Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package ulfius for openSUSE:Factory checked in at 2022-05-30 12:43:59 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/ulfius (Old) and /work/SRC/openSUSE:Factory/.ulfius.new.2254 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "ulfius" Mon May 30 12:43:59 2022 rev:27 rq:979720 version:2.7.10 Changes: -------- --- /work/SRC/openSUSE:Factory/ulfius/ulfius.changes 2022-04-20 16:57:27.794630514 +0200 +++ /work/SRC/openSUSE:Factory/.ulfius.new.2254/ulfius.changes 2022-05-30 12:44:53.952466296 +0200 @@ -1,0 +2,10 @@ +Sun May 29 13:27:11 UTC 2022 - Martin Hauke <[email protected]> + +- Update to version 2.7.10 + * Update `SameSite` cookie value, add `U_COOKIE_SAME_SITE_EMPTY` + and allow value None + * Fix pkg-config file with absolute path for + `CMAKE_INSTALL_{INCLUDE,LIB}DIR` + * Fix `CMAKE_MODULE_PATH` who was used as single value + +------------------------------------------------------------------- Old: ---- ulfius-2.7.9.tar.gz New: ---- ulfius-2.7.10.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ ulfius.spec ++++++ --- /var/tmp/diff_new_pack.QlZWuS/_old 2022-05-30 12:44:54.608467169 +0200 +++ /var/tmp/diff_new_pack.QlZWuS/_new 2022-05-30 12:44:54.612467175 +0200 @@ -20,7 +20,7 @@ %define _lto_cflags %{nil} %define sover 2_7 Name: ulfius -Version: 2.7.9 +Version: 2.7.10 Release: 0 Summary: Web Framework for REST Applications in C License: MIT ++++++ ulfius-2.7.9.tar.gz -> ulfius-2.7.10.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/.github/workflows/ccpp.yml new/ulfius-2.7.10/.github/workflows/ccpp.yml --- old/ulfius-2.7.9/.github/workflows/ccpp.yml 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/.github/workflows/ccpp.yml 2022-05-28 18:10:35.000000000 +0200 @@ -15,6 +15,23 @@ sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=0 - name: cppcheck run: cppcheck --force --enable=warning,missingInclude --error-exitcode=1 . + - name: dependencies + run: | + cd /opt + git clone https://github.com/babelouest/orcania.git + git clone https://github.com/babelouest/yder.git + mkdir build + cd build + + cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../orcania + make + sudo make install + rm -rf * + + cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../yder + make + sudo make install + rm -rf * - name: build run: | # prepare build folders diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/.github/workflows/codeql-analysis.yml new/ulfius-2.7.10/.github/workflows/codeql-analysis.yml --- old/ulfius-2.7.9/.github/workflows/codeql-analysis.yml 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/.github/workflows/codeql-analysis.yml 2022-05-28 18:10:35.000000000 +0200 @@ -28,28 +28,29 @@ if: ${{ github.event_name == 'pull_request' }} # Initializes the CodeQL tools for scanning. - - name: Initialize CodeQL - uses: github/codeql-action/init@v1 - # Override language selection by uncommenting this and choosing your languages - # with: - # languages: go, javascript, csharp, python, cpp, java - - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - # If this step fails, then you should remove it and run the build manually (see below) - # - name: Autobuild - # uses: github/codeql-action/autobuild@v1 - - # ?????? Command-line programs to run using the OS shell. - # ???? https://git.io/JvXDl - - # ?????? If the Autobuild fails above, remove it and uncomment the following three lines - # and modify them (or add more) to build your code if your project - # uses a compiled language - - - run: | + - name: dependencies + run: | sudo apt-get update sudo apt-get install -y cmake pkg-config libsystemd-dev libmicrohttpd-dev libgnutls28-dev libjansson-dev libcurl4-gnutls-dev zlib1g-dev gnutls-bin doxygen + cd /opt + git clone https://github.com/babelouest/orcania.git + git clone https://github.com/babelouest/yder.git + mkdir build + cd build + + cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../orcania + make + sudo make install + rm -rf * + + cmake -DCMAKE_INSTALL_PREFIX=/usr -DCMAKE_INSTALL_LIBDIR=lib ../yder + make + sudo make install + rm -rf * + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + - run: | # prepare build folders mkdir build mkdir example_programs/build diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/API.md new/ulfius-2.7.10/API.md --- old/ulfius-2.7.9/API.md 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/API.md 2022-05-28 18:10:35.000000000 +0200 @@ -534,7 +534,7 @@ int ulfius_start_framework_with_mhd_options(struct _u_instance * u_instance, unsigned int mhd_flags, struct MHD_OptionItem * options); ``` -In your program, where you want to start the web server, execute the function `ulfius_start_framework(struct _u_instance * u_instance)` for a non-secure http connection. Use the function `ulfius_start_secure_framework(struct _u_instance * u_instance, const char * key_pem, const char * cert_pem)` for a secure https connection, using a valid private key and a valid corresponding server certificate, see openssl documentation for certificate generation. Finally, use the function `int ulfius_start_secure_ca_trust_framework(struct _u_instance * u_instance, const char * key_pem, const char * cert_pem, const char * root_ca_pem)` to start a secure https connection and be able to authenticate clients with a certificate. +In your program, where you want to start the web server, execute the function `ulfius_start_framework(struct _u_instance * u_instance)` for a non-secure http connection. Use the function `ulfius_start_secure_framework(struct _u_instance * u_instance, const char * key_pem, const char * cert_pem)` for a secure https connection, using a valid private key and a valid corresponding server certificate, see GnuTLS documentation for certificate generation. Finally, use the function `int ulfius_start_secure_ca_trust_framework(struct _u_instance * u_instance, const char * key_pem, const char * cert_pem, const char * root_ca_pem)` to start a secure https connection and be able to authenticate clients with a certificate. Those function accept the previously declared `instance` as first parameter. You can reuse the same callback function as much as you want for different endpoints. On success, these functions returns `U_OK`, otherwise an error code. Note: for security concerns, after running `ulfius_start_secure_framework` or `ulfius_start_secure_ca_trust_framework`, you can free the parameters `key_pem`, `cert_pem` and `root_ca_pem` if you want to. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/CHANGELOG.md new/ulfius-2.7.10/CHANGELOG.md --- old/ulfius-2.7.9/CHANGELOG.md 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/CHANGELOG.md 2022-05-28 18:10:35.000000000 +0200 @@ -1,5 +1,11 @@ # Ulfius Changelog +## 2.7.10 + +- Update `SameSite` cookie value, add `U_COOKIE_SAME_SITE_EMPTY` and allow value None +- Fix pkg-config file with absolute path for `CMAKE_INSTALL_{INCLUDE,LIB}DIR` +- Fix `CMAKE_MODULE_PATH` who was used as single value + ## 2.7.9 - Fix multipart/form-data for large values, thanks itzoke! (#222, #223) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/CMakeLists.txt new/ulfius-2.7.10/CMakeLists.txt --- old/ulfius-2.7.9/CMakeLists.txt 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/CMakeLists.txt 2022-05-28 18:10:35.000000000 +0200 @@ -30,7 +30,7 @@ set(PROJECT_BUGREPORT_PATH "https://github.com/babelouest/ulfius/issues";) set(LIBRARY_VERSION_MAJOR "2") set(LIBRARY_VERSION_MINOR "7") -set(LIBRARY_VERSION_PATCH "9") +set(LIBRARY_VERSION_PATCH "10") set(PROJECT_VERSION "${LIBRARY_VERSION_MAJOR}.${LIBRARY_VERSION_MINOR}.${LIBRARY_VERSION_PATCH}") set(PROJECT_VERSION_MAJOR ${LIBRARY_VERSION_MAJOR}) @@ -56,13 +56,14 @@ set(LIBRARY_VERSION "${LIBRARY_VERSION_MAJOR}.${LIBRARY_VERSION_MINOR}.${LIBRARY_VERSION_PATCH}") set(LIBRARY_SOVERSION "${LIBRARY_VERSION_MAJOR}.${LIBRARY_VERSION_MINOR}") -set(ORCANIA_VERSION_REQUIRED "2.2.2") -set(YDER_VERSION_REQUIRED "1.4.15") +set(ORCANIA_VERSION_REQUIRED "2.3.0") +set(YDER_VERSION_REQUIRED "1.4.16") set(JANSSON_VERSION_REQUIRED "2.1") # cmake modules -set(CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake-modules) +set(U_CMAKE_MODULE_PATH ${CMAKE_CURRENT_SOURCE_DIR}/cmake-modules) +list(APPEND CMAKE_MODULE_PATH "${U_CMAKE_MODULE_PATH}") include(GNUInstallDirs) include(CheckSymbolExists) @@ -391,7 +392,7 @@ endif () configure_file( - "${CMAKE_MODULE_PATH}/CTestCustom.cmake.in" + "${U_CMAKE_MODULE_PATH}/CTestCustom.cmake.in" "${CMAKE_CURRENT_BINARY_DIR}/CTestCustom.cmake" @ONLY) @@ -410,6 +411,18 @@ option(INSTALL_HEADER "Install the header files" ON) # Install ulfius.h or not +if(IS_ABSOLUTE "${CMAKE_INSTALL_INCLUDEDIR}") + set(PKGCONFIG_TARGET_INCLUDES "${CMAKE_INSTALL_INCLUDEDIR}") +else() + set(PKGCONFIG_TARGET_INCLUDES "\${prefix}/${CMAKE_INSTALL_INCLUDEDIR}") +endif() + +if(IS_ABSOLUTE "${CMAKE_INSTALL_LIBDIR}") + set(PKGCONFIG_TARGET_LIBDIR "${CMAKE_INSTALL_LIBDIR}") +else() + set(PKGCONFIG_TARGET_LIBDIR "\${prefix}/${CMAKE_INSTALL_LIBDIR}") +endif() + configure_file(libulfius.pc.in libulfius.pc @ONLY) install(FILES ${CMAKE_CURRENT_BINARY_DIR}/libulfius.pc @@ -449,7 +462,7 @@ if (NOT TARGET uninstall) configure_file( - "${CMAKE_MODULE_PATH}/CMakeUninstall.cmake.in" + "${U_CMAKE_MODULE_PATH}/CMakeUninstall.cmake.in" "${CMAKE_CURRENT_BINARY_DIR}/cmake_uninstall.cmake" IMMEDIATE @ONLY) add_custom_target(uninstall diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.c new/ulfius-2.7.10/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.c --- old/ulfius-2.7.9/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.c 2022-05-28 18:10:35.000000000 +0200 @@ -4,7 +4,7 @@ * * Copyright 2020-2022 Nicolas Mora <[email protected]> * - * Version 20220318 + * Version 20220429 * * The MIT License (MIT) * @@ -89,6 +89,8 @@ */ #include <pthread.h> #include <zlib.h> +#include <limits.h> +#include <stdlib.h> #include <string.h> #include <ulfius.h> @@ -158,7 +160,7 @@ static int callback_static_file_uncompressed (const struct _u_request * request, struct _u_response * response, void * user_data) { size_t length; FILE * f; - char * file_requested, * file_path, * url_dup_save; + char * file_requested, * file_path, * url_dup_save, * real_path = NULL; const char * content_type; int ret = U_CALLBACK_CONTINUE; @@ -185,23 +187,32 @@ } file_path = msprintf("%s/%s", ((struct _u_compressed_inmemory_website_config *)user_data)->files_path, file_requested); + real_path = realpath(file_path, NULL); + if (0 == o_strncmp(((struct _u_compressed_inmemory_website_config *)user_data)->files_path, real_path, o_strlen(((struct _u_compressed_inmemory_website_config *)user_data)->files_path))) { + f = fopen (file_path, "rb"); + if (f) { + fseek (f, 0, SEEK_END); + length = ftell (f); + fseek (f, 0, SEEK_SET); + + content_type = u_map_get_case(&((struct _u_compressed_inmemory_website_config *)user_data)->mime_types, get_filename_ext(file_requested)); + if (content_type == NULL) { + content_type = u_map_get(&((struct _u_compressed_inmemory_website_config *)user_data)->mime_types, "*"); + y_log_message(Y_LOG_LEVEL_WARNING, "Static File Server - Unknown mime type for extension %s", get_filename_ext(file_requested)); + } + u_map_put(response->map_header, "Content-Type", content_type); + u_map_copy_into(response->map_header, &((struct _u_compressed_inmemory_website_config *)user_data)->map_header); - f = fopen (file_path, "rb"); - if (f) { - fseek (f, 0, SEEK_END); - length = ftell (f); - fseek (f, 0, SEEK_SET); - - content_type = u_map_get_case(&((struct _u_compressed_inmemory_website_config *)user_data)->mime_types, get_filename_ext(file_requested)); - if (content_type == NULL) { - content_type = u_map_get(&((struct _u_compressed_inmemory_website_config *)user_data)->mime_types, "*"); - y_log_message(Y_LOG_LEVEL_WARNING, "Static File Server - Unknown mime type for extension %s", get_filename_ext(file_requested)); - } - u_map_put(response->map_header, "Content-Type", content_type); - u_map_copy_into(response->map_header, &((struct _u_compressed_inmemory_website_config *)user_data)->map_header); - - if (ulfius_set_stream_response(response, 200, callback_static_file_uncompressed_stream, callback_static_file_uncompressed_stream_free, length, CHUNK, f) != U_OK) { - y_log_message(Y_LOG_LEVEL_ERROR, "Static File Server - Error ulfius_set_stream_response"); + if (ulfius_set_stream_response(response, 200, callback_static_file_uncompressed_stream, callback_static_file_uncompressed_stream_free, length, CHUNK, f) != U_OK) { + y_log_message(Y_LOG_LEVEL_ERROR, "Static File Server - Error ulfius_set_stream_response"); + } + } else { + if (((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404 == NULL) { + ret = U_CALLBACK_IGNORE; + } else { + ulfius_add_header_to_response(response, "Location", ((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404); + response->status = 302; + } } } else { if (((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404 == NULL) { @@ -211,8 +222,10 @@ response->status = 302; } } - o_free(file_path); o_free(url_dup_save); + o_free(file_path); + free(real_path); // realpath uses malloc + } else { y_log_message(Y_LOG_LEVEL_ERROR, "Static File Server - Error, user_data is NULL or inconsistent"); ret = U_CALLBACK_ERROR; @@ -290,7 +303,7 @@ unsigned char * file_content, * file_content_orig = NULL; size_t length, read_length, offset, data_zip_len = 0; FILE * f; - char * file_requested, * file_path, * url_dup_save, * data_zip = NULL; + char * file_requested, * file_path, * url_dup_save, * data_zip = NULL, * real_path = NULL; const char * content_type; /* @@ -302,9 +315,6 @@ file_requested = o_strdup(request->http_url); url_dup_save = file_requested; - while (file_requested[0] == '/') { - file_requested++; - } file_requested += o_strlen((config->url_prefix)); while (file_requested[0] == '/') { file_requested++; @@ -331,12 +341,11 @@ compress_mode = U_COMPRESS_DEFL; } - if (compress_mode != U_COMPRESS_NONE) { if (compress_mode == U_COMPRESS_GZIP && config->allow_cache_compressed && u_map_has_key(&config->gzip_files, file_requested)) { ulfius_set_binary_body_response(response, 200, u_map_get(&config->gzip_files, file_requested), u_map_get_length(&config->gzip_files, file_requested)); u_map_put(response->map_header, U_CONTENT_HEADER, U_ACCEPT_GZIP); - + content_type = u_map_get_case(&config->mime_types, get_filename_ext(file_requested)); if (content_type == NULL) { content_type = u_map_get(&config->mime_types, "*"); @@ -346,7 +355,7 @@ } else if (compress_mode == U_COMPRESS_DEFL && config->allow_cache_compressed && u_map_has_key(&config->deflate_files, file_requested)) { ulfius_set_binary_body_response(response, 200, u_map_get(&config->deflate_files, file_requested), u_map_get_length(&config->deflate_files, file_requested)); u_map_put(response->map_header, U_CONTENT_HEADER, U_ACCEPT_DEFLATE); - + content_type = u_map_get_case(&config->mime_types, get_filename_ext(file_requested)); if (content_type == NULL) { content_type = u_map_get(&config->mime_types, "*"); @@ -355,118 +364,134 @@ u_map_copy_into(response->map_header, &config->map_header); } else { file_path = msprintf("%s/%s", ((struct _u_compressed_inmemory_website_config *)user_data)->files_path, file_requested); - - if (!pthread_mutex_lock(&config->lock)) { - f = fopen (file_path, "rb"); - if (f) { - content_type = u_map_get_case(&config->mime_types, get_filename_ext(file_requested)); - if (content_type == NULL) { - content_type = u_map_get(&config->mime_types, "*"); - y_log_message(Y_LOG_LEVEL_WARNING, "Static File Server - Unknown mime type for extension %s", get_filename_ext(file_requested)); - } - if (!string_array_has_value((const char **)config->mime_types_compressed, content_type)) { - compress_mode = U_COMPRESS_NONE; - } - - u_map_put(response->map_header, "Content-Type", content_type); - u_map_copy_into(response->map_header, &config->map_header); - - fseek (f, 0, SEEK_END); - offset = length = ftell (f); - fseek (f, 0, SEEK_SET); - - if ((file_content_orig = file_content = o_malloc(length)) != NULL && (data_zip = o_malloc((2*length)+20)) != NULL) { - defstream.zalloc = u_zalloc; - defstream.zfree = u_zfree; - defstream.opaque = Z_NULL; - defstream.avail_in = (uInt)length; - defstream.next_in = (Bytef *)file_content; - while ((read_length = fread(file_content, sizeof(char), offset, f))) { - file_content += read_length; - offset -= read_length; + real_path = realpath(file_path, NULL); + if (0 == o_strncmp(((struct _u_compressed_inmemory_website_config *)user_data)->files_path, real_path, o_strlen(((struct _u_compressed_inmemory_website_config *)user_data)->files_path))) { + if (!pthread_mutex_lock(&config->lock)) { + f = fopen (file_path, "rb"); + if (f) { + content_type = u_map_get_case(&config->mime_types, get_filename_ext(file_requested)); + if (content_type == NULL) { + content_type = u_map_get(&config->mime_types, "*"); + y_log_message(Y_LOG_LEVEL_WARNING, "Static File Server - Unknown mime type for extension %s", get_filename_ext(file_requested)); } - - if (compress_mode == U_COMPRESS_GZIP) { - if (deflateInit2(&defstream, - Z_DEFAULT_COMPRESSION, - Z_DEFLATED, - U_GZIP_WINDOW_BITS | U_GZIP_ENCODING, - 8, - Z_DEFAULT_STRATEGY) != Z_OK) { - y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error deflateInit (gzip)"); - ret = U_CALLBACK_ERROR; - } - } else { - if (deflateInit(&defstream, Z_BEST_COMPRESSION) != Z_OK) { - y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error deflateInit (deflate)"); - ret = U_CALLBACK_ERROR; - } + if (!string_array_has_value((const char **)config->mime_types_compressed, content_type)) { + compress_mode = U_COMPRESS_NONE; } - if (ret == U_CALLBACK_CONTINUE) { - do { - if ((data_zip = o_realloc(data_zip, data_zip_len+_U_W_BLOCK_SIZE)) != NULL) { - defstream.avail_out = _U_W_BLOCK_SIZE; - defstream.next_out = ((Bytef *)data_zip)+data_zip_len; - switch ((res = deflate(&defstream, Z_FINISH))) { - case Z_OK: - case Z_STREAM_END: - case Z_BUF_ERROR: - break; - default: - y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error deflate %d", res); - ret = U_CALLBACK_ERROR; - break; - } - data_zip_len += _U_W_BLOCK_SIZE - defstream.avail_out; - } else { - y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error allocating resources for data_zip"); - ret = U_CALLBACK_ERROR; + + u_map_put(response->map_header, "Content-Type", content_type); + u_map_copy_into(response->map_header, &config->map_header); + + fseek (f, 0, SEEK_END); + offset = length = ftell (f); + fseek (f, 0, SEEK_SET); + + if (length) { + if ((file_content_orig = file_content = o_malloc(length)) != NULL && (data_zip = o_malloc((2*length)+20)) != NULL) { + defstream.zalloc = u_zalloc; + defstream.zfree = u_zfree; + defstream.opaque = Z_NULL; + defstream.avail_in = (uInt)length; + defstream.next_in = (Bytef *)file_content; + while ((read_length = fread(file_content, sizeof(char), offset, f))) { + file_content += read_length; + offset -= read_length; } - } while (U_CALLBACK_CONTINUE == ret && defstream.avail_out == 0); - if (ret == U_CALLBACK_CONTINUE) { if (compress_mode == U_COMPRESS_GZIP) { - if (config->allow_cache_compressed) { - u_map_put_binary(&config->gzip_files, file_requested, data_zip, 0, defstream.total_out); + if (deflateInit2(&defstream, + Z_DEFAULT_COMPRESSION, + Z_DEFLATED, + U_GZIP_WINDOW_BITS | U_GZIP_ENCODING, + 8, + Z_DEFAULT_STRATEGY) != Z_OK) { + y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error deflateInit (gzip)"); + ret = U_CALLBACK_ERROR; } - ulfius_set_binary_body_response(response, 200, u_map_get(&config->gzip_files, file_requested), u_map_get_length(&config->gzip_files, file_requested)); } else { - if (config->allow_cache_compressed) { - u_map_put_binary(&config->deflate_files, file_requested, data_zip, 0, defstream.total_out); + if (deflateInit(&defstream, Z_BEST_COMPRESSION) != Z_OK) { + y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error deflateInit (deflate)"); + ret = U_CALLBACK_ERROR; + } + } + if (ret == U_CALLBACK_CONTINUE) { + do { + if ((data_zip = o_realloc(data_zip, data_zip_len+_U_W_BLOCK_SIZE)) != NULL) { + defstream.avail_out = _U_W_BLOCK_SIZE; + defstream.next_out = ((Bytef *)data_zip)+data_zip_len; + switch ((res = deflate(&defstream, Z_FINISH))) { + case Z_OK: + case Z_STREAM_END: + case Z_BUF_ERROR: + break; + default: + y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error deflate %d", res); + ret = U_CALLBACK_ERROR; + break; + } + data_zip_len += _U_W_BLOCK_SIZE - defstream.avail_out; + } else { + y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error allocating resources for data_zip"); + ret = U_CALLBACK_ERROR; + } + } while (U_CALLBACK_CONTINUE == ret && defstream.avail_out == 0); + + if (ret == U_CALLBACK_CONTINUE) { + if (compress_mode == U_COMPRESS_GZIP) { + if (config->allow_cache_compressed) { + u_map_put_binary(&config->gzip_files, file_requested, data_zip, 0, defstream.total_out); + } + ulfius_set_binary_body_response(response, 200, u_map_get(&config->gzip_files, file_requested), u_map_get_length(&config->gzip_files, file_requested)); + } else { + if (config->allow_cache_compressed) { + u_map_put_binary(&config->deflate_files, file_requested, data_zip, 0, defstream.total_out); + } + ulfius_set_binary_body_response(response, 200, u_map_get(&config->deflate_files, file_requested), u_map_get_length(&config->deflate_files, file_requested)); + } + u_map_put(response->map_header, U_CONTENT_HEADER, compress_mode==U_COMPRESS_GZIP?U_ACCEPT_GZIP:U_ACCEPT_DEFLATE); } - ulfius_set_binary_body_response(response, 200, u_map_get(&config->deflate_files, file_requested), u_map_get_length(&config->deflate_files, file_requested)); } - u_map_put(response->map_header, U_CONTENT_HEADER, compress_mode==U_COMPRESS_GZIP?U_ACCEPT_GZIP:U_ACCEPT_DEFLATE); + deflateEnd(&defstream); + o_free(data_zip); + } else { + y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error allocating resource for file_content or data_zip"); + ret = U_CALLBACK_ERROR; } + o_free(file_content_orig); } - deflateEnd(&defstream); - o_free(data_zip); + fclose(f); } else { - y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error allocating resource for file_content or data_zip"); - ret = U_CALLBACK_ERROR; + if (((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404 == NULL) { + ret = U_CALLBACK_IGNORE; + } else { + ulfius_add_header_to_response(response, "Location", ((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404); + response->status = 302; + } } - o_free(file_content_orig); - fclose(f); + pthread_mutex_unlock(&config->lock); } else { - if (((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404 == NULL) { - ret = U_CALLBACK_IGNORE; - } else { - ulfius_add_header_to_response(response, "Location", ((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404); - response->status = 302; - } + y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error pthread_lock_mutex"); + ret = U_CALLBACK_ERROR; } - pthread_mutex_unlock(&config->lock); } else { - y_log_message(Y_LOG_LEVEL_ERROR, "callback_static_compressed_inmemory_website - Error pthread_lock_mutex"); - ret = U_CALLBACK_ERROR; + if (((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404 == NULL) { + ret = U_CALLBACK_IGNORE; + } else { + ulfius_add_header_to_response(response, "Location", ((struct _u_compressed_inmemory_website_config *)user_data)->redirect_on_404); + response->status = 302; + } } o_free(file_path); + free(real_path); // realpath uses malloc } } else { ret = callback_static_file_uncompressed(request, response, user_data); } free_string_array(accept_list); + } else { + ret = callback_static_file_uncompressed(request, response, user_data); } + } else { + ret = callback_static_file_uncompressed(request, response, user_data); } o_free(url_dup_save); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.h new/ulfius-2.7.10/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.h --- old/ulfius-2.7.9/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.h 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/example_callbacks/static_compressed_inmemory_website/static_compressed_inmemory_website_callback.h 2022-05-28 18:10:35.000000000 +0200 @@ -4,7 +4,7 @@ * * Copyright 2020-2022 Nicolas Mora <[email protected]> * - * Version 20220318 + * Version 20220429 * * The MIT License (MIT) * diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/include/ulfius.h new/ulfius-2.7.10/include/ulfius.h --- old/ulfius-2.7.9/include/ulfius.h 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/include/ulfius.h 2022-05-28 18:10:35.000000000 +0200 @@ -122,9 +122,10 @@ #define U_CALLBACK_UNAUTHORIZED 3 ///< Request is unauthorized, exit callback list and return status 401 #define U_CALLBACK_ERROR 4 ///< Error during request process, exit callback list and return status 500 -#define U_COOKIE_SAME_SITE_NONE 0 ///< Set same_site cookie property to 0 +#define U_COOKIE_SAME_SITE_EMPTY 0 ///< Set same_site cookie property not set #define U_COOKIE_SAME_SITE_STRICT 1 ///< Set same_site cookie property to strict #define U_COOKIE_SAME_SITE_LAX 2 ///< Set same_site cookie property to lax +#define U_COOKIE_SAME_SITE_NONE 3 ///< Set same_site cookie property to none #define U_USE_IPV4 0x0001 ///< Use instance in IPV4 mode only #define U_USE_IPV6 0x0010 ///< Use instance in IPV6 mode only @@ -931,7 +932,7 @@ * @param response the response to be updated * @param status the http status code to set to the response * @param stream_callback a pointer to a function that will handle the response stream - * @param stream_callback_free a pointer to a function that will free its allocated resoures during stream_callback + * @param stream_callback_free a pointer to a function that will free its allocated resources during stream_callback * @param stream_size size of the streamed data (U_STREAM_SIZE_UNKNOWN if unknown) * @param stream_block_size preferred size of each stream chunk, may be overwritten by the system if necessary * @param stream_user_data a user-defined pointer that will be available in stream_callback and stream_callback_free diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/libulfius.pc.in new/ulfius-2.7.10/libulfius.pc.in --- old/ulfius-2.7.9/libulfius.pc.in 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/libulfius.pc.in 2022-05-28 18:10:35.000000000 +0200 @@ -1,7 +1,7 @@ prefix=@CMAKE_INSTALL_PREFIX@ exec_prefix=@CMAKE_INSTALL_PREFIX@ -libdir=${exec_prefix}/@CMAKE_INSTALL_LIBDIR@ -includedir=${prefix}/@CMAKE_INSTALL_INCLUDEDIR@ +libdir=@PKGCONFIG_TARGET_LIBDIR@ +includedir=@PKGCONFIG_TARGET_INCLUDES@ Name: @PROJECT_NAME@ Description: @PROJECT_DESCRIPTION@ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/Makefile new/ulfius-2.7.10/src/Makefile --- old/ulfius-2.7.9/src/Makefile 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/Makefile 2022-05-28 18:10:35.000000000 +0200 @@ -43,7 +43,7 @@ OUTPUT=libulfius.so VERSION_MAJOR=2 VERSION_MINOR=7 -VERSION_PATCH=9 +VERSION_PATCH=10 ifndef JANSSONFLAG DISABLE_JANSSON=0 @@ -166,8 +166,8 @@ @cp $(PKGCONFIG_TEMPLATE) $(PKGCONFIG_FILE) @echo Pkgconfig file $(PKGCONFIG_FILE) generated @sed -i -e 's#@CMAKE_INSTALL_PREFIX@#$(DESTDIR)#g' $(PKGCONFIG_FILE) - @sed -i -e 's/@CMAKE_INSTALL_LIBDIR@/lib/g' $(PKGCONFIG_FILE) - @sed -i -e 's/@CMAKE_INSTALL_INCLUDEDIR@/include/g' $(PKGCONFIG_FILE) + @sed -i -e 's#@PKGCONFIG_TARGET_LIBDIR@#$${prefix}/lib#g' $(PKGCONFIG_FILE) + @sed -i -e 's#@PKGCONFIG_TARGET_INCLUDES@#$${prefix}/include#g' $(PKGCONFIG_FILE) @sed -i -e 's/@PROJECT_NAME@/$(PROJECT_NAME)/g' $(PKGCONFIG_FILE) @sed -i -e 's/@PROJECT_DESCRIPTION@/$(PROJECT_DESCRIPTION)/g' $(PKGCONFIG_FILE) @sed -i -e 's|@PROJECT_BUGREPORT_PATH@|$(PROJECT_BUGREPORT_PATH)|g' $(PKGCONFIG_FILE) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/u_map.c new/ulfius-2.7.10/src/u_map.c --- old/ulfius-2.7.9/src/u_map.