Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package aws-c-io for openSUSE:Factory checked in at 2024-03-26 19:25:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/aws-c-io (Old) and /work/SRC/openSUSE:Factory/.aws-c-io.new.1905 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "aws-c-io" Tue Mar 26 19:25:58 2024 rev:4 rq:1161463 version:0.14.6 Changes: -------- --- /work/SRC/openSUSE:Factory/aws-c-io/aws-c-io.changes 2024-02-21 17:59:19.217603692 +0100 +++ /work/SRC/openSUSE:Factory/.aws-c-io.new.1905/aws-c-io.changes 2024-03-26 19:29:42.226328776 +0100 @@ -1,0 +2,13 @@ +Fri Mar 22 09:27:50 UTC 2024 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com> + +- Update to version 0.14.6 + * Remove aws_tls_handler_write by @jmklix in (#628) + * CI job for FreeBSD by @knightjoel in (#630) + * Update docs to clarify aws_io_message Cleanup Rules by @waahm7 in (#633) + * Fix sizeof channel negotiation task by @quinnj in (#631) +- from version 0.14.5 + * chore(CI): CI job for OpenBSD by @knightjoel in (#625) + * Fix Memory leak caused by redefinition by @xiazhvera in (#626) + * Test for duplicate key import by @TingDaoK in (#627) + +------------------------------------------------------------------- Old: ---- v0.14.4.tar.gz New: ---- v0.14.6.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ aws-c-io.spec ++++++ --- /var/tmp/diff_new_pack.DaQ00v/_old 2024-03-26 19:29:42.674345261 +0100 +++ /var/tmp/diff_new_pack.DaQ00v/_new 2024-03-26 19:29:42.674345261 +0100 @@ -20,7 +20,7 @@ %define library_version 1.0.0 %define library_soversion 0unstable Name: aws-c-io -Version: 0.14.4 +Version: 0.14.6 Release: 0 Summary: I/O and TLS package AWS SDK for C License: Apache-2.0 ++++++ v0.14.4.tar.gz -> v0.14.6.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/.github/workflows/ci.yml new/aws-c-io-0.14.6/.github/workflows/ci.yml --- old/aws-c-io-0.14.4/.github/workflows/ci.yml 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/.github/workflows/ci.yml 2024-03-12 00:45:01.000000000 +0100 @@ -6,7 +6,7 @@ - 'main' env: - BUILDER_VERSION: v0.9.55 + BUILDER_VERSION: v0.9.57 BUILDER_SOURCE: releases BUILDER_HOST: https://d19elf31gohf1l.cloudfront.net PACKAGE_NAME: aws-c-io @@ -147,3 +147,41 @@ python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')" chmod a+x builder ./builder build -p ${{ env.PACKAGE_NAME }} + + freebsd: + runs-on: ubuntu-22.04 # latest + steps: + - uses: actions/checkout@v4 + - name: Build ${{ env.PACKAGE_NAME }} + consumers + id: test + uses: cross-platform-actions/action@v0.23.0 + with: + operating_system: freebsd + architecture: x86-64 + version: '14.0' + cpu_count: 4 + shell: bash + run: | + sudo pkg install -y python3 py39-urllib3 + python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')" + chmod a+x builder + ./builder build -p ${{ env.PACKAGE_NAME }} + + openbsd: + runs-on: ubuntu-22.04 # latest + steps: + - uses: actions/checkout@v4 + - name: Build ${{ env.PACKAGE_NAME }} + consumers + id: test + uses: cross-platform-actions/action@v0.23.0 + with: + operating_system: openbsd + architecture: x86-64 + version: '7.4' + cpu_count: 4 + shell: bash + run: | + sudo pkg_add py3-urllib3 + python3 -c "from urllib.request import urlretrieve; urlretrieve('${{ env.BUILDER_HOST }}/${{ env.BUILDER_SOURCE }}/${{ env.BUILDER_VERSION }}/builder.pyz?run=${{ env.RUN }}', 'builder')" + chmod a+x builder + ./builder build -p ${{ env.PACKAGE_NAME }} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/builder.json new/aws-c-io-0.14.6/builder.json --- old/aws-c-io-0.14.4/builder.json 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/builder.json 