* contrib/hbssl/hbssl.h
* contrib/hbssl/hbssl.hbm
* contrib/hbssl/ssl.c
! HB_OPENSSL_HAS_APPLINK was never checked,
defining HB_OPENSSL_NO_APPLINK didn't do anything
* make current OpenSSL 3.6.0 build under fresh MSYS2
shell. MSYS2 does not distribute applink.c, claiming
MingGW C runtime is safe for operation without it.
Have to define HB_OPENSSL_NO_APPLINK and additional
workaround for lacking __int64 type when including
ssl.h. If you need similar workround outside of
MSYS2 shell, setenv: HB_USER_CFLAGS=-DHB_OPENSSL_MSYS
packages needed: openssl-devel (for headers)
mingw-w64-x86_64-openssl (for libs)
mingw-w64-aarch64-openssl
* contrib/hbssl/hbssl.hbc
* using Clang or Zig compiler on Windows, build will
now reference libssl and libcrypto instead of old
ssleay32/libeay32 pair when linking.
* config/win/zig.mk
% unnecessary check
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* reenabled hb_RSA_par_remove() for old OpenSSL() versions (<=0.9.6) which
do not support RSA_up_ref()
* contrib/hbssl/ssl.c
! use
x509 = X509_dup( x509 );
X509_check_purpose( x509, -1, 0 );
instead of
X509_up_ref( x509 );
in OpenSSL versions prior 0x10100000L - they do not support X509_up_ref()
* contrib/hbssl/x509.c
* check passed parameters more strictly
* return NIL when X509 certificate cannot be allocated/accessed
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/bio.c
! fixed BIO_set_conn_int_port() to work with OpenSSL >= 1.1
(emulation with BIO_set_conn_port())
! fixed BIO_get_conn_ip() to work with OpenSSL >= 1.1
(emulation with BIO_get_conn_address() and BIO_ADDR_hostname_string())
+ added BIO_get_conn_address(), it returns HB_SOCKET compatible array
with address
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/sslctx.c
+ added new function SSL_CTX_use_RSAPrivateKey()
! respect OPENSSL_NO_RSA macro in other SSL_CTX_use_RSA*() functions
* contrib/hbssl/evp.c
! use EVP_CIPHER_key_length() and EVP_CIPHER_iv_length() in
EVP_BytesToKey() to detect the exact key and iv length.
* contrib/hbssl/hbssl.h
* contrib/hbssl/evppkey.c
* contrib/hbssl/rsa.c
* removed hb_RSA_par_remove() function, use RSA_up_ref() instead
* contrib/hbssl/hbssl.h
* contrib/hbssl/x509.c
* contrib/hbssl/pem.c
* contrib/hbssl/ssl.c
* removed 2-nd parameter ( HB_BOOL fRelease ) from hb_X509_ret(),
use X509_up_ref() instead
* contrib/hbssl/pem.c
* respect OPENSSL_NO_DSA, OPENSSL_NO_DH and OPENSSL_NO_RSA macros
* contrib/hbssl/ssl_sock.c
* added casting to pacify SSL_set_fd() warning and updated link with
description of the problem
* include/harbour.hbx
* include/hbchksum.h
* src/harbour.def
* src/rtl/hbmd5.c
+ added new C function
void hb_hmac_md5( const void * key, HB_SIZE nKeyLen,
const void * message, HB_SIZE nMsgLen,
char * digest );
+ added new PRG function
HB_HMAC_MD5( <cMessage>, <cKey> ) -> <cMAC>
; HMAC MD5 is used in some authentication methods i.e. CRAM-MD5
authentication in SMTP protocol
* src/rtl/gttrm/gttrm.c
+ enable extended XTERM colors automatically when xterm-16color,
xterm-256color, xterm+256color, xterm-88color, rxvt-16color,
rxvt-256color, rxvt-98color or putty terminal is detected
+ added support for HB_GTI_SCREENDEPTH
* contrib/gtqtc/gtqtc1.cpp
+ set clipboard data also into selection buffer on platforms which
support it
+ when main clipboard buffer is empty retrieve clipboard data from
selection buffer and if it's empty too from find buffer
* include/harbour.hbx
* src/harbour.def
* src/vm/memvars.c
+ added new PRG function
__mvGetDef( <cMemvar> [, <xDefault> ] ) -> <xValue>
it works in similar way to __mvGet() but if <cMemvar> does
not exist then it returns <xDefault> or NIL instead of RTE
