commit 45493b01359741020d521d01e6a46063994e1d7215c144e6531ff2bdce783aed Author: Bjørn Lie Date: Wed Nov 13 22:54:07 2024 +0000 Accepting request 1224038 from GNOME:Next - Add 4c9e75c6.patch: fix an intermittent test failure (glgo#GNOME/libsoup#399). OBS-URL: https://build.opensuse.org/request/show/1224038 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/libsoup2?expand=0&rev=15 diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/04df03bc.patch b/04df03bc.patch new file mode 100644 index 0000000..d3355a7 --- /dev/null +++ b/04df03bc.patch @@ -0,0 +1,145 @@ +From 04df03bc092ac20607f3e150936624d4f536e68b Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Mon, 8 Jul 2024 12:33:15 -0500 +Subject: [PATCH] headers: Strictly don't allow NUL bytes + +In the past (2015) this was allowed for some problematic sites. However Chromium also does not allow NUL bytes in either header names or values these days. So this should no longer be a problem. +--- + libsoup/soup-headers.c | 15 +++------ + tests/header-parsing-test.c | 62 +++++++++++++++++-------------------- + 2 files changed, 32 insertions(+), 45 deletions(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index a0cf351ac..f30ee467a 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -51,13 +51,14 @@ soup_headers_parse (const char *str, int len, SoupMessageHeaders *dest) + * ignorable trailing whitespace. + */ + ++ /* No '\0's are allowed */ ++ if (memchr (str, '\0', len)) ++ return FALSE; ++ + /* Skip over the Request-Line / Status-Line */ + headers_start = memchr (str, '\n', len); + if (!headers_start) + return FALSE; +- /* No '\0's in the Request-Line / Status-Line */ +- if (memchr (str, '\0', headers_start - str)) +- return FALSE; + + /* We work on a copy of the headers, which we can write '\0's + * into, so that we don't have to individually g_strndup and +@@ -69,14 +70,6 @@ soup_headers_parse (const char *str, int len, SoupMessageHeaders *dest) + headers_copy[copy_len] = '\0'; + value_end = headers_copy; + +- /* There shouldn't be any '\0's in the headers already, but +- * this is the web we're talking about. +- */ +- while ((p = memchr (headers_copy, '\0', copy_len))) { +- memmove (p, p + 1, copy_len - (p - headers_copy)); +- copy_len--; +- } +- + while (*(value_end + 1)) { + name = value_end + 1; + name_end = strchr (name, ':'); +diff --git a/tests/header-parsing-test.c b/tests/header-parsing-test.c +index edf8eebb3..715c2c6f2 100644 +--- a/tests/header-parsing-test.c ++++ b/tests/header-parsing-test.c +@@ -358,24 +358,6 @@ static struct RequestTest { + } + }, + +- { "NUL in header name", "760832", +- "GET / HTTP/1.1\r\nHost\x00: example.com\r\n", 36, +- SOUP_STATUS_OK, +- "GET", "/", SOUP_HTTP_1_1, +- { { "Host", "example.com" }, +- { NULL } +- } +- }, +- +- { "NUL in header value", "760832", +- "GET / HTTP/1.1\r\nHost: example\x00" "com\r\n", 35, +- SOUP_STATUS_OK, +- "GET", "/", SOUP_HTTP_1_1, +- { { "Host", "examplecom" }, +- { NULL } +- } +- }, +- + /************************/ + /*** INVALID REQUESTS ***/ + /************************/ +@@ -448,6 +430,21 @@ static struct RequestTest { + SOUP_STATUS_EXPECTATION_FAILED, + NULL, NULL, -1, + { { NULL } } ++ }, ++ ++ // https://gitlab.gnome.org/GNOME/libsoup/-/issues/377 ++ { "NUL in header name", NULL, ++ "GET / HTTP/1.1\r\nHost\x00: example.com\r\n", 36, ++ SOUP_STATUS_BAD_REQUEST, ++ NULL, NULL, -1, ++ { { NULL } } ++ }, ++ ++ { "NUL in header value", NULL, ++ "HTTP/1.1 200 OK\r\nFoo: b\x00" "ar\r\n", 28, ++ SOUP_STATUS_BAD_REQUEST, ++ NULL, NULL, -1, ++ { { NULL } } + } + }; + static const int num_reqtests = G_N_ELEMENTS (reqtests); +@@ -620,22 +617,6 @@ static struct ResponseTest { + { NULL } } + }, + +- { "NUL in header name", "760832", +- "HTTP/1.1 200 OK\r\nF\x00oo: bar\r\n", 28, +- SOUP_HTTP_1_1, SOUP_STATUS_OK, "OK", +- { { "Foo", "bar" }, +- { NULL } +- } +- }, +- +- { "NUL in header value", "760832", +- "HTTP/1.1 200 OK\r\nFoo: b\x00" "ar\r\n", 28, +- SOUP_HTTP_1_1, SOUP_STATUS_OK, "OK", +- { { "Foo", "bar" }, +- { NULL } +- } +- }, +- + /********************************/ + /*** VALID CONTINUE RESPONSES ***/ + /********************************/ +@@ -768,6 +749,19 @@ static struct ResponseTest { + { { NULL } + } + }, ++ ++ // https://gitlab.gnome.org/GNOME/libsoup/-/issues/377 ++ { "NUL in header name", NULL, ++ "HTTP/1.1 200 OK\r\nF\x00oo: bar\r\n", 28, ++ -1, 0, NULL, ++ { { NULL } } ++ }, ++ ++ { "NUL in header value", "760832", ++ "HTTP/1.1 200 OK\r\nFoo: b\x00" "ar\r\n", 28, ++ -1, 0, NULL, ++ { { NULL } } ++ }, + }; + static const int num_resptests = G_N_ELEMENTS (resptests); + +-- +GitLab + diff --git a/29b96fab.patch b/29b96fab.patch new file mode 100644 index 0000000..ee49b40 --- /dev/null +++ b/29b96fab.patch @@ -0,0 +1,38 @@ +From 29b96fab2512666d7241e46c98cc45b60b795c0c Mon Sep 17 00:00:00 2001 +From: Ignacio Casal Quinteiro +Date: Wed, 2 Oct 2024 11:17:19 +0200 +Subject: [PATCH] websocket-test: disconnect error copy after the test ends + +Otherwise the server will have already sent a few more wrong +bytes and the client will continue getting errors to copy +but the error is already != NULL and it will assert +--- + tests/websocket-test.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/tests/websocket-test.c b/tests/websocket-test.c +index 06c443bb5..6a48c1f9b 100644 +--- a/tests/websocket-test.c ++++ b/tests/websocket-test.c +@@ -1539,8 +1539,9 @@ test_receive_invalid_encode_length_64 (Test *test, + GError *error = NULL; + InvalidEncodeLengthTest context = { test, NULL }; + guint i; ++ guint error_id; + +- g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error); ++ error_id = g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error); + g_signal_connect (test->client, "message", G_CALLBACK (on_binary_message), &received); + + /* We use 127(\x7f) as payload length with 65535 extended length */ +@@ -1553,6 +1554,7 @@ test_receive_invalid_encode_length_64 (Test *test, + WAIT_UNTIL (error != NULL || received != NULL); + g_assert_error (error, SOUP_WEBSOCKET_ERROR, SOUP_WEBSOCKET_CLOSE_PROTOCOL_ERROR); + g_clear_error (&error); ++ g_signal_handler_disconnect (test->client, error_id); + g_assert_null (received); + + g_thread_join (thread); +-- +GitLab + diff --git a/48b3b611.patch b/48b3b611.patch new file mode 100644 index 0000000..051a694 --- /dev/null +++ b/48b3b611.patch @@ -0,0 +1,165 @@ +From 48b3b61154389b377f6cd20ea72e57b62c9256e8 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 13 Apr 2023 12:32:04 +0100 +Subject: [PATCH] lib: Add names to various GSources +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This helps in identifying what’s attached to a `GMainContext` when +debugging runtime problems with libsoup. + +The names added in `soup-misc.c` are fairly rough; if they turn out to +not be specific enough, those methods could be changed to accept a +`const gchar *name` argument so the caller can provide a more specific +name. + +Signed-off-by: Philip Withnall +--- + libsoup/soup-message-io.c | 4 ++++ + libsoup/soup-misc.c | 20 ++++++++++++++++++++ + libsoup/soup-socket.c | 7 +++++++ + libsoup/soup-websocket-connection.c | 20 ++++++++++++++++++++ + 4 files changed, 51 insertions(+) + +diff --git a/libsoup/soup-message-io.c b/libsoup/soup-message-io.c +index c5412abb2..8d69f18d6 100644 +--- a/libsoup/soup-message-io.c ++++ b/libsoup/soup-message-io.c +@@ -927,7 +927,11 @@ soup_message_io_get_source (SoupMessage *msg, GCancellable *cancellable, + + source = g_source_new (&message_source_funcs, + sizeof (SoupMessageSource)); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (source, "SoupMessageSource"); ++#else + g_source_set_name (source, "SoupMessageSource"); ++#endif + message_source = (SoupMessageSource *)source; + message_source->msg = g_object_ref (msg); + message_source->paused = io && io->paused; +diff --git a/libsoup/soup-misc.c b/libsoup/soup-misc.c +index 2cf6b0f6a..170fa15a2 100644 +--- a/libsoup/soup-misc.c ++++ b/libsoup/soup-misc.c +@@ -83,6 +83,11 @@ soup_add_io_watch (GMainContext *async_context, + GIOFunc function, gpointer data) + { + GSource *watch = g_io_create_watch (chan, condition); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (watch, "SoupIOWatch"); ++#else ++ g_source_set_name (watch, "SoupIOWatch"); ++#endif + g_source_set_callback (watch, (GSourceFunc) function, data, NULL); + g_source_attach (watch, async_context); + g_source_unref (watch); +@@ -111,6 +116,11 @@ soup_add_idle (GMainContext *async_context, + GSourceFunc function, gpointer data) + { + GSource *source = g_idle_source_new (); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (source, "SoupIdle"); ++#else ++ g_source_set_name (source, "SoupIdle"); ++#endif + g_source_set_callback (source, function, data, NULL); + g_source_attach (source, async_context); + g_source_unref (source); +@@ -125,6 +135,11 @@ soup_add_completion_reffed (GMainContext *async_context, + { + GSource *source = g_idle_source_new (); + ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (source, "SoupCompletion"); ++#else ++ g_source_set_name (source, "SoupCompletion"); ++#endif + g_source_set_priority (source, G_PRIORITY_DEFAULT); + g_source_set_callback (source, function, data, dnotify); + g_source_attach (source, async_context); +@@ -178,6 +193,11 @@ soup_add_timeout (GMainContext *async_context, + GSourceFunc function, gpointer data) + { + GSource *source = g_timeout_source_new (interval); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (source, "SoupTimeout"); ++#else ++ g_source_set_name (source, "SoupTimeout"); ++#endif + g_source_set_callback (source, function, data, NULL); + g_source_attach (source, async_context); + g_source_unref (source); +diff --git a/libsoup/soup-socket.c b/libsoup/soup-socket.c +index 0ec451032..53b5c584b 100644 +--- a/libsoup/soup-socket.c ++++ b/libsoup/soup-socket.c +@@ -1203,6 +1203,13 @@ soup_socket_create_watch (SoupSocketPrivate *priv, GIOCondition cond, + watch = g_pollable_input_stream_create_source (G_POLLABLE_INPUT_STREAM (priv->istream), cancellable); + else + watch = g_pollable_output_stream_create_source (G_POLLABLE_OUTPUT_STREAM (priv->ostream), cancellable); ++ ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (watch, "SoupSocket watch"); ++#else ++ g_source_set_name (watch, "SoupSocket watch"); ++#endif ++ + g_source_set_callback (watch, (GSourceFunc)callback, user_data, NULL); + + g_source_attach (watch, priv->async_context); +diff --git a/libsoup/soup-websocket-connection.c b/libsoup/soup-websocket-connection.c +index a4095e1c9..6d136d411 100644 +--- a/libsoup/soup-websocket-connection.c ++++ b/libsoup/soup-websocket-connection.c +@@ -306,6 +306,11 @@ soup_websocket_connection_start_input_source (SoupWebsocketConnection *self) + return; + + pv->input_source = g_pollable_input_stream_create_source (pv->input, NULL); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (pv->input_source, "SoupWebsocketConnection input"); ++#else ++ g_source_set_name (pv->input_source, "SoupWebsocketConnection input"); ++#endif + g_source_set_callback (pv->input_source, (GSourceFunc)on_web_socket_input, self, NULL); + g_source_attach (pv->input_source, pv->main_context); + } +@@ -332,6 +337,11 @@ soup_websocket_connection_start_output_source (SoupWebsocketConnection *self) + return; + + pv->output_source = g_pollable_output_stream_create_source (pv->output, NULL); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (pv->output_source, "SoupWebsocketConnection output"); ++#else ++ g_source_set_name (pv->output_source, "SoupWebsocketConnection output"); ++#endif + g_source_set_callback (pv->output_source, (GSourceFunc)on_web_socket_output, self, NULL); + g_source_attach (pv->output_source, pv->main_context); + } +@@ -444,6 +454,11 @@ close_io_after_timeout (SoupWebsocketConnection *self) + + g_debug ("waiting %d seconds for peer to close io", timeout); + pv->close_timeout = g_timeout_source_new_seconds (timeout); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (pv->close_timeout, "SoupWebsocketConnection close timeout"); ++#else ++ g_source_set_name (pv->close_timeout, "SoupWebsocketConnection close timeout"); ++#endif + g_source_set_callback (pv->close_timeout, on_timeout_close_io, self, NULL); + g_source_attach (pv->close_timeout, pv->main_context); + } +@@ -2207,6 +2222,11 @@ soup_websocket_connection_set_keepalive_interval (SoupWebsocketConnection *self, + + if (interval > 0) { + pv->keepalive_timeout = g_timeout_source_new_seconds (interval); ++#if GLIB_CHECK_VERSION(2, 70, 0) ++ g_source_set_static_name (pv->keepalive_timeout, "SoupWebsocketConnection keepalive timeout"); ++#else ++ g_source_set_name (pv->keepalive_timeout, "SoupWebsocketConnection keepalive timeout"); ++#endif + g_source_set_callback (pv->keepalive_timeout, on_queue_ping, self, NULL); + g_source_attach (pv->keepalive_timeout, pv->main_context); + } +-- +GitLab + diff --git a/4c9e75c6.patch b/4c9e75c6.patch new file mode 100644 index 0000000..7b99137 --- /dev/null +++ b/4c9e75c6.patch @@ -0,0 +1,42 @@ +From 4c9e75c6676a37b6485620c332e568e1a3f530ff Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Wed, 13 Nov 2024 14:14:23 +0000 +Subject: [PATCH] websocket-test: Disconnect error signal in another place + +This is the same change as commit 29b96fab "websocket-test: disconnect +error copy after the test ends", and is done for the same reason, but +replicating it into a different function. + +Fixes: 6adc0e3e "websocket: process the frame as soon as we read data" +Resolves: https://gitlab.gnome.org/GNOME/libsoup/-/issues/399 +Signed-off-by: Simon McVittie +--- + tests/websocket-test.