Date: Fri, 2 Aug 2013 19:14:25 +0000 (UTC) From: Peter Wemm <peter@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-vendor@freebsd.org Subject: svn commit: r253894 - in vendor/serf/serf-1.3.0: . auth buckets build Message-ID: <201308021914.r72JEPrl069204@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: peter Date: Fri Aug 2 19:14:25 2013 New Revision: 253894 URL: http://svnweb.freebsd.org/changeset/base/253894 Log: Tag serf 1.3.0 Added: vendor/serf/serf-1.3.0/ - copied from r253891, vendor/serf/dist/ vendor/serf/serf-1.3.0/SConstruct - copied unchanged from r253893, vendor/serf/dist/SConstruct vendor/serf/serf-1.3.0/auth/auth_spnego.c - copied unchanged from r253893, vendor/serf/dist/auth/auth_spnego.c vendor/serf/serf-1.3.0/auth/auth_spnego.h - copied unchanged from r253893, vendor/serf/dist/auth/auth_spnego.h vendor/serf/serf-1.3.0/auth/auth_spnego_gss.c - copied unchanged from r253893, vendor/serf/dist/auth/auth_spnego_gss.c vendor/serf/serf-1.3.0/auth/auth_spnego_sspi.c - copied unchanged from r253893, vendor/serf/dist/auth/auth_spnego_sspi.c vendor/serf/serf-1.3.0/build/check.py - copied unchanged from r253893, vendor/serf/dist/build/check.py vendor/serf/serf-1.3.0/build/serf.pc.in - copied unchanged from r253893, vendor/serf/dist/build/serf.pc.in Replaced: vendor/serf/serf-1.3.0/CHANGES - copied unchanged from r253893, vendor/serf/dist/CHANGES vendor/serf/serf-1.3.0/README - copied unchanged from r253893, vendor/serf/dist/README vendor/serf/serf-1.3.0/auth/auth.c - copied unchanged from r253893, vendor/serf/dist/auth/auth.c vendor/serf/serf-1.3.0/auth/auth.h - copied unchanged from r253893, vendor/serf/dist/auth/auth.h vendor/serf/serf-1.3.0/auth/auth_basic.c - copied unchanged from r253893, vendor/serf/dist/auth/auth_basic.c vendor/serf/serf-1.3.0/auth/auth_digest.c - copied unchanged from r253893, vendor/serf/dist/auth/auth_digest.c vendor/serf/serf-1.3.0/buckets/aggregate_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/aggregate_buckets.c vendor/serf/serf-1.3.0/buckets/buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/buckets.c vendor/serf/serf-1.3.0/buckets/dechunk_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/dechunk_buckets.c vendor/serf/serf-1.3.0/buckets/headers_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/headers_buckets.c vendor/serf/serf-1.3.0/buckets/limit_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/limit_buckets.c vendor/serf/serf-1.3.0/buckets/request_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/request_buckets.c vendor/serf/serf-1.3.0/buckets/response_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/response_buckets.c vendor/serf/serf-1.3.0/buckets/simple_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/simple_buckets.c vendor/serf/serf-1.3.0/buckets/ssl_buckets.c - copied unchanged from r253893, vendor/serf/dist/buckets/ssl_buckets.c vendor/serf/serf-1.3.0/build/gen_def.py - copied unchanged from r253893, vendor/serf/dist/build/gen_def.py vendor/serf/serf-1.3.0/context.c - copied unchanged from r253893, vendor/serf/dist/context.c vendor/serf/serf-1.3.0/incoming.c - copied unchanged from r253893, vendor/serf/dist/incoming.c vendor/serf/serf-1.3.0/outgoing.c - copied unchanged from r253893, vendor/serf/dist/outgoing.c vendor/serf/serf-1.3.0/serf.h - copied unchanged from r253893, vendor/serf/dist/serf.h vendor/serf/serf-1.3.0/serf_bucket_types.h - copied unchanged from r253893, vendor/serf/dist/serf_bucket_types.h vendor/serf/serf-1.3.0/serf_bucket_util.h - copied unchanged from r253893, vendor/serf/dist/serf_bucket_util.h vendor/serf/serf-1.3.0/serf_private.h - copied unchanged from r253893, vendor/serf/dist/serf_private.h vendor/serf/serf-1.3.0/ssltunnel.c - copied unchanged from r253893, vendor/serf/dist/ssltunnel.c Deleted: vendor/serf/serf-1.3.0/Makefile.in vendor/serf/serf-1.3.0/auth/auth_kerb.c vendor/serf/serf-1.3.0/auth/auth_kerb.h vendor/serf/serf-1.3.0/auth/auth_kerb_gss.c vendor/serf/serf-1.3.0/auth/auth_kerb_sspi.c vendor/serf/serf-1.3.0/build/apr_common.m4 vendor/serf/serf-1.3.0/build/config.guess vendor/serf/serf-1.3.0/build/config.sub vendor/serf/serf-1.3.0/build/find_apr.m4 vendor/serf/serf-1.3.0/build/find_apu.m4 vendor/serf/serf-1.3.0/build/get-version.sh vendor/serf/serf-1.3.0/build/install.sh vendor/serf/serf-1.3.0/build/serf.def vendor/serf/serf-1.3.0/buildconf vendor/serf/serf-1.3.0/config.layout vendor/serf/serf-1.3.0/configure vendor/serf/serf-1.3.0/configure.in vendor/serf/serf-1.3.0/serf.mak vendor/serf/serf-1.3.0/serf.pc.in