* ssl_bufferevent_wm_filter-fix:
Fix ssl/bufferevent_wm_filter when bev does not reach watermark on break
regress_ssl: cover watermarks with deferred callbacks
regress_ssl: improve bufferevent_wm/bufferevent_wm_filter logging
For the ssl/bufferevent_wm* we have next configuration:
- payload_len = 1024
- wm_high = 5120
- limit = 40960
- to_read = 512
In this test we expect that with high watermark installed to "wm_high"
we will read "limit" bytes by reading "to_read" at a time, but adding
"payload_len" at a time (this "to_read"/"payload_len" limits is
installed to finally overflow watermark).
Once we read "limit" bytes we break, by disable EV_READ and reset
callbacks. Although this will not work if when we want to break we do
not reach watermark, this is because watermarks installs evbuffer
callback for the input buffer and if the watermark does not reached it
will enable EV_READ while be_openssl_enable() will read from the
underlying buffer (in case the openssl bufferevent created via
bufferevent_openssl_filter_new()) and call callback again (until it will
reach watermark or read al from the underlying buffer -- this is why it
stops in our caes).
And this is exactly what happened in win32, you can see this in the
following logs:
- win32 before:
OK C:\vagrant\test\regress_ssl.c:829: wm_transfer-client(00DC2750): in: 4608, out: 0, got: 40960
OK C:\vagrant\test\regress_ssl.c:834: wm_transfer-client(00DC2750): break
OK C:\vagrant\test\regress_ssl.c:829: wm_transfer-client(00DC2750): in: 4608, out: 0, got: 41472
OK C:\vagrant\test\regress_ssl.c:834: wm_transfer-client(00DC2750): break
OK C:\vagrant\test\regress_ssl.c:829: wm_transfer-client(00DC2750): in: 4608, out: 0, got: 41984
OK C:\vagrant\test\regress_ssl.c:834: wm_transfer-client(00DC2750): break
OK C:\vagrant\test\regress_ssl.c:829: wm_transfer-client(00DC2750): in: 4608, out: 0, got: 42496
OK C:\vagrant\test\regress_ssl.c:834: wm_transfer-client(00DC2750): break
- win32 after:
OK C:\vagrant\test\regress_ssl.c:821: wm_transfer-client(00FC26F0): break
OK C:\vagrant\test\regress_ssl.c:836: wm_transfer-client(00FC26F0): in: 4800, out: 0, got: 40960
- linux before:
OK ../test/regress_ssl.c:829: wm_transfer-client(0x55555566f5e0): in: 5120, out: 0, got: 40960
OK ../test/regress_ssl.c:834: wm_transfer-client(0x55555566f5e0): break
- linux after:
OK ../test/regress_ssl.c:821: wm_transfer-client(0x55555566f5e0): break
OK ../test/regress_ssl.c:836: wm_transfer-client(0x55555566f5e0): in: 5120, out: 0, got: 40960
(As you can see in linux case we already reach watermark hence it passed
before).
So fix the issue by breaking before draining.
But during fixing this I was thinking is this right? I.e. reading from
the be_openssl_enable(), maybe we should force deferred callbacks at
least?
* check-O_NONBLOCK-in-debug:
regress: use non blocking descriptors whenever it is possible
assert that fds are nonblocking in debug mode
Closes: nmathewson/Libevent#90
Next tests uses fds without O_NONBLOCK flag
- main/free_active_base
- main/many_events
- et/et (has some other bits cleaned up by using TT_* flags and test
setup/cleanup callbacks)
And hence they will fail in debug mode (EVENT_DEBUG_MODE=):
Assertion flags & O_NONBLOCK failed in event_debug_assert_socket_nonblocking_
Check that each fd that had been added with some event do has O_NOBLOCK
after event_enable_debug_mode()
Rebased and do not check signals (EV_SIGNAL) by azat.
Refs: nmathewson/Libevent#90
Refs: #96
* event-ET-#636-v2:
Preserve ET bit for backends with changelist
Epoll ET setting lost with multiple events for same fd
Cover ET with multiple events for same fd
Add ET flag into event_base_dump_events()
Fixes: #636
After two or more events have been registered for the same file
descriptor using EV_ET, if one of the events is deleted, then the
epoll_ctl() call issued by libevent drops the EPOLLET flag resulting in
level triggered notifications.
[ azat: use existing "et" in the evmap_io_del_() ]
And use it in places where event_debug() should be called (since it
requires access to "event_debug_logging_mask_" and in win32 it is
tricky).
One of this places that is covered by this patch is the test for
event_debug().
MinGW 32-bit 5.3.0 does not defines it and our appveyour [1] build
reports this instantly:
evutil.c: In function 'evutil_make_listen_socket_ipv6only':
evutil.c:392:40: error: 'IPV6_V6ONLY' undeclared (first use in this function)
return setsockopt(sock, IPPROTO_IPV6, IPV6_V6ONLY, (void*) &one,
[1]: https://www.appveyor.com/docs/windows-images-software/#mingw-msys-cygwin
Another solution will be to use mingw64 which has it, but I guess we do
want that #ifdef anyway.
As pointed by @yankeehacker in #590:
Signed to Unsigned Conversion Error - buffer.c:1623
Description: This assignment creates a type mismatch by populating an
unsigned variable with a signed value. The signed integer will be
implicitly cast to an unsigned integer, converting negative values into
positive ones. If an attacker can control the signed value, it may be
possible to trigger a buffer overflow if the value specifies the length
of a memory write.
