1. 28 Apr, 2013 1 commit
  2. 28 Feb, 2013 6 commits
    • Timothy B. Terriberry's avatar
      More minor win32 cleanups. · 27c8948a
      Timothy B. Terriberry authored
      Just normalizing coding style.
      27c8948a
    • Timothy B. Terriberry's avatar
      Support the Windows system certificate store. · 9a866b18
      Timothy B. Terriberry authored
      OpenSSL on Windows does not pull certificates from any well-known
       location (in fact most binaries continue to use the default Unix
       path, which usually doesn't even exist).
      We could ship our own set of certificates (e.g., cloned from the
       Mozilla root list), but I don't want to be responsible for
       releasing libopusfile updates when things like DigiNotar
       fiasco [1] happen.
      That approach also means that we would need to load, parse, and
       keep a copy of every certificate in the system for every SSL
       session.
      
      OpenSSL has had patches sitting in their bugtracker which load
       certificates from the Crypto API's system certificate store.
      However, those patches have been sitting around for several years,
       so movement on that front in the near future seems unlikely.
      We don't care about using OpenSSL's builtin CAPI engine, though, so
       we can do the same thing with less than 200 lines of code.
      This puts the maintenance burden on Windows Update, which will be
       far more timely and effective than getting people to upgrade
       libopusfile, and gets us on-demand loading of just the
       certificates we need.
      
      [1] <https://bugzilla.mozilla.org/show_bug.cgi?id=682927>
      9a866b18
    • Timothy B. Terriberry's avatar
      Fix warnings when compiling with a recent MSVC. · 4ce926cb
      Timothy B. Terriberry authored
      Apparently Vista includes more things in its Winsock implementation
       and errno.h than earlier versions of Windows.
      4ce926cb
    • Timothy B. Terriberry's avatar
      Clean up winsock usage. · 25477092
      Timothy B. Terriberry authored
      This keeps differences which can be cleanly abstracted away clean
       (closesocket, ioctlsocket, getsockopt, setsockopt), and makes
       differences which cannot be cleanly abstracted explicit (SOCKET,
       INVALID_SOCKET, WSAGetLastError/WSASetLastError).
      It also gets rid of wsockwrapper.[ch], since it contained just a
       single function.
      
      This can successfully pass the seeking_example tests on
       big.chained.blob over https when built with i686-w64-mingw32 and
       run under wine.
      It does not solve the certificate distribution problems with using
       OpenSSL on a real Windows system.
      25477092
    • Timothy B. Terriberry's avatar
      Clean up mingw32 configuruation. · 1e9d7d85
      Timothy B. Terriberry authored
      Properly check for HTTP support and handle the case where it's
       disabled.
      Also fixes the include paths broken by 3e7f0ddc.
      1e9d7d85
    • Ralph Giles's avatar
      Initial winsock support patch from nu774. · 9c097eee
      Ralph Giles authored
      Some tweak might be still needed to take care of OPENSSL_AppLink
      to get https support working. In win32, user application of openssl
      is required to include openssl/applink.c or something, when openssl
      is compiled with OPENSSL_USE_APPLINK.
      
      I don't know how it should be taken care of, from the library point of
      view (it must be done by user of libopusfile, since openssl always
      searches that function in executable module).
      
