* contrib/hbssl/d2i.c
* contrib/hbssl/hbssl.hbx
* added new PRG function which converts ASN.1 DER SEQUENCE (RFC 3279) to
IEEE P1363 Fixed Field Concatenation ( R || S ):
D2I_ECDSA_SIG_RS( <cSigDER> ) -> <cSigRS>
* src/rtl/vfile.c
* comment formatting
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/evppkey.c
+ added new PRG functions:
EVP_PKEY_CTX_get_RSA_PSS_saltlen( <pKeyCTX>, @<nSaltLen> )
-> <nRetCode>
EVP_PKEY_CTX_set_RSA_PSS_saltlen( <pKeyCTX>, <nSaltLen> )
-> <nRetCode>
EVP_PKEY_CTX_get_signature_md( <pKeyCTX>, @<nEvpHash> )
-> <nRetCode>
EVP_PKEY_CTX_set_signature_md( <pKeyCTX>, <nEvpHash> | <cEvpHash> )
-> <nRetCode>
EVP_PKEY_sign_init( <pKeyCTX> ) -> <nRetCode>
EVP_PKEY_sign( <pKeyCTX>, @<cSignature>, <cData> ) -> <nRetCode>
EVP_PKEY_verify_init( <pKeyCTX> ) -> <nRetCode>
EVP_PKEY_verify( <pKeyCTX>, <cSignature>, <cData> ) -> <nRetCode>
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/x509.c
+ added new PRG function:
X509_get_serialNumber( <pX509> ) -> <nSerialNum>
* src/rtl/base64d.c
* indenting
; question: With small modification we can add support for base64url
encoding (with additional parameter passed to hb_base64encode())
and decoding (can be done automatically by hb_base64decode()).
Do you think it's worth to do or it's such simple thing that
we should keep the code clean and user can make necessary
conversions themselves.
* contrib/hbssl/evpmd.c
* contrib/hbssl/hbssl.h
* moved hb_EVP_MD_ptr_to_id() function from static to public area
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/hbssl.hbm
+ contrib/hbssl/d2i.c
* added new functions to extract asynchronous keys and certificates
from DER data:
D2I_PUBKEY( <cDER> ) -> <pEVPKey>
D2I_RSAPUBLICKEY( <cDER> ) -> <pRSAKey>
D2I_X509( <cDER> ) -> <pX509Cert>
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/evppkey.c
+ added new functions to get/set RSA asymmetric keys parameters
encapsulated in EVP_PKEY structures:
EVP_PKEY_CTX_get_RSA_padding()
EVP_PKEY_CTX_set_RSA_padding()
EVP_PKEY_CTX_get_RSA_OAEP_md()
EVP_PKEY_CTX_set_RSA_OAEP_md()
EVP_PKEY_CTX_get_RSA_MGF1_md()
EVP_PKEY_CTX_set_RSA_MGF1_md()
* src/common/hbdate.c
* accept up to 9 fractional digits (nanoseconds) in timestamp strings
though only first three ones (milliseconds) are significant.
Recently some tools begin to generate such timestamp values and
Harbour had problems with decoding them correctly.
* src/compiler/hbmain.c
+ allow to pass file name for source code compiled by hb_compileFromBuf()
It works like in all other versions of hb_compile*() functions - it's
enough to pass it as argument without option prefix (option prefix
is "-" on all platforms and also "/" on DOS, OS2, MS-Win).
Please remember that first parameter after control ones is used as
compiler name in generated output messages regardless of its option
prefix.
* contrib/hbssl/hbssl.hbc
! actually target VS 2017 for libcrypto, libssl
* utils/hbmk2/hbmk2.prg
! slight rework of MSVC version detection, so it actually operates
with empty cPath_CompC variable
* also try to discover version number of future MSVC releases
* with Zig building GUI applications on Windows, hbmk2 will
now pass -Wl,/subsystem:windows to the linker
* .github/workflows/windows-ci.yml
* encourage to test OpenSSL
* contrib/hbssl/hbssl.hbc
* treat Microsoft Visual Studio 2017 or newer can use
the latest OpenSSL lib. That's very loose approximation,
but hopefully better than before. If you are using such
compiler please update your OpenSSL library.
% deduplicated the rules, leftovers from old static "_s" suffixing
* contrib/hbssl/hbssl.h
* contrib/hbssl/hbssl.hbm
* contrib/hbssl/ssl.c
! HB_OPENSSL_HAS_APPLINK was never checked,
defining HB_OPENSSL_NO_APPLINK didn't do anything
* make current OpenSSL 3.6.0 build under fresh MSYS2
shell. MSYS2 does not distribute applink.c, claiming
MingGW C runtime is safe for operation without it.
