-
Notifications
You must be signed in to change notification settings - Fork 9
/
CHANGES
391 lines (318 loc) · 17.5 KB
/
CHANGES
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
Apache Serf 1.4.0 [2018-10-xx, from /tags/1.4.0, r18xxxx]
Features
--------
Support for OCSP reqest generation and validation (r1830823)
Support for FCGI protocol (r1714736 et al.)
Support for HTTP/2 protocol (r1709274 et al.)
Add CRL support for OpenSSL (r1699867)
Add flag DISABLE_LOGGING to scons to disable logging at compile time (r1699761)
Logging that can be configured at runtime (r1699757)
Implement serf_mmap_peek (r1699685)
New error codes:
- SERF_ERROR_SSL_SETUP_FAILED (r1699836)
- SERF_ERROR_CONNECTION_TIMEDOUT (r1699721)
- SERF_ERROR_LINE_TOO_LONG,
SERF_ERROR_STATUS_LINE_TOO_LONG,
SERF_ERROR_RESPONSE_HEADER_TOO_LONG (r1699673)
- SERF_ERROR_EMPTY_READ (r1716346)
- SERF_ERROR_EMPTY_STREAM (r1714969)
- SERF_ERROR_TRUNCATED_STREAM (r1714246)
- SERF_ERROR_AUTHN_CREDENTIALS_REJECTED (r1699656)
- SERF_ERROR_SSL_NEGOTIATE_IN_PROGRESS (r1699951)
- SERF_ERROR_SSL_OCSP_RESPONSE_CERT_REVOKED,
SERF_ERROR_SSL_OCSP_RESPONSE_CERT_UNKNOWN,
SERF_ERROR_SSL_OCSP_RESPONSE_INVALID (r1830823)
Fixes
-----
Fix issue #135+#172: handle server-triggered renegotiation
Fix issue #152: handle compressed responses > 4GB
Fix issue #147: remove unneeded ISC_REQ_CONFIDENTIALITY flag in SSPI code
Fix issue #156+#164: C++ comment style breaks C89 build
Fix incorrect use of bio file handlers (r1699852)
Initialize OpenSSL when using serf_ssl_load_cert_file outside a serf context
(r1699848)
Simplify the ssl bucket code by removing unneeded layer of buffering
(r1699766)
Performance improvements
------------------------
Remove pending requests loop from request_or_data_pending() (r1699912)
Drastically reduce the amount of pollset_add/pollset_remove calls (r1699910)
Optimize creation of the request/iovec/barrier buckets (r1699907-r1699909)
Improve performance a tiny bit by ensuring often used struct
member variables are read from and written to cache. (r1699890)
Build improvements
------------------
Add experimental CMake build (r1834217 et al.)
Make unix build work with APR-2 (r1699809)
Add a version resource to libserf-N.dll on Windows (r1699689)
Test suite
----------
All tests have been migrated to the MockHTTPinC test framework.
serf_get changes: add -d/--debug flag, make serf_get accept a client
certificate and associated password (r1699775)
Fix issue #157: Segmentation fault in test_ssl_init
Apache Serf 1.3.10 [2023-05-31, from tags/1.3.10, r1910048]
Support for OpenSSL 3 (r1901937, ...)
Fix issue #171: Win32: Running tests fails with "no OPENSSL_Applink" error
Fix issue #194: Win32: Linking error when building against OpenSSL 1.1+
Fix issue #198: OpenSSL BIO control method incorrectly handles unknown requests
Fix issue #202: SSL tests are not passing with OpenSSL 3
Fix error handling when reading the outgoing request body (r1804534, ...)
Fix handling of invalid chunk lengths in the dechunk bucket (r1804005, ...)
Fix an endless loop in the deflate bucket with truncated input (r1805301)
Fix BIO control handlers to support BIO_CTRL_EOF (r1902208)
Fix a CRT mismatch issue caused by using certain OpenSSL functions (r1909252)
Build changes to support VS2017, VS2019 and VS2022 (r1712131, ...)
Build changes to support Python 3 (r1875933)
Apache Serf 1.3.9 [2016-09-01, from tags/1.3.9, r1758195]
serf is now Apache Serf; apply header changes (r1700062)
Fix issue #151: SCons build broken when only one library in ENVPATH
Fix issue #153: avoid SSPI handle leak
Fix issue #167: Explicitly use the ANSI version of SSPI
Fix issue #170: Allow building with Microsoft Visual Studio 2015
Fix build of 'check' target when using VPATH-style builds where
builddir != srcdir (r1699858, ...)
