From owner-svn-src-head@FreeBSD.ORG Tue May 27 04:52:34 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3B2F66CA; Tue, 27 May 2014 04:52:34 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1C1242D29; Tue, 27 May 2014 04:52:34 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4R4qX4q079540; Tue, 27 May 2014 04:52:33 GMT (envelope-from peter@svn.freebsd.org) Received: (from peter@localhost) by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4R4qWM8079533; Tue, 27 May 2014 04:52:32 GMT (envelope-from peter@svn.freebsd.org) Message-Id: <201405270452.s4R4qWM8079533@svn.freebsd.org> From: Peter Wemm Date: Tue, 27 May 2014 04:52:32 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r266728 - in head/contrib/serf: . auth X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 May 2014 04:52:34 -0000 Author: peter Date: Tue May 27 04:52:32 2014 New Revision: 266728 URL: http://svnweb.freebsd.org/changeset/base/266728 Log: Update serf 1.3.4 -> 1.3.5 Modified: head/contrib/serf/CHANGES head/contrib/serf/auth/auth.c head/contrib/serf/auth/auth_spnego.c head/contrib/serf/outgoing.c head/contrib/serf/serf.h head/contrib/serf/ssltunnel.c Directory Properties: head/contrib/serf/ (props changed) Modified: head/contrib/serf/CHANGES ============================================================================== --- head/contrib/serf/CHANGES Tue May 27 04:39:23 2014 (r266727) +++ head/contrib/serf/CHANGES Tue May 27 04:52:32 2014 (r266728) @@ -1,4 +1,11 @@ -Serf 1.3.4 [2014-02-08, from /tags/1.3.4, rxxxx] +Serf 1.3.5 [2014-04-27, from /tags/1.3.5, rxxxx] + Fix issue #125: no reverse lookup during Negotiate authentication for proxies. + Fix a crash caused by incorrect reuse of the ssltunnel CONNECT request (r2316) + Cancel request if response parsing failed + authn callback set (r2319) + Update the expired certificates in the test suite. + + +Serf 1.3.4 [2014-02-08, from /tags/1.3.4, r2310] Fix issue #119: Endless loop during ssl tunnel setup with Negotiate authn Fix issue #123: Can't setup ssl tunnel which sends Connection close header Fix a race condition when initializing OpenSSL from multiple threads (r2263) Modified: head/contrib/serf/auth/auth.c ============================================================================== --- head/contrib/serf/auth/auth.c Tue May 27 04:39:23 2014 (r266727) +++ head/contrib/serf/auth/auth.c Tue May 27 04:52:32 2014 (r266728) @@ -408,6 +408,7 @@ apr_status_t serf__handle_auth_response( consider the reponse body as invalid and discard it. */ status = discard_body(response); *consumed_response = 1; + if (!APR_STATUS_IS_EOF(status)) { return status; } Modified: head/contrib/serf/auth/auth_spnego.c ============================================================================== --- head/contrib/serf/auth/auth_spnego.c Tue May 27 04:39:23 2014 (r266727) +++ head/contrib/serf/auth/auth_spnego.c Tue May 27 04:52:32 2014 (r266728) @@ -335,8 +335,7 @@ do_auth(peer_t peer, &tmp, &tmp_len, gss_info); } else { - char *proxy_host; - apr_getnameinfo(&proxy_host, conn->ctx->proxy_address, 0); + char *proxy_host = conn->ctx->proxy_address->hostname; status = gss_api_get_credentials(conn, token, token_len, proxy_host, &tmp, &tmp_len, Modified: head/contrib/serf/outgoing.c ============================================================================== --- head/contrib/serf/outgoing.c Tue May 27 04:39:23 2014 (r266727) +++ head/contrib/serf/outgoing.c Tue May 27 04:52:32 2014 (r266728) @@ -916,21 +916,22 @@ static apr_status_t handle_response(serf * themselves by not registering credential callbacks. */ if (request->conn->ctx->cred_cb) { - status = serf__handle_auth_response(&consumed_response, - request, - request->resp_bkt, - request->handler_baton, - pool); - - /* If there was an error reading the response (maybe there wasn't - enough data available), don't bother passing the response to the - application. - - If the authentication was tried, but failed, pass the response - to the application, maybe it can do better. */ - if (status) { - return status; - } + status = serf__handle_auth_response(&consumed_response, + request, + request->resp_bkt, + request->handler_baton, + pool); + + if (SERF_BUCKET_READ_ERROR(status)) { + /* Report the request as 'died'/'cancelled' to the application */ + (void)(*request->handler)(request, + NULL, + request->handler_baton, + pool); + } + + if (status) + return status; } if (!consumed_response) { Modified: head/contrib/serf/serf.h ============================================================================== --- head/contrib/serf/serf.h Tue May 27 04:39:23 2014 (r266727) +++ head/contrib/serf/serf.h Tue May 27 04:52:32 2014 (r266728) @@ -1062,7 +1062,7 @@ void serf_debug__bucket_alloc_check( /* Version info */ #define SERF_MAJOR_VERSION 1 #define SERF_MINOR_VERSION 3 -#define SERF_PATCH_VERSION 4 +#define SERF_PATCH_VERSION 5 /* Version number string */ #define SERF_VERSION_STRING APR_STRINGIFY(SERF_MAJOR_VERSION) "." \ Modified: head/contrib/serf/ssltunnel.c ============================================================================== --- head/contrib/serf/ssltunnel.c Tue May 27 04:39:23 2014 (r266727) +++ head/contrib/serf/ssltunnel.c Tue May 27 04:52:32 2014 (r266728) @@ -70,12 +70,11 @@ static apr_status_t handle_response(serf req_ctx_t *ctx = handler_baton; serf_connection_t *conn = request->conn; - if (! response) { - serf_connection_request_create(conn, - setup_request, - ctx); + /* CONNECT request was cancelled. Assuming that this is during connection + reset, we can safely discard the request as a new one will be created + when setting up the next connection. */ + if (!response) return APR_SUCCESS; - } status = serf_bucket_response_status(response, &sl); if (SERF_BUCKET_READ_ERROR(status)) {