Have to define HB_OPENSSL_NO_APPLINK and additional
workaround for lacking __int64 type when including
ssl.h. If you need similar workround outside of
MSYS2 shell, setenv: HB_USER_CFLAGS=-DHB_OPENSSL_MSYS
packages needed: openssl-devel (for headers)
mingw-w64-x86_64-openssl (for libs)
mingw-w64-aarch64-openssl
* contrib/hbssl/hbssl.hbc
* using Clang or Zig compiler on Windows, build will
now reference libssl and libcrypto instead of old
ssleay32/libeay32 pair when linking.
* config/win/zig.mk
% unnecessary check
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* reenabled hb_RSA_par_remove() for old OpenSSL() versions (<=0.9.6) which
do not support RSA_up_ref()
* contrib/hbssl/ssl.c
! use
x509 = X509_dup( x509 );
X509_check_purpose( x509, -1, 0 );
instead of
X509_up_ref( x509 );
in OpenSSL versions prior 0x10100000L - they do not support X509_up_ref()
* contrib/hbssl/x509.c
* check passed parameters more strictly
* return NIL when X509 certificate cannot be allocated/accessed
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/bio.c
! fixed BIO_set_conn_int_port() to work with OpenSSL >= 1.1
(emulation with BIO_set_conn_port())
! fixed BIO_get_conn_ip() to work with OpenSSL >= 1.1
(emulation with BIO_get_conn_address() and BIO_ADDR_hostname_string())
+ added BIO_get_conn_address(), it returns HB_SOCKET compatible array
with address
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/sslctx.c
+ added new function SSL_CTX_use_RSAPrivateKey()
! respect OPENSSL_NO_RSA macro in other SSL_CTX_use_RSA*() functions
* contrib/hbssl/evp.c
! use EVP_CIPHER_key_length() and EVP_CIPHER_iv_length() in
EVP_BytesToKey() to detect the exact key and iv length.
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* removed hb_RSA_par_remove() function, use RSA_up_ref() instead
* contrib/hbssl/hbssl.h
* contrib/hbssl/x509.c
* contrib/hbssl/pem.c
* contrib/hbssl/ssl.c
* removed 2-nd parameter ( HB_BOOL fRelease ) from hb_X509_ret(),
use X509_up_ref() instead
* contrib/hbssl/pem.c
* respect OPENSSL_NO_DSA, OPENSSL_NO_DH and OPENSSL_NO_RSA macros
* contrib/hbssl/ssl_sock.c
* added casting to pacify SSL_set_fd() warning and updated link with
description of the problem
* contrib/hbssl/hbssl.hbm
* added -Wno-error=deprecated-declarations to suppress errors in Solaris
strict builds compiled with -Werror
EVP_des_*() except EVP_des_ede3*()), EVP_desx_*(), EVP_rc[24]*() and
EVP_md[245]*() are deprecated
* contrib/hbssl/evp.c
* clear key and iv buffers before passing them to EVP_BytesToKey()
otherwise some uninitialized bytes are accessed and valgrind reports
uninitialized memory access
* contrib/hbssl/evpciph.c
! fixed typo in index in my previous commit
* contrib/hbssl/tests/digest.prg
! use OPENSSL_VERSION_NUMBER() instead OPENSSL_VERSION() to retrieve
OpenSSL version number
* contrib/hbssl/tests/inetssl.prg
* updated to use 2048 RSA certificates instead of 1024 ones which are
no more supported by modern OpenSSL libraries
* contrib/hbssl/tests/pem.prg
* cleaned output
* contrib/hbssl/bio.c
! added missing BIO_free() call in HB_BIO destructor
! fixed BIO_free() function to properly operate on HB_BIO structure
* contrib/hbssl/evpciph.c
! accept EVP_KEY Harbour pointer items in EVP_SealInit()
* contrib/hbssl/hbssl.h
* contrib/hbssl/rsa.c
* contrib/hbssl/evppkey.c
! accept EVP_KEY Harbour pointer items in EVP_PKEY_assign_RSA()
; above are only few fixes for chosen problems and still there are many others
; most of HBSSL code should be rewritten to work with OpenSSL 3.0 API
* contrib/hbcurl/core.c
* contrib/hbcurl/hbcurl.ch
+ added HB_CURLOPT_XFERINFODATA and HB_CURLOPT_XFERINFOFUNCTION
! use CURLOPT_XFERINFO* instead of depreciated CURLOPT_PROGRESS*
to implement HB_CURLOPT_PROGRESSBLOCK
! do not use depreciated CURLOPT_RANDOM_FILE and CURLOPT_EGDSOCKET,
they serve no purpose anymore
+ added macros for new protocols
+ added HB_CURLOPT_PROTOCOLS_STR and HB_CURLOPT_REDIR_PROTOCOLS_STR
! use CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR instead