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/tests/websocket-test.c b/tests/websocket-test.c +index 6a48c1f9..723f2857 100644 +--- a/tests/websocket-test.c ++++ b/tests/websocket-test.c +@@ -1508,8 +1508,9 @@ test_receive_invalid_encode_length_16 (Test *test, + GError *error = NULL; + InvalidEncodeLengthTest context = { test, NULL }; + guint i; ++ guint error_id; + +- g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error); ++ error_id = g_signal_connect (test->client, "error", G_CALLBACK (on_error_copy), &error); + g_signal_connect (test->client, "message", G_CALLBACK (on_binary_message), &received); + + /* We use 126(~) as payload length with 125 extended length */ +@@ -1522,6 +1523,7 @@ test_receive_invalid_encode_length_16 (Test *test, + WAIT_UNTIL (error != NULL || received != NULL); + g_assert_error (error, SOUP_WEBSOCKET_ERROR, SOUP_WEBSOCKET_CLOSE_PROTOCOL_ERROR); + g_clear_error (&error); ++ g_signal_handler_disconnect (test->client, error_id); + g_assert_null (received); + + g_thread_join (thread); +-- +GitLab + diff --git a/4d12c3e5.patch b/4d12c3e5.patch new file mode 100644 index 0000000..bfce34c --- /dev/null +++ b/4d12c3e5.patch @@ -0,0 +1,191 @@ +From 4d12c3e5769952ad0bfa318f4569d90a9d9a5085 Mon Sep 17 00:00:00 2001 +From: Philip Withnall +Date: Thu, 13 Apr 2023 12:25:37 +0100 +Subject: [PATCH] lib: Add g_task_set_source_tag() everywhere + +This makes it easier to identify what a `GTask` instance is when +debugging a running process. + +Signed-off-by: Philip Withnall +--- + libsoup/soup-address.c | 2 ++ + libsoup/soup-client-input-stream.c | 1 + + libsoup/soup-connection.c | 2 ++ + libsoup/soup-io-stream.c | 1 + + libsoup/soup-multipart-input-stream.c | 1 + + libsoup/soup-proxy-resolver-wrapper.c | 1 + + libsoup/soup-request-file.c | 1 + + libsoup/soup-request-http.c | 1 + + libsoup/soup-request.c | 1 + + libsoup/soup-session.c | 3 +++ + libsoup/soup-socket.c | 2 ++ + 11 files changed, 16 insertions(+) + +diff --git a/libsoup/soup-address.c b/libsoup/soup-address.c +index 574e982f2..bcd3e9e7f 100644 +--- a/libsoup/soup-address.c ++++ b/libsoup/soup-address.c +@@ -1209,6 +1209,8 @@ soup_address_address_enumerator_next_async (GSocketAddressEnumerator *enumerato + GTask *task; + + task = g_task_new (enumerator, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_address_address_enumerator_next_async); ++ + if (!priv->sockaddr) { + soup_address_resolve_async (addr_enum->addr, + g_main_context_get_thread_default (), +diff --git a/libsoup/soup-client-input-stream.c b/libsoup/soup-client-input-stream.c +index e73ec9e63..c5484501e 100644 +--- a/libsoup/soup-client-input-stream.c ++++ b/libsoup/soup-client-input-stream.c +@@ -189,6 +189,7 @@ soup_client_input_stream_close_async (GInputStream *stream, + GSource *source; + + task = g_task_new (stream, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_client_input_stream_close_async); + g_task_set_priority (task, priority); + + if (close_async_ready (cistream->priv->msg, task) == G_SOURCE_CONTINUE) { +diff --git a/libsoup/soup-connection.c b/libsoup/soup-connection.c +index 1b9a4fee8..8d4fee8d1 100644 +--- a/libsoup/soup-connection.c ++++ b/libsoup/soup-connection.c +@@ -418,6 +418,7 @@ soup_connection_connect_async (SoupConnection *conn, + + soup_socket_properties_push_async_context (priv->socket_props); + task = g_task_new (conn, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_connection_connect_async); + + soup_socket_connect_async_internal (priv->socket, cancellable, + socket_connect_complete, task); +@@ -546,6 +547,7 @@ soup_connection_start_ssl_async (SoupConnection *conn, + + soup_socket_properties_push_async_context (priv->socket_props); + task = g_task_new (conn, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_connection_start_ssl_async); + + soup_socket_handshake_async (priv->socket, priv->remote_uri->host, + cancellable, start_ssl_completed, task); +diff --git a/libsoup/soup-io-stream.c b/libsoup/soup-io-stream.c +index 8daca38d6..3da1d614b 100644 +--- a/libsoup/soup-io-stream.c ++++ b/libsoup/soup-io-stream.c +@@ -160,6 +160,7 @@ soup_io_stream_close_async (GIOStream *stream, + GTask *task; + + task = g_task_new (stream, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_io_stream_close_async); + g_io_stream_close_async (SOUP_IO_STREAM (stream)->priv->base_iostream, + io_priority, cancellable, + close_async_complete, task); +diff --git a/libsoup/soup-multipart-input-stream.c b/libsoup/soup-multipart-input-stream.c +index 535dd6ec4..209eb9a32 100644 +--- a/libsoup/soup-multipart-input-stream.c ++++ b/libsoup/soup-multipart-input-stream.c +@@ -528,6 +528,7 @@ soup_multipart_input_stream_next_part_async (SoupMultipartInputStream *multipart + g_return_if_fail (SOUP_IS_MULTIPART_INPUT_STREAM (multipart)); + + task = g_task_new (multipart, cancellable, callback, data); ++ g_task_set_source_tag (task, soup_multipart_input_stream_next_part_async); + g_task_set_priority (task, io_priority); + + if (!g_input_stream_set_pending (stream, &error)) { +diff --git a/libsoup/soup-proxy-resolver-wrapper.c b/libsoup/soup-proxy-resolver-wrapper.c +index e07664ca9..e787ff095 100644 +--- a/libsoup/soup-proxy-resolver-wrapper.c ++++ b/libsoup/soup-proxy-resolver-wrapper.c +@@ -92,6 +92,7 @@ soup_proxy_resolver_wrapper_lookup_async (GProxyResolver *resolver, + SoupURI *source_uri; + + task = g_task_new (resolver, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_proxy_resolver_wrapper_lookup_async); + source_uri = soup_uri_new (uri); + g_task_set_task_data (task, source_uri, (GDestroyNotify) soup_uri_free); + +diff --git a/libsoup/soup-request-file.c b/libsoup/soup-request-file.c +index c402a5b4c..6d3e9fa3b 100644 +--- a/libsoup/soup-request-file.c ++++ b/libsoup/soup-request-file.c +@@ -301,6 +301,7 @@ soup_request_file_send_async (SoupRequest *request, + GError *error = NULL; + + task = g_task_new (request, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_request_file_send_async); + + if (!soup_request_file_ensure_file (file, cancellable, &error)) { + g_task_return_error (task, error); +diff --git a/libsoup/soup-request-http.c b/libsoup/soup-request-http.c +index 285f59d7a..a608d3a2d 100644 +--- a/libsoup/soup-request-http.c ++++ b/libsoup/soup-request-http.c +@@ -140,6 +140,7 @@ soup_request_http_send_async (SoupRequest *request, + g_return_if_fail (!SOUP_IS_SESSION_SYNC (session)); + + task = g_task_new (request, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_request_http_send_async); + soup_session_send_async (session, http->priv->msg, cancellable, + http_input_stream_ready_cb, task); + } +diff --git a/libsoup/soup-request.c b/libsoup/soup-request.c +index 61980c78a..6c11c32c4 100644 +--- a/libsoup/soup-request.c ++++ b/libsoup/soup-request.c +@@ -177,6 +177,7 @@ soup_request_default_send_async (SoupRequest *request, + GError *error = NULL; + + task = g_task_new (request, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_request_default_send_async); + + stream = soup_request_send (request, cancellable, &error); + if (stream) +diff --git a/libsoup/soup-session.c b/libsoup/soup-session.c +index 83421ef9d..c74b1b886 100644 +--- a/libsoup/soup-session.c ++++ b/libsoup/soup-session.c +@@ -4355,6 +4355,7 @@ soup_session_send_async (SoupSession *session, + + item->new_api = TRUE; + item->task = g_task_new (session, item->cancellable, callback, user_data); ++ g_task_set_source_tag (item->task, soup_session_send_async); + g_task_set_task_data (item->task, item, (GDestroyNotify) soup_message_queue_item_unref); + + /* Do not check for cancellations as we do not want to +@@ -4961,6 +4962,7 @@ soup_session_websocket_connect_async (SoupSession *session, + soup_message_set_flags (msg, flags | SOUP_MESSAGE_NEW_CONNECTION); + + task = g_task_new (session, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_session_websocket_connect_async); + item = soup_session_append_queue_item (session, msg, TRUE, FALSE, + websocket_connect_async_complete, task); + g_task_set_task_data (task, item, (GDestroyNotify) soup_message_queue_item_unref); +@@ -5108,6 +5110,7 @@ soup_session_connect_async (SoupSession *session, + g_return_if_fail (uri != NULL); + + task = g_task_new (session, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_session_connect_async); + + msg = soup_message_new_from_uri (SOUP_METHOD_HEAD, uri); + soup_message_set_flags (msg, SOUP_MESSAGE_NEW_CONNECTION); +diff --git a/libsoup/soup-socket.c b/libsoup/soup-socket.c +index 7ad484308..0ec451032 100644 +--- a/libsoup/soup-socket.c ++++ b/libsoup/soup-socket.c +@@ -970,6 +970,7 @@ soup_socket_connect_async_internal (SoupSocket *sock, + + priv->connect_cancel = cancellable ? g_object_ref (cancellable) : g_cancellable_new (); + task = g_task_new (sock, priv->connect_cancel, callback, user_data); ++ g_task_set_source_tag (task, soup_socket_connect_async_internal); + + client = new_socket_client (sock); + g_socket_client_connect_async (client, +@@ -1536,6 +1537,7 @@ soup_socket_handshake_async (SoupSocket *sock, + GError *error = NULL; + + task = g_task_new (sock, cancellable, callback, user_data); ++ g_task_set_source_tag (task, soup_socket_handshake_async); + + if (!soup_socket_setup_ssl (sock, ssl_host, cancellable, &error)) { + g_task_return_error (task, error); +-- +GitLab + diff --git a/a35222dd.patch b/a35222dd.patch new file mode 100644 index 0000000..743a086 --- /dev/null +++ b/a35222dd.patch @@ -0,0 +1,129 @@ +From a35222dd0bfab2ac97c10e86b95f762456628283 Mon Sep 17 00:00:00 2001 +From: Patrick Griffis +Date: Tue, 27 Aug 2024 13:53:26 -0500 +Subject: [PATCH] headers: Be more robust against invalid input when parsing + params + +If you pass invalid input to a function such as soup_header_parse_param_list_strict() +it can cause an overflow if it decodes the input to UTF-8. + +This should never happen with valid UTF-8 input which libsoup's client API +ensures, however it's server API does not currently. +--- + libsoup/soup-headers.c | 46 ++++++++++++++++++++++-------------------- + 1 file changed, 24 insertions(+), 22 deletions(-) + +diff --git a/libsoup/soup-headers.c b/libsoup/soup-headers.c +index