etc/pki/tls/certs/ca-bundle.crt Redhat and Mandriva dnl /usr/share/ssl/certs/ca-bundle.crt old(er) Redhat dnl /usr/local/share/certs/ca-root.crt FreeBSD dnl /etc/ssl/cert.pem OpenBSD dnl /etc/ssl/certs/ (ca path) SUSE And none of these cover Windows :(

5754d96a

2013-02-25T23:43:05

better handling of OpenSSL errors

42d7441a

2013-02-25T23:14:26

https-client was putting newlines at 256-byte boundaries presumably this was meant to put a ">" before every line, but that isn't what it does, since evbuffer_remove is simply returning fixed-size chunks. So, when retrieving a document of more than 256 bytes (e. g. any nontrivial document), we got "> " and newlines thrown in at very arbitrary places.

bf31fa5d

2013-02-27T16:31:17

use ${OPENSSL_LIBS} instead of -lssl -lcrypto This made the difference between segfaulting and not segfaulting for me when I run https-client, when I've built libevent using an OpenSSL in a non-standard location. In the same spirit as 1d9d5110a4aebf5833f6fd78bd0252affde0f4d0 and d70af27d0152d0a87a25127faf215604beb8ffe0.

be46c99b

2013-02-19T12:22:31

Add sample/https-client.c, an example of stacking evhttp as a client on top of bufferevent_ssl. Signed-off-by: Catalin Patulea <catalinp@google.com>

f324b1df

2013-01-22T17:10:07

Merge remote-tracking branch 'origin/patches-2.0'

c322c207

2013-01-22T16:59:07

Fix a mistake in evbuffer_remove() arguments in example http server code (commit message by nickm)

9e8cdf3d

2012-09-21T08:38:56

Fix comment to refer to sample/include.am correctly

2e6a9850

2012-11-01T18:12:07

Merge remote-tracking branch 'github/20_win64_compilation' into 21_win64_compilation Conflicts: event.c http.c sample/event-read-fifo.c test/regress_bufferevent.c

6810908a

2012-11-01T18:05:27

Fix some warnings found cross-compiling with mingw32

94866c27

2012-11-01T17:38:34

Compile without warnings on mingw64 This is mostly a matter of catching cases where we were still assuming that evutil_socket_t could be used as an int.

6cdfeebe

2012-08-28T16:01:14

Rename subordinate Makefile.ams to include.am

7092f3b6

2012-08-28T15:58:18

Switch to non-recursive makefiles This approach should let Make work better, let libevent build faster (especially when using a parallelized build), and basically make the Makefiles easier to maintain. See http://miller.emu.id.au/pmiller/books/rmch/ for more info on why you'd want to do this. This is due to an idea from Zack Weinberg; the patch is my own.

4b70286e

2012-05-02T17:12:23

Merge remote-tracking branch 'origin/patches-2.0' Conflicts: ChangeLog README evdns.c sample/dns-example.c

6610fa5a

2012-05-01T17:07:50

dns-example.c can now take a resolv.conf file on the commandline

2711cda3

2012-04-20T12:14:20

Split long lists in Makefile.am into one-item-per-line

041ca00c

2011-07-12T12:25:41

Add a new libevent_global_shutdown() to free all globals before exiting. Mark Ellzey added a function libevent_shutdown() which calls a set of private functions: * event_free_globals() * event_free_debug_globals() * event_free_debug_globals_locks() * event_free_evsig_globals() * evsig_free_globals() * evsig_free_globals_locks() * evutil_free_globals() * evutil_free_secure_rng_globals() * evutil_free_secure_rng_globals_lock() Nick tweaked this libevent global shutdown code: - rename the function to emphasize that it's for global resources - write more in the doxygen - make function brace style consistent - add a missing void in a function definition.

24dab0b3

2012-03-19T14:39:06

event-read-fifo: Use EV_PERSIST appropriately

a5b370a2

2012-03-19T19:18:46

Rename event-test.c to event-read-fifo.c. Treat it as an example of reading from a named pipe, not an initial teaching tool.

c0dacd23

2012-03-18T08:19:04

On Unix, remove event.fifo left by sample/event-test.c. This fifo would result in grep hanging when doing a recursive grep through the Libevent sources. event.fifo gets removed on SIGINT or normal exit.

19bab4fb

2012-03-12T18:45:00

Fix up sample/event-test.c to use newer interfaces and make it actually work.

kc3-lang/libevent/sample

sample

Log