vendor/serf/serf-1.3.0/serfmake Copied: vendor/serf/serf-1.3.0/CHANGES (from r253893, vendor/serf/dist/CHANGES) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/serf/serf-1.3.0/CHANGES Fri Aug 2 19:14:25 2013 (r253894, copy of r253893, vendor/serf/dist/CHANGES) @@ -0,0 +1,214 @@ +Serf 1.3.0 [2013-07-23, from /tags/1.3.0] + Fix issue 83: use PATH rather than URI within an ssltunnel (r1952) + Fix issue 108: improved error reporting from the underlying socket (r1951) + NEW: Switch to the SCons build system; retire serfmake, serf.mak, autotools + Improved Basic and Digest authentication: + - remember credentials on a per-server basis + - properly manage authentication realms + - continue functioning when a server sets KeepAlive: off + Windows: add support for NTLM authentication + Improved 2617 compliance: always use strongest authentication (r1968,1971) + Fixed bugs with proxy authentication and SSL tunneling through a proxy + Fixed bugs the response parser (r2032,r2036) + SSL connection performance improvements + Huge expansion of the test suite + + +Serf 1.2.1 [2013-06-03, from /tags/1.2.1, r1906] + Fix issue 95: add gssapi switches to configure (r1864, r1900) + Fix issue 97: skip mmap bucket if APR_HAS_MMAP is undefined (r1877) + Fix issue 100: building against an old Windows Platform SDK (r1881) + Fix issue 102: digest authentication failures (r1885) + Improve error return values in SSPI authentication (r1804) + Ensure serf-1.pc is constructed by serfmake (r1865) + Optimize SPNego authentication processing (r1868) + Reject certs that application does not like (r1794) + Fix possible endless loop in serf_linebuf_fetch() (r1816) + Windows build: dereference INTDIR in serf.mak (r1882) + + +Serf 1.2.0 [2013-02-22, from /tags/1.2.0, r1726] + Fixed issue 94: Serf can enter an infinite loop when server aborts conn. + Fixed issue 91: Serf doesn't handle an incoming 408 Timeout Request + Fixed issue 80: Serf is not handling Negotiate authentication correctly + Fixed issue 77: Endless loop if server doesn't accept Negotiate authn + Fixed issue 93: cleanup-after-fork interferes with parent (r1714) + Fixed most of issue 89: Support REAL SPNEGO authentication + Enable Negotiate/Kerberos support for proxy servers. + Return error when C-L, chunked, gzip encoded response bodies were + truncated (due to aborted connection) (r1688) + Add a logging mechanism that can be enabled at compile-time. + Don't lookup server address if a proxy was configured. (r1706) + Fix an off-by-one in buffer sizing (r1695) + Disable SSL compression by default + API to enable it (r1692) + New serf_connection_get_latency() for estimated network latency (r1689) + New error code and RFC compliance for the HTTPS tunnel (r1701, r1644) + Handle EINTR when a user suspends and then backgrounds the app (r1708) + Minor fixes and test suite improvements. + + +Serf 1.1.1 [2012-10-04, from /tags/1.1.1, r1657] + Fixed issue 86: ensure requeued requests are correctly handled. + This fixes: + - infinite loop with multiple connection resets or SIGPIPE errors + - "connection" hang where we would not re-queue requests that are + held after we re-connect + Fixed issue 74: test_all goes in an endless loop + Fix memleak when conn. is closed explicitly/due to pool cleanups (r1623) + Windows: Fix https connection aborts (r1628..-30,-33,-34,-37) + Add new error codes for the SSL bucket + + +Serf 1.1.0 [2012-06-07, from /tags/1.1.0, r1617] + New: serf_bucket_request_set_CL() for C-L based, non-chunked requests + New: serf_ssl_server_cert_chain_callback_set() for full-chain validation + + +Serf 1.0.3 [2012-03-20, from /tags/1.0.3, r1586] + Map more OpenSSL errors into SERF_SSL_CERT_UNKNOWNCA (r1573) + + +Serf 1.0.2 + Not released. + + +Serf 1.0.1 [2012-02-15, from /tags/1.0.1, r1569] + FreeBSD fixes in the test suite (r1560, r1565) + Minor build fixes + + +Serf 1.0.0 [2011-07-15, from /tags/1.0.0, r1540] + Fixed issue 38: enable builds using non-GNU make + Fixed issue 49: support SSL tunnels for HTTPS via a proxy + Fixed issue 56: allow Subject Alternative Name, and enable SNI + Fixed issue 61: include order dependencies + Fixed issue 66: improved error reporting when creating install dirs + Fixed issue 71: handle ECONNREFUSED on Windows + Fixed issue 79: destroy the APR allocator, if we create one + Fixed issue 81: build failed on APR 0.9.x + Major performance improvements and bug fixes for SSL buckets/handling (r1462) + Add a new "iovec" bucket type (r1434) + Minimize network packet writes based