Author: stsp
Date: Mon May 29 15:35:20 2023
New Revision: 1910116
URL: http://svn.apache.org/viewvc?rev=1910116&view=rev
Log:
On the 1.3.x-sslbuild branch: Merge from 1.3.x, resovling conflicts.
The only merge conflict was due to the introduction of the
bio_file_ctrl() function in buckets/ssl_buckets.c.
Added:
serf/branches/1.3.x-sslbuild/.github/
- copied from r1910115, serf/branches/1.3.x/.github/
Modified:
serf/branches/1.3.x-sslbuild/ (props changed)
serf/branches/1.3.x-sslbuild/CHANGES
serf/branches/1.3.x-sslbuild/SConstruct
serf/branches/1.3.x-sslbuild/STATUS
serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c
serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c
serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c
serf/branches/1.3.x-sslbuild/build/check.py
serf/branches/1.3.x-sslbuild/outgoing.c
serf/branches/1.3.x-sslbuild/serf.h
serf/branches/1.3.x-sslbuild/test/serf_bwtp.c
serf/branches/1.3.x-sslbuild/test/serf_get.c
serf/branches/1.3.x-sslbuild/test/serf_spider.c
serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem (contents, props
changed)
serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12 (contents,
props changed)
serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem (contents,
props changed)
serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem
(contents, props changed)
serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem
(contents, props changed)
serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem (contents,
props changed)
serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem (contents,
props changed)
serf/branches/1.3.x-sslbuild/test/server/test_server.c
serf/branches/1.3.x-sslbuild/test/server/test_server.h
serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c
serf/branches/1.3.x-sslbuild/test/test_auth.c
serf/branches/1.3.x-sslbuild/test/test_buckets.c
serf/branches/1.3.x-sslbuild/test/test_context.c
serf/branches/1.3.x-sslbuild/test/test_serf.h
serf/branches/1.3.x-sslbuild/test/test_ssl.c
serf/branches/1.3.x-sslbuild/test/test_util.c
Propchange: serf/branches/1.3.x-sslbuild/
------------------------------------------------------------------------------
Reverse-merged /serf/branches/1.3.x:r1699925,1699931
Merged /serf/branches/1.3.x-fix-outgoing-request-err:r1804540-1808208
Merged /serf/branches/1.3.x-r1909252-group:r1909407-1909903
Merged /serf/branches/1.3.x-r1901040:r1909255-1909900
Merged /serf/branches/1.3.x-r1814714:r1814716-1909313
Merged /serf/branches/1.3.x-r1902208+r1902304:r1909396-1909902
Merged /serf/branches/1.3.x-r1901937:r1909250-1909901
Merged /serf/branches/1.3.x:r1781541-1910115
Merged /serf/branches/1.3.x-r1804008-group:r1805337-1808209
Merged /serf/branches/1.3.x-r1805301:r1805336-1808212
Merged
/serf/trunk:r1699725,1699807,1712131,1758362,1804005,1804008,1804016,1804534,1805301,1807594,1811088,1814714,1861036,1901040,1901937,1902208,1902304,1902398,1909245,1909247,1909252,1909315-1909316,1909318,1909385,1909406,1909413,1909433,1910045-1910047
Modified: serf/branches/1.3.x-sslbuild/CHANGES
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/CHANGES?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/CHANGES (original)
+++ serf/branches/1.3.x-sslbuild/CHANGES Mon May 29 15:35:20 2023
@@ -1,11 +1,26 @@
-Apache Serf 1.3.9 [2016-09-01, from tags/1.3.9, rxxxx]
+Apache Serf 1.3.10 [2023-xx-xx, from tags/1.3.10, rxxxxxxx]
+ Support for OpenSSL 3 (r1901937, ...)
+ Fix issue #171: Win32: Running tests fails with "no OPENSSL_Applink" error
+ Fix issue #194: Win32: Linking error when building against OpenSSL 1.1+
+ Fix issue #198: OpenSSL BIO control method incorrectly handles unknown
requests
+ Fix issue #202: SSL tests are not passing with OpenSSL 3
+ Fix error handling when reading the outgoing request body (r1804534, ...)
+ Fix handling of invalid chunk lengths in the dechunk bucket (r1804005, ...)
+ Fix an endless loop in the deflate bucket with truncated input (r1805301)
+ Fix BIO control handlers to support BIO_CTRL_EOF (r1902208)
+ Fix a CRT mismatch issue caused by using certain OpenSSL functions (r1909252)
+ Build changes to support VS2017, VS2019 and VS2022 (r1712131, ...)
+ Build changes to support Python 3 (r1875933)
+
+
+Apache Serf 1.3.9 [2016-09-01, from tags/1.3.9, r1758195]
serf is now Apache Serf; apply header changes (r1700062)
Fix issue #151: SCons build broken when only one library in ENVPATH
Fix issue #153: avoid SSPI handle leak
Fix issue #167: Explicitly use the ANSI version of SSPI
Fix issue #170: Allow building with Microsoft Visual Studio 2015
- Fix build of 'check' target when using VPATH-style builds (r1699858, ...)
- (builddir != srcdir).
+ Fix build of 'check' target when using VPATH-style builds where
+ builddir != srcdir (r1699858, ...)
Resolve a bucket (aka "memory") leak when a request bucket is
destroyed before it is morphed into an aggregate bucket (r1699791)
Reset state variables when resetting connection (r1708849)
Modified: serf/branches/1.3.x-sslbuild/SConstruct
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/SConstruct?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/SConstruct (original)
+++ serf/branches/1.3.x-sslbuild/SConstruct Mon May 29 15:35:20 2023
@@ -127,7 +127,7 @@ if sys.platform == 'win32':
# Note that Scons 1.3 only supports this on Windows and only when
# constructing Environment(). Later changes to TARGET_ARCH are ignored
EnumVariable('TARGET_ARCH',
- "Platform to build for (x86|x64|win32|x86_64)",
+ "Platform to build for",
'x86',
allowed_values=('x86', 'x86_64', 'ia64'),
map={'X86' : 'x86',
@@ -138,11 +138,20 @@ if sys.platform == 'win32':
}),
EnumVariable('MSVC_VERSION',
- "Visual C++ to use for building (E.g. 11.0, 9.0)",
+ "Visual C++ to use for building",
None,
- allowed_values=('14.0', '12.0',
- '11.0', '10.0', '9.0', '8.0', '6.0')
- ),
+ allowed_values=('14.3', '14.2', '14.1', '14.0', '12.0',
+ '11.0', '10.0', '9.0', '8.0', '6.0'),
+ map={'2005' : '8.0',
+ '2008' : '9.0',
+ '2010' : '10.0',
+ '2012' : '11.0',
+ '2013' : '12.0',
+ '2015' : '14.0',
+ '2017' : '14.1',
+ '2019' : '14.2',
+ '2022' : '14.3',
+ }),
# We always documented that we handle an install layout, but in fact we
# hardcoded source layouts. Allow disabling this behavior.
@@ -166,7 +175,7 @@ env.Append(BUILDERS = {
match = re.search('SERF_MAJOR_VERSION ([0-9]+).*'
'SERF_MINOR_VERSION ([0-9]+).*'
'SERF_PATCH_VERSION ([0-9]+)',
- env.File('serf.h').get_contents(),
+ env.File('serf.h').get_contents().decode('utf-8'),
re.DOTALL)
MAJOR, MINOR, PATCH = [int(x) for x in match.groups()]
env.Append(MAJOR=str(MAJOR))
@@ -183,7 +192,7 @@ CALLOUT_OKAY = not (env.GetOption('clean
unknown = opts.UnknownVariables()
if unknown:
- print 'Warning: Used unknown variables:', ', '.join(unknown.keys())
+ print('Warning: Used unknown variables:', ', '.join(unknown.keys()))
apr = str(env['APR'])
apu = str(env['APU'])
@@ -268,7 +277,10 @@ if sys.platform != 'win32':
env.Append(PLATFORM='posix')
else:
# Warning level 4, no unused argument warnings
- env.Append(CCFLAGS=['/W4', '/wd4100'])
+ env.Append(CCFLAGS=['/W4',
+ '/wd4100', # Unused argument
+ '/we4013', # 'function' undefined; assuming extern
returning int
+ ])
# Choose runtime and optimization
if debug:
@@ -292,6 +304,9 @@ SOURCES = Glob('*.c') + Glob('buckets/*.
lib_static = env.StaticLibrary(LIBNAMESTATIC, SOURCES)
lib_shared = env.SharedLibrary(LIBNAME, SOURCES + SHARED_SOURCES)
+# Define OPENSSL_NO_STDIO to prevent using _fp() API.
+env.Append(CPPDEFINES=['OPENSSL_NO_STDIO'])
+
if aprstatic:
env.Append(CPPDEFINES=['APR_DECLARE_STATIC', 'APU_DECLARE_STATIC'])
@@ -335,7 +350,6 @@ if sys.platform == 'win32':
LIBPATH=['$ZLIB'])
# openssl
- env.Append(LIBS=['libeay32.lib', 'ssleay32.lib'])
if not env.get('SOURCE_LAYOUT', None):
env.Append(CPPPATH=['$OPENSSL/include/openssl'],
LIBPATH=['$OPENSSL/lib'])
@@ -345,6 +359,14 @@ if sys.platform == 'win32':
else:
env.Append(CPPPATH=['$OPENSSL/inc32'],
LIBPATH=['$OPENSSL/out32dll'])
+ conf = Configure(env)
+ if conf.CheckLib('libcrypto'):
+ # OpenSSL 1.1.0+
+ env.Append(LIBS=['libcrypto.lib', 'libssl.lib'])
+ else:
+ # Legacy OpenSSL
+ env.Append(LIBS=['libeay32.lib', 'ssleay32.lib'])
+ conf.Finish()
else:
if os.path.isdir(apr):
apr = os.path.join(apr, 'bin', 'apr-1-config')
Modified: serf/branches/1.3.x-sslbuild/STATUS
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/STATUS?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/STATUS (original)
+++ serf/branches/1.3.x-sslbuild/STATUS Mon May 29 15:35:20 2023
@@ -11,9 +11,32 @@ Status of 1.3.10:
Candidate changes:
==================
+ * r1875937
+ Fix test case against OpenSSL 1.1.1e+.
+ [ NOTE: Superceded by the r1902208 fix. ]
+ Justification:
+ Serf should test cleanly against upstreams.
+ Branch: ^/serf/branches/1.3.x-ssltest
+ Votes:
+ +1: jerenkrantz
+
+ * r1775239-1781240
+ Fix build with current LibreSSL and OpenSSL versions.
+ Justification:
+ Serf should compile out of the box.