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/u_map.c 2022-05-28 18:10:35.000000000 +0200 @@ -181,7 +181,7 @@ return U_ERROR_MEMORY; } if (value != NULL) { - dup_value = o_malloc((offset + length + 1)*sizeof(char)); + dup_value = o_malloc((offset + length + 1)); if (dup_value == NULL) { y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error allocating memory for dup_value"); o_free(dup_key); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/u_request.c new/ulfius-2.7.10/src/u_request.c --- old/ulfius-2.7.9/src/u_request.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/u_request.c 2022-05-28 18:10:35.000000000 +0200 @@ -760,7 +760,7 @@ * return U_OK on success */ int ulfius_set_binary_body_request(struct _u_request * request, const char * binary_body, const size_t length) { - if (request != NULL && binary_body != NULL && length > 0) { + if (request != NULL && binary_body != NULL && length) { // Free all the bodies available o_free(request->binary_body); request->binary_body = NULL; @@ -826,11 +826,12 @@ } char * ulfius_export_request_http(const struct _u_request * request) { - char * out = NULL, * host, * key_esc = NULL, * value_esc = NULL, * body = NULL, fp = '?', np = '&', * url = NULL, * auth_basic, * auth_basic_b64 = NULL; + char * out = NULL, * host, * key_esc = NULL, * value_esc = NULL, * body = NULL, fp = '?', np = '&', * url = NULL, * auth_basic; const char * value = NULL, ** keys = NULL; struct yuarel y_url; int has_params = 0, i; - size_t auth_basic_b64_len = 0, len = 0; + struct _o_datum dat = {0, NULL}; + size_t len = 0; if (request != NULL && request->http_url != NULL) { if (!yuarel_parse(&y_url, request->http_url)) { @@ -926,20 +927,11 @@ } if (!u_map_has_key_case(request->map_header, "Authorization") && request->auth_basic_user != NULL && request->auth_basic_password != NULL) { auth_basic = msprintf("%s:%s", request->auth_basic_user, request->auth_basic_password); - if (o_base64_encode((const unsigned char *)auth_basic, o_strlen(auth_basic), NULL, &auth_basic_b64_len)) { - if ((auth_basic_b64 = o_malloc(auth_basic_b64_len+4)) != NULL) { - if (o_base64_encode((const unsigned char *)auth_basic, o_strlen(auth_basic), (unsigned char *)auth_basic_b64, &auth_basic_b64_len)) { - auth_basic_b64[auth_basic_b64_len] = '\0'; - out = mstrcatf(out, "Authorization: Basic %s\r\n", auth_basic_b64); - } else { - y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error o_base64_encode (2)"); - } - o_free(auth_basic_b64); - } else { - y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error o_malloc"); - } + if (o_base64_encode_alloc((const unsigned char *)auth_basic, o_strlen(auth_basic), &dat)) { + out = mstrcatf(out, "Authorization: Basic %.*s\r\n", (int)dat.size, dat.data); + o_free(dat.data); } else { - y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error o_base64_encode (1)"); + y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error o_base64_encode_alloc"); } o_free(auth_basic); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/u_response.c new/ulfius-2.7.10/src/u_response.c --- old/ulfius-2.7.9/src/u_response.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/u_response.c 2022-05-28 18:10:35.000000000 +0200 @@ -28,7 +28,7 @@ static char * ulfius_generate_cookie_header(const struct _u_cookie * cookie) { char * attr_expires = NULL, * attr_max_age = NULL, * attr_domain = NULL, * attr_path = NULL; - char * attr_secure = NULL, * attr_http_only = NULL, * cookie_header_value = NULL, * same_site = NULL; + char * attr_secure = NULL, * attr_http_only = NULL, * cookie_header_value = NULL, same_site[64] = {0}; if (cookie != NULL) { if (cookie->expires != NULL) { @@ -117,11 +117,11 @@ } if (cookie->same_site == U_COOKIE_SAME_SITE_STRICT) { - same_site = o_strdup("; SameSite=Strict"); + o_strcpy(same_site, "; SameSite=Strict"); } else if (cookie->same_site == U_COOKIE_SAME_SITE_LAX) { - same_site = o_strdup("; SameSite=Lax"); - } else { - same_site = o_strdup(""); + o_strcpy(same_site, "; SameSite=Lax"); + } else if (cookie->same_site == U_COOKIE_SAME_SITE_NONE) { + o_strcpy(same_site, "; SameSite=None"); } if (attr_expires == NULL || attr_max_age == NULL || attr_domain == NULL || attr_path == NULL || attr_secure == NULL || attr_http_only == NULL) { @@ -138,14 +138,12 @@ o_free(attr_path); o_free(attr_secure); o_free(attr_http_only); - o_free(same_site); attr_expires = NULL; attr_max_age = NULL; attr_domain = NULL; attr_path = NULL; attr_secure = NULL; attr_http_only = NULL; - same_site = NULL; return cookie_header_value; } else { return NULL; @@ -198,13 +196,13 @@ int ulfius_add_cookie_to_response(struct _u_response * response, const char * key, const char * value, const char * expires, const unsigned int max_age, const char * domain, const char * path, const int