Commit graph

16 commits

Author SHA1 Message Date
adam
6b3f4ff097 Changes 0.26.3:
* Fix buffer under-read in URI parser (Laszlo Boszormenyi, CVE-2007-0157)
* Fix regression in handling of "attempt" argument passed to auth callbacks;
  ensure the value only increments for each invocation of the callback
* Fix handling of "nextnonce" parameter in Digest authentication

Changes 0.26.2:
* Fix error reported for LOCK responses lacking a Lock-Token header.
* Use Libs.private in neon.pc for newer versions of pkg-config.
* Build fix for platforms without libintl.h.
* Build fixes for MinGW.
* Build fix for h_errno detection on HP-UX 10.
* Win32: enable debugging; build fixes with some SDKs.

Changes 0.26.1:
* Build fixes for Win32 (D.J. Heap) and OS X.
* Add Simplified Chinese translation

Changes in release 0.26.0:
* Added internationalization support:
* Added support for GnuTLS
* Changes and additions to URI support:
* Changed results callbacks for ne_lock_discover, PROPFIND interfaces:
* Added functions which give control over authentication protocol use:
* Added ne_unhook_* functions to remove hooks
* Added ne_set_session_flags()/ne_get_session_flags() functions:
* Added ne_set_request_flags()/ne_get_request_flags() functions:
* Change ne_md5.h interface to make struct ne_md5_ctx opaque:
* Fixed ne_get_range(), added ne_get_range64()
* Removed NE_FREE() macro from ne_alloc.h
* Added ne_strcasecmp(), ne_strncasecmp(), ne_tolower() functions
* Changed ne_sock_init()/ne_sock_exit() such that ne_sock_exit()
* Added "--enable-threadsafe-ssl=posix" configure flag, to enable
* The manual is now licensed under the GPL rather than the GFDL
2007-03-11 21:01:31 +00:00
epg
492a424d50 Update to 0.25.4:
Changes in release 0.25.4:
* GSSAPI fixes for non-MIT implementations (Mikhail Teterin).
* Fix ne_print_request_header() et al to use 8K buffer size on all
 platforms (fixes issue with long Destination: URLs on Win32).
* Win32 build fix for !USE_GETADDRINFO configuration.
* Documentation updates.

Changes in release 0.25.3:
* ne_lock() and ne_unlock(): fix cases where NE_ERROR would be returned
  instead of e.g. NE_AUTH on auth failure.
* Prevent use of poll() on Darwin.
* Fix gethostbyname-based resolver on LP64 platforms (Matthew Sanderson).

Changes in release 0.25.2:
* Really fix the Win32 build.

Changes in release 0.25.1:
* ne_get_content_type(): fix cases where the charset field was not set
  to NULL after successful return (Johannes Schneider)
* Compressed response handling fixes:
 - fix double invocation of reader callback with len=0
 - fix cases where the reader callback return value was ignored
* Cache the new SSL session if the old one was expired (Robert Eiglmaier)
* Win32: fix build issues.

