summaryrefslogtreecommitdiff
path: root/x11
diff options
context:
space:
mode:
authorgls <gls@pkgsrc.org>2013-12-07 13:34:47 +0000
committergls <gls@pkgsrc.org>2013-12-07 13:34:47 +0000
commit2807775d084dad98502db4e349db3d11aa44c8a4 (patch)
tree08166c56fb6135c9c902abc178c28a9e739367be /x11
parentf32fc6d05f46464b33873bc3388fa939f32482d7 (diff)
downloadpkgsrc-2807775d084dad98502db4e349db3d11aa44c8a4.tar.gz
Update www/libmicrohttpd to 0.9.32
This includes security fixes. Upstream changes: ----------------- Tue Dec 3 21:25:56 CET 2013 Security fix: do not read past 0-terminator when unescaping strings (thanks to Florian Weimer for reporting). Releasing 0.9.32. -CG Tue Dec 3 21:05:38 CET 2013 Signaling n times for shutdown works, but for resume we need to wake up the correct daemon. Even if we signal n times in that case also, there's no guarantee that some daemon can't run through its select loop more than once before the daemon we want to wake up gets a chance to read. Thus we need a signal pipe per thread in the thread pool IF MHD_suspend_connection is used. This introduces a new flag MHD_USE_SUSPEND_RESUME to add those additional pipes and only allow MHD_suspend_connection to be used in conjunction with this flag. Also, as MHD_resume_connection() will be called on a non-daemon thread, but none of the queue insert/delete calls are thread safe, we need to be concerned about (a) corrupting the queue, and (b) having to add mutex protection around every access to the queues, including loops through timer queues, etc. This wasn't a problem before adding resume; even suspend should be safe since it happens in a callback from the daemon. I think it's easier to (a) have MHD_suspend_connection() move the connection to a suspended queue, (b) have MHD_resume_connection() mark the connection as resuming, and then (c) do all the actual queue manipulations in MHD_select (poll, epoll, etc.) to move the resumed connections back to their normal queues, in response to the wake up. The changes are simpler & cleaner. There is a cost to the basic select loop that is avoided by making suspend/resume a startup option. The per-worker pipes can then also be enabled only with that option set. -MH Fri Nov 29 20:17:03 CET 2013 Eliminating theoretical stack overflow by limiting length of URIs in authentication headers to 32k (only applicable if the application explicitly raised the memroy limits, and only applies to MHD_digest_auth_check). Issue was reported by Florian Weimer. -CG Tue Nov 26 01:26:15 CET 2013 Fix race on shutdown signal with thread pool on non-Linux systems by signalling n times for n threads. -CG Sun Nov 24 13:41:15 CET 2013 Introduce state to mark connections in suspended state (with epoll); add missing locking operations in MHD_suspend_connection. Fix definition of MHD_TLS_CONNECTION_INIT. -MH/JC Wed Oct 30 09:34:20 CET 2013 Fixing issue in PostProcessor when getting partial boundary at the beginning, expanding test suite. -CG Sun Oct 27 15:19:44 CET 2013 "work/libmicrohttpd-0.9.32/ChangeLog" 1318L, 46479C Also, as MHD_resume_connection() will be called on a non-daemon thread, but none of the queue insert/delete calls are thread safe, we need to be concerned about (a) corrupting the queue, and (b) having to add mutex protection around every access to the queues, including loops through timer queues, etc. This wasn't a problem before adding resume; even suspend should be safe since it happens in a callback from the daemon. I think it's easier to (a) have MHD_suspend_connection() move the connection to a suspended queue, (b) have MHD_resume_connection() mark the connection as resuming, and then (c) do all the actual queue manipulations in MHD_select (poll, epoll, etc.) to move the resumed connections back to their normal queues, in response to the wake up. The changes are simpler & cleaner. There is a cost to the basic select loop that is avoided by making suspend/resume a startup option. The per-worker pipes can then also be enabled only with that option set. -MH Fri Nov 29 20:17:03 CET 2013 Eliminating theoretical stack overflow by limiting length of URIs in authentication headers to 32k (only applicable if the application explicitly raised the memroy limits, and only applies to MHD_digest_auth_check). Issue was reported by Florian Weimer. -CG Tue Nov 26 01:26:15 CET 2013 Fix race on shutdown signal with thread pool on non-Linux systems by signalling n times for n threads. -CG Sun Nov 24 13:41:15 CET 2013 Introduce state to mark connections in suspended state (with epoll); add missing locking operations in MHD_suspend_connection. Fix definition of MHD_TLS_CONNECTION_INIT. -MH/JC Wed Oct 30 09:34:20 CET 2013 Fixing issue in PostProcessor when getting partial boundary at the beginning, expanding test suite. -CG Sun Oct 27 15:19:44 CET 2013 Implementing faster processing of upload data in multipart encoding (thanks to performance analysis by Adam Homolya). -CG Thu Oct 24 10:40:03 CEST 2013 Adding support for connection flow control via MHD_suspend_connection and MHD_resume_connection. -CG
Diffstat (limited to 'x11')
0 files changed, 0 insertions, 0 deletions