Roxen.git/ server/ etc/ modules/ RoxenSSLFile.pike

Branch: Tag:

2010-08-30

2010-08-30 14:19:41 by Martin Stjernholm <mast@lysator.liu.se>

7.8 backport: Fixed bugs in handling of abrupt remote close.

This could cause a (temporary) memory and fd leak if the remote side
closes the connection before the handshake finishes.

sslfile now also trigs EPIPE errors if the user attempts to read or
write to a connection that has been abruptly closed (to detect
truncation attacks better).

Rev: server/etc/modules/RoxenSSLFile.pike:1.28

2009-12-03

2009-12-03 15:04:41 by Martin Stjernholm <mast@lysator.liu.se>

Backported from 7.8 a couple of optimizations for write() on very large strings.

Rev: server/etc/modules/RoxenSSLFile.pike:1.27

2008-08-15

2008-08-15 12:33:55 by Martin Stjernholm <mast@lysator.liu.se>

Moving to pike 7.8 and dropping compatibility with earlier pikes.

Rev: server/arg_cache_plugins/replicate.pike:1.27
Rev: server/base_server/__default.pmod:1.2
Rev: server/base_server/cache.pike:1.90
Rev: server/base_server/config_userdb.pike:1.53
Rev: server/base_server/configuration.pike:1.653
Rev: server/base_server/emit_object.pike:1.7
Rev: server/base_server/fonts.pike:1.87
Rev: server/base_server/global_variables.pike:1.110
Rev: server/base_server/javamodule.pike:1.7
Rev: server/base_server/language.pike:1.43
Rev: server/base_server/module.pike:1.231
Rev: server/base_server/module_support.pike:1.135
Rev: server/base_server/prototypes.pike:1.219
Rev: server/base_server/roxen.pike:1.981
Rev: server/base_server/roxenlib.pike:1.224
Rev: server/base_server/roxenloader.pike:1.397
Rev: server/base_server/rxmlhelp.pike:1.65
Rev: server/base_server/smtprelay.pike:3.2
Rev: server/base_server/snmpagent.pike:1.24
Rev: server/bin/buildenv.pike:1.10
Rev: server/bin/create_testcert.pike:1.2
Rev: server/bin/functions:1.19
Rev: server/bin/garbagecollector.pike:1.23
Rev: server/bin/setup_nsr.pike:1.4
Rev: server/bin/sqlhelper.pike:1.4
Rev: server/config_interface/actions/change_version.pike:1.15
Rev: server/config_interface/actions/debug_info.pike:1.40
Rev: server/config_interface/actions/feature_list.pike:1.14
Rev: server/config_interface/actions/ftpstatus.pike:1.4
Rev: server/config_interface/actions/generate_rsa.pike:1.7
Rev: server/config_interface/actions/make_rsa_csr.pike:1.11
Rev: server/config_interface/actions/make_selfsigned_dsa.pike:1.11
Rev: server/config_interface/actions/make_selfsigned_rsa.pike:1.10
Rev: server/config_interface/actions/ssl_common.pike:1.8
Rev: server/config_interface/actions/tablist.pike:1.10
Rev: server/config_interface/actions/threads.pike:1.8
Rev: server/etc/env.d/java.pike:1.19
Rev: server/etc/include/variables.h:1.18
Rev: server/etc/modules/DBManager.pmod:1.76
Rev: server/etc/modules/ExtSQL.pmod:1.4
Rev: server/etc/modules/ExtScript.pmod:1.22
Rev: server/etc/modules/GText.pmod:1.20
Rev: server/etc/modules/HTML.pmod:1.8
Rev: server/etc/modules/JavaModule.pmod:1.25
Rev: server/etc/modules/LazyImage.pmod/CoordinateSystem.pike:1.4
Rev: server/etc/modules/LazyImage.pmod/Legend.pike:1.5
Rev: server/etc/modules/LazyImage.pmod/module.pmod:1.19
Rev: server/etc/modules/License.pmod:1.27
Rev: server/etc/modules/Map.pmod:1.7
Rev: server/etc/modules/PropertySet.pike:1.12
Rev: server/etc/modules/RXML.pmod/PEnt.pike:1.24
Rev: server/etc/modules/RXML.pmod/PXml.pike:1.65
Rev: server/etc/modules/RXML.pmod/module.pmod:1.367
Rev: server/etc/modules/Roxen.pmod:1.246
Rev: server/etc/modules/RoxenDebug.pmod:1.12
Rev: server/etc/modules/RoxenRPC.pmod/HTTP.pmod/Client.pike:1.10
Rev: server/etc/modules/RoxenRPC.pmod/HTTP.pmod/Server.pike:1.6
Rev: server/etc/modules/RoxenSSLFile.pike:1.27(DEAD)
Rev: server/etc/modules/SNMP.pmod:1.10
Rev: server/etc/modules/Servlet.pmod:1.31
Rev: server/etc/modules/SloppyDOM.pmod:1.16
Rev: server/etc/modules/StateHandler.pmod:1.13
Rev: server/etc/modules/VFS.pmod:1.7
Rev: server/etc/modules/Variable.pmod/Date.pike:1.9
Rev: server/etc/modules/Variable.pmod/Email.pike:1.15
Rev: server/etc/modules/Variable.pmod/Image.pike:1.5
Rev: server/etc/modules/Variable.pmod/Language.pike:1.2
Rev: server/etc/modules/Variable.pmod/MapLocation.pike:1.6
Rev: server/etc/modules/Variable.pmod/Mapping.pike:1.9
Rev: server/etc/modules/Variable.pmod/Upload.pike:1.5