Changes in release 0.25.0:
* New interfaces:
 - ne_get_response_header() replaces ne_add_response_header_handler
 - ne_read_response_to_fd() and ne_discard_response() for use with
   ne_begin_request/ne_end_request style response handling
 - ne_xmlreq.h: ne_xml_parse_response() and ne_xml_dispatch_request()
 - ne_has_support() for feature detection, replaces ne_support_ssl()
 - ne_set_addrlist() can be used to bypass normal DNS hostname resolver
 - ne_buffer_czappend(), convenience wrapper for ne_buffer_append.
 - ne_iaddr_typeof() returns type of a socket object
 - ne_get_content_type() replaces ne_content_type_handler()
 - ne_set_request_expect100() replaces ne_set_expect100()
* New interfaces on LFS systems for large file support:
 - ne_set_request_body_fd64() call for using an fd opened using O_LARGEFILE
 - ne_set_request_body_provider64(), takes an off64_t length argument
* Interface changes:
 - ne_set_request_body_fd takes offset and length arguments and returns void
 - ne_set_request_body_provider takes length as off_t rather than size_t;
   provider callbacks now MUST set session error string if returning an error
 - response body reader callback returns an integer and can abort the response
 - ne_decompress_destroy() returns void; errors are caught earlier
 - ne_xml_failed() replaces ne_xml_valid(), with different return value logic
 - ne_xml_parse() can return an error; ne_xml_parse_v() aborts the response if
   the parse either fails or is aborted by a handler returning NE_XML_ABORT
 - ne_path_escape() now escapes all but unreserved characters
 - ne_ssl_clicert_name() and ne_ssl_cert_identity() clarified to return UTF-8
 - ne_ssl_clicert_name() clicert object argument is now const
 - ne_uri_parse()/ne_uri_free() memory handling clarified
 - removed the buffer length requirement for ne_read_response_block()
* Bug fixes:
 - properly handle multiple Authentication challenges per request
 - fixes and improvements to the Negotiate auth implementation
 - handle proxies which send a 401 auth challenge to a CONNECT request
 - XML: handle the UTF-8 BOM even if the underlying parser does not
 - Win32: Fix timezone handling (Jiang Lei)
 - ne_lock_refresh() works and will update timeout of passed-in lock
 - persistent connection timeout handling fixes for CygWin et al
 - impose hard limit of 1024 props per resource in ne_props.h response parsing
* New platform-specific features:
 - Win32: Negotiate/NTLM support using SSPI (Vladimir Berezniker)
 - Win32: Add IPv6 support using ENABLE_IPV6 neon.mak flag (Kai Sommerfeld)
* Removed features:
 - the cookies interface has been removed
 - removed functions: ne_service_lookup(), ne_put_if_unmodified()
 - "qop=auth-int" support removed from Digest auth implementation
* Default XML parser search changed to check for expat before libxml2.
2006-01-02 21:01:59 +00:00
jlam
1a280185e1 Mechanical changes to package PLISTs to make use of LIBTOOLIZE_PLIST.
All library names listed by *.la files no longer need to be listed
in the PLIST, e.g., instead of:

	lib/libfoo.a
	lib/libfoo.la
	lib/libfoo.so
	lib/libfoo.so.0
	lib/libfoo.so.0.1

one simply needs:

	lib/libfoo.la

and bsd.pkg.mk will automatically ensure that the additional library
names are listed in the installed package +CONTENTS file.

Also make LIBTOOLIZE_PLIST default to "yes".
2004-09-22 08:09:14 +00:00
epg
a0bfbfad5c Update neon to 0.24.7
Changes in release 0.24.7:
* Compression interface fixes:
 - fix issues handling content decoding and request retries from
 authentication challenges (Justin Erenkrantz)
 - fix places where reader callback would receive spurious size=0 calls
 - fix to pass user-supplied userdata to user-supplied acceptance callback
* Fix for RFC2617-style digest authentication (Hideaki Takahashi).
* Fix to pick up gethostbyname() on QNX 6.2.
2004-07-14 16:20:30 +00:00
drochner
f6d24adf08 update to 0.24.6
Security fix release
2004-05-19 11:03:29 +00:00
xtraeme
dee48f9580 Update neon to 0.24.5
Changes in release 0.24.5:
* SECURITY (CVE CAN-2004-0179): Fix format string vulnerabilities in
 XML/207 response handling, reported by greuff@void.at.
* Performance fix: avoid seeding the SSL PRNG if not creating an SSL socket.
* ne_ssl_readable_dname() is now defined to return UTF-8 strings.
* Fix case where gssapi/gssapi_generic.h was included but not present.
* Fix ne_utils.c build on platforms where zlib does "#define const".
* Fix use of ne_proppatch_operation with some C++ compilers.
* Update libtool for fix to --enable-shared on Darwin.
* BeOS: check for gethostbyname in -lbind (David Reid).
2004-04-16 12:34:53 +00:00
recht
9cb6353553 update to 0.24.4
* Ignore unclean SSL closure when response body is delimited by EOF
  ("Could not read response body: Secure connection truncated" errors
  with some buggy SSL servers).
* Fix test/ssl.c syntax errors with C89 compilers (Radu Greab).
* Respect configure's --datadir argument (Max Bowsher).
* Fix build on Windows when OpenSSL is not used.
* Fix use of SSLv2 (spurious "Server did not present certificate" error).
* When using SSL via a proxy, prevent leaking server auth credentials to the
  proxy, or proxy auth credentials to the server.
* Fix name resolver with some old versions of glibc.
* Fix problems with configure's "time_t format string" detection.
* Fix problems when a broken Kerberos installation is found.
* When verifying SSL certificates, check iPaddress names in the subjectAltName
  extension.