of depreciated CURLOPT_PROTOCOLS and CURLOPT_REDIR_PROTOCOLS
* emulate CURLOPT_PROTOCOLS and CURLOPT_REDIR_PROTOCOLS using
CURLOPT_PROTOCOLS_STR and CURLOPT_REDIR_PROTOCOLS_STR in new curl
versions
+ added support for HB_CURLOPT_MIMEPOST
! use CURLOPT_MIMEPOST to emulate depreciated in new curl versions
CURLOPT_HTTPPOST
+ added support for HB_CURLOPT_PROXY_SERVICE_NAME
! use CURLOPT_PROXY_SERVICE_NAME to emulate depreciated in new curl
versions CURLOPT_SOCKS5_GSSAPI_SERVICE
+ added HB_CURLINFO_ACTIVESOCKET
! use CURLINFO_ACTIVESOCKET instead of depreciated CURLINFO_LASTSOCKET
+ added HB_CURLINFO_SIZE_UPLOAD_T, HB_CURLINFO_SIZE_DOWNLOAD_T,
HB_CURLINFO_SPEED_DOWNLOAD_T, HB_CURLINFO_SPEED_UPLOAD_T,
HB_CURLINFO_CONTENT_LENGTH_DOWNLOAD_T and
HB_CURLINFO_CONTENT_LENGTH_UPLOAD_T
! use CURLINFO_*_T actions instead of depreciated ones which operate
double as file offset and emulate old actions using new ones in
new curl versions
* contrib/hbssl/evp.c
! Do no use EVP_cleanup() in OpenSSL 1.1.0 and newer.
It no longer has any effect.
* contrib/hbssl/hbssl.h
* set OPENSSL_API_COMPAT to 1.2.0 to pacify OpenSSL 3.0 API.
It hides OpenSSL 3.0 warnings but we should update the code to use
new suggested API.
* contrib/hbwin/olecore.c
! invoke assign methods with DISPATCH_PROPERTYPUTREF instead of
DISPATCH_PROPERTYPUT if assigned value is OLE object. If such
functionality is not implemented by the object (some OLE
implementations do not support it and returns DISP_E_MEMBERNOTFOUND)
then call it again but in previous form with DISPATCH_PROPERTYPUT
* include/hbapirdd.h
* src/rdd/dbcmd.c
! fixed error codes set by DbSetRelations() to be Cl*pper compatible
* src/rdd/dbcmd.c
+ accept symbol items in Select() and DbSelectArea() just like in
( <alias> ) -> <exp>
* include/hbcompdf.h
* include/hbexprb.c
* src/common/funcid.c
+ added compile time optimization for Select() function without parameters
+ added compile time optimization DbSelectArea( <nNum> | <sSym> )
+ added support for hb_PIsByRef( @localVarName ) -> <lPassedByRef>
When the parameter is passed by reference Harbour verifies if it's
existing local variable and change it to its index in parameter list
so effectively it works like hb_IsByRef( @localVarName ) in xHarbour
* contrib/xhb/hbcompat.ch
+ added translations for
hb_PIsByRef( @<localVar> ) <=> hb_IsByRef( @<localVar> )
* contrib/hbfimage/core.c
* use FreeImage_Rotate() instead of FreeImage_RotateClassic() in new
FreeImage versions which do not support this function
* contrib/hbsqlit3/core.c
* added missing casting reported as bug in C++ mode
* contrib/hbssl/hbssl.h
* contrib/hbssl/rsa.c
* added HB_SSL_CONST_BYTE() macro to pacify unconst warnings
in old SSL versions
* src/rdd/wacore.c
* inlined macro to pacify still returning false warning
* config/linux/clang.mk
! fixed rule for dynamic library
* src/3rd/png/Makefile
+ added -DPNG_ARM_NEON_OPT=0 to build flags
* contrib/3rd/sqlite3/sqlite3.c
* contrib/3rd/sqlite3/sqlite3.diff
! pacified warning
* contrib/gtwvg/gtwvgd.c
* contrib/gtwvg/wvgwing.c
! fixed missing break/return in case statements - please verify it.
* contrib/hbct/dattime3.c
* added #define _DEFAULT_SOURCE necessay in new Linux distors
* contrib/hblzf/3rd/liblzf/liblzf.diff
* contrib/hblzf/3rd/liblzf/lzfP.h
* do not use nested #define in #if statements - some C compilers do not
support it
* contrib/hbssl/bio.c
! tuned #if condition
* contrib/hbmisc/hbeditc.c
* simpliefied for condition and pacified warning
* contrib/hbodbc/hbodbc.hbp
* contrib/sddodbc/sddodbc.hbp
+ added check for iodbc library
* utils/hbmk2/hbmk2.prg
+ added support for clang in android builds
* include/hbdefs.h
+ added check for __BYTE_ORDER__ macro used in some new lib C
implementations
* include/hbapi.h
* include/hbdefs.h
* include/hbstack.h
* include/hbvmpub.h
* src/vm/classes.c
* src/vm/dynsym.c
* src/vm/estack.c
* src/vm/memvars.c
+ extended the size of dynamic symbol table from 65535 to 4294967295.