f30ee467..613e1905 100644 +--- a/libsoup/soup-headers.c ++++ b/libsoup/soup-headers.c +@@ -646,8 +646,9 @@ soup_header_contains (const char *header, const char *token) + } + + static void +-decode_quoted_string (char *quoted_string) ++decode_quoted_string_inplace (GString *quoted_gstring) + { ++ char *quoted_string = quoted_gstring->str; + char *src, *dst; + + src = quoted_string + 1; +@@ -661,10 +662,11 @@ decode_quoted_string (char *quoted_string) + } + + static gboolean +-decode_rfc5987 (char *encoded_string) ++decode_rfc5987_inplace (GString *encoded_gstring) + { + char *q, *decoded; + gboolean iso_8859_1 = FALSE; ++ const char *encoded_string = encoded_gstring->str; + + q = strchr (encoded_string, '\''); + if (!q) +@@ -696,14 +698,7 @@ decode_rfc5987 (char *encoded_string) + decoded = utf8; + } + +- /* If encoded_string was UTF-8, then each 3-character %-escape +- * will be converted to a single byte, and so decoded is +- * shorter than encoded_string. If encoded_string was +- * iso-8859-1, then each 3-character %-escape will be +- * converted into at most 2 bytes in UTF-8, and so it's still +- * shorter. +- */ +- strcpy (encoded_string, decoded); ++ g_string_assign (encoded_gstring, decoded); + g_free (decoded); + return TRUE; + } +@@ -713,15 +708,17 @@ parse_param_list (const char *header, char delim, gboolean strict) + { + GHashTable *params; + GSList *list, *iter; +- char *item, *eq, *name_end, *value; +- gboolean override, duplicated; + + params = g_hash_table_new_full (soup_str_case_hash, + soup_str_case_equal, +- g_free, NULL); ++ g_free, g_free); + + list = parse_list (header, delim); + for (iter = list; iter; iter = iter->next) { ++ char *item, *eq, *name_end; ++ gboolean override, duplicated; ++ GString *parsed_value = NULL; ++ + item = iter->data; + override = FALSE; + +@@ -736,19 +733,19 @@ parse_param_list (const char *header, char delim, gboolean strict) + + *name_end = '\0'; + +- value = (char *)skip_lws (eq + 1); ++ parsed_value = g_string_new ((char *)skip_lws (eq + 1)); + + if (name_end[-1] == '*' && name_end > item + 1) { + name_end[-1] = '\0'; +- if (!decode_rfc5987 (value)) { ++ if (!decode_rfc5987_inplace (parsed_value)) { ++ g_string_free (parsed_value, TRUE); + g_free (item); + continue; + } + override = TRUE; +- } else if (*value == '"') +- decode_quoted_string (value); +- } else +- value = NULL; ++ } else if (parsed_value->str[0] == '"') ++ decode_quoted_string_inplace (parsed_value); ++ } + + duplicated = g_hash_table_lookup_extended (params, item, NULL, NULL); + +@@ -756,11 +753,16 @@ parse_param_list (const char *header, char delim, gboolean strict) + soup_header_free_param_list (params); + params = NULL; + g_slist_foreach (iter, (GFunc)g_free, NULL); ++ if (parsed_value) ++ g_string_free (parsed_value, TRUE); + break; +- } else if (override || !duplicated) +- g_hash_table_replace (params, item, value); +- else ++ } else if (override || !duplicated) { ++ g_hash_table_replace (params, item, parsed_value ? g_string_free (parsed_value, FALSE) : NULL); ++ } else { ++ if (parsed_value) ++ g_string_free (parsed_value, TRUE); + g_free (item); ++ } + } + + g_slist_free (list); +-- +GitLab + diff --git a/baselibs.conf b/baselibs.conf new file mode 100644 index 0000000..934caf6 --- /dev/null +++ b/baselibs.conf @@ -0,0 +1,5 @@ +libsoup-2_4-1 + obsoletes "libsoup-" +libsoup2-devel + requires -libsoup- + requires "libsoup-2_4-1- = " diff --git a/ced3c5d8.patch b/ced3c5d8.patch new file mode 100644 index 0000000..34156f4 --- /dev/null +++ b/ced3c5d8.patch @@ -0,0 +1,43 @@ +From ced3c5d8cad0177b297666343f1561799dfefb0d Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Wed, 22 Nov 2023 18:49:10 -0800 +Subject: [PATCH] Fix build with libxml2-2.12.0 and clang-17 + +Fixes build errors about missing function prototypes with clang-17 + +Fixes +| ../libsoup-2.74.3/libsoup/soup-xmlrpc-old.c:512:8: error: call to undeclared function 'xmlParseMemory'; ISO C99 and later do not support implicit function declarations + +Signed-off-by: Khem Raj +--- + libsoup/soup-xmlrpc-old.c | 1 + + libsoup/soup-xmlrpc.c | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/libsoup/soup-xmlrpc-old.c b/libsoup/soup-xmlrpc-old.c +index c57086b6a..527e3b235 100644 +--- a/libsoup/soup-xmlrpc-old.c ++++ b/libsoup/soup-xmlrpc-old.c +@@ -11,6 +11,7 @@ + + #include + ++#include + #include + + #include "soup-xmlrpc-old.h" +diff --git a/libsoup/soup-xmlrpc.c b/libsoup/soup-xmlrpc.c +index 42dcda9c7..e991cbf01 100644 +--- a/libsoup/soup-xmlrpc.c ++++ b/libsoup/soup-xmlrpc.c +@@ -17,6 +17,7 @@ + + #include + #include ++#include + #include + #include "soup-xmlrpc.h" + #include "soup.h" +-- +GitLab + diff --git a/libsoup-2.74.3.tar.xz b/libsoup-2.74.3.tar.xz new file mode 100644 index 0000000..d149966 --- /dev/null +++ b/libsoup-2.74.3.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e4b77c41cfc4c8c5a035fcdc320c7bc6cfb75ef7c5a034153df1413fa1d92f13 +size 1504804 diff --git a/libsoup-CVE-2024-52532.patch b/libsoup-CVE-2024-52532.patch new file mode 100644 index 0000000..79d7841 --- /dev/null +++ b/libsoup-CVE-2024-52532.patch @@ -0,0 +1,34 @@ +From f84fc43fe62e25ca807975fa758f2e3d7737db4f Mon Sep 17 00:00:00 2001 +From: Mike Gorse +Date: Tue, 12 Nov 2024 17:20:25 -0600 +Subject: [PATCH] websocket: process the frame as soon as we read data + +Otherwise we can enter in a read loop because we were not +validating the data until the all the data was read. + +Fixes #391 + +Backport of https://gitlab.gnome.org/GNOME/libsoup/-/commit/6adc0e3e.patch +--- + libsoup/soup-websocket-connection.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libsoup/soup-websocket-connection.c b/libsoup/soup-websocket-connection.c +index 6d136d41..2db34d3c 100644 +--- a/libsoup/soup-websocket-connection.c ++++ b/libsoup/soup-websocket-connection.c +@@ -1155,9 +1155,9 @@ soup_websocket_connection_read (SoupWebsocketConnection *self) + } + + pv->incoming->len = len + count; +- } while (count > 0); + +- process_incoming (self); ++ process_incoming (self); ++ } while (count > 0 && !pv->close_sent && !pv->io_closing); + + if (end) { + if (!pv->close_sent || !pv->close_received) { +-- +2.47.0 + diff --git a/libsoup-skip-tls_interaction-test.patch b/libsoup-skip-tls_interaction-test.patch new file mode 100644 index 0000000..fc690d1 --- /dev/null +++ b/libsoup-skip-tls_interaction-test.patch @@ -0,0 +1,14 @@ +Index: libsoup-2.72.0/tests/ssl-test.c +=================================================================== +--- libsoup-2.72.0.orig/tests/ssl-test.c ++++ libsoup-2.72.0/tests/ssl-test.c +@@ -370,6 +370,9 @@ do_tls_interaction_test (void) + + SOUP_TEST_SKIP_IF_NO_TLS; + ++ g_test_skip ("Not reliable? See https://gitlab.gnome.org/GNOME/libsoup/issues/120"); ++ return; ++ + service = g_threaded_socket_service_new (1); + address = g_inet_socket_address_new_from_string ("127.0.0.1", 0); + g_socket_listener_add_address (G_SOCKET_LISTENER (service), address, diff --git a/libsoup2-extend-test-cert.patch b/libsoup2-extend-test-cert.patch new file mode 100644 index 0000000..1daee1c --- /dev/null +++ b/libsoup2-extend-test-cert.patch @@ -0,0 +1,59 @@ +https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/177 +From 38a65f080a3168e8af78bdd3e4928debeea2dbd8 Mon Sep 17 00:00:00 2001 +From: "Bernhard M. Wiedemann" +Date: Thu, 18 Feb 2021 09:13:40 +0100 +Subject: [PATCH] Extend test cert to 2049 + +used certtool -u \ + --load-ca-privkey ./tests/test-key.pem \ + --load-ca-certificate ./tests/test-cert.pem \ + --load-certificate ./tests/test-cert.pem + +Without this patch, 3 tests failed in 2027 + 11/29 misc-test FAIL 0.67s (exit status 1) + 21/29 server-test FAIL 0.12s (exit status 1) + 25/29 timeout-test FAIL 4.08s (killed by signal 5 SIGTRAP) + +Background: +As part of my work on reproducible builds for openSUSE, I check that software still gives identical build results in the future. +The usual offset is +15 years, because that is how long I expect some software will be used in some places. +This showed up failing tests in our package build. +See https://reproducible-builds.org/ for why this matters. +--- + tests/test-cert.pem | 16 ++++++++-------- + 1 file changed, 8 insertions(+), 8 deletions(-) + +diff --git a/tests/test-cert.pem b/tests/test-cert.pem +index ff863b4d..4b8b180d 100644 +--- a/tests/test-cert.pem ++++ b/tests/test-cert.pem +@@ -1,6 +1,6 @@ + -----BEGIN CERTIFICATE----- + MIIC2zCCAcOgAwIBAgIJALRbg2WnuAAqMA0GCSqGSIb3DQEBCwUAMBQxEjAQBgNV +-BAMMCTEyNy4wLjAuMTAeFw0xNzA2MjAxNDI3MzBaFw0yNzA2MTgxNDI3MzBaMBQx ++BAMMCTEyNy4wLjAuMTAeFw0yMTAyMTgwODA3MzBaFw00OTEyMzEwODA3MzRaMBQx + EjAQBgNVBAMMCTEyNy4wLjAuMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC + ggEBAKs4fuRuW77nORhOT9kbbU6BsjKW3GEsMc+ZSmXjINQWpfkES2hV+DQyzhm5 + qh4OLi1vYtXoSbdQNDCbA8ybZJqR8m9F3ed8vobdSSQGxWpPdXTgz27x+TpiAc9P +@@ -8,11 +8,11 @@ w83UuPvlu/0AxHJBFXVAg+id0yFu3wmGWYJHoAtvFi2xeRtAXurNuPtjZyO+gfM9 + BKTRCkGsRSmPpJyGbU2Q96fjxnVfV9oYvQXeugUcSx/pTUCM/kDgD9QZCxG2rflX + NWcqDFY3uO6ZR68Qwi/KouOa8rzrgAcwhFUI6Wz0Zwi1rzRtWK5WqC24aBUYz/tK + hl8i88UDXSMh7spChdYDBGLhZyUCAwEAAaMwMC4wLAYDVR0RBCUwI4IJbG9jYWxo +-b3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEBCwUAA4IBAQBj +-+U8tebwg5/pof5Rht6TMHqeg6Fcr4OJkL2ph2g+T/AMTS7kEGeFIKJN5AZ+S/qIY +-cdoDKHwc8+bCK/mG6DPmJ4z/2Eamb85YhplOLVrLRwfxRebTK9CtnjcjnflAiU9H +-7vPVwXIvkwebhBSQNKTdkBlPXKaTNWXuygeFG2OVQkPf/KAxSdtg2R+owv/s802Z +-HISk26wY9oFIQz6AiXWdrY1QqNOltZ7rlU5iofAH7X+9ryZlxPWj/gHg2YQRvvLl +-dq6nCF+ED0ke7h0lg5nU0beKEygwli8DlLVbu0JK0PkARFp5t7wUtzC9DCjzvfOc +-gxR44PyZX7/2oaTDm4PS ++b3N0hwR/AAABhxAAAAAAAAAAAAAAAAAAAAABMA0GCSqGSIb3DQEBCwUAA4IBAQAz ++/qYTUuBGHgp7T1cfaJPnhx6U1SMfdJRtFoWOXDx+MNCK9GYkdMEabzRGUP5uNHO+ ++PiZP/bMIHlpsbRA5AyyVf9Xv8JCujvYh24qYcBbwgZrfvNTm0D52P9JJm0SalTXS ++kwwTj00DWGVfVzJR+wiwYGHRIlyXbHqQSRzv6+z9f/xY5gXw/KpCNYTuOJcXW7w6 ++JfMrUnc9pphRUpcLkuuzOMKuB0dtWRc0mZIr7PZHt+0gitNZWA0bDYI3JI9tlK17 ++nxBUSpGtJwDgH//b8ek/P0P9a5VzQbBC6lXtQUMdxg7ovfAI//IS8ekBoRKI0Wde ++r2IpM9hKSBU3c2gGXcJC + -----END CERTIFICATE----- +-- +GitLab + diff --git a/libsoup2.changes b/libsoup2.changes new file mode 100644 index 0000000..06d3246 --- /dev/null +++ b/libsoup2.changes @@ -0,0 +1,3382 @@ +------------------------------------------------------------------- +Wed Nov 13 19:51:03 UTC 2024 - Michael Gorse + +- Add 4c9e75c6.patch: fix an intermittent test failure + (glgo#GNOME/libsoup#399). + +------------------------------------------------------------------- +Tue Nov 12 23:21:48 UTC 2024 - Michael Gorse + +- Add 04df03bc.patch: strictly don't allow NUL bytes in headers + (boo#1233285 CVE-2024-52530 glgo#GNOME/libsoup#377). +- Add libsoup-CVE-2024-52532.patch: websocket: Process the frame as + soon as we read data (boo#1233287 CVE-2024-52532). +- Add 29b96fab.patch: websocket-test: disconnect error copy after + the test ends (glgo#GNOME/libsoup#391). +- Add a35222dd.patch: be more robust against invalid input when + parsing params (boo#1233292 CVE-2024-52531 + glgo#GNOME/libsoup!407). + +------------------------------------------------------------------- +Thu Dec 14 12:42:08 UTC 2023 - Dominique Leuenberger + +- Add ced3c5d8.patch: Fix build with libxml2-2.12.0 and clang-17. + +------------------------------------------------------------------- +Mon Jul 31 11:46:03 UTC 2023 - Bjørn Lie + +- Add upstream bug fixes: + + 4d12c3e5.patch: lib: Add g_task_set_source_tag() everywhere + + 48b3b611.patch: lib: Add names to various GSources +- Drop no longer valid translation-update-upstream BuildRequires + and macro. +- Use ldconfig_scriptlets macro for post(un) handling. + +------------------------------------------------------------------- +Wed Oct 12 09:32:22 UTC 2022 - Bjørn Lie + +- Update to version 2.74.3: + + Add missing g-i annotations to `soup_address_get_sockaddr()` + and `soup_socket_read_until()`. + + Add missing `extern` when building on Windows. + + Update libxml2 