+ Branch: ^/serf/branches/1.3.x-sslbuild
+ Votes:
+ +1: stsp, astieger
+ -0: kotkov (
+ - A later change, r1833227, seems to further extend CheckFunc() calls,
+ so maybe this nomination in its current state won't work in some
+ cases on Windows
+ - A signficant change of the build approach, maybe not worth it at
+ this point for the 1.3.x branch
+ - Seems to only be required for LibreSSL, not OpenSSL)
+
Veto-blocked changes:
=====================
Approved changes:
=================
-
Modified: serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c (original)
+++ serf/branches/1.3.x-sslbuild/buckets/dechunk_buckets.c Mon May 29 15:35:20
2023
@@ -85,6 +85,7 @@ static apr_status_t serf_dechunk_read(se
/* if a line was read, then parse it. */
if (ctx->linebuf.state == SERF_LINEBUF_READY) {
+ char *end;
/* NUL-terminate the line. if it filled the entire buffer,
then just assume the thing is too large. */
if (ctx->linebuf.used == sizeof(ctx->linebuf.line))
@@ -92,10 +93,14 @@ static apr_status_t serf_dechunk_read(se
ctx->linebuf.line[ctx->linebuf.used] = '\0';
/* convert from HEX digits. */
- ctx->body_left = apr_strtoi64(ctx->linebuf.line, NULL, 16);
+ ctx->body_left = apr_strtoi64(ctx->linebuf.line, &end, 16);
if (errno == ERANGE) {
return APR_FROM_OS_ERROR(ERANGE);
}
+ else if (ctx->linebuf.line == end) {
+ /* Invalid chunk length, bail out. */
+ return SERF_ERROR_BAD_HTTP_RESPONSE;
+ }
if (ctx->body_left == 0) {
/* Just read the last-chunk marker. We're DONE. */
Modified: serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c (original)
+++ serf/branches/1.3.x-sslbuild/buckets/deflate_buckets.c Mon May 29 15:35:20
2023
@@ -281,9 +281,17 @@ static apr_status_t serf_deflate_read(se
zRC = inflate(&ctx->zstream, Z_NO_FLUSH);
- /* We're full or zlib requires more space. Either case, clear
- out our buffer, reset, and return. */
- if (zRC == Z_BUF_ERROR || ctx->zstream.avail_out == 0) {
+ if (zRC == Z_BUF_ERROR &&
APR_STATUS_IS_EOF(ctx->stream_status) &&
+ ctx->zstream.avail_out > 0) {
+ /* Zlib can't continue, although there's still space in the
+ output buffer. This can happen either if the stream is
+ truncated or corrupted. As we don't know for sure,
+ return a generic error. */
+ return SERF_ERROR_DECOMPRESSION_FAILED;
+ }
+ else if (zRC == Z_BUF_ERROR || ctx->zstream.avail_out == 0) {
+ /* We're full or zlib requires more space. Either case,
clear
+ out our buffer, reset, and return. */
serf_bucket_t *tmp;
ctx->zstream.next_out = ctx->buffer;
private_len = ctx->bufferSize - ctx->zstream.avail_out;
Modified: serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c (original)
+++ serf/branches/1.3.x-sslbuild/buckets/ssl_buckets.c Mon May 29 15:35:20 2023
@@ -176,6 +176,10 @@ struct serf_ssl_context_t {
/* Status of a fatal error, returned on subsequent encrypt or decrypt
requests. */
apr_status_t fatal_err;
+
+ /* OpenSSL 1.1.1e introduced BIO_FLAGS_IN_EOF, but we implement
+ our own hit eof to support versions < 1.1.1e. */
+ int hit_eof;
};
typedef struct {
@@ -284,6 +288,10 @@ static int bio_bucket_read(BIO *bio, cha
serf__log(SSL_VERBOSE, __FILE__, "bio_bucket_read received %d bytes
(%d)\n",
len, status);
+ if (APR_STATUS_IS_EOF(status)) {
+ ctx->hit_eof = 1;
+ }
+
if (!SERF_BUCKET_READ_ERROR(status)) {
/* Oh suck. */
if (len) {
@@ -407,21 +415,43 @@ static int bio_bucket_destroy(BIO *bio)
static long bio_bucket_ctrl(BIO *bio, int cmd, long num, void *ptr)
{
- long ret = 1;
+ serf_ssl_context_t *ctx = bio_get_data(bio);
switch (cmd) {
+ case BIO_CTRL_FLUSH:
+ /* At this point we can't force a flush. */
+ return 1;
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ return 0;
+ case BIO_CTRL_EOF:
+ return ctx->hit_eof;
default:
/* abort(); */
- break;
+ return 0;
+ }
+}
+
+static long bio_file_ctrl(BIO *bio, int cmd, long num, void *ptr)
+{
+ apr_file_t *file = bio_get_data(bio);
+
+ switch (cmd) {
case BIO_CTRL_FLUSH:
/* At this point we can't force a flush. */
- break;
+ return 1;
case BIO_CTRL_PUSH:
case BIO_CTRL_POP:
- ret = 0;
- break;
+ return 0;
+ case BIO_CTRL_EOF:
+ if (apr_file_eof(file) == APR_EOF)
+ return 1;
+ else
+ return 0;
+ default:
+ /* abort(); */
+ return 0;
}
- return ret;
}
#ifdef SERF_NO_SSL_BIO_WRAPPERS
@@ -447,7 +477,7 @@ static BIO_METHOD bio_file_method = {
bio_file_read,
NULL, /* Is this called? */
bio_file_gets, /* Is this called? */
- bio_bucket_ctrl,
+ bio_file_ctrl,
bio_bucket_create,
bio_bucket_destroy,
#ifdef OPENSSL_VERSION_NUMBER
@@ -487,7 +517,7 @@ static BIO_METHOD *bio_meth_file_new(voi
BIO_meth_set_write(biom, bio_file_write);
BIO_meth_set_read(biom, bio_file_read);
BIO_meth_set_gets(biom, bio_file_gets);
- BIO_meth_set_ctrl(biom, bio_bucket_ctrl);
+ BIO_meth_set_ctrl(biom, bio_file_ctrl);
BIO_meth_set_create(biom, bio_bucket_create);
BIO_meth_set_destroy(biom, bio_bucket_destroy);
}
@@ -1326,8 +1356,7 @@ static int ssl_need_client_cert(SSL *ssl
return 0;
}
else {
- printf("OpenSSL cert error: %d %d %d\n", ERR_GET_LIB(err),
- ERR_GET_FUNC(err),
+ printf("OpenSSL cert error: %d %d\n", ERR_GET_LIB(err),
ERR_GET_REASON(err));
PKCS12_free(p12);
bio_meth_free(biom);
@@ -1412,6 +1441,7 @@ static serf_ssl_context_t *ssl_init_cont
ssl_ctx->cached_cert_pw = 0;
ssl_ctx->pending_err = APR_SUCCESS;
ssl_ctx->fatal_err = APR_SUCCESS;
+ ssl_ctx->hit_eof = 0;
ssl_ctx->cert_callback = NULL;
ssl_ctx->cert_pw_callback = NULL;
@@ -1522,11 +1552,11 @@ apr_status_t serf_ssl_load_cert_file(
const char *file_path,
apr_pool_t *pool)
{
- FILE *fp = fopen(file_path, "r");
+ BIO *bio = BIO_new_file(file_path, "r");
- if (fp) {
- X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL);
- fclose(fp);
+ if (bio) {
+ X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+ BIO_free(bio);
if (ssl_cert) {
*cert = apr_palloc(pool, sizeof(serf_ssl_certificate_t));
Modified: serf/branches/1.3.x-sslbuild/build/check.py
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/build/check.py?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/build/check.py (original)
+++ serf/branches/1.3.x-sslbuild/build/check.py Mon May 29 15:35:20 2023
@@ -52,16 +52,16 @@ if __name__ == '__main__':
# Find test responses and run them one by one
for case in glob.glob(testdir + "/testcases/*.response"):
- print "== Testing %s ==" % (case)
+ print("== Testing %s ==" % (case))
try:
subprocess.check_call([SERF_RESPONSE_EXE, case])
except subprocess.CalledProcessError:
- print "ERROR: test case %s failed" % (case)
+ print("ERROR: test case %s failed" % (case))
sys.exit(1)
- print "== Running the unit tests =="
+ print("== Running the unit tests ==")
try:
subprocess.check_call(TEST_ALL_EXE)
except subprocess.CalledProcessError:
- print "ERROR: test(s) failed in test_all"
+ print("ERROR: test(s) failed in test_all")
sys.exit(1)
Modified: serf/branches/1.3.x-sslbuild/outgoing.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/outgoing.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/outgoing.c (original)
+++ serf/branches/1.3.x-sslbuild/outgoing.c Mon May 29 15:35:20 2023
@@ -815,11 +815,14 @@ static apr_status_t write_to_connection(
data as available, we probably don't want to read ALL_AVAIL, but
a lower number, like the size of one or a few TCP packets, the
available TCP buffer size ... */
+ conn->hit_eof = 0;
read_status = serf_bucket_read_iovec(ostreamh,
SERF_READ_ALL_AVAIL,
IOV_MAX,
conn->vec,
&conn->vec_len);
+ if (SERF_BUCKET_READ_ERROR(read_status))
+ return read_status;
if (!conn->hit_eof) {
if (APR_STATUS_IS_EAGAIN(read_status)) {
@@ -841,9 +844,8 @@ static apr_status_t write_to_connection(
conn->dirty_conn = 1;
conn->ctx->dirty_pollset = 1;
}
- else if (read_status && !APR_STATUS_IS_EOF(read_status)) {
- /* Something bad happened. Propagate any errors. */
- return read_status;
+ else if (APR_STATUS_IS_EOF(read_status)) {
+ /* Continue. */
}
}
Modified: serf/branches/1.3.x-sslbuild/serf.h
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/serf.h?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/serf.h (original)
+++ serf/branches/1.3.x-sslbuild/serf.h Mon May 29 15:35:20 2023
@@ -1067,7 +1067,7 @@ void serf_debug__bucket_alloc_check(
/* Version info */
#define SERF_MAJOR_VERSION 1
#define SERF_MINOR_VERSION 3
-#define SERF_PATCH_VERSION 9
+#define SERF_PATCH_VERSION 10
/* Version number string */
#define SERF_VERSION_STRING APR_STRINGIFY(SERF_MAJOR_VERSION) "." \
Modified: serf/branches/1.3.x-sslbuild/test/serf_bwtp.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/serf_bwtp.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/serf_bwtp.c (original)
+++ serf/branches/1.3.x-sslbuild/test/serf_bwtp.c Mon May 29 15:35:20 2023
@@ -155,7 +155,6 @@ static apr_status_t setup_request(serf_r
{
handler_baton_t *ctx = setup_baton;
serf_bucket_t *hdrs_bkt;
- serf_bucket_t *body_bkt;