Adopting class code I decided to keep current algorithm of method indexes
hashing with only some minor modifications. It's very fast anyhow it may
cause noticeable (though static) quite big memory allocation for class
definitions in applications using millions of symbols and which increase
dynamic symbol table at runtime loading new classes dynamically form .hrb,
.dll, .so or other dynamic libraries supported by Harbour. It's random
and rather impossible to exploit situation in real life anyhow I cannot
exclude it so I'd like to report it in ChangeLog. The solution is very
simple, i.e. it's enough to use classic divide et impera algorithm using
symbol numbers to find method definition anyhow it will be slower then
current one and address only very seldom hypothetical situations so I
decided to not implement it. Such static memory cost begins to be
completely unimportant in the world of 64-bit architectures and extremely
big memory address space.
The modification was sponsored by TRES company.
* src/vm/estack.c
! fixed __mvClear() in MT builds - due to stupid typo GetList variable
was removed in MT programs by CLEAR MEMORY command (__mvClear())
So far noone reported it and I've found it analyzing the code before
increasing symbol table size.
* contrib/hbwin/hbolesrv.c
* updated for new size of dynamic symbol table
* contrib/hbssl/hbssl.hbc
* made compliant also for Windows static builds
* ChangeLog.txt
* restored UTF-8 encoding after previous wrong commit (Sorry!!!)
* contrib/hbssl/hbssl.hbp
* added import libraries to link with OpenSSL current version
* contrib/hbcurl/hbcurl.hbp
* added import libraries to link with cUrl current version
* contrib/hbwin/wapi_winuser_1.c
* contrib/hbwin/hbwin.hbx
* added wapi_ShowWindow() wrapper
* include/harbour.hbx
* include/hbchksum.h
* src/harbour.def
* src/rtl/hbmd5.c
+ added new C function
void hb_hmac_md5( const void * key, HB_SIZE nKeyLen,
const void * message, HB_SIZE nMsgLen,
char * digest );
+ added new PRG function
HB_HMAC_MD5( <cMessage>, <cKey> ) -> <cMAC>
; HMAC MD5 is used in some authentication methods i.e. CRAM-MD5
authentication in SMTP protocol
* src/rtl/gttrm/gttrm.c
+ enable extended XTERM colors automatically when xterm-16color,
xterm-256color, xterm+256color, xterm-88color, rxvt-16color,
rxvt-256color, rxvt-98color or putty terminal is detected
+ added support for HB_GTI_SCREENDEPTH
* contrib/gtqtc/gtqtc1.cpp
+ set clipboard data also into selection buffer on platforms which
support it
+ when main clipboard buffer is empty retrieve clipboard data from
selection buffer and if it's empty too from find buffer
* include/harbour.hbx
* src/harbour.def
* src/vm/memvars.c
+ added new PRG function
__mvGetDef( <cMemvar> [, <xDefault> ] ) -> <xValue>
it works in similar way to __mvGet() but if <cMemvar> does
not exist then it returns <xDefault> or NIL instead of RTE
* contrib/hbwin/hbwin.hbx
+ added missing declarations for win_osIs10() and win_osIs81()
* contrib/hbssl/ssl.c
! fixed compilation with OpenSSL < 0.9.8k
* contrib/sddodbc/core.c
* pacified warning
* contrib/xhb/hbxml.c
* contrib/xhb/hbxml.h
! fixed CDATA terminator, it should be "]]>" instead of " ]]>"
+ added support for HBXML_STYLE_NONEWLINE flag
* src/3rd/pcre/Makefile
! typo wince -> wce
* src/main/Makefile
* use harbour.rc only in MS-Windows builds - it fixes OS2 OpenWatcom
builds
* config/global.mk
! in DOS builds check if the 'uname' exists before running it
* include/hbapigt.h
* include/hbgtcore.h
* src/rtl/hbgtcore.c
* src/rtl/inkey.c
* src/rtl/inkeyapi.c
* contrib/xhb/xhbfunc.c
+ added 3-rd parameter to hb_inkeySetText() function. When this parameter
is true then ';' is not translated to Chr( 13 ) but DOS and UNIX EOLs
are translated to Chr( 13 )
+ added logical parameter to HB_GTI_CLIPBOARDPASTE which allows to set
text without ';' translation but with platform independent EOLs
* src/rtl/memoedit.prg
* utils/hbmk2/hbmk2.prg
* contrib/hbnetio/utils/hbnetio/_console.prg
* extras/dbu/dbu52.patch
* extras/dbu/dbu53.patch
* use hb_gtInfo( HB_GTI_CLIPBOARDPASTE, .T. ) instead of
hb_gtInfo( HB_GTI_CLIPBOARDPASTE ) for pasting data from clipboard
with platform independent EOLs and ';' characters
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/ssl.c
+ Added function SSL_set_tlsext_host_name() which is needed to access
a virtual host when using HTTPS.
