Author: stsp Date: Mon May 29 15:35:20 2023 New Revision: 1910116 URL: http://svn.apache.org/viewvc?rev=1910116&view=rev Log: On the 1.3.x-sslbuild branch: Merge from 1.3.x, resovling conflicts.
The only merge conflict was due to the introduction of the bio_file_ctrl() function in buckets/ssl_buckets.c. Added: serf/branches/1.3.x-sslbuild/.github/ - copied from r1910115, serf/branches/1.3.x/.github/ Modified: serf/branches/1.3.x-sslbuild/ (props changed) serf/branches/1.3.x-sslbuild/CHANGES serf/branches/1.3.x-sslbuild/SConstruct serf/branches/1.3.x-sslbuild/STATUS serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c serf/branches/1.3.x-sslbuild/build/check.py serf/branches/1.3.x-sslbuild/outgoing.c serf/branches/1.3.x-sslbuild/serf.h serf/branches/1.3.x-sslbuild/test/serf_bwtp.c serf/branches/1.3.x-sslbuild/test/serf_get.c serf/branches/1.3.x-sslbuild/test/serf_spider.c serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12 (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem (contents, props changed) serf/branches/1.3.x-sslbuild/test/server/test_server.c serf/branches/1.3.x-sslbuild/test/server/test_server.h serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c serf/branches/1.3.x-sslbuild/test/test_auth.c serf/branches/1.3.x-sslbuild/test/test_buckets.c serf/branches/1.3.x-sslbuild/test/test_context.c serf/branches/1.3.x-sslbuild/test/test_serf.h serf/branches/1.3.x-sslbuild/test/test_ssl.c serf/branches/1.3.x-sslbuild/test/test_util.c Propchange: serf/branches/1.3.x-sslbuild/ ------------------------------------------------------------------------------ Reverse-merged /serf/branches/1.3.x:r1699925,1699931 Merged /serf/branches/1.3.x-fix-outgoing-request-err:r1804540-1808208 Merged /serf/branches/1.3.x-r1909252-group:r1909407-1909903 Merged /serf/branches/1.3.x-r1901040:r1909255-1909900 Merged /serf/branches/1.3.x-r1814714:r1814716-1909313 Merged /serf/branches/1.3.x-r1902208+r1902304:r1909396-1909902 Merged /serf/branches/1.3.x-r1901937:r1909250-1909901 Merged /serf/branches/1.3.x:r1781541-1910115 Merged /serf/branches/1.3.x-r1804008-group:r1805337-1808209 Merged /serf/branches/1.3.x-r1805301:r1805336-1808212 Merged /serf/trunk:r1699725,1699807,1712131,1758362,1804005,1804008,1804016,1804534,1805301,1807594,1811088,1814714,1861036,1901040,1901937,1902208,1902304,1902398,1909245,1909247,1909252,1909315-1909316,1909318,1909385,1909406,1909413,1909433,1910045-1910047 Modified: serf/branches/1.3.x-sslbuild/CHANGES URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/CHANGES?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/CHANGES (original) +++ serf/branches/1.3.x-sslbuild/CHANGES Mon May 29 15:35:20 2023 @@ -1,11 +1,26 @@ -Apache Serf 1.3.9 [2016-09-01, from tags/1.3.9, rxxxx] +Apache Serf 1.3.10 [2023-xx-xx, from tags/1.3.10, rxxxxxxx] + Support for OpenSSL 3 (r1901937, ...) + Fix issue #171: Win32: Running tests fails with "no OPENSSL_Applink" error + Fix issue #194: Win32: Linking error when building against OpenSSL 1.1+ + Fix issue #198: OpenSSL BIO control method incorrectly handles unknown requests + Fix issue #202: SSL tests are not passing with OpenSSL 3 + Fix error handling when reading the outgoing request body (r1804534, ...) + Fix handling of invalid chunk lengths in the dechunk bucket (r1804005, ...) + Fix an endless loop in the deflate bucket with truncated input (r1805301) + Fix BIO control handlers to support BIO_CTRL_EOF (r1902208) + Fix a CRT mismatch issue caused by using certain OpenSSL functions (r1909252) + Build changes to support VS2017, VS2019 and VS2022 (r1712131, ...) + Build changes to support Python 3 (r1875933) + + +Apache Serf 1.3.9 [2016-09-01, from tags/1.3.9, r1758195] serf is now Apache Serf; apply header changes (r1700062) Fix issue #151: SCons build broken when only one library in ENVPATH Fix issue #153: avoid SSPI handle leak Fix issue #167: Explicitly use the ANSI version of SSPI Fix issue #170: Allow building with Microsoft Visual Studio 2015 - Fix build of 'check' target when using VPATH-style builds (r1699858, ...) - (builddir != srcdir). + Fix build of 'check' target when using VPATH-style builds where + builddir != srcdir (r1699858, ...) Resolve a bucket (aka "memory") leak when a request bucket is destroyed before it is morphed into an aggregate bucket (r1699791) Reset state variables when resetting connection (r1708849) Modified: serf/branches/1.3.x-sslbuild/SConstruct URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/SConstruct?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/SConstruct (original) +++ serf/branches/1.3.x-sslbuild/SConstruct Mon May 29 15:35:20 2023 @@ -127,7 +127,7 @@ if sys.platform == 'win32': # Note that Scons 1.3 only supports this on Windows and only when # constructing Environment(). Later changes to TARGET_ARCH are ignored EnumVariable('TARGET_ARCH', - "Platform to build for (x86|x64|win32|x86_64)", + "Platform to build for", 'x86', allowed_values=('x86', 'x86_64', 'ia64'), map={'X86' : 'x86', @@ -138,11 +138,20 @@ if sys.platform == 'win32': }), EnumVariable('MSVC_VERSION', - "Visual C++ to use for building (E.g. 11.0, 9.0)", + "Visual C++ to use for building", None, - allowed_values=('14.0', '12.0', - '11.0', '10.0', '9.0', '8.0', '6.0') - ), + allowed_values=('14.3', '14.2', '14.1', '14.0', '12.0', + '11.0', '10.0', '9.0', '8.0', '6.0'), + map={'2005' : '8.0', + '2008' : '9.0', + '2010' : '10.0', + '2012' : '11.0', + '2013' : '12.0', + '2015' : '14.0', + '2017' : '14.1', + '2019' : '14.2', + '2022' : '14.3', + }), # We always documented that we handle an install layout, but in fact we # hardcoded source layouts. Allow disabling this behavior. @@ -166,7 +175,7 @@ env.Append(BUILDERS = { match = re.search('SERF_MAJOR_VERSION ([0-9]+).*' 'SERF_MINOR_VERSION ([0-9]+).*' 'SERF_PATCH_VERSION ([0-9]+)', - env.File('serf.h').get_contents(), + env.File('serf.h').get_contents().decode('utf-8'), re.DOTALL) MAJOR, MINOR, PATCH = [int(x) for x in match.groups()] env.Append(MAJOR=str(MAJOR)) @@ -183,7 +192,7 @@ CALLOUT_OKAY = not (env.GetOption('clean unknown = opts.UnknownVariables() if unknown: - print 'Warning: Used unknown variables:', ', '.join(unknown.keys()) + print('Warning: Used unknown variables:', ', '.join(unknown.keys())) apr = str(env['APR']) apu = str(env['APU']) @@ -268,7 +277,10 @@ if sys.platform != 'win32': env.Append(PLATFORM='posix') else: # Warning level 4, no unused argument warnings - env.Append(CCFLAGS=['/W4', '/wd4100']) + env.Append(CCFLAGS=['/W4', + '/wd4100', # Unused argument + '/we4013', # 'function' undefined; assuming extern returning int + ]) # Choose runtime and optimization if debug: @@ -292,6 +304,9 @@ SOURCES = Glob('*.c') + Glob('buckets/*. lib_static = env.StaticLibrary(LIBNAMESTATIC, SOURCES) lib_shared = env.SharedLibrary(LIBNAME, SOURCES + SHARED_SOURCES) +# Define OPENSSL_NO_STDIO to prevent using _fp() API. +env.Append(CPPDEFINES=['OPENSSL_NO_STDIO']) + if aprstatic: env.Append(CPPDEFINES=['APR_DECLARE_STATIC', 'APU_DECLARE_STATIC']) @@ -335,7 +350,6 @@ if sys.platform == 'win32': LIBPATH=['$ZLIB']) # openssl - env.Append(LIBS=['libeay32.lib', 'ssleay32.lib']) if not env.get('SOURCE_LAYOUT', None): env.Append(CPPPATH=['$OPENSSL/include/openssl'], LIBPATH=['$OPENSSL/lib']) @@ -345,6 +359,14 @@ if sys.platform == 'win32': else: env.Append(CPPPATH=['$OPENSSL/inc32'], LIBPATH=['$OPENSSL/out32dll']) + conf = Configure(env) + if conf.CheckLib('libcrypto'): + # OpenSSL 1.1.0+ + env.Append(LIBS=['libcrypto.lib', 'libssl.lib']) + else: + # Legacy OpenSSL + env.Append(LIBS=['libeay32.lib', 'ssleay32.lib']) + conf.Finish() else: if os.path.isdir(apr): apr = os.path.join(apr, 'bin', 'apr-1-config') Modified: serf/branches/1.3.x-sslbuild/STATUS URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/STATUS?