on ra_serf analysis (r1467, r1471) + Fix out of order issue with multiple priority requests (r1469) + Work around broken WSAPoll() impl on Windows introduced in APR 1.4.0 (r1506) + Fix 100% CPU usage with many pipelined requests (r1456) + Corrected contents of build/serf.def; it now includes bucket types (r1512) + Removed "snapshot" feature from buckets (r1503) + Various improvements to the test system + Various memory leak fixes + + +Serf 0.7.2 [2011-03-12, from /tags/0.7.2, r1452] + Actually disable Nagle when creating a connection (r1441) + Return error when app asks for HTTPS over proxy connection (r1433) + + +Serf 0.7.1 [2011-01-25, from /tags/0.7.1, r1432] + Fix memory leak when using SSL (r1408, r1416) + Fix build for blank apr-util directory (r1421) + + +Serf 0.7.0 [2010-08-25, from /tags/0.7.0, r1407] + Fix double free abort when destroying request buckets + Fix test server in unit test framework to avoid random test failures + Allow older Serf programs which don't use the new authn framework to still + handle authn without forcing them to switch to the new framework. (r1401) + Remove the SERF_DECLARE macros, preferring a .DEF file for Windows + Barrier buckets now pass read_iovec to their wrapped bucket + Fix HTTP header parsing to allow for empty header values + + +Serf 0.6.1 [2010-05-14, from /tags/0.6.1, r1370] + Generally: this release fixes problems with the 0.4.0 packaging + Small compilation fix in outgoing.c for Windows builds + + +Serf 0.6.0 + Not released. + + +Serf 0.5.0 + Not released. + + +Serf 0.4.0 + WITHDRAWN: this release misstated itself as 0.5.0; use a later release + + Provide authn framework, supporting Basic, Digest, Kerberos (SSPI, GSS), + along with proxy authn using Basic or Digest + Added experimental listener framework, along with test_server.c + Improvements and fixes to SSL support, including connection setup changes + Experimental support for unrequested, arriving ("async") responses + Experimental BWTP support using the async arrival feature + Headers are combined on read (not write), to ease certian classes of parsing + Experimental feature on aggregate buckets for a callback-on-empty + Fix the bucket allocator for when APR is using its pool debugging features + Proxy support in the serf_get testing utility + Fix to include the port number in the Host header + serf_get propagates errors from the response, instead of aborting (Issue 52) + Added serf_lib_version() for runtime version tests + + +Serf 0.3.1 [2010-02-14, from /tags/0.3.1, r1322] + Fix loss of error on request->setup() callback. (Issue 47) + Support APR 2.x. (Issue 48) + Fixed slowdown in aggregate bucket with millions of child buckets + Avoid hang in apr_pollset_poll() by unclosed connections after fork() + + +Serf 0.3.0 [2009-01-26, from /tags/0.3.0, r1217] + Support LTFLAGS override as a config-time env. variable (Issue 44) + Fix CUTest test harness compilation on Solaris (Issue 43) + Fix small race condition in OpenSSL initialization (Issue 39) + Handle content streams larger than 4GB on 32-bit OSes (Issue 41) + Fix test_ssl.c compilation with mingw+msys + Fix conn close segfault by explicitly closing conn when pool is destroyed + Expose the depth of the SSL certificate so the validator can use that info + Fix socket address family issue when opening a connection to a proxy + Provide new API to take snapshots of buckets + Implement snapshot API for simple and aggregate buckets + Build with bundled apr and apr-util VPATH builds + Build with bundled OpenSSL builds + + +Serf 0.2.0 [2008-06-06, from /tags/0.2.0, r1189] + Enable use of external event loop: serf_create_context_ex + Enable adding new requests at the beginning of the request queue + Handle 'Connection:close' headers + Enable limiting the number of outstanding requests + Add readline function to simple buckets + Concatenate repeated headers using comma as separator, as per RFC 2616, + section 4.2. (Issue 29) + Add proxy server support + Add progress feedback support. (Issue 11) + Provide new API to simplify use of proxy and progress feedback support + Add callback to validate SSL server certificates. (Issue 31) + Add new test framework + Send current version string in the test programs (Issue 21) + Bugfixes: + Fix segfault with epoll when removing a NULL socket + Reset OpenSSL thread-safety callbacks when apr_terminate() called + Do not remove the socket from the pollset on pool cleanup + Do not issue double close on skt w/second one being close(-1) (Issue 33) + + +Serf 