| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1859391 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1859154 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1859153 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1859152 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1859117 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1856178 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1856096 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1855867 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1847246 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
something which httpd relies on working.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1847243 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1841078 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
longer neceessary to pass in a pointer to a NULL pointer, but keep
supporting the option to pre-allocate structures.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1839859 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1839838 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Signing and Encryption messages as per RFC7515, RFC7516, RFC7517
and RFC7519.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1839819 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
As a side effect, this removes the need for the temporary pool
during JSON decoding.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1839735 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1839700 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1839699 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1837383 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
Also restores apr_crypto_init()'s global pool in testcrypto to avoid
segfaults because of openssl inability to re-init.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836539 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
and verifying.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836439 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
segfault if the PRNG does not initialise.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836438 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836235 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836229 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1836027 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
a unit test.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1835360 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Submitted by: Moriyoshi Koizumi <mozo mozo jp>
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1835348 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rework apr_crypto_prng_after_fork() which now handles rekeying of all the
CPRNGs created within apr_crypto, by maintaining them in a global APR_RING,
with the notable exception of per-thread ones (never forked).
For each maintained CPRNG, apr_crypto_prng_after_fork() will now first rekey
both the parent and child processes (determined by the 'in_child' argument
provided by the caller), and for the parent only rekey a second time so that
the initial states finally differ for both processes. Once these new keys are
committed to their respective CPRNGs, thanks to and in continuity with the
forward secrecy construct of apr_crypto_prng, there will be no in memory key
material or stream that one process can inherit or infer from the other.
The user can also rekey a CPRNG explicitely by calling the new function
apr_crypto_prng_rekey(), and this is done by apr_fork() implicitely before
forking any child, thus for the parent process. This safe guard ensures both
the clearing of the pooled random bytes (buffered keystream) and the renewal
of key material (cheap and preventive against _atfork() handlers or alike).
Rekeying is done by using each CPRNG's keystream directly, there isn't anymore
the use of a PID (or SHA256 thereof) for children processes nor any extra reads
from the system RNG. All the apr_crypto_prng API is now self contained and can
work entirely with a single stream cipher as primitive (Chacha20 or AES256-CTR,
in that order of availability) and the initial entropy of 32 bytes gathered
from the system. IOW, there is only one call issued to the system RNG for the
global CPRNG's initial key, and if more CPRNGs are created their own initial
key is produced by the global CPRNG.
The KAT arrays in the tests suite needed adjustment too because the initial
seed (if provided, like the zeros-input for the KAT) is no more used directly
as the first key. Instead the first 32 bytes of the keystream generated from
the seed are, and the seed (like any just used key) is then cleared immediatly
from internal memory.
Finally some private APR_CRYPTO_PRNG_* macros (in .c file only) are renamed to
CPRNG_* to shorten colomns and avoid multilines in several cases.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1834551 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
compliant BASE64, BASE64URL, BASE32, BASE32HEX and BASE16
encode/decode functions.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1834371 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
It takes almost 2 minutes with 250 iterations, using 100 iterations takes
around 40 seconds.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1834057 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
The current reslist implementation handles ttl=0 as no TTL when acquiring
resources (expected and documented), but as zero TTL when releasing (immediate
expiry, so resources above smax are never recycled).
This test validates the upcoming fix (r1834023).
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1834022 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
Was not for apr_crypto_thread_random_bytes(), so align with other functions.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833993 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Keep the root pool scope for things that need it only (global lists of drivers
or libs), but otherwise use the passed in pool (crypto libs, default PRNG,
errors).
This allows the caller to control the scope of initialization functions, and
for instance be able to re-initialize when apr_crypto is unloaded/reloaded from
a DSO attached to the passed-in pool (e.g. mod_ssl in httpd).
apu_dso_load() needs to return its handles when called multiple times (EINIT),
it's not the caller's job (like crypto drivers) to maintain them.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833525 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Link underlying crypto libraries (openssl, nss, and commoncrypto) with libapr
when the corresponding --with is configured. This allows to initialize, terminate
or check whether initialized respectively with apr_crypto_lib_init(),
apr_crypto_lib_term() or apr_crypto_lib_is_initialized().
Users can now control the (un)initialization of those libraries, notably when
they also use them independently and that doing this multiple times can cause
leaks or unexpected behaviour.
The initialization code is moved from "apr_crypto_{openssl,nss,commoncrypto}.c"
where previously loaded dynamically (DSO) to "apr_crypto_internal.c" which is
linked with libapr.
Also apr_crypto_prng_init() can make sure the underlying crypto lib is ready.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833421 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
New apr_crypto_prng API and apr_crypto[_thread]_random_bytes() functions.