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/STATUS (original) +++ serf/branches/1.3.x-sslbuild/STATUS Mon May 29 15:35:20 2023 @@ -11,9 +11,32 @@ Status of 1.3.10: Candidate changes: ================== + * r1875937 + Fix test case against OpenSSL 1.1.1e+. + [ NOTE: Superceded by the r1902208 fix. ] + Justification: + Serf should test cleanly against upstreams. + Branch: ^/serf/branches/1.3.x-ssltest + Votes: + +1: jerenkrantz + + * r1775239-1781240 + Fix build with current LibreSSL and OpenSSL versions. + Justification: + Serf should compile out of the box. + Branch: ^/serf/branches/1.3.x-sslbuild + Votes: + +1: stsp, astieger + -0: kotkov ( + - A later change, r1833227, seems to further extend CheckFunc() calls, + so maybe this nomination in its current state won't work in some + cases on Windows + - A signficant change of the build approach, maybe not worth it at + this point for the 1.3.x branch + - Seems to only be required for LibreSSL, not OpenSSL) + Veto-blocked changes: ===================== Approved changes: ================= - Modified: serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c (original) +++ serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c Mon May 29 15:35:20 2023 @@ -85,6 +85,7 @@ static apr_status_t serf_dechunk_read(se /* if a line was read, then parse it. */ if (ctx->linebuf.state == SERF_LINEBUF_READY) { + char *end; /* NUL-terminate the line. if it filled the entire buffer, then just assume the thing is too large. */ if (ctx->linebuf.used == sizeof(ctx->linebuf.line)) @@ -92,10 +93,14 @@ static apr_status_t serf_dechunk_read(se ctx->linebuf.line[ctx->linebuf.used] = '\0'; /* convert from HEX digits. */ - ctx->body_left = apr_strtoi64(ctx->linebuf.line, NULL, 16); + ctx->body_left = apr_strtoi64(ctx->linebuf.line, &end, 16); if (errno == ERANGE) { return APR_FROM_OS_ERROR(ERANGE); } + else if (ctx->linebuf.line == end) { + /* Invalid chunk length, bail out. */ + return SERF_ERROR_BAD_HTTP_RESPONSE; + } if (ctx->body_left == 0) { /* Just read the last-chunk marker. We're DONE. */ Modified: serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c (original) +++ serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c Mon May 29 15:35:20 2023 @@ -281,9 +281,17 @@ static apr_status_t serf_deflate_read(se zRC = inflate(&ctx->zstream, Z_NO_FLUSH); - /* We're full or zlib requires more space. Either case, clear - out our buffer, reset, and return. */ - if (zRC == Z_BUF_ERROR || ctx->zstream.avail_out == 0) { + if (zRC == Z_BUF_ERROR && APR_STATUS_IS_EOF(ctx->stream_status) && + ctx->zstream.avail_out > 0) { + /* Zlib can't continue, although there's still space in the + output buffer. This can happen either if the stream is + truncated or corrupted. As we don't know for sure, + return a generic error. */ + return SERF_ERROR_DECOMPRESSION_FAILED; + } + else if (zRC == Z_BUF_ERROR || ctx->zstream.avail_out == 0) { + /* We're full or zlib requires more space. Either case, clear + out our buffer, reset, and return. */ serf_bucket_t *tmp; ctx->zstream.next_out = ctx->buffer; private_len = ctx->bufferSize - ctx->zstream.avail_out; Modified: serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c (original) +++ serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c Mon May 29 15:35:20 2023 @@ -176,6 +176,10 @@ struct serf_ssl_context_t { /* Status of a fatal error, returned on subsequent encrypt or decrypt requests. */ apr_status_t fatal_err; + + /* OpenSSL 1.1.1e introduced BIO_FLAGS_IN_EOF, but we implement + our own hit eof to support versions < 1.1.1e. */ + int hit_eof; }; typedef struct { @@ -284,6 +288,10 @@ static int bio_bucket_read(BIO *bio, cha serf__log(SSL_VERBOSE, __FILE__, "bio_bucket_read received %d bytes (%d)\n", len, status); + if (APR_STATUS_IS_EOF(status)) { + ctx->hit_eof = 1; + } + if (!SERF_BUCKET_READ_ERROR(status)) { /* Oh suck. */ if (len) { @@ -407,21 +415,43 @@ static int bio_bucket_destroy(BIO *bio) static long bio_bucket_ctrl(BIO *bio, int cmd, long num, void *ptr) { - long ret = 1; + serf_ssl_context_t *ctx = bio_get_data(bio); switch (cmd) { + case BIO_CTRL_FLUSH: + /* At this point we can't force a flush. */ + return 1; + case BIO_CTRL_PUSH: + case BIO_CTRL_POP: + return 0; + case BIO_CTRL_EOF: + return ctx->hit_eof; default: /* abort(); */ - break; + return 0; + } +} + +static long bio_file_ctrl(BIO *bio, int cmd, long num, void *ptr) +{ + apr_file_t *file = bio_get_data(bio); + + switch (cmd) { case BIO_CTRL_FLUSH: /* At this point we can't force a flush. */ - break; + return 1; case BIO_CTRL_PUSH: case BIO_CTRL_POP: - ret = 0; - break; + return 0; + case BIO_CTRL_EOF: + if (apr_file_eof(file) == APR_EOF) + return 1; + else + return 0; + default: + /* abort(); */ + return 0; } - return ret; } #ifdef SERF_NO_SSL_BIO_WRAPPERS @@ -447,7 +477,7 @@ static BIO_METHOD bio_file_method = { bio_file_read, NULL, /* Is this called? */ bio_file_gets, /* Is this called? */ - bio_bucket_ctrl, + bio_file_ctrl, bio_bucket_create, bio_bucket_destroy, #ifdef OPENSSL_VERSION_NUMBER @@ -487,7 +517,7 @@ static BIO_METHOD *bio_meth_file_new(voi BIO_meth_set_write(biom, bio_file_write); BIO_meth_set_read(biom, bio_file_read); BIO_meth_set_gets(biom, bio_file_gets); - BIO_meth_set_ctrl(biom, bio_bucket_ctrl); + BIO_meth_set_ctrl(biom, bio_file_ctrl); BIO_meth_set_create(biom, bio_bucket_create); BIO_meth_set_destroy(biom, bio_bucket_destroy); } @@ -1326,8 +1356,7 @@ static int ssl_need_client_cert(SSL *ssl return 0; } else { - printf("OpenSSL cert error: %d %d %d\n", ERR_GET_LIB(err), - ERR_GET_FUNC(err), + printf("OpenSSL cert error: %d %d\n", ERR_GET_LIB(err), ERR_GET_REASON(err)); PKCS12_free(p12); bio_meth_free(biom); @@ -1412,6 +1441,7 @@ static serf_ssl_context_t *ssl_init_cont ssl_ctx->cached_cert_pw = 0; ssl_ctx->pending_err = APR_SUCCESS; ssl_ctx->fatal_err = APR_SUCCESS; + ssl_ctx->hit_eof = 0; ssl_ctx->cert_callback = NULL; ssl_ctx->cert_pw_callback = NULL; @@ -1522,11 +1552,11 @@ apr_status_t serf_ssl_load_cert_file( const char *file_path, apr_pool_t *pool) { - FILE *fp = fopen(file_path, "r"); + BIO *bio = BIO_new_file(file_path, "r"); - if (fp) { - X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL); - fclose(fp); + if (bio) { + X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); + BIO_free(bio); if (ssl_cert) { *cert = apr_palloc(pool, sizeof(serf_ssl_certificate_t)); Modified: serf/branches/1.3.x-sslbuild/build/check.py URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/build/check.py?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/build/check.py (original) +++ serf/branches/1.3.x-sslbuild/build/check.py Mon May 29 15:35:20 2023 @@ -52,16 +52,16 @@ if __name__ == '__main__': # Find test responses and run them one by one for case in glob.glob(testdir + "/testcases/*.response"): - print "== Testing %s ==" % (case) + print("== Testing %s ==" % (case)) try: subprocess.check_call([SERF_RESPONSE_EXE, case]) except subprocess.CalledProcessError: - print "ERROR: test case %s failed" % (case) + print("ERROR: test case %s failed" % (case)) sys.exit(1) - print "== Running the unit tests ==" + print("== Running the unit tests ==") try: subprocess.check_call(TEST_ALL_EXE) except subprocess.CalledProcessError: - print "ERROR: test(s) failed in test_all" + print("ERROR: test(s) failed in test_all") sys.exit(1) Modified: serf/branches/1.3.x-sslbuild/outgoing.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/outgoing.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/outgoing.c (original) +++ serf/branches/1.3.x-sslbuild/outgoing.c Mon May 29 15:35:20 2023 @@ -815,11 +815,14 @@ static apr_status_t write_to_connection( data as available, we probably don't want to read ALL_AVAIL, but a lower number, like the size of one or a few TCP packets, the available TCP buffer size ... */ + conn->hit_eof = 0; read_status = serf_bucket_read_iovec(ostreamh, SERF_READ_ALL_AVAIL, IOV_MAX, conn->vec, &conn->vec_len); + if (SERF_BUCKET_READ_ERROR(read_status)) + return read_status; if (!conn->hit_eof) { if (APR_STATUS_IS_EAGAIN(read_status)) { @@ -841,9 +844,8 @@ static apr_status_t write_to_connection( conn->dirty_conn = 1; conn->ctx->dirty_pollset = 1; } - else if (read_status && !APR_STATUS_IS_EOF(read_status)) { - /* Something bad happened. Propagate any errors. */ - return read_status; + else if (APR_STATUS_IS_EOF(read_status)) { + /* Continue. */ } } Modified: serf/branches/1.3.x-sslbuild/serf.h URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/serf.h?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/serf.h (original) +++ serf/branches/1.3.x-sslbuild/serf.h Mon May 29 15:35:20 2023 @@ -1067,7 +1067,7 @@ void serf_debug__bucket_alloc_check( /* Version info */ #define SERF_MAJOR_VERSION 1 #define SERF_MINOR_VERSION 3 -#define SERF_PATCH_VERSION 9 +#define SERF_PATCH_VERSION 10 /* Version number string */ #define SERF_VERSION_STRING APR_STRINGIFY(SERF_MAJOR_VERSION) "." \ Modified: serf/branches/1.3.x-sslbuild/test/serf_bwtp.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/serf_bwtp.