if (ctx->req_body_path) {
apr_file_t *file;
@@ -168,12 +167,13 @@ static apr_status_t setup_request(serf_r
printf("Error opening file (%s)\n", ctx->req_body_path);
return status;
}
-
+/*
body_bkt = serf_bucket_file_create(file,
serf_request_get_alloc(request));
+*/
}
else {
- body_bkt = NULL;
+/* body_bkt = NULL;*/
}
/*
@@ -371,18 +371,17 @@ static apr_status_t handle_bwtp_upgrade(
if (APR_STATUS_IS_EOF(status)) {
int i;
serf_connection_t *conn;
- serf_request_t *new_req;
conn = serf_request_get_conn(request);
serf_connection_set_async_responses(conn,
accept_bwtp, ctx->acceptor_baton, handle_bwtp, NULL);
- new_req = serf_connection_request_create(conn, setup_channel, ctx);
+ serf_connection_request_create(conn, setup_channel, ctx);
for (i = 0; i < ctx->acceptor_baton->count; i++) {
- new_req = serf_connection_request_create(conn,
- setup_request,
- ctx);
+ serf_connection_request_create(conn,
+ setup_request,
+ ctx);
}
return APR_EOF;
@@ -445,11 +444,9 @@ static apr_status_t handle_response(serf
apr_atomic_dec32(&ctx->requests_outstanding);
if (!ctx->requests_outstanding) {
serf_connection_t *conn;
- serf_request_t *new_req;
conn = serf_request_get_conn(request);
- new_req =
- serf_connection_request_create(conn, setup_close, ctx);
+ serf_connection_request_create(conn, setup_close, ctx);
}
return APR_EOF;
}
@@ -482,7 +479,6 @@ int main(int argc, const char **argv)
apr_sockaddr_t *address;
serf_context_t *context;
serf_connection_t *connection;
- serf_request_t *request;
app_baton_t app_ctx;
handler_baton_t handler_ctx;
apr_uri_t url;
@@ -607,8 +603,8 @@ int main(int argc, const char **argv)
handler_ctx.acceptor_baton = &app_ctx;
handler_ctx.handler = handle_response;
- request = serf_connection_request_create(connection, setup_bwtp_upgrade,
- &handler_ctx);
+ serf_connection_request_create(connection, setup_bwtp_upgrade,
+ &handler_ctx);
for (i = 0; i < app_ctx.count; i++) {
apr_atomic_inc32(&handler_ctx.requests_outstanding);
Modified: serf/branches/1.3.x-sslbuild/test/serf_get.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/serf_get.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/serf_get.c (original)
+++ serf/branches/1.3.x-sslbuild/test/serf_get.c Mon May 29 15:35:20 2023
@@ -420,7 +420,6 @@ int main(int argc, const char **argv)
serf_bucket_alloc_t *bkt_alloc;
serf_context_t *context;
serf_connection_t *connection;
- serf_request_t *request;
app_baton_t app_ctx;
handler_baton_t handler_ctx;
serf_bucket_t *req_hdrs = NULL;
@@ -652,8 +651,9 @@ int main(int argc, const char **argv)
serf_connection_set_max_outstanding_requests(connection, inflight);
for (i = 0; i < count; i++) {
- request = serf_connection_request_create(connection, setup_request,
- &handler_ctx);
+ /* We don't need the returned request here. */
+ serf_connection_request_create(connection, setup_request,
+ &handler_ctx);
}
while (1) {
Modified: serf/branches/1.3.x-sslbuild/test/serf_spider.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/serf_spider.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/serf_spider.c (original)
+++ serf/branches/1.3.x-sslbuild/test/serf_spider.c Mon May 29 15:35:20 2023
@@ -329,10 +329,6 @@ static apr_status_t setup_request(serf_r
}
if (ctx->app_ctx->using_ssl) {
- serf_bucket_alloc_t *req_alloc;
-
- req_alloc = serf_request_get_alloc(request);
-
if (ctx->app_ctx->ssl_ctx == NULL) {
*req_bkt = serf_bucket_ssl_encrypt_create(*req_bkt, NULL,
ctx->app_ctx->bkt_alloc);
@@ -632,8 +628,7 @@ int main(int argc, const char **argv)
app_baton_t app_ctx;
handler_baton_t *handler_ctx;
apr_uri_t url;
- const char *raw_url, *method;
- int count;
+ const char *raw_url;
apr_getopt_t *opt;
char opt_c;
char *authn = NULL;
@@ -652,11 +647,6 @@ int main(int argc, const char **argv)
apr_atomic_init(pool);
/* serf_initialize(); */
- /* Default to one round of fetching. */
- count = 1;
- /* Default to GET. */
- method = "GET";
-
apr_getopt_init(&opt, pool, argc, argv);
while ((status = apr_getopt(opt, "a:hv", &opt_c, &opt_arg)) ==
Modified: serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem (original)
+++ serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem Mon May 29 15:35:20
2023
@@ -1,25 +1,25 @@
------BEGIN CERTIFICATE-----
-MIIEHTCCAwWgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC
-RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT
-FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsTElRlc3QgU3VpdGUgUm9v
-dCBDQTEVMBMGA1UEAxMMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm
-cm9vdGNhQGV4YW1wbGUuY29tMB4XDTE0MDQxOTIxMTcyNloXDTE3MDQxODIxMTcy
-NlowgaAxCzAJBgNVBAYTAkJFMRAwDgYDVQQIEwdBbnR3ZXJwMREwDwYDVQQHEwhN
-ZWNoZWxlbjEfMB0GA1UEChMWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEWMBQGA1UE
-CxMNVGVzdCBTdWl0ZSBDQTEQMA4GA1UEAxMHU2VyZiBDQTEhMB8GCSqGSIb3DQEJ
-ARYSc2VyZmNhQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEA3HuEeB7EBW9i7ibiSNWwk3iCgJexF/ggQ+Am2lA7wnAWdnTjFWP+HKqD
-o+MH3xkr5dg/SaNWmvV0OFGvIcZRgpoFaBSn+BJ+X6FKzF/S36q8HckAzScjr5KB
-hubnSZR98m2jEcWyznGoDBahq+ZozYSJKKwirOhckrfOTWqlQvcjtk8pUdkTK/c8
-8qnDoRFgDuqRZdF8bcZ70bo24R2XnfGhb0T359cN+cfEcUk7UZs22+JvoAxjMB3/
-oODXHammr6+86t3SYTyXGpYnkUpAecVI2wtB61RbAbBt91jifQLijBNtYWfZKqjW
-cvW+oNeMuUao479T/e0WZvAkaIsRkQIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0G
-A1UdDgQWBBQQ9mwXNXPt7xaDnB1cV1JWfUxkhTAfBgNVHSMEGDAWgBQ8ffmGwxZN
-VX8CrM99b6wUq4qTyDANBgkqhkiG9w0BAQsFAAOCAQEAUDHna1Mb33PCnwPoo46o
-/4CypCDEkOsVIOvbFjs5viHL5O1t4/IcjWHv3OmXWar3iVdxe2kirGEcUNJkOldb
-vQz70t82WMClD0HkTBvICMOoZyxxds6mkp94GTI5z83AmiNZFCcIoCLs0RFmUXuK
-LPnIB6KyS5MY74YgwXZTWlVCtDYDOPfNpAfNgxmtkVhEx4Yv5kdVqc6DLcBIWx04
-qSXsL27091qt8t6g5xpf7rYrrAxyXWXDn7oF05F8ifmgvGekvI33Uj61ZoD1OJHQ
-AY7qZcHXZL2pcVTr3xafrnaqUOeiacdHIwq6Hu3KkgLfJ/tjK6eKIxVs+PXj1Wlo
-Lg==
------END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIEHzCCAwegAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC
+RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM
+FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsMElRlc3QgU3VpdGUgUm9v
+dCBDQTEVMBMGA1UEAwwMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm
+cm9vdGNhQGV4YW1wbGUuY29tMCAXDTIxMTAwNDIyNDQ1MloYDzIxMjEwOTEwMjI0
+NDUyWjCBoDELMAkGA1UEBhMCQkUxEDAOBgNVBAgMB0FudHdlcnAxETAPBgNVBAcM
+CE1lY2hlbGVuMR8wHQYDVQQKDBZJbiBTZXJmIHdlIHRydXN0LCBJbmMuMRYwFAYD
+VQQLDA1UZXN0IFN1aXRlIENBMRAwDgYDVQQDDAdTZXJmIENBMSEwHwYJKoZIhvcN
+AQkBFhJzZXJmY2FAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDF7F+MfBDiTD4q/9XO5A1m/D9ZW1/3zgSyXldVrxb4bHBty6EKyWtM
+PbGAENS6Lt6JyuzgNtX9Qxp2slO1UB6zZS2SE6qMw81V/td4+NuyFssQIjMexINx
+cmvkg9OOOxEnkWVEpzf6cwHZKIPnT2Z/jrAXVIc2eery+fBDQ9qncUSmWMKKASHD
+h9DN38DqHdxkwyFhOpo3ag0ARxK5kNFzn6T3jXo2c0AC+eFhqTW04ZxQ1Lv3Rmdi
+jSACge/0DcWDhYpW3hSpNM9RlggHn48s8NVqN/YbQ4x3qk4zGLSgFXuVKcUTIHy3
+3Din/Nr2VNLSVK4Th4KapJOKO59qG1BxAgMBAAGjUDBOMAwGA1UdEwQFMAMBAf8w
+HQYDVR0OBBYEFBX4uVoH+c83XDA765aLBA9CNO30MB8GA1UdIwQYMBaAFDd9r2kG
+qmu3sBEddrdQuRXCMNgjMA0GCSqGSIb3DQEBCwUAA4IBAQCY+TcCh2rGLv7+rT4g
+PelB1U1xVVgMp7tOLb56CNJfEKi/KIVYJxNMwyivvNQgDWcX4TCoH7WbQsaSVTyB
+sz7w9udD8U9A4urz3hiTRTBXCghzlxiIggAmj7/E+QsoxF7QX0HZnGwqqSVS//rc
+c0G3u/rzaWWlzNHJDT7TofT4qgRxO8oz/rTH2z5V0c5oH1iVXlSsu9HduxVseV/M
+K/3NpZ33cj3b/eosjnTYSbxO7OWEydWHvi5pss9Pb2GzyFpoDiG4u62G7TPvHwG8
+WvQ/z7bDAcikrDrFr5xjtEbeUbmMq2xTRHqkbs2cENUNcJoKZypM2JNaVPbXpT24
++3bJ
+-----END CERTIFICATE-----
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfcacert.pem
------------------------------------------------------------------------------
Merged /serf/branches/1.3.x/test/server/serfcacert.pem:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
Binary files - no diff available.
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfclientcert.p12
------------------------------------------------------------------------------
Merged /serf/branches/1.3.x/test/server/serfclientcert.p12:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem (original)
+++ serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem Mon May 29
15:35:20 2023
@@ -1,25 +1,25 @@
------BEGIN CERTIFICATE-----
-MIIEKzCCAxOgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC
-RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT
-FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsTElRlc3QgU3VpdGUgUm9v
-dCBDQTEVMBMGA1UEAxMMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm
-cm9vdGNhQGV4YW1wbGUuY29tMB4XDTE0MDQxOTIxMTcyNVoXDTE3MDQxODIxMTcy
-NVowga4xCzAJBgNVBAYTAkJFMRAwDgYDVQQIEwdBbnR3ZXJwMREwDwYDVQQHEwhN
-ZWNoZWxlbjEfMB0GA1UEChMWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEbMBkGA1UE
-CxMSVGVzdCBTdWl0ZSBSb290IENBMRUwEwYDVQQDEwxTZXJmIFJvb3QgQ0ExJTAj
-BgkqhkiG9w0BCQEWFnNlcmZyb290Y2FAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3
-DQEBAQUAA4IBDwAwggEKAoIBAQCsSwBl8wpBCuSvD4EQX1pgOfoKCLlYf0LExusE
-x+Kiz7ZemlOvGffHazpLbYA1nMi+sKYe3Y8LTJnMaQm3V3eDG/qP84X6FP8vBlfS