Update BUILDLINK_DEPENDS to 0.24.4 since there was an XML API change in
0.24.0.
2003-12-04 17:00:58 +00:00
epg
7bb1272caf Update to 0.24.1.
Changes in release 0.24.1:
* Add support for "GSS-Negotiate" Kerberos authentication scheme (from
 Risko Gergely and Burjan Gabor).
* Disable Nagle to improve performance of small requests (thanks to
 Jim Whitehead and Teng Xu).
* Fix compatibility with OpenSSL 0.9.6 (broken in 0.24.0).
* Fix prototype mismatch in ne_207.c.
* Define ssize_t from ne_request.h for Win32.
* Prevent segfault on zlib initialization failures.
* ne_sock_init does not fail if PRNG could not be seeded.
* Fix segfault in cookies code (Markus Mueller).
* Documentation updates.

Changes in release 0.24.0:
* Major changes to XML interface:
 - have the start-element callback either accept, decline, abort,
 or return a state integer.
 - remove 'struct ne_xml_elm'; callbacks are passed {nspace, name}
 strings along with a state integer.
 - dropped "collect", "strip-leading-whitespace" modes
 - push responsibility for accumulating cdata onto caller; drop 'cdata'
 argument from end-element callback.
 - don't abort if no handler accepts a particular element, just ignore
 that branch of the tree.
 - dropped support for libxml 1.x and expat < 1.95.0.
 - guarantee that start_element callback is not passed attrs=NULL
 - add ne_xml_doc_encoding() to retrieve encoding of parsed XML document.
* Major changes to SSL interface:
 - rewrite of interfaces for handling server and client certificates;
 ne_ssl.h: many new functions available.
 - only PKCS#12-encoded client certs are supported.
 - changes to most names of SSL-related functions operating on an
 ne_session, e.g. ne_ssl_load_cert->ne_ssl_trust_cert.
 - client cert provider callback is passed the set of acceptable CA
 names sent by the server
 - the entire chain of certs presented by server is now accessible
* Remove unused ne_register_progress() from socket layer.
* Changes to resolver interface: ne_addr_first and _next return const;
 ne_addr_print renamed to ne_iaddr_print; ne_iaddr_make and ne_iaddr_free
 have been added.
* ne_request_create() now duplicates the method string passed in.
* ne_redirect_location() will now return NULL in some cases.
* Split socket creation to ne_sock_create() from ne_sock_connect:
 - should report connect() error messages properly on Win32.
* Fix several memory leaks in error handling paths.
* Add a pkg-config file, neon.pc.in.
2003-09-10 04:34:08 +00:00
drochner
2d2d766d1c update to 0.23.9, provided by Marc Recht per PR pkg/20987
Changes are basically fixes, among them a security fix.
2003-05-09 15:44:09 +00:00
drochner
4eda96652b update to 0.23.7
changes:
-Fix for handling EINTR during write() call (Sergey N Ushakov).
-When available, use pkg-config to determine compiler flags needed to use
 OpenSSL headers and libraries.
2003-01-30 10:52:55 +00:00
jmmv
e067b1870f Update neon to 0.23.6, with patch provided in PR pkg/19998 by Marc Recht.
Changes since 0.23.5:
     * Fixes for error handling in socket layer on Win32 from Johan Lindh and
       Sergey N Ushakov:
          * meaningful error messages rather than "No error"
          * handle persistent connection timeouts properly
     * Fix to use RFC2617-style digest auth when possible (had reverted to
       only using RFC2068-style in 0.16.1).
     * Fix NULL pointer dereference on certain ill-formed PROPFIND responses.
     * Allow ne_sock_init to re-initialize after ne_sock_finish has been
       called (Sergey N Ushakov).