0.1.2 [2007-06-18, from /tags/0.1.2, r1115] + Enable thread-safety with OpenSSL (Issue 19) + Teach serfmake to install headers into include/serf-0 + Be more tolerant when servers close the connection without telling us + Do not open the connection until we have requests to deliver + Fix serfmake to produce the library that corresponds to the minor version + Fix a memory leak with the socket bucket (Issue 14) + Fix uninitialized branch in serf_spider (Issue 15) + + +Serf 0.1.1 [2007-05-12, from /tags/0.1.1, r1105] + Add SSL client certificate support + Implement optimized iovec reads for header buckets + Fix up 'make clean' and 'make distclean' (Issues 9, 10) + Add SERF_VERSION_AT_LEAST macro + Remove abort() calls (Issue 13) + + +Serf 0.1.0 [2006-12-14, from /tags/0.1.0, r1087] + Initial packaged release Copied: vendor/serf/serf-1.3.0/README (from r253893, vendor/serf/dist/README) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/serf/serf-1.3.0/README Fri Aug 2 19:14:25 2013 (r253894, copy of r253893, vendor/serf/dist/README) @@ -0,0 +1,80 @@ +Welcome to serf, a high-performance asynchronous HTTP client library. + +The serf library is a C-based HTTP client library built upon the Apache +Portable Runtime (APR) library. It multiplexes connections, running the +read/write communication asynchronously. Memory copies and transformations are +kept to a minimum to provide high performance operation. + + * Status: http://code.google.com/p/serf/wiki/ + * Site: http://code.google.com/p/serf/ + * Code: http://serf.googlecode.com/svn/ + * Issues: http://code.google.com/p/serf/issues/list + * Mail: serf-dev@googlegroups.com + * People: Justin Erenkrantz, Greg Stein + +---- + +1. INSTALL + +1.1. SCons build system + +serf uses SCons 2.x for its build system. If it is not installed on +your system, then you can install it onto your system. If you do not +have permissions, then you can download and install the "local" +version into your home directory. When installed privately, simply +create a symlink for 'scons' in your PATH to /path/to/scons/scons.py. + +Fetch the scons-local package: + http://prdownloads.sourceforge.net/scons/scons-local-2.0.1.tar.gz + + +1.2 Building serf + +To build serf: + +$ scons APR=/path/to/apr APU=/path/to/apu OPENSSL=/openssl/base PREFIX=/path/to/prefix + +The switches are recorded into .saved_config, so they only need to be +specified the first time scons is run. + +PREFIX should specify where serf should be installed. PREFIX defaults to +/usr/local. + +The default for the other three switches (APR, APU, OPENSSL) is /usr. + +The build system looks for apr-1-config at $APR/bin/apr-1-config, or +the path should indicate apr-1-config itself. Similarly for the path +to apu-1-config. + +OPENSSL should specify the root of the install (eg. /opt/local). The +includes will be found OPENSSL/include and libraries at OPENSSL/lib. + +If you wish to use VPATH-style builds (where objects are created in a +distinct directory from the source), you can use: + +$ scons -Y /path/to/serf/source + +At any point, the current settings can be examined: + +$ scons --help + + +1.3 Running the test suite + +$ scons check + + +1.4 Installing serf + +$ scons install + +Note that the PREFIX variable should have been specified in a previous +invocation of scons (and saved into .saved_config), or it can be +specified on the install command line: + +$ scons PREFIX=/some/path install + + +1.4 Cleaning up the build + +$ scons -c Copied: vendor/serf/serf-1.3.0/SConstruct (from r253893, vendor/serf/dist/SConstruct) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/serf/serf-1.3.0/SConstruct Fri Aug 2 19:14:25 2013 (r253894, copy of r253893, vendor/serf/dist/SConstruct) @@ -0,0 +1,438 @@ +# -*- python -*- +# +# Copyright 2011-2012 Justin Erenkrantz and Greg Stein +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +import sys +import os +import re + +HEADER_FILES = ['serf.h', + 'serf_bucket_types.h', + 'serf_bucket_util.h', + ] + +# where we save the configuration variables +SAVED_CONFIG = '.saved_config' + +# Variable class that does no validation on the input +def _converter(val): + """ + """ + if val == 'none': + val = [] + else: + val = val.split(',') + return val + +def RawListVariable(key, help, default): + """ + The input parameters describe a 'raw string list' option. This class + accepts a comma separated list and converts it to a space separated + list. + """ + return (key, '%s' % (help), default, None, lambda val: _converter(val)) + +# default