Allows to generate cryptographically secure random bytes indefinitely
given an initial seed of APR_CRYPTO_PRNG_SEED_SIZE bytes (32), which
is either provided by the caller or automatically gathered from the system.
The CPRNG can also be re-seeded at any time, or after a process is fork()ed.
The internal key is renewed every APR_CRYPTO_PRNG_SEED_SIZE random
bytes produced and those data once returned to the caller are cleared from
the internal state, which ensures forward secrecy.
This CPRNG is fast, based on a stream cipher, and will never block besides
the initial seed or any reseed if it depends on the system entropy.
Finally, it can be used either globally (locked in multithread environment),
per-thread (a lock free instance is automatically created for each thread on
first use), or created as standalone instance (manageable independently).
For now it's only implemented with the OpenSSL library as underlying crypto,
that is --with-crypto --with-openssl needs to be configured, and the latter
links libcrypto with APR.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1833359 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
avoiding signed integer overflow (undefined behaviour which gcc 8.1
turns into a non-terminating loop).
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1832985 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the amount of ReadFile() calls for large reads.
Previously, reading has been implemented with a loop that keeps filling in
the internal 4KB buffer and copying the data from it. This patch reduces
the amount of syscalls for large reads by performing them with a single
syscall, if possible. With the new approach, reads are first handled from
the buffer — however, once the buffer is empty and the remaining chunk
exceeds the capacity of the internal buffer, it will be read with a single
syscall.
Otherwise, the behavior is unchanged: we fill in the buffer up to its
capacity and serve the requested part from it. To avoid introducing a
regression in the case when the large read happens with a single syscall,
copy the final part of the data into the internal buffer so that seeking
backwards (within the bufsize) and reading would work from the buffer.
A quick benchmark shows the significant reduction of the CPU time for
an application that uses buffered files with both small and large reads
(the large reads are approximately 128 KB-sized):
CPU time: 27.250 s → 17.203 s
Amount of syscalls: 1,579,587 → 139,899
* file_io/win32/readwrite.c
(read_buffered): Reimplement the core part of this function as described
above. Note that the new approach no longer requires a loop, as in the
case when the buffer is empty, we only need to make a single syscall,
either to fill the internal buffer or to read directly into the destination
buffer. Rename a couple of local variables for clarity.
* test/testfile.c
(test_empty_read_buffered,
test_large_read_buffered,
test_two_large_reads_buffered,
test_small_and_large_reads_buffered,
test_read_buffered_spanning_over_bufsize,
test_single_byte_reads_buffered,
test_read_buffered_seek): New tests.
(testfile): Run the new tests.
* CHANGES: Add entry.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1828509 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
from poll(), e.g. APR_POLLSET_PORT should re-arm it automatically.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1819857 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
| |
* memory/unix/apr_pools.c (apr_pool_get_tag): New function.
* test/testpools.c: Test it.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1817892 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
thanks to rpluem.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1817485 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
for an address which is not link-local.
* include/apr_network_io.h: Document the above.
* test/testsock.c (test_zone): Test for that.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1816628 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* network_io/unix/sockaddr.c (apr_sockaddr_zone_set,
apr_sockaddr_zone_get): New functions.
(apr_sockaddr_ip_getbuf): Append %scope for link-local address.
(apr_sockaddr_equal): Compare link-local address with different
scopes as not equal.
* include/apr_network_io.h: Add function declarations.
* configure.in: Test for if_indextoname and if_nametoindex.
* test/testsock.c (test_zone): New test case.
* include/arch/win32/apr_private.h: Assume Windows supports
if_nametoindex and if_indextoname.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1816527 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1813330 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
| |
scope id parsing introduced in r1683521.
* test/testipsub.c (test_parse_addr_port): New function.
Submitted by: rjung, jorton
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1813286 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
| |
checking timeout precision; 100ms failed regularly in Fedora builds,
500ms has Never Failed(TM).
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1808910 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
| |
failure code.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1808836 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Apparently, this is a leftover from the very first version of handling file
appends (https://svn.apache.org/r59449) that performed a single seek to
the file's end when opening it and did not support proper atomic appends
with multiple process or threads writing to the same file.
Since then, such atomic appends have been implemented, but the seek
was not removed. It can cause unexpected behavior when reading from
a file opened with APR_FOPEN_APPEND, assuming no writes happened
to the file. In this case, as there have been no writes, the file offset
should not be repositioned and reading should start from the beginning of
the file. However, due to the unwanted seek during open, the actual reading
would instead start from the file's end and cause an unexpected EOF.