See https://en.wikipedia.org/wiki/Server_Name_Indication
+ Added function SSL_set_verify().
* src/rtl/fstemp.c
! hb_fsTempName() was not returning a valid temp name on OS/2
* contrib/gtqtc/gtqtc.hbp
* contrib/hbssl/ssl_hbcon.prg
* contrib/gtqtc/hbmk2_qtmoc.hb -> contrib/gtqtc/hbmk2_qtgt.hb
* more syncs with 3.4 fork. One rename, some content syncs
after renames.
* include/hbapifs.h
* src/rtl/filesys.c
+ added new C functions for UNIX and DJGPP builds:
int hb_fsPollFD( PHB_POLLFD pPollSet, int iCount,
HB_MAXINT nTimeOut );
int hb_fsCanRead( HB_FHANDLE hFileHandle, HB_MAXINT nTimeOut );
int hb_fsCanWrite( HB_FHANDLE hFileHandle, HB_MAXINT nTimeOut );
These functions should be used instead of select() in C code to hide
low level access to select()/poll() functionality in *nix builds
(they are supported by DJGPP only to simplify existing code common
for DJGPP and *nix builds). Maximum file handle value which can be
used in select() is limited by FD_SETSIZE. Please note that it's
file handle value not number of file handles in the set. It creates
serious problem for applications which operate on great number of
handles (i.e. servers which have to keep open many sockets, pipes,
files, etc. for their clients) so the new file/socket/pipe/...
handle value can easy exceed FD_SETSIZE limit and in such case
cannot be used with select(). The modification on
2016-04-05 21:24 UTC+0200 Przemyslaw Czerpak
resolved the problem only for sockets and pipes in code which uses
corresponding hb_socket*() and hb_fsPipe*() API but not for all
other cases. This one is for POSIX compilant code which needs pure
POSIX select()/poll() functionality.
Please note that HB_POLLFD structure should is compatible with
struct pollfd defined by POSIX.1-2001 anyhow not all platforms
confirm this standard so portable Harbour code should always use
HB_POLLFD and HB_POLL* constant values instead of POLL* ones.
* include/hbdate.h
* src/common/hbdate.c
+ added new C functions to calculate timeouts:
HB_MAXUINT hb_timerGet( void );
HB_MAXUINT hb_timerInit( HB_MAXINT nTimeOut );
HB_MAXINT hb_timerTest( HB_MAXINT nTimeOut, HB_MAXUINT * pnTimer );
They are designed to be used instead of direct access to
hb_dateMilliSeconds(). Now they internally use hb_dateMilliSeconds()
but it can be easy replaced by any other system monotonic clock by
one local modification inside hb_timerGet() function.
* src/rtl/filesys.c
* use hb_timer*() functions instead of hb_dateMilliSeconds()
* use hb_fsCanRead()/hb_fsCanWrite() instead of select()/poll()
It also fixed timeout processing inside hb_fsPipeIsData() and
hb_fsPipeWrite() in builds using poll()
* src/rtl/filesys.c
* src/rtl/gtcrs/gtcrs.h
* src/rtl/gtcrs/gtcrs.c
* src/rtl/gtpca/gtpca.c
* src/rtl/gtsln/gtsln.c
* src/rtl/gtsln/mousesln.c
* src/rtl/gtstd/gtstd.c
* src/rtl/gttrm/gttrm.c
* src/rtl/gtxwc/gtxwc.c
* use hb_timer*() functions instead of hb_dateMilliSeconds()
* use hb_fsCanRead()/hb_fsCanWrite() instead of select()/poll()
* src/vm/thread.c:
* src/rtl/gtwin/gtwin.c
* src/rtl/hbcom.c
* src/rtl/hbgtcore.c
* src/rtl/hblpp.c
* src/rtl/idle.c
* contrib/hbnetio/netiosrv.c:
* contrib/hbssl/ssl_sock.c:
* use hb_timer*() functions instead of hb_dateMilliSeconds()
* contrib/xhb/hboutdbg.c
* use hb_fsCanWrite() instead of select()
* src/rtl/hbsocket.c
! repeat select() interrupted by signal inside hb_socketSelect()
when poll() function is not available
* src/3rd/hbdossrl/serial.c
! fixed -Wshift-negative-value GCC warnings
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
+ added new C function
void hb_EVP_PKEY_ret( EVP_PKEY * pkey );
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/pem.c
+ added new PRG functions:
PEM_READ_PRIVATEKEY()
PEM_READ_PUBKEY()
* contrib/hbssl/ssl_sock.c
! added missing HB_SOCKET_ERR_TIMEOUT setting in hb_ssl_socketRead()
! fixed cleared to early SSL error code in hb_ssl_socketWrite()
* contrib/hbssl/tests/inetssl.prg
! interrupt test program if server thread stops
* load server certificates before listen socket is created
* src/rdd/dbfnsx/dbfnsx1.c
! code cleanup to pacify warnings in new GCC versions
* src/rtl/filesys.c
! check if child's fork() was executed successfully
* src/rtl/hbproces.c
! use hb_fsCloseRaw() instead of close() in hb_fsProcessExec() to avoid
lost handles when close() operation is interrupted by signal.