* contrib/hbwin/hbwin.hbx
+ added missing declarations for win_osIs10() and win_osIs81()
* contrib/hbssl/ssl.c
! fixed compilation with OpenSSL < 0.9.8k
* contrib/sddodbc/core.c
* pacified warning
* contrib/xhb/hbxml.c
* contrib/xhb/hbxml.h
! fixed CDATA terminator, it should be "]]>" instead of " ]]>"
+ added support for HBXML_STYLE_NONEWLINE flag
* src/3rd/pcre/Makefile
! typo wince -> wce
* src/main/Makefile
* use harbour.rc only in MS-Windows builds - it fixes OS2 OpenWatcom
builds
* config/global.mk
! in DOS builds check if the 'uname' exists before running it
* include/hbapigt.h
* include/hbgtcore.h
* src/rtl/hbgtcore.c
* src/rtl/inkey.c
* src/rtl/inkeyapi.c
* contrib/xhb/xhbfunc.c
+ added 3-rd parameter to hb_inkeySetText() function. When this parameter
is true then ';' is not translated to Chr( 13 ) but DOS and UNIX EOLs
are translated to Chr( 13 )
+ added logical parameter to HB_GTI_CLIPBOARDPASTE which allows to set
text without ';' translation but with platform independent EOLs
* src/rtl/memoedit.prg
* utils/hbmk2/hbmk2.prg
* contrib/hbnetio/utils/hbnetio/_console.prg
* extras/dbu/dbu52.patch
* extras/dbu/dbu53.patch
* use hb_gtInfo( HB_GTI_CLIPBOARDPASTE, .T. ) instead of
hb_gtInfo( HB_GTI_CLIPBOARDPASTE ) for pasting data from clipboard
with platform independent EOLs and ';' characters
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/ssl.c
+ Added function SSL_set_tlsext_host_name() which is needed to access
a virtual host when using HTTPS.
See https://en.wikipedia.org/wiki/Server_Name_Indication
+ Added function SSL_set_verify().
* src/rtl/fstemp.c
! hb_fsTempName() was not returning a valid temp name on OS/2
* *
% remove brandings and homepage [1] from copyright header. Pass 1 - using script.
[1] nobody has access to it anymore AFAIK - and it's also just
a redirect since long
! update url in copyright header
; this should make the diff between 3.4 and 3.2 easier to manage
* include/hbsocket.h
* src/rtl/hbsockhb.c
+ added socket filters to standard socket API.
At C level hb_sockex*() function with PHB_SOCKEX handler can be
used to operate on socket filters. At PRG level standard hb_socket*()
functions can be used.
The following things has been changed in PRG hb_socket*() functions:
hb_socketErorrString() can accept <pSocket> as 1-st or 2-nd parameter
and redirect call to socket filter errorStr() method.
hb_socketClose() executes automatically shutdown() for connected
sockets - it is important in windows only where without explicit
call to shutdown() before close transmitted data can be lost.
hb_socketSend() and hb_socketRecv() can be redirected to filter
streams if filter set such redirection. If filter does not redirect
them then they operate on raw sockets. If hb_socketSend() is
redirected then sent data is flushed automatically.
The following new PRG functions has been added:
Add/replace socket filter:
hb_socketSetFilter( <pSocket>, [<cFilterName>], [<hParams>] )
-> <pSocket> | NIL
<cFilterName> is filter name, It's possible to set many filters
in single hb_socketSetFilter() call separating filter names
with "|" character, i.e.:
pSock := hb_socketSetFilter( pSock, "ZSOCK|BFSOCK", hParams )
<hParams> is hash array with initialization parameters used by
given socket filter. The core implementation recognize the
following settings:
"readahead" - numeric value with size of read ahead buffer
"flush" - numeric value with auto flush parameter (for more
information look at hb_socketAutoFlush() below)
"redir" - logical value which can be use to enable/disable
hb_socketSend() and hb_socketRecv() redirection
to filter stream.
