From owner-svn-src-all@FreeBSD.ORG  Tue May 27 04:52:34 2014
Return-Path: <owner-svn-src-all@FreeBSD.ORG>
Delivered-To: svn-src-all@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id 3B2F66CA;
 Tue, 27 May 2014 04:52:34 +0000 (UTC)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 1C1242D29;
 Tue, 27 May 2014 04:52:34 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.8/8.14.8) with ESMTP id s4R4qX4q079540;
 Tue, 27 May 2014 04:52:33 GMT (envelope-from peter@svn.freebsd.org)
Received: (from peter@localhost)
 by svn.freebsd.org (8.14.8/8.14.8/Submit) id s4R4qWM8079533;
 Tue, 27 May 2014 04:52:32 GMT (envelope-from peter@svn.freebsd.org)
Message-Id: <201405270452.s4R4qWM8079533@svn.freebsd.org>
From: Peter Wemm <peter@FreeBSD.org>
Date: Tue, 27 May 2014 04:52:32 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r266728 - in head/contrib/serf: . auth
X-SVN-Group: head
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 27 May 2014 04:52:34 -0000

Author: peter
Date: Tue May 27 04:52:32 2014
New Revision: 266728
URL: http://svnweb.freebsd.org/changeset/base/266728

Log:
  Update serf 1.3.4 -> 1.3.5

Modified:
  head/contrib/serf/CHANGES
  head/contrib/serf/auth/auth.c
  head/contrib/serf/auth/auth_spnego.c
  head/contrib/serf/outgoing.c
  head/contrib/serf/serf.h
  head/contrib/serf/ssltunnel.c
Directory Properties:
  head/contrib/serf/   (props changed)

Modified: head/contrib/serf/CHANGES
==============================================================================
--- head/contrib/serf/CHANGES	Tue May 27 04:39:23 2014	(r266727)
+++ head/contrib/serf/CHANGES	Tue May 27 04:52:32 2014	(r266728)
@@ -1,4 +1,11 @@
-Serf 1.3.4 [2014-02-08, from /tags/1.3.4, rxxxx]
+Serf 1.3.5 [2014-04-27, from /tags/1.3.5, rxxxx]
+  Fix issue #125: no reverse lookup during Negotiate authentication for proxies.
+  Fix a crash caused by incorrect reuse of the ssltunnel CONNECT request (r2316)
+  Cancel request if response parsing failed + authn callback set (r2319)
+  Update the expired certificates in the test suite.
+
+
+Serf 1.3.4 [2014-02-08, from /tags/1.3.4, r2310]
   Fix issue #119: Endless loop during ssl tunnel setup with Negotiate authn
   Fix issue #123: Can't setup ssl tunnel which sends Connection close header
   Fix a race condition when initializing OpenSSL from multiple threads (r2263)

Modified: head/contrib/serf/auth/auth.c
==============================================================================
--- head/contrib/serf/auth/auth.c	Tue May 27 04:39:23 2014	(r266727)
+++ head/contrib/serf/auth/auth.c	Tue May 27 04:52:32 2014	(r266728)
@@ -408,6 +408,7 @@ apr_status_t serf__handle_auth_response(
                consider the reponse body as invalid and discard it. */
             status = discard_body(response);
             *consumed_response = 1;
+
             if (!APR_STATUS_IS_EOF(status)) {
                 return status;
             }

Modified: head/contrib/serf/auth/auth_spnego.c
==============================================================================
--- head/contrib/serf/auth/auth_spnego.c	Tue May 27 04:39:23 2014	(r266727)
+++ head/contrib/serf/auth/auth_spnego.c	Tue May 27 04:52:32 2014	(r266728)
@@ -335,8 +335,7 @@ do_auth(peer_t peer,
                                          &tmp, &tmp_len,
                                          gss_info);
     } else {
-        char *proxy_host;
-        apr_getnameinfo(&proxy_host, conn->ctx->proxy_address, 0);
+        char *proxy_host = conn->ctx->proxy_address->hostname;
         status = gss_api_get_credentials(conn,
                                          token, token_len, proxy_host,
                                          &tmp, &tmp_len,

Modified: head/contrib/serf/outgoing.c
==============================================================================
--- head/contrib/serf/outgoing.c	Tue May 27 04:39:23 2014	(r266727)
+++ head/contrib/serf/outgoing.c	Tue May 27 04:52:32 2014	(r266728)
@@ -916,21 +916,22 @@ static apr_status_t handle_response(serf
      * themselves by not registering credential callbacks.
      */
     if (request->conn->ctx->cred_cb) {
-      status = serf__handle_auth_response(&consumed_response,
-                                          request,
-                                          request->resp_bkt,
-                                          request->handler_baton,
-                                          pool);
-
-      /* If there was an error reading the response (maybe there wasn't
-         enough data available), don't bother passing the response to the
-         application.
-
-         If the authentication was tried, but failed, pass the response
-         to the application, maybe it can do better. */
-      if (status) {
-          return status;
-      }
+        status = serf__handle_auth_response(&consumed_response,
+                                            request,
+                                            request->resp_bkt,
+                                            request->handler_baton,
+                                            pool);
+
+        if (SERF_BUCKET_READ_ERROR(status)) {
+            /* Report the request as 'died'/'cancelled' to the application */
+            (void)(*request->handler)(request,
+                                      NULL,
+                                      request->handler_baton,
+                                      pool);
+        }
+
+        if (status)
+            return status;
     }
 
     if (!consumed_response) {

Modified: head/contrib/serf/serf.h
==============================================================================
--- head/contrib/serf/serf.h	Tue May 27 04:39:23 2014	(r266727)
+++ head/contrib/serf/serf.h	Tue May 27 04:52:32 2014	(r266728)
@@ -1062,7 +1062,7 @@ void serf_debug__bucket_alloc_check(
 /* Version info */
 #define SERF_MAJOR_VERSION 1
 #define SERF_MINOR_VERSION 3
-#define SERF_PATCH_VERSION 4
+#define SERF_PATCH_VERSION 5
 
 /* Version number string */
 #define SERF_VERSION_STRING APR_STRINGIFY(SERF_MAJOR_VERSION) "." \

Modified: head/contrib/serf/ssltunnel.c
==============================================================================
--- head/contrib/serf/ssltunnel.c	Tue May 27 04:39:23 2014	(r266727)
+++ head/contrib/serf/ssltunnel.c	Tue May 27 04:52:32 2014	(r266728)
@@ -70,12 +70,11 @@ static apr_status_t handle_response(serf
     req_ctx_t *ctx = handler_baton;
     serf_connection_t *conn = request->conn;
 
-    if (! response) {
-        serf_connection_request_create(conn,
-                                       setup_request,
-                                       ctx);
+    /* CONNECT request was cancelled. Assuming that this is during connection
+       reset, we can safely discard the request as a new one will be created
+       when setting up the next connection. */
+    if (!response)
         return APR_SUCCESS;
-    }
 
     status = serf_bucket_response_status(response, &sl);
     if (SERF_BUCKET_READ_ERROR(status)) {