Changes in the package:
     * Switch to libxml2.
2003-01-22 16:23:39 +00:00
wiz
14178e8c40 Update to 0.23.5, needed by to-be-committed subversion update.
Excerpt of changes (+portability and bug fixes):
* Add support for `--la-file' argument to neon-config, which prints the
 full path of the installed libneon.la file.
* Improved address resolver (ne_addr_*) replacing ne_name_lookup():
 - use getaddrinfo() if found; include support for IPv6 (based on work
 by Noriaki Takamiya)
* For a hostname with multiple addresses, each address is tried in turn
 until a connection is made.
* RFC2818 compliance for certificate identity checks in SSL:
 - use `dNSname' values in subjectAltName extension if present
 - hostname comparison fixed to not be case-sensitive
* Added NE_DBG_SSL debug channel.
* ne_strerror changed to return the passed-in buffer.
* Added ne_strnzcpy macro to ne_string.h.
* Added reference documentation:
 - ne_sock_init, ne_addr_*.
* Remove the const qualifier from the reason_phrase field in ne_status.
 - ne_parse_statusline() now strdup's the reason_phrase
* Remove the status_line argument from ne_207_end_propstat and _end_response
* Change ne_session_create, ne_session_proxy, ne_sock_connect, and the
 'port' field of the ne_uri structure to use an unsigned int for port numbers
* ne_uri_defaultport returns unsigned and '0' on an unknown port (not -1).
* Changes to hooks interface:
 - pass an ne_request pointer to per-request hooks
 - replace "accessor" hooks with ne_{get,set}_{request,session}_private
* Authentication changes:
 - the hooks changes fix a segfault if auth is enabled for an SSL session
 through a proxy server
 - fix ne_forget_auth segfault if either proxy or server auth are not used
* Improvements to persistent connection retry logic and error handling
 in request code; fixing some cases where some errors where incorrectly
 treated as a persistent connection timeout
 - a TCP RST at the appropriate time is now treated as a persistent
 connection timeout.
 - handle persistent connection timeouts on SSL connections
* Changes to SSL support:
 - improved error handling
 - fix for proxy CONNECT tunnelling with some proxies (e.g. Traffic-Server)
 - fix potential segfault if client cert. provider callback is used
 - fix to use supplied password callback for PEM-encoded client certificates
 (Daniel Berlin)
* Remove ne_read_file().
* ne_version_match replaces ne_version_minimum (semantics changed slightly).
* XML request bodies use a content-type of "application/xml" now;
 applications can use NE_XML_MEDIA_TYPE from ne_xml.h
2002-11-25 20:01:43 +00:00
jlam
e2afa97f51 Merge changes in packages from the buildlink2 branch that have
buildlink2.mk files back into the main trunk.  This provides sufficient
buildlink2 infrastructure to start merging other packages from the
buildlink2 branch that have already been converted to use the buildlink2
framework.
2002-08-25 18:38:05 +00:00
hubertf
5c582df028 Update neon to 0.21.3.
Changes in release 0.21.3:
* Fix segfault if using proxy server with SSL session and server
 certificate verification fails.
* Fix leak of proxy hostname once per session (if a proxy is used).
* Add --with-libs configure argument; e.g. --with-libs=/usr/local picks
 up any support libraries in /usr/local/{lib,include}

