It turns out that the happy fun Linux kernel is deprecating sysctl,
and using sysctl to fetch entropy will spew messages in the kernel
logs. Let's not do that. Instead, let's call sysctl for our
entropy only when all other means fail.
Additionally, let's add another means, and try
/proc/sys/kernel/random/uuid if /dev/urandom fails.
The old logging code was littered with places where we stored messages in
static char[] fields. This is fine in a single-threaded program, but if you
ever tried to log evdns messages from two threads at once, you'd hit a race.
This patch also refactors evdns's debug_ntop function into a more useful
evutil_sockaddr_port_format() function, with unit tests.
The EVUTIL_CLOSESOCKET() macro required you to include unistd.h in your
source for POSIX. We might as well turn it into a function: an extra
function call is going to be cheap in comparison with the system call.
We retain the EVUTIL_CLOSESOCKET() macro as an alias for the new
evutil_closesocket() function.
(commit message from email by Nick and Sebastian)
There should be no need to call be_socket_enable: that does an
event_add(). What we really want to do is event_active(), to make
sure that the writecb is executed.
Also, there was one "} if () {" that was missing an else.
I've noted that the return value for evutil_socket_connect() is
getting screwy, but since that isn't an exported function, we can fix
it whenever.
Previously, evdns was at the mercy of the user for providing a good
entropy source; without one, it would be vulnerable to various
active attacks.
This patch adds a port of OpenBSD's arc4random() calls to Libevent
[port by Chris Davis], and wraps it up a little bit so we can use it
more safely.
If the user sets a bind address to use for nameservers, and a
nameserver happens to be on 127.0.0.1, the nameserver will generally
fail. This patch alters this behavior so that the bind address is
only applied when the nameserver is on a non-loopback address.
From evutil.c:
Some older BSDs (like OpenBSD up to 4.6) used to believe that
giving a numeric port without giving an ai_socktype was verboten.
We test for this so we can apply an appropriate workaround. If it
turns out that the bug is present, then:
- If nodename==NULL and servname is numeric, we build an answer
ourselves using evutil_getaddrinfo_common().
- If nodename!=NULL and servname is numeric, then we set
servname=NULL when calling getaddrinfo, and post-process the
result to set the ports on it.
We test for this bug at runtime, since otherwise we can't have the
same binary run on multiple BSD versions.
svn:r1550
The entry points are evutil_getaddrinfo and evdns_getaddrinfo respectively.
There are fairly extensive unit tests.
I believe this code conforms to RFC3493 pretty closely, but there are
probably more issues. It should get tested on more platforms.
This code means we can dump the well-intentioned but weirdly-implemented
bufferevent_evdns and evutil_resolve code.
svn:r1537
This function, bufferevent_socket_connect_hostname() can either use
evdns to do the resolve, or use a new function (evutil_resolve) that
uses getaddrinfo or gethostbyname, like http.c does now.
This function is meant to eventually replace the hostname resolution mess in
http.c.
svn:r1496
This code adds a new Bufferevent type that is only compiled when the
openssl library is present. It supports using an SSL object and an
event alert mechanism, which can either be an fd or an underlying
bufferevent.
There is still more work to do: the unit tests are incomplete, and we
need to support flush and shutdown much better. Sometimes events are
generated needlessly: this will hose performance.
There's a new encrypting proxy in sample/le-proxy.c.
This code has only been tested on OSX, and nowhere else.
svn:r1382
This patch adds a new set of EVUTIL_IS* functions to replace use of
the ctypes is* functions in all cases where we care about characters'
interpretations in net ascii rather than in the locale. For example,
when we're working with DNS hostnames, we don't want to do the 0x20
hack on non-ascii characters, even if the host thinks they should be
isalpha.
svn:r1114