Return filter name used by socket:
hb_socketGetFilter( <pSocket> ) -> <cFilterName>
Read from socket stream:
hb_socketRead( <pSocket>, @<cData>, [<nLen> = Len( cData )],
[<nTimeout> = FOREVER] ) -> <nRead>
this function is similar to hb_socketRecv() but is always
redirected to socket stream filters.
Write to socket stream:
hb_socketWrite( <pSocket>, <cData>, [<nLen> = Len( cData )],
[<nTimeout> = FOREVER] ) -> <nWritten>
this function is similar to hb_socketSend() but it is always
redirected to socket stream filters. Written data is not flushed
by default and it should be flushed explicitly by hb_socketFlush().
Automatic flushing can be enabled by hb_socketAutoFlush() function.
Flush data written to socket:
hb_socketFlush( <pSocket>, [<nTimeout> = FOREVER], [<lSync>] )
-> <nNotFlushed>
<lSync> parameter is logical value which can be used to force
special synchronization method in some filters. Usually users
do not have to use it in normal code.
Enable/disable automatic flushing of written data.
hb_socketAutoFlush( <pSocket>, [ <nTimeout> ] ) -> <nTimeout>
<nTimeout> is timeout for automatic flush operation on written
data in milliseconds. <nTimeout> = -1 means wait forever and
<nTimeout> = 0 disables auto flush.
automatic flushing can help in adopting existing code anyhow it
may strongly reduce the performance in some filters, i.e.
compression filters like ZSOCK have to add special data to the
stream after each flush operation so it's suggested to call
flush explicitly when we want to force delivering written data
to the peer.
* include/hbznet.h
* src/rtl/hbznet.c
+ added ZNET socket filter - compressed and encrypted streams are
compatible with hb_znet*() streams. The old hb_znet*() interface
is obsolete for pure socket communication and if not used as
hb_inet*() filter then should be replaced by hb_sockex*() in
user programs.
ZNET socket filter can be created by new PRG functions:
hb_socketNewZNet( <pSocket>, [<cPass>], [<nCompressionLevel>], ;
[<nStrategy>] ) -> <pSocket> | NIL
or by standard socket API with "ZNET" as filter name.
ZNET filter recognize the following settings in initialization
hash array:
"key" or "pass" - string with encryption password
"zlib" - numeric compression level (HB_ZLIB_COMPRESSION_*)
"zs" - numeric ZLIB compression strategy (HB_ZLIB_STRATEGY_*)
ZNET filter always disables any other filters and operates on raw
socket.
Please remember that it's optional module. If programmer does not
use hb_socketNewZNet() explicitly and prefers using hb_socketNew()
then he should force linking this module by REQUEST hb_socketNewZNet
+ added fSync parameter to hb_znetFlush()
[INCOMPATIBLE]
* src/rtl/hbinet.c
* call flush filter function before socket is closed
* src/rtl/Makefile
+ src/rtl/hbzsock.c
+ added ZSOCK socket filter - ZLIB and GZIP compression for socket
streams.
ZSOCK socket filter can be created by new PRG functions:
hb_socketNewZSock( <pSocket>, [<hParams>] ) -> <pSocket> | NIL
or by standard socket API with "ZSOCK" as filter name.
Programmers using hb_socketNew() can force linking this module by
REQUEST hb_socketNewZSock
ZSOCK filter can be used with other filters.
ZSOCK filter recognize the following settings in initialization
hash array:
"zlib" - numeric compression level (HB_ZLIB_COMPRESSION_*)
"zs" - numeric ZLIB compression strategy (HB_ZLIB_STRATEGY_*)
"zin" - logical value which allow to enable/disable ZLIB
decompression on input stream (default)
"gzin" - logical value which allow to enable/disable GZIP
decompression on input stream - it's possible to
enable both ZLIB and GZIP decompression together
so both streams can be decompress
"zout" - logical value which allow to enable/disable ZLIB
compression on output stream (default)
"gzout" - logical value which allow to enable/disable GZIP
compression on output stream - if both "zout" and
"gzout" are enabled GZIP compression is used.
* src/rtl/Makefile
+ src/rtl/hbbfsock.c
+ added BFSOCK socket filter - BlowFish input and output stream
encryption in CTR mode.