      Posted to the hydrogenaudio format 2012 November 19.
      http://www.hydrogenaudio.org/forums/index.php?s=&showtopic=97856&view=findpost&p=814582
      9c097eee
  3. 12 Feb, 2013 1 commit
  4. 10 Jan, 2013 1 commit
  5. 23 Dec, 2012 1 commit
  6. 13 Nov, 2012 1 commit
  7. 28 Oct, 2012 1 commit
  8. 27 Oct, 2012 2 commits
    • Timothy B. Terriberry's avatar
      A few small updates to the hostname verification. · 3bc74807
      Timothy B. Terriberry authored
      Fixes the case where a raw IPv6 address would be rejected as not
       looking like a FQDN.
      Also simplifies the wildcard comparison a little.
      3bc74807
    • Timothy B. Terriberry's avatar
      Make SSL/TLS certificate checking actually work. · a7c5b93c
      Timothy B. Terriberry authored
      We weren't loading the default certificate store, so there were no
       trusted certificates to validate hosts with, and all checks would
       fail (unless explicitly disabled with
       OP_SSL_SKIP_CERTIFICATE_CHECK(0)).
      This adds that call, and also adds hostname verification (which
       OpenSSL does not do for us, because they are morons).
      I've done my best to get the latter right by reading the RFCs, but
       this stuff is complex, it's easy to make mistakes, and I only have
       a limited ability to test it, so caveat emptor.
      a7c5b93c
  9. 24 Oct, 2012 1 commit
    • Timothy B. Terriberry's avatar
      Replace return code checks with OP_ALWAYS_TRUE(). · 4b70af03
      Timothy B. Terriberry authored
      Instead of assigning the return code to a local variable and then
       using OP_ASSERT(), define a new OP_ALWAYS_TRUE() macro that still
       evaluates its argument when assertions are disabled.
      This avoids -Wunused-but-set-variable warnings from clang and
       useless scan-build reports (if scan-build is run without
       assertions enabled).
      4b70af03
  10. 23 Oct, 2012 2 commits
    • Timothy B. Terriberry's avatar
      Some http improvements. · 7b2cc5f1
      Timothy B. Terriberry authored
      - Attempt to re-use connections when we've already received enough
         data to do so immediately.
      - Make sure when seeking near the end, if the current chunk size is
         such that the _next_ chunk will be half the normal size or less,
         we just ask for the rest of the resource.
      
      With these two changes, a normal open of a single-chain Opus-only
       file requires exactly two HTTP requests.
      
      - Also use the response buffer as a dummy buffer when skipping
         data.
        This will avoid helgrind errors for multiple writes from
         different threads without locking (should someone be reading
         multiple streams from different threads).
        It's also better for SMP cache contention.
      7b2cc5f1
    • Timothy B. Terriberry's avatar
      Be more scrupulous about reading extra data. · 7c52622f
      Timothy B. Terriberry authored
      This can be quite expensive with the http backend, especially if it
       causes us to pass a chunk threshold and issue a new request.
      It also lets us error out more quickly if the underlying stream
       data changes.
      7c52622f
  11. 22 Oct, 2012 1 commit
    • Timothy B. Terriberry's avatar
      Fix a few minor nits. · 21f72850
      Timothy B. Terriberry authored
      - The DIGIT character sets shouldn't need to list "0" twice.
      - Avoid a lookup for the port number in getaddrinfo().
      - Resolve the OPUS_SET_GAIN TODO (by refusing to implement a fallback).
      - A few more minor things.
      21f72850
  12. 20 Oct, 2012 4 commits
    • Timothy B. Terriberry's avatar
      Re-do abstract stream reader API. · e2d7b266
      Timothy B. Terriberry authored
      This changes op_read_func to
      a) Take a single byte count to read instead of an "item" count
          (which the http backend couldn't properly support anyway).
      b) Use integers for buffer sizes to avoid having to worry about
          sign differences and whether size_t is larger or smaller than
          opus_int64, etc.
      c) Return an explicit error code (instead of using errno like
          fread).
         We had already eliminated the use of errno, but we did it by
          treating read errors and EOF identically in all cases.
         This was preventing us from reporting SSL truncation attacks
          from the https backend.
         The https backend now properly reports such errors.
      
      This commit also fixes a bug introduced in 9b57b0c2, where we
       accidentally started passing absolute offsets to the _boundary
       parameter of op_get_next_page() instead of relative offsets.
      We now use absolute offsets in all places, as it is the simpler
       choice.
      This matters now, because the error reported when encountering EOF
       before hitting the _boundary is no longer suppressed (but instead
       reported as OP_EBADLINK).
      
      Finally, it removes the op_page_seek() function.
      Except for the time needed to decode forward after seeking, this
       function was identical in performance to op_pcm_seek(), and Opus
       requires decoding 80 ms of data after seek anyway, so the relative
       benefit is much smaller than with Vorbis.
      A survey of open-source code using libvorbisfile showed that the
       only usages of ov_page_seek() in the wild were calling it to seek
       to the start of the stream, for which op_pcm_seek() already has a
       special case that makes it just as fast.
      
      The documentation was also updated to describe all of these chanes.
      
      This is an incompatible API change.
      e2d7b266
    • Timothy B. Terriberry's avatar
      Make the URL API more extensible. · 800be8c0
      Timothy B. Terriberry authored
      Right now we have no way to add any more parameters beyond a set of
       basic binary flags.
      This unifies op_url_stream_create() and
       op_url_stream_create_with_proxy() into a single function that
       takes a variable-length list of arguments, which can be extended
       in the future to include more options of any type.
      
