changelog

linux subdivision ying gai ke yi le ba

	* ne_openssl.c (ne_ssl_cert_validity): New function.
	(asn1time_to_string): Format into a fixed-size buffer.

Tue Apr 22 08:38:30 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_locks.c (ne_lock_discover, ne_lock): Don't leak the cdata
	buffer.

	* ne_props.c (ne_propfind_destroy): Don't leak the value buffer.

Mon Apr 21 23:52:25 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_xml.c (ne_xml_destroy): Free root element.

Mon Apr 21 23:46:17 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (dup_client_cert): Set decrypted state; dup the
	friendly name.
	(ne_ssl_clicert_free): Free friendly name.

Mon Apr 21 19:44:55 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_md5.h (ne_md5_buffer, ne_md5_stream): Remove unused
	functions.

Mon Apr 21 18:17:14 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_locks.c, ne_207.c: s/NE_ELM_/ELM_/ since no element ids are
	exported.

Mon Apr 21 16:38:14 2003  Joe Orton  <joe@manyfish.co.uk>

	Redesign the XML interface: have startelm callback map {nspace,
	name} onto a state integer or decline.  Remove "valid"/"invalid";
	don't abort the parse if no handler accepts an element.  Push
	cdata accumulation down into the caller; drop collect mode,
	stripws mode.
	
	* ne_xml.h (ne_xml_elmid, struct ne_xml_elm): Removed.
	(ne_xml_startelm_cb): Return a state/acceptance integer, take a
	state integer, nspace, name and atts.
	(ne_xml_endelm_cb, ne_xml_cdata_cb): Take a state integer.
	(ne_xml_push_mixed_handler): Removed.
	(ne_xml_push_handler): Removed element list argument.
	(struct ne_xml_idmap, ne_xml_mapid): New interface.

	* ne_xml.c (struct element): Replaces ne_xml_state.  Add name,
	nspace, state fields.
	(friendly_name, find_handler, parse_element,
	ne_xml_push_mixed_handler, push_handler): Removed functions.
	(declare_nspaces, expand_qname): Factored out from find_handler
	and parse_element.
	(start_element): Use expand_qname, declare_nspaces.  Find
	appropriate handler here.  Guarantee not to pass a NULL atts array
	to the start-element callback.  Drop collect mode.
	(end_element): Drop collect mode
	(ne_xml_push_handler): Fold push_handler back in.
	(ne_xml_mapid): New function.

	* ne_207.h (NE_ELM_*): Don't export element id.
	(NE_207_STATE_PROP, NE_207_STATE_TOP): Export state integers.

	* ne_207.c (struct ne_207_parser_s): Add cdata field.
	(map207): Replace element list with idmap array.
	(can_handle): New function, replacing check_context logic.
	(start_element): Determine new state integer; only accept the
	element in valid states.  Clear cdata.
	(end_element): Use state rather than element id.  Do nothing for
	end of 'response' element if element is incomplete.
	(ne_207_create): Create cdata buffer.
	(ne_207_destroy): Destroy cdata buffer.
	(ne_207_ignore_unknown): Removed function.
	(ne_simple_request): Don't call ne_207_ignore_unknown.

	* ne_props.h (NE_PROPS_STATE_TOP): Define state.
	
	* ne_props.c (struct ne_propfind_handler_s): Add value and depth
	fields.
	(ELM_flatprop): Define state.
	(flat_elms): Removed array.
	(chardata): Append to value field when in ELM_flatprop state.
	(startelm): Decline everything other than elements within the
	'prop' state.  Collect flatprop contents.
	(endelm): Collect flatprop contents.

	* ne_locks.c (struct discover_ctx, struct lock_ctx): Store cdata.
	(element_map): Replace element list with idmap array.
	(can_accept): Replaces check_context callback.
	(ld_startelm, lk_cdata, ld_cdata): New functions.

Mon Apr 14 00:04:20 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_207.h (ne_207_start_response, ne_207_end_response,
	ne_207_start_propstat, ne_207_end_propstat): Use ANSI-style
	function pointers in typedefs.

	* ne_207.c (struct ne_207_parser_s): Updated accordingly.

Mon Apr 14 00:02:10 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (read_response_block): Better error messages for
	invalid chunks, don't use strncmp for a two-character comparison.

Mon Apr  7 22:26:50 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_stubssl.c (ne_ssl_cert_identity): New function.

Mon Apr  7 22:16:16 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (struct ne_ssl_certificate_s): Add identity field.
	(check_identity): Add optional identity argument.
	(populate_cert): Retrieve cert identity using check_identity.
	(check_certificate): Pass extra NULL to check_identity.
	(ne_ssl_cert_identity): New function.
	(ne_ssl_cert_free): Free the identity field.