fallback for meson wrap. + + Improvements when using libsoup with meson wraps. + +------------------------------------------------------------------- +Wed Nov 24 21:45:21 UTC 2021 - Bjørn Lie + +- Update to version 2.74.2: + + Error when libsoup3 is already loaded before libsoup2. + +------------------------------------------------------------------- +Sun Oct 24 17:56:29 UTC 2021 - Bjørn Lie + +- Update to version 2.74.1: + + Fix support for older versions of Vala. + + Fix trying to build sysprof as a subproject on Windows. + + Fix missing `extern "C"` in an installed header. + + Improve `gssapi` dependency handling. + + Fix `libsoup-doc` build target. + + Updated translations. + +------------------------------------------------------------------- +Sat Oct 2 01:25:51 UTC 2021 - Bernhard Wiedemann + +- Add libsoup2-extend-test-cert.patch to fix tests after 2027 (boo#1102840) + +------------------------------------------------------------------- +Wed Sep 29 10:14:16 UTC 2021 - Dominique Leuenberger + +- Add Provides: libsoup2 to the library, so that the lang package + is installable. +- Remove the left-over provides/obsoltes for libsoup (which is now + libsoup 3). + +------------------------------------------------------------------- +Wed Aug 25 13:43:03 UTC 2021 - Dominique Leuenberger + +- Rename source package to libsoup2, as a compatibility package + while the world moves to libsoup3 (with HTTP/2 support). + +------------------------------------------------------------------- +Mon Aug 23 12:48:10 UTC 2021 - Dominique Leuenberger + +- Update to version 2.74.0: + + IMPORTANT: Enable ssl-use-system-ca-file by default on + deprecated Sync and Async sessions. + + Fix including headers in C++ projects. + + Fix attempting to resolve relative paths with data URIs. + + Support Content-Disposition headers without a disposition-type. + + Fix building VAPI bindings with latest Vala. + + Fix sending a Content-Length header in a response with status + code of 1xx or 204. + + Updated translations. +- Drop libsoup-fix-SSL-test.patch: fixed upstream. + +------------------------------------------------------------------- +Fri Feb 26 16:32:26 UTC 2021 - Pedro Monreal + +- Run the regression tests using GnuTLS NORMAL priority + +------------------------------------------------------------------- +Mon Feb 8 13:58:50 UTC 2021 - Pedro Monreal + +- Disable tls_interaction-test until resolved upstream + * See https://gitlab.gnome.org/GNOME/libsoup/issues/120 +- Add libsoup-skip-tls_interaction-test.patch + +------------------------------------------------------------------- +Mon Feb 8 13:07:03 UTC 2021 - Pedro Monreal + +- Fix tests: fix SSL test with glib-networking >= 2.65.90 + * See https://gitlab.gnome.org/GNOME/libsoup/issues/201 +- Add libsoup-fix-SSL-test.patch +- Remove patches: + * libsoup-disable-ssl-tests.patch + * libsoup-disable-hsts-tests.patch + +------------------------------------------------------------------- +Thu Nov 12 14:30:45 UTC 2020 - Dominique Leuenberger + +- Disable sysprof integration: this causes a nasty build cycle. + + Pass -Dsysprof=disabled to meson. + + Remove pkgconfig(sysprof-4) and pkgconfig(sysprof-capture-4), + as well as pkgconfig(sysprof-4) in the devel project. + +------------------------------------------------------------------- +Mon Sep 14 10:10:43 UTC 2020 - dimstar@opensuse.org + +- Update to version 2.72.0: + + Fix critical after cancelling a message that failed auth. + + Updated translations. + +------------------------------------------------------------------- +Sat Sep 5 22:59:02 UTC 2020 - Dominique Leuenberger + +- Update to version 2.71.1: + + Add support for 308 Premanent Redirect. + + Add basic sysprof profiling for HTTP messages. + + Various build fixes. + + Updated translations. +- Add pkgconfig(sysprof-4) and pkgconfig(sysprof-capture-4) + BuildRequires: new dependencies. + +------------------------------------------------------------------- +Fri Sep 4 10:05:57 UTC 2020 - dimstar@opensuse.org + +- Update to version 2.71.0: + + Redesign directory list returned for `file://` requests. + + Add `SOUP_COOKIE_JAR_ACCEPT_GRANDFATHERED_THIRD_PARTY` policy. + + Add soup_message_is_feature_disabled() API. + + Fix potential leak when setting SoupSession:tls-interaction. + + Fix building with Visual Studio. + + Updated translations. +- Drop libsoup-test-utils-fix.patch: fixed upstream. + +------------------------------------------------------------------- +Mon May 11 13:27:15 UTC 2020 - Dominique Leuenberger + +- Autodetect the location of krb5-config: krb5 adds itself to + $PATH. + +------------------------------------------------------------------- +Thu Apr 16 18:23:07 UTC 2020 - Bjørn Lie + +- Add libsoup-disable-ssl-tests.patch: Disable ssl tests, as they + randomly fail for all arches (glgo#GNOME/libsoup#188). +- Rebase/refresh patches. + +------------------------------------------------------------------- +Tue Mar 24 13:09:03 UTC 2020 - Bjørn Lie + +- Add libsoup-test-utils-fix.patch: test-utils: Clarify meaning of + an environment variable. + +------------------------------------------------------------------- +Sat Mar 7 17:51:57 UTC 2020 - bjorn.lie@gmail.com + +- Update to version 2.70.0: + + Deprecate SoupSession:proxy-uri. + + Updated translations. + +------------------------------------------------------------------- +Wed Feb 26 08:57:51 UTC 2020 - dimstar@opensuse.org + +- Update to version 2.69.90: + + Add new API to expose support for same-site cookies. + + Fix TRACE method not being considered safe and idempotent + internally. + + WebSockets: ensure a new connection is created for WebSocket + requests. + + WebSockets: do not start the input source when IO is closing. + + Deprecate soup_date_to_timeval(). + + build: Update glib requirement to 2.58. + + Updated translations. + +------------------------------------------------------------------- +Wed Feb 26 08:57:50 UTC 2020 - Bjørn Lie + +- Update to version 2.68.4: + + WebSockets: + - Ensure a new connection is created for WebSocket requests. + - Do not start the input source when IO is closing. + + build: Update glib requirement to 2.58. + +------------------------------------------------------------------- +Sat Jan 25 14:17:25 UTC 2020 - Dominique Leuenberger + +- No longer recommend -lang: supplements are in use + +------------------------------------------------------------------- +Thu Jan 9 08:58:08 UTC 2020 - olaf@aepfle.de + +- Usage of g_canonicalize_filename requires glib 2.58 + +------------------------------------------------------------------- +Fri Dec 20 22:17:50 UTC 2019 - olaf@aepfle.de + +- meson >=0.50 is required for building + +------------------------------------------------------------------- +Wed Dec 4 18:22:11 UTC 2019 - Bjørn Lie + +- Update to version 2.68.3: + + Fixes to testing infrastructure. + + Enable GNOME support in mingw. + + Allow introspection in cross builds. + + Updated translations. + +------------------------------------------------------------------- +Tue Oct 15 14:41:04 UTC 2019 - Dominique Leuenberger + +- Disable NTLM for the time being (causes build cycle): + + Drop samba-winbind BuildRequires. + + Pass -Dntlm=disabled to meson. + +------------------------------------------------------------------- +Wed Oct 9 10:34:03 UTC 2019 - Bjørn Lie + +- Update to version 2.68.2: + + Documentation fixes. + + Windows compatibility test fixes. + + WebSockets: client_max_window_bits in server must have a value. + + build: improve diagnostics when detecting Apache. + + NTLM: Make v2 authentication more robust. + + Updated translations. + +------------------------------------------------------------------- +Thu Sep 12 02:05:49 UTC 2019 - Michael Gorse + +- Update to version 2.68.1: + + Several memory leaks fixed in tests, examples, and parsing + code. + + SoupServer: Fixes to Windows path handling. + + Changes in version 2.68.0: + + Updated translations. + + Changes in version 2.67.93: + + SoupMessage: Handle Transfer-Encoding: identity for + compatibility reasons. + + WebSockets: Only poll IO stream when needed. + + WebSockets: Properly set cookies received during handshake. + + WebSockets: Plug a couple of memory leaks and fix a few + read-after-free memory errors. + + WebSockets: document how web socket extensions should treat + buffers in case of error. + + SoupSession: Don't reset user GCancellable internally. + + Tests: Make tests installable. + + Remove deprecate GTimeVal internal usage. + + CI: increase coverage by enabling all features during testing. + + Updated translations. + +------------------------------------------------------------------- +Wed Sep 11 15:01:18 UTC 2019 - mgorse@suse.com + +- Update to version 2.67.92: + + Silence GTimeVal deprecation warnings. + + API documentation and annotation fixes. + + Plug a couple of NTLM authentication memory leaks. + + Meson: Use feature options. + + Meson: Do not fallback to system krb5-config for + cross-compilation. + + NTLM: Fix build with NTLM enabled. + + Updated translations. +- Changes from version 2.67.91: + + HSTS: New API to retrieve information about existing HSTS + policies. + + Updated translations. +- Changes from version 2.67.90: + + WebSockets: add support for WebSocket extensions via new + SoupWebsocketExtensionManager and SoupWebsocketExtension API. + + WebSockets: add support for the permessage-deflate extension, + enabled by default in SoupServer and in the client side only if + SoupWebsocketExtensionManager is added to a session. + + WebSockets: Allow sending close frames with no body. + + WebSockets: ignore messages after close has been sent and + received. + + Meson: tls-check improved. + + Meson: improve Apache checks. +- Changes from version 2.67.3: + + WebSockets: allow sending empty binary data. + + WebSockets: fail and load the connection on invalid payload + length. + + WebSockets: allow NULL characters in text messages data. + + WebSockets: Close connection on wrongly masked/unmasked frame + as per RFC. + + WebSockets: other code fixes. + + NTLM: Fix NTLMv2 authentication. + + SoupMessage: fix several deprecation warnings related to + private data. +- Changes from version 2.67.2: + + gobject-introspection: Fix annotation for soup_auth_new(). + + brotli: Do not advertise the decoder as it's failing with some + websites. + + Meson: Fix xml2 and sqlite fallbacks. + + HSTS: Add SoupHSTSEnforcer:hsts-enforced signal. + + HSTS: Fixes to the types used to store policies in the SQLite + storage. + + HSTS: Accept Strict-Transport-Security regardless of casing. + + WebSockets: Ensure messages finishes when handshake fails. + + WebSockets: Fix critical warnings and test failures. +- Changes from version 2.67.1: + + Add a brotli decoder. This adds a new dependency on libbrotli. + + Add strict secure cookies support. + + Add HSTS enforcer SoupSession feature (with both memory and + sqlite backends). + + meson gtk-doc documentation fixes. +- Add libbrotlidec to BuildRequires. +- Adjust meson: need "enabled" rather than "true" in a few places. +- Add samba-winbind to BuildRequires: meson checks for ntlm_auth. +- Meson: doc option is now gtk_doc. +- Add libsoup-disable-hsts-tests.patch: these require *.localhost + to resolve. + +------------------------------------------------------------------- +Wed Sep 11 15:01:17 UTC 2019 - Bjørn Lie + +- Update to version 2.66.3: + + docs: various gtk-doc fixes. + + SoupServer: Fixes to Windows path handling. +- Update options passed to meson following upstream changes. + +------------------------------------------------------------------- +Thu May 16 20:06:25 UTC 2019 - Bjørn Lie + +- Update to version 2.66.2: + + Make gettext optional (might not be available in Windows). + + MSVC: set encoding to UTF-8 to avoid errors. + + MinGW tests build fix. + + Check for TLS support only when external glib