[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r33158 - in libmicrohttpd: . src/include src/microspdy
From: |
gnunet |
Subject: |
[GNUnet-SVN] r33158 - in libmicrohttpd: . src/include src/microspdy |
Date: |
Fri, 2 May 2014 20:43:17 +0200 |
Author: grothoff
Date: 2014-05-02 20:43:17 +0200 (Fri, 02 May 2014)
New Revision: 33158
Modified:
libmicrohttpd/ChangeLog
libmicrohttpd/configure.ac
libmicrohttpd/src/include/microhttpd.h
libmicrohttpd/src/microspdy/io_openssl.c
Log:
fix #3391
Modified: libmicrohttpd/ChangeLog
===================================================================
--- libmicrohttpd/ChangeLog 2014-05-02 18:37:35 UTC (rev 33157)
+++ libmicrohttpd/ChangeLog 2014-05-02 18:43:17 UTC (rev 33158)
@@ -3,6 +3,8 @@
Fix possible issue from combination of epoll and suspend/resume
logic if edge trigger event is lost; also simplify logic to
maintain simpler invariants on the epoll state. -CG
+ Use OpenSSL cipher list "HIGH" in libmicrospdy (#3391). -CG
+ Releasing 0.9.35. -CG
Thu Apr 10 09:39:38 CEST 2014
Removed unescaping for URI path (#3371) as '+' should not
Modified: libmicrohttpd/configure.ac
===================================================================
--- libmicrohttpd/configure.ac 2014-05-02 18:37:35 UTC (rev 33157)
+++ libmicrohttpd/configure.ac 2014-05-02 18:43:17 UTC (rev 33158)
@@ -22,15 +22,15 @@
#
AC_PREREQ([2.60])
LT_PREREQ([2.4.0])
-AC_INIT([libmicrohttpd],[0.9.34],address@hidden)
+AC_INIT([libmicrohttpd],[0.9.35],address@hidden)
AM_INIT_AUTOMAKE([silent-rules] [subdir-objects])
AC_CONFIG_HEADERS([MHD_config.h])
AC_CONFIG_MACRO_DIR([m4])
AH_TOP([#define _GNU_SOURCE 1])
-LIB_VERSION_CURRENT=33
+LIB_VERSION_CURRENT=34
LIB_VERSION_REVISION=0
-LIB_VERSION_AGE=23
+LIB_VERSION_AGE=24
AC_SUBST(LIB_VERSION_CURRENT)
AC_SUBST(LIB_VERSION_REVISION)
AC_SUBST(LIB_VERSION_AGE)
@@ -508,7 +508,7 @@
SAVE_LD_FLAGS="$LDFLAGS"
LDFLAGS="$LDFLAGS $OPENSSL_LDFLAGS"
LIBS="$OPENSSL_LIBS $LIBS"
- AC_CHECK_FUNC([SSL_CTX_set_next_protos_advertised_cb],
+ AC_CHECK_FUNC([SSL_CTX_set_next_protos_advertised_cb],
[
AC_CHECK_FUNC([SSL_library_init], [ have_openssl=yes ],[
have_openssl=no ])
],[ have_openssl=no ])
@@ -641,7 +641,7 @@
CPPFLAGS="-I$with_gnutls/include $CPPFLAGS"
AC_CHECK_FILE([$with_gnutls/include/gnutls/gnutls.h],
[AC_CHECK_HEADERS([gnutls/gnutls.h],
- [AC_CHECK_LIB([gnutls], [gnutls_priority_set],
+ [AC_CHECK_LIB([gnutls], [gnutls_priority_set],
[
GNUTLS_CPPFLAGS="-I$with_gnutls/include"
GNUTLS_LDFLAGS="-L$with_gnutls/lib"
Modified: libmicrohttpd/src/include/microhttpd.h
===================================================================
--- libmicrohttpd/src/include/microhttpd.h 2014-05-02 18:37:35 UTC (rev
33157)
+++ libmicrohttpd/src/include/microhttpd.h 2014-05-02 18:43:17 UTC (rev
33158)
@@ -130,7 +130,7 @@
* Current version of the library.
* 0x01093001 = 1.9.30-1.
*/
-#define MHD_VERSION 0x00093401
+#define MHD_VERSION 0x00093500
/**
* MHD-internal return code for "YES".