Resolve a bucket (aka "memory") leak when a request bucket is
destroyed before it is morphed into an aggregate bucket (r1699791)
Reset state variables when resetting connection (r1708849)
Fix types of passed, but unused batons (r1699986, r1699987)
Fix some usages of the openssl BIO api (r1699852)
Improve handling of bad data in the response state line. (r1699985)
Resolve several compiler issues with less common compilers
Support more overrides via SCons arguments (r1701836, ...)
Adapt to OpenSSL 1.1.x api (r1750819)
[ Note: All revision numbers for versions prior to 1.3.9 reference the
original repository on google code. For more information see:
https://svn.apache.org/repos/asf/serf/README ]
Serf 1.3.8 [2014-10-20, from /tags/1.3.8, r2441]
Fix issue #152: CRC calculation error for gzipped http reponses > 4GB.
Fix issue #153: SSPI CredHandle not freed when APR pool is destroyed.
Fix issue #154: Disable SSLv2 and SSLv3 as both or broken.
Serf 1.3.7 [2014-08-11, from /tags/1.3.7, r2411]
Handle NUL bytes in fields of an X.509 certificate. (r2393, r2399)
Serf 1.3.6 [2014-06-09, from /tags/1.3.6, r2372]
Revert r2319 from serf 1.3.5: this change was making serf call handle_response
multiple times in case of an error response, leading to unexpected behavior.
Serf 1.3.5 [2014-04-27, from /tags/1.3.5, r2355]
Fix issue #125: no reverse lookup during Negotiate authentication for proxies.
Fix a crash caused by incorrect reuse of the ssltunnel CONNECT request (r2316)
Cancel request if response parsing failed + authn callback set (r2319)
Update the expired certificates in the test suite.
Serf 1.3.4 [2014-02-08, from /tags/1.3.4, r2310]
Fix issue #119: Endless loop during ssl tunnel setup with Negotiate authn
Fix issue #123: Can't setup ssl tunnel which sends Connection close header
Fix a race condition when initializing OpenSSL from multiple threads (r2263)
Fix issue #138: Incorrect pkg-config file when GSSAPI isn't configured
Serf 1.3.3 [2013-12-09, from /tags/1.3.3, r2242]
Fix issue 129: Try more addresses of multihomed servers
Handle X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE correctly (r2225)
Return APR_TIMEUP from poll() to enable detecting connection timeouts (r2183)
Serf 1.3.2 [2013-10-04, from /tags/1.3.2, r2195]
Fix issue 130: HTTP headers should be treated case-insensitively
Fix issue 126: Compilation breaks with Codewarrior compiler
Fix crash during cleanup of SSL buckets in apr_terminate() (r2145)
Fix Windows build: Also export functions with capital letters in .def file
Fix host header when url contains a username or password (r2170)
Ensure less TCP package fragmentation on Windows (r2145)
Handle authentication for responses to HEAD requests (r2178,-9)
Improve serf_get: add option to add request headers, allow url with query,
allow HEAD requests (r2143,r2175,-6)
Improve RFC conformance: don't expect body for certain responses (r2011,-2)
Do not invoke progress callback when no data was received (r2144)
And more test suite fixes and build warning cleanups
SCons-related fixes:
Fix build when GSSAPI not in default include path (2155)
Fix OpenBSD build: always map all LIBPATH entries into RPATH (r2156)
Checksum generation in Windows shared libraries for release builds (2162)
Mac OS X: Use MAJOR version only in dylib install name (r2161)
Use both MAJOR and MINOR version for the shared library name (2163)
Fix the .pc file when installing serf in a non-default LIBDIR (r2191)
Serf 1.3.1 [2013-08-15, from /tags/1.3.1, r2139]
Fix issue 77: Endless loop if server doesn't accept Negotiate authentication.
Fix issue 114: ssl/tls renegotiation fails
Fix issue 120: error with ssl tunnel over proxy with KeepAlive off and
Basic authentication.
Fixed bugs with authentication (r2057,2115,2118)
SCons-related fixes:
Fix issue 111: add flag to set custom library path
Fix issue 112: add soname
Fix issue 113: add gssapi libs in the serf pc file
Fix issue 115: Setting RPATH on Solaris broken in SConstruct
Fix issue 116: scons check should return non-zero exit staths
Fix issue 121: make CFLAGS, LIBS, LINKFLAGS and CPPFLAGS take a space-
separated list of flags.
Fix issue 122: make scons PREFIX create the folder if it doesn't exist
Mac OS X: Fix scons --install-sandbox
Solaris: Fix build with cc, don't use unsupported compiler flags
Require SCons version 2.3.0 or higher now (for the soname support).