Changes in release 0.21.2:
* Fix 'make install' for VPATH builds.
* Use $(mandir) for installing man pages (Rodney Dawes).
* Follow some simple (yet illegal) relativeURI redirects.
* Always build ne_compress.obj in Win32 build (Branko Èibej).
* Fix decompression logic bug (Justin Erenkrantz <jerenkrantz@apache.org>)
 (could give a decompress failure for particular responses)
* Fix ne_proppatch() to submit lock tokens for available locks.
* More optimisation of ne_sock_readline.

Changes in release 0.21.1:
* Don't include default SSL port in Host request header, which can
 help interoperability with misbehaving servers (thanks to Rodney Dawes
 <dobey@ximian.com>).
* Don't give a "truncated response" error from ne_decompress_destroy if
 the acceptance function returns non-zero.
* Fix for Win32 build (Sander Striker <striker@apache.org>).
* Fix for cookie name/value being free()d (thanks to Dan Mullen).
* Optimisation of ne_sock_readline.

Changes in release 0.21.0:
* Socket layer implements read buffering; efficiency and performance
 improvement. Based on work by Jeff Johnson <jbj@redhat.com>
* Cleanup of socket interface:
 - renamed everything, s/sock_/ne_sock_/, s/SOCK_/NE_SOCK_/
 - removed unused and inappropriate interfaces.
 - renaming done by Olof Oberg <mill@pedgr571.sn.umu.se>
 - see src/ChangeLog for the gory details.
* Fix typoed 'ne_destroy_fn' typedef (Olof Oberg).
* Support OpenSSL/ENGINE branch.
* Bogus ne_utf8_encode/decode functions removed.
* ne_base64() moved to ne_string.[ch].
* ne_token drops 'quotes' parameter; ne_qtoken added.
* ne_buffer_create_sized renamed to ne_buffer_ncreate.
* ne_xml_get_attr takes extra arguments and can resolve namespaces.
* ne_accept_response function type takes const ne_status pointer.
* Drop support for automatically following redirects:
 - ne_redirect_register just takes a session pointer
 - ne_redirect_location returns an ne_uri pointer
* configure changes: --with-ssl and --with-socks no longer take a directory
 argument.  To use SOCKS or SSL libraries/headers in non-system locations,
 use ./configure CPPFLAGS=-I/... LDFLAGS=-L/...
* Reference documentation included for most of ne_alloc.h and ne_string.h,
 and parts of ne_session.h and ne_request.h.
 - see installed man pages, HTML documentation.

Changes in release 0.20.0:
* Major changes to DAV lock handling interface (ne_locks.h):
 - struct ne_lock uses a full URI structure to identify locked resource
 - ne_lock() requires that owner/token fields are malloc-allocated (or NULL)
 on entry
 - introduce a "lock store" type, ne_lock_store, to replace the lock session;
 accessor functions all renamed to ne_lockstore_*.
 - ne_lock_iterate replaced with a first/next "cursor"-style interface
 - If: headers use an absoluteURI (RFC2518 compliance fix).
 - fix for handling shared locks on DAV servers which return many active locks
 in the LOCK response (thanks to Keith Wannamaker)
* Moved URI/path manipulation functions under ne_* namespace (ne_uri.h):
 - path handling functions renamed to ne_path_*
 - URI structure handling to ne_uri_*; struct uri becomes ne_uri.
 - ne_uri_parse doesn't take a 'defaults' parameter any more
 - if URI port is unspecified, ne_uri_parse sets port to 0 not -1.
 - added ne_uri_unparse and ne_uri_defaultport functions.
* New 'ne_fill_server_uri' function to initialize a URI structure with
 the server details for a given session (useful with locks interface).
* ne_decompress_{reader,destroy} are defined as passthrough-functions
 if zlib support is not enabled.
* API change: ne_ssl_provide_fn returns void not int.
* Added NE_SSL_FAILMASK for verify failure sanity check.
* Removed return codes NE_SERVERAUTH and and NE_AUTHPROXY; correct
 documentation, NE_PROXYAUTH is given for proxy auth failure.
* Require zlib >= 1.1.4 to avoid possible vulnerability in earlier versions.
 See http://www.gzip.org/zlib/advisory-2002-03-11.txt for more details.
 (version check can be skipped by passing --with-force-zlib to configure)
* New 'ne_ssl_readable_dname' function to create a human-readable string
 from an X509 distinguished name.
* Fix support for newer versions of libxml2 (thanks to Jon Trowbridge
 <trow@gnu.org>).
* Fix corruption of reason_phrase in status object returned by
 ne_propset_status.
* More lenient handling of whitespace in response headers.
* ne_content_type_handler will give a charset of "ISO-8859-1" if no charset
 parameter is specified for a text/* media type (as per RFC2616).
* Miscellaneous cleanups and fixes (Jeff Johnson <jbj@redhat.com>).