dependency is + available. + +------------------------------------------------------------------- +Wed Apr 10 08:23:45 UTC 2019 - Bjørn Lie + +- Update to version 2.66.1: + + Fix dylib versioning in MacOS. + + Visual Studio build fixes. + + MinGW build fixes. + + Meson build system improvements. + + Fix random CI failures due to parallel apache tests. + + Code cleanups. + +------------------------------------------------------------------- +Tue Mar 12 08:08:48 UTC 2019 - Bjørn Lie + +- Update to version 2.66.0: + + Fix lookup for libxml2 on Visual Studio builds. +- Add meson_test macro in check section, run tests during build. + +------------------------------------------------------------------- +Tue Mar 5 09:20:22 UTC 2019 - Bjørn Lie + +- Update to version 2.65.92: + + SoupConnection: Fix check for remote disconnectin idle state. + + Code cleanups and warnings fixed. + + Remove stale .pc.in files. + + Updated translations. + +------------------------------------------------------------------- +Wed Feb 20 19:44:58 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.65.91: + + Remove RFCs from sources. + +------------------------------------------------------------------- +Wed Feb 13 23:52:54 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.65.90: + + Avoid using threads in SoupRequestFile asynchronous API. + +------------------------------------------------------------------- +Wed Feb 6 22:01:59 UTC 2019 - bjorn.lie@gmail.com + +- Fix translation-update-upstream call, needed after update of + translation-update-upstream in distro. + +------------------------------------------------------------------- +Mon Jan 21 11:42:39 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.65.2: + + Remove autotools build system and change to meson by default. + + Many fixes to Meson. + + Improvements to the continuous integration infrastructure + + Make sure SoupSession features are not disposed until all + pending messages are processed. + + Updated translations. + +------------------------------------------------------------------- +Thu Jan 3 22:41:48 UTC 2019 - bjorn.lie@gmail.com + +- Update to version 2.65.1: + + Added MTLMv2 responses support. + + Many fixes to the meson build system. + + Remove Visual Studio project files. + + Enable VAPI by default. + + New strict header field parameter parsing API. + + Code cleanups. + + Updated translations. +- Drop meson and apidocs beconds and conditionals, fixed upstream. + +------------------------------------------------------------------- +Wed Oct 24 09:46:19 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.64.2: + + TLD tests updated. + + Updated translations. + +------------------------------------------------------------------- +Wed Sep 26 17:28:42 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.64.1: + + Many fixes to the meson build system (which, by the way, is NOT + official yet). + + Updated translations. +- Changes from version 2.64.0: + + Many fixes to the meson build system. + + Updated translations. + +------------------------------------------------------------------- +Sun Sep 2 02:48:35 UTC 2018 - luc14n0@linuxmail.org + +- Conditionalize meson use: it's currently providing wrong + capability leading to every package autodepending on + libsoup-2.4.so.1() capability to get "Unresolvable" + (glgo#GNOME/libsoup#9). + +------------------------------------------------------------------- +Wed Aug 29 23:23:49 UTC 2018 - luc14n0@linuxmail.org + +- Update to version 2.63.92: + + Updated translations. +- Add: + + meson BuildRequires and replace configure/make/make_install/\ + make_check with meson/meson_build/meson_install/meson_test + macros to follow upstream's build system port to Meson. + + libsoup-add-missing-po-meson_build.patch + (glgo#GNOME/libsoup#6). +- Drop no longer needed intltool BuildRequires: upstream migrated + to Gettext. +- Conditionalize build of API docs: they are currently failing + (glgo#GNOME/libsoup#8). +- Enable tests run to increase QA of package. + +------------------------------------------------------------------- +Thu Aug 16 12:37:13 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.63.91: + + Simplify soup_hosts_matches_host(). + + Add new tests for trailing dots in domain names. + + Updated translations. + +------------------------------------------------------------------- +Fri Aug 10 09:18:47 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.63.90: + + Set default cookie path for NULL origins. + + Fixes to GObject-introspection. + + Use atomic-refcounting in classes that are not using + GObject-refcounting. + + Many Coverity-found code fixes. + + Bail out on cookie-jar calls with empty hostnames. + + Fixes to the simple-httpd example. + +------------------------------------------------------------------- +Fri Aug 10 09:01:14 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.62.3: + + Check for trailing dots in domains. + + Set default cookie path for NULL origins. + + Use atomic-refcounting in classes that are not using + GObject-refcounting. + + Many Coverity-found code fixes. + + Bail out on cookie-jar calls with empty hostnames. +- Drop libsoup-boo1100097-empty-string.patch: Fixed upstream. + +------------------------------------------------------------------- +Fri Jul 20 19:16:31 UTC 2018 - mgorse@suse.com + +- Add libsoup-boo1100097-empty-string.patch: fix crash when + handling empty hostnames (boo#1100097 CVE-2018-12910). + +------------------------------------------------------------------- +Sun Jun 3 00:26:30 UTC 2018 - luc14n0@linuxmail.org + +- Update to version 2.63.2: + + Fix critical warning in SoupSocket. + + Updated translations. + +------------------------------------------------------------------- +Sun May 13 23:29:35 UTC 2018 - luc14n0@linuxmail.org + +- Update to version 2.63.1: + + Fix digest authentication with encoded URIs (bgo#794208). + + Avoid unaligned memory accesses in WebSocket implementation + (bgo#794421). + + Fix crash under soup_socket_new() (bgo#762138). + + Use libpsl for the SoupTLD API instead of shipping a copy of + the public-suffix list (bgo#769650). + + Introspection documentation fixes (bgo#795135). + + Minor cleanups and fixes. + + Updated translations. +- Add: + + pkgconfig(libpsl) BuildRequires: new dependency. + + pkgconfig(glib-2.0) BuildRequires to avoid implicit + dependencies. +- Drop: + + glib-networking BuildRequires: this is actually a runtime + requirement only. + + python3-base BuildRequires: aside from being an implicit + dependency, this is only required when using apache-httpd + configure option for using a python script to get the Apache + modules directories. + + libsoup-SoupCookie-fix-instrospection-annotation.patch: fixed + upstream. + +------------------------------------------------------------------- +Tue May 8 10:00:47 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.62.2: + + Fixes to instrospection annotation (bgo#795135). + + Fixes to the test suite with PHP version >= 7.2 (bgo#795111). + + Critical warning fixes to SoupSocket. + + Updated translations. +- Drop upstream fixed patches: + + libsoup-SoupCookie-fix-instrospection-annotation.patch + (bgo#795135). + + libsoup-xmlrpc-server-dont-count-null.patch (bgo#795111). + + libsoup-soup-socket-fix-critical-warning.patch. + +------------------------------------------------------------------- +Wed Apr 25 11:29:38 UTC 2018 - bjorn.lie@gmail.com + +- Add upstream bug fix patches: + + libsoup-SoupCookie-fix-instrospection-annotation.patch + (bgo#795135). + + libsoup-xmlrpc-server-dont-count-null.patch (bgo#795111). + + libsoup-soup-socket-fix-critical-warning.patch. + +------------------------------------------------------------------- +Mon Apr 9 20:58:45 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.62.1: + + Fix digest authentication with encoded URIs (bgo#794208). + + Avoid unaligned memory accesses in WebSocket implementation + (bgo#794421). + + Use base domain to decide if cookies are third-party + (bgo#792130). + + Fix crash under soup_socket_new() (bgo#762138). + +------------------------------------------------------------------- +Tue Mar 20 16:59:51 UTC 2018 - dimstar@opensuse.org + +- Unconditionally enable translation-update-upstream: on + Tumbleweed, this results in a NOP and for Leap in SLE paid + translations being used (boo#1086036). + +------------------------------------------------------------------- +Mon Mar 12 19:24:26 UTC 2018 - dimstar@opensuse.org + +- Update to version 2.62.0: + + Updated translations. + +------------------------------------------------------------------- +Mon Mar 5 19:07:04 UTC 2018 - dimstar@opensuse.org + +- Update to version 2.61.91: + + Add limit to header length to avoid DOS attacks (bgo#792173). + + Update the public-suffix list. + + Revert "cookie-jar: use base domain to decide if cookie is + third party" (bgo#792130). + +------------------------------------------------------------------- +Wed Feb 28 16:36:32 UTC 2018 - dimstar@opensuse.org + +- Modernize spec-file by calling spec-cleaner + +------------------------------------------------------------------- +Tue Feb 6 03:17:15 UTC 2018 - luc14n0@linuxmail.org + +- Update to version 2.61.90: + + Various improvements to the WebSocket implementation + (bgo#792113). + + cookie-jar: use base domain to decide if cookie is third party + (bgo#792130). + + Add new API to create a new connection from a SoupSession + (bgo#792212). + + soup-headers: accept any 3 digit number as message status code + (bgo#792124). +- Remove unneeded %clean section: RPM does this kind of work itself + already. +- Adopt the use of %make_build macro rather than raw make command, + following the best practices. + +------------------------------------------------------------------- +Mon Jan 22 02:00:02 UTC 2018 - dimstar@opensuse.org + +- Update to version 2.61.2: + + Session: don't request Keep-Alive for upgraded connections + (bgo#788723). + +------------------------------------------------------------------- +Mon Jan 22 02:00:01 UTC 2018 - dimstar@opensuse.org + +- Update to version 2.61.1: + + tld-parser: use Python 3 (bgo#785735). + + Fix heap-buffer-overflow in soup_ntlm_parse_challenge() + (bgo#788037). + + Fix possibly uninitialized value in ssl-test. + + SoupCache: fix the timestamp for responses (bgo#791031). +- Drop libsoup-tld-parser-py3.patch: fixed upstream. + +------------------------------------------------------------------- +Fri Jan 19 19:48:16 UTC 2018 - bjorn.lie@gmail.com + +- Update to version 2.60.3: + + heap-buffer-overflow in soup_ntlm_parse_challenge() + (bgo#788037). + + session: don't request Keep-Alive for upgraded connections + (bgo#788723). + + soup-headers: accept any 3 digit number as message status code + (bgo#792124). + +------------------------------------------------------------------- +Tue Dec 5 07:56:18 UTC 2017 - dimstar@opensuse.org + +- Use python3 during build: + + Add libsoup-tld-parser-py3.patch: Use python3 for tld-parser. + + Add python3-base BuildRequires. + +------------------------------------------------------------------- +Fri Oct 27 23:42:49 UTC 2017 - luc14n0@linuxmail.org + +- Update to version 2.60.2: + + Fix documentation typos (bgo#788920). + + format-zero-length warning triggered in soup-logger.c + (bgo#789096). + + Warnings while generating inrospection files + (bgo#789099). + + Updated translations. +- Add conditional use for translation-update-upstream: suse-only + requirement. +- Update Url to https://wiki.gnome.org/Projects/libsoup: current + libsoup's project web page. +- Run spec-cleaner -p to get respectives pkgconfig(*): gio-2.0, + gobject-2.0, gobject-introspection-1.0, gtk-doc and libxml-2.0. + +------------------------------------------------------------------- +Wed Oct 11 18:46:06 UTC 2017 - luc14n0@linuxmail.org + +- Update to version 2.60.1: + + Fallback to