Mon Apr  7 21:29:54 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (check_identity): Take a string hostname rather
	than a session object.
	(check_certificate): Adjust accordingly.

Sun Apr  6 21:26:05 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.h (NE_HEX2ASC): Cast result to char to avoid warnings
	with some compilers.
 
Sun Apr  6 20:11:42 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (ne_ssl_readable_dname): Include commonName or
	emailAddress in returned string if either is the only attribute.

Sun Mar 30 10:54:20 2003  Joe Orton  <joe@manyfish.co.uk>

	Split decryption of client certs into two steps
	
	* ne_openssl.c (ne_ssl_clicert_encrypted, ne_ssl_clicert_decrypt):
	New functions.
	(ne_ssl_client_cert_s): Add p12 and decrypted fields.
	(find_friendly_name): New function.
	(get_friendly_name): Removed function.
	(ne_ssl_clicert_read): Drop password callback; on decrypt failure,
	extract friendly name and set decrypted state of clicert.

Sun Mar 30 10:54:01 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_stubssl.c (ne_ssl_clicert_encrypted, ne_ssl_clicert_decrypt):
	New stubs.
	(ne_ssl_clicert_read): Adjusted for API change.

Sat Mar 29 14:23:37 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (ne_ssl_dname_cmp): New function.

	* ne_stubssl.c (ne_ssl_dname_cmp): New function.

Sat Mar 29 13:52:47 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (struct ne_ssl_client_cert_s): Add 'friendly_name'
	field.
	(get_friendly_name, ne_ssl_clicert_name): New functions.
	(ne_ssl_clicert_read): Store the cert's friendly name.

	* ne_stubssl.c (ne_ssl_clicert_name): New function.

Sat Mar 29 13:16:14 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_openssl.c (ne_ssl_clicert_owner): New function.

Fri Mar 28 22:12:57 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_stubssl.c (ne_ssl_cert_digest): New function.

	* ne_openssl.c (ne_ssl_cert_digest): New function.

Wed Mar 26 20:41:57 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_ssl_trust_cert) [NEON_SSL]: Only build when SSL
	support is present.

Wed Mar 26 20:01:00 2003  Joe Orton  <joe@manyfish.co.uk>

	Begin abstraction of SSL layer to better isolate
	SSL-library-specific code, and to improve certificate handling
	interface.

	Drop support for PEM-encoded client certificates.

	* ne_session.h (ne_ssl_trust_cert): Replaces ne_ssl_load_ca, in
	conjunction with ne_ssl_load_cert.
	(ne_ssl_trust_default_ca): Replaces ne_ssl_load_default_ca.
	(ne_ssl_keypw_prompt): Removed function, no longer needed.
	(ne_ssl_set_clicert): Replaces ne_ssl_load_pkcs12, in conjunction
	with ne_ssl_clicert_read.
	(ne_ssl_provide_clicert): Replaces ne_ssl_provide_ccert, callback
	type changed.
	
	* ne_openssl.c: New file; much code moved from ne_session.c.

	* ne_privssl.h: New file, private interface between ne_socket.c
	and ne_openssl.c.
	
	* ne_ssl.h: New file.

	* ne_private.h (struct ne_session_s): Store pointers to
	ne_ssl_client_cert etc opaque objects, not OpenSSL structures.
	
	* ne_session.c: Most of ne_ssl_* moved to ne_openssl.c.
	(ne_session_create, ne_session_destroy): Use ne_ssl_cert_* etc to
	manage cert objects.

	* ne_socket.c (struct ne_socket_s): Replace SSL *, SSL_CTX *
	pointers with an ne_ssl_socket * pointer.
	(readable_ossl, error_ossl, read_ossl, write_ossl, ne_sock_close):
	Compensate for above change.
	(ne_sock_use_ssl): Removed function.
	(ne_sock_switch_ssl): Pass in SSL * as void for time being.
	(ne_sock_connect_ssl): Renamed and cleaned up version of
	ne_sock_use_ssl_os.
	(ne_sock_sslsock): New function.

	* Makefile.in: Add deps for ne_openssl.c.
	
Sun Mar 23 13:02:58 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_set_useragent): Use ne_malloc.

Sat Mar 22 21:06:45 2003  Joe Orton  <joe@manyfish.co.uk>

     * ne_socket.c (raw_connect): Fill in sin6_family or sin_family
     since AIX 4.3 fails to do so.

Wed Mar 19 20:44:11 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c [NEON_SSL] (free_client_cert): Build conditional on
	NEON_SSL.

Mon Mar 17 20:33:32 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c: Include netdb.h conditional on HAVE_NETDB_H. (fix
	build for older versions of CygWin).

Sun Mar 16 23:30:20 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (check_identity): Fix leak of subject alt. name
	structures.