2024-03-12 00:45:01.000000000 +0100 @@ -5,7 +5,7 @@ { "name": "aws-c-cal" }, { "name": "s2n", - "targets": ["linux", "android"] + "targets": ["linux", "android", "freebsd", "openbsd"] } ], "downstream": [ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/include/aws/io/channel.h new/aws-c-io-0.14.6/include/aws/io/channel.h --- old/aws-c-io-0.14.4/include/aws/io/channel.h 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/include/aws/io/channel.h 2024-03-12 00:45:01.000000000 +0100 @@ -54,6 +54,8 @@ /** * Called by the channel when a message is available for processing in the read direction. It is your * responsibility to call aws_mem_release(message->allocator, message); on message when you are finished with it. + * You must only call `aws_mem_release(message->allocator, message);` if the `process_read_message` + * returns AWS_OP_SUCCESS. In case of an error, you must not clean up the message and should just raise the error. * * Also keep in mind that your slot's internal window has been decremented. You'll want to call * aws_channel_slot_increment_read_window() at some point in the future if you want to keep receiving data. @@ -65,6 +67,8 @@ /** * Called by the channel when a message is available for processing in the write direction. It is your * responsibility to call aws_mem_release(message->allocator, message); on message when you are finished with it. + * You must only call `aws_mem_release(message->allocator, message);` if the `process_read_message` + * returns AWS_OP_SUCCESS. In case of an error, you must not clean up the message and should just raise the error. */ int (*process_write_message)( struct aws_channel_handler *handler, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/include/aws/io/tls_channel_handler.h new/aws-c-io-0.14.6/include/aws/io/tls_channel_handler.h --- old/aws-c-io-0.14.4/include/aws/io/tls_channel_handler.h 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/include/aws/io/tls_channel_handler.h 2024-03-12 00:45:01.000000000 +0100 @@ -804,18 +804,6 @@ AWS_IO_API void aws_tls_ctx_release(struct aws_tls_ctx *ctx); /** - * Not necessary if you are installing more handlers into the channel, but if you just want to have TLS for arbitrary - * data and use the channel handler directly, this function allows you to write data to the channel and have it - * encrypted. - */ -AWS_IO_API int aws_tls_handler_write( - struct aws_channel_handler *handler, - struct aws_channel_slot *slot, - struct aws_byte_buf *buf, - aws_channel_on_message_write_completed_fn *on_write_completed, - void *completion_user_data); - -/** * Returns a byte buffer by copy of the negotiated protocols. If there is no agreed upon protocol, len will be 0 and * buffer will be NULL. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/source/darwin/darwin_pki_utils.c new/aws-c-io-0.14.6/source/darwin/darwin_pki_utils.c --- old/aws-c-io-0.14.4/source/darwin/darwin_pki_utils.c 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/source/darwin/darwin_pki_utils.c 2024-03-12 00:45:01.000000000 +0100 @@ -223,7 +223,7 @@ struct aws_pem_object *root_cert_ptr = NULL; aws_array_list_get_at_ptr(&cert_chain_list, (void **)&root_cert_ptr, 0); AWS_ASSERT(root_cert_ptr); - CFDataRef root_cert_data = CFDataCreate(cf_alloc, root_cert_ptr->data.buffer, root_cert_ptr->data.len); + root_cert_data = CFDataCreate(cf_alloc, root_cert_ptr->data.buffer, root_cert_ptr->data.len); if (!root_cert_data) { AWS_LOGF_ERROR(AWS_LS_IO_PKI, "static: failed creating root cert data."); result = aws_raise_error(AWS_ERROR_SYS_CALL_FAILURE); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/source/darwin/secure_transport_tls_channel_handler.c