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/serf_bwtp.c (original) +++ serf/branches/1.3.x-sslbuild/test/serf_bwtp.c Mon May 29 15:35:20 2023 @@ -155,7 +155,6 @@ static apr_status_t setup_request(serf_r { handler_baton_t *ctx = setup_baton; serf_bucket_t *hdrs_bkt; - serf_bucket_t *body_bkt; if (ctx->req_body_path) { apr_file_t *file; @@ -168,12 +167,13 @@ static apr_status_t setup_request(serf_r printf("Error opening file (%s)\n", ctx->req_body_path); return status; } - +/* body_bkt = serf_bucket_file_create(file, serf_request_get_alloc(request)); +*/ } else { - body_bkt = NULL; +/* body_bkt = NULL;*/ } /* @@ -371,18 +371,17 @@ static apr_status_t handle_bwtp_upgrade( if (APR_STATUS_IS_EOF(status)) { int i; serf_connection_t *conn; - serf_request_t *new_req; conn = serf_request_get_conn(request); serf_connection_set_async_responses(conn, accept_bwtp, ctx->acceptor_baton, handle_bwtp, NULL); - new_req = serf_connection_request_create(conn, setup_channel, ctx); + serf_connection_request_create(conn, setup_channel, ctx); for (i = 0; i < ctx->acceptor_baton->count; i++) { - new_req = serf_connection_request_create(conn, - setup_request, - ctx); + serf_connection_request_create(conn, + setup_request, + ctx); } return APR_EOF; @@ -445,11 +444,9 @@ static apr_status_t handle_response(serf apr_atomic_dec32(&ctx->requests_outstanding); if (!ctx->requests_outstanding) { serf_connection_t *conn; - serf_request_t *new_req; conn = serf_request_get_conn(request); - new_req = - serf_connection_request_create(conn, setup_close, ctx); + serf_connection_request_create(conn, setup_close, ctx); } return APR_EOF; } @@ -482,7 +479,6 @@ int main(int argc, const char **argv) apr_sockaddr_t *address; serf_context_t *context; serf_connection_t *connection; - serf_request_t *request; app_baton_t app_ctx; handler_baton_t handler_ctx; apr_uri_t url; @@ -607,8 +603,8 @@ int main(int argc, const char **argv) handler_ctx.acceptor_baton = &app_ctx; handler_ctx.handler = handle_response; - request = serf_connection_request_create(connection, setup_bwtp_upgrade, - &handler_ctx); + serf_connection_request_create(connection, setup_bwtp_upgrade, + &handler_ctx); for (i = 0; i < app_ctx.count; i++) { apr_atomic_inc32(&handler_ctx.requests_outstanding); Modified: serf/branches/1.3.x-sslbuild/test/serf_get.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/serf_get.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/serf_get.c (original) +++ serf/branches/1.3.x-sslbuild/test/serf_get.c Mon May 29 15:35:20 2023 @@ -420,7 +420,6 @@ int main(int argc, const char **argv) serf_bucket_alloc_t *bkt_alloc; serf_context_t *context; serf_connection_t *connection; - serf_request_t *request; app_baton_t app_ctx; handler_baton_t handler_ctx; serf_bucket_t *req_hdrs = NULL; @@ -652,8 +651,9 @@ int main(int argc, const char **argv) serf_connection_set_max_outstanding_requests(connection, inflight); for (i = 0; i < count; i++) { - request = serf_connection_request_create(connection, setup_request, - &handler_ctx); + /* We don't need the returned request here. */ + serf_connection_request_create(connection, setup_request, + &handler_ctx); } while (1) { Modified: serf/branches/1.3.x-sslbuild/test/serf_spider.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/serf_spider.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/serf_spider.c (original) +++ serf/branches/1.3.x-sslbuild/test/serf_spider.c Mon May 29 15:35:20 2023 @@ -329,10 +329,6 @@ static apr_status_t setup_request(serf_r } if (ctx->app_ctx->using_ssl) { - serf_bucket_alloc_t *req_alloc; - - req_alloc = serf_request_get_alloc(request); - if (ctx->app_ctx->ssl_ctx == NULL) { *req_bkt = serf_bucket_ssl_encrypt_create(*req_bkt, NULL, ctx->app_ctx->bkt_alloc); @@ -632,8 +628,7 @@ int main(int argc, const char **argv) app_baton_t app_ctx; handler_baton_t *handler_ctx; apr_uri_t url; - const char *raw_url, *method; - int count; + const char *raw_url; apr_getopt_t *opt; char opt_c; char *authn = NULL; @@ -652,11 +647,6 @@ int main(int argc, const char **argv) apr_atomic_init(pool); /* serf_initialize(); */ - /* Default to one round of fetching. */ - count = 1; - /* Default to GET. */ - method = "GET"; - apr_getopt_init(&opt, pool, argc, argv); while ((status = apr_getopt(opt, "a:hv", &opt_c, &opt_arg)) == Modified: serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem (original) +++ serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem Mon May 29 15:35:20 2023 @@ -1,25 +1,25 @@ ------BEGIN CERTIFICATE----- -MIIEHTCCAwWgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC -RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT -FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsTElRlc3QgU3VpdGUgUm9v -dCBDQTEVMBMGA1UEAxMMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm -cm9vdGNhQGV4YW1wbGUuY29tMB4XDTE0MDQxOTIxMTcyNloXDTE3MDQxODIxMTcy -NlowgaAxCzAJBgNVBAYTAkJFMRAwDgYDVQQIEwdBbnR3ZXJwMREwDwYDVQQHEwhN -ZWNoZWxlbjEfMB0GA1UEChMWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEWMBQGA1UE -CxMNVGVzdCBTdWl0ZSBDQTEQMA4GA1UEAxMHU2VyZiBDQTEhMB8GCSqGSIb3DQEJ -ARYSc2VyZmNhQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB -CgKCAQEA3HuEeB7EBW9i7ibiSNWwk3iCgJexF/ggQ+Am2lA7wnAWdnTjFWP+HKqD -o+MH3xkr5dg/SaNWmvV0OFGvIcZRgpoFaBSn+BJ+X6FKzF/S36q8HckAzScjr5KB -hubnSZR98m2jEcWyznGoDBahq+ZozYSJKKwirOhckrfOTWqlQvcjtk8pUdkTK/c8 -8qnDoRFgDuqRZdF8bcZ70bo24R2XnfGhb0T359cN+cfEcUk7UZs22+JvoAxjMB3/ -oODXHammr6+86t3SYTyXGpYnkUpAecVI2wtB61RbAbBt91jifQLijBNtYWfZKqjW -cvW+oNeMuUao479T/e0WZvAkaIsRkQIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0G -A1UdDgQWBBQQ9mwXNXPt7xaDnB1cV1JWfUxkhTAfBgNVHSMEGDAWgBQ8ffmGwxZN -VX8CrM99b6wUq4qTyDANBgkqhkiG9w0BAQsFAAOCAQEAUDHna1Mb33PCnwPoo46o -/4CypCDEkOsVIOvbFjs5viHL5O1t4/IcjWHv3OmXWar3iVdxe2kirGEcUNJkOldb -vQz70t82WMClD0HkTBvICMOoZyxxds6mkp94GTI5z83AmiNZFCcIoCLs0RFmUXuK -LPnIB6KyS5MY74YgwXZTWlVCtDYDOPfNpAfNgxmtkVhEx4Yv5kdVqc6DLcBIWx04 -qSXsL27091qt8t6g5xpf7rYrrAxyXWXDn7oF05F8ifmgvGekvI33Uj61ZoD1OJHQ -AY7qZcHXZL2pcVTr3xafrnaqUOeiacdHIwq6Hu3KkgLfJ/tjK6eKIxVs+PXj1Wlo -Lg== ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIEHzCCAwegAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC +RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM +FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsMElRlc3QgU3VpdGUgUm9v +dCBDQTEVMBMGA1UEAwwMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm +cm9vdGNhQGV4YW1wbGUuY29tMCAXDTIxMTAwNDIyNDQ1MloYDzIxMjEwOTEwMjI0 +NDUyWjCBoDELMAkGA1UEBhMCQkUxEDAOBgNVBAgMB0FudHdlcnAxETAPBgNVBAcM +CE1lY2hlbGVuMR8wHQYDVQQKDBZJbiBTZXJmIHdlIHRydXN0LCBJbmMuMRYwFAYD +VQQLDA1UZXN0IFN1aXRlIENBMRAwDgYDVQQDDAdTZXJmIENBMSEwHwYJKoZIhvcN +AQkBFhJzZXJmY2FAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw +ggEKAoIBAQDF7F+MfBDiTD4q/9XO5A1m/D9ZW1/3zgSyXldVrxb4bHBty6EKyWtM +PbGAENS6Lt6JyuzgNtX9Qxp2slO1UB6zZS2SE6qMw81V/td4+NuyFssQIjMexINx +cmvkg9OOOxEnkWVEpzf6cwHZKIPnT2Z/jrAXVIc2eery+fBDQ9qncUSmWMKKASHD +h9DN38DqHdxkwyFhOpo3ag0ARxK5kNFzn6T3jXo2c0AC+eFhqTW04ZxQ1Lv3Rmdi +jSACge/0DcWDhYpW3hSpNM9RlggHn48s8NVqN/YbQ4x3qk4zGLSgFXuVKcUTIHy3 +3Din/Nr2VNLSVK4Th4KapJOKO59qG1BxAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8w +HQYDVR0OBBYEFBX4uVoH+c83XDA765aLBA9CNO30MB8GA1UdIwQYMBaAFDd9r2kG +qmu3sBEddrdQuRXCMNgjMA0GCSqGSIb3DQEBCwUAA4IBAQCY+TcCh2rGLv7+rT4g +PelB1U1xVVgMp7tOLb56CNJfEKi/KIVYJxNMwyivvNQgDWcX4TCoH7WbQsaSVTyB +sz7w9udD8U9A4urz3hiTRTBXCghzlxiIggAmj7/E+QsoxF7QX0HZnGwqqSVS//rc +c0G3u/rzaWWlzNHJDT7TofT4qgRxO8oz/rTH2z5V0c5oH1iVXlSsu9HduxVseV/M +K/3NpZ33cj3b/eosjnTYSbxO7OWEydWHvi5pss9Pb2GzyFpoDiG4u62G7TPvHwG8 +WvQ/z7bDAcikrDrFr5xjtEbeUbmMq2xTRHqkbs2cENUNcJoKZypM2JNaVPbXpT24 ++3bJ +-----END CERTIFICATE----- Propchange: serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfcacert.pem:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12 URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== Binary files - no diff available. Propchange: serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12 ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfclientcert.p12:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem (original) +++ serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem Mon May 29 15:35:20 2023 @@ -1,25 +1,25 @@ ------BEGIN CERTIFICATE----- -MIIEKzCCAxOgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC -RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT -FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsTElRlc3QgU3VpdGUgUm9v -dCBDQTEVMBMGA1UEAxMMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm -cm9vdGNhQGV4YW1wbGUuY29tMB4XDTE0MDQxOTIxMTcyNVoXDTE3MDQxODIxMTcy -NVowga4xCzAJBgNVBAYTAkJFMRAwDgYDVQQIEwdBbnR3ZXJwMREwDwYDVQQHEwhN -ZWNoZWxlbjEfMB0GA1UEChMWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEbMBkGA1UE -CxMSVGVzdCBTdWl0ZSBSb290IENBMRUwEwYDVQQDEwxTZXJmIFJvb3QgQ0ExJTAj -BgkqhkiG9w0BCQEWFnNlcmZyb290Y2FAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3 -DQEBAQUAA4IBDwAwggEKAoIBAQCsSwBl8wpBCuSvD4EQX1pgOfoKCLlYf0LExusE -x+Kiz7ZemlOvGffHazpLbYA1nMi+sKYe3Y8LTJnMaQm3V3eDG/qP84X6FP8vBlfS -DJCeNoQ3+oZUPLwKzrV9SZh96nXDXWsMYq3wF/4jjl1ZG+Xz3gRVD60ZEblYN9Hn -dPLmnZaMn3K1HHgMqNZPUs+q85/w3BxdcGLU8oaWR6esdMa8jUjcqMAnh0JOz2mg -uiEQex7tafz77whf2WPJ7cxY5fAFnBMM8l35QQA49ZA+I9toVyP7fadMkjB8g4so -o9z/5ODh4sB5YVnFltSTFRFuSj7pau5Yn4wJGlJas5JgmIZjAgMBAAGjUDBOMAwG -A1UdEwQFMAMBAf8wHQYDVR0OBBYEFDx9+YbDFk1VfwKsz31vrBSripPIMB8GA1Ud -IwQYMBaAFDx9+YbDFk1VfwKsz31vrBSripPIMA0GCSqGSIb3DQEBCwUAA4IBAQAE -zB/Uco7La4sgXBxKAbMa75B01eR/3Ur9Xl2eHzQKbsEte1ERXPxtu+bS/WP+5D/A -1OKNVvFr0KqK2xlYXjXrjfgXZEc5nizLtnqHq/iE4PKwfptJFTeIexjv2WK5ErnT -PaF9dWDpwhOjiUcdU9/ILWE3PcIgrffr0VYqNkO7/vPTBablreJbPvT5vDMnm9Fz -cVBDmlUvg7M1+G7XVbk00Y6yenI2j+q1DkAuYBcQb3xjsFdMsVsCN9F6/4BWhS+f -z90CFM3Ndu0xXV8t+cl0mAljluRfxFjTCB7GxgxzKtPYHTQUtUfNKhVohNk4IF1z -sO9kZ8pSTplTJ9Q8hJfi ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIELTCCAxWgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC +RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM +FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsMElRlc3QgU3VpdGUgUm9v +dCBDQTEVMBMGA1UEAwwMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm +cm9vdGNhQGV4YW1wbGUuY29tMCAXDTIxMTAwNDIyNDQ1MloYDzIxMjEwOTEwMjI0 +NDUyWjCBrjELMAkGA1UEBhMCQkUxEDAOBgNVBAgMB0FudHdlcnAxETAPBgNVBAcM +CE1lY2hlbGVuMR8wHQYDVQQKDBZJbiBTZXJmIHdlIHRydXN0LCBJbmMuMRswGQYD +VQQLDBJUZXN0IFN1aXRlIFJvb3QgQ0ExFTATBgNVBAMMDFNlcmYgUm9vdCBDQTEl +MCMGCSqGSIb3DQEJARYWc2VyZnJvb3RjYUBleGFtcGxlLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAMHRLqkhe4RGOq5PNkXFc7pvxA8AaEpSJNDu +3YE2JSBuXUWjcchFy90L4IYg6Ars2QLUpT4QvvavtCUub0ACMUkA8vKqSRsL1T+m +xySXduaKCF04VQDIdaxW7DBAWNLdW6SOx+IG5DFe4FFOtPUWedxSdfcky1v8fG0U +Dl3Ic5TXEfB9sQNks+5OtxnPnIJq+uXJCg2sBLJxdGgZbFnHZ7+x1KXeyfZYA4k1 +6XGxiGhZHQb/FkuZiI62gGfAjyNoF6tX/OvxH7oViRPzR4GGeD5vzpbI/SP6QkEJ +XeOUb2R5UbDmvrSWbSSV+l4B/bCEwdbF1OgPH7K5+LzQ7Klw7FMCAwEAAaNQME4w +DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUN32vaQaqa7ewER12t1C5FcIw2CMwHwYD +VR0jBBgwFoAUN32vaQaqa7ewER12t1C5FcIw2CMwDQYJKoZIhvcNAQELBQADggEB +AFAH3BvIMrBy9rSkWTtztHzEmqC+w/zohBw7Z3owA5K6P4UVAwEYOU6ayMf+HNN0 +UtoGwSqdvi7j2S2n1Q9t+l2fe4lzzpsjM3TFAdtfWKc87X315lW5xBe6WM68Cdxv +Xxw1KRFfejdSUiRea+2KeHBYBOyaRjaYU0pfsm52qVVhRBw6EGs/5p6oRVx0PS58 +Fs73YwDmj/lu+VH99IzTMU/fiGQXyHPVtnBEBGFblbeJU/B+Mk5DQrEm24gZ/n9P +Gh9ZJDTmPZyUSlSzyWC6AWBrc9wBz3orMNIimx59QVBQl78rYhHS19VgZJN68WtQ +MwWOqBs37qKlzj0NS1AYtDo= +-----END CERTIFICATE----- Propchange: serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfrootcacert.pem:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem (original) +++ serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem Mon May 29 15:35:20 2023 @@ -1,23 +1,23 @@ -----BEGIN CERTIFICATE----- MIIDxzCCAq+gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC -RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT -FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsTDVRlc3QgU3VpdGUgQ0Ex -EDAOBgNVBAMTB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl -LmNvbTAeFw0xNDA0MTkyMTE3MjZaFw0xMzA0MTkyMTE3MjZaMIGqMQswCQYDVQQG -EwJCRTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNV -BAoTFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsTEVRlc3QgU3VpdGUg -U2VydmVyMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz -ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDPSJs4Dhlb9JpmS50uOfAN0lOFkU89FEU4SAGziNcuevcOM87dsjENMpwMJrC+ -Emepkf5KAFkSRRuIBCms2Hx0Xm/LPRXhXMys2um3U/lkbu+HqPtWwhr9vsA+LjYG -787943qnfSPvOSssedVKkg03HchCzlko+iL3dQfQFyj7/Ew7Lh9K+TiWTnlrCGY9 -gS1NgKK+kEfXoBUp2+Fq1aUiO2wGKNK9ntcan28pIuJljBtI9hEp93Gs95zl2SR8 -e987YIveip2ofXrGEtGGuXftg1VE+jADJNBcByRpRS8cwyFx1sI9JUp/Uj899R49 -r706i9vPwLwwRAlDFB23m2ffAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD9aCwa9 -LUEF+bZGC5dYAmXDPDJdd/wa+sJcjFKf6/iDYowBMN/Rbd122XwFyPxkRa6jKqBF -0Ub6mVXjjj7/B/nhO7g/ZjrhVBPdlUG8ehoCLtff2lME/BNDysj3dF/gKtJYdl6+ -7dvRenLG/MX8Vg/VBP5ZBLTqPms5VT570nFUidMkIK+tIBwuHFu499SXg1bI/pEF -Jy5sUDXQD+acwDRV1aSnggwykkeH1loFkFmecdHGXip1/XLB0ts7z8lQgPC8PiCT -xflJt4yg1U14oJkz65wrIuBt9m5GeZuca+F+BZQSN+annaXKfrPi7kOYd2BeYiz0 -t4xQp6/lhs52tj8= ------END CERTIFICATE----- +RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM +FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsMDVRlc3QgU3VpdGUgQ0Ex +EDAOBgNVBAMMB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl +LmNvbTAeFw0yMTEwMDQyMjQ0NTJaFw0yMDEwMDQyMjQ0NTJaMIGqMQswCQYDVQQG +EwJCRTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNV +BAoMFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsMEVRlc3QgU3VpdGUg +U2VydmVyMRIwEAYDVQQDDAlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz +ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB +AQDKOObefa3mgWxJHgHITVXNj5KmPbb8B4roOq75dbaIB2qZ18+rhcfgSEcMrKYG +wHDJJyOI8ZT80Jhvq9+U1oyxyr7X5cOfuTJGo0Be2SqgrTYcJI/yTxS+4hNKDAUu +VwuwzsiB9Qc+tea7y721ClQf9/sJCY39C5uELhGHwt2YtaGVpjhzC1ungajRJoov +4QZYony5U/RjlvShES42fGDKJSrMzykhug7EkO45aVUnTTwPZFJy6RBB9JZ+WzRr +mDDimQxQ8NRgn4C99Up9+E1VEUtPA3R+ud0TByktVamyqXBK76I32DFoqr+G9ArL ++A0VHysAyULPUkTT0vW0XYFHAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJBm4EPk +d42ahVlmd+EdT5YoGAuJP9NeTBTPnPsPnHvH8IiIn5G/UzARI/jqjEAFxNwMm+bX +YjuzH+mIpVMBBsDDmaiNJCdRIMArQPJs6cR3udt86bBZjgdfTywagjLykYgtC19n +G5/oNgdsIcsWIujj/2LpQLnXjT8CZrDrtaJ1j41wHNvFnePhN1YDUur6Ig8r/LpD +i28mcLbcV7kneLgw/RDRxiLwdyFPuT3pL/R2ejF4XXPHTzmo4aDPSv0j+GOwsKPE +K6yx7bkmk/SbSkbbiD6GKLmGlCURa4F1o3RDF0+QrAyqqR2Gw/OMWY+ouYKYYl15 +mIaumWPYV5ZcR7I= +-----END CERTIFICATE----- Propchange: serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfserver_expired_cert.pem:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem (original) +++ serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem Mon May 29 15:35:20 2023 @@ -1,23 +1,23 @@ ------BEGIN CERTIFICATE----- -MIIDxzCCAq+gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC -RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT -FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsTDVRlc3QgU3VpdGUgQ0Ex -EDAOBgNVBAMTB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl -LmNvbTAeFw0yNDA0MTYyMTE3MjZaFw0yNzA0MTYyMTE3MjZaMIGqMQswCQYDVQQG -EwJCRTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNV -BAoTFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsTEVRlc3QgU3VpdGUg -U2VydmVyMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz -ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDPSJs4Dhlb9JpmS50uOfAN0lOFkU89FEU4SAGziNcuevcOM87dsjENMpwMJrC+ -Emepkf5KAFkSRRuIBCms2Hx0Xm/LPRXhXMys2um3U/lkbu+HqPtWwhr9vsA+LjYG -787943qnfSPvOSssedVKkg03HchCzlko+iL3dQfQFyj7/Ew7Lh9K+TiWTnlrCGY9 -gS1NgKK+kEfXoBUp2+Fq1aUiO2wGKNK9ntcan28pIuJljBtI9hEp93Gs95zl2SR8 -e987YIveip2ofXrGEtGGuXftg1VE+jADJNBcByRpRS8cwyFx1sI9JUp/Uj899R49 -r706i9vPwLwwRAlDFB23m2ffAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABp4mfjd -CCixsQkBQAzHIBO8i/UC1XRwYy0Bfjq54PNp608Z6h0Oh2igODJ9y4j69ItgWOda -4jK1xrkUD7p7SFR2WQdEO4hWwq3Rlsknj3SLsyfESzK4vRLO2c2LU1Uyfset5DMP -ty7ja2Bqwy+o86u/vbYfU8fA03xJuFIUrztauhVl3vi64v5y6kUUMRslQQSo7pam -jdDwN1HABeQGY73fAVKRHo+pe5a5yXOJ//wm2cH2CcIbWNbK4BSmBj81fgmgvUPp -JbmQw7+qy4qcifDbiIiCBhTWwgHSozYwtrprQ7vFvnnxO6tjcaHYZYjSNb2yIrEU -r3cl/ZbuP1O0aW4= ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDyTCCArGgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC +RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM +FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsMDVRlc3QgU3VpdGUgQ0Ex +EDAOBgNVBAMMB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl +LmNvbTAgFw0zMTEwMDIyMjQ0NTJaGA8yMTIxMDkxMDIyNDQ1MlowgaoxCzAJBgNV +BAYTAkJFMRAwDgYDVQQIDAdBbnR3ZXJwMREwDwYDVQQHDAhNZWNoZWxlbjEfMB0G +A1UECgwWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEaMBgGA1UECwwRVGVzdCBTdWl0 +ZSBTZXJ2ZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDElMCMGCSqGSIb3DQEJARYWc2Vy +ZnNlcnZlckBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMo45t59reaBbEkeAchNVc2PkqY9tvwHiug6rvl1togHapnXz6uFx+BIRwys +pgbAcMknI4jxlPzQmG+r35TWjLHKvtflw5+5MkajQF7ZKqCtNhwkj/JPFL7iE0oM +BS5XC7DOyIH1Bz615rvLvbUKVB/3+wkJjf0Lm4QuEYfC3Zi1oZWmOHMLW6eBqNEm +ii/hBliifLlT9GOW9KERLjZ8YMolKszPKSG6DsSQ7jlpVSdNPA9kUnLpEEH0ln5b +NGuYMOKZDFDw1GCfgL31Sn34TVURS08DdH653RMHKS1VqbKpcErvojfYMWiqv4b0 +Csv4DRUfKwDJQs9SRNPS9bRdgUcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAM0Ex +GfLuzQ6S75JvVj1YxRvRoY2ZNL0aXenJ40CAhrOvTGFTr5r2uOTfYh61Fnw0VUbE +c/aH7812yhhxBNv71Zgt6zAt+jwuvHec6NBchA2hZgp9aAGLwcWBbdtlAPK+PkTa +YZRJmhe++PlspFjnEeKjTjWkUf+3QAzY0QW5GGas1z7WD5Z6goFRRO83M/J9BGVr +1V2EtCk9YvC/SOnZ2R7I2bwaRD4YdIha3ifw8eJaVrYIvMEKCAKEoXBuseuZnitE +MTmgPQdzPlGgyevstMu0HXD3ejHB0TWTwVFzqVQxh3YahgdW3GcJOPlGZCI9G1w7 +A5R/DdQ0s/t0FiYHeQ== +-----END CERTIFICATE----- Propchange: serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfserver_future_cert.pem:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem (original) +++ serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem Mon May 29 15:35:20 2023 @@ -1,23 +1,23 @@ ------BEGIN CERTIFICATE----- -MIIDxzCCAq+gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC -RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT -FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsTDVRlc3QgU3VpdGUgQ0Ex -EDAOBgNVBAMTB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl -LmNvbTAeFw0xNDA0MTkyMTE3MjZaFw0xNzA0MTgyMTE3MjZaMIGqMQswCQYDVQQG -EwJCRTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNV -BAoTFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsTEVRlc3QgU3VpdGUg -U2VydmVyMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz -ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDPSJs4Dhlb9JpmS50uOfAN0lOFkU89FEU4SAGziNcuevcOM87dsjENMpwMJrC+ -Emepkf5KAFkSRRuIBCms2Hx0Xm/LPRXhXMys2um3U/lkbu+HqPtWwhr9vsA+LjYG -787943qnfSPvOSssedVKkg03HchCzlko+iL3dQfQFyj7/Ew7Lh9K+TiWTnlrCGY9 -gS1NgKK+kEfXoBUp2+Fq1aUiO2wGKNK9ntcan28pIuJljBtI9hEp93Gs95zl2SR8 -e987YIveip2ofXrGEtGGuXftg1VE+jADJNBcByRpRS8cwyFx1sI9JUp/Uj899R49 -r706i9vPwLwwRAlDFB23m2ffAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHL9mzR3 -o5K3pTnSVzxE6DE/BiXY1SutA0Bp6r24aiITl7QBn0oeXo+BCm1k46W/7zL7IExQ -sIfd07P5yrgeDlpmI3ciYD9x1Lumxks4j0HJBkVfjE6M0tCj9JTDKDUeyNkaYybL -TN60dlvAaBrtLrpoYOJNFQNNgmZqUhu2VxPXJzMZrgZiv3g4YqBIBLzI64+bBQ5B -Ap/DgzNbyMVDa/+CL1rU2editJTI39uU9feVVB35l5ZCb7cahcxE7y9xMhNx358B -DuGsLXBOs6GHf9h8M+yLr1VjtN7LebkRmwSry/IKB7o6VkWOFXghMLOfSyzBwfFP -EK7YBZc1B+X5xjg= ------END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDyTCCArGgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC +RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM +FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsMDVRlc3QgU3VpdGUgQ0Ex +EDAOBgNVBAMMB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl +LmNvbTAgFw0yMTEwMDQyMjQ0NTJaGA8yMTIxMDkxMDIyNDQ1MlowgaoxCzAJBgNV +BAYTAkJFMRAwDgYDVQQIDAdBbnR3ZXJwMREwDwYDVQQHDAhNZWNoZWxlbjEfMB0G +A1UECgwWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEaMBgGA1UECwwRVGVzdCBTdWl0 +ZSBTZXJ2ZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDElMCMGCSqGSIb3DQEJARYWc2Vy +ZnNlcnZlckBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC +ggEBAMo45t59reaBbEkeAchNVc2PkqY9tvwHiug6rvl1togHapnXz6uFx+BIRwys +pgbAcMknI4jxlPzQmG+r35TWjLHKvtflw5+5MkajQF7ZKqCtNhwkj/JPFL7iE0oM +BS5XC7DOyIH1Bz615rvLvbUKVB/3+wkJjf0Lm4QuEYfC3Zi1oZWmOHMLW6eBqNEm +ii/hBliifLlT9GOW9KERLjZ8YMolKszPKSG6DsSQ7jlpVSdNPA9kUnLpEEH0ln5b +NGuYMOKZDFDw1GCfgL31Sn34TVURS08DdH653RMHKS1VqbKpcErvojfYMWiqv4b0 +Csv4DRUfKwDJQs9SRNPS9bRdgUcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAlaKG +fkZcJZSocY0W/UKuf9v6Ml8i4Qe6jwDHTlrMutn9FCWe9Ln3a7cIaNxP3sFExiP3 +epWMLcH0MBS593fdl/whnlQDJntTfVZWv0/qirmRB7kDfC0hBeYHuGp8LSec63Sl +gv4EC3nFgN16g87X8dZ6h5lfaV7oxTGg0873c+hqaC2utgqZ3KbNyzvmkCmWZGyI +L0IYXfqGnOCxyjY72Z2Mhym6DKF0O3JxTr3UpesWs4g4Rqvwr2BRB+p02D3PFb5S +rPrHRfYdALTQv25pbF5ZZ194DN3Wg4Mw47LTlbpeDu/ktC5OxuTmxAB12PXEM66n +eg5rIib3GXgNkIRKlA== +-----END CERTIFICATE----- Propchange: serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfservercert.pem:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem (original) +++ serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem Mon May 29 15:35:20 2023 @@ -1,30 +1,30 @@ ------BEGIN ENCRYPTED PRIVATE KEY----- -MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIEVWBqG6vECoCAggA -MBQGCCqGSIb3DQMHBAiAagREZjJEQQSCBMgpHbLBzmAyx9f4YHhRnDdUm4ftQ7bR -6fF7sKxOD7fdJ+jgEB6xYBIlG9Y4+DDDbz3IvZgXIsweauV+WNscxnTHyJequoFL -qKFPY5bEc2hskZYsi/+LfvvguZLFm1vjK08sORYK2Kdy2hwmk3sTPQmgD2T/jZpg -vI1AkB+hXA/6AVJUVqSyAFH8u3WGr8Dxjz69YCQ+K9cPqYXJdWZzAVq/0ibSRkzL -mSLN8VoF810AXkFxCC7DKxg+mgp9dBdR8uuBXZ9fBOz5YCI92thZwd1iYsTetmWa -LoIS8xLMvuBaalAV8oQ7e0xuow6Cx9IjxlQ/sd8N1Xg+Z2vWTwnj9AOFIHU3s/N8 -e9L51Q9p6igZgmNm2N2+pUQ1Y5mest7gfJ1ka07ypSr0yzOnK7L41VCIposZuzyX -psTRy+zpGULsK0lG5mH0r1CZ88G8puwyUOaOk/yUhHgc4ZSOsDbeWdQ8UohHElUA -ZLkxwt2xWgcd8mG+FQnbXQZhDFII/aP/RBe7xfEwSQr8hhyP8fsyRmbuq5YZrkRw -mMyp6kxX8USKmeXxBEm364RdilFgPUN3djf7ljKCPOJ1y5OTzmBQacMbXGhbqBGY -PZUKE6szzsM1IYnrvUwP7Gf5wksR/VYMr1VnnpeBofaOJ0brXNF/MFiBE13afNT7 -JLUjA3QcAfmdYocfBTVQSM7umSBOrM7H6qsX67ye5ccAK9x1HikgxXRoqV/TxFgI -snrXEtiDrve+nvmPYlmgP5RGyl+bAxtGGjT6TZPlfGACb7xytCpNiOK5bNsgMx7F -ukOMiVE+sQJT95WnOJMXSmiSw2HmSBXwjpnEKNOYe+Cram64Vjaa8dFqIZSvUDMW -ihyWAYZrHro4hKmSdeCmrk4rkYH97BxG2Gm/6oRsEDCTgTUn7OYGm5bAmxz0WPSZ -/TQ7oYSQ3jUlX8q8NPhVPeHizjNwGWyYovmAyAzi3uPTIBsaIdeMiENyyZTXnSHq -IkfAGekcQ/IX6VWpZGiS3ilgSqxInSVfByM2gs2thdIQ1WEcDitGsAJxFPjnimjX -1WFk08/6aUDGK30Q9Mm2X3WjSTvCKq8ccd/bwjvQRepvzjRSl1vt6Ngvv88UPH1e -/0GrKcXNkBEoGqZSk4D60BFz0rpyDplaZLFVEj7ET85sHP+h5JYnKCpjqkHKQUuj -VVhVhjk6IGpVQZnbGf4PSoij61NUfwpKS4zfAHg7JQrl+7bUBreXYWg2+qXvxJOE -HrqYt2aQq9ilG3hrDXgU0+KTNpJEdteeH7ypoYcGEmlljDriwbmYs2lZ5QkgHb6t -1ue5WfnxkjTxxjeh3Aeu3QnHogQHwS4e4zzpiJC0xHFgWbsWVi2mSwtS0aZh9d2P -KCpMl8E7lVVDRcgFPn/36b4K9EvAoTfjEtubOU0M2fD1btQF5t0cNCmpnq6hxC0S -onPj3HGRBh6QxcaV+86UESEPQ12TJfzetXT/+KvVFrPLMzUhwmb8j+Ozb5sU6mPC -mCfhtCzyPW7xk0+X+1dmtUKx35MGaJlf2rbp9xEhML6vMx3qIxbO33f0mP0qiz8b -SLTC8P8VLObo9SCY3DeIqhC83DSXsm+taylHpFGZ0sDl8CXrepLyOp+iOSyGiq1W -ZqE= ------END ENCRYPTED PRIVATE KEY----- +-----BEGIN ENCRYPTED PRIVATE KEY----- +MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIGJFDf32EGxcCAggA +MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD7lJn7uvJmOBIIEyEP/6D6L5ddd +I1xC8yzBTYRuON7FnvpUpTJEsdQqvpIfkRAI0wldMzzyIoA5ypf/W3I0FIaxTWkL +BMGfdVV0+KhX/aStq8Qv2wEfP6OCGDayjEHzkOIm7KliUfYJOSK7hWEB5mLGx166 +u7zacnnx225SQcurOYGQ44VVnUX7PkluJGVXXNwrHiZMoyx0SL1JPM8V2Y27n0HK +zgg3Puf3bHDESHEq3aUGrxwsGKmC2IUTCDDlB/r2R3IVm+XIFMTiMY7xq/vkASMt +IRJhwtDp4OrW+Iq4v9TXAG1Bpgia1gO5e1ZAcQm38XXfESHcmmbbiFKfuGH7GveS +PvzQ2Rf3KbQORhgL/FKP951iMYC94r6/oC7jbc3nFSX56jzLQgD/QIxZM3tTbXjP +qEcvUgglA368zJxx+7JmRRuR9R3Yy8RYJqe4Rx4iVGxK5lrfcnFR8b7VcLMREDtE +P80hcZQltPJ/xpacS7H3z8OWu4Bg85j6yiV0LdrPdQQiwbNaLE66RO6wZ+Y+L3D7 +mivo6jQAwkBIXefYMTGOk61Cc/XzVZjWjs/K7WNOEEGNbzrPczbIPZFBaaVxtys0 +60/seK6+wHCLleKN6Y8zjm4pmpuKtQKBCF4SM+d54HFfvg7RG6+ql3v0fowC6nhp +AvUJGbXUtU5FldEXFOxQaXb2cXbya2CiPMyrqruIUNDgnfH2HZc22M9YxDKP99xt +3FrLYUOE0KFB0KgIBvRYIsmprreAW5mZLIVDL/3o47ym+8gy5OK88XC9qRmRX2oS +YW3rY2g7or3ZZxvaULCIjbj/4B6FPNE+Z01wpoeRZXCjnkGRaoi4kxTBbiM66fpl +V9TgFTFlRd4g/r55Xh1qwo2UlhYtvMTFoIkEPJYZH0899B7YxLUrF2MvZ70tM2q2 +g2DrI46I+mcsvsKHD8zyYWFctSotimzw0ZsQ2uPWthb1JowA0GhyGspzjn+rVlKU +Iexx3ve3E4Si8SRtAK8vUDIMVcGvIwP4YbW/dyClzOgEOLFJWCeQMEqBFGxY4sxC +rANcbJV94Ba0K4pLmuNOz/m0MrdftLbxTchXOYMK9yHM0zC0y6XrWgg1rVJImKUW +tHWE/K9Fm1BmQYasDaFN2c3uzx3PtxQ06iYNxHytK9XmLW8PjFXJbyVXNkmMuRhq +6wLoLRBOPxgTV35zOuhWEOuLr5apNB8faASvaJeDwvf3E9GxVUt/UpUj/TL9mf2m +1itKk2az0XSEizgQ+TX4eZVs8cjWlwXC/Nxv6CvF6eYm2PW3wTN70x+UiyVKB46W +YryyRIs/2SxcgWptJ2duKCpvLprBHQgkmyaabxeO4FCr+c0i7QRf+/hLbAJfxUrz +bOHwXi0cQ5nLio4xDd/rhRSTJ55EcxsLJupKSOt9OzJSEl+WCt4DAnWsFTKunuuA +IaEdjPFVoAykzTOpzC1ZJPEOAEwOpKbqNA/mcj8VywgqGEIcYiYDsHWf6OWNxd89 +OgIWhVWrvhOYq6MYNHTaYZlEdTEXrF2vY/ZRJrxaXp8ew9kvdzibNvuQMc+Nk/BQ +uaPDeP0eLGV0xQFB9we8ZFimAtO+2xV/sDqzDCTMe/lUzj38yYUVjwl4bS2UhByn +IZttXz5GF3D+BemUB0dDVw== +-----END ENCRYPTED PRIVATE KEY----- Propchange: serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem ------------------------------------------------------------------------------ Merged /serf/branches/1.3.x/test/server/serfserverkey.pem:r1781541-1910115 Modified: serf/branches/1.3.x-sslbuild/test/server/test_server.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/test_server.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/test_server.c (original) +++ serf/branches/1.3.x-sslbuild/test/server/test_server.c Mon May 29 15:35:20 2023 @@ -633,6 +633,7 @@ apr_status_t start_test_server(serv_ctx_ { apr_status_t status; apr_socket_t *serv_sock; + apr_time_t retry_end; /* create server socket */ #if APR_VERSION_AT_LEAST(1, 0, 0) @@ -651,9 +652,44 @@ apr_status_t start_test_server(serv_ctx_ apr_socket_opt_set(serv_sock, APR_SO_NONBLOCK, 1); apr_socket_timeout_set(serv_sock, 0); - status = apr_socket_bind(serv_sock, servctx->serv_addr); - if (status != APR_SUCCESS) - return status; + retry_end = apr_time_now() + apr_time_from_sec(120); + while (1) { + status = apr_socket_bind(serv_sock, servctx->serv_addr); + + /* Some of the tests, such as the ones testing the SSL tunnels, can + leave the source port we use for tests blocked due to a TIME_WAIT: + + tcp 0 0 localhost:12345 localhost:37920 TIME_WAIT + + Trying to bind a socket in such a state will result in EADDRINUSE. + On trunk, this issue is solved by making the test server try other + ports starting from the current one. But we cannot really do that + on the 1.3.x branch, as that would require altering most of the tests + that currently hardcode the port number. And we also cannot use + APR_SO_REUSEADDR due to the problems listed in r1711233. + + So we use a retry loop, making some of the test runs longer -- but + also solving the issue without having to change the tests on the + stable branch. + */ +#ifdef WIN32 + if (status == APR_FROM_OS_ERROR(WSAEADDRINUSE)) +#else + if (status == EADDRINUSE) +#endif + { + if (apr_time_now() > retry_end) + return status; + else + apr_sleep(apr_time_from_sec(1)); + } + else if (status != APR_SUCCESS) { + return status; + } + else { + break; + } + } /* listen for clients */ status = apr_socket_listen(serv_sock, SOMAXCONN); Modified: serf/branches/1.3.x-sslbuild/test/server/test_server.h URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/test_server.h?