* file_io/win32/open.c
(apr_file_open): Don't seek to the file's end when the file is
opened with APR_FOPEN_APPEND.
* test/testfile.c
(test_append_read): New test.
(testfile): Run the new test.
* CHANGES: Add changelog entry.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1808456 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
| |
string.
* test/testipsub.c: Test that calling apr_ipsubnet_create with the
empty string fails.
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1808039 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, appending data to a file opened with APR_FOPEN_APPEND
that has been locked by apr_file_lock() will cause a deadlock on Windows.
[See PR50058, https://bz.apache.org/bugzilla/show_bug.cgi?id=50058]
This issue happens because atomic O_APPEND-style appends on Windows
are implemented using file locks. An append happens while holding the
file lock acquired with LockFile(), which is required to avoid a race
condition between seeking to the end of file and writing data. The
race is possible when multiple threads or processes are appending
data to the same file.
This approach causes a deadlock if the file has been previously locked
with apr_file_lock(). (Note that it's perfectly legit to lock the file or
its portion and perform the append after that.)
Apart from this, using file locks for file appends impacts their speed and
robustness. There is an overhead associated with locking the file, especially
if the file is not local. The robustness is affected, because other writes
to the same file may fail due to it being locked. Also, if a process is
terminated in the middle of the append operation, it might take some time
for the OS to release the file lock. During this time, the file would be
inaccessible to other processes. This may affect applications such as
httpd (with a multi-process MPM) that use APR_FOPEN_APPEND files
for logging.
This patch fixes the issue by switching to the documented way to
atomically append data with a single WriteFile() call. It requires passing
special OVERLAPPED.Offset and OffsetHigh values (0xFFFFFFFF). On the
ZwWriteFile() layer, this maps to a FILE_WRITE_TO_END_OF_FILE constant
that instructs the OS (the corresponding file system driver) to write data
to the file's end.
Note that this approach is only used for files opened for synchronous I/O
because in this case the I/O Manager maintains the current file position.
Otherwise, the file offset returned or changed by the SetFilePointer() API is
not guaranteed to be valid and that could, for instance, break apr_file_seek()
calls after appending data. Sadly, if a file is opened for asynchronous I/O,
this call to WriteFile() doesn't update the OVERLAPPED.Offset member to
reflect the actual offset used when appending the data (which we could
then use to make seeking and other operations involving filePtr work).
Therefore, when appending to files opened for asynchronous I/O, we still
use the old LockFile + SetFilePointer + WriteFile approach.
Additional details on this can be found in:
https://msdn.microsoft.com/en-us/library/windows/desktop/aa365747
https://msdn.microsoft.com/en-us/library/windows/hardware/ff567121
* file_io/win32/readwrite.c
(apr_file_write): For files opened for synchronous I/O, use the
documented way to perform an atomic append with a single WriteFile().
* test/testfile.c
(): Include apr_thread_proc.h and apr_strings_.h
(struct thread_file_append_ctx_t, thread_file_append_func): New
test helpers.
(test_atomic_append, test_append_locked): New tests.
(testfile): Run the new tests.
* CHANGES: Add changelog entry.
Patch by: Evgeny Kotkov <evgeny.kotkov {at} visualsvn.com>
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1806608 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
the amount of WriteFile() calls for large writes.
Previously, writing has been implemented with a loop that keeps copying the
data to the internal 4KB buffer and writing this buffer to disk by calling
WriteFile(4096). This patch reduces the amount of syscalls for large writes
by performing them with a single syscall, if possible. If the buffer is
not empty at the moment when the large write occurs, it is first filled
up to its 4KB capacity, flushed, and the remaining part of the data is
written with a single syscall.
* file_io/win32/readwrite.c
(write_buffered): Within the write loop, check if we have a situation
with an empty buffer and a large chunk pending to be written. In this
case, bypass the buffering and write the remaining chunk with a single
syscall. Return an appropriate number of written bytes to satisfy
the apr_file_write() function contract.
(apr_file_write): Adjust call to write_buffered().
* test/testfile.c
(test_large_write_buffered,
test_two_large_writes_buffered,
test_small_and_large_writes_buffered,
test_write_buffered_spanning_over_bufsize): New tests.
(testfile): Run the new tests.
Patch by: Evgeny Kotkov <evgeny.kotkov {at} visualsvn.com>
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1806308 13f79535-47bb-0310-9956-ffa450edef68
|
|
|
|
| |
git-svn-id: https://svn.apache.org/repos/asf/apr/apr/trunk@1790569 13f79535-47bb-0310-9956-ffa450edef68
|