* mbedtls-3:
sample/ssl-client-mbedtls.c: fix for MbedTLS 3
sample/ssl-client-mbedtls.c: break the loop on EOF
sample/ssl-client-mbedtls.c: fix printing response in readcb
Initial Mbed-TLS 3 support to get the GitHub Actions working again
Support build dir of the MbedTLS
@ploxiln:
On current homebrew, openssl@1.1 is the only openssl:
[pierce@plo-mbp15 libevent]$ brew --prefix openssl
/usr/local/opt/openssl@1.1
[pierce@plo-mbp15 libevent]$ brew info openssl
openssl@1.1: stable 1.1.1g (bottled) [keg-only]
Cryptography and SSL/TLS Toolkit
@fanquake
Indeed. OpenSSL 1.0 was removed from homebew in Homebrew/homebrew-core#46876. Related discussion also in Homebrew/homebrew-core#46454.
* fix-brew-autodetection:
ci: fix cmake build w/o OPENSSL_ROOT_DIR
ci: remove separate build for BREW_AUTODETECT_OPENSSL (use it by default)
autotools: fix autodetection of openssl location via brew
mingw has upgraded to Mbed-TLS 3.1.0, so all the mingw tests that need
Mbed-TLS currently don't work.
v2: add missing mbedtls/version.h into test/regress_mbedtls.c
v3: suppress #warning "Including compat-2.x.h is deprecated" for mbedtls/compat-2.x.h
Error
configure.ac:291: warning: AC_CHECK_FUNCS(getnameinfo
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(getprotobynumber
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(getservbyname
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(inet_ntop
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(inet_pton
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
In function evconnlistener_new_bind() after go to "err:", The
evutil_closesocket() would clear the error code( I found this under
Windows ). User can not use EVUTIL_SOCKET_ERROR() to get the
evconnlistener_new_bind()'s failing error.
I add a err_code variable to store and restore the last error code.
v2: rebased by azat to make the patch simpler
* Werror:
test: ignore -Walloc-size-larger-than error for calloc() returns ENOMEM
Fix EVBASE_ACQUIRE_LOCK/EVBASE_RELEASE_LOCK for EVENT__DISABLE_THREAD_SUPPORT
http: suppress "flags may be used uninitialized in this function" error
Detech -Wno-unused-functions for GCC too
cmake: add compiler version to the status message
Fix BEV_LOCK/BEV_UNLOCK macros for EVENT__DISABLE_THREAD_SUPPORT
Run builds with -Werror on CI for linux
Fix -Werror for autotools
Add -Wundef for cmake and fix EVENT__SIZEOF_TIME_T usage
Compiler report:
/home/runner/work/libevent/libevent/test/regress_util.c: In function ‘test_event_calloc’:
/home/runner/work/libevent/libevent/test/regress_util.c:1318:4: error: argument 2 value ‘9223372036854775815’ exceeds maximum object size 9223372036854775807 [-Werror=alloc-size-larger-than=]
p = mm_calloc(EV_SIZE_MAX/2, EV_SIZE_MAX/2 + 8);
In file included from /home/runner/work/libevent/libevent/test/../util-internal.h:37:0,
from /home/runner/work/libevent/libevent/test/regress_util.c:30:
/usr/include/stdlib.h:541:14: note: in a call to allocation function ‘calloc’ declared here
extern void *calloc (size_t __nmemb, size_t __size)
v2: clang on CI does not have this option
Some GCC reports [1]:
/home/runner/work/libevent/libevent/http.c: In function ‘evhttp_make_header’:
/home/runner/work/libevent/libevent/http.c:503:14: error: ‘flags’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
ev_uint16_t flags;
^~~~~
/home/runner/work/libevent/libevent/http.c: In function ‘evhttp_get_body’:
/home/runner/work/libevent/libevent/http.c:2354:14: error: ‘flags’ may be used uninitialized in this function [-Werror=maybe-uninitialized]
ev_uint16_t flags;
^~~~~
[1]: https://github.com/libevent/libevent/runs/7263518338?check_suite_focus=true#logs
Otherwise build fails [1]:
/home/runner/work/libevent/libevent/dist/libevent-2.2.0-alpha-dev/minheap-internal.h:64:6: error: ‘min_heap_ctor_’ defined but not used [-Werror=unused-function]
void min_heap_ctor_(min_heap_t* s) { s->p = 0; s->n = 0; s->a = 0; }
^~~~~~~~~~~~~~
In file included from /home/runner/work/libevent/libevent/dist/libevent-2.2.0-alpha-dev/buffer.c:91:0:
/home/runner/work/libevent/libevent/dist/libevent-2.2.0-alpha-dev/bufferevent-internal.h:414:1: error: ‘bufferevent_trigger_nolock_’ defined but not used [-Werror=unused-function]
bufferevent_trigger_nolock_(struct bufferevent *bufev, short iotype, int options)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from /home/runner/work/libevent/libevent/dist/libevent-2.2.0-alpha-dev/buffer.c:89:0:
/home/runner/work/libevent/libevent/dist/libevent-2.2.0-alpha-dev/evthread-internal.h:140:1: error: ‘EVLOCK_TRY_LOCK_’ defined but not used [-Werror=unused-function]
EVLOCK_TRY_LOCK_(void *lock)
[1]: https://github.com/libevent/libevent/runs/7263518180?check_suite_focus=true
These are updates to help with OpenSSL 3 compilation. I found
https://github.com/libevent/libevent/pull/1288 after I started this, but
these seem independent, and fix a different set of problems:
- First off, OpenSSL 3 does not by default allow signing with SHA1
digests - moving this to SHA256 universally at this point seems a
better idea than continuing to use the insecure SHA1 for older OpenSSL
versions. This fixes X509_sign failing in regress_openssl for a number
of tests, eg:
```
regress: http/https_openssl_basic:
FAIL ../test/regress_openssl.c:106: assert(0 != X509_sign(x509, key, EVP_sha1()))[Lost connection!] http/https_openssl_filter_basic:
FAIL ../test/regress_openssl.c:106: assert(0 != X509_sign(x509, key, EVP_sha1()))[Lost connection!] http/https_openssl_simple:
...
