* src/rtl/fstemp.c
* include/hbapifs.h
* include/hbextern.ch
+ Added HB_DIRTEMP() .prg level function. Returns name of temp dir,
with closing backslash.
+ Added hb_fsTempDir() .c level function.
; Please review, especially MS-DOS, OS/2, which I won't be able
to test.
* src/rtl/fstemp.c
* Cleanup: Deleted hb_fsCreateTempLow(), made layout more clear.
; TOFIX: For some builds, MS-DOS, OS/2 and WIN without WIN IO
the temp directory will be wrongly calculated by checking
TMPDIR envvar. Such envvar seems *nix specific.
If new hb_fsTempDir() will be tested, above can be fixed
by using this new function.
* package/winuni/RELNOTES
+ Noted update to Firebird 2.5.0rc1
* contrib/hbpgsql/postgres.c
+ Marked recently deprecated function as HB_LEGACY_LEVEL3.
* contrib/hbfbird/firebird.c
* Cleanup for a macro.
* contrib/hbnetio/utils/netiosrv.prg
+ Using HB_HRB_BIND_FORCELOCAL when loading .hrb.
* contrib/hbnetio/utils/modules/test.prg
+ Marked function as STATIC.
* ChangeLog
* Old TODO marked DONE.
* utils/hbmk2/hbmk2.prg
+ -xhp= converter switch now recognizes some more types of file.
(lib, object and libpaths)
* contrib/hbnetio/utils/netiosrv.prg
* contrib/hbnetio/utils/netiocmd.prg
- Deleted call protection.
* contrib/hbnetio/utils/netiocmd.prg
! Fixed remote execution protection to work even when
the source was compiled from another directory.
; QUESTION: Is there a better way to make this kind of
protection? Current system will break if
the source filename of the caller happens to
change in the future.
* contrib/hbnetio/utils/netiosrv.prg
+ Show internal error and quit and if above self-protection
got broken for some reason.
* utils/hbmk2/hbmk2.prg
! Fixed entry function detection builting project in
different than current dir, possibly also in -inc mode.
[TOMERGE 2.0]
* contrib/hbnetio/utils/netiosrv.prg
* contrib/hbnetio/utils/netiocmd.prg
% Optimizations to latest patch (using FOR EACH).
* Formatting and indenting to latest patch.
* contrib/hbnetio/utils/netiosrv.hbp
* contrib/hbnetio/utils/netiosrv.prg
+ contrib/hbnetio/utils/netiocmd.prg
+ Applied patch sent by Vailton Renato.
* Some formatting applied to it.
* src/rtl/tget.prg
! Fixed cursor positioning bug, when @S picture length is
higher than actual edit buffer length.
Thanks to Stupar for report.
[TOMERGE 2.0]
* contrib/hbnetio/utils/netiosrv.prg
* Minor.
* src/rtl/Makefile
+ src/rtl/strclear.c
* include/hbextern.ch
+ Added HB_STRCLEAR() function to safely clear the content
of a string variable.
Notice that this method by itself can only work if the
string variable has no other references, and generally
you have to code carefully to avoid creating unwanted
copies of the string when passing it around in an app.
So this is no silver bullet, but rather just one component
to solve this problem.
* contrib/hbnetio/utils/netiosrv.prg
+ Added steps to avoid having the password stored in memory,
while the server is running.
* src/rtl/philes.c
% Minor cleanup.
* contrib/hbnetio/utils/netiosrv.prg
+ Internal change moving all server object related variables to
one array.
+ Added 'config' command.
* Changed exit command to quit to be in sync with other tools and hbrun.
+ Attempt to free password variable.
+ Showing 'unsafe' warning if RPC is enabled without filter module.
* include/hbsetup.ch
* Disabled HB_LEGACY_LEVEL2 by default.
* HB_LEGACY_OFF now controls HB_LEGACY_LEVEL3 (was HB_LEGACY_LEVEL2).
+ Added HB_LEGACY_LEVEL4
; SVN users notice: This may make your C code INCOMPATIBLE with
this version, please review required changes (documented in older
ChangeLog entries) and update your code. Look for HB_LEGACY_LEVEL2
and INCOMPATIBLE keywords.
* contrib/hbnetio/utils/netiosrv.prg
+ contrib/hbnetio/utils/modules.hbp
+ contrib/hbnetio/utils/modules
+ contrib/hbnetio/utils/modules/test.prg
+ Added simple command line to server.
+ Added list of possible feature as TODO. Most of these will
need backend support from hbnetio lib.
+ Added detailed help screen.
+ Added --version option support.
+ Added support for -rpc=file.hrb option. Although for some
reason (most likely my omission) it doesn't work yet.
+ -DHB_EXTERN will now enable inclusion of all core functions.
+ Added build file for .hrb modules.
+ Added little test module.
+ Added SETCANCEL( .F. ) to avoid irregular shutdown with Ctrl+C.
* src/rtl/memoedit.prg
! Deleted hack which explicitly set lastkey to CTRL_END/W
when exiting with changes saved. The comment said that
it was added to make DBU happy, but it doesn't seem to be
necessary anymore, at least I couldn't spot any problem
without it. Pls check it.
