Checkout Tools
  • last updated 2 hours ago
Constraints: committers
Constraints: files
Constraints: dates
Fix spelling errors found by codespell. [skip ci]

  1. … 100 more files in changeset.
ab.c: Replace with web archive link

closes #84

Submitted By: Josua Schmid <josua.schmid>

Fix a typo
ab: Add client certificate support.

  1. … 2 more files in changeset.
ab: Disable printing temp key for OpenSSL before

version 1.0.2. SSL_get_server_tmp_key is not available


ab: follow up to r1738415: handle any tmp key id.

Otherwise, we print garbage (e.g. for X25519).

LibreSSL doesn't have or require applink.c

ab: follow up to r1811664.

apr_socket_send() can return both an error and data, account for data in

the latter case (i.e. let next call fail, if any).

ab: Make the TLS layer aware that the underlying socket is nonblocking,

and use/handle POLLOUT where needed to avoid busy IOs and recover write

errors when appropriate.

  1. … 1 more file in changeset.
ab: Keep reading nonblocking to exhaust TCP or SSL buffers when previous

read was incomplete (the SSL case can cause the next poll() to timeout

since data are buffered already). PR 61301

  1. … 1 more file in changeset.
mod_ssl, ab: compatibility with LibreSSL. PR 61184.

LibreSSL defines OPENSSL_VERSION_NUMBER = 2.0, but is not compatible with

all of the latest OpenSSL 1.1 API.

Address this by defining MODSSL_USE_OPENSSL_PRE_1_1_API which is true for

anything but OpenSSL >= 1.1 (for now).

Proposed by: Bernard Spil <brnrd>

Reviewed by: ylavic

  1. … 9 more files in changeset.
ab: move option processing for setting a custom

HTTP method outside of the HTTPS only handling.

ab: don't call malloc_init for OpenSSL 1.1.0

Patch by rjung.

The 1.1.0 compatibility macro for OpenSSL_malloc_init() causes problems

when mixed with procedure linkage stubs with some toolchains (e.g. GCC).

OpenSSL's malloc implementation doesn't recognize that the PLT stub

points back to it, which leads to infinite recursion.

Since the 1.1.0 documentation states that calling this function

explicitly is no longer necessary except "in certain shared-library

situations"(?), get rid of it.

ab: follow up to r1750854: still better naming, and a C89 fix.
ab: follow up to r1750854: some comments and better naming.
ab: follow up to r1750854.

Use SNI when available by default, and invert -I logic to now disable it.

ab: follow up to r1750854: put the -I at the right place for apr_getopt().
ab: add SNI support when available.
  1. … 1 more file in changeset.
Prepare to backport, this is not specific to VS 2015...
  1. … 1 more file in changeset.
PR59630: include OpenSSL_Applink when compiling on Visual Studio 2015 and up

Submitted By: Jan Ehrhardt <phpdev>

Committed By: gsmith

  1. … 1 more file in changeset.
ab: follow up to r1738415: EC_curve_nid2nist() available in OpenSSL-1.0.2 and later.
print Server Temp Key information.

Support for OpenSSL 1.1.0:

- ab: use new API SSL_CTX_set_max_proto_version()

and SSL_CTX_set_min_proto_version() in

combination with TLS_client_method() instead

of the old deprecated methods.

ab: Use caseless matching for HTTP tokens (e.g. content-length).

PR 59111.

Support for OpenSSL 1.1.0

- ab

Support compilation against libssl built with OPENSSL_NO_SSL3,

and change the compiled-in default for SSL[Proxy]Protocol to "all -SSLv3",

in accordance with RFC 7568. PR 58349, PR 57120.

  1. … 7 more files in changeset.
Silence a sparse warning about inconsistent indenting

ab: Add missing longest request (100%) to CSV export.

Submitted by: Marcin Fabrykowski <bugzilla>

Committed by: ylavic

  1. … 1 more file in changeset.
ab: Use only one connection to determine working destination socket address.

ab: try all destination socket addresses returned by apr_sockaddr_info_get

instead of failing on first one when not available.