-DJCeNoQ3+oZUPLwKzrV9SZh96nXDXWsMYq3wF/4jjl1ZG+Xz3gRVD60ZEblYN9Hn
-dPLmnZaMn3K1HHgMqNZPUs+q85/w3BxdcGLU8oaWR6esdMa8jUjcqMAnh0JOz2mg
-uiEQex7tafz77whf2WPJ7cxY5fAFnBMM8l35QQA49ZA+I9toVyP7fadMkjB8g4so
-o9z/5ODh4sB5YVnFltSTFRFuSj7pau5Yn4wJGlJas5JgmIZjAgMBAAGjUDBOMAwG
-A1UdEwQFMAMBAf8wHQYDVR0OBBYEFDx9+YbDFk1VfwKsz31vrBSripPIMB8GA1Ud
-IwQYMBaAFDx9+YbDFk1VfwKsz31vrBSripPIMA0GCSqGSIb3DQEBCwUAA4IBAQAE
-zB/Uco7La4sgXBxKAbMa75B01eR/3Ur9Xl2eHzQKbsEte1ERXPxtu+bS/WP+5D/A
-1OKNVvFr0KqK2xlYXjXrjfgXZEc5nizLtnqHq/iE4PKwfptJFTeIexjv2WK5ErnT
-PaF9dWDpwhOjiUcdU9/ILWE3PcIgrffr0VYqNkO7/vPTBablreJbPvT5vDMnm9Fz
-cVBDmlUvg7M1+G7XVbk00Y6yenI2j+q1DkAuYBcQb3xjsFdMsVsCN9F6/4BWhS+f
-z90CFM3Ndu0xXV8t+cl0mAljluRfxFjTCB7GxgxzKtPYHTQUtUfNKhVohNk4IF1z
-sO9kZ8pSTplTJ9Q8hJfi
------END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIELTCCAxWgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGuMQswCQYDVQQGEwJC
+RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM
+FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGzAZBgNVBAsMElRlc3QgU3VpdGUgUm9v
+dCBDQTEVMBMGA1UEAwwMU2VyZiBSb290IENBMSUwIwYJKoZIhvcNAQkBFhZzZXJm
+cm9vdGNhQGV4YW1wbGUuY29tMCAXDTIxMTAwNDIyNDQ1MloYDzIxMjEwOTEwMjI0
+NDUyWjCBrjELMAkGA1UEBhMCQkUxEDAOBgNVBAgMB0FudHdlcnAxETAPBgNVBAcM
+CE1lY2hlbGVuMR8wHQYDVQQKDBZJbiBTZXJmIHdlIHRydXN0LCBJbmMuMRswGQYD
+VQQLDBJUZXN0IFN1aXRlIFJvb3QgQ0ExFTATBgNVBAMMDFNlcmYgUm9vdCBDQTEl
+MCMGCSqGSIb3DQEJARYWc2VyZnJvb3RjYUBleGFtcGxlLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMHRLqkhe4RGOq5PNkXFc7pvxA8AaEpSJNDu
+3YE2JSBuXUWjcchFy90L4IYg6Ars2QLUpT4QvvavtCUub0ACMUkA8vKqSRsL1T+m
+xySXduaKCF04VQDIdaxW7DBAWNLdW6SOx+IG5DFe4FFOtPUWedxSdfcky1v8fG0U
+Dl3Ic5TXEfB9sQNks+5OtxnPnIJq+uXJCg2sBLJxdGgZbFnHZ7+x1KXeyfZYA4k1
+6XGxiGhZHQb/FkuZiI62gGfAjyNoF6tX/OvxH7oViRPzR4GGeD5vzpbI/SP6QkEJ
+XeOUb2R5UbDmvrSWbSSV+l4B/bCEwdbF1OgPH7K5+LzQ7Klw7FMCAwEAAaNQME4w
+DAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUN32vaQaqa7ewER12t1C5FcIw2CMwHwYD
+VR0jBBgwFoAUN32vaQaqa7ewER12t1C5FcIw2CMwDQYJKoZIhvcNAQELBQADggEB
+AFAH3BvIMrBy9rSkWTtztHzEmqC+w/zohBw7Z3owA5K6P4UVAwEYOU6ayMf+HNN0
+UtoGwSqdvi7j2S2n1Q9t+l2fe4lzzpsjM3TFAdtfWKc87X315lW5xBe6WM68Cdxv
+Xxw1KRFfejdSUiRea+2KeHBYBOyaRjaYU0pfsm52qVVhRBw6EGs/5p6oRVx0PS58
+Fs73YwDmj/lu+VH99IzTMU/fiGQXyHPVtnBEBGFblbeJU/B+Mk5DQrEm24gZ/n9P
+Gh9ZJDTmPZyUSlSzyWC6AWBrc9wBz3orMNIimx59QVBQl78rYhHS19VgZJN68WtQ
+MwWOqBs37qKlzj0NS1AYtDo=
+-----END CERTIFICATE-----
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfrootcacert.pem
------------------------------------------------------------------------------
Merged /serf/branches/1.3.x/test/server/serfrootcacert.pem:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem
(original)
+++ serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem Mon
May 29 15:35:20 2023
@@ -1,23 +1,23 @@
-----BEGIN CERTIFICATE-----
MIIDxzCCAq+gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC
-RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT
-FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsTDVRlc3QgU3VpdGUgQ0Ex
-EDAOBgNVBAMTB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl
-LmNvbTAeFw0xNDA0MTkyMTE3MjZaFw0xMzA0MTkyMTE3MjZaMIGqMQswCQYDVQQG
-EwJCRTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNV
-BAoTFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsTEVRlc3QgU3VpdGUg
-U2VydmVyMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz
-ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDPSJs4Dhlb9JpmS50uOfAN0lOFkU89FEU4SAGziNcuevcOM87dsjENMpwMJrC+
-Emepkf5KAFkSRRuIBCms2Hx0Xm/LPRXhXMys2um3U/lkbu+HqPtWwhr9vsA+LjYG
-787943qnfSPvOSssedVKkg03HchCzlko+iL3dQfQFyj7/Ew7Lh9K+TiWTnlrCGY9
-gS1NgKK+kEfXoBUp2+Fq1aUiO2wGKNK9ntcan28pIuJljBtI9hEp93Gs95zl2SR8
-e987YIveip2ofXrGEtGGuXftg1VE+jADJNBcByRpRS8cwyFx1sI9JUp/Uj899R49
-r706i9vPwLwwRAlDFB23m2ffAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAD9aCwa9
-LUEF+bZGC5dYAmXDPDJdd/wa+sJcjFKf6/iDYowBMN/Rbd122XwFyPxkRa6jKqBF
-0Ub6mVXjjj7/B/nhO7g/ZjrhVBPdlUG8ehoCLtff2lME/BNDysj3dF/gKtJYdl6+
-7dvRenLG/MX8Vg/VBP5ZBLTqPms5VT570nFUidMkIK+tIBwuHFu499SXg1bI/pEF
-Jy5sUDXQD+acwDRV1aSnggwykkeH1loFkFmecdHGXip1/XLB0ts7z8lQgPC8PiCT
-xflJt4yg1U14oJkz65wrIuBt9m5GeZuca+F+BZQSN+annaXKfrPi7kOYd2BeYiz0
-t4xQp6/lhs52tj8=
------END CERTIFICATE-----
+RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM
+FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsMDVRlc3QgU3VpdGUgQ0Ex
+EDAOBgNVBAMMB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl
+LmNvbTAeFw0yMTEwMDQyMjQ0NTJaFw0yMDEwMDQyMjQ0NTJaMIGqMQswCQYDVQQG
+EwJCRTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNV
+BAoMFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsMEVRlc3QgU3VpdGUg
+U2VydmVyMRIwEAYDVQQDDAlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz
+ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDKOObefa3mgWxJHgHITVXNj5KmPbb8B4roOq75dbaIB2qZ18+rhcfgSEcMrKYG
+wHDJJyOI8ZT80Jhvq9+U1oyxyr7X5cOfuTJGo0Be2SqgrTYcJI/yTxS+4hNKDAUu
+VwuwzsiB9Qc+tea7y721ClQf9/sJCY39C5uELhGHwt2YtaGVpjhzC1ungajRJoov
+4QZYony5U/RjlvShES42fGDKJSrMzykhug7EkO45aVUnTTwPZFJy6RBB9JZ+WzRr
+mDDimQxQ8NRgn4C99Up9+E1VEUtPA3R+ud0TByktVamyqXBK76I32DFoqr+G9ArL
++A0VHysAyULPUkTT0vW0XYFHAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJBm4EPk
+d42ahVlmd+EdT5YoGAuJP9NeTBTPnPsPnHvH8IiIn5G/UzARI/jqjEAFxNwMm+bX
+YjuzH+mIpVMBBsDDmaiNJCdRIMArQPJs6cR3udt86bBZjgdfTywagjLykYgtC19n
+G5/oNgdsIcsWIujj/2LpQLnXjT8CZrDrtaJ1j41wHNvFnePhN1YDUur6Ig8r/LpD
+i28mcLbcV7kneLgw/RDRxiLwdyFPuT3pL/R2ejF4XXPHTzmo4aDPSv0j+GOwsKPE
+K6yx7bkmk/SbSkbbiD6GKLmGlCURa4F1o3RDF0+QrAyqqR2Gw/OMWY+ouYKYYl15
+mIaumWPYV5ZcR7I=
+-----END CERTIFICATE-----
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfserver_expired_cert.pem
------------------------------------------------------------------------------
Merged
/serf/branches/1.3.x/test/server/serfserver_expired_cert.pem:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem
(original)
+++ serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem Mon May
29 15:35:20 2023
@@ -1,23 +1,23 @@
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC
-RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT
-FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsTDVRlc3QgU3VpdGUgQ0Ex
-EDAOBgNVBAMTB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl
-LmNvbTAeFw0yNDA0MTYyMTE3MjZaFw0yNzA0MTYyMTE3MjZaMIGqMQswCQYDVQQG
-EwJCRTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNV
-BAoTFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsTEVRlc3QgU3VpdGUg
-U2VydmVyMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz
-ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDPSJs4Dhlb9JpmS50uOfAN0lOFkU89FEU4SAGziNcuevcOM87dsjENMpwMJrC+
-Emepkf5KAFkSRRuIBCms2Hx0Xm/LPRXhXMys2um3U/lkbu+HqPtWwhr9vsA+LjYG
-787943qnfSPvOSssedVKkg03HchCzlko+iL3dQfQFyj7/Ew7Lh9K+TiWTnlrCGY9
-gS1NgKK+kEfXoBUp2+Fq1aUiO2wGKNK9ntcan28pIuJljBtI9hEp93Gs95zl2SR8
-e987YIveip2ofXrGEtGGuXftg1VE+jADJNBcByRpRS8cwyFx1sI9JUp/Uj899R49
-r706i9vPwLwwRAlDFB23m2ffAgMBAAEwDQYJKoZIhvcNAQELBQADggEBABp4mfjd
-CCixsQkBQAzHIBO8i/UC1XRwYy0Bfjq54PNp608Z6h0Oh2igODJ9y4j69ItgWOda
-4jK1xrkUD7p7SFR2WQdEO4hWwq3Rlsknj3SLsyfESzK4vRLO2c2LU1Uyfset5DMP
-ty7ja2Bqwy+o86u/vbYfU8fA03xJuFIUrztauhVl3vi64v5y6kUUMRslQQSo7pam
-jdDwN1HABeQGY73fAVKRHo+pe5a5yXOJ//wm2cH2CcIbWNbK4BSmBj81fgmgvUPp
-JbmQw7+qy4qcifDbiIiCBhTWwgHSozYwtrprQ7vFvnnxO6tjcaHYZYjSNb2yIrEU
-r3cl/ZbuP1O0aW4=
------END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyTCCArGgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC
+RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM
+FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsMDVRlc3QgU3VpdGUgQ0Ex
+EDAOBgNVBAMMB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl
+LmNvbTAgFw0zMTEwMDIyMjQ0NTJaGA8yMTIxMDkxMDIyNDQ1MlowgaoxCzAJBgNV
+BAYTAkJFMRAwDgYDVQQIDAdBbnR3ZXJwMREwDwYDVQQHDAhNZWNoZWxlbjEfMB0G
+A1UECgwWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEaMBgGA1UECwwRVGVzdCBTdWl0
+ZSBTZXJ2ZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDElMCMGCSqGSIb3DQEJARYWc2Vy
+ZnNlcnZlckBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMo45t59reaBbEkeAchNVc2PkqY9tvwHiug6rvl1togHapnXz6uFx+BIRwys
+pgbAcMknI4jxlPzQmG+r35TWjLHKvtflw5+5MkajQF7ZKqCtNhwkj/JPFL7iE0oM
+BS5XC7DOyIH1Bz615rvLvbUKVB/3+wkJjf0Lm4QuEYfC3Zi1oZWmOHMLW6eBqNEm
+ii/hBliifLlT9GOW9KERLjZ8YMolKszPKSG6DsSQ7jlpVSdNPA9kUnLpEEH0ln5b
+NGuYMOKZDFDw1GCfgL31Sn34TVURS08DdH653RMHKS1VqbKpcErvojfYMWiqv4b0
+Csv4DRUfKwDJQs9SRNPS9bRdgUcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAM0Ex
+GfLuzQ6S75JvVj1YxRvRoY2ZNL0aXenJ40CAhrOvTGFTr5r2uOTfYh61Fnw0VUbE
+c/aH7812yhhxBNv71Zgt6zAt+jwuvHec6NBchA2hZgp9aAGLwcWBbdtlAPK+PkTa
+YZRJmhe++PlspFjnEeKjTjWkUf+3QAzY0QW5GGas1z7WD5Z6goFRRO83M/J9BGVr
+1V2EtCk9YvC/SOnZ2R7I2bwaRD4YdIha3ifw8eJaVrYIvMEKCAKEoXBuseuZnitE
+MTmgPQdzPlGgyevstMu0HXD3ejHB0TWTwVFzqVQxh3YahgdW3GcJOPlGZCI9G1w7
+A5R/DdQ0s/t0FiYHeQ==
+-----END CERTIFICATE-----