! Fixed MEMOEDIT() not recognizing K_ESC as exit key when
custom function is used.
This fixes DBU not recognizing K_ESC as a way to exit
memo editing. Please review, I'm not MEMOEDIT() user
and this was such an obvious omission that I wonder
if there was some real reason for it. Anyhow it was
wrong before.
* contrib/hbfimage/fi_wrp.c
* contrib/hbclipsm/num.c
* contrib/hbclipsm/numfloor.c
* contrib/hbclipsm/status.c
* contrib/hbclipsm/numceil.c
* Formatting.
* harbour/src/rtl/hbznet.c
* move hb_znetOpen() parameter validation from HB_INETCOMPRESS()
to hb_znetOpen() - it should help keeping other code using
hb_znetOpen() more simple
* harbour/contrib/hbnetio/netio.h
* harbour/contrib/hbnetio/netiocli.c
* harbour/contrib/hbnetio/netiosrv.c
+ added support for compression and encryption in NETIO connection
streams. Enabling encryption (password) automatically enable also
compression. If necessary user can set compression level to
HB_ZLIB_COMPRESSION_NONE. HB_ZLIB_COMPRESSION_DISABLE used as
compression level removes compression and encryption.
See below for details of NETIO server and client code modifications.
* harbour/contrib/hbnetio/netiocli.c
+ extended NETIO_CONNECT() client side function parameters:
NETIO_CONNECT( [<cServer>], [<cPort>], [<nTimeOut>], ;
[<cPasswd>], [<nCompressionLevel>], [<nStrategy>] )
-> <lOK>
% changed the behavior of NETIO_CONNECT() client side function.
In the previous version this function was connecting to the server
and then disconnecting so it was used to check if connection is
available and to set default connection parameters.
Now it does not disconnect after successful connection so created
connection is keept and can be reused by any pending NETIO_*() calls.
User can open many different connections in the same time.
The connections are recognized by server and port address.
The connections set by NETIO_CONNECT() function can be closed by
NETIO_DISCONNECT() function.
Each repeated call to NETIO_CONNECT() increase reference counter
in the connection stream and need corresponding number of
NETIO_DISCONNECT() calls.
+ added new PRG client side function:
NETIO_DISCONNECT( [<cServer>], [<cPort>] ) -> <lOK>
which closes connections set by NETIO_CONNECT().
+ added support for passing connection password as part of file path
or function name in format:
<server>[:<port>[:<passwd>]]:<filepath|funcname>
i.e.:
192.168.0.1:2941:secret:path/to/file
Please remember that it's only an alternative method of setting
encryption which does not allow to use CHR(0) or ":" in passwords.
User can always set connection using NETIO_CONNECT() function which
will be used in RPC or FILE IO calls. If more then one connection
is set by NETIO_CONNECT() then user can chose the connection using
only server and port. It's not necessary to pass other connection
parameters.
+ added support for UNC paths:
//<server>[:<port>]/<filepath|funcname>
i.e.:
//192.168.0.1:2941/path/to/file
backslashes (\\) are also supported.
* harbour/contrib/hbnetio/netiosrv.c
% moved 1-st login identification from NETIO_ACCEPT() to NETIO_SERVER()
Such version do not block other connection accepting when server
waits for NETIO_LOGIN frame so it improve scalability and also
protect against code which may want to block access to the server
by opening dummy connections.
+ added new parameters to NETIO_ACCEPT() function which allows to set
encryption and compression for new connections:
NETIO_ACCEPT( <pListenSocket>, [<nTimeOut>],
[<cPass>], [<nCompressionLevel>], [<nStrategy>] )
-> <pConnectionSocket> | NIL
+ added new server side function:
NETIO_COMPRESS( <pConnectionSocket>,
[<cPass>], [<nCompressionLevel>], [<nStrategy>] )
-> NIL
which allow to set or change encryption and compression parameters
in existing connections
* harbour/contrib/hbnetio/netiomt.prg
* updated to accept new connection parameters in NETIO_MTSERVER()
function:
NETIO_MTSERVER( [<nPort>], [<cIfAddr>], [<cRootDir>], [<lRPC>],
[<cPasswd>], [<nCompressionLevel>], [<nStrategy>] )
-> <pListenSocket>
* harbour/contrib/hbnetio/utils/netiosrv.prg
+ added 5-th parameter <passwd> which enable encryption with compression,
current syntx is:
netiosrv [<port>] [<inetaddr>] [<rootdir>] [<rpc>] [<passwd>]
For default values use "" in command line for skipped parameters, i.e.:
netiosrv "" "" "" 1 topsecret
* harbour/contrib/hbnetio/tests/netiotst.prg
* enable RPC, compression and encryption in test code
+ added simple code which use RPC to create directory on the server side
Now it's possible to easy create secure NETIO connections and compression
should help in slow connections when big number of data has to be
exchange. In RDD file access it mostly help when tables use long records.