new/aws-c-io-0.14.6/source/darwin/secure_transport_tls_channel_handler.c --- old/aws-c-io-0.14.4/source/darwin/secure_transport_tls_channel_handler.c 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/source/darwin/secure_transport_tls_channel_handler.c 2024-03-12 00:45:01.000000000 +0100 @@ -504,7 +504,7 @@ return s_drive_negotiation(handler); } - struct aws_channel_task *negotiation_task = aws_mem_acquire(handler->alloc, sizeof(struct aws_task)); + struct aws_channel_task *negotiation_task = aws_mem_acquire(handler->alloc, sizeof(struct aws_channel_task)); if (!negotiation_task) { return AWS_OP_ERR; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/tests/CMakeLists.txt new/aws-c-io-0.14.6/tests/CMakeLists.txt --- old/aws-c-io-0.14.4/tests/CMakeLists.txt 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/tests/CMakeLists.txt 2024-03-12 00:45:01.000000000 +0100 @@ -208,6 +208,7 @@ # Misc non-badssl tls tests add_net_test_case(test_concurrent_cert_import) + add_net_test_case(test_duplicate_cert_import) add_test_case(tls_channel_echo_and_backpressure_test) add_net_test_case(tls_client_channel_negotiation_error_socket_closed) add_net_test_case(tls_client_channel_negotiation_success) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/aws-c-io-0.14.4/tests/tls_handler_test.c new/aws-c-io-0.14.6/tests/tls_handler_test.c --- old/aws-c-io-0.14.4/tests/tls_handler_test.c 2024-02-14 17:33:57.000000000 +0100 +++ new/aws-c-io-0.14.6/tests/tls_handler_test.c 2024-03-12 00:45:01.000000000 +0100 @@ -2124,14 +2124,9 @@ # endif /* !AWS_OS_IOS */ } -# define NUM_PAIRS 1 +# define NUM_PAIRS 2 static int s_test_concurrent_cert_import(struct aws_allocator *allocator, void *ctx) { (void)ctx; - /* temporarily disable this on apple until we can fix importing to be more robust */ - /* temporarily disable this on linux until we can make CRYPTO_zalloc behave and stop angering ASan */ -# if defined(__APPLE__) || defined(__linux__) - return AWS_OP_SUCCESS; -# endif aws_io_library_init(allocator); @@ -2178,6 +2173,45 @@ AWS_TEST_CASE(test_concurrent_cert_import, s_test_concurrent_cert_import) +static int s_test_duplicate_cert_import(struct aws_allocator *allocator, void *ctx) { + (void)ctx; + + aws_io_library_init(allocator); + struct aws_byte_buf cert_buf = {0}; + struct aws_byte_buf key_buf = {0}; + +# if !defined(AWS_OS_IOS) + + ASSERT_SUCCESS(aws_byte_buf_init_from_file(&cert_buf, allocator, "testcert0.pem")); + ASSERT_SUCCESS(aws_byte_buf_init_from_file(&key_buf, allocator, "testkey.pem")); + struct aws_byte_cursor cert_cur = aws_byte_cursor_from_buf(&cert_buf); + struct aws_byte_cursor key_cur = aws_byte_cursor_from_buf(&key_buf); + struct aws_tls_ctx_options tls_options = {0}; + AWS_FATAL_ASSERT( + AWS_OP_SUCCESS == aws_tls_ctx_options_init_client_mtls(&tls_options, allocator, &cert_cur, &key_cur)); + + /* import happens in here */ + struct aws_tls_ctx *tls = aws_tls_client_ctx_new(allocator, &tls_options); + AWS_FATAL_ASSERT(tls); + aws_tls_ctx_release(tls); + /* import the same certs twice */ + tls = aws_tls_client_ctx_new(allocator, &tls_options); + AWS_FATAL_ASSERT(tls); + aws_tls_ctx_release(tls); + + aws_tls_ctx_options_clean_up(&tls_options); +# endif /* !AWS_OS_IOS */ + + /* clean up */ + aws_byte_buf_clean_up(&cert_buf); + aws_byte_buf_clean_up(&key_buf); + aws_io_library_clean_up(); + + return AWS_OP_SUCCESS; +} + +AWS_TEST_CASE(test_duplicate_cert_import, s_test_duplicate_cert_import) + static int s_tls_destroy_null_context(struct aws_allocator *allocator, void *ctx) { (void)allocator; (void)ctx;