another authentication type if the current failed + (bgo#788238). + + Fix unbalanced G_GNUC_BEGIN_IGNORE_DEPRECATIONS use in + soup-session.c (bgo#787166). + + SoupCache: fix setting default value for cache dir + (bgo#788452). + + Updated translations. +- Update Url to https://wiki.gnome.org/LibSoup: current LibSoup's + web page. + +------------------------------------------------------------------- +Tue Sep 12 20:07:03 UTC 2017 - dimstar@opensuse.org + +- Update to version 2.60.0: + + Updated translations. + +------------------------------------------------------------------- +Tue Aug 15 07:50:16 UTC 2017 - zaitor@opensuse.org + +- Update to version 2.59.90.1: + + Fixed a chunked decoding buffer overrun that could be exploited + against either clients or servers (bgo#785774, CVE-2017-2885). +- Changes from version 2.59.90: + + Several SoupAuthNegotiate compatibility fixes (bgo#783780, + bgo#783781). + + Include a payload in SoupWebsocketConnection's "ping" messages + (to avoid problems with certain buggy server implementations), + and emit a signal when receiving a "pong" (to allow apps to + notice when the remote peer has disconnected them) + (bgo#785660). + + Fix the interpretation of wss:// URIs, which previously mostly + didn't work (bgo#784766). + + Fixed SoupContentSniffer behavior on XML files with no + Content-Type (webkit#173923). + + Fixed a bug with cancelling async requests (bgo#773257). + + Reverted the (undocumented) change in 2.58.0 to call + soup_session_abort() after changing SoupSession:proxy-resolver; + while this made its behavior more consistent with :proxy-uri, + it ended up breaking things (bgo#781590). + + Allow HTTP responses that have no trailing CRLF after the + response headers (and no body) (bgo#780352). + + Fixed an out-of-bounds read in SoupURI parsing (bgo#785042). + + Fixed a spurious (debug-level) error message in + SoupWebsocketConnection (bgo#784935). + + Fixed introspection annotations on + soup_message_headers_get_content_range(). + + Fixed a flake in tests/header-parsing (bgo#777258). + + Update tests/test-cert.pem to use stronger algorithms to avoid + problems with newer gnutls (bgo#784949). + + Fixed examples/get to not accidentally break https certificate + validation (bgo#784259). + + Misc updates to apache/php stuff in unit tests. + +------------------------------------------------------------------- +Mon Aug 14 12:22:57 UTC 2017 - zaitor@opensuse.org + +- Update to version 2.58.2 (CVE-2017-2885, boo#1052916): + + Fixed a chunked decoding buffer overrun that could be exploited + against either clients or servers (bgo#785774, CVE-2017-2885). + +------------------------------------------------------------------- +Sat May 20 09:09:11 UTC 2017 - dimstar@opensuse.org + +- Replace krb5-devel BuildRequires with pkgconfig(krb5): This does + not exactly reproduce what configure is looking for (it ignores + the .pc file) but it helps OBS in chosing between krb5 and + krb5-mini, shortening build cycles. + +------------------------------------------------------------------- +Wed May 10 16:29:58 UTC 2017 - zaitor@opensuse.org + +- Update to version 2.58.1: + + Reverts a change to SoupSession to close all open connections + when the :proxy-resolver property is changed (bgo#777326). This + change was made in 2.58.0 but accidentally left out of the NEWS + for that release; although that behavior made :proxy-resolver + more consistent with :proxy-uri, it ended up breaking Evolution + EWS (bgo#781590). + + Fixed undefined behavior in tests/header-parsing that could + make the test spuriously fail (bgo#777258). + + Updates to the configure tests for Apache for use in tests/: + - Dropped support for Apache 2.2. + - Changed PHP support from PHP 5 to PHP 7. + - mod_unixd can now be either built-in or dynamically loaded + (bgo#776478). + + Updated translations. + +------------------------------------------------------------------- +Tue Apr 25 09:02:03 UTC 2017 - dimstar@opensuse.org + +- Update to version 2.58.0: + + Fix authentication issues when the + SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE flag is used (bgo#778497, + bgo#777936). + + MSVC build improvements. + + Updated translations. + +------------------------------------------------------------------- +Tue Dec 13 15:28:16 UTC 2016 - dimstar@opensuse.org + +- Update to version 2.57.1: + + Added SoupWebsocketConnection:keepalive-interval, to make a + connection send regular pings (bgo#773253). + + Added soup_auth_manager_clear_cached_credentials() and + SOUP_MESSAGE_DO_NOT_USE_AUTH_CACHE, to allow greater control + over the use of cached HTTP auth credentials (bgo#774031, + bgo#774033). + + Fixed the use of SoupSession:proxy-uri values containing + passwords (bgo#772932). + + Various minor WebSocket fixes: + - Avoid sending data after we start closing the connection + (bgo#774957). + - Do not log a critical if the peer sends an invalid close + status code. + - Log a debug message when a "pong" is received. + + Fix introspection of soup_message_headers_get_content_range(). + + Replaced Vala [Deprecated] annotations with [Version] to avoid + build warnings (bgo#773177). + + MSVC build improvements. + + Updated error/message strings to use Unicode punctuation + (bgo#772217). + + Updated translations. + +------------------------------------------------------------------- +Tue Sep 20 08:38:05 UTC 2016 - zaitor@opensuse.org + +- Update to version 2.56.0: + + Added SoupWebsocketConnection:max-incoming-payload-size + property, to override the default maximum incoming payload + size (bgo#770022). + + Added soup-version.h symbols (in particular + soup_check_version()) to introspection (bgo#771439). + + Updated the copy of the public suffix list used by SoupTLD + (bgo#769650). + + Updated translations. + +------------------------------------------------------------------- +Tue Aug 16 12:58:15 UTC 2016 - dimstar@opensuse.org + +- Update to version 2.55.90: + + Removed support for SSLv3 fallback; sites that reject TLS 1.x + handshakes will now just fail with an error (Firefox and Chrome + have both already switched to this behavior) (bgo#765940). + + Fixed the parsing of s in the new GVariant-based XMLRPC + code (bgo#767707). + + Fixed soup_server_set_ssl_cert_file(), which was added in 2.48 + but didn't actually work. + + Added GObject properties to SoupLogger to make it + bindings-friendly (bgo#768053). + + Fixed build error on FreeBSD (bgo#765376). + + Fixed build with certain new versions of glibc that define + "EOF" as a macro (bgo#768731). + + Updated m4/ax_code_coverage.m4 with support for lcov 1.12. + + Updated po files for future gettext versions. + + Updated translations. +- Drop libsoup-Prefix-signal-ID.patch: fixed upstream. + +------------------------------------------------------------------- +Tue Jul 26 19:23:45 UTC 2016 - zaitor@opensuse.org + +- Add libsoup-Prefix-signal-ID.patch: Buildfix commit from + upstream git. + +------------------------------------------------------------------- +Tue Apr 26 12:55:08 UTC 2016 - zaitor@opensuse.org + +- Update to version 2.54.1: + + Fixed an ABI break in 2.54.0 caused by adding a member to + SoupAuthClass; 2.54.1 is ABI-compatible with 2.53.92 and + earlier, but NOT with the anomalous 2.54.0. If you built + packages against 2.54.0, you will need to rebuild them against + 2.54.1. + + Fixed NTLM authentication when ntlm_auth from the latest + version of Samba is present (bgo#765106). + + Updates to MSVC build, including for GSS-API support. + + Updated translations. +- Drop libsoup-auth-ntlm-fix.patch: Fixed upstream. + +------------------------------------------------------------------- +Fri Apr 22 17:02:56 UTC 2016 - zaitor@opensuse.org + +- Add libsoup-auth-ntlm-fix.patch: Fix NTLM auth failure with + latest samba (bgo#765106, boo#976110). + +------------------------------------------------------------------- +Fri Mar 25 13:50:24 UTC 2016 - zaitor@opensuse.org + +- Update to version 2.54.0.1: + + Fix a build problem with the 2.54.0 tarball, which would not + build if you configured with "--without-gnome". + +------------------------------------------------------------------- +Tue Mar 22 09:58:39 UTC 2016 - dimstar@opensuse.org + +- Update to version 2.54.0: + + Fixed examples/simple-httpd on Windows (bgo758759). + +------------------------------------------------------------------- +Tue Mar 15 10:06:18 UTC 2016 - dimstar@opensuse.org + +- Update to version 2.53.92: + + libsoup now supports HTTP "Negotiate"/GSSAPI/Kerberos + authentication. It must be enabled specifically by the + application and is also subject to certain other restrictions, + some of which are not yet controllable through the API + (bgo#587145). + + Added support for building under MSVC (bgo#758759). + + Fixed a problem with the 2.53.90 tarball that caused + translations to be mis-installed. + + Updated translations. +- Remove intltoolize call: the tarball has been corrected. +- Add krb5-devel BuildRequires: new dependency for krb5 support. +- Pass --with-krb5-config=%{_libexecdir}/mit/bin/krb5-config and + --with-gssapi to configure in order to enable krb5 support. + +------------------------------------------------------------------- +Tue Feb 16 09:44:48 UTC 2016 - dimstar@opensuse.org + +- Update to version 2.53.90: + + NUL bytes in headers are now ignored (bgo#760832). + + Fixed transfer annotation of soup_form_decode* functions + (bgo#743966). + + Updated translations. +- Call intltoolize before configure in order to fix up the tarball + to work with recent versions of intltool. + +------------------------------------------------------------------- +Tue Nov 24 22:12:56 UTC 2015 - zaitor@opensuse.org + +- Update to version 2.53.2: + + Fixed up symbol visibility handling for mingw by copying GLib's + system (bgo#757146). + + Finally marked the old SoupSessionAsync and SoupSessionSync + methods as deprecated (bgo#757146). + + Added libsoup-2.4.deps for valac. + + Make it possible to build from git without gtk-doc being + installed. + + Updated translations. + +------------------------------------------------------------------- +Tue Nov 24 02:54:52 UTC 2015 - zaitor@opensuse.org + +- Update to version 2.53.1: + + Really fixed build under MinGW for sure this time. + + Fixed SoupServer Web Sockets code so that the SoupClientContext + passed to a SoupServerWebsocketCallback is fully usable (rather + than crashing when you try to do most things). + +------------------------------------------------------------------- +Tue Nov 10 07:58:01 UTC 2015 - zaitor@opensuse.org + +- Update to version 2.52.2: + + Fixed build under MinGW. + + Fix SoupServerWebsocketCallback handling so that the + SoupClientContext passed to it is still valid. + + Added a .deps file to define dependencies for valac. + +------------------------------------------------------------------- +Mon Oct 12 21:38:30 UTC 2015 - zaitor@opensuse.org + +- Update to version 2.52.1: + + Fixed build under MinGW. + + Fixed build with --disable-introspection (bgo#755389). + + Fixed HTTP authentication protection space handling for files + directly under the root directory (bgo#755617). + + Fixed a warning when loading data from SoupCache while using + an authenticated proxy (bgo#756076). + + Updated translations. + +------------------------------------------------------------------- +Mon Sep 21 15:42:57 UTC 2015 - dimstar@opensuse.org + +- Update to version 2.52.0: + + Removed duplicate test paths from tests/date so it will pass + with glib 2.46.0. + +------------------------------------------------------------------- +Wed Sep 16 07:20:26 UTC 2015 - dimstar@opensuse.org + +- Update to version 2.51.92: + + Added g_autoptr() support for all libsoup types (bgo#754721). + + Added a missing (allow-none) annotation to soup_uri_normalize() + (bgo#754776). + + Updated