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfserver_future_cert.pem
------------------------------------------------------------------------------
Merged
/serf/branches/1.3.x/test/server/serfserver_future_cert.pem:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem (original)
+++ serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem Mon May 29
15:35:20 2023
@@ -1,23 +1,23 @@
------BEGIN CERTIFICATE-----
-MIIDxzCCAq+gAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC
-RTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNVBAoT
-FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsTDVRlc3QgU3VpdGUgQ0Ex
-EDAOBgNVBAMTB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl
-LmNvbTAeFw0xNDA0MTkyMTE3MjZaFw0xNzA0MTgyMTE3MjZaMIGqMQswCQYDVQQG
-EwJCRTEQMA4GA1UECBMHQW50d2VycDERMA8GA1UEBxMITWVjaGVsZW4xHzAdBgNV
-BAoTFkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xGjAYBgNVBAsTEVRlc3QgU3VpdGUg
-U2VydmVyMRIwEAYDVQQDEwlsb2NhbGhvc3QxJTAjBgkqhkiG9w0BCQEWFnNlcmZz
-ZXJ2ZXJAZXhhbXBsZS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
-AQDPSJs4Dhlb9JpmS50uOfAN0lOFkU89FEU4SAGziNcuevcOM87dsjENMpwMJrC+
-Emepkf5KAFkSRRuIBCms2Hx0Xm/LPRXhXMys2um3U/lkbu+HqPtWwhr9vsA+LjYG
-787943qnfSPvOSssedVKkg03HchCzlko+iL3dQfQFyj7/Ew7Lh9K+TiWTnlrCGY9
-gS1NgKK+kEfXoBUp2+Fq1aUiO2wGKNK9ntcan28pIuJljBtI9hEp93Gs95zl2SR8
-e987YIveip2ofXrGEtGGuXftg1VE+jADJNBcByRpRS8cwyFx1sI9JUp/Uj899R49
-r706i9vPwLwwRAlDFB23m2ffAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAHL9mzR3
-o5K3pTnSVzxE6DE/BiXY1SutA0Bp6r24aiITl7QBn0oeXo+BCm1k46W/7zL7IExQ
-sIfd07P5yrgeDlpmI3ciYD9x1Lumxks4j0HJBkVfjE6M0tCj9JTDKDUeyNkaYybL
-TN60dlvAaBrtLrpoYOJNFQNNgmZqUhu2VxPXJzMZrgZiv3g4YqBIBLzI64+bBQ5B
-Ap/DgzNbyMVDa/+CL1rU2editJTI39uU9feVVB35l5ZCb7cahcxE7y9xMhNx358B
-DuGsLXBOs6GHf9h8M+yLr1VjtN7LebkRmwSry/IKB7o6VkWOFXghMLOfSyzBwfFP
-EK7YBZc1B+X5xjg=
------END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDyTCCArGgAwIBAgIDAYa0MA0GCSqGSIb3DQEBCwUAMIGgMQswCQYDVQQGEwJC
+RTEQMA4GA1UECAwHQW50d2VycDERMA8GA1UEBwwITWVjaGVsZW4xHzAdBgNVBAoM
+FkluIFNlcmYgd2UgdHJ1c3QsIEluYy4xFjAUBgNVBAsMDVRlc3QgU3VpdGUgQ0Ex
+EDAOBgNVBAMMB1NlcmYgQ0ExITAfBgkqhkiG9w0BCQEWEnNlcmZjYUBleGFtcGxl
+LmNvbTAgFw0yMTEwMDQyMjQ0NTJaGA8yMTIxMDkxMDIyNDQ1MlowgaoxCzAJBgNV
+BAYTAkJFMRAwDgYDVQQIDAdBbnR3ZXJwMREwDwYDVQQHDAhNZWNoZWxlbjEfMB0G
+A1UECgwWSW4gU2VyZiB3ZSB0cnVzdCwgSW5jLjEaMBgGA1UECwwRVGVzdCBTdWl0
+ZSBTZXJ2ZXIxEjAQBgNVBAMMCWxvY2FsaG9zdDElMCMGCSqGSIb3DQEJARYWc2Vy
+ZnNlcnZlckBleGFtcGxlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAMo45t59reaBbEkeAchNVc2PkqY9tvwHiug6rvl1togHapnXz6uFx+BIRwys
+pgbAcMknI4jxlPzQmG+r35TWjLHKvtflw5+5MkajQF7ZKqCtNhwkj/JPFL7iE0oM
+BS5XC7DOyIH1Bz615rvLvbUKVB/3+wkJjf0Lm4QuEYfC3Zi1oZWmOHMLW6eBqNEm
+ii/hBliifLlT9GOW9KERLjZ8YMolKszPKSG6DsSQ7jlpVSdNPA9kUnLpEEH0ln5b
+NGuYMOKZDFDw1GCfgL31Sn34TVURS08DdH653RMHKS1VqbKpcErvojfYMWiqv4b0
+Csv4DRUfKwDJQs9SRNPS9bRdgUcCAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAlaKG
+fkZcJZSocY0W/UKuf9v6Ml8i4Qe6jwDHTlrMutn9FCWe9Ln3a7cIaNxP3sFExiP3
+epWMLcH0MBS593fdl/whnlQDJntTfVZWv0/qirmRB7kDfC0hBeYHuGp8LSec63Sl
+gv4EC3nFgN16g87X8dZ6h5lfaV7oxTGg0873c+hqaC2utgqZ3KbNyzvmkCmWZGyI
+L0IYXfqGnOCxyjY72Z2Mhym6DKF0O3JxTr3UpesWs4g4Rqvwr2BRB+p02D3PFb5S
+rPrHRfYdALTQv25pbF5ZZ194DN3Wg4Mw47LTlbpeDu/ktC5OxuTmxAB12PXEM66n
+eg5rIib3GXgNkIRKlA==
+-----END CERTIFICATE-----
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfservercert.pem
------------------------------------------------------------------------------
Merged /serf/branches/1.3.x/test/server/serfservercert.pem:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem (original)
+++ serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem Mon May 29
15:35:20 2023
@@ -1,30 +1,30 @@
------BEGIN ENCRYPTED PRIVATE KEY-----
-MIIFDjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIEVWBqG6vECoCAggA
-MBQGCCqGSIb3DQMHBAiAagREZjJEQQSCBMgpHbLBzmAyx9f4YHhRnDdUm4ftQ7bR
-6fF7sKxOD7fdJ+jgEB6xYBIlG9Y4+DDDbz3IvZgXIsweauV+WNscxnTHyJequoFL
-qKFPY5bEc2hskZYsi/+LfvvguZLFm1vjK08sORYK2Kdy2hwmk3sTPQmgD2T/jZpg
-vI1AkB+hXA/6AVJUVqSyAFH8u3WGr8Dxjz69YCQ+K9cPqYXJdWZzAVq/0ibSRkzL
-mSLN8VoF810AXkFxCC7DKxg+mgp9dBdR8uuBXZ9fBOz5YCI92thZwd1iYsTetmWa
-LoIS8xLMvuBaalAV8oQ7e0xuow6Cx9IjxlQ/sd8N1Xg+Z2vWTwnj9AOFIHU3s/N8
-e9L51Q9p6igZgmNm2N2+pUQ1Y5mest7gfJ1ka07ypSr0yzOnK7L41VCIposZuzyX
-psTRy+zpGULsK0lG5mH0r1CZ88G8puwyUOaOk/yUhHgc4ZSOsDbeWdQ8UohHElUA
-ZLkxwt2xWgcd8mG+FQnbXQZhDFII/aP/RBe7xfEwSQr8hhyP8fsyRmbuq5YZrkRw
-mMyp6kxX8USKmeXxBEm364RdilFgPUN3djf7ljKCPOJ1y5OTzmBQacMbXGhbqBGY
-PZUKE6szzsM1IYnrvUwP7Gf5wksR/VYMr1VnnpeBofaOJ0brXNF/MFiBE13afNT7
-JLUjA3QcAfmdYocfBTVQSM7umSBOrM7H6qsX67ye5ccAK9x1HikgxXRoqV/TxFgI
-snrXEtiDrve+nvmPYlmgP5RGyl+bAxtGGjT6TZPlfGACb7xytCpNiOK5bNsgMx7F
-ukOMiVE+sQJT95WnOJMXSmiSw2HmSBXwjpnEKNOYe+Cram64Vjaa8dFqIZSvUDMW
-ihyWAYZrHro4hKmSdeCmrk4rkYH97BxG2Gm/6oRsEDCTgTUn7OYGm5bAmxz0WPSZ
-/TQ7oYSQ3jUlX8q8NPhVPeHizjNwGWyYovmAyAzi3uPTIBsaIdeMiENyyZTXnSHq
-IkfAGekcQ/IX6VWpZGiS3ilgSqxInSVfByM2gs2thdIQ1WEcDitGsAJxFPjnimjX
-1WFk08/6aUDGK30Q9Mm2X3WjSTvCKq8ccd/bwjvQRepvzjRSl1vt6Ngvv88UPH1e
-/0GrKcXNkBEoGqZSk4D60BFz0rpyDplaZLFVEj7ET85sHP+h5JYnKCpjqkHKQUuj
-VVhVhjk6IGpVQZnbGf4PSoij61NUfwpKS4zfAHg7JQrl+7bUBreXYWg2+qXvxJOE
-HrqYt2aQq9ilG3hrDXgU0+KTNpJEdteeH7ypoYcGEmlljDriwbmYs2lZ5QkgHb6t
-1ue5WfnxkjTxxjeh3Aeu3QnHogQHwS4e4zzpiJC0xHFgWbsWVi2mSwtS0aZh9d2P
-KCpMl8E7lVVDRcgFPn/36b4K9EvAoTfjEtubOU0M2fD1btQF5t0cNCmpnq6hxC0S
-onPj3HGRBh6QxcaV+86UESEPQ12TJfzetXT/+KvVFrPLMzUhwmb8j+Ozb5sU6mPC
-mCfhtCzyPW7xk0+X+1dmtUKx35MGaJlf2rbp9xEhML6vMx3qIxbO33f0mP0qiz8b
-SLTC8P8VLObo9SCY3DeIqhC83DSXsm+taylHpFGZ0sDl8CXrepLyOp+iOSyGiq1W
-ZqE=
------END ENCRYPTED PRIVATE KEY-----
+-----BEGIN ENCRYPTED PRIVATE KEY-----
+MIIFHDBOBgkqhkiG9w0BBQ0wQTApBgkqhkiG9w0BBQwwHAQIGJFDf32EGxcCAggA
+MAwGCCqGSIb3DQIJBQAwFAYIKoZIhvcNAwcECD7lJn7uvJmOBIIEyEP/6D6L5ddd
+I1xC8yzBTYRuON7FnvpUpTJEsdQqvpIfkRAI0wldMzzyIoA5ypf/W3I0FIaxTWkL
+BMGfdVV0+KhX/aStq8Qv2wEfP6OCGDayjEHzkOIm7KliUfYJOSK7hWEB5mLGx166
+u7zacnnx225SQcurOYGQ44VVnUX7PkluJGVXXNwrHiZMoyx0SL1JPM8V2Y27n0HK
+zgg3Puf3bHDESHEq3aUGrxwsGKmC2IUTCDDlB/r2R3IVm+XIFMTiMY7xq/vkASMt
+IRJhwtDp4OrW+Iq4v9TXAG1Bpgia1gO5e1ZAcQm38XXfESHcmmbbiFKfuGH7GveS
+PvzQ2Rf3KbQORhgL/FKP951iMYC94r6/oC7jbc3nFSX56jzLQgD/QIxZM3tTbXjP
+qEcvUgglA368zJxx+7JmRRuR9R3Yy8RYJqe4Rx4iVGxK5lrfcnFR8b7VcLMREDtE
+P80hcZQltPJ/xpacS7H3z8OWu4Bg85j6yiV0LdrPdQQiwbNaLE66RO6wZ+Y+L3D7
+mivo6jQAwkBIXefYMTGOk61Cc/XzVZjWjs/K7WNOEEGNbzrPczbIPZFBaaVxtys0
+60/seK6+wHCLleKN6Y8zjm4pmpuKtQKBCF4SM+d54HFfvg7RG6+ql3v0fowC6nhp
+AvUJGbXUtU5FldEXFOxQaXb2cXbya2CiPMyrqruIUNDgnfH2HZc22M9YxDKP99xt
+3FrLYUOE0KFB0KgIBvRYIsmprreAW5mZLIVDL/3o47ym+8gy5OK88XC9qRmRX2oS
+YW3rY2g7or3ZZxvaULCIjbj/4B6FPNE+Z01wpoeRZXCjnkGRaoi4kxTBbiM66fpl
+V9TgFTFlRd4g/r55Xh1qwo2UlhYtvMTFoIkEPJYZH0899B7YxLUrF2MvZ70tM2q2
+g2DrI46I+mcsvsKHD8zyYWFctSotimzw0ZsQ2uPWthb1JowA0GhyGspzjn+rVlKU
+Iexx3ve3E4Si8SRtAK8vUDIMVcGvIwP4YbW/dyClzOgEOLFJWCeQMEqBFGxY4sxC
+rANcbJV94Ba0K4pLmuNOz/m0MrdftLbxTchXOYMK9yHM0zC0y6XrWgg1rVJImKUW
+tHWE/K9Fm1BmQYasDaFN2c3uzx3PtxQ06iYNxHytK9XmLW8PjFXJbyVXNkmMuRhq
+6wLoLRBOPxgTV35zOuhWEOuLr5apNB8faASvaJeDwvf3E9GxVUt/UpUj/TL9mf2m
+1itKk2az0XSEizgQ+TX4eZVs8cjWlwXC/Nxv6CvF6eYm2PW3wTN70x+UiyVKB46W
+YryyRIs/2SxcgWptJ2duKCpvLprBHQgkmyaabxeO4FCr+c0i7QRf+/hLbAJfxUrz
+bOHwXi0cQ5nLio4xDd/rhRSTJ55EcxsLJupKSOt9OzJSEl+WCt4DAnWsFTKunuuA
+IaEdjPFVoAykzTOpzC1ZJPEOAEwOpKbqNA/mcj8VywgqGEIcYiYDsHWf6OWNxd89
+OgIWhVWrvhOYq6MYNHTaYZlEdTEXrF2vY/ZRJrxaXp8ew9kvdzibNvuQMc+Nk/BQ
+uaPDeP0eLGV0xQFB9we8ZFimAtO+2xV/sDqzDCTMe/lUzj38yYUVjwl4bS2UhByn
+IZttXz5GF3D+BemUB0dDVw==
+-----END ENCRYPTED PRIVATE KEY-----
Propchange: serf/branches/1.3.x-sslbuild/test/server/serfserverkey.pem
------------------------------------------------------------------------------
Merged /serf/branches/1.3.x/test/server/serfserverkey.pem:r1781541-1910115
Modified: serf/branches/1.3.x-sslbuild/test/server/test_server.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/test_server.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/test_server.c (original)
+++ serf/branches/1.3.x-sslbuild/test/server/test_server.c Mon May 29 15:35:20
2023
@@ -633,6 +633,7 @@ apr_status_t start_test_server(serv_ctx_
{
apr_status_t status;
apr_socket_t *serv_sock;
+ apr_time_t retry_end;
/* create server socket */
#if APR_VERSION_AT_LEAST(1, 0, 0)
@@ -651,9 +652,44 @@ apr_status_t start_test_server(serv_ctx_
apr_socket_opt_set(serv_sock, APR_SO_NONBLOCK, 1);
apr_socket_timeout_set(serv_sock, 0);
- status = apr_socket_bind(serv_sock, servctx->serv_addr);
- if (status != APR_SUCCESS)
- return status;
+ retry_end = apr_time_now() + apr_time_from_sec(120);
+ while (1) {
+ status = apr_socket_bind(serv_sock, servctx->serv_addr);
+
+ /* Some of the tests, such as the ones testing the SSL tunnels, can
+ leave the source port we use for tests blocked due to a TIME_WAIT:
+
+ tcp 0 0 localhost:12345 localhost:37920 TIME_WAIT
+
+ Trying to bind a socket in such a state will result in EADDRINUSE.