! repeat waitpid() calls interrupted by signal
* contrib/hbssl/hbssl.h
* contrib/hbssl/ssl_sock.c
* contrib/hbssl/ssl_inet.c
+ added new 'PHB_ITEM pSSL' parameter to hb_sockexNewSSL() and
hb_ssl_socketNew() C functions - it allows to bind harbour item
with SSL pointer which should not be released before connection
is closed. In new OpenSSL version such tricks can be replaced
by SSL_up_ref()
This modification also fixes possible GPF trap when SSL filter
socket was create dynamically from C code without SSL pointer
item on HVM stack in 2-nd parameter and removes old hack which
saved internally 2-nd HVM stack parameter.
+ allow to pass SSL_CTX instead of SSL in "ssl", "ctx" or "key" items
of hash array used to initialize SSL socket filter. Using SSL_CTX
allows to use the same hash array to set SSL socket filter for
different connections
+ allow to use codeblocks or function pointers as "ssl", "ctx" or
"key" items of hash array used to initialize SSL socket filter
* contrib/hbssl/hbssl.h
* contrib/hbssl/sslctx.c
+ added new C function:
SSL_CTX * hb_SSL_CTX_itemGet( PHB_ITEM pItem )
* contrib/hbssl/ssl_sock.c
* src/rtl/hbcom.c
* src/rtl/hbsocket.c
! fixed timeout checking in select()/poll()
* src/rtl/hbsockhb.c
! fixed possible GPF trap when socket filter refuse to create new
socket wrapper
* include/hbinit.h
* in GCC C++ builds for startup code use GCC constructor function
attribute instead of static variable initialization to avoid
warnings in new GCC versions
* src/rtl/hbntos.c
! fixed missing '-' in result of negative integer numbers - thanks
to Luigi Ferraris
* src/common/hbstr.c
+ added code to round integer part when the size of number is greater
then double precision (~16 digits).
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/pem.c
* contrib/hbssl/x509.c
+ added new prg functions: PEM_READ_X509(), PEM_READ_X509_AUX() and
X509_get_PubKey()
* src/debug/dbgmenu.prg
! fixed wrong method name :ToggleBreakPoint() -> BreakPointToggle()
Thanks to Viktor.
* src/rtl/gtwin/gtwin.c
* hardcoded some LEFT_ALT + <key> to return K_ALT_* value instead of
national characters, i.e. in EL keyboard layout. Please test it.
I cannot check it in my MS-Windows version.
* *
% remove brandings and homepage [1] from copyright header. Pass 1 - using script.
[1] nobody has access to it anymore AFAIK - and it's also just
a redirect since long
! update url in copyright header
; this should make the diff between 3.4 and 3.2 easier to manage
* include/hbsocket.h
* src/rtl/hbsockhb.c
+ added new C function:
HB_BOOL hb_sockexItemReplace( PHB_ITEM pItem, PHB_SOCKEX pSock );
* contrib/hbssl/ssl_sock.c
+ replace passed socket structure to hb_socketNewSSL_connect() and
hb_socketNewSSL_accept() with new one using SSL filter if it was
passed by reference, current syntax is:
hb_socketNewSSL_connect( [@]<pSocket>, <pSSL> [, <nTimeout> ] )
-> <pSocketSSL>
hb_socketNewSSL_accept( [@]<pSocket>, <pSSL> [, <nTimeout> ] )
-> <pSocketSSL>
* contrib/hbssl/hbssl.hbm
* contrib/hbssl/hbssl.hbx
+ contrib/hbssl/ssl_hbcon.prg
+ added new PRG functions which can be used for fast initialization of
SSL connection:
hb_SSL_new() -> <pSSL>
hb_SSL_connect_inet( <pSocket>, [ <nTimeOut> ], [ @<cInfo> ] )
-> <lConnected>
hb_SSL_connect_socket( <pSocket>, [ <nTimeOut> ], [ @<cInfo> ] )
-> <lConnected>
They do not need any addiitonal initialization code and can be called
as first and the only SSL functions in user code.