Remediation: Do not rely on implicit casts between signed and unsigned
values because the result can take on an unexpected value and violate
weak assumptions made elsewhere in the program.
Fixes: #590
../buffer.c:2231:6: warning: Access to field 'flags' results in a dereference of a null pointer
if (CHAIN_SPACE_LEN(*firstchainp) == 0) {
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../buffer.c:130:30: note: expanded from macro 'CHAIN_SPACE_LEN'
#define CHAIN_SPACE_LEN(ch) ((ch)->flags & EVBUFFER_IMMUTABLE ? \
Since we want people to stop using -levent, have the pkg-config file
also stop linking against that. This makes it easier to delete the
libevent.so library entirely.
Closes: #141
One tricky bit is reply to the BIO_C_GET_FD command, since otherwise it
will try to close(0) and accepted bev in ssl/bufferevent_connect_sleep
will leak. Other seems more or less trivial.
This was done to make sure that for at least generic cases does not
leak (tricky cases was listed here nmathewson/Libevent#83).
And this will allow run ssl/.. with --no-fork
From nmathewson/Libevent#83 by @fancycode:
There are a few code paths where the passed SSL object is not released in error cases, even if BEV_OPT_CLOSE_ON_FREE is passed as option while for others it is released. That way it's impossible for the caller to know it he has to free it on errors himself or not.
Line numbers are from "bufferevent_openssl.c" in 911abf3:
L1414 ("underlying == NULL" passed)
L1416 (bio could not be created)
L1446 (different fd passed)
L1325 (both underlying and fd passed)
L1328 (out-of-memory)
L1333 ("bufferevent_init_common_" failed)
In all error cases after the "bufferevent_ops_openssl" has been assigned, the option is evaluated on "bufferevent_free" (L1399) and the SSL object released (L1226).
Fixes: nmathewson/Libevent#83
This is mostly to match autotools and reduce amount mixiing declarations
and code.
Added:
- -Wextra (the same as -W), -Wno-unused-parameter -Wstrict-aliasing
- -fno-strict-aliasing (gcc 2.9.5+)
- -Winit-self -Wmissing-field-initializers -Wdeclaration-after-statement (4.0+)
- -Waddress -Wno-unused-function -Wnormalized=id -Woverride-init (4.2+)
- -Wlogical-op (4.5+)
Removed:
- -Wformat (include in -Wall)
Plus use CMAKE_C_COMPILER_ID over CMAKE_COMPILER_IS_GNUCC, as
cmake-variables(7) suggesting, and add common GNUC/CLANG variables.
v2: drop checks for flags, since add_compiler_flags() will check if such
flags exists anyway (but just to note, gcc ignores non existing warning
flags by default).
According to RFC3493 and most Linux distributions, default value is to
work in IPv4-mapped mode. If there is a requirement to bind same port
on same ip addresses but different handlers for both IPv4 and IPv6,
it is required to set IPV6_V6ONLY socket option to be sure that the
code works as expected without affected by bindv6only sysctl setting
in system.
See an example working with this patch:
https://gist.github.com/demirten/023008a63cd966e48b0ebcf9af7fc113Closes: #640 (cherry-pick)
* evutil_found_ifaddr-dev:
Cover evutil_v4addr_is_local_()/evutil_v6addr_is_local_()
Split evutil_found_ifaddr() into helpers (evutil_v{4,6}addr_is_local())
Use INADDR_ANY over 0 in evutil_found_ifaddr()
Replace EVUTIL_V4ADDR_IS_*() macroses with static inline functions
Filter link-local IPv4 addresses in evutil_found_ifaddr()
* http-request-line-parsing:
Fix http https_basic/https_filter_basic under valgrind (increase timeout)
http: cover various non RFC3986 conformant URIs
http: allow non RFC3986 conformant during parsing request-line (http server)
http: do not try to parse request-line if we do not have enough bytes
http: allow trailing spaces (and only them) in request-line (like nginx)
http: cleanup of the request-line parsing
- http/basic_trailing_space -- covers cases when there is trailing space
after the request line (nginx handles this)
- http/simple_nonconformant -- covers non RFC3986 conformant URIs
As you can see right now linux workers has zero failed tests, while osx
workers has 18 failed tests:
[bufferevent_connect_hostname_emfile FAILED]
[bufferevent_pair_release_lock FAILED]
[bufferevent_timeout FAILED]
[bufferevent_timeout_filter FAILED]
[bufferevent_timeout_pair FAILED]
[common_timeout FAILED]
[del_wait FAILED]
[immediatesignal FAILED]
[loopexit FAILED]
[loopexit_multiple FAILED]
[monotonic_res FAILED]
[no_events FAILED]
[persistent_active_timeout FAILED]
[persistent_timeout_jump FAILED]
[signal_switchbase FAILED]
[signal_while_processing FAILED]
[simpletimeout FAILED]
[usleep FAILED]
And this patch should remove from this list time related failures
(though maybe not all of them).
AFAIR there is shortage of osx workers on travis-ci, IOW builds that
requires them can wait fair amount of time in the queue by just waiting.
Plus linux workers AFAICS can run multiple jobs in parallel (4-5), while
osx does not.
Hence if we do allow failures for osx (and right now they have a lot of
failed tests) let's mark build result based on tests under linux only.
So in a nut shell this will reduce build time from 5 hours to 20-30
minutes.