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/test_server.h (original) +++ serf/branches/1.3.x-sslbuild/test/server/test_server.h Mon May 29 15:35:20 2023 @@ -115,6 +115,7 @@ struct serv_ctx_t { void *ssl_ctx; const char *client_cn; apr_status_t bio_read_status; + int hit_eof; }; void setup_test_server(serv_ctx_t **servctx_p, Modified: serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c (original) +++ serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c Mon May 29 15:35:20 2023 @@ -31,6 +31,7 @@ static int init_done = 0; typedef struct ssl_context_t { int handshake_done; + int hit_eof; SSL_CTX* ctx; SSL* ssl; @@ -39,6 +40,11 @@ typedef struct ssl_context_t { } ssl_context_t; +static int err_file_print_cb(const char *str, size_t len, void *bp) +{ + return fwrite(str, 1, len, bp); +} + static int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata) { strncpy(buf, "serftest", size); @@ -92,21 +98,22 @@ static int bio_apr_socket_destroy(BIO *b static long bio_apr_socket_ctrl(BIO *bio, int cmd, long num, void *ptr) { - long ret = 1; + serv_ctx_t *serv_ctx = bio_get_data(bio); + ssl_context_t *ssl_ctx = serv_ctx->ssl_ctx; switch (cmd) { - default: - /* abort(); */ - break; case BIO_CTRL_FLUSH: /* At this point we can't force a flush. */ - break; + return 1; case BIO_CTRL_PUSH: case BIO_CTRL_POP: - ret = 0; - break; + return 0; + case BIO_CTRL_EOF: + return ssl_ctx->hit_eof; + default: + /* abort(); */ + return 0; } - return ret; } /* Returns the amount read. */ @@ -123,6 +130,10 @@ static int bio_apr_socket_read(BIO *bio, serf__log_skt(TEST_VERBOSE, __FILE__, serv_ctx->client_sock, "Read %d bytes from socket with status %d.\n", len, status); + if (APR_STATUS_IS_EOF(status)) { + serv_ctx->hit_eof = 1; + } + if (status == APR_EAGAIN) { BIO_set_retry_read(bio); if (len == 0) @@ -265,10 +276,10 @@ init_ssl_context(serv_ctx_t *serv_ctx, store = SSL_CTX_get_cert_store(ssl_ctx->ctx); while(certfile) { - FILE *fp = fopen(certfile, "r"); - if (fp) { - X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL); - fclose(fp); + BIO *bio = BIO_new_file(certfile, "r"); + if (bio) { + X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL); + BIO_free(bio); SSL_CTX_add_extra_chain_cert(ssl_ctx->ctx, ssl_cert); @@ -301,6 +312,7 @@ static apr_status_t ssl_reset(serv_ctx_t serf__log(TEST_VERBOSE, __FILE__, "Reset ssl context.\n"); ssl_ctx->handshake_done = 0; + ssl_ctx->hit_eof = 0; if (ssl_ctx) SSL_clear(ssl_ctx->ssl); init_ssl(serv_ctx); @@ -368,7 +380,7 @@ static apr_status_t ssl_handshake(serv_c return serv_ctx->bio_read_status; /* Usually APR_EAGAIN */ default: serf__log(TEST_VERBOSE, __FILE__, "SSL Error %d: ", ssl_err); - ERR_print_errors_fp(stderr); + ERR_print_errors_cb(err_file_print_cb, stderr); serf__log_nopref(TEST_VERBOSE, "\n"); return SERF_ERROR_ISSUE_IN_TESTSUITE; } @@ -424,7 +436,7 @@ ssl_socket_read(serv_ctx_t *serv_ctx, ch *len = 0; serf__log(TEST_VERBOSE, __FILE__, "ssl_socket_read SSL Error %d: ", ssl_err); - ERR_print_errors_fp(stderr); + ERR_print_errors_cb(err_file_print_cb, stderr); serf__log_nopref(TEST_VERBOSE, "\n"); return SERF_ERROR_ISSUE_IN_TESTSUITE; } Modified: serf/branches/1.3.x-sslbuild/test/test_auth.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_auth.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/test_auth.c (original) +++ serf/branches/1.3.x-sslbuild/test/test_auth.c Mon May 29 15:35:20 2023 @@ -53,7 +53,6 @@ static void test_authentication_disabled "Transfer-Encoding: chunked" CRLF "WWW-Authenticate: Basic realm=""Test Suite""" CRLF CRLF - "1" CRLF CRLF "0" CRLF CRLF}, }; apr_status_t status; @@ -96,7 +95,6 @@ static void test_unsupported_authenticat "Transfer-Encoding: chunked" CRLF "WWW-Authenticate: NotExistent realm=""Test Suite""" CRLF CRLF - "1" CRLF CRLF "0" CRLF CRLF}, }; apr_status_t status; @@ -195,7 +193,6 @@ static void basic_authentication(CuTest "www-Authenticate: bAsIc realm=""Test Suite""" CRLF "%s" CRLF - "1" CRLF CRLF "0" CRLF CRLF, resp_hdrs); action_list[1].kind = SERVER_RESPOND; action_list[1].text = CHUNKED_EMPTY_RESPONSE; @@ -315,7 +312,6 @@ static void digest_authentication(CuTest "algorithm=\"MD5\",qop-options=\"auth\"" CRLF "%s" CRLF - "1" CRLF CRLF "0" CRLF CRLF, resp_hdrs); /* If the resp_hdrs includes "Connection: close", serf will automatically reset the connection from the client side, no need to use @@ -457,7 +453,6 @@ static void authentication_switch_realms "Transfer-Encoding: chunked" CRLF "WWW-Authenticate: %s realm=""Test Suite""%s" CRLF CRLF - "1" CRLF CRLF "0" CRLF CRLF, scheme, authn_attr); action_list[1].kind = SERVER_RESPOND; action_list[1].text = CHUNKED_EMPTY_RESPONSE; @@ -469,7 +464,6 @@ static void authentication_switch_realms "Transfer-Encoding: chunked" CRLF "WWW-Authenticate: %s realm=""New Realm""%s" CRLF CRLF - "1" CRLF CRLF "0" CRLF CRLF, scheme, authn_attr); action_list[4].kind = SERVER_RESPOND; action_list[4].text = CHUNKED_EMPTY_RESPONSE; Modified: serf/branches/1.3.x-sslbuild/test/test_buckets.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/test_buckets.c (original) +++ serf/branches/1.3.x-sslbuild/test/test_buckets.c Mon May 29 15:35:20 2023 @@ -833,6 +833,74 @@ static void test_response_body_chunked_g } } +/* Test for issue: the server aborts the connection and also sends + a bogus CRLF in place of the expected chunk size. Test that we get + a decent error code from the response bucket instead of APR_EOF. */ +static void test_response_body_chunked_bogus_crlf(CuTest *tc) +{ + test_baton_t *tb = tc->testBaton; + serf_bucket_t *bkt, *tmp; + serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL, + NULL); + + tmp = SERF_BUCKET_SIMPLE_STRING("HTTP/1.1 200 OK" CRLF + "Content-Type: text/plain" CRLF + "Transfer-Encoding: chunked" CRLF + CRLF + "2" CRLF + "AB" CRLF + CRLF, + alloc); + + bkt = serf_bucket_response_create(tmp, alloc); + + { + char buf[1024]; + apr_size_t len; + apr_status_t status; + + status = read_all(bkt, buf, sizeof(buf), &len); + + CuAssertIntEquals(tc, SERF_ERROR_BAD_HTTP_RESPONSE, status); + } + + /* This will also destroy response stream bucket. */ + serf_bucket_destroy(bkt); +} + +static void test_response_body_chunked_invalid_len(CuTest *tc) +{ + test_baton_t *tb = tc->testBaton; + serf_bucket_t *bkt, *tmp; + serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL, + NULL); + + tmp = SERF_BUCKET_SIMPLE_STRING("HTTP/1.1 200 OK" CRLF + "Content-Type: text/plain" CRLF + "Transfer-Encoding: chunked" CRLF + CRLF + "2" CRLF + "AB" CRLF + "invalid" CRLF + CRLF, + alloc); + + bkt = serf_bucket_response_create(tmp, alloc); + + { + char buf[1024]; + apr_size_t len; + apr_status_t status; + + status = read_all(bkt, buf, sizeof(buf), &len); + + CuAssertIntEquals(tc, SERF_ERROR_BAD_HTTP_RESPONSE, status); + } + + /* This will also destroy response stream bucket. */ + serf_bucket_destroy(bkt); +} + static void test_response_bucket_peek_at_headers(CuTest *tc) { apr_pool_t *test_pool = tc->testBaton; @@ -959,7 +1027,7 @@ static void test_linebuf_crlf_split(CuTe CRLF, APR_SUCCESS }, { 1, "6" CR, APR_SUCCESS }, { 1, "", APR_EAGAIN }, - { 1, LF "blabla" CRLF CRLF, APR_SUCCESS }, }; + { 1, LF "blabla" CRLF "0" CRLF CRLF, APR_SUCCESS }, }; apr_status_t status; const char *expected = "blabla"; @@ -1110,12 +1178,14 @@ static void test_random_eagain_in_respon !SERF_BUCKET_READ_ERROR(status)); errmsg = apr_psprintf(iter_pool, "Read more data than expected, EAGAIN" - " inserted at pos: %d, remainder: \"%s\"", + " inserted at pos: %" APR_SIZE_T_FMT + ", remainder: \"%s\"", cut, fullmsg + cut); CuAssert(tc, errmsg, strlen(ptr) >= len); errmsg = apr_psprintf(iter_pool, "Read data is not equal to expected, EAGAIN" - " inserted at pos: %d, remainder: \"%s\"", + " inserted at pos: %" APR_SIZE_T_FMT + ", remainder: \"%s\"", cut, fullmsg + cut); CuAssertStrnEquals_Msg(tc, errmsg, ptr, len, data); @@ -1599,6 +1669,35 @@ static void test_deflate_4GBplus_buckets #undef BUFSIZE } +static void test_deflate_bucket_truncated_data(CuTest *tc) +{ + test_baton_t *tb = tc->testBaton; + serf_bucket_t *input; + serf_bucket_t *bkt; + serf_bucket_t *chunk; + serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL, + NULL); + + /* This is a valid, but truncated gzip data (in two chunks). */ + input = serf_bucket_aggregate_create(alloc); + chunk = SERF_BUCKET_SIMPLE_STRING_LEN("\x1F\x8B\x08\x00\x00", 5, alloc); + serf_bucket_aggregate_append(input, chunk); + chunk = SERF_BUCKET_SIMPLE_STRING_LEN("\x00\x00\x00\x00\x03", 5, alloc); + serf_bucket_aggregate_append(input, chunk); + + bkt = serf_bucket_deflate_create(input, alloc, SERF_DEFLATE_GZIP); + { + char buf[1024]; + apr_size_t len; + apr_status_t status; + + status = read_all(bkt, buf, sizeof(buf), &len); + CuAssertIntEquals(tc, SERF_ERROR_DECOMPRESSION_FAILED, status); + } + + serf_bucket_destroy(bkt); +} + CuSuite *test_buckets(void) { CuSuite *suite = CuSuiteNew(); @@ -1614,6 +1713,8 @@ CuSuite *test_buckets(void) SUITE_ADD_TEST(suite, test_response_body_chunked_no_crlf); SUITE_ADD_TEST(suite, test_response_body_chunked_incomplete_crlf); SUITE_ADD_TEST(suite, test_response_body_chunked_gzip_small); + SUITE_ADD_TEST(suite, test_response_body_chunked_bogus_crlf); + SUITE_ADD_TEST(suite, test_response_body_chunked_invalid_len); SUITE_ADD_TEST(suite, test_response_bucket_peek_at_headers); SUITE_ADD_TEST(suite, test_response_bucket_no_reason); SUITE_ADD_TEST(suite, test_bucket_header_set); @@ -1631,6 +1732,7 @@ CuSuite *test_buckets(void) data so it's disabled by default. */ SUITE_ADD_TEST(suite, test_deflate_4GBplus_buckets); #endif + SUITE_ADD_TEST(suite, test_deflate_bucket_truncated_data); #if 0 SUITE_ADD_TEST(suite, test_serf_default_read_iovec); Modified: serf/branches/1.3.x-sslbuild/test/test_context.