* contrib/hbtip/mail.prg
! fixed bug reported by Lorenzo - thanks
* use hb_MemoWrit() in :detachFile() to honor Harbour File IO API
* cleanup
* src/common/hbffind.c
* src/rtl/gtos2/gtos2.c
* src/rtl/hbproces.c
* cleaned DosAllocMem() flags
* src/common/hbfsapi.c
* src/rtl/hbproces.c
* pacified OS2 GCC warnings
* config/global.mk
* show information about HB_MT build parameter if set by user
* include/hbsocket.h
* src/rtl/hbsockhb.c
+ added socket filters to standard socket API.
At C level hb_sockex*() function with PHB_SOCKEX handler can be
used to operate on socket filters. At PRG level standard hb_socket*()
functions can be used.
The following things has been changed in PRG hb_socket*() functions:
hb_socketErorrString() can accept <pSocket> as 1-st or 2-nd parameter
and redirect call to socket filter errorStr() method.
hb_socketClose() executes automatically shutdown() for connected
sockets - it is important in windows only where without explicit
call to shutdown() before close transmitted data can be lost.
hb_socketSend() and hb_socketRecv() can be redirected to filter
streams if filter set such redirection. If filter does not redirect
them then they operate on raw sockets. If hb_socketSend() is
redirected then sent data is flushed automatically.
The following new PRG functions has been added:
Add/replace socket filter:
hb_socketSetFilter( <pSocket>, [<cFilterName>], [<hParams>] )
-> <pSocket> | NIL
<cFilterName> is filter name, It's possible to set many filters
in single hb_socketSetFilter() call separating filter names
with "|" character, i.e.:
pSock := hb_socketSetFilter( pSock, "ZSOCK|BFSOCK", hParams )
<hParams> is hash array with initialization parameters used by
given socket filter. The core implementation recognize the
following settings:
"readahead" - numeric value with size of read ahead buffer
"flush" - numeric value with auto flush parameter (for more
information look at hb_socketAutoFlush() below)
"redir" - logical value which can be use to enable/disable
hb_socketSend() and hb_socketRecv() redirection
to filter stream.
Return filter name used by socket:
hb_socketGetFilter( <pSocket> ) -> <cFilterName>
Read from socket stream:
hb_socketRead( <pSocket>, @<cData>, [<nLen> = Len( cData )],
[<nTimeout> = FOREVER] ) -> <nRead>
this function is similar to hb_socketRecv() but is always
redirected to socket stream filters.
Write to socket stream:
hb_socketWrite( <pSocket>, <cData>, [<nLen> = Len( cData )],
[<nTimeout> = FOREVER] ) -> <nWritten>
this function is similar to hb_socketSend() but it is always
redirected to socket stream filters. Written data is not flushed
by default and it should be flushed explicitly by hb_socketFlush().
Automatic flushing can be enabled by hb_socketAutoFlush() function.
Flush data written to socket:
hb_socketFlush( <pSocket>, [<nTimeout> = FOREVER], [<lSync>] )
-> <nNotFlushed>
<lSync> parameter is logical value which can be used to force
special synchronization method in some filters. Usually users
do not have to use it in normal code.
Enable/disable automatic flushing of written data.
hb_socketAutoFlush( <pSocket>, [ <nTimeout> ] ) -> <nTimeout>
<nTimeout> is timeout for automatic flush operation on written
data in milliseconds. <nTimeout> = -1 means wait forever and
<nTimeout> = 0 disables auto flush.
automatic flushing can help in adopting existing code anyhow it
may strongly reduce the performance in some filters, i.e.
compression filters like ZSOCK have to add special data to the
stream after each flush operation so it's suggested to call
flush explicitly when we want to force delivering written data
to the peer.
* include/hbznet.h
* src/rtl/hbznet.c
+ added ZNET socket filter - compressed and encrypted streams are
compatible with hb_znet*() streams. The old hb_znet*() interface
is obsolete for pure socket communication and if not used as
hb_inet*() filter then should be replaced by hb_sockex*() in
user programs.
ZNET socket filter can be created by new PRG functions:
hb_socketNewZNet( <pSocket>, [<cPass>], [<nCompressionLevel>], ;
[<nStrategy>] ) -> <pSocket> | NIL
or by standard socket API with "ZNET" as filter name.
ZNET filter recognize the following settings in initialization
hash array:
"key" or "pass" - string with encryption password
"zlib" - numeric compression level (HB_ZLIB_COMPRESSION_*)
"zs" - numeric ZLIB compression strategy (HB_ZLIB_STRATEGY_*)
ZNET filter always disables any other filters and operates on raw
socket.