+ On trunk, this issue is solved by making the test server try other
+ ports starting from the current one. But we cannot really do that
+ on the 1.3.x branch, as that would require altering most of the
tests
+ that currently hardcode the port number. And we also cannot use
+ APR_SO_REUSEADDR due to the problems listed in r1711233.
+
+ So we use a retry loop, making some of the test runs longer -- but
+ also solving the issue without having to change the tests on the
+ stable branch.
+ */
+#ifdef WIN32
+ if (status == APR_FROM_OS_ERROR(WSAEADDRINUSE))
+#else
+ if (status == EADDRINUSE)
+#endif
+ {
+ if (apr_time_now() > retry_end)
+ return status;
+ else
+ apr_sleep(apr_time_from_sec(1));
+ }
+ else if (status != APR_SUCCESS) {
+ return status;
+ }
+ else {
+ break;
+ }
+ }
/* listen for clients */
status = apr_socket_listen(serv_sock, SOMAXCONN);
Modified: serf/branches/1.3.x-sslbuild/test/server/test_server.h
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/test_server.h?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/test_server.h (original)
+++ serf/branches/1.3.x-sslbuild/test/server/test_server.h Mon May 29 15:35:20
2023
@@ -115,6 +115,7 @@ struct serv_ctx_t {
void *ssl_ctx;
const char *client_cn;
apr_status_t bio_read_status;
+ int hit_eof;
};
void setup_test_server(serv_ctx_t **servctx_p,
Modified: serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c (original)
+++ serf/branches/1.3.x-sslbuild/test/server/test_sslserver.c Mon May 29
15:35:20 2023
@@ -31,6 +31,7 @@ static int init_done = 0;
typedef struct ssl_context_t {
int handshake_done;
+ int hit_eof;
SSL_CTX* ctx;
SSL* ssl;
@@ -39,6 +40,11 @@ typedef struct ssl_context_t {
} ssl_context_t;
+static int err_file_print_cb(const char *str, size_t len, void *bp)
+{
+ return fwrite(str, 1, len, bp);
+}
+
static int pem_passwd_cb(char *buf, int size, int rwflag, void *userdata)
{
strncpy(buf, "serftest", size);
@@ -92,21 +98,22 @@ static int bio_apr_socket_destroy(BIO *b
static long bio_apr_socket_ctrl(BIO *bio, int cmd, long num, void *ptr)
{
- long ret = 1;
+ serv_ctx_t *serv_ctx = bio_get_data(bio);
+ ssl_context_t *ssl_ctx = serv_ctx->ssl_ctx;
switch (cmd) {
- default:
- /* abort(); */
- break;
case BIO_CTRL_FLUSH:
/* At this point we can't force a flush. */
- break;
+ return 1;
case BIO_CTRL_PUSH:
case BIO_CTRL_POP:
- ret = 0;
- break;
+ return 0;
+ case BIO_CTRL_EOF:
+ return ssl_ctx->hit_eof;
+ default:
+ /* abort(); */
+ return 0;
}
- return ret;
}
/* Returns the amount read. */
@@ -123,6 +130,10 @@ static int bio_apr_socket_read(BIO *bio,
serf__log_skt(TEST_VERBOSE, __FILE__, serv_ctx->client_sock,
"Read %d bytes from socket with status %d.\n", len, status);
+ if (APR_STATUS_IS_EOF(status)) {
+ serv_ctx->hit_eof = 1;
+ }
+
if (status == APR_EAGAIN) {
BIO_set_retry_read(bio);
if (len == 0)
@@ -265,10 +276,10 @@ init_ssl_context(serv_ctx_t *serv_ctx,
store = SSL_CTX_get_cert_store(ssl_ctx->ctx);
while(certfile) {
- FILE *fp = fopen(certfile, "r");
- if (fp) {
- X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL);
- fclose(fp);
+ BIO *bio = BIO_new_file(certfile, "r");
+ if (bio) {
+ X509 *ssl_cert = PEM_read_bio_X509(bio, NULL, NULL, NULL);
+ BIO_free(bio);
SSL_CTX_add_extra_chain_cert(ssl_ctx->ctx, ssl_cert);
@@ -301,6 +312,7 @@ static apr_status_t ssl_reset(serv_ctx_t
serf__log(TEST_VERBOSE, __FILE__, "Reset ssl context.\n");
ssl_ctx->handshake_done = 0;
+ ssl_ctx->hit_eof = 0;
if (ssl_ctx)
SSL_clear(ssl_ctx->ssl);
init_ssl(serv_ctx);
@@ -368,7 +380,7 @@ static apr_status_t ssl_handshake(serv_c
return serv_ctx->bio_read_status; /* Usually APR_EAGAIN */
default:
serf__log(TEST_VERBOSE, __FILE__, "SSL Error %d: ", ssl_err);
- ERR_print_errors_fp(stderr);
+ ERR_print_errors_cb(err_file_print_cb, stderr);
serf__log_nopref(TEST_VERBOSE, "\n");
return SERF_ERROR_ISSUE_IN_TESTSUITE;
}
@@ -424,7 +436,7 @@ ssl_socket_read(serv_ctx_t *serv_ctx, ch
*len = 0;
serf__log(TEST_VERBOSE, __FILE__,
"ssl_socket_read SSL Error %d: ", ssl_err);
- ERR_print_errors_fp(stderr);
+ ERR_print_errors_cb(err_file_print_cb, stderr);
serf__log_nopref(TEST_VERBOSE, "\n");
return SERF_ERROR_ISSUE_IN_TESTSUITE;
}
Modified: serf/branches/1.3.x-sslbuild/test/test_auth.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_auth.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/test_auth.c (original)
+++ serf/branches/1.3.x-sslbuild/test/test_auth.c Mon May 29 15:35:20 2023
@@ -53,7 +53,6 @@ static void test_authentication_disabled
"Transfer-Encoding: chunked" CRLF
"WWW-Authenticate: Basic realm=""Test Suite""" CRLF
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF},
};
apr_status_t status;
@@ -96,7 +95,6 @@ static void test_unsupported_authenticat
"Transfer-Encoding: chunked" CRLF
"WWW-Authenticate: NotExistent realm=""Test Suite""" CRLF
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF},
};
apr_status_t status;
@@ -195,7 +193,6 @@ static void basic_authentication(CuTest
"www-Authenticate: bAsIc realm=""Test Suite""" CRLF
"%s"
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, resp_hdrs);
action_list[1].kind = SERVER_RESPOND;
action_list[1].text = CHUNKED_EMPTY_RESPONSE;
@@ -315,7 +312,6 @@ static void digest_authentication(CuTest
"algorithm=\"MD5\",qop-options=\"auth\"" CRLF
"%s"
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, resp_hdrs);
/* If the resp_hdrs includes "Connection: close", serf will automatically
reset the connection from the client side, no need to use
@@ -457,7 +453,6 @@ static void authentication_switch_realms
"Transfer-Encoding: chunked" CRLF
"WWW-Authenticate: %s realm=""Test Suite""%s" CRLF
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, scheme, authn_attr);
action_list[1].kind = SERVER_RESPOND;
action_list[1].text = CHUNKED_EMPTY_RESPONSE;
@@ -469,7 +464,6 @@ static void authentication_switch_realms
"Transfer-Encoding: chunked" CRLF
"WWW-Authenticate: %s realm=""New Realm""%s" CRLF
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, scheme, authn_attr);
action_list[4].kind = SERVER_RESPOND;
action_list[4].text = CHUNKED_EMPTY_RESPONSE;
Modified: serf/branches/1.3.x-sslbuild/test/test_buckets.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_buckets.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/test_buckets.c (original)
+++ serf/branches/1.3.x-sslbuild/test/test_buckets.c Mon May 29 15:35:20 2023
@@ -833,6 +833,74 @@ static void test_response_body_chunked_g
}
}
+/* Test for issue: the server aborts the connection and also sends
+ a bogus CRLF in place of the expected chunk size. Test that we get
+ a decent error code from the response bucket instead of APR_EOF. */
+static void test_response_body_chunked_bogus_crlf(CuTest *tc)
+{
+ test_baton_t *tb = tc->testBaton;
+ serf_bucket_t *bkt, *tmp;
+ serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL,
+ NULL);
+
+ tmp = SERF_BUCKET_SIMPLE_STRING("HTTP/1.1 200 OK" CRLF
+ "Content-Type: text/plain" CRLF
+ "Transfer-Encoding: chunked" CRLF
+ CRLF
+ "2" CRLF
+ "AB" CRLF
+ CRLF,
+ alloc);
+
+ bkt = serf_bucket_response_create(tmp, alloc);
+
+ {
+ char buf[1024];
+ apr_size_t len;
+ apr_status_t status;
+
+ status = read_all(bkt, buf, sizeof(buf), &len);
+
+ CuAssertIntEquals(tc, SERF_ERROR_BAD_HTTP_RESPONSE, status);
+ }
+
+ /* This will also destroy response stream bucket. */
+ serf_bucket_destroy(bkt);
+}
+
+static void test_response_body_chunked_invalid_len(CuTest *tc)
+{
+ test_baton_t *tb = tc->testBaton;
+ serf_bucket_t *bkt, *tmp;
+ serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL,
+ NULL);
+
+ tmp = SERF_BUCKET_SIMPLE_STRING("HTTP/1.1 200 OK" CRLF
+ "Content-Type: text/plain" CRLF
+ "Transfer-Encoding: chunked" CRLF
+ CRLF
+ "2" CRLF
+ "AB" CRLF
+ "invalid" CRLF
+ CRLF,
+ alloc);
+
+ bkt = serf_bucket_response_create(tmp, alloc);
+
+ {
+ char buf[1024];
+ apr_size_t len;
+ apr_status_t status;
+
+ status = read_all(bkt, buf, sizeof(buf), &len);
+
+ CuAssertIntEquals(tc, SERF_ERROR_BAD_HTTP_RESPONSE, status);
+ }
+
+ /* This will also destroy response stream bucket. */
+ serf_bucket_destroy(bkt);
+}
+
static void test_response_bucket_peek_at_headers(CuTest *tc)
{
apr_pool_t *test_pool = tc->testBaton;
@@ -959,7 +1027,7 @@ static void test_linebuf_crlf_split(CuTe
CRLF, APR_SUCCESS },
{ 1, "6" CR, APR_SUCCESS },
{ 1, "", APR_EAGAIN },
- { 1, LF "blabla" CRLF CRLF, APR_SUCCESS }, };
