hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-28 12:07:10 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update serf 1.3.4 -> 1.3.5

Browse Source
This commit is contained in:
Peter Wemm 2014-05-27 04:52:32 +00:00
commit e8e5717ab4
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=266728
6 changed files with 29 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
contrib/serf/CHANGES
View File

@ -1,4 +1,11 @@
Serf 1.3.4 [2014-02-08, from /tags/1.3.4, rxxxx]
Serf 1.3.5 [2014-04-27, from /tags/1.3.5, rxxxx]
Fix issue #125: no reverse lookup during Negotiate authentication for proxies.
Fix a crash caused by incorrect reuse of the ssltunnel CONNECT request (r2316)
Cancel request if response parsing failed + authn callback set (r2319)
Update the expired certificates in the test suite.
Serf 1.3.4 [2014-02-08, from /tags/1.3.4, r2310]
Fix issue #119: Endless loop during ssl tunnel setup with Negotiate authn
Fix issue #123: Can't setup ssl tunnel which sends Connection close header
Fix a race condition when initializing OpenSSL from multiple threads (r2263)

1
contrib/serf/auth/auth.c
View File

@ -408,6 +408,7 @@ apr_status_t serf__handle_auth_response(int *consumed_response,
consider the reponse body as invalid and discard it. */
status = discard_body(response);
*consumed_response = 1;
if (!APR_STATUS_IS_EOF(status)) {
return status;
}

3
contrib/serf/auth/auth_spnego.c
View File

@ -335,8 +335,7 @@ do_auth(peer_t peer,
&tmp, &tmp_len,
gss_info);
} else {
char *proxy_host;
apr_getnameinfo(&proxy_host, conn->ctx->proxy_address, 0);
char *proxy_host = conn->ctx->proxy_address->hostname;
status = gss_api_get_credentials(conn,
token, token_len, proxy_host,
&tmp, &tmp_len,

27
contrib/serf/outgoing.c
View File

@ -916,21 +916,22 @@ static apr_status_t handle_response(serf_request_t *request,
* themselves by not registering credential callbacks.
*/
if (request->conn->ctx->cred_cb) {
status = serf__handle_auth_response(&consumed_response,
request,
request->resp_bkt,
request->handler_baton,
pool);
status = serf__handle_auth_response(&consumed_response,
request,
request->resp_bkt,
request->handler_baton,
pool);
/* If there was an error reading the response (maybe there wasn't
enough data available), don't bother passing the response to the
application.
if (SERF_BUCKET_READ_ERROR(status)) {
/* Report the request as 'died'/'cancelled' to the application */
(void)(*request->handler)(request,
NULL,
request->handler_baton,
pool);
}
If the authentication was tried, but failed, pass the response
to the application, maybe it can do better. */
if (status) {
return status;
}
if (status)
return status;
}
if (!consumed_response) {

2
contrib/serf/serf.h
View File

@ -1062,7 +1062,7 @@ void serf_debug__bucket_alloc_check(
/* Version info */
#define SERF_MAJOR_VERSION 1
#define SERF_MINOR_VERSION 3
#define SERF_PATCH_VERSION 4
#define SERF_PATCH_VERSION 5
/* Version number string */
#define SERF_VERSION_STRING APR_STRINGIFY(SERF_MAJOR_VERSION) "." \

9
contrib/serf/ssltunnel.c
View File

@ -70,12 +70,11 @@ static apr_status_t handle_response(serf_request_t *request,
req_ctx_t *ctx = handler_baton;
serf_connection_t *conn = request->conn;
if (! response) {
serf_connection_request_create(conn,
setup_request,
ctx);
/* CONNECT request was cancelled. Assuming that this is during connection
reset, we can safely discard the request as a new one will be created
when setting up the next connection. */
if (!response)
return APR_SUCCESS;
}
status = serf_bucket_response_status(response, &sl);
if (SERF_BUCKET_READ_ERROR(status)) {