translations. + +------------------------------------------------------------------- +Mon Aug 17 17:37:55 UTC 2015 - zaitor@opensuse.org + +- Update to version 2.51.90: + + Added a new GVariant-based XMLRPC API, and deprecated the old + GValue-based API (along with the associated GValue-manipulating + utilities) (bgo#746495). + + Multiple build fixes for Visual Studio (bgo#752952). + + Added VAPI generation (bgo#750679). + + Fixed the mode bits on soup-cookie.c, which was previously + marked executable for some reason (rh#1247285). + + Updated translations. +- Add pkgconfig(vapigen) BuildRequires: New dependency. + +------------------------------------------------------------------- +Fri Jun 26 09:04:48 UTC 2015 - zaitor@opensuse.org + +- Update to version 2.51.3: + + Fixed "make check" in non-English locales (rh#1224989, + bgo#749397). + + Fixed some compiler warnings (bgo#748514). + + Updated translations. + +------------------------------------------------------------------- +Mon Mar 23 14:26:08 UTC 2015 - dimstar@opensuse.org + +- Update to version 2.50.0: + + Updated translations. + +------------------------------------------------------------------- +Tue Mar 17 21:47:32 UTC 2015 - dimstar@opensuse.org + +- Update to version 2.49.92: + + Fixed an NTLM problem that caused spurious "Authentication + Failed" errors in evolution-ews (bgo#735197). + + Updated translations. + +------------------------------------------------------------------- +Tue Mar 3 16:41:30 UTC 2015 - dimstar@opensuse.org + +- Update to version 2.49.91.1: + + websockets: minor optimization. + + websockets: fix 32-bit build. + + docs: fix build. + + tests: fix when building without glib-networking available. + +------------------------------------------------------------------- +Tue Mar 3 12:14:51 UTC 2015 - dimstar@opensuse.org + +- Update to version 2.49.91: + + Libsoup now has support for WebSockets in both SoupSession and + SoupServer (bgo#627738). + + Added support for NTLMv2 Session Security to SoupAuthNTLM. + (This is transparent to the app/user; if the server supports + it, it will be used) (bgo#739192). + + Added soup_server_accept_iostream() to allow feeding a + non-GSocketConnection GIOStream to SoupServer (eg, when + accepting HTTP requests on some other sort of connection) + (bgo#744186). + + Added soup_session_steal_connection() and + soup_client_context_steal_connection(), to allow you to steal a + GIOStream from a SoupSession or SoupServer and then use it for + non-HTTP purposes (bgo#721343). + + Added soup_server_add_early_handler(), for adding SoupServer + handlers to run at :got-headers time rather than :got-body + (eg, to set up a streaming read of the request body) + (bgo#625645). + + Added a new SOUP_MESSAGE_IGNORE_CONNECTION_LIMITS flag, which + can be used to bypass SoupSession:max-conns and + SoupSession:max-conns-per-host on a per-message basis + (bgo#744720). + + Multiple SoupCache fixes: + - Leaked resources are now cleaned up when opening the cache + (bgo#667682). + - The "Age" header is no longer added to cached responses + (bgo#741108). + - Fixed the interpretation of the "must-revalidate" directive + to not be stricter than required (bgo#744468). + - Messages retrieved from cache now behave slightly more like + non-cache messages in terms of SoupSession signals and timing + (bgo#744788). Additionally, there is a new + SoupMessage::starting signal, which is like + SoupSession::request-started, but emitted for cached + resources as well (bgo#731153). + + Fixed soup_session_cancel_message() to work reliably on paused + messages (bgo#745094). + + Added code-coverage support to the build (bgo#744744). + + Fixed the library symbol check in "make check" to work when + building with linker options that result in slightly different + organization (bgo#741348). + + Added a hack to SoupSessionFeature so that people will stop + re-reporting an old Eclipse bug against libsoup (bgo#710242). + + Miscellaneous bug and leak fixes in the test programs, leak + fixes in libsoup, and documentation updates. + + Updated translations. + +------------------------------------------------------------------- +Wed Dec 17 19:46:53 UTC 2014 - zaitor@opensuse.org + +- Update to version 2.49.1: + + Fixed a bug in the SoupMessage:event signal that broke + evolution's ability to connect to https hosts with "bad" + certificates (bgo#739951). + + Fixed a case where the async codepaths could potentially block + on a synchronous write (bgo#727138). + + Fixed the symbol soup_server_set_ssl_cert_file() to get + exported, and added soup_server_get_uris() to the + documentation. + + Improved a bunch of introspection annotations (bgo#729987). + + Clarified some documentation. + + Fixed Windows build, twice (bgo#738003, bgo#738551). + + Updated translations. + +------------------------------------------------------------------- +Wed Dec 17 17:44:18 UTC 2014 - zaitor@opensuse.org + +- Update to version 2.48.1: + + Fixed a bug in the SoupMessage:event signal that broke + evolution's ability to connect to https hosts with "bad" + certificates (bgo#739951). + + Fixed a case where the async codepaths could potentially + block on a synchronous write (bgo#727138). + + Fixed the symbol soup_server_set_ssl_cert_file() to get + exported, and added soup_server_get_uris() to the + documentation. + + Improved a bunch of introspection annotations (bgo#729987). + + Clarified some documentation. + + Fixed Windows build, twice (bgo#738003, bgo#738551). + + Updated translations. + +------------------------------------------------------------------- +Tue Sep 23 09:42:20 UTC 2014 - dimstar@opensuse.org + +- Update to version 2.48.0: + + Updated translations. + +------------------------------------------------------------------- +Mon Sep 15 16:24:51 UTC 2014 - zaitor@opensuse.org + +- Update to version 2.47.92: + + Fixed a crash in SoupCache when receiving certain invalid + Cache-Control headers (bgo#733587). + + Updated translations. + +------------------------------------------------------------------- +Tue Jul 22 14:10:03 UTC 2014 - dimstar@opensuse.org + +- Update to version 2.47.4: + + Fixed two crashes that could occur in multithreaded use (in + particular, with the latest git gvfs) (bgo#732783, bgo#732925). + + Fixed the handling of data: URIs with base64-encoded data but + no explicit MIME type (bgo#732112). + + Fixed a bug in SoupAuthNTLM that affected 28-character-long + passwords (bgo#732087). + + Fixed tests to pass with GLib git master (which warns if you + use deprecated GObject properties, and which also caught a + mutex-handling bug in test-utils.c). + + Updated translations. + +------------------------------------------------------------------- +Sat Jul 12 22:19:12 UTC 2014 - dimstar@opensuse.org + +- Update to version 2.47.3: + + Added new-and-improved SoupServer API, and deprecated much + of the existing API. + + SoupSession now has a :tls-interaction property, which can be + used to add a GTlsInteraction to a session, allowing it to + provide a client-side certificate if the server requests one + (bgo#334021). + + soup_session_abort() no longer tries to close active + connections, which was causing crashes in evolution + (rh#1093314). + + Fixed a GMainContext-handling bug that could cause crashes + in gstreamer's souphttpsrc (bgo#729737). + + Fixed a memory leak when requesting to delete a cookie that + didn't exist. + + Updated translations. + +------------------------------------------------------------------- +Tue Mar 25 08:27:30 UTC 2014 - dimstar@opensuse.org + +- Update to version 2.46.0: + + No changes, just a version bump. + +------------------------------------------------------------------- +Wed Mar 19 08:45:11 UTC 2014 - dimstar@opensuse.org + +- Update to version 2.45.92: + + Fixed problems with using an http proxy on port 80. + + Plugged a small per-connection leak. + + Belatedly bumped up the glib requirement to 2.38, which is + required for the TAP driver. + + Fixed up some leftover issues from the test porting to + gtestutils. + +------------------------------------------------------------------- +Wed Feb 19 11:29:12 UTC 2014 - zaitor@opensuse.org + +- Update to version 2.45.90: + + Fixed a problem where libsoup would use the "http" proxy + settings for "https" requests (bgo#724316). + + Updated SoupContentSniffer to match the current version of the + MIME sniffing specification (bgo#648849, bgo#715126). + + Updated the soup-tld APIs to accept ASCII-encoded hostnames in + addition to UTF-8 ones. + + Ported the test programs to the gtestutils framework, added + support for installed tests, and made the tests use the TAP + driver. + + Some tests still need to be split up into more pieces, and + the debug output is now somewhat less useful in some cases. + + Fixed the test programs to not depend on local proxy settings. + + Added some more checks to header-tests (bgo#722341). + + Fixed the "simple-proxy" example program, which had been broken + for a while. + + Updated translations. + +------------------------------------------------------------------- +Mon Dec 16 22:08:05 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.45.3: + + The documentation has finally been updated to reflect the new + APIs added in 2.42. + + Added GBytes-valued :request-body-data and :response-body-data + properties to SoupMessage, which should help some bindings. + + We now set TCP_NODELAY on sockets, improving throughput a bit. + In particular, this avoids an unnecessary extra round trip in + the TLS handshake. + + The SoupSession APIs that return GErrors now return the actual + underlying gio errors in the event of connection failures and + the like. + + Updated the copy of the Public Suffix list used by soup-tld. + + Updated the soup_server_pause_message() / + soup_server_unpause_message() documentation to clarify when + you can and can't call them (bgo#710602). + + soup_message_set_request() and soup_message_set_response() now + g_warn_if_fail() if you pass an invalid Content-Type (And they + also have better introspection annotations) (bgo#686766). + + session-test now passes when run against the dummy TLS backend + (ie, if you don't have glib-networking installed), as long as + you have the latest glib. + + Fixed build with -Werror=format-nonliteral (bgo#720082). + + Fix build with --without-ntlm (bgo#710267). + + Fixed a few warnings. + + Updated translations. + +------------------------------------------------------------------- +Mon Nov 11 23:13:57 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.44.2 (bnc#849913): + + Fixed a hang with internet radio streams in Rhythmbox (and some + other places) (bgo#710494). + + Fixed a connection leak when cancelling the close of a message + GInputStream (bgo#711260). + + Plugged a few memory leaks (bgo#711085) + + Fix build with --without-ntlm (bgo#710267) + + Fixed a few warnings. + + Fixed connection-test to pass with current glib (bgo#711361). + + Tests are now more verbose by default under "make check", since + current automake just redirects all the output to a log file + anyway. + +------------------------------------------------------------------- +Tue Oct 15 14:30:33 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.44.1: + + Fixed a sporadic failure in tests/connection-test. + + Bugs fixed: bgo#695652, bgo#707711, bgo#708621, bgo#708696, + bgo#709647. + + Updated translations. + +------------------------------------------------------------------- +Tue Sep 24 07:49:26 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.44.0: + + Updated translations. + +------------------------------------------------------------------- +Tue Sep 17 06:56:33 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.43.92: + + Fixed a bug in the connection-pool code, which would in certain + cases accidentally keep using a connection after a