Serf 1.3.0 [2013-07-23, from /tags/1.3.0, r2075]
Fix issue 83: use PATH rather than URI within an ssltunnel (r1952)
Fix issue 108: improved error reporting from the underlying socket (r1951)
NEW: Switch to the SCons build system; retire serfmake, serf.mak, autotools
Improved Basic and Digest authentication:
- remember credentials on a per-server basis
- properly manage authentication realms
- continue functioning when a server sets KeepAlive: off
Windows: add support for NTLM authentication
Improved 2617 compliance: always use strongest authentication (r1968,1971)
Fixed bugs with proxy authentication and SSL tunneling through a proxy
Fixed bugs the response parser (r2032,r2036)
SSL connection performance improvements
Huge expansion of the test suite
Serf 1.2.1 [2013-06-03, from /tags/1.2.1, r1906]
Fix issue 95: add gssapi switches to configure (r1864, r1900)
Fix issue 97: skip mmap bucket if APR_HAS_MMAP is undefined (r1877)
Fix issue 100: building against an old Windows Platform SDK (r1881)
Fix issue 102: digest authentication failures (r1885)
Improve error return values in SSPI authentication (r1804)
Ensure serf-1.pc is constructed by serfmake (r1865)
Optimize SPNego authentication processing (r1868)
Reject certs that application does not like (r1794)
Fix possible endless loop in serf_linebuf_fetch() (r1816)
Windows build: dereference INTDIR in serf.mak (r1882)
Serf 1.2.0 [2013-02-22, from /tags/1.2.0, r1726]
Fixed issue 94: Serf can enter an infinite loop when server aborts conn.
Fixed issue 91: Serf doesn't handle an incoming 408 Timeout Request
Fixed issue 80: Serf is not handling Negotiate authentication correctly
Fixed issue 77: Endless loop if server doesn't accept Negotiate authn
Fixed issue 93: cleanup-after-fork interferes with parent (r1714)
Fixed most of issue 89: Support REAL SPNEGO authentication
Enable Negotiate/Kerberos support for proxy servers.
Return error when C-L, chunked, gzip encoded response bodies were
truncated (due to aborted connection) (r1688)
Add a logging mechanism that can be enabled at compile-time.
Don't lookup server address if a proxy was configured. (r1706)
Fix an off-by-one in buffer sizing (r1695)
Disable SSL compression by default + API to enable it (r1692)
New serf_connection_get_latency() for estimated network latency (r1689)
New error code and RFC compliance for the HTTPS tunnel (r1701, r1644)
Handle EINTR when a user suspends and then backgrounds the app (r1708)
Minor fixes and test suite improvements.
Serf 1.1.1 [2012-10-04, from /tags/1.1.1, r1657]
Fixed issue 86: ensure requeued requests are correctly handled.
This fixes:
- infinite loop with multiple connection resets or SIGPIPE errors
- "connection" hang where we would not re-queue requests that are
held after we re-connect
Fixed issue 74: test_all goes in an endless loop
Fix memleak when conn. is closed explicitly/due to pool cleanups (r1623)
Windows: Fix https connection aborts (r1628..-30,-33,-34,-37)
Add new error codes for the SSL bucket
Serf 1.1.0 [2012-06-07, from /tags/1.1.0, r1617]
New: serf_bucket_request_set_CL() for C-L based, non-chunked requests
New: serf_ssl_server_cert_chain_callback_set() for full-chain validation
Serf 1.0.3 [2012-03-20, from /tags/1.0.3, r1586]
Map more OpenSSL errors into SERF_SSL_CERT_UNKNOWNCA (r1573)
Serf 1.0.2
Not released.
Serf 1.0.1 [2012-02-15, from /tags/1.0.1, r1569]
FreeBSD fixes in the test suite (r1560, r1565)
Minor build fixes
Serf 1.0.0 [2011-07-15, from /tags/1.0.0, r1540]
Fixed issue 38: enable builds using non-GNU make
Fixed issue 49: support SSL tunnels for HTTPS via a proxy
Fixed issue 56: allow Subject Alternative Name, and enable SNI
Fixed issue 61: include order dependencies
Fixed issue 66: improved error reporting when creating install dirs
Fixed issue 71: handle ECONNREFUSED on Windows
Fixed issue 79: destroy the APR allocator, if we create one
Fixed issue 81: build failed on APR 0.9.x
Major performance improvements and bug fixes for SSL buckets/handling (r1462)
Add a new "iovec" bucket type (r1434)
Minimize network packet writes based on ra_serf analysis (r1467, r1471)
Fix out of order issue with multiple priority requests (r1469)
Work around broken WSAPoll() impl on Windows introduced in APR 1.4.0 (r1506)
Fix 100% CPU usage with many pipelined requests (r1456)
Corrected contents of build/serf.def; it now includes bucket types (r1512)
Removed "snapshot" feature from buckets (r1503)
Various improvements to the test system
Various memory leak fixes
Serf 0.7.2 [2011-03-12, from /tags/0.7.2, r1452]
Actually disable Nagle when creating a connection (r1441)
Return error when app asks for HTTPS over proxy connection (r1433)
Serf 0.7.1 [2011-01-25, from /tags/0.7.1, r1432]
Fix memory leak when using SSL (r1408, r1416)
Fix build for blank apr-util directory (r1421)
Serf 0.7.0 [2010-08-25, from /tags/0.7.0, r1407]
Fix double free abort when destroying request buckets
Fix test server in unit test framework to avoid random test failures
Allow older Serf programs which don't use the new authn framework to still
handle authn without forcing them to switch to the new framework. (r1401)
Remove the SERF_DECLARE macros, preferring a .DEF file for Windows
Barrier buckets now pass read_iovec to their wrapped bucket
Fix HTTP header parsing to allow for empty header values
Serf 0.6.1 [2010-05-14, from /tags/0.6.1, r1370]
Generally: this release fixes problems with the 0.4.0 packaging
Small compilation fix in outgoing.c for Windows builds
Serf 0.6.0
Not released.