      This is an incompatible API change.
      800be8c0
    • Timothy B. Terriberry's avatar
      Fix op_http_parse_connection(). · 756c4c0b
      Timothy B. Terriberry authored
      We were computing the return value correctly, but then not
       returning it.
      756c4c0b
    • Timothy B. Terriberry's avatar
      Some http robustness improvements. · f83266d9
      Timothy B. Terriberry authored
      - Increase the maximum response header buffer size up to ~32 kB.
        This also moves it into a heap-allocated buffer instead of the
         stack, as 32 kB is really too much for the stack.
      - Treat LF as CR LF when parsing headers.
        This is necessary when parsing the load-balancer response in
         front of <http://lazaradio.hu:8100/bermuda.opus>.
        The response returned by that server is invalid in lots of ways,
         but with these two changes we can read it.
      - In addition, we now peek ahead at a large chunk of data when
         reading the response instead of reading 2 to 4 bytes at a time.
        This allows a typical response to be read with two syscalls
         (one peek, one read) instead of several hundred.
      - Stop trying to read more data when the connection is closed.
      f83266d9
  13. 14 Oct, 2012 1 commit
    • Timothy B. Terriberry's avatar
      Fix some socket connection bugs. · bb8cb7a3
      Timothy B. Terriberry authored
      The big one was that if the connect() call failed, it would loop
       forever (thanks to some code re-factoring, the loop was no longer
       advancing to the next address as originally designed).
      bb8cb7a3
  14. 13 Oct, 2012 1 commit
    • Timothy B. Terriberry's avatar
      Remove an assert. · e88aa498
      Timothy B. Terriberry authored
      On the first request made by a connection, the value it was testing
       might be uninitialized, so we can't guarantee it'll pass.
      e88aa498
  15. 12 Oct, 2012 1 commit
    • Timothy B. Terriberry's avatar
      Major updates to the http backend. · 3d78feff
      Timothy B. Terriberry authored
      * Now supports HTTP/1.1 persistent connections with pipelining.
        This speeds up chain enumeration on large files by almost a
         factor of 2 over http, and by roughly a factor of 4 over https.
        The difference between http and https is now much smaller.
      * Add timeouts to all the socket I/O.
      * Estimate the number of available bytes to read and use it when
         making connection re-use decisions.
      * Add support for https with proxies using HTTP/1.1 CONNECT
         tunnels.
      * Fix TLS session re-use (it requires clean shutdown).
      * Various other code re-organization and minor improvements.
      3d78feff
  16. 01 Oct, 2012 3 commits
    • Timothy B. Terriberry's avatar
      Multiple small fixes. · 6c56a973
      Timothy B. Terriberry authored
      * Tags were being freed even if not initialized if
         op_fetch_headers() failed on the first link.
        The logic for handling completely empty links would leak, also.
      * Ignore fragment identifiers in http URLs instead of rejecting
         them.
      * Get the current link in seeking_example's verify_seek when
         op_read_native() fails to return it for us.
      6c56a973
    • Timothy B. Terriberry's avatar
      Fix scan_build static analysis reports. · 737cbf57
      Timothy B. Terriberry authored
      Most of these were dead code left around from rewriting things and
       things llvm doesn't have enough global information to prove by
       itself.
      The one real error was the missing NULL check in
       opus_tags_parse_impl().
      737cbf57
    • Timothy B. Terriberry's avatar
      Fix file: <host> comparison. · 01012058
      Timothy B. Terriberry authored
      The previous comparison would have succeeded on things like
       "localhost123" instead of just "localhost".
      01012058
  17. 29 Sep, 2012 1 commit
    • Timothy B. Terriberry's avatar
      Clean-up for alternate configurations. · 21322357
      Timothy B. Terriberry authored
      * s/op_read_stereo_float/op_read_float_stereo/ for the fixed-point
         API.
      * Fix compiler warnings exposed when optimizations are enabled.
      * Fix opusfile_example to work with --enable-fixed-point
         --disable-float
      * Fix seeking_example to not re-define OP_FIXED_POINT if it's
         already been defined.
      21322357
  18. 24 Sep, 2012 2 commits
  19. 23 Sep, 2012 3 commits
  20. 22 Sep, 2012 2 commits