changelog

linux subdivision ying gai ke yi le ba

	* ne_private.h (struct host_info): Store an ne_sock_addr pointer.

	* ne_request.c (lookup_host): Use new ne_addr_* interface.

	* ne_session.c (ne_session_destroy): Destroy address objects.
	
Mon Aug 19 00:19:49 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c: Move prng_seeded inside ifdef NEON_SSL region to
	prevent unused variable warning for non-SSL build.

Sun Aug 18 23:21:21 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.h (ne_strerror): Return buffer.

Sun Aug 18 23:17:56 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (set_error): Use ne_strnzcpy.

Sun Aug 18 23:14:07 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.c (ne_strerror): Use ne_strnzcpy.

Sun Aug 18 23:11:45 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.h (ne_strnzcpy): New macro.

Sun Aug 18 22:48:27 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (ne_sock_init): Check directly for SIGPIPE
	definition rather than HAVE_SIGPIPE.

Sun Aug 18 13:49:49 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (set_hostport): Use %u for printing unsigned int.

Sun Aug 18 13:47:43 2002  Joe Orton  <joe@manyfish.co.uk>
	
	* ne_utils.h (NE_DBG_SSL): New constant.

	* ne_session.c [NEON_SSL] (everywhere): Use NE_DBG_SSL channel for
	debugging messages.

Sun Aug 18 08:17:19 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (match_hostname): Fix to use case-insensitive
	string comparison.

Sun Aug 18 08:10:12 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (check_identity): Check the commonName if no
	alt. names of DNS type were found.

Sun Aug 18 07:39:35 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (check_identity): Use the most specific commonName
	attribute found, not the first.  (for RFC2818 compliance)

Sun Aug 18 01:54:53 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (match_hostname): Invert return value.
	(check_identity): New function; split out commonName check from
	check_certificate, check subjectAltName extension instead if
	present.
	(check_certificate): Use check_identity.

Sat Aug 17 19:59:21 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (check_certificate): Extend debugging code to dump
	the whole certificate chain, but #if 0 it by default.

Mon Aug 12 12:04:51 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (aborted): Use NE_FMT_SSIZE_T to print ssize_t
	value.

Mon Aug 12 11:08:35 2002  Joe Orton  <joe@manyfish.co.uk>

	Support PRNG seeding via EGD to make SSL work on platforms which
	lack /dev/random:

	* ne_socket.c (init_ssl): New function.
	(ne_sock_init): Call init_ssl, set prng_seeded global on success.
	(ne_sock_use_ssl_os): Fail early if prng_seeded is not set, and
	RAND_status returns false.

Tue Aug  6 07:18:30 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (ne_sock_use_ssl_os): Remove goto-based error
	handling.  Don't call SSL_shutdown after SSL_connect fails.

Mon Aug  5 23:18:55 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_ssl_keypw_prompt): Don't set SSL_CTX default
	password callbacks, since these are never invoked.  Implement
	once, stub for !NEON_SSL is no longer needed.

Mon Aug  5 21:01:54 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_ssl_load_pem): Pass private key prompt callback
	to PEM_read_X509, PEM_read_PrivateKey (patch by Daniel Berlin).
	Also handle errors properly; call ERR_get_error() to pop the
	errors of the error stack.

Mon Aug  5 20:15:10 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (provide_client_cert): Increase reference count on
	key and certificate, to prevent them being free'd too early.

Sun Aug  4 22:35:27 2002  Joe Orton  <joe@manyfish.co.uk>

	Fix `retry_after_abort' test in request.c:

	* ne_request.c (send_request): Don't use the 'persisted' flag
	until after a new connection has been opened, when it may have
	been reset.

Sun Aug  4 17:26:37 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (struct ne_request_s): Remove reqbuf field.
	(ne_request_create, ne_request_destroy): Don't (de)allocate reqbuf.
	(build_request): Allocate the returned buffer internally.
	(ne_begin_request): Destroy the buffer after use.

Sun Aug  4 15:36:01 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_ssl_load_pem): Close file after use.

Sun Aug  4 12:55:49 2002  Joe Orton  <joe@manyfish.co.uk>

	Factor out EPIPE, ECONNRESET handling from write_raw:
	
	* ne_socket.c (MAP_ERR): New macro.
	(write_raw, error_ossl): Use MAP_ERR.

Sun Aug  4 12:25:34 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (ne_sock_switch_ssl): New function.

Sun Aug  4 12:24:23 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (ne_sock_switch_ssl): New function, really just for
	test suite.