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_context.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/test_context.c (original) +++ serf/branches/1.3.x-sslbuild/test/test_context.c Mon May 29 15:35:20 2023 @@ -25,6 +25,8 @@ #include <apr_strings.h> #include <apr_version.h> +#include <openssl/opensslv.h> + #include "serf.h" #include "serf_private.h" @@ -397,8 +399,8 @@ static void test_keepalive_limit_one_by_ CuAssertIntEquals(tc, APR_SUCCESS, status); for (i = 0 ; i < SEND_REQUESTS ; i++) { - create_new_request_with_resp_hdlr(tb, &handler_ctx[i], "GET", "/", i+1, - handle_response_keepalive_limit); + create_new_request_ex(tb, &handler_ctx[i], "GET", "/", i+1, + NULL, handle_response_keepalive_limit); /* TODO: don't think this needs to be done in the loop. */ serf_connection_set_max_outstanding_requests(tb->connection, 1); } @@ -528,8 +530,8 @@ static void test_keepalive_limit_one_by_ CuAssertIntEquals(tc, APR_SUCCESS, status); for (i = 0 ; i < SEND_REQUESTS ; i++) { - create_new_request_with_resp_hdlr(tb, &handler_ctx[i], "GET", "/", i+1, - handle_response_keepalive_limit_burst); + create_new_request_ex(tb, &handler_ctx[i], "GET", "/", i+1, + NULL, handle_response_keepalive_limit_burst); serf_connection_set_max_outstanding_requests(tb->connection, 1); } @@ -651,7 +653,6 @@ static void test_connection_userinfo_in_ handler_baton_t handler_ctx[2]; const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]); int i; - progress_baton_t *pb; test_server_message_t message_list[] = { {CHUNKED_REQUEST(1, "1")}, @@ -1127,34 +1128,90 @@ static apr_status_t validate_rootcacert( return APR_SUCCESS; } -static apr_status_t -ssl_server_cert_cb_expect_failures(void *baton, int failures, - const serf_ssl_certificate_t *cert) +static const char *format_cert_failures(int failures, apr_pool_t *pool) { - test_baton_t *tb = baton; - int expected_failures = *(int *)tb->user_baton; + const char *str = ""; - tb->result_flags |= TEST_RESULT_SERVERCERTCB_CALLED; + if (failures & SERF_SSL_CERT_NOTYETVALID) { + str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_NOTYETVALID", NULL); + failures &= ~SERF_SSL_CERT_NOTYETVALID; + } - /* We expect an error from the certificate validation function. */ - if (failures & expected_failures) - return APR_SUCCESS; + if (failures & SERF_SSL_CERT_EXPIRED) { + str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_EXPIRED", NULL); + failures &= ~SERF_SSL_CERT_EXPIRED; + } + + if (failures & SERF_SSL_CERT_UNKNOWNCA) { + str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_UNKNOWNCA", NULL); + failures &= ~SERF_SSL_CERT_UNKNOWNCA; + } + + if (failures & SERF_SSL_CERT_SELF_SIGNED) { + str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_SELF_SIGNED", NULL); + failures &= ~SERF_SSL_CERT_SELF_SIGNED; + } + + if (failures & SERF_SSL_CERT_UNKNOWN_FAILURE) { + str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_UNKNOWN_FAILURE", NULL); + failures &= ~SERF_SSL_CERT_UNKNOWN_FAILURE; + } + + if (failures & SERF_SSL_CERT_REVOKED) { + str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_REVOKED", NULL); + failures &= ~SERF_SSL_CERT_REVOKED; + } + + if (failures) { + serf__log(TEST_VERBOSE, __FILE__, "Unexpected or unknown cert failure\n"); + abort(); + } + + if (*str) + return str; else - return SERF_ERROR_ISSUE_IN_TESTSUITE; + return "NONE"; } -static apr_status_t -ssl_server_cert_cb_expect_allok(void *baton, int failures, - const serf_ssl_certificate_t *cert) +/* Logs failures in tb->user_baton, for later validation. */ +static apr_status_t ssl_server_cert_cb_log(void *baton, int failures, + const serf_ssl_certificate_t *cert) { test_baton_t *tb = baton; + const char *cert_str; + tb->result_flags |= TEST_RESULT_SERVERCERTCB_CALLED; - /* No error expected, certificate is valid. */ - if (failures) - return SERF_ERROR_ISSUE_IN_TESTSUITE; - else - return APR_SUCCESS; + if (cert) { + apr_hash_t *subject; + const char *common_name; + int depth; + + subject = serf_ssl_cert_subject(cert, tb->pool); + if (!subject) + return SERF_ERROR_ISSUE_IN_TESTSUITE; + + common_name = apr_hash_get(subject, "CN", APR_HASH_KEY_STRING); + depth = serf_ssl_cert_depth(cert); + + cert_str = apr_psprintf(tb->pool, "(CN=%s, depth=%d)", common_name, depth); + } else { + cert_str = "(null)"; + } + + if (!tb->user_baton) + tb->user_baton = ""; + + tb->user_baton = apr_pstrcat( + tb->pool, + tb->user_baton, + "cert_cb: " + "failures = ", format_cert_failures(failures, tb->pool), + ", cert = ", cert_str, + "\n", + NULL); + + return APR_SUCCESS; } static apr_status_t @@ -1171,7 +1228,6 @@ static void test_ssl_handshake(CuTest *t test_baton_t *tb; handler_baton_t handler_ctx[1]; const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]); - int expected_failures; apr_status_t status; test_server_message_t message_list[] = { {CHUNKED_REQUEST(1, "1")}, @@ -1194,20 +1250,34 @@ static void test_ssl_handshake(CuTest *t get_srcdir_file(test_pool, "test/server/serfserverkey.pem"), server_certs_srcdir(server_cert, test_pool), NULL, /* no client cert */ - ssl_server_cert_cb_expect_failures, + ssl_server_cert_cb_log, test_pool); CuAssertIntEquals(tc, APR_SUCCESS, status); - /* This unknown failures is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE, - meaning the chain has only the server cert. A good candidate for its - own failure code. */ - expected_failures = SERF_SSL_CERT_UNKNOWNCA; - tb->user_baton = &expected_failures; - create_new_request(tb, &handler_ctx[0], "GET", "/", 1); test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx, test_pool); + + /* OpenSSL 1.1.1i allows to continue verification for certificates with an + unknown CA. See https://github.com/openssl/openssl/issues/11297. + + These unknown failures are X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY + and X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE. The second one means that + the chain has only the server cert. A good candidate for its own failure + code. */ +#if OPENSSL_VERSION_NUMBER >= 0x1010109fL /* >= 1.1.1i */ + CuAssertStrEquals(tc, + "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n" + "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n" + "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n", + tb->user_baton); +#else + CuAssertStrEquals(tc, + "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n" + "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n", + tb->user_baton); +#endif } /* Set up the ssl context with the CA and root CA certificates needed for @@ -1266,7 +1336,7 @@ static void test_ssl_trust_rootca(CuTest get_srcdir_file(test_pool, "test/server/serfserverkey.pem"), server_certs_srcdir(server_certs, test_pool), NULL, /* no client cert */ - ssl_server_cert_cb_expect_allok, + ssl_server_cert_cb_log, test_pool); CuAssertIntEquals(tc, APR_SUCCESS, status); @@ -1274,6 +1344,9 @@ static void test_ssl_trust_rootca(CuTest test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx, test_pool); + CuAssertStrEquals(tc, + "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n", + tb->user_baton); } /* Validate that when the application rejects the cert, the context loop @@ -1366,7 +1439,7 @@ chain_rootca_callback_conn_setup(apr_soc return status; serf_ssl_server_cert_chain_callback_set(tb->ssl_context, - ssl_server_cert_cb_expect_allok, + ssl_server_cert_cb_log, cert_chain_cb, tb); @@ -1400,7 +1473,7 @@ static void test_ssl_certificate_chain_w get_srcdir_file(test_pool, "test/server/serfserverkey.pem"), server_certs_srcdir(server_certs, test_pool), NULL, /* no client cert */ - ssl_server_cert_cb_expect_allok, + ssl_server_cert_cb_log, test_pool); CuAssertIntEquals(tc, APR_SUCCESS, status); @@ -1408,8 +1481,9 @@ static void test_ssl_certificate_chain_w test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx, test_pool); - - CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCB_CALLED); + CuAssertStrEquals(tc, + "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n", + tb->user_baton); CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCHAINCB_CALLED); } @@ -1442,7 +1516,7 @@ chain_callback_conn_setup(apr_socket_t * return status; serf_ssl_server_cert_chain_callback_set(tb->ssl_context, - ssl_server_cert_cb_expect_allok, + ssl_server_cert_cb_log, cert_chain_all_certs_cb, tb); @@ -1475,7 +1549,7 @@ static void test_ssl_certificate_chain_a