+ { 1, LF "blabla" CRLF "0" CRLF CRLF, APR_SUCCESS }, };
apr_status_t status;
const char *expected = "blabla";
@@ -1110,12 +1178,14 @@ static void test_random_eagain_in_respon
!SERF_BUCKET_READ_ERROR(status));
errmsg = apr_psprintf(iter_pool,
"Read more data than expected, EAGAIN"
- " inserted at pos: %d, remainder: \"%s\"",
+ " inserted at pos: %" APR_SIZE_T_FMT
+ ", remainder: \"%s\"",
cut, fullmsg + cut);
CuAssert(tc, errmsg, strlen(ptr) >= len);
errmsg = apr_psprintf(iter_pool,
"Read data is not equal to expected, EAGAIN"
- " inserted at pos: %d, remainder: \"%s\"",
+ " inserted at pos: %" APR_SIZE_T_FMT
+ ", remainder: \"%s\"",
cut, fullmsg + cut);
CuAssertStrnEquals_Msg(tc, errmsg, ptr, len, data);
@@ -1599,6 +1669,35 @@ static void test_deflate_4GBplus_buckets
#undef BUFSIZE
}
+static void test_deflate_bucket_truncated_data(CuTest *tc)
+{
+ test_baton_t *tb = tc->testBaton;
+ serf_bucket_t *input;
+ serf_bucket_t *bkt;
+ serf_bucket_t *chunk;
+ serf_bucket_alloc_t *alloc = serf_bucket_allocator_create(tb->pool, NULL,
+ NULL);
+
+ /* This is a valid, but truncated gzip data (in two chunks). */
+ input = serf_bucket_aggregate_create(alloc);
+ chunk = SERF_BUCKET_SIMPLE_STRING_LEN("\x1F\x8B\x08\x00\x00", 5, alloc);
+ serf_bucket_aggregate_append(input, chunk);
+ chunk = SERF_BUCKET_SIMPLE_STRING_LEN("\x00\x00\x00\x00\x03", 5, alloc);
+ serf_bucket_aggregate_append(input, chunk);
+
+ bkt = serf_bucket_deflate_create(input, alloc, SERF_DEFLATE_GZIP);
+ {
+ char buf[1024];
+ apr_size_t len;
+ apr_status_t status;
+
+ status = read_all(bkt, buf, sizeof(buf), &len);
+ CuAssertIntEquals(tc, SERF_ERROR_DECOMPRESSION_FAILED, status);
+ }
+
+ serf_bucket_destroy(bkt);
+}
+
CuSuite *test_buckets(void)
{
CuSuite *suite = CuSuiteNew();
@@ -1614,6 +1713,8 @@ CuSuite *test_buckets(void)
SUITE_ADD_TEST(suite, test_response_body_chunked_no_crlf);
SUITE_ADD_TEST(suite, test_response_body_chunked_incomplete_crlf);
SUITE_ADD_TEST(suite, test_response_body_chunked_gzip_small);
+ SUITE_ADD_TEST(suite, test_response_body_chunked_bogus_crlf);
+ SUITE_ADD_TEST(suite, test_response_body_chunked_invalid_len);
SUITE_ADD_TEST(suite, test_response_bucket_peek_at_headers);
SUITE_ADD_TEST(suite, test_response_bucket_no_reason);
SUITE_ADD_TEST(suite, test_bucket_header_set);
@@ -1631,6 +1732,7 @@ CuSuite *test_buckets(void)
data so it's disabled by default. */
SUITE_ADD_TEST(suite, test_deflate_4GBplus_buckets);
#endif
+ SUITE_ADD_TEST(suite, test_deflate_bucket_truncated_data);
#if 0
SUITE_ADD_TEST(suite, test_serf_default_read_iovec);
Modified: serf/branches/1.3.x-sslbuild/test/test_context.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_context.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/test_context.c (original)
+++ serf/branches/1.3.x-sslbuild/test/test_context.c Mon May 29 15:35:20 2023
@@ -25,6 +25,8 @@
#include <apr_strings.h>
#include <apr_version.h>
+#include <openssl/opensslv.h>
+
#include "serf.h"
#include "serf_private.h"
@@ -397,8 +399,8 @@ static void test_keepalive_limit_one_by_
CuAssertIntEquals(tc, APR_SUCCESS, status);
for (i = 0 ; i < SEND_REQUESTS ; i++) {
- create_new_request_with_resp_hdlr(tb, &handler_ctx[i], "GET", "/", i+1,
- handle_response_keepalive_limit);
+ create_new_request_ex(tb, &handler_ctx[i], "GET", "/", i+1,
+ NULL, handle_response_keepalive_limit);
/* TODO: don't think this needs to be done in the loop. */
serf_connection_set_max_outstanding_requests(tb->connection, 1);
}
@@ -528,8 +530,8 @@ static void test_keepalive_limit_one_by_
CuAssertIntEquals(tc, APR_SUCCESS, status);
for (i = 0 ; i < SEND_REQUESTS ; i++) {
- create_new_request_with_resp_hdlr(tb, &handler_ctx[i], "GET", "/", i+1,
-
handle_response_keepalive_limit_burst);
+ create_new_request_ex(tb, &handler_ctx[i], "GET", "/", i+1,
+ NULL, handle_response_keepalive_limit_burst);
serf_connection_set_max_outstanding_requests(tb->connection, 1);
}
@@ -651,7 +653,6 @@ static void test_connection_userinfo_in_
handler_baton_t handler_ctx[2];
const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]);
int i;
- progress_baton_t *pb;
test_server_message_t message_list[] = {
{CHUNKED_REQUEST(1, "1")},
@@ -1127,34 +1128,90 @@ static apr_status_t validate_rootcacert(
return APR_SUCCESS;
}
-static apr_status_t
-ssl_server_cert_cb_expect_failures(void *baton, int failures,
- const serf_ssl_certificate_t *cert)
+static const char *format_cert_failures(int failures, apr_pool_t *pool)
{
- test_baton_t *tb = baton;
- int expected_failures = *(int *)tb->user_baton;
+ const char *str = "";
- tb->result_flags |= TEST_RESULT_SERVERCERTCB_CALLED;
+ if (failures & SERF_SSL_CERT_NOTYETVALID) {
+ str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_NOTYETVALID",
NULL);
+ failures &= ~SERF_SSL_CERT_NOTYETVALID;
+ }
- /* We expect an error from the certificate validation function. */
- if (failures & expected_failures)
- return APR_SUCCESS;
+ if (failures & SERF_SSL_CERT_EXPIRED) {
+ str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_EXPIRED", NULL);
+ failures &= ~SERF_SSL_CERT_EXPIRED;
+ }
+
+ if (failures & SERF_SSL_CERT_UNKNOWNCA) {
+ str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_UNKNOWNCA", NULL);
+ failures &= ~SERF_SSL_CERT_UNKNOWNCA;
+ }
+
+ if (failures & SERF_SSL_CERT_SELF_SIGNED) {
+ str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_SELF_SIGNED",
NULL);
+ failures &= ~SERF_SSL_CERT_SELF_SIGNED;
+ }
+
+ if (failures & SERF_SSL_CERT_UNKNOWN_FAILURE) {
+ str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_UNKNOWN_FAILURE",
NULL);
+ failures &= ~SERF_SSL_CERT_UNKNOWN_FAILURE;
+ }
+
+ if (failures & SERF_SSL_CERT_REVOKED) {
+ str = apr_pstrcat(pool, str, *str ? "|" : "", "CERT_REVOKED", NULL);
+ failures &= ~SERF_SSL_CERT_REVOKED;
+ }
+
+ if (failures) {
+ serf__log(TEST_VERBOSE, __FILE__, "Unexpected or unknown cert
failure\n");
+ abort();
+ }
+
+ if (*str)
+ return str;
else
- return SERF_ERROR_ISSUE_IN_TESTSUITE;
+ return "NONE";
}
-static apr_status_t
-ssl_server_cert_cb_expect_allok(void *baton, int failures,
- const serf_ssl_certificate_t *cert)
+/* Logs failures in tb->user_baton, for later validation. */
+static apr_status_t ssl_server_cert_cb_log(void *baton, int failures,
+ const serf_ssl_certificate_t *cert)
{
test_baton_t *tb = baton;
+ const char *cert_str;
+
tb->result_flags |= TEST_RESULT_SERVERCERTCB_CALLED;
- /* No error expected, certificate is valid. */
- if (failures)
- return SERF_ERROR_ISSUE_IN_TESTSUITE;
- else
- return APR_SUCCESS;
+ if (cert) {
+ apr_hash_t *subject;
+ const char *common_name;
+ int depth;
+
+ subject = serf_ssl_cert_subject(cert, tb->pool);
+ if (!subject)
+ return SERF_ERROR_ISSUE_IN_TESTSUITE;
+
+ common_name = apr_hash_get(subject, "CN", APR_HASH_KEY_STRING);
+ depth = serf_ssl_cert_depth(cert);
+
+ cert_str = apr_psprintf(tb->pool, "(CN=%s, depth=%d)", common_name,
depth);
+ } else {
+ cert_str = "(null)";
+ }
+
+ if (!tb->user_baton)
+ tb->user_baton = "";
+
+ tb->user_baton = apr_pstrcat(
+ tb->pool,
+ tb->user_baton,
+ "cert_cb: "
+ "failures = ", format_cert_failures(failures, tb->pool),
+ ", cert = ", cert_str,
+ "\n",
+ NULL);
+
+ return APR_SUCCESS;
}
static apr_status_t
@@ -1171,7 +1228,6 @@ static void test_ssl_handshake(CuTest *t
test_baton_t *tb;
handler_baton_t handler_ctx[1];
const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]);
- int expected_failures;
apr_status_t status;
test_server_message_t message_list[] = {
{CHUNKED_REQUEST(1, "1")},
@@ -1194,20 +1250,34 @@ static void test_ssl_handshake(CuTest *t
get_srcdir_file(test_pool,
"test/server/serfserverkey.pem"),
server_certs_srcdir(server_cert,
test_pool),
NULL, /* no client cert */
- ssl_server_cert_cb_expect_failures,
+ ssl_server_cert_cb_log,
test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
- /* This unknown failures is X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE,
- meaning the chain has only the server cert. A good candidate for its
- own failure code. */
- expected_failures = SERF_SSL_CERT_UNKNOWNCA;
- tb->user_baton = &expected_failures;
-
create_new_request(tb, &handler_ctx[0], "GET", "/", 1);
test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
test_pool);
+
+ /* OpenSSL 1.1.1i allows to continue verification for certificates with an
+ unknown CA. See https://github.com/openssl/openssl/issues/11297.