Sat Aug  3 22:11:33 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_auth.c (ne_forget_auth): Fix segfault if either server or
	proxy auth is not in use.

Sat Aug  3 22:06:32 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_redirect.c (create, post_send, ne_redirect_register,
	ne_redirect_location): Updated for new hook interface.

Sat Aug  3 19:02:33 2002  Joe Orton  <joe@manyfish.co.uk>

	Adjustment of hook interface and use: fixing a design flaw causing
	a segfault in the auth hooks when two requests are used
	concurrently for a single session during a CONNECT tunnel.
	
	* ne_request.h, ne_session.h:
	(ne_get_request_private, ne_get_session_private): Replace
	ne_request_hook_private, ne_session_hook_private.
	(ne_set_session_private, ne_set_request_private): Replace
	ne_hook_session_accessor, ne_hook_request_accessor.

	* ne_request.h (ne_create_request_fn, ne_pre_send_fn,
	ne_post_send_fn): Add ne_request pointer as first argument.
	(ne_hook_destroy_request): Take ne_destroy_req_fn function.
	(ne_hook_destroy_session): Take ne_destroy_sess_fn function.
	
	* ne_request.c (struct ne_request_s): Renamed `accessor_hooks'
	field to `private'.
	(get_private): Renamed from call_access; don't invoke function.
	(ne_null_accessor): Removed function.

	* ne_auth.c (struct auth_class): Store hook id.
	(auth_session): Remove auth_request pointer.
	(ah_create): Store auth_request pointer as request-private data.
	(ah_pre_send, ah_post_send, ah_destroy): Retrieve auth_request
	pointer from request-private data.
	(register_hooks, ne_forget_auth): Use
	ne_{get,set}_session_private.

	* ne_locks.c (struct lh_req_cookie): New structure.
	(struct ne_lock_store_s): Remove submit_locks field.
	(lk_create, lk_pre_send, submit_lock, ne_lock_using_resource,
	ne_lock_using_parent, lk_destroy): Adjust to use lh_req_cookie
	pointer as request-private data.

	* ne_cookies.c (create, pre_send): Adjust for hook prototype
	changes.

Wed Jul 31 23:46:17 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c [NEON_SSL]: Include limits.h for INT_MAX definition.

Mon Jul 29 20:55:57 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_auth.c (struct auth_class): New structure; abstracts out
	proxy/server generic auth handling more cleanly.
	(ah_server_class, ah_proxy_class): Declare variables.
	(auth_session): Reference an auth_class structure.
	(auth_register): Replaces auth_create.
	(ne_set_server_auth, ne_set_proxy_auth): Simplify, use
	auth_register.
	(everywhere): Reference req_hdr etc via ->spec-> reference.

Sun Jul 28 12:29:23 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (proxy_tunnel): Reset 'persisted' flag, so that a
	newly tunnelled connection is not treated as persistent.

Sun Jul 28 12:26:49 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.h (CONCAT2, CONCAT3, CONCAT4): Removed macros.

Thu Jul 25 23:16:00 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (send_request): Don't clear retry until a
	status-line has been read.

Thu Jul 25 00:03:17 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_auth.c (basic_challenge, request_basic): Use ne_concat not
	the CONCAT? macros.

	* ne_basic.c (ne_mkcol): Use ne_concat not the CONCAT2 macro.

Wed Jul 24 00:16:39 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.c (count_concat, do_concat): Factored out from
	ne_buffer_concat.
	(ne_buffer_concat): Rewrite to use count_concat, do_concat.
	(ne_concat): New (resurrected) function.

Thu Jul 18 21:52:12 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (proxy_tunnel): Don't use server.hostport in
	Request-URI; always include `:port' even if default port is used;
	fix CONNECT through Inktomi Traffic-Server.

Thu Jul 18 21:33:43 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (aborted, ne_set_request_body_fd): Use ne_strerror.

	* ne_session.c (ne_ssl_load_pem, ne_ssl_load_pkcs12): Use ne_strerror.

	* ne_basic.c (get_to_fd): Use ne_strerror.

Thu Jul 18 20:19:30 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_string.c (ne_strerror): New function.

	* ne_socket.c (set_strerror): Move portability logic to
	ne_strerror; just use that here.

Thu Jul 18 20:00:46 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (read_raw, write_raw): Don't re-evaluate 'errno',
	per Ulrich Drepper's advice.