get_srcdir_file(test_pool, "test/server/serfserverkey.pem"), server_certs_srcdir(all_server_certs, test_pool), NULL, /* no client cert */ - ssl_server_cert_cb_expect_allok, + ssl_server_cert_cb_log, test_pool); CuAssertIntEquals(tc, APR_SUCCESS, status); @@ -1484,7 +1558,10 @@ static void test_ssl_certificate_chain_a test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx, test_pool); - CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCB_CALLED); + CuAssertStrEquals(tc, + "cert_cb: failures = CERT_SELF_SIGNED, cert = (CN=Serf Root CA, depth=2)\n" + "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n", + tb->user_baton); CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCHAINCB_CALLED); } @@ -1739,7 +1816,6 @@ static void test_ssl_expired_server_cert test_baton_t *tb; handler_baton_t handler_ctx[1]; const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]); - int expected_failures; apr_status_t status; test_server_message_t message_list[] = { {CHUNKED_REQUEST(1, "1")}, @@ -1764,18 +1840,19 @@ static void test_ssl_expired_server_cert get_srcdir_file(test_pool, "test/server/serfserverkey.pem"), server_certs_srcdir(expired_server_certs, test_pool), NULL, /* no client cert */ - ssl_server_cert_cb_expect_failures, + ssl_server_cert_cb_log, test_pool); CuAssertIntEquals(tc, APR_SUCCESS, status); - expected_failures = SERF_SSL_CERT_SELF_SIGNED | - SERF_SSL_CERT_EXPIRED; - tb->user_baton = &expected_failures; - create_new_request(tb, &handler_ctx[0], "GET", "/", 1); test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx, test_pool); + CuAssertStrEquals(tc, + "cert_cb: failures = CERT_SELF_SIGNED, cert = (CN=Serf Root CA, depth=2)\n" + "cert_cb: failures = CERT_EXPIRED, cert = (CN=localhost, depth=0)\n" + "cert_cb: failures = CERT_EXPIRED, cert = (CN=localhost, depth=0)\n", + tb->user_baton); } /* Validate that the expired certificate is reported as failure in the @@ -1785,7 +1862,6 @@ static void test_ssl_future_server_cert( test_baton_t *tb; handler_baton_t handler_ctx[1]; const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]); - int expected_failures; apr_status_t status; test_server_message_t message_list[] = { {CHUNKED_REQUEST(1, "1")}, @@ -1810,18 +1886,19 @@ static void test_ssl_future_server_cert( get_srcdir_file(test_pool, "test/server/serfserverkey.pem"), server_certs_srcdir(future_server_certs, test_pool), NULL, /* no client cert */ - ssl_server_cert_cb_expect_failures, + ssl_server_cert_cb_log, test_pool); CuAssertIntEquals(tc, APR_SUCCESS, status); - expected_failures = SERF_SSL_CERT_SELF_SIGNED | - SERF_SSL_CERT_NOTYETVALID; - tb->user_baton = &expected_failures; - create_new_request(tb, &handler_ctx[0], "GET", "/", 1); test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx, test_pool); + CuAssertStrEquals(tc, + "cert_cb: failures = CERT_SELF_SIGNED, cert = (CN=Serf Root CA, depth=2)\n" + "cert_cb: failures = CERT_NOTYETVALID, cert = (CN=localhost, depth=0)\n" + "cert_cb: failures = CERT_NOTYETVALID, cert = (CN=localhost, depth=0)\n", + tb->user_baton); } @@ -1918,7 +1995,6 @@ static void test_ssltunnel_no_creds_cb(C "Transfer-Encoding: chunked" CRLF "Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF CRLF - "1" CRLF CRLF "0" CRLF CRLF}, }; @@ -2034,7 +2110,6 @@ static void ssltunnel_basic_auth(CuTest "Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF "%s" CRLF - "1" CRLF CRLF "0" CRLF CRLF, proxy_407_resp_hdrs); action_list_proxy[1].kind = SERVER_RESPOND; action_list_proxy[1].text = apr_psprintf(test_pool, @@ -2043,7 +2118,6 @@ static void ssltunnel_basic_auth(CuTest "Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF "%s" CRLF - "1" CRLF CRLF "0" CRLF CRLF, proxy_407_resp_hdrs); action_list_proxy[2].kind = SERVER_RESPOND; @@ -2053,7 +2127,6 @@ static void ssltunnel_basic_auth(CuTest "Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF "%s" CRLF - "1" CRLF CRLF "0" CRLF CRLF, proxy_407_resp_hdrs); action_list_proxy[3].kind = SERVER_RESPOND; @@ -2099,7 +2172,6 @@ static void ssltunnel_basic_auth(CuTest "WWW-Authenticate: Basic realm=""Test Suite""" CRLF "%s" CRLF - "1" CRLF CRLF "0" CRLF CRLF, server_resp_hdrs); action_list_server[1].kind = SERVER_RESPOND; action_list_server[1].text = CHUNKED_EMPTY_RESPONSE; @@ -2244,7 +2316,6 @@ static void test_ssltunnel_digest_auth(C "nonce=\"ABCDEF1234567890\",opaque=\"myopaque\"," "algorithm=\"MD5\",qop-options=\"auth\"" CRLF CRLF - "1" CRLF CRLF "0" CRLF CRLF}, {SERVER_RESPOND, CHUNKED_EMPTY_RESPONSE}, /* Forward the remainder of the data to the server without validation */ @@ -2282,6 +2353,51 @@ static void test_ssltunnel_digest_auth(C CuAssertTrue(tc, tb->result_flags & TEST_RESULT_AUTHNCB_CALLED); } +/* Implements test_request_setup_t */ +static apr_status_t setup_request_err(serf_request_t *request, + void *setup_baton, + serf_bucket_t **req_bkt, + apr_pool_t *pool) +{ + static mockbkt_action actions[] = { + { 1, "a", APR_SUCCESS }, + { 1, "", APR_EINVAL } + }; + handler_baton_t *ctx = setup_baton; + serf_bucket_alloc_t *alloc; + serf_bucket_t *mock_bkt; + + alloc = serf_request_get_alloc(request); + mock_bkt = serf_bucket_mock_create(actions, 2, alloc); + *req_bkt = serf_request_bucket_request_create(request, + ctx->method, ctx->path, + mock_bkt, alloc); + return APR_SUCCESS; +} + +static void test_outgoing_request_err(CuTest *tc) +{ + test_baton_t *tb; + handler_baton_t handler_ctx[1]; + apr_status_t status; + apr_pool_t *test_pool = tc->testBaton; + + status = test_http_server_setup(&tb, NULL, 0, + NULL, 0, 0, NULL, + test_pool); + CuAssertIntEquals(tc, APR_SUCCESS, status); + + create_new_request_ex(tb, &handler_ctx[0], "POST", "/", 1, + setup_request_err, NULL); + + status = test_helper_run_requests_no_check(tc, tb, 1, handler_ctx, + test_pool); + CuAssertIntEquals(tc, APR_EINVAL, status); + CuAssertIntEquals(tc, 1, tb->sent_requests->nelts); + CuAssertIntEquals(tc, 0, tb->accepted_requests->nelts); + CuAssertIntEquals(tc, 0, tb->handled_requests->nelts); +} + /*****************************************************************************/ CuSuite *test_context(void) { @@ -2319,6 +2435,7 @@ CuSuite *test_context(void) SUITE_ADD_TEST(suite, test_ssltunnel_basic_auth_proxy_has_keepalive_off); SUITE_ADD_TEST(suite, test_ssltunnel_basic_auth_proxy_close_conn_on_200resp); SUITE_ADD_TEST(suite, test_ssltunnel_digest_auth); + SUITE_ADD_TEST(suite, test_outgoing_request_err); return suite; } Modified: serf/branches/1.3.x-sslbuild/test/test_serf.h URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_serf.h?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/test_serf.h (original) +++ serf/branches/1.3.x-sslbuild/test/test_serf.h Mon May 29 15:35:20 2023 @@ -193,6 +193,13 @@ apr_status_t test_https_server_proxy_set void *test_setup(void *baton); void *test_teardown(void *baton); +/* Simple variant of serf_request_setup_t for tests. */ +typedef apr_status_t (*test_request_setup_t)( + serf_request_t *request, + void *setup_baton, + serf_bucket_t **req_bkt, + apr_pool_t *pool); + typedef struct { serf_response_acceptor_t acceptor; void *acceptor_baton; @@ -208,6 +215,8 @@ typedef struct { const char *path; /* Use this for a raw request message */ const char *request; + /* Or this, if more control is needed. */ + test_request_setup_t request_setup; int done; test_baton_t *tb; @@ -249,6 +258,7 @@ apr_status_t handle_response(serf_reques void setup_handler(test_baton_t *tb, handler_baton_t *handler_ctx, const char *method, const char *path, int req_id, + test_request_setup_t req_setup, serf_response_handler_t handler); void create_new_prio_request(test_baton_t *tb, handler_baton_t *handler_ctx, @@ -259,11 +269,12 @@ void create_new_request(test_baton_t *tb const char *method, const char *path, int req_id); void -create_new_request_with_resp_hdlr(test_baton_t *tb, - handler_baton_t *handler_ctx, - const char *method, const char *path, - int req_id, - serf_response_handler_t handler); +create_new_request_ex(test_baton_t *tb, + handler_baton_t *handler_ctx, + const char *method, const char *path, + int req_id, + test_request_setup_t req_setup, + serf_response_handler_t handler); /* Mock bucket type and constructor */ typedef struct { Modified: serf/branches/1.3.x-sslbuild/test/test_ssl.c URL: http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_ssl.c?rev=1910116&r1=1910115&r2=1910116&view=diff ============================================================================== --- serf/branches/1.3.x-sslbuild/test/test_ssl.c (original) +++ serf/branches/1.3.x-sslbuild/test/test_ssl.c Mon May 29 15:35:20 2023 @@ -28,12 +28,6 @@ #include "test_serf.h" -#if defined(WIN32) && defined(_DEBUG) -/* Include this file to allow running a Debug build of serf with a Release - build of OpenSSL. */ -#include <openssl/applink.c> -#endif - /* Test setting up the openssl library. */ static void test_ssl_init(CuTest *tc) {