BFSOCK socket filter can be created by new PRG functions:
hb_socketNewBFSock( <pSocket>, [<hParams>] ) -> <pSocket> | NIL
or by standard socket API with "BFSOCK" as filter name.
Programmers using hb_socketNew() can force linking this module by
REQUEST hb_socketNewBFSock
BFSOCK filter can be used with other filters, i.e. with ZSOCK.
Please only remember that good encryption algorithms have to
generate data which cannot be compressed so using "BFSOCK|ZSOCK"
only wastes resources and correct filter order is "ZSOCK|BFSOCK".
BFSOCK filter recognize the following settings in initialization
hash array:
"key" or "pass" - string with encryption password
"iv" - string with initialization vector for CTR mode
* contrib/hbssl/hbssl.ch
* contrib/hbssl/hbssl.h
* contrib/hbssl/hbssl.hbm
* contrib/hbssl/hbssl.hbx
* contrib/hbssl/ssl.c
* contrib/hbssl/ssl_inet.c
+ contrib/hbssl/ssl_sock.c
+ added SSL socket filter
SSL socket filter can be created by new PRG functions:
hb_socketNewSSL_connect( <pSocket>, <pSSL> [, <nTimeout> ] )
-> <pSocketSSL> | NIL
hb_socketNewSSL_accept( <pSocket>, <pSSL> [, <nTimeout> ] )
-> <pSocketSSL> | NIL
or by standard socket API with "SSL" as filter name.
Programmers using hb_socketNew() can force linking this module by
REQUEST hb_socketNewSSL_connect
or
REQUEST hb_socketNewSSL_accept
SSL filter always disables any other filters and operates on raw
socket.
SSL filter recognize the following settings in initialization hash
array:
"ctx" or "key" - pointer SSL item <pSSL>
"timeout" - timeout (numeric)
"client" - logical value indicating client mode (SSL_connect())
"server" - logical value indicating server mode (SSL_accept())
* contrib/hbssl/tests/inetssl.prg
! cleaned typo in local function name
* contrib/hbnetio/netiocli.c
* contrib/hbnetio/netiosrv.c
* use new Harbour extended socket API (hb_sockex*()) instead of
raw sockets and hb_znet*()
* contrib/hbtcpio/tcpio.c
* use new Harbour extended socket API (hb_sockex*()) instead of
raw sockets
+ implemented hb_fileFlush()
* contrib/hbssl/hbssl.h
* added HB_SSL_CONST macro which can be used instead of 'const'
qualifier to pacify "discards qualifier 'const'" warnings in
OpenSSL versions prior 0.9.8
* contrib/hbssl/evp.c
* contrib/hbssl/evpciph.c
* contrib/hbssl/evpenc.c
* contrib/hbssl/evpmd.c
* contrib/hbssl/ssl.c
* contrib/hbssl/sslctx.c
* use HB_SSL_CONST macro to pacify warnings in 0.9.6 and 0.9.7
OpenSSL versions
; Now HBSSL compiles cleanly without any warnings with different
OpenSSL final versions starting with 0.9.6
* contrib/hbssl/bio.c
* contrib/hbssl/err.c
* contrib/hbssl/evpciph.c
* contrib/hbssl/evpmd.c
* contrib/hbssl/hbssl.h
* contrib/hbssl/ssl.c
* contrib/hbssl/ssl_inet.c
! fixed compilation with older OpenSSL versions.
Now minimum supported version of OpenSSL is 0.9.6.
I tested current code only with finals releases (such releases
have 'f' as last hex digit in OPENSSL_VERSION_NUMBER) so it's
possible that some beta release may need additional tunes but now
adopting the code should be quite easy job for anyone who need
to use such OpenSSL version and has same very basic C knowledge.
When older OpenSSL versions are used then warnings:
"passing arg X discards qualifier 'const' from pointer target type"
can appear. I didn't pacified them to not hide some possible bugs
in the future though it breaks C++ compilation so maybe I'll add
such casting using macro redefined only for older versions.
; [TODO] check if HB_OPENSSL_OLD_OSX_ macro is still required and
if not then remove it. Maybe also other DARWIN macros can
be removed.
* (all files)
* stripped svn header
* minor cleanups
; use following command to find out the history of files:
git log
git log --follow
git blame
git annotate