```
- Secondly, when using TLS 1.3, there's no support for renegotiation, so
for the renegotiation tests, we need to disable TLS v1.3, and expect
to negotiate TLS 1.1 or 1.2
Fixes: #661
* upstream/pr/1291:
OpenSSL 3 fixes: Disable TLS 1.3 when testing renegotiation support
OpenSSL 3 fixes: use SHA256 instead of SHA1
Otherwise GCC will warn. i.e:
```bash
CCLD libevent_openssl.la
cc1: note: unrecognized command-line option ‘-Wno-void-pointer-to-enum-cast’
may have been intended to silence earlier diagnostics
CCLD libevent_mbedtls.la
```
TLS 1.3 does not support renegotation - it has been removed from the
protocol. Disable TLS 1.3 when testing this, so we negotiate an older
protocol version
I found the correct path by looking at the _Disable Key Refresh_ step in
_mingw::autotools::set up msys2_ task
(https://github.com/rectified95/libevent/runs/5858227589?check_suite_focus=true)
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe "((Get-Content -path **D:\a\_temp\msys64**\etc\post-install\07-pacman-key.post -Raw) ...
The Windows CI is failing at the prepare vcpkg step while installing zlib
Changing the vcpkg commit hash to point to latest release
https://github.com/microsoft/vcpkg/releases/tag/2022.03.10 as opposed to
sometime in 2019 to see if that fixes it.
In ce8be2385b5fee16859a630fca0c98ad290c8e21 ("cmake: set rpath for
libraries on linux") RPATH was first instroduced.
Later in 6d09efe8686de824adf3d8810bbe0d5c386643e4 ("Set RPATH only if
installation is done into non system directory") it was set only if it
was installed to non system directory.
But absolute RPATH not a good default, let's change this.
Fixes: #920
Currently the code uses long, but long does not always have the same
representation as a pointer, such as on 64-bit Windows where long is
only 32-bit due to its unususal LLP64 ABI, but also on CHERI, and thus
Arm's prototype Morello architecture, where C language pointers are
represented as hardware capabilities, which have bounds, permissions and
other metadata to enforce spatial memory safety. Both of these cases
warn when casting a long to a pointer (Windows due to long being shorter
and thus it being likely you've truncated the address, and CHERI due to
long not having any capability metadata like pointers and thus it being
likely you've stripped the metadata, with the resulting "null-derived"
capability destined to trap if dereferenced), and in both cases casting
to intptr_t as the intermediate type instead will get rid of those
warnings.
I've got an issue when stop evconnlistener not in the event_base_loop()
thread. evconnlistener_disable() acquired lev->lock, if the same time,
user callbacks is runing, the event thread released lock, after callback
finished, it try to aquire the lock again, I think this makes conflict:
Here is backtraces:
thread 1:
0 __lll_lock_wait (futex=futex@entry=0x555555559a60, private=0) at lowlevellock.c:52
1 0x00007ffff7f2a131 in __GI___pthread_mutex_lock (mutex=0x555555559a60) at ../nptl/pthread_mutex_lock.c:115
2 0x00007ffff7f424c9 in evthread_posix_lock (mode=0, lock_=0x555555559a60) at evthread_pthread.c:79
3 0x00007ffff7f7dc12 in listener_read_cb (fd=7, what=2, p=0x5555555599a0) at listener.c:439
4 0x00007ffff7f6d758 in event_persist_closure (base=0x555555559370, ev=0x5555555599d8) at event.c:1645
5 0x00007ffff7f6da60 in event_process_active_single_queue (base=0x555555559370, activeq=0x5555555597e0,
max_to_process=2147483647, endtime=0x0) at event.c:1704
6 0x00007ffff7f6e018 in event_process_active (base=0x555555559370) at event.c:1805
7 0x00007ffff7f6e92a in event_base_loop (base=0x555555559370, flags=0) at event.c:2047
8 0x0000555555555449 in main () at test_listen.c:67
thread 2:
0 futex_wait_cancelable (private=<optimized out>, expected=0, futex_word=0x555555559858) at ../sysdeps/nptl/futex-internal.h:183
1 __pthread_cond_wait_common (abstime=0x0, clockid=0, mutex=0x555555559800, cond=0x555555559830) at pthread_cond_wait.c:508
2 __pthread_cond_wait (cond=0x555555559830, mutex=0x555555559800) at pthread_cond_wait.c:638
3 0x00007ffff7f426f3 in evthread_posix_cond_wait (cond_=0x555555559830, lock_=0x555555559800, tv=0x0) at evthread_pthread.c:162
4 0x00007ffff7f70bc5 in event_del_nolock_ (ev=0x5555555599d8, blocking=2) at event.c:2934
5 0x00007ffff7f70748 in event_del_ (ev=0x5555555599d8, blocking=2) at event.c:2821
6 0x00007ffff7f707a1 in event_del (ev=0x5555555599d8) at event.c:2830
7 0x00007ffff7f7d76e in event_listener_disable (lev=0x5555555599a0) at listener.c:343
8 0x00007ffff7f7d6e5 in evconnlistener_disable (lev=0x5555555599a0) at listener.c:325
9 0x00005555555552c3 in disable_thread (arg=0x5555555599a0) at test_listen.c:27
10 0x00007ffff7f27609 in start_thread (arg=<optimized out>) at pthread_create.c:477
11 0x00007ffff7e4e293 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