directories +if sys.platform == 'win32': + default_libdir='..' + default_prefix='Debug' +else: + default_libdir='/usr' + default_prefix='/usr/local' + +opts = Variables(files=[SAVED_CONFIG]) +opts.AddVariables( + PathVariable('PREFIX', + 'Directory to install under', + default_prefix, + PathVariable.PathIsDir), + PathVariable('APR', + "Path to apr-1-config, or to APR's install area", + default_libdir, + PathVariable.PathAccept), + PathVariable('APU', + "Path to apu-1-config, or to APR's install area", + default_libdir, + PathVariable.PathAccept), + PathVariable('OPENSSL', + "Path to OpenSSL's install area", + default_libdir, + PathVariable.PathIsDir), + PathVariable('ZLIB', + "Path to zlib's install area", + default_libdir, + PathVariable.PathIsDir), + PathVariable('GSSAPI', + "Path to GSSAPI's install area", + None, + None), + BoolVariable('DEBUG', + "Enable debugging info and strict compile warnings", + False), + BoolVariable('APR_STATIC', + "Enable using a static compiled APR", + False), + RawListVariable('CC', "Command name or path of the C compiler", None), + RawListVariable('CFLAGS', "Extra flags for the C compiler (comma separated)", + None), + RawListVariable('LIBS', "Extra libraries passed to the linker, " + "e.g. -l<library> (comma separated)", None), + RawListVariable('LINKFLAGS', "Extra flags for the linker (comma separated)", + None), + RawListVariable('CPPFLAGS', "Extra flags for the C preprocessor " + "(comma separated)", None), + ) + +if sys.platform == 'win32': + opts.AddVariables( + # By default SCons builds for the host platform on Windows, when using + # a supported compiler (E.g. VS2010/VS2012). Allow overriding + + # Note that Scons 1.3 only supports this on Windows and only when + # constructing Environment(). Later changes to TARGET_ARCH are ignored + EnumVariable('TARGET_ARCH', + "Platform to build for (x86|x64|win32|x86_64)", + 'x86', + allowed_values=('x86', 'x86_64', 'ia64'), + map={'X86' : 'x86', + 'win32': 'x86', + 'Win32': 'x86', + 'x64' : 'x86_64', + 'X64' : 'x86_64' + }), + + EnumVariable('MSVC_VERSION', + "Visual C++ to use for building (E.g. 11.0, 9.0)", + None, + allowed_values=('12.0', '11.0', '10.0', '9.0', '8.0', '6.0') + ), + + # We always documented that we handle an install layout, but in fact we + # hardcoded source layouts. Allow disabling this behavior. + # ### Fix default? + BoolVariable('SOURCE_LAYOUT', + "Assume a source layout instead of install layout", + True), + ) + +env = Environment(variables=opts, + tools=('default', 'textfile',), + CPPPATH=['.', ], + ) + +env.Append(BUILDERS = { + 'GenDef' : + Builder(action = sys.executable + ' build/gen_def.py $SOURCES > $TARGET', + suffix='.def', src_suffix='.h') + }) + +match = re.search('SERF_MAJOR_VERSION ([0-9]+).*' + 'SERF_MINOR_VERSION ([0-9]+).*' + 'SERF_PATCH_VERSION ([0-9]+)', + env.File('serf.h').get_contents(), + re.DOTALL) +MAJOR, MINOR, PATCH = [int(x) for x in match.groups()] +env.Append(MAJOR=str(MAJOR)) + +# Calling external programs is okay if we're not cleaning or printing help. +# (cleaning: no sense in fetching information; help: we may not know where +# they are) +CALLOUT_OKAY = not (env.GetOption('clean') or env.GetOption('help')) + + +# HANDLING OF OPTION VARIABLES + +unknown = opts.UnknownVariables() +if unknown: + print 'Unknown variables:', ', '.join(unknown.keys()) + Exit(1) + +apr = str(env['APR']) +apu = str(env['APU']) +zlib = str(env['ZLIB']) +gssapi = env.get('GSSAPI', None) + +if gssapi and os.path.isdir(gssapi): + krb5_config = os.path.join(gssapi, 'bin', 'krb5-config') + if os.path.isfile(krb5_config): + gssapi = krb5_config + env['GSSAPI'] = krb5_config + +debug = env.get('DEBUG', None) +aprstatic = env.get('APR_STATIC', None) + +Help(opts.GenerateHelpText(env)) +opts.Save(SAVED_CONFIG, env) + + +# PLATFORM-SPECIFIC BUILD TWEAKS + +thisdir = os.getcwd() +libdir = '$PREFIX/lib' +incdir = '$PREFIX/include/serf-$MAJOR' + +LIBNAME = 'libserf-${MAJOR}' +if sys.platform != 'win32': + LIBNAMESTATIC = LIBNAME +else: + LIBNAMESTATIC = 'serf-${MAJOR}' + +env.Append(RPATH=libdir, + PDB='${TARGET.filebase}.pdb') + +if sys.platform == 'darwin': +# linkflags.append('-Wl,-install_name,@executable_path/%s.dylib' % (LIBNAME,)) + env.Append(LINKFLAGS='-Wl,-install_name,%s/%s.dylib' % (thisdir, LIBNAME,)) + # 'man ld' says positive non-zero for the first number, so we add one. + # Mac's interpretation of compatibility is the same as our MINOR version. + env.Append(LINKFLAGS='-Wl,-compatibility_version,%d' % (MINOR+1,)) + env.Append(LINKFLAGS='-Wl,-current_version,%d.