Sun Mar 16 19:21:22 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (free_client_cert): New function.
	(ne_session_destroy, ne_ssl_load_pem, ne_ssl_load_pkcs12): Call
	it; prevent memory leak if ne_ssl_load_{pem,pkcs12} are called >1
	per session.

Sun Mar 16 18:00:34 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (provide_client_cert): Free peer certificate after
	use.
	(ne_session_destroy): Free client cert and key if present.

Sun Mar 16 14:23:05 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_xml.c [HAVE_EXPAT]: Include xmlparse.h for bundled expat
	build.

	* ne_utils.c: Only include expat.h if HAVE_XMLPARSE_H is not
	defined.

Wed Mar 12 15:04:13 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_redirect.c (struct redirect): Add 'valid' field.
	(post_send): Set and clear 'valid' to keep track of whether stored
	URI is valid.
	(ne_redirect_location): Return NULL if stored URI is not valid.

Wed Mar 12 14:52:49 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_uri.c (ne_uri_free): Zero-initialize structure after
	free'ing.

Tue Mar 11 22:01:11 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_redirect.c (ne_redirect_location): Return NULL if no redirect
	session is registered, rather than SEGV; Ralf Mattes
	<rm@fabula.de>.

Sun Mar  9 16:33:24 2003  Joe Orton  <joe@manyfish.co.uk>

	Fix a memory leak if an XML parse error occurs during a PROPFIND
	response:
	
	* ne_props.c (ne_propfind_current_private): Return NULL if no
	propset is being processed.
	(free_propset): Free propset href here.
	(end_response): Don't free propset href here.  Set current field
	of handler to NULL after free'ing propset.
	(ne_propfind_destroy): Free current propset if one was being
	processed.

Sun Mar  9 11:53:58 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_207.c (ne_207_destroy): Fix possible leak of reason_phrase
	string.

Sun Mar  9 11:01:15 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_utils.c (ne_parse_statusline): Use ne_strclean.
	
	* ne_session.c (ne_get_error): Use ne_strclean.

Sun Mar  9 10:53:52 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_xml.c: Remove broken "UTF-8 decoding" support used for libxml
	1.x.

Sun Mar  9 09:55:26 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_xml.c: Drop support for expat < 1.95.0 and libxml 1.x.

	* ne_utils.c (version_string): Include expat version string.

Sun Mar  9 09:54:00 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c: Don't declare h_errno on Win32 either.

Sun Mar  9 08:49:40 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.c (do_concat) [HAVE_STPCPY]: Use stpcpy rather than
	strlen/memcpy, when available.

Mon Mar  3 22:17:04 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c [!USE_GETADDRINFO && !HAVE_DECL_H_ERRNO): Declare
	h_errno (fix build on SCO OpenServer 5.0).

Sat Mar  1 21:22:19 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_redirect.c (free_redirect): Fix once-per-session memory leak.

Sat Mar  1 20:23:47 2003  Joe Orton  <joe@manyfish.co.uk>

	Add implemention of simple memory leak tracking, for testing
	purposes.

	* ne_alloc.c [NEON_MEMLEAK] (tracking_malloc, ne_free_ml,
	ne_malloc_ml, ne_calloc_ml, ne_realloc_ml, ne_strdup_ml,
	ne_strndup_ml, ne_memleak_dump): New functions.

	* memleak.h: New header.

Sat Mar  1 13:44:26 2003  Joe Orton  <joe@manyfish.co.uk>

	First step towards automated memory leak tests.
	
	* ne_alloc.c (ne_free): New function.

	* All files: replace use of free() with ne_free().

Sat Mar  1 09:48:39 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_uri.c (ne_path_unescape): Fix memory leak on invalid URI.

Sat Mar  1 08:03:18 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.c (ne_strclean): New function.

Wed Feb 26 21:45:12 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (ne_begin_request, proxy_tunnel, open_connection)
	[NEON_SSL] Don't build CONNECT tunnel support code if SSL is not
	supported.

Wed Feb 26 21:44:18 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_utils.c (ne_debug_init): Allow ne_debug_init(NULL, 0) to turn
	off debugging.  Fix to produce debug output if the any of the
	specified "channels" are active, not all.  (also fixing
	NE_DBG_FLUSH support).

Tue Feb 25 23:12:31 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_compress.c (process_footer): Mention number of extra bytes in
	error message for oversized footer.

Sun Feb 23 21:19:20 2003  Joe Orton  <joe@manyfish.co.uk>

	* ne_auth.c (verify_response): Fix to parse nonce count as hex
	string rather than decimal; fix verification of >9 responses.

Thu Feb 13 20:35:45 2003  Joe Orton  <joe@manyfish.co.uk>