Changes in release 0.19.4:
* Support bundled build of expat 1.95.x (Branko Èibej).

Update submitted by Joel Wilsson <joelw@unix.se> in PR 17812.
2002-08-03 01:24:53 +00:00
uebayasi
7ba2ef7087 Update to 19.3. Supplied by Alex Newman <dolemite@wuli.nu> in pkg/16078,
and reviewed by the maintainer, Eric Gillespie <epg@pretzelnet.org>.

Major version changed so that BUILDLINK_DEPENDS.neon bumped.

Part of changes from NEWS:

Changes in release 0.19.1-0.19.3:
* For platforms lacking snprintf or vsnprintf in libc, require trio.
* Add NE_FMT_OFF_T to fix Win32 build (Dan Berlin, Branko Èibej).
* Fix non-SSL build broken in 0.19.1.
* Working SOCKSv5 support (thanks to Torsten Kalix <torsten.kalix@bredex.de>)
* Add missing stubs for ne_ssl_* functions for non-SSL build.
* Fix some error messages in new SSL code.

Changes in release 0.19.0:
* Major API change: ne_session_create now takes (scheme, hostname, port)
 arguments: a session is clarified to be "a group of requests to a
 certain server".
 - removal of ne_session_server, ne_set_secure, and ne_set_proxy_decider
 - ne_session_proxy returns void.
 - DNS lookups are delayed until request dispatch time.
* Significant improvements to TLS/SSL support:
 - SSL is enabled if scheme passed to ne_session_create is "https"
 - new interfaces to load CA certs and to load SSL library's bundled CA certs
 - add server cert verification callback.  An SSL connection to a server
 with an unknown CA will now fail unless a verification callback is used.
 - enable SSL session caching (performance improvement)
 - support for wildcard server certs where commonName is "*.example.com".
 - thanks to Tommi Komulainen for the contribution of code from mutt's
 IMAP/SSL implementation under the LGPL, from which bits of this were derived.

Changes in release 0.18.4-0.18.5:
* Removed old neon.dsp, neon.dsw.
* Update Win32 build to add OpenSSL and zlib support (Branko Èibej).
* Fixes for Content-Type parsing using ne_content_type_handler (Greg Stein)
 - also now parses the charset parameter from header value.
* Removed ne_concat() function, which didn't work and wasn't used.
2002-04-01 01:28:04 +00:00
agc
b346213a44 Initial import of neon-0.18.3 into the NetBSD Packages Collection.
neon is an HTTP and WebDAV client library.  It provides lower-level
interfaces which directly implement new HTTP methods, and higher-level
interfaces so that you don't have to worry about the lower-level
stuff.

Provided in PR 15222 by "Eric Gillespie, Jr." <epg@pretzelnet.org>.
The only modification was to use pkgsrc's libtool.
2002-01-13 19:29:02 +00:00