+
+ These unknown failures are X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY
+ and X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE. The second one means
that
+ the chain has only the server cert. A good candidate for its own failure
+ code. */
+#if OPENSSL_VERSION_NUMBER >= 0x1010109fL /* >= 1.1.1i */
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n"
+ "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n"
+ "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n",
+ tb->user_baton);
+#else
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n"
+ "cert_cb: failures = CERT_UNKNOWNCA, cert = (CN=localhost, depth=0)\n",
+ tb->user_baton);
+#endif
}
/* Set up the ssl context with the CA and root CA certificates needed for
@@ -1266,7 +1336,7 @@ static void test_ssl_trust_rootca(CuTest
get_srcdir_file(test_pool,
"test/server/serfserverkey.pem"),
server_certs_srcdir(server_certs,
test_pool),
NULL, /* no client cert */
- ssl_server_cert_cb_expect_allok,
+ ssl_server_cert_cb_log,
test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
@@ -1274,6 +1344,9 @@ static void test_ssl_trust_rootca(CuTest
test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
test_pool);
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n",
+ tb->user_baton);
}
/* Validate that when the application rejects the cert, the context loop
@@ -1366,7 +1439,7 @@ chain_rootca_callback_conn_setup(apr_soc
return status;
serf_ssl_server_cert_chain_callback_set(tb->ssl_context,
- ssl_server_cert_cb_expect_allok,
+ ssl_server_cert_cb_log,
cert_chain_cb,
tb);
@@ -1400,7 +1473,7 @@ static void test_ssl_certificate_chain_w
get_srcdir_file(test_pool,
"test/server/serfserverkey.pem"),
server_certs_srcdir(server_certs,
test_pool),
NULL, /* no client cert */
- ssl_server_cert_cb_expect_allok,
+ ssl_server_cert_cb_log,
test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
@@ -1408,8 +1481,9 @@ static void test_ssl_certificate_chain_w
test_helper_run_requests_expect_ok(tc, tb, num_requests,
handler_ctx, test_pool);
-
- CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCB_CALLED);
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n",
+ tb->user_baton);
CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCHAINCB_CALLED);
}
@@ -1442,7 +1516,7 @@ chain_callback_conn_setup(apr_socket_t *
return status;
serf_ssl_server_cert_chain_callback_set(tb->ssl_context,
- ssl_server_cert_cb_expect_allok,
+ ssl_server_cert_cb_log,
cert_chain_all_certs_cb,
tb);
@@ -1475,7 +1549,7 @@ static void test_ssl_certificate_chain_a
get_srcdir_file(test_pool,
"test/server/serfserverkey.pem"),
server_certs_srcdir(all_server_certs,
test_pool),
NULL, /* no client cert */
- ssl_server_cert_cb_expect_allok,
+ ssl_server_cert_cb_log,
test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
@@ -1484,7 +1558,10 @@ static void test_ssl_certificate_chain_a
test_helper_run_requests_expect_ok(tc, tb, num_requests,
handler_ctx, test_pool);
- CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCB_CALLED);
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = CERT_SELF_SIGNED, cert = (CN=Serf Root CA,
depth=2)\n"
+ "cert_cb: failures = NONE, cert = (CN=localhost, depth=0)\n",
+ tb->user_baton);
CuAssertTrue(tc, tb->result_flags & TEST_RESULT_SERVERCERTCHAINCB_CALLED);
}
@@ -1739,7 +1816,6 @@ static void test_ssl_expired_server_cert
test_baton_t *tb;
handler_baton_t handler_ctx[1];
const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]);
- int expected_failures;
apr_status_t status;
test_server_message_t message_list[] = {
{CHUNKED_REQUEST(1, "1")},
@@ -1764,18 +1840,19 @@ static void test_ssl_expired_server_cert
get_srcdir_file(test_pool,
"test/server/serfserverkey.pem"),
server_certs_srcdir(expired_server_certs,
test_pool),
NULL, /* no client cert */
- ssl_server_cert_cb_expect_failures,
+ ssl_server_cert_cb_log,
test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
- expected_failures = SERF_SSL_CERT_SELF_SIGNED |
- SERF_SSL_CERT_EXPIRED;
- tb->user_baton = &expected_failures;
-
create_new_request(tb, &handler_ctx[0], "GET", "/", 1);
test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
test_pool);
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = CERT_SELF_SIGNED, cert = (CN=Serf Root CA,
depth=2)\n"
+ "cert_cb: failures = CERT_EXPIRED, cert = (CN=localhost, depth=0)\n"
+ "cert_cb: failures = CERT_EXPIRED, cert = (CN=localhost, depth=0)\n",
+ tb->user_baton);
}
/* Validate that the expired certificate is reported as failure in the
@@ -1785,7 +1862,6 @@ static void test_ssl_future_server_cert(
test_baton_t *tb;
handler_baton_t handler_ctx[1];
const int num_requests = sizeof(handler_ctx)/sizeof(handler_ctx[0]);
- int expected_failures;
apr_status_t status;
test_server_message_t message_list[] = {
{CHUNKED_REQUEST(1, "1")},
@@ -1810,18 +1886,19 @@ static void test_ssl_future_server_cert(
get_srcdir_file(test_pool,
"test/server/serfserverkey.pem"),
server_certs_srcdir(future_server_certs,
test_pool),
NULL, /* no client cert */
- ssl_server_cert_cb_expect_failures,
+ ssl_server_cert_cb_log,
test_pool);
CuAssertIntEquals(tc, APR_SUCCESS, status);
- expected_failures = SERF_SSL_CERT_SELF_SIGNED |
- SERF_SSL_CERT_NOTYETVALID;
- tb->user_baton = &expected_failures;
-
create_new_request(tb, &handler_ctx[0], "GET", "/", 1);
test_helper_run_requests_expect_ok(tc, tb, num_requests, handler_ctx,
test_pool);
+ CuAssertStrEquals(tc,
+ "cert_cb: failures = CERT_SELF_SIGNED, cert = (CN=Serf Root CA,
depth=2)\n"
+ "cert_cb: failures = CERT_NOTYETVALID, cert = (CN=localhost,
depth=0)\n"
+ "cert_cb: failures = CERT_NOTYETVALID, cert = (CN=localhost,
depth=0)\n",
+ tb->user_baton);
}
@@ -1918,7 +1995,6 @@ static void test_ssltunnel_no_creds_cb(C
"Transfer-Encoding: chunked" CRLF
"Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF},
};
@@ -2034,7 +2110,6 @@ static void ssltunnel_basic_auth(CuTest
"Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF
"%s"
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, proxy_407_resp_hdrs);
action_list_proxy[1].kind = SERVER_RESPOND;
action_list_proxy[1].text = apr_psprintf(test_pool,
@@ -2043,7 +2118,6 @@ static void ssltunnel_basic_auth(CuTest
"Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF
"%s"
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, proxy_407_resp_hdrs);
action_list_proxy[2].kind = SERVER_RESPOND;
@@ -2053,7 +2127,6 @@ static void ssltunnel_basic_auth(CuTest
"Proxy-Authenticate: Basic realm=""Test Suite Proxy""" CRLF
"%s"
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, proxy_407_resp_hdrs);
action_list_proxy[3].kind = SERVER_RESPOND;
@@ -2099,7 +2172,6 @@ static void ssltunnel_basic_auth(CuTest
"WWW-Authenticate: Basic realm=""Test Suite""" CRLF
"%s"
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF, server_resp_hdrs);
action_list_server[1].kind = SERVER_RESPOND;
action_list_server[1].text = CHUNKED_EMPTY_RESPONSE;
@@ -2244,7 +2316,6 @@ static void test_ssltunnel_digest_auth(C
"nonce=\"ABCDEF1234567890\",opaque=\"myopaque\","
"algorithm=\"MD5\",qop-options=\"auth\"" CRLF
CRLF
- "1" CRLF CRLF
"0" CRLF CRLF},
{SERVER_RESPOND, CHUNKED_EMPTY_RESPONSE},
/* Forward the remainder of the data to the server without validation
*/
@@ -2282,6 +2353,51 @@ static void test_ssltunnel_digest_auth(C
CuAssertTrue(tc, tb->result_flags & TEST_RESULT_AUTHNCB_CALLED);
}
+/* Implements test_request_setup_t */
+static apr_status_t setup_request_err(serf_request_t *request,
+ void *setup_baton,
+ serf_bucket_t **req_bkt,
+ apr_pool_t *pool)
+{
+ static mockbkt_action actions[] = {
+ { 1, "a", APR_SUCCESS },
+ { 1, "", APR_EINVAL }
+ };
+ handler_baton_t *ctx = setup_baton;
+ serf_bucket_alloc_t *alloc;
+ serf_bucket_t *mock_bkt;
+
+ alloc = serf_request_get_alloc(request);
+ mock_bkt = serf_bucket_mock_create(actions, 2, alloc);
+ *req_bkt = serf_request_bucket_request_create(request,
+ ctx->method, ctx->path,
+ mock_bkt, alloc);
+ return APR_SUCCESS;
+}
+
+static void test_outgoing_request_err(CuTest *tc)
+{
+ test_baton_t *tb;
+ handler_baton_t handler_ctx[1];
+ apr_status_t status;
+ apr_pool_t *test_pool = tc->testBaton;
+
+ status = test_http_server_setup(&tb, NULL, 0,
+ NULL, 0, 0, NULL,
+ test_pool);
+ CuAssertIntEquals(tc, APR_SUCCESS, status);
+
+ create_new_request_ex(tb, &handler_ctx[0], "POST", "/", 1,
+ setup_request_err, NULL);
+
+ status = test_helper_run_requests_no_check(tc, tb, 1, handler_ctx,
+ test_pool);
+ CuAssertIntEquals(tc, APR_EINVAL, status);
+ CuAssertIntEquals(tc, 1, tb->sent_requests->nelts);
+ CuAssertIntEquals(tc, 0, tb->accepted_requests->nelts);
+ CuAssertIntEquals(tc, 0, tb->handled_requests->nelts);
+}
+
/*****************************************************************************/
CuSuite *test_context(void)
{
@@ -2319,6 +2435,7 @@ CuSuite *test_context(void)
SUITE_ADD_TEST(suite, test_ssltunnel_basic_auth_proxy_has_keepalive_off);
SUITE_ADD_TEST(suite,
test_ssltunnel_basic_auth_proxy_close_conn_on_200resp);
SUITE_ADD_TEST(suite, test_ssltunnel_digest_auth);
+ SUITE_ADD_TEST(suite, test_outgoing_request_err);
return suite;
}
Modified: serf/branches/1.3.x-sslbuild/test/test_serf.h
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_serf.h?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/test_serf.h (original)
+++ serf/branches/1.3.x-sslbuild/test/test_serf.h Mon May 29 15:35:20 2023
@@ -193,6 +193,13 @@ apr_status_t test_https_server_proxy_set
void *test_setup(void *baton);
void *test_teardown(void *baton);
+/* Simple variant of serf_request_setup_t for tests. */
+typedef apr_status_t (*test_request_setup_t)(
+ serf_request_t *request,
+ void *setup_baton,
+ serf_bucket_t **req_bkt,
+ apr_pool_t *pool);
+
typedef struct {
serf_response_acceptor_t acceptor;
void *acceptor_baton;
@@ -208,6 +215,8 @@ typedef struct {
const char *path;
/* Use this for a raw request message */
const char *request;
+ /* Or this, if more control is needed. */
+ test_request_setup_t request_setup;
int done;
test_baton_t *tb;
@@ -249,6 +258,7 @@ apr_status_t handle_response(serf_reques
void setup_handler(test_baton_t *tb, handler_baton_t *handler_ctx,
const char *method, const char *path,
int req_id,
+ test_request_setup_t req_setup,
serf_response_handler_t handler);
void create_new_prio_request(test_baton_t *tb,
handler_baton_t *handler_ctx,
@@ -259,11 +269,12 @@ void create_new_request(test_baton_t *tb
const char *method, const char *path,
int req_id);
void
-create_new_request_with_resp_hdlr(test_baton_t *tb,
- handler_baton_t *handler_ctx,
- const char *method, const char *path,
- int req_id,
- serf_response_handler_t handler);
+create_new_request_ex(test_baton_t *tb,
+ handler_baton_t *handler_ctx,
+ const char *method, const char *path,
+ int req_id,
+ test_request_setup_t req_setup,
+ serf_response_handler_t handler);
/* Mock bucket type and constructor */
typedef struct {
Modified: serf/branches/1.3.x-sslbuild/test/test_ssl.c
URL:
http://svn.apache.org/viewvc/serf/branches/1.3.x-sslbuild/test/test_ssl.c?rev=1910116&r1=1910115&r2=1910116&view=diff
==============================================================================
--- serf/branches/1.3.x-sslbuild/test/test_ssl.c (original)
+++ serf/branches/1.3.x-sslbuild/test/test_ssl.c Mon May 29 15:35:20 2023
@@ -28,12 +28,6 @@
#include "test_serf.h"
-#if defined(WIN32) && defined(_DEBUG)
-/* Include this file to allow running a Debug build of serf with a Release
- build of OpenSSL. */
-#include <openssl/applink.c>
-#endif
-
/* Test setting up the openssl library. */
static void test_ssl_init(CuTest *tc)
{