Please remember that it's optional module. If programmer does not
use hb_socketNewZNet() explicitly and prefers using hb_socketNew()
then he should force linking this module by REQUEST hb_socketNewZNet
+ added fSync parameter to hb_znetFlush()
[INCOMPATIBLE]
* src/rtl/hbinet.c
* call flush filter function before socket is closed
* src/rtl/Makefile
+ src/rtl/hbzsock.c
+ added ZSOCK socket filter - ZLIB and GZIP compression for socket
streams.
ZSOCK socket filter can be created by new PRG functions:
hb_socketNewZSock( <pSocket>, [<hParams>] ) -> <pSocket> | NIL
or by standard socket API with "ZSOCK" as filter name.
Programmers using hb_socketNew() can force linking this module by
REQUEST hb_socketNewZSock
ZSOCK filter can be used with other filters.
ZSOCK filter recognize the following settings in initialization
hash array:
"zlib" - numeric compression level (HB_ZLIB_COMPRESSION_*)
"zs" - numeric ZLIB compression strategy (HB_ZLIB_STRATEGY_*)
"zin" - logical value which allow to enable/disable ZLIB
decompression on input stream (default)
"gzin" - logical value which allow to enable/disable GZIP
decompression on input stream - it's possible to
enable both ZLIB and GZIP decompression together
so both streams can be decompress
"zout" - logical value which allow to enable/disable ZLIB
compression on output stream (default)
"gzout" - logical value which allow to enable/disable GZIP
compression on output stream - if both "zout" and
"gzout" are enabled GZIP compression is used.
* src/rtl/Makefile
+ src/rtl/hbbfsock.c
+ added BFSOCK socket filter - BlowFish input and output stream
encryption in CTR mode.
BFSOCK socket filter can be created by new PRG functions:
hb_socketNewBFSock( <pSocket>, [<hParams>] ) -> <pSocket> | NIL
or by standard socket API with "BFSOCK" as filter name.
Programmers using hb_socketNew() can force linking this module by
REQUEST hb_socketNewBFSock
BFSOCK filter can be used with other filters, i.e. with ZSOCK.
Please only remember that good encryption algorithms have to
generate data which cannot be compressed so using "BFSOCK|ZSOCK"
only wastes resources and correct filter order is "ZSOCK|BFSOCK".
BFSOCK filter recognize the following settings in initialization
hash array:
"key" or "pass" - string with encryption password
"iv" - string with initialization vector for CTR mode
* contrib/hbssl/hbssl.ch
* contrib/hbssl/hbssl.h
* contrib/hbssl/hbssl.hbm
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/ssl.c
* contrib/hbssl/ssl_inet.c
+ contrib/hbssl/ssl_sock.c
+ added SSL socket filter
SSL socket filter can be created by new PRG functions:
hb_socketNewSSL_connect( <pSocket>, <pSSL> [, <nTimeout> ] )
-> <pSocketSSL> | NIL
hb_socketNewSSL_accept( <pSocket>, <pSSL> [, <nTimeout> ] )
-> <pSocketSSL> | NIL
or by standard socket API with "SSL" as filter name.
Programmers using hb_socketNew() can force linking this module by
REQUEST hb_socketNewSSL_connect
or
REQUEST hb_socketNewSSL_accept
SSL filter always disables any other filters and operates on raw
socket.
SSL filter recognize the following settings in initialization hash
array:
"ctx" or "key" - pointer SSL item <pSSL>
"timeout" - timeout (numeric)
"client" - logical value indicating client mode (SSL_connect())
"server" - logical value indicating server mode (SSL_accept())
* contrib/hbssl/tests/inetssl.prg
! cleaned typo in local function name
* contrib/hbnetio/netiocli.c
* contrib/hbnetio/netiosrv.c
* use new Harbour extended socket API (hb_sockex*()) instead of
raw sockets and hb_znet*()
* contrib/hbtcpio/tcpio.c
* use new Harbour extended socket API (hb_sockex*()) instead of
raw sockets
+ implemented hb_fileFlush()
* contrib/hbssl/hbssl.h
* added HB_SSL_CONST macro which can be used instead of 'const'
qualifier to pacify "discards qualifier 'const'" warnings in
OpenSSL versions prior 0.9.8
* contrib/hbssl/evp.c
* contrib/hbssl/evpciph.c
* contrib/hbssl/evpenc.c
* contrib/hbssl/evpmd.c
* contrib/hbssl/ssl.c
* contrib/hbssl/sslctx.c
* use HB_SSL_CONST macro to pacify warnings in 0.9.6 and 0.9.7
OpenSSL versions
; Now HBSSL compiles cleanly without any warnings with different
OpenSSL final versions starting with 0.9.6