Hope you will find it useful. Please make tests.
* INSTALL
* Updated valgrind example.
* contrib/hbnetio/utils/netiosrv.hbp
* utils/hbformat/hbformat.hbp
* utils/hbmk2/hbmk2.hbp
* utils/hbi18n/hbi18n.hbp
* utils/hbtest/hbtest.hbp
* utils/hbrun/hbrun.hbp
* config/wce/msvcarm.mk
* config/win/msvc.mk
+ Added MSVC linker switches to enhance security by
enabling NX compatibility and ASLR.
Especially important for server apps like netiosrv and hbrun.
; TODO: Enable the same for MinGW.
; TOCHECK: Please test this with old MSVC versions and MSVCARM,
maybe we will need to disable them in some cases.
; QUESTION: I'm unsure of -fixed:no MSVC option. Do we need it
to increase security?
* config/wce/msvcarm.mk
+ Changed to use link.exe for linking instead of cl[arm].exe.
This now syncs it with rest of Harbour.
* harbour/src/rtl/hbznet.c
! do not use DEF_MEM_LEVEL to avoid potential problems when <zutil.h>
is not available
* harbour/contrib/hbnetio/netio.h
* harbour/contrib/hbnetio/netiocli.c
* harbour/contrib/hbnetio/netiosrv.c
+ implemented RPC in HBNETIO protocol
+ added the following client functions:
check if function/procedure exists on the server side:
NETIO_PROCEXISTS( <cProcName> ) -> <lExists>
execute function/procedure on server the side,
do not wait for confirmation:
NETIO_PROCEXEC( <cProcName> [, <params,...>] ) -> <lSent>
execute function/procedure on the server side and wait for
confirmation:
NETIO_PROCEXECW( <cProcName> [, <params,...>] ) -> <lExecuted>
execute function on the server side and wait for its return value:
NETIO_FUNCEXEC( <cFuncName> [, <params,...>] ) -> <xFuncRetVal>
All above functions use default connection set by NETIO_CONNECT()
for RPCs but it's also possible to specify server address and port
in <cProcName>/<cFuncName> just like in <cFileName> parameter in RDD
functions, i.e.:
NETIO_PROCEXISTS( "192.168.0.1:10005:MYFUNC" )
+ added new server side functions to enable/disable/check RPC support:
NETIO_RPC( <pListenSocket> | <pConnectionSocket> [, <lEnable> ] )
-> <lEnabled>
if RPC is enabled for listen socket then connection sockets inherit
this setting.
+ added 4-th parameter <lRPC> to NETIO_LISTEN() function. .T. enable
RPC support in returned listen socket which is later inherited by
connection sockets
* changed protocol version ID - current NETIO clients and servers
cannot be used with old code
* harbour/contrib/hbnetio/utils/netiosrv.prg
* added option to enable RPC support in NETIO server
If you want to make some test then you can execute netiosrv with
non empty 4-th parameter as server, i.e.:
./netiosrv "" "" "" 1
and try this code as client:
proc main()
// pass server address to netio_connect() for non localhost tests
? "NETIO_CONNECT():", netio_connect()
?
? "DATE() function is supported:", netio_procexists( "DATE" )
? "QOUT() function is supported:", netio_procexists( "DATE" )
? "HB_DATETIME() function is supported:", ;
netio_procexists( "HB_DATETIME" )
?
? netio_procexec( "QOUT", repl( "=", 50 ) )
? netio_procexec( "QOUT", "This is RPC TEST", date(), hb_datetime() )
? netio_procexecw( "QOUT", repl( "=", 50 ) )
?
? "SERVER DATE:", netio_funcexec( "DATE" )
? "SERVER TIME:", netio_funcexec( "TIME" )
? "SERVER DATETIME:", netio_funcexec( "HB_DATETIME" )
?
? netio_funcexec( "upper", "hello world !!!" )
return
Please remember that only functions linked with server are available.
If you want to enabled all core functions in netiosrv then please
uncomment this line in netiosrv.prg:
REQUEST __HB_EXTERN__
Have a fun with a new toy. I hope that many Harbour user will find it
very interesting. Please only be careful !!!. This feature allows to
execute remotely _ANY_ code on the server side. _NEVER_ leave open ports
with RPC support for untrusted access.
* harbour/source/vm/thread.c
+ added HB_MT() PRG function which exists only in MT HVM version and
can be REQUESTed from .prg code to force linking MT HVM.
* harbour/contrib/hbnetio/utils/netiosrv.prg
! fixed typo in port parameter support
* modified name of second parameter. Instead of 'address' use 'ifaddr'
(interface address) which seems to be more precise name.
* added 'request HB_MT' to protect linking with HVM without MT support.
+ contrib/hbnetio/utils
+ contrib/hbnetio/utils/netiosrv.prg
+ contrib/hbnetio/utils/hbmk.hbm
+ Committed simple server code posted in the ChangeLog entry
from Przemek. I've added very simple passing of port and
address parameters, this can be enhanced in the future
using proper switches. Plus maybe an option to avoid
accidental exit by keypress.