Serf 0.5.0
Not released.
Serf 0.4.0
WITHDRAWN: this release misstated itself as 0.5.0; use a later release
Provide authn framework, supporting Basic, Digest, Kerberos (SSPI, GSS),
along with proxy authn using Basic or Digest
Added experimental listener framework, along with test_server.c
Improvements and fixes to SSL support, including connection setup changes
Experimental support for unrequested, arriving ("async") responses
Experimental BWTP support using the async arrival feature
Headers are combined on read (not write), to ease certian classes of parsing
Experimental feature on aggregate buckets for a callback-on-empty
Fix the bucket allocator for when APR is using its pool debugging features
Proxy support in the serf_get testing utility
Fix to include the port number in the Host header
serf_get propagates errors from the response, instead of aborting (Issue 52)
Added serf_lib_version() for runtime version tests
Serf 0.3.1 [2010-02-14, from /tags/0.3.1, r1322]
Fix loss of error on request->setup() callback. (Issue 47)
Support APR 2.x. (Issue 48)
Fixed slowdown in aggregate bucket with millions of child buckets
Avoid hang in apr_pollset_poll() by unclosed connections after fork()
Serf 0.3.0 [2009-01-26, from /tags/0.3.0, r1217]
Support LTFLAGS override as a config-time env. variable (Issue 44)
Fix CUTest test harness compilation on Solaris (Issue 43)
Fix small race condition in OpenSSL initialization (Issue 39)
Handle content streams larger than 4GB on 32-bit OSes (Issue 41)
Fix test_ssl.c compilation with mingw+msys
Fix conn close segfault by explicitly closing conn when pool is destroyed
Expose the depth of the SSL certificate so the validator can use that info
Fix socket address family issue when opening a connection to a proxy
Provide new API to take snapshots of buckets
Implement snapshot API for simple and aggregate buckets
Build with bundled apr and apr-util VPATH builds
Build with bundled OpenSSL builds
Serf 0.2.0 [2008-06-06, from /tags/0.2.0, r1189]
Enable use of external event loop: serf_create_context_ex
Enable adding new requests at the beginning of the request queue
Handle 'Connection:close' headers
Enable limiting the number of outstanding requests
Add readline function to simple buckets
Concatenate repeated headers using comma as separator, as per RFC 2616,
section 4.2. (Issue 29)
Add proxy server support
Add progress feedback support. (Issue 11)
Provide new API to simplify use of proxy and progress feedback support
Add callback to validate SSL server certificates. (Issue 31)
Add new test framework
Send current version string in the test programs (Issue 21)
Bugfixes:
Fix segfault with epoll when removing a NULL socket
Reset OpenSSL thread-safety callbacks when apr_terminate() called
Do not remove the socket from the pollset on pool cleanup
Do not issue double close on skt w/second one being close(-1) (Issue 33)
Serf 0.1.2 [2007-06-18, from /tags/0.1.2, r1115]
Enable thread-safety with OpenSSL (Issue 19)
Teach serfmake to install headers into include/serf-0
Be more tolerant when servers close the connection without telling us
Do not open the connection until we have requests to deliver
Fix serfmake to produce the library that corresponds to the minor version
Fix a memory leak with the socket bucket (Issue 14)
Fix uninitialized branch in serf_spider (Issue 15)
Serf 0.1.1 [2007-05-12, from /tags/0.1.1, r1105]
Add SSL client certificate support
Implement optimized iovec reads for header buckets
Fix up 'make clean' and 'make distclean' (Issues 9, 10)
Add SERF_VERSION_AT_LEAST macro
Remove abort() calls (Issue 13)
Serf 0.1.0 [2006-12-14, from /tags/0.1.0, r1087]
Initial packaged release