%d' % (MINOR+1, PATCH,)) + +if sys.platform != 'win32': + ### gcc only. figure out appropriate test / better way to check these + ### flags, and check for gcc. + env.Append(CFLAGS='-std=c89') + env.Append(CCFLAGS=[ + '-Wdeclaration-after-statement', + '-Wmissing-prototypes', + ]) + + ### -Wall is not available on Solaris + if sys.platform != 'sunos5': + env.Append(CCFLAGS='-Wall') + + if debug: + env.Append(CCFLAGS='-g') + env.Append(CPPDEFINES=['DEBUG', '_DEBUG']) + else: + env.Append(CCFLAGS='-O2') + env.Append(CPPDEFINES='NDEBUG') + + ### works for Mac OS. probably needs to change + env.Append(LIBS=['ssl', 'crypto', 'z', ]) + + if sys.platform == 'sunos5': + env.Append(LIBS='m') +else: + # Warning level 4, no unused argument warnings + env.Append(CCFLAGS=['/W4', '/wd4100']) + + # Choose runtime and optimization + if debug: + # Disable optimizations for debugging, use debug DLL runtime + env.Append(CCFLAGS=['/Od', '/MDd']) + env.Append(CPPDEFINES=['DEBUG', '_DEBUG']) + else: + # Optimize for speed, use DLL runtime + env.Append(CCFLAGS=['/O2', '/MD']) + env.Append(CPPDEFINES='NDEBUG') + +# PLAN THE BUILD +SHARED_SOURCES = [] +if sys.platform == 'win32': + env.GenDef(['serf.h','serf_bucket_types.h', 'serf_bucket_util.h']) + SHARED_SOURCES.append(['serf.def']) + +SOURCES = Glob('*.c') + Glob('buckets/*.c') + Glob('auth/*.c') + +lib_static = env.StaticLibrary(LIBNAMESTATIC, SOURCES) +lib_shared = env.SharedLibrary(LIBNAME, SOURCES + SHARED_SOURCES) + +if aprstatic: + env.Append(CPPDEFINES=['APR_DECLARE_STATIC', 'APU_DECLARE_STATIC']) + +if sys.platform == 'win32': + env.Append(LIBS=['user32.lib', 'advapi32.lib', 'gdi32.lib', 'ws2_32.lib', + 'crypt32.lib', 'mswsock.lib', 'rpcrt4.lib', 'secur32.lib']) + + # Get apr/apu information into our build + env.Append(CPPDEFINES=['WIN32','WIN32_LEAN_AND_MEAN','NOUSER', + 'NOGDI', 'NONLS','NOCRYPT']) + + if env.get('TARGET_ARCH', None) == 'x86_64': + env.Append(CPPDEFINES=['WIN64']) + + if aprstatic: + apr_libs='apr-1.lib' + apu_libs='aprutil-1.lib' + else: + apr_libs='libapr-1.lib' + apu_libs='libaprutil-1.lib' + + env.Append(LIBS=[apr_libs, apu_libs]) + if not env.get('SOURCE_LAYOUT', None): + env.Append(LIBPATH=['$APR/lib', '$APU/lib'], + CPPPATH=['$APR/include/apr-1', '$APU/include/apr-1']) + elif aprstatic: + env.Append(LIBPATH=['$APR/LibR','$APU/LibR'], + CPPPATH=['$APR/include', '$APU/include']) + else: + env.Append(LIBPATH=['$APR/Release','$APU/Release'], + CPPPATH=['$APR/include', '$APU/include']) + + # zlib + env.Append(LIBS='zlib.lib') + if not env.get('SOURCE_LAYOUT', None): + env.Append(CPPPATH='$ZLIB/include', + LIBPATH='$ZLIB/lib') + else: + env.Append(CPPPATH='$ZLIB', + LIBPATH='$ZLIB') + + # openssl + env.Append(LIBS=['libeay32.lib', 'ssleay32.lib']) + if not env.get('SOURCE_LAYOUT', None): + env.Append(CPPPATH='$OPENSSL/include/openssl', + LIBPATH='$OPENSSL/lib') + elif 0: # opensslstatic: + env.Append(CPPPATH='$OPENSSL/inc32', + LIBPATH='$OPENSSL/out32') + else: + env.Append(CPPPATH='$OPENSSL/inc32', + LIBPATH='$OPENSSL/out32dll') +else: + if os.path.isdir(apr): + apr = os.path.join(apr, 'bin', 'apr-1-config') + env['APR'] = apr + if os.path.isdir(apu): + apu = os.path.join(apu, 'bin', 'apu-1-config') + env['APU'] = apu + + ### we should use --cc, but that is giving some scons error about an implict + ### dependency upon gcc. probably ParseConfig doesn't know what to do with + ### the apr-1-config output + if CALLOUT_OKAY: + env.ParseConfig('$APR --cflags --cppflags --ldflags --includes' + ' --link-ld --libs') + env.ParseConfig('$APU --ldflags --includes --link-ld --libs') + + ### there is probably a better way to run/capture output. + ### env.ParseConfig() may be handy for getting this stuff into the build + if CALLOUT_OKAY: + apr_libs = os.popen(env.subst('$APR --link-libtool --libs')).read().strip() + apu_libs = os.popen(env.subst('$APU --link-libtool --libs')).read().strip() + else: + apr_libs = '' + apu_libs = '' + + env.Append(CPPPATH='$OPENSSL/include') + env.Append(LIBPATH='$OPENSSL/lib') + + +# If build with gssapi, get its information and define SERF_HAVE_GSSAPI +if gssapi and CALLOUT_OKAY: + env.ParseConfig('$GSSAPI --libs gssapi') + env.Append(CPPDEFINES='SERF_HAVE_GSSAPI') +if sys.platform == 'win32': + env.Append(CPPDEFINES=['SERF_HAVE_SSPI']) + +# On Solaris, the -R values that APR describes never make it into actual +# RPATH flags. We'll manually map all directories in LIBPATH into new +# flags to set RPATH values. +if sys.platform == 'sunos5': + for d in env['LIBPATH']: + env.Append(RPATH=d) + +# Set up the construction of serf-*.pc +# TODO: add gssapi libs +pkgconfig = env.Textfile('serf-%d.pc' % (MAJOR,), + env.File('build/serf.pc.in'), + SUBST_DICT = { + '@MAJOR@': str(MAJOR), + '@PREFIX@': '$PREFIX', + '@INCLUDE_SUBDIR@': 'serf-%d' % (MAJOR,), + '@VERSION@': '%d.