Author: minfrin
Revision: 1926976
Modified property: svn:log
Modified: svn:log at Sat Jul 5 16:46:48 2025
------------------------------------------------------------------------------
--- svn:log (original)
+++ svn:log Sat Jul 5 16:46:48 2025
@@ -1,17 +1,23 @@
-Fix some more integer narrowing warnings.
+Add support for SSL error handling
-* buckets/deflate_buckets.c
- (serf_deflate_refill): Narrow our apr_size_t to Zlib stream's uInt, then
- use the already-converted value to compute the crc32.
- In two other places, change the type of the private_len variable, which
- was unnecessarily declared as an apr_size_t.
+[minfrin@rocky9 subversion]$ svn info
https://svn.example.com/svn/example/core/
+svn: E170013: Unable to connect to a repository at URL
'https://svn.example.com/svn/example/core'
+svn: E120170: TLS: error:0308010C:digital envelope routines::unsupported
+svn: E120170: TLS: could not parse PKCS12: /home/minfrin/.my-cert.p12
-* test/CuTest.c
- (CuStrCopy, CuStringAppend, CuStringInsert): Cast strlen(...) to int.
+* serf_bucket_types.h
+ (serf_ssl_error_cb_set): Allow the registration of an optional callback to
+ which error strings will be sent.
+
+* buckets/ssl_buckets.c
+ (serf_ssl_context_t): Add error_callback.
+ (log_ssl_error): Trigger error callback.
+ (status_from_ssl_error): Support SSL_ERROR_WANT_X509_LOOKUP. Client side SSL
+ certificate errors now cause the client side to abort the connection.
+ Previously no certificate was silently sent, and the error was access denied
+ from the server.
+ (ssl_need_client_cert): Trigger callback with error explanation, remove an
+ infinite loop when the PKCS12 file cannot be opened.
+ (serf_ssl_error_cb_set): New function.
+ (ssl_new_session): Init the callback.
-* test/test_serf.h
- (struct test_baton_t): Add an apr_status_t user baton.
- (test/test_context.c): Use the new user status baton for APR status codes.
-* test/mock_buckets.c
- (next_action): Cast strlen(...) to the expected int.
- (test_basic_mock_bucket): Use CuAsertUIntEquals to avoid narrowing.