Rev: server/etc/modules/Variable.pmod/module.pmod:1.108
Rev: server/etc/modules/_NewLDAP.pmod/client.pike:1.11(DEAD)
Rev: server/etc/modules/_NewLDAP.pmod/ldap_globals.h:1.1(DEAD)
Rev: server/etc/modules/_NewLDAP.pmod/ldap_privates.pmod:1.1(DEAD)
Rev: server/etc/modules/_NewLDAP.pmod/module.pmod:1.4(DEAD)
Rev: server/etc/modules/_NewLDAP.pmod/protocol.pike:1.1(DEAD)
Rev: server/etc/roxen_master.pike:1.150
Rev: server/etc/test/tests/ftp/ftp_test.pike:1.4
Rev: server/font_handlers/freetype.pike:1.30
Rev: server/font_handlers/imagedir.pike:1.15
Rev: server/font_handlers/imagetar.pike:1.10
Rev: server/font_handlers/ttf.pike:1.18
Rev: server/languages/catala.pike:1.11
Rev: server/languages/chinese.pike:1.2
Rev: server/languages/croatian.pike:1.11
Rev: server/languages/czech.pike:1.18
Rev: server/languages/dutch.pike:1.11
Rev: server/languages/finnish.pike:1.10
Rev: server/languages/french.pike:1.13
Rev: server/languages/german.pike:1.11
Rev: server/languages/hungarian.pike:1.7
Rev: server/languages/italian.pike:1.13
Rev: server/languages/japanese.pike:1.22
Rev: server/languages/maori.pike:1.9
Rev: server/languages/norwegian.pike:1.12
Rev: server/languages/polish.pike:1.8
Rev: server/languages/portuguese.pike:1.11
Rev: server/languages/russian.pike:1.10
Rev: server/languages/serbian.pike:1.10
Rev: server/languages/slovenian.pike:1.17
Rev: server/languages/spanish.pike:1.12
Rev: server/languages/swedish.pike:1.20
Rev: server/modules/configuration/config_tags.pike:1.197
Rev: server/modules/configuration/roxen_test.pike:1.68
Rev: server/modules/configuration/update.pike:1.40
Rev: server/modules/examples/userdb_ex.pike:1.8
Rev: server/modules/filesystems/filesystem.pike:1.157
Rev: server/modules/filesystems/incoming.pike:1.19
Rev: server/modules/filesystems/restrictedfs.pike:1.24
Rev: server/modules/filesystems/sqlfs.pike:1.9
Rev: server/modules/filesystems/userfs.pike:1.71
Rev: server/modules/filters/tableborder.pike:1.13
Rev: server/modules/filters/whitespace_remover.pike:1.4
Rev: server/modules/graphics/business.pike:1.152
Rev: server/modules/graphics/gxml.pike:1.38
Rev: server/modules/graphics/pimage.pike:1.31
Rev: server/modules/graphics/rimage/rimage.pike:1.23
Rev: server/modules/icecast/icecast.pike:1.12
Rev: server/modules/icecast/pl_common.pike:1.9
Rev: server/modules/js-support/javascript_support.pike:1.68
Rev: server/modules/ldap/ldaptag.pike:2.38
Rev: server/modules/ldap/userdb_ldap.pike:1.14
Rev: server/modules/logging/home_logger.pike:1.35
Rev: server/modules/misc/preferred_language.pike:1.32
Rev: server/modules/misc/randomtext.pike:1.10
Rev: server/modules/misc/wapadapter.pike:1.13
Rev: server/modules/misc/webdav.pike:1.38
Rev: server/modules/proxies/connect.pike:1.20
Rev: server/modules/proxies/proxy.pike:1.57
Rev: server/modules/proxies/wais.pike:1.28
Rev: server/modules/scripting/cgi.pike:2.65
Rev: server/modules/scripting/fastcgi.pike:2.13
Rev: server/modules/scripting/perl.pike:2.26
Rev: server/modules/scripting/php.pike:2.5
Rev: server/modules/scripting/piketag.pike:2.38
Rev: server/modules/scripting/servlet.pike:2.24
Rev: server/modules/scripting/webapp.pike:2.32
Rev: server/modules/security/auth_httpbasic.pike:1.12
Rev: server/modules/security/auth_httpcookie.pike:1.12
Rev: server/modules/security/htaccess.pike:1.106
Rev: server/modules/security/userdb_sql.pike:1.10
Rev: server/modules/security/userdb_system.pike:1.12
Rev: server/modules/tags/accessed.pike:1.57
Rev: server/modules/tags/email.pike:1.43
Rev: server/modules/tags/emit_exec.pike:1.4
Rev: server/modules/tags/emit_timerange.pike:1.29
Rev: server/modules/tags/insert_cached_href.pike:1.22
Rev: server/modules/tags/obox.pike:1.41
Rev: server/modules/tags/rxmltags.pike:1.553
Rev: server/modules/tags/wizz.pike:1.10
Rev: server/modules/tags/writefile.pike:1.20
Rev: server/modules/throttling/throttling_byaddress.pike:1.6
Rev: server/modules/throttling/throttling_bytime.pike:1.8
Rev: server/ntroxenloader.pike:1.9
Rev: server/protocols/ftp.pike:2.125
Rev: server/protocols/http.pike:1.561
Rev: server/protocols/prot_hilfe.pike:2.15
Rev: server/protocols/prot_snmp.pike:2.8
Rev: server/sbin/roxen-create-server:1.5
Rev: server/tools/ntroxen/startdll/cmdline.cpp:1.21