Wed Jul 17 23:47:01 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (struct ne_socket_s): Store buffer for error string.
	(set_error, set_strerror): New macros.
	(everywhere): Use set_error, set_strerror or ne_snprintf to set
	the socket error string.

Wed Jul 17 23:19:18 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_utils.c (ne_version_match): Fix inverted minor version test.

Sun Jul 14 20:13:59 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_uri.h (ne_uri): Store port as unsigned.

	* ne_uri.c (ne_uri_defaultport): Return unsigned int, and zero for
	undefined port.

Sun Jul 14 20:07:35 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_session_proxy): Take port parameter as unsigned
	int, as per ne_session_create.

Sun Jul 14 20:03:21 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (strip_eol): Take ssize_t 'len' parameter.
	(read_message_header): Use ssize_t for 'n'.

Sun Jul 14 12:45:40 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (ne_sock_use_ssl_os): Unconditionally enable
	SSL_MODE_AUTO_RETRY now OpenSSL 0.9.6 is required.

Sun Jul 14 12:15:40 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_xml.h (NE_XML_MEDIA_TYPE): New definition.

	* ne_acl.c (ne_acl_set),
	* ne_props.c (ne_proppatch, propfind): Use NE_XML_MEDIA_TYPE,
	rather than hard-coding the incorrect "text/xml" media type.

Sun Jul 14 10:53:33 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_utils.c (ne_version_match): Replace ne_version_minimum.

Sat Jul 13 11:40:37 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_session.c (ne_negotiate_ssl): Include socket error string in
	session error if SSL negotiation fails.

Sat Jul 13 11:27:50 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c (error_ossl): New function.
	(ERROR_SSL_STRING): Removed macro.
	(CAST2INT): New macro; safety harness for OpenSSL compatibility.
	(read_ossl, write_ossl): Use error_ossl, CAST2INT.
	(ne_sock_use_ssl_os): Use error_ssl.

Sat Jul 13 11:16:07 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.c: Define ECONNRESET as WSAECONNRESET on Win32.

Sat Jul 13 10:10:03 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_private.h (struct ne_session_s): Replace 'reqcount' with
	'persisted' flag.

	* ne_request.c (ne_end_request): Set 'persisted' flag if
	connection is left open.
	(send_request): Adjust to allow retry if 'persisted' flag is set.
	(init_socket): Clear 'persisted' flag here...
	(open_connection): ... rather than here.

Wed Jul 10 22:51:39 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (RETRY_RET): Retry on an NE_SOCK_RESET too.
	(send_request): Fix to only retry if not on the first request on a
	connection (close_not_retried test).

Sun Jul  7 20:49:09 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_socket.h: Add NE_SOCK_RESET return value; improve comments.

	* ne_socket.c (read_raw, write_raw): Return NE_SOCK_RESET if an
	ECONNRESET error is received when reading or writing.

Sat Jul  6 13:30:15 2002  Joe Orton  <joe@manyfish.co.uk>
	
	* ne_request.c (read_status_line, discard_headers): New functions,
	split out from send_request.
	(send_request_body): Move debugging here from send_request.
	(RETRY_RET): Renamed from CAN_RETRY.
	(send_request): Simplify: remove complex 100-continue graceful
	failure logic; use read_status_line, discard_headers, RETRY_RET.
	Fix to only send request body once (expect_100_once test case).
	Fix to not return NE_RETRY if reading status-line other than the
	first fails (fail_eof_continued test case).

Fri Jul  5 21:47:49 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (build_request): Fix from previous commit: clear
	the buffer before building the request.

Fri Jul  5 21:00:20 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (build_request): Fold Host header and Request-Line
	into single ne_buffer_concat call.  Don't set req->use_expect100
	here.  Fold an if/else into an ?:.  Optimise to use
	ne_buffer_append to add 100-continue, user-supplied headers, and
	trailing EOL, since they all have known lengths.
	(send_request): Take request data as argument.
	(ne_begin_request): Call build_request here; pass to send_request.
	Move Expect100 logic here.

Fri Jul  5 17:12:56 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_basic.c (ne_read_file): Removed function.

Fri Jul  5 17:10:11 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_compress.c (process_footer): Take unsigned char buffer.
	Store calculated CRC in a uLong.
	(do_inflate, gz_reader): Cast buffers to unsigned char for
	strict compatibility with zlib interface.

Wed Jul  3 19:21:17 2002  Joe Orton  <joe@manyfish.co.uk>

	* ne_request.c (struct ne_request_s): Use a fixed char array for