secure, const int http_only) { - return ulfius_add_same_site_cookie_to_response(response, key, value, expires, max_age, domain, path, secure, http_only, U_COOKIE_SAME_SITE_NONE); + return ulfius_add_same_site_cookie_to_response(response, key, value, expires, max_age, domain, path, secure, http_only, U_COOKIE_SAME_SITE_EMPTY); } int ulfius_add_same_site_cookie_to_response(struct _u_response * response, const char * key, const char * value, const char * expires, const unsigned int max_age, const char * domain, const char * path, const int secure, const int http_only, const int same_site) { unsigned int i; - if (response != NULL && key != NULL && (same_site == U_COOKIE_SAME_SITE_NONE || same_site == U_COOKIE_SAME_SITE_STRICT || same_site == U_COOKIE_SAME_SITE_LAX)) { + if (response != NULL && key != NULL && (same_site == U_COOKIE_SAME_SITE_EMPTY || same_site == U_COOKIE_SAME_SITE_NONE || same_site == U_COOKIE_SAME_SITE_STRICT || same_site == U_COOKIE_SAME_SITE_LAX)) { // Look for cookies with the same key for (i=0; i<response->nb_cookies; i++) { if (0 == o_strcmp(response->map_cookie[i].key, key)) { @@ -445,7 +443,7 @@ dest->map_cookie = NULL; } - if (source->binary_body != NULL && source->binary_body_length > 0) { + if (source->binary_body != NULL && source->binary_body_length) { dest->binary_body = o_malloc(source->binary_body_length); if (dest->binary_body == NULL) { y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error allocating memory for dest->binary_body"); @@ -525,7 +523,7 @@ } int ulfius_set_binary_body_response(struct _u_response * response, const unsigned int status, const char * binary_body, const size_t length) { - if (response != NULL && binary_body != NULL && length > 0) { + if (response != NULL && binary_body != NULL && length) { // Free all the bodies available o_free(response->binary_body); response->binary_body = NULL; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/u_send_request.c new/ulfius-2.7.10/src/u_send_request.c --- old/ulfius-2.7.9/src/u_send_request.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/u_send_request.c 2022-05-28 18:10:35.000000000 +0200 @@ -167,7 +167,7 @@ res = ulfius_send_http_streaming_request(request, response, ulfius_write_body, (void *)&body_data); if (res == U_OK && response != NULL) { - if (body_data.data != NULL && body_data.size > 0) { + if (body_data.data != NULL && body_data.size) { response->binary_body = o_malloc(body_data.size); if (response->binary_body == NULL) { y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error allocating memory for response->binary_body"); @@ -887,6 +887,7 @@ ret = U_ERROR_LIBCURL; } } else { + y_log_message(Y_LOG_LEVEL_DEBUG, "Ulfius - invalid required smtp parameters"); ret = U_ERROR_PARAMS; } return ret; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/u_websocket.c new/ulfius-2.7.10/src/u_websocket.c --- old/ulfius-2.7.9/src/u_websocket.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/u_websocket.c 2022-05-28 18:10:35.000000000 +0200 @@ -285,7 +285,7 @@ new_message = o_malloc(sizeof(struct _websocket_message)); if (new_message != NULL) { if (data_len) { - new_message->data = o_malloc(data_len*sizeof(char)); + new_message->data = o_malloc(data_len); } else { new_message->data = NULL; } @@ -579,7 +579,7 @@ if ((len = pointer_list_size(websocket->websocket_manager->websocket_extension_list))) { data_in = NULL; - if (!message->data_len || (message->data_len && (data_in = o_malloc(message->data_len*sizeof(char))) != NULL)) { + if (!message->data_len || (message->data_len && (data_in = o_malloc(message->data_len)) != NULL)) { if (message->data_len) { memcpy(data_in, message->data, message->data_len); } @@ -605,7 +605,7 @@ data_in = NULL; data_in_len = 0; if (data_out_len) { - if ((data_in = o_malloc(data_out_len*sizeof(char))) != NULL) { + if ((data_in = o_malloc(data_out_len)) != NULL) { memcpy(data_in, data_out, data_out_len); data_in_len = data_out_len; } else { @@ -934,13 +934,17 @@ if (!websocket_response_http || !(websocket_response & check_websocket) || response->status != 101) { if (u_map_has_key(response->map_header, "Content-Length")) { response->binary_body_length = strtol(u_map_get(response->map_header, "Content-Length"), NULL, 10); - response->binary_body = o_malloc(response->binary_body_length); - if (response->binary_body != NULL) { - if (read_data_from_socket(websocket->websocket_manager, response->binary_body, response->binary_body_length) != (ssize_t)response->binary_body_length) { - y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error read_data_from_socket for response->binary_body"); + if (response->binary_body) { + response->binary_body = o_malloc(response->binary_body_length); + if (response->binary_body != NULL) { + if (read_data_from_socket(websocket->websocket_manager, response->binary_body, response->binary_body_length) != (ssize_t)response->binary_body_length) { + y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error read_data_from_socket for response->binary_body"); + } + } else { + y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error allocating resources for response->binary_body"); } } else { - y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error allocating resources for response->binary_body"); + y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error invalid response->binary_body_length"); } } close(websocket->websocket_manager->tcp_sock); @@ -1227,6 +1231,7 @@ if (key_data.data != NULL && out_digest != NULL && (res = gnutls_fingerprint(GNUTLS_DIG_SHA1, &key_data, encoded_key, &encoded_key_size)) == GNUTLS_E_SUCCESS) { if (o_base64_encode(encoded_key, encoded_key_size, (unsigned char *)out_digest, &encoded_key_size_base64)) { + out_digest[encoded_key_size_base64] = '\0'; to_return = 1; } else { y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error base64 encoding hashed key"); @@ -1494,7 +1499,7 @@ ret = U_OK; } else { ret = U_OK; - if ((data_len && (data_in = o_malloc(data_len*sizeof(char))) != NULL) || !data_len) { + if ((data_len && (data_in = o_malloc(data_len)) != NULL) || !data_len) { if (data != NULL) { memcpy(data_in, data, data_len); } else { @@ -1509,7 +1514,7 @@ } else { rsv |= extension->rsv; o_free(data_in); - if ((data_in = o_malloc(data_out_len*sizeof(char))) != NULL) { + if ((data_in = o_malloc(data_out_len)) != NULL) { memcpy(data_in, data_out, data_out_len); data_in_len = data_out_len; } else { @@ -2454,11 +2459,11 @@ struct _u_response * response) { int ret; struct yuarel y_url; - char * url, * basic_auth_encoded_header, * basic_auth, * basic_auth_encoded; - size_t basic_auth_encoded_len; + char * url, * basic_auth_encoded_header, * basic_auth; struct _websocket * websocket = NULL; pthread_t thread_websocket; int thread_ret_websocket = 0, thread_detach_websocket = 0; + struct _o_datum dat = {0, NULL}; if (request != NULL && response != NULL && (websocket_manager_callback != NULL || websocket_incoming_message_callback != NULL)) { url = o_strdup(request->http_url); @@ -2473,18 +2478,16 @@ } if (y_url.username != NULL && y_url.password != NULL) { basic_auth = msprintf("%s:%s", y_url.username, y_url.password); - basic_auth_encoded = o_malloc((o_strlen(basic_auth)*4/3)+1); - memset(basic_auth_encoded, 0, (o_strlen(basic_auth)*4/3)+1); - if (o_base64_encode((const unsigned char *)basic_auth, o_strlen(basic_auth), (unsigned char *)basic_auth_encoded, &basic_auth_encoded_len)) { - basic_auth_encoded_header = msprintf("Basic: %s", basic_auth_encoded); + if (o_base64_encode_alloc((const unsigned char *)basic_auth, o_strlen(basic_auth), &dat)) { + basic_auth_encoded_header = msprintf("Basic: %.*s", dat.size, dat.data); u_map_remove_from_key(request->map_header, "Authorization"); u_map_put(request->map_header, "Authorization", basic_auth_encoded_header); o_free(basic_auth_encoded_header); - o_free(basic_auth_encoded); } else { - y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error o_base64_encode"); + y_log_message(Y_LOG_LEVEL_ERROR, "Ulfius - Error o_base64_encode_alloc"); } o_free(basic_auth); + o_free(dat.data); } if (websocket_client_handler->websocket == NULL) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/src/ulfius.c new/ulfius-2.7.10/src/ulfius.c --- old/ulfius-2.7.9/src/ulfius.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/src/ulfius.c 2022-05-28 18:10:35.000000000 +0200 @@ -290,7 +290,7 @@ va_copy(args_cpy2, ap); new_fmt = msprintf("MHD - %s", fmt); out_len = vsnprintf(NULL, 0, new_fmt, args_cpy); - out = o_malloc((out_len)*sizeof(char)); + out = o_malloc((out_len)); if (out != NULL) { vsnprintf(out, (out_len), new_fmt, args_cpy2); y_log_message(Y_LOG_LEVEL_ERROR, out); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/ulfius-2.7.9/test/framework.c new/ulfius-2.7.10/test/framework.c --- old/ulfius-2.7.9/test/framework.c 2022-04-08 22:40:37.000000000 +0200 +++ new/ulfius-2.7.10/test/framework.c 2022-05-28 18:10:35.000000000 +0200 @@ -4929,6 +4929,7 @@ ck_assert_int_eq(ulfius_add_same_site_cookie_to_response(response, "cookieSameSiteStrict", "value_cookie", NULL, 100, "localhost", "/cookie", 0, 1, U_COOKIE_SAME_SITE_STRICT), U_OK); ck_assert_int_eq(ulfius_add_same_site_cookie_to_response(response, "cookieSameSiteLax", "value_cookie", NULL, 100, "localhost", "/cookie", 0, 1, U_COOKIE_SAME_SITE_LAX), U_OK); ck_assert_int_eq(ulfius_add_same_site_cookie_to_response(response, "cookieSameSiteNone", "value_cookie", NULL, 100, "localhost", "/cookie", 0, 1, U_COOKIE_SAME_SITE_NONE), U_OK); + ck_assert_int_eq(ulfius_add_same_site_cookie_to_response(response, "cookieSameSiteEmpty", "value_cookie", NULL, 100, "localhost", "/cookie", 0, 1, U_COOKIE_SAME_SITE_EMPTY), U_OK); ck_assert_int_ne(ulfius_add_same_site_cookie_to_response(response, "cookieSameSiteError", "value_cookie", NULL, 100, "localhost", "/cookie", 0, 1, 42), U_OK); o_free(body); return U_CALLBACK_CONTINUE; @@ -5665,9 +5666,10 @@ set_cookie = u_map_get(response.map_header, "Set-Cookie"); ck_assert_ptr_ne(o_strstr(set_cookie, "param2=value_cookie; Max-Age=100; Domain=localhost; Path=/cookie; HttpOnly"), NULL); + ck_assert_ptr_ne(o_strstr(set_cookie, "cookieSameSiteNone=value_cookie; Max-Age=100; Domain=localhost; Path=/cookie; HttpOnly; SameSite=None"), NULL); ck_assert_ptr_ne(o_strstr(set_cookie, "cookieSameSiteStrict=value_cookie; Max-Age=100; Domain=localhost; Path=/cookie; HttpOnly; SameSite=Strict"), NULL); ck_assert_ptr_ne(o_strstr(set_cookie, "cookieSameSiteLax=value_cookie; Max-Age=100; Domain=localhost; Path=/cookie; HttpOnly; SameSite=Lax"), NULL); - ck_assert_ptr_ne(o_strstr(set_cookie, "cookieSameSiteNone=value_cookie; Max-Age=100; Domain=localhost; Path=/cookie; HttpOnly"), NULL); + ck_assert_ptr_ne(o_strstr(set_cookie, "cookieSameSiteEmpty=value_cookie; Max-Age=100; Domain=localhost; Path=/cookie; HttpOnly"), NULL); ulfius_clean_request(&request); ulfius_clean_response(&response);