%d.%d' % (MAJOR, MINOR, PATCH), + '@LIBS@': '%s %s -lz' % (apu_libs, apr_libs), + }) + +env.Default(lib_static, lib_shared, pkgconfig) + +if CALLOUT_OKAY: + conf = Configure(env) + + ### some configuration stuffs + + env = conf.Finish() + + +# INSTALLATION STUFF + +install_static = env.Install(libdir, lib_static) +install_shared = env.Install(libdir, lib_shared) + +if sys.platform == 'darwin': + install_shared_path = install_shared[0].abspath + env.AddPostAction(install_shared, ('install_name_tool -id %s %s' + % (install_shared_path, + install_shared_path))) + ### construct shared lib symlinks. this also means install the lib + ### as libserf-2.1.0.0.dylib, then add the symlinks. + ### note: see InstallAs + +env.Alias('install-lib', [install_static, install_shared, + ]) +env.Alias('install-inc', env.Install(incdir, HEADER_FILES)) +env.Alias('install-pc', env.Install(os.path.join(libdir, 'pkgconfig'), + pkgconfig)) +env.Alias('install', ['install-lib', 'install-inc', 'install-pc', ]) + + +# TESTS +### make move to a separate scons file in the test/ subdir? + +tenv = env.Clone() + +TEST_PROGRAMS = [ 'serf_get', 'serf_response', 'serf_request', 'serf_spider', + 'test_all', 'serf_bwtp' ] +if sys.platform == 'win32': + TEST_EXES = [ os.path.join('test', '%s.exe' % (prog)) for prog in TEST_PROGRAMS ] +else: + TEST_EXES = [ os.path.join('test', '%s' % (prog)) for prog in TEST_PROGRAMS ] + +env.AlwaysBuild(env.Alias('check', TEST_EXES, sys.executable + ' build/check.py', + ENV={'PATH' : os.environ['PATH']})) + +# Find the (dynamic) library in this directory +tenv.Replace(RPATH=thisdir) +tenv.Prepend(LIBS=[LIBNAMESTATIC, ], + LIBPATH=[thisdir, ]) + +testall_files = [ + 'test/test_all.c', + 'test/CuTest.c', + 'test/test_util.c', + 'test/test_context.c', + 'test/test_buckets.c', + 'test/test_auth.c', + 'test/mock_buckets.c', + 'test/test_ssl.c', + 'test/server/test_server.c', + 'test/server/test_sslserver.c', + ] + +for proggie in TEST_EXES: + if 'test_all' in proggie: + tenv.Program(proggie, testall_files ) + else: + tenv.Program(target = proggie, source = [proggie.replace('.exe','') + '.c']) + + +# HANDLE CLEANING + +if env.GetOption('clean'): + # When we're cleaning, we want the dependency tree to include "everything" + # that could be built. Thus, include all of the tests. + env.Default('check') Copied: vendor/serf/serf-1.3.0/auth/auth.c (from r253893, vendor/serf/dist/auth/auth.c) ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ vendor/serf/serf-1.3.0/auth/auth.c Fri Aug 2 19:14:25 2013 (r253894, copy of r253893, vendor/serf/dist/auth/auth.c) @@ -0,0 +1,472 @@ +/* Copyright 2009 Justin Erenkrantz and Greg Stein + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "serf.h" +#include "serf_private.h" +#include "auth.h" + +#include <apr.h> +#include <apr_base64.h> +#include <apr_strings.h> +#include <apr_lib.h> + +static apr_status_t +default_auth_response_handler(peer_t peer, + int code, + serf_connection_t *conn, + serf_request_t *request, + serf_bucket_t *response, + apr_pool_t *pool) +{ + return APR_SUCCESS; +} + +/* These authentication schemes are in order of decreasing security, the topmost + scheme will be used first when the server supports it. + + Each set of handlers should support both server (401) and proxy (407) + authentication. + + Use lower case for the scheme names to enable case insensitive matching. + */ +static const serf__authn_scheme_t serf_authn_schemes[] = { +#ifdef SERF_HAVE_SPNEGO + { + "Negotiate", + "negotiate", + SERF_AUTHN_NEGOTIATE, + serf__init_spnego, + serf__init_spnego_connection, + serf__handle_spnego_auth, + serf__setup_request_spnego_auth, + serf__validate_response_spnego_auth, + }, +#ifdef WIN32 + { + "NTLM", + "ntlm", + SERF_AUTHN_NTLM, + serf__init_spnego, + serf__init_spnego_connection, + serf__handle_spnego_auth, + serf__setup_request_spnego_auth, + serf__validate_response_spnego_auth, + }, +#endif /* #ifdef WIN32 */ +#endif /* SERF_HAVE_SPNEGO */ + { + "Digest", + "digest", + SERF_AUTHN_DIGEST, + serf__init_digest, + serf__init_digest_connection, + serf__handle_digest_auth, + serf__setup_request_digest_auth, + serf__validate_response_digest_auth, + }, + { + "Basic", + "basic", + SERF_AUTHN_BASIC, + serf__init_basic, + serf__init_basic_connection, + serf__handle_basic_auth, + serf__setup_request_basic_auth, + default_auth_response_handler, + }, + /* ADD