In it's current form, libevent requires multiple struct evhttp objects to be created in order to enable listening on sockets with more than one type of encryption.
This change allows specifying per-socket how the associated bufferevents should be created.
Thus, it becomes possible to have multiple listening sockets with different encryption parameters using only one evttp.
Deleted usage of CMake feature 'file(REAL_PATH'
which is available from version 3.19
with an old 'get_filename_component' so that
older version of CMake can still be used
to configure the project.
There can be issues on 32-bit architectures to mmap 2+GiB file, and to
make this portable between different version of glibc, mmap64 was
prefered over _FILE_OFFSET_BITS
There are periodically some heap-use-after-free reported in ratelim
tests by TSan, which I cannot reproduce locally and even on CI it is
flaky.
Let's try to use recent clang, maybe it fixes some issues in sanitizers.
Refs: #1206
Right now because we have separate workflows there is no one page with
all the jobs, instead we have separate page for each workflow (linux,
windows, ...)
This is pretty inconvenient, so let's make it cleaner, and now we will
have only two:
- for pull requests
- for upstream/master
Previously evdns was using HOST_NAME_MAX, and define it to 255 *only* if
it not set, however it does set on linux:
$ egrep -r define.*HOST_NAME_MAX /usr/include/bits
/usr/include/bits/local_lim.h:#define HOST_NAME_MAX 64
/usr/include/bits/posix1_lim.h:#define _POSIX_HOST_NAME_MAX 255
/usr/include/bits/confname.h:#define _SC_HOST_NAME_MAX _SC_HOST_NAME_MAX
But 64 should be the limit of the host component, not for the whole
hostname, as also noted by @ploxiln
So use our own EVDNS_NAME_MAX const, which is set to 255.
Fixes: #1280
Public CI workers has pretty high load, and sometimes you need to test
only specific workflow, i.e. windows.
So let's add ability to limit which workflow should be run.
* openssl-3:
ci: use ubuntu 22.04 with OpenSSl 3.0 instead of building OpenSSL from sources
ci: set LD_LIBRARY_PATH for openssl 3.0 build
test: suppress warning for already defined SSL_get_peer_certificate
autotools: print $OPENSSL_LIBS/$OPENSSL_INCS
Suppress -Wunused-value for BIO_set_close()
Use OPENSSL_VERSION_NUMBER over OPENSSL_VERSION_MAJOR (for compatibility)
Attempt to add OpenSSL 3 to the Linux build matrix
Initial OpenSSL 3.0 support
Fixes:
/home/runner/work/libevent/libevent/build/test/.libs/regress: error while loading shared libraries: libssl.so.3: cannot open shared object file: No such file or directory
build report:
[1/2] Building C object CMakeFiles/regress.dir/test/regress_mbedtls.c.o
/src/le/libevent/test/regress_mbedtls.c:50: warning: "SSL_get_peer_certificate" redefined
50 | #define SSL_get_peer_certificate mbedtls_ssl_get_peer_cert
|
In file included from /src/le/libevent/test/regress.h:139,
from /src/le/libevent/test/regress_mbedtls.c:35:
/src/oss/openssl/include/openssl/ssl.h:1799: note: this is the location of the previous definition
1799 | # define SSL_get_peer_certificate SSL_get1_peer_certificate
|
[2/2] Linking C executable bin/regress
But this should be cleaned up.
Since OpenSSL 3.0 there is new OPENSSL_VERSION_MAJOR, but previous
releases does not have it.
So let's use plain old OPENSSL_VERSION_NUMBER to avoid more preprocessor
macros.
* Don't use deprecated functions when building against OpenSSL 3.0.
* Recognise that OpenSSL 3.0 can signal a dirty shutdown as a protocol.
error in addition to the expected IO error produced by OpenSSL 1.1.1
* Update regress_mbedtls.c for compatibility with OpenSSL 3
* mbedtls-3:
sample/ssl-client-mbedtls.c: fix for MbedTLS 3
sample/ssl-client-mbedtls.c: break the loop on EOF
sample/ssl-client-mbedtls.c: fix printing response in readcb
Initial Mbed-TLS 3 support to get the GitHub Actions working again
Support build dir of the MbedTLS
@ploxiln:
On current homebrew, openssl@1.1 is the only openssl:
[pierce@plo-mbp15 libevent]$ brew --prefix openssl
/usr/local/opt/openssl@1.1
[pierce@plo-mbp15 libevent]$ brew info openssl
openssl@1.1: stable 1.1.1g (bottled) [keg-only]
Cryptography and SSL/TLS Toolkit
@fanquake
Indeed. OpenSSL 1.0 was removed from homebew in Homebrew/homebrew-core#46876. Related discussion also in Homebrew/homebrew-core#46454.
* fix-brew-autodetection:
ci: fix cmake build w/o OPENSSL_ROOT_DIR
ci: remove separate build for BREW_AUTODETECT_OPENSSL (use it by default)
autotools: fix autodetection of openssl location via brew
mingw has upgraded to Mbed-TLS 3.1.0, so all the mingw tests that need
Mbed-TLS currently don't work.
v2: add missing mbedtls/version.h into test/regress_mbedtls.c
v3: suppress #warning "Including compat-2.x.h is deprecated" for mbedtls/compat-2.x.h
Error
configure.ac:291: warning: AC_CHECK_FUNCS(getnameinfo
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(getprotobynumber
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(getservbyname
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(inet_ntop
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
configure.ac:291: warning: AC_CHECK_FUNCS(inet_pton
): you should use literals
../autoconf-2.71/lib/autoconf/functions.m4:117: AC_CHECK_FUNCS is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:692: _AS_IF_ELSE is expanded from...
../autoconf-2.71/lib/m4sugar/m4sh.m4:699: AS_IF is expanded from...
configure.ac:291: the top level
In function evconnlistener_new_bind() after go to "err:", The
evutil_closesocket() would clear the error code( I found this under
Windows ). User can not use EVUTIL_SOCKET_ERROR() to get the
evconnlistener_new_bind()'s failing error.
I add a err_code variable to store and restore the last error code.
v2: rebased by azat to make the patch simpler