2007-03-27

2007-03-27 14:17:01 by Martin Stjernholm <mast@lysator.liu.se>

Kludge to avoid bogus backtraces on exit.

Rev: server/etc/modules/RoxenSSLFile.pike:1.26

2007-03-27 14:17:00 by Martin Stjernholm <mast@lysator.liu.se>

Kludge to avoid bogus backtraces on exit.

Rev: server/etc/modules/RoxenSSLFile.pike:1.26

2007-03-14

2007-03-14 15:43:31 by Martin Stjernholm <mast@lysator.liu.se>

Handle extra read callback in RUN_MAYBE_BLOCKING even when ENABLE_READS is
zero, so that it's done before the write callback might get called. (The
only thing the extra read callback might do in this case is to schedule a
close packet for writing.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.25

2007-03-14 15:43:31 by Martin Stjernholm <mast@lysator.liu.se>

Handle extra read callback in RUN_MAYBE_BLOCKING even when ENABLE_READS is
zero, so that it's done before the write callback might get called. (The
only thing the extra read callback might do in this case is to schedule a
close packet for writing.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.25

2007-03-09

2007-03-09 21:21:34 by Martin Stjernholm <mast@lysator.liu.se>

Don't install the alert callback wrapper when the alert callback is
zero. (This also avoids trampoline garbage.)

Fixed regression in rev 1.19: Should still try to put the close packet on
the wire before close() returns, even in nonblocking mode.

Rev: server/etc/modules/RoxenSSLFile.pike:1.24

2007-03-09 21:15:39 by Martin Stjernholm <mast@lysator.liu.se>

Don't install the alert callback wrapper when the alert callback is
zero. (This also avoids trampoline garbage.)

Fixed regression in rev 1.19: Should still try to put the close packet on
the wire before close() returns, even in nonblocking mode.

Rev: server/etc/modules/RoxenSSLFile.pike:1.24

2007-03-09 18:16:35 by Martin Stjernholm <mast@lysator.liu.se>

(..and some more.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.23

2007-03-09 18:16:35 by Martin Stjernholm <mast@lysator.liu.se>

(..and some more.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.23

2007-03-09 18:08:27 by Martin Stjernholm <mast@lysator.liu.se>

Removed some code in the write and close callbacks that should be dead now,
provided the scheduling of the extra read callback works correctly.