Modified: libmicrohttpd/src/microspdy/io_openssl.c
===================================================================
--- libmicrohttpd/src/microspdy/io_openssl.c 2014-05-02 18:37:35 UTC (rev
33157)
+++ libmicrohttpd/src/microspdy/io_openssl.c 2014-05-02 18:43:17 UTC (rev
33158)
@@ -45,7 +45,7 @@
(void)arg;
static unsigned char npn_spdy3[] = {0x06, // length of "spdy/3"
0x73,0x70,0x64,0x79,0x2f,0x33};// spdy/3
-
+
*out = npn_spdy3;
*outlen = 7; // total length of npn_spdy3
return SSL_TLSEXT_ERR_OK;
@@ -87,8 +87,8 @@
//set options for tls
//TODO DH is not enabled for easier debugging
//SSL_CTX_set_options(daemon->io_context, SSL_OP_SINGLE_DH_USE);
-
- //TODO here session tickets are disabled for easier debuging with
+
+ //TODO here session tickets are disabled for easier debuging with
//wireshark when using Chrome
// SSL_OP_NO_COMPRESSION disables TLS compression to avoid CRIME attack
options = SSL_OP_NO_TICKET;
@@ -112,14 +112,13 @@
return SPDY_NO;
}
SSL_CTX_set_next_protos_advertised_cb(daemon->io_context,
&spdyf_next_protos_advertised_cb, NULL);
- //TODO only RC4-SHA is used to make it easy to debug with wireshark
- if (1 != SSL_CTX_set_cipher_list(daemon->io_context, "RC4-SHA"))
+ if (1 != SSL_CTX_set_cipher_list(daemon->io_context, "HIGH"))
{
SPDYF_DEBUG("Couldn't set the desired cipher list");
SSL_CTX_free(daemon->io_context);
return SPDY_NO;
}
-
+
return SPDY_YES;
}
@@ -135,7 +134,7 @@
SPDYF_openssl_new_session(struct SPDY_Session *session)
{
int ret;
-
+
if(NULL == (session->io_context = SSL_new(session->daemon->io_context)))
{
SPDYF_DEBUG("Couldn't create ssl structure");
@@ -148,7 +147,7 @@
session->io_context = NULL;
return SPDY_NO;
}
-
+
//for non-blocking I/O SSL_accept may return -1
//and this function won't work
if(1 != (ret = SSL_accept(session->io_context)))
@@ -158,11 +157,11 @@
session->io_context = NULL;
return SPDY_NO;
}
- /* alternatively
+ /* alternatively
SSL_set_accept_state(session->io_context);
* may be called and then the negotiation will be done on reading
*/
-
+
return SPDY_YES;
}
@@ -176,7 +175,7 @@
//after that because the browsers don't seem to care much about
//"close notify"
SSL_shutdown(session->io_context);
-
+
SSL_free(session->io_context);
}
@@ -187,7 +186,7 @@
size_t size)
{
int ret;
- int n = SSL_read(session->io_context,
+ int n = SSL_read(session->io_context,
buffer,
size);
//if(n > 0) SPDYF_DEBUG("recvd: %i",n);
@@ -198,15 +197,15 @@
{
case SSL_ERROR_ZERO_RETURN:
return 0;
-
+
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
return SPDY_IO_ERROR_AGAIN;
-
+
case SSL_ERROR_SYSCALL:
if(EINTR == errno)
return SPDY_IO_ERROR_AGAIN;
-
+
default:
return SPDY_IO_ERROR_ERROR;
}
@@ -222,8 +221,8 @@
size_t size)
{
int ret;
-
- int n = SSL_write(session->io_context,
+
+ int n = SSL_write(session->io_context,
buffer,
size);
//if(n > 0) SPDYF_DEBUG("sent: %i",n);
@@ -234,20 +233,20 @@
{
case SSL_ERROR_ZERO_RETURN:
return 0;
-
+
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
return SPDY_IO_ERROR_AGAIN;
-
+
case SSL_ERROR_SYSCALL:
if(EINTR == errno)
return SPDY_IO_ERROR_AGAIN;
-
+
default:
return SPDY_IO_ERROR_ERROR;
}
}
-
+
return n;
}
@@ -267,7 +266,7 @@
SPDYF_openssl_before_write(struct SPDY_Session *session)
{
(void)session;
-
+
return SPDY_YES;
}
@@ -276,6 +275,6 @@
SPDYF_openssl_after_write(struct SPDY_Session *session, int was_written)
{
(void)session;
-
+
return was_written;
}
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r33158 - in libmicrohttpd: . src/include src/microspdy,
gnunet <=