NEW AUTHENTICATION IMPLEMENTATIONS HERE (as they're written) */ + + /* sentinel */ + { 0 } +}; + + +/* Reads and discards all bytes in the response body. */ +static apr_status_t discard_body(serf_bucket_t *response) +{ + apr_status_t status; + const char *data; + apr_size_t len; + + while (1) { + status = serf_bucket_read(response, SERF_READ_ALL_AVAIL, &data, &len); + + if (status) { + return status; + } + + /* feed me */ + } +} + +/** + * handle_auth_header is called for each header in the response. It filters + * out the Authenticate headers (WWW or Proxy depending on what's needed) and + * tries to find a matching scheme handler. + * + * Returns a non-0 value of a matching handler was found. + */ +static int handle_auth_headers(int code, + void *baton, + apr_hash_t *hdrs, + serf_request_t *request, + serf_bucket_t *response, + apr_pool_t *pool) +{ + const serf__authn_scheme_t *scheme; + serf_connection_t *conn = request->conn; + serf_context_t *ctx = conn->ctx; + apr_status_t status; + + status = SERF_ERROR_AUTHN_NOT_SUPPORTED; + + /* Find the matching authentication handler. + Note that we don't reuse the auth scheme stored in the context, + as that may have changed. (ex. fallback from ntlm to basic.) */ + for (scheme = serf_authn_schemes; scheme->name != 0; ++scheme) { + const char *auth_hdr; + serf__auth_handler_func_t handler; + serf__authn_info_t *authn_info; + + if (! (ctx->authn_types & scheme->type)) + continue; + + serf__log_skt(AUTH_VERBOSE, __FILE__, conn->skt, + "Client supports: %s\n", scheme->name); + + auth_hdr = apr_hash_get(hdrs, scheme->key, APR_HASH_KEY_STRING); + + if (!auth_hdr) + continue; + + /* Found a matching scheme */ + status = APR_SUCCESS; + + handler = scheme->handle_func; + + serf__log_skt(AUTH_VERBOSE, __FILE__, conn->skt, + "... matched: %s\n", scheme->name); + + if (code == 401) { + authn_info = serf__get_authn_info_for_server(conn); + } else { + authn_info = &ctx->proxy_authn_info; + } + /* If this is the first time we use this scheme on this context and/or + this connection, make sure to initialize the authentication handler + first. */ + if (authn_info->scheme != scheme) { + status = scheme->init_ctx_func(code, ctx, ctx->pool); + if (!status) { + status = scheme->init_conn_func(scheme, code, conn, + conn->pool); + if (!status) + authn_info->scheme = scheme; + else + authn_info->scheme = NULL; + } + } + + if (!status) { + const char *auth_attr = strchr(auth_hdr, ' '); + if (auth_attr) { + auth_attr++; + } + + status = handler(code, request, response, + auth_hdr, auth_attr, baton, ctx->pool); + } + + if (status == APR_SUCCESS) + break; + + /* No success authenticating with this scheme, try the next. + If no more authn schemes are found the status of this scheme will be + returned. + */ + serf__log_skt(AUTH_VERBOSE, __FILE__, conn->skt, + "%s authentication failed.\n", scheme->name); + } + + return status; +} + +/** + * Baton passed to the store_header_in_dict callback function + */ +typedef struct { + const char *header; + apr_pool_t *pool; + apr_hash_t *hdrs; +} auth_baton_t; + +static int store_header_in_dict(void *baton, + const char *key, + const char *header) +{ + auth_baton_t *ab = baton; + const char *auth_attr; + char *auth_name, *c; + + /* We're only interested in xxxx-Authenticate headers. */ + if (strcmp(key, ab->header) != 0) + return 0; + + /* Extract the authentication scheme name. */ + auth_attr = strchr(header, ' '); + if (auth_attr) { + auth_name = apr_pstrmemdup(ab->pool, header, auth_attr - header); + } + else + auth_name = apr_pstrmemdup(ab->pool, header, strlen(header)); + + /* Convert scheme name to lower case to enable case insensitive matching. */ + for (c = auth_name; *c != '\0'; c++) + *c = (char)apr_tolower(*c); + + apr_hash_set(ab->hdrs, auth_name, APR_HASH_KEY_STRING, + apr_pstrdup(ab->pool, header)); + + return 0; +} + +/* Dispatch authentication handling. This function matches the possible + authentication mechanisms with those available. Server and proxy + authentication are evaluated separately. */ +static apr_status_t dispatch_auth(int code, + serf_request_t *request, + serf_bucket_t *response, + void *baton, + apr_pool_t *pool) +{ + serf_bucket_t *hdrs; + + if (code == 401 || code == 407) { *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201308021914.r72JEPrl069204>