(Also minimized differences wrt the pike 7.6 version - just some comment and
debug printout changes.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.22

2007-03-09 18:08:27 by Martin Stjernholm <mast@lysator.liu.se>

Removed some code in the write and close callbacks that should be dead now,
provided the scheduling of the extra read callback works correctly.

(Also minimized differences wrt the pike 7.6 version - just some comment and
debug printout changes.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.22

2007-03-08

2007-03-08 18:04:14 by Martin Stjernholm <mast@lysator.liu.se>

Have to completely disable the session cache in 7.4 due to garbage problems.

Rev: server/etc/modules/RoxenSSLFile.pike:1.21

2007-03-08 18:04:14 by Martin Stjernholm <mast@lysator.liu.se>

Have to completely disable the session cache in 7.4 due to garbage problems.

Rev: server/etc/modules/RoxenSSLFile.pike:1.21

2007-03-07

2007-03-07 18:47:58 by Martin Stjernholm <mast@lysator.liu.se>

Fixed bug where other callbacks could be called when the extra read call out
is scheduled. The effect of this could be that a close or write callback got
lost.

Rev: server/etc/modules/RoxenSSLFile.pike:1.20

2007-03-07 18:47:58 by Martin Stjernholm <mast@lysator.liu.se>

Fixed bug where other callbacks could be called when the extra read call out
is scheduled. The effect of this could be that a close or write callback got
lost.

Rev: server/etc/modules/RoxenSSLFile.pike:1.20

2007-03-07 13:29:15 by Martin Stjernholm <mast@lysator.liu.se>

Fixed bug in close() where the write callback was installed to write the
close package even when it was done synchronously in blocking mode. This could
cause a race if the backend is waiting in another thread.

Rev: server/etc/modules/RoxenSSLFile.pike:1.19

2007-03-07 13:29:15 by Martin Stjernholm <mast@lysator.liu.se>

Fixed bug in close() where the write callback was installed to write the
close package even when it was done synchronously in blocking mode. This could
cause a race if the backend is waiting in another thread.

Rev: server/etc/modules/RoxenSSLFile.pike:1.19

2007-02-20

2007-02-20 15:30:40 by Martin Stjernholm <mast@lysator.liu.se>

Fixed bug introduced in rev 1.13 where the callbacks sometimes weren't
correctly reinstalled after switching from the local backend.

Also fixed a bug where the handshake packet wasn't sent from the client in
nonblocking mode with no write callback installed.

Rev: server/etc/modules/RoxenSSLFile.pike:1.18

2007-01-25

2007-01-25 17:47:04 by Martin Stjernholm <mast@lysator.liu.se>

Fixed bug introduced in rev 1.13 where the callbacks sometimes weren't
correctly reinstalled after switching from the local backend.

Also fixed a bug where the handshake packet wasn't sent from the client in
nonblocking mode with no write callback installed.

Rev: server/etc/modules/RoxenSSLFile.pike:1.18

2006-11-16

2006-11-16 12:48:15 by Martin Stjernholm <mast@lysator.liu.se>

Don't do blocking I/O in destroy() - it's too dangerous (might e.g. lock up
the gc).

Rev: server/etc/modules/RoxenSSLFile.pike:1.17

2006-11-16 12:48:15 by Martin Stjernholm <mast@lysator.liu.se>

Don't do blocking I/O in destroy() - it's too dangerous (might e.g. lock up
the gc).

Rev: server/etc/modules/RoxenSSLFile.pike:1.17

2006-10-13

2006-10-13 18:17:13 by Martin Stjernholm <mast@lysator.liu.se>

More info in the thread debug errors.

Rev: server/etc/modules/RoxenSSLFile.pike:1.16

2006-08-17

2006-08-17 14:03:55 by Martin Stjernholm <mast@lysator.liu.se>

Don't throw close errors from destroy(), to avoid spook backtraces
when destructed from the gc.

Rev: server/etc/modules/RoxenSSLFile.pike:1.15

2006-06-01

2006-06-01 11:47:05 by Martin Stjernholm <mast@lysator.liu.se>

Fixed possible clobbering of errno in close(). Don't use the old
sslfile when running in 7.6 in 7.4 compat mode.

Rev: server/etc/modules/RoxenSSLFile.pike:1.14

2006-06-01 11:00:32 by Martin Stjernholm <mast@lysator.liu.se>

Fixed a race when switching from the local backend.

Rev: server/etc/modules/RoxenSSLFile.pike:1.13

2006-05-31

2006-05-31 17:49:26 by Martin Stjernholm <mast@lysator.liu.se>

Trap windows WSAECONNRESET properly.

Rev: server/etc/modules/RoxenSSLFile.pike:1.12

2006-03-26

2006-03-26 23:21:54 by Martin Stjernholm <mast@lysator.liu.se>

Ensure that the read callback gets a call if it's installed when there
already is data in the internal read buffer. Thanks to Thomas Bopp for bug
hunting.

Rev: server/etc/modules/RoxenSSLFile.pike:1.11

2006-01-28

2006-01-28 03:14:49 by Martin Stjernholm <mast@lysator.liu.se>

Ported fix from 7.6: Return the stream from shutdown() also when no
close at all has been requested. Fixed delaying of ssl_read_callback
work also when the alert callback is called. Fixes [bug 4080 (#4080)].

Rev: server/etc/modules/RoxenSSLFile.pike:1.10

2005-05-05

2005-05-05 12:05:24 by Marc Dirix <marc@electronics-design.nl>

Removed some sprintf.
Removed RoxenSSLFile.

Rev: server/etc/modules/RoxenSSLFile.pike:1.2(DEAD)
Rev: server/plugins/protocols/prot_https.pike:2.15
Rev: server/server_core/core.pike:1.877

2005-04-26

2005-04-26 19:16:52 by Martin Stjernholm <mast@lysator.liu.se>

Fixed local backend loop condition for blocking reads. This bug caused
blocking read() calls to loop infinitely if the stream is closed remotely.

Rev: server/etc/modules/RoxenSSLFile.pike:1.9

2005-04-14

2005-04-14 23:07:00 by Marc Dirix <marc@electronics-design.nl>

Sync with webserver.
Fix in location "environment"

Rev: server/admin_interface/tasks/change_version.pike:1.23
Rev: server/admin_interface/tasks/debug_summary.pike:1.12
Rev: server/bin/buildenv.pike:1.11
Rev: server/etc/modules/RoxenSSLFile.pike:1.1
Rev: server/plugins/protocols/http.pike:1.415
Rev: server/plugins/protocols/prot_https.pike:2.14
Rev: server/server_core/core.pike:1.876

2005-02-08

2005-02-08 20:13:56 by Martin Stjernholm <mast@lysator.liu.se>

Synched with fixes made in rev 1.80 of sslfile.pike in pike 7.6.

Rev: server/etc/modules/RoxenSSLFile.pike:1.8

2005-01-27

2005-01-27 14:43:35 by Martin Stjernholm <mast@lysator.liu.se>

Minor fixes in SSL3_DEBUG messages.

Rev: server/etc/modules/RoxenSSLFile.pike:1.7

2005-01-27 14:36:06 by Martin Stjernholm <mast@lysator.liu.se>

Reapplied some more fixes for the old style backend, and some for the
old style SSL module.

Rev: server/etc/modules/RoxenSSLFile.pike:1.6

2005-01-27 14:26:41 by Martin Stjernholm <mast@lysator.liu.se>

Reapplied fixes to work with the old style backend in pike 7.4. (It
still uses the extended return values for callbacks, but it doesn't
matter much since the 7.4 backend simply ignores them.)

Rev: server/etc/modules/RoxenSSLFile.pike:1.5

2005-01-27 14:24:09 by Martin Stjernholm <mast@lysator.liu.se>

Imported bugfixed version from revision 1.78 in pike 7.6.

Rev: server/etc/modules/RoxenSSLFile.pike:1.4

2004-11-30

2004-11-30 14:30:54 by Martin Stjernholm <mast@lysator.liu.se>

Added wrapper for Stdio.File.is_open.

Rev: server/etc/modules/RoxenSSLFile.pike:1.3

2004-10-20

2004-10-20 14:10:46 by Martin Stjernholm <mast@lysator.liu.se>

Removed some stuff that requires 7.6 backend extensions. It should
work ok anyway except some details in the propagation of I/O errors.

Rev: server/etc/modules/RoxenSSLFile.pike:1.2

2004-08-18

2004-08-18 16:59:56 by Martin Stjernholm <mast@lysator.liu.se>

Replacement for the buggy SSL.sslfile in 7.4, so we can get working ssl/tls
in Roxen.

Rev: server/etc/modules/RoxenSSLFile.pike:1.1