message was + cancelled while in progress (bgo#708006). + + Fixed some problems when falling back from samba + single-sign-on-based NTLM to ordinary ask-for-a-password NTLM. + (bgo#703186). + + When sending a conditional GET request, SoupCache now preserves + the original message's list of disabled features, ensure that + it gets back the same kind of response the original message + would have (bgo#706338). + + Fixed a warning when the remote host closes the connection + while we are writing something using chunked encoding + (bgo#703297). + + Added SoupServer:http-aliases and :https-aliases properties, + to specify URI schemes that should be treated as though they + were http (bgo#703694). + + Fixed race conditions in cache-test and timeout-test that could + cause spurious failures (bgo#698305). + +------------------------------------------------------------------- +Mon Aug 19 21:13:32 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.43.90: + + Fixed the handling of unsatisfiable range requests in + SoupServer. + + Fixed the handling of IPv6 address literals with scope IDs + (bgo#669724). + +------------------------------------------------------------------- +Tue Jul 30 07:11:17 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.43.5: + + SoupProxyURIResolver is now deprecated in favor of the + SoupSession:proxy-resolver property (bgo#680273). + + The SoupKnownStatusCode enum is now called SoupStatus + (bgo#684409). + + Fixed the parsing of URI schemes in SoupURI (bgo#703776). + + Fixed SoupLogger to print a message's response headers even if + the message gets cancelled before the complete response body + is received (bgo#703200). + + Fixed a build problem in non-UTF-8 locales (bgo#702534). + + SoupSession now warns if you use soup_session_pause_message() + or soup_session_unpause_message() on a synchronous message + (bgo#703461). + +------------------------------------------------------------------- +Tue Jul 9 14:34:28 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.43.4: + + Fixed a bug that could cause synchronous sessions to get stuck + in a state where no new messages would ever get processed + (bgo#703463). + + Fixed another memory leak in SoupSocket (found while added a + test case for bgo#700472). + + Switched to using g_cclosure_marshal_generic() rather than + using glib-genmarshal (bgo#686042). + + Changed SoupServer to call unref() on the query hash table + after calling the handler, rather than destroy(), so that the + handler can keep a copy of the query data if it wants + (bgo#702793). + + Fixed a few introspection annotations. + + Updated examples/get to use SoupLogger and to allow redirecting + the output to a file (bgo#703231, bgo#703229). + +------------------------------------------------------------------- +Tue May 28 19:54:28 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.43.2: + + Fixed an authentication error when using NTLM when connecting + to an https site over a proxy; the code was getting confused + and thinking that the 200 OK response to the CONNECT meant that + NTLM auth had succeeded (bgo#698728). + + Fixed a memory leak in SoupSocket (bg0#700472). + + Fixed a missing include error on some platforms (bgo#700003). + + Fixed warnings when running against the "dummy" TLS backend + (bgo#700518). + +------------------------------------------------------------------- +Wed May 1 08:17:54 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.43.1: + + Including no longer pulls in the system + networking headers. This may cause some packages to no longer + compile, if they were accidentally depending on this. + Adding "#include " will fix them + (bgo#692134). + + Fixed SoupSession:proxy-resolver (bgo#698163). + + Added soup_message_set_priority(), to mark messages as being + high, low, or normal priority, and update the message queue to + prioritize them accordingly (bgo#696277). + + Fixed several test programs to still work if glib-networking + isn't installed and fixed another to still work if the kernel + has no IPv6 support (bgo#698220). + +------------------------------------------------------------------- +Tue Apr 16 13:46:21 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.42.1: + + Fixed SoupProxyResolverDefault (bgo#697028). + + Fixed a gigantic memory leak when using SoupCache (bgo#696594). + + Fixed a build problem on Windows (bgo#696354). + + Fixed ntlm-test to pass whether or not Samba ntlm_auth support + was compiled in (bgo#697510). + + Updated translations. + +------------------------------------------------------------------- +Mon Mar 25 13:11:24 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.42.0: + + Fixed a compiler warning on 32bit in a test program. + + Updated translations. + +------------------------------------------------------------------- +Thu Mar 21 20:51:08 CET 2013 - sbrabec@suse.cz + +- Added support for translation-update-upstream. + +------------------------------------------------------------------- +Mon Mar 18 18:38:57 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.92: + + Fixed a bug that caused libsoup to retry an incorrect password + repeatedly, forever, in a certain case that affected Google + calendars in evolution in particuar (rh##916224). + + Also added code to make such infinite retry loops impossible in + the future. + + Fixed SoupRequestData's handling of URIs with "%00" in them + (bgo##695246). + + Added the SoupSession:proxy-resolver property (bgo#680273). + + Added missing G_BEGIN_DECLS/G_END_DECLS to + soup-message-headers.h, so that its functions can be called + from C++. + + Updated translations. + +------------------------------------------------------------------- +Tue Mar 5 18:49:05 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.91: + + Fixed a crash that showed up with XMLRPC requests in WebKitGTK + (bgo#694920). + + Fixed SoupCache to update the cached headers when it receives + a 304 Not Modified response, and added a test for this + (bgo#695121). + + libsoup now builds under automake 1.13 (and "make check" works + under the parallel test harness which is the default in 1.13) + (bgo#694135). + + The tests/ directory now contains only actual test programs + that are run by "make check", and the programs that are + intended more as example code are under examples/. + + Updated translations. + +------------------------------------------------------------------- +Tue Feb 19 09:17:41 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.90: + + Added SoupSession:local-address property, which allows you to + force connections to bind to a particular local address + (bgo#693215). + + Fixed SoupCache to properly handle messages that get cancelled, + and added tests for this (bgo#692310). + + Fixed a reference leak in SoupCache that resulted in epiphany + hanging for several seconds on exit and then eventually + printing "Cache flush finished despite X pending requests". + And added more tests (bgo#682527). + + Fixed SoupAuthNTLM so that SoupSession:authenticate gets + emitted with retrying=TRUE if the first attempt fails + (bgo#693222). + + Fixed the SoupSession:add-feature-by-type property to accept + non-SoupSessionFeature features as well. + + Fixed a build bug that would break all the apache-based tests + if you didn't have PHP installed (bgo#693311). + + Updated translations. + +------------------------------------------------------------------- +Tue Feb 5 16:28:05 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.5: + + Reverted the change to SoupURI's password handling from 2.41.4, + since it turns out to have broken some things (bgo#692149). + + Avoid a g_return_if_fail() when loading SoupSession:ssl-ca-file + fails (bgo#691930). + + Fixed a bug in SoupBodyInputStream that caused redirects in + WebKitGTK to hang. (bgo#692026). + + Updated translations. + +------------------------------------------------------------------- +Wed Jan 16 23:59:59 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.4: + + Lots of docs fixes. + + The plain SoupSession type now supports + soup_session_queue_message(), soup_session_send_message() and + there are now soup_session_new() and + soup_session_new_with_options(). + + The mirroring of the SoupMessage API onto SoupRequestHTTP, + added in 2.41.3, has been reverted. However, new APIs + soup_session_send() and soup_session_send_async() have been + added that let you use the GInputStream-based API with + SoupMessages rather than SoupRequest, so if you're doing + HTTP-specific stuff, you can just use that instead. + + soup_message_get_https_status() now returns the certificate and + flags for unsuccessful https connections as well as successful + ones (bgo#690176). + + Fixed a deadlock when calling soup_session_abort() on a + SoupSessionSync in some cases (bgo#691399). + + Internal SoupCache rewrites/improvements (bgo#682112). + + Plugged a memory leak in SoupCache (bgo#690382) and in + SoupAuthDigest (bgo#690142). + + LIBSOUP_DISABLE_DEPRECATED has been renamed to + SOUP_DISABLE_DEPRECATED. + + Fixed the samba-windbind-based NTLM support. + + SoupAuthManager is now a public class. + + SoupURI now treats "http://user@example.com" as having a + password of "" rather than NULL. + + build: libsoup now uses autoreconf instead of gnome-autogen.sh, + and no longer uses AM_GLIB_GNU_GETTEXT. + + Updated translations. + +------------------------------------------------------------------- +Wed Jan 16 18:13:18 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.3: + + SoupRequest is now stable API. SoupRequester, however, is + deprecated. Instead you can now call soup_session_request() or + soup_session_request_uri() to create a SoupRequest. + + SoupRequestHTTP now has a number of fields and methods that + mirror the SoupMessage data, so you don't have to use + soup_request_http_get_message() in many cases. On the flip + side, there is also now soup_message_get_request(). And you can + create a SoupRequestHTTP directly (and override its request + method) by using soup_session_request_http() or + soup_session_request_http_uri()). + + soup_message_set_chunk_allocator() is now deprecated; apps that + want to do streaming reads should just use SoupRequest, which + is vastly more sane. + + SoupPasswordManager is now deprecated, and + SoupPasswordManagerGNOME is now a no-op (and libsoup-gnome no + longer links against libgnome-keyring) (bgo#594377, bgo#679866) + + SoupCookieJarSqlite is now deprecated in favor of + SoupCookieJarDB, which is exactly the same thing except that + it's in libsoup itself rather than being in libsoup-gnome + + SoupProxyResolverGNOME is now deprecated; there hasn't been any + real reason to use it since SoupProxyResolverDefault was added. + + SoupSession is no longer an abstract class, and you can create + a plain SoupSession, which behaves in a more + traditionally-gio-like way. + + Usernames and passwords passed into SoupSession a URI will now + be cleared after they're used, so that if they are wrong, the + authenticate signal will be emitted on the next round + (bgo#689673) + + SoupURI now leaves "%00" in URIs as-is, rather than decoding it + to "\0", which was not intended and is never useful. + + Fixed a bug in SoupBodyOutputStream that could cause libsoup to + sometimes use blocking I/O rather than non-blocking when + writing chunked message bodies (bgo#688974) + + Fixed a bug in SoupFilterInputStream that could cause some + non-blocking reads to suck up CPU while waiting for the network + + tests: misc small fixes + + Updated translations. +- Replace sqlite3-devel BuildRequires with pkgconfig(sqlite3). +- Drop libgnome-keyring-devel BuildRequires: no longer needed. + +------------------------------------------------------------------- +Tue Jan 15 22:16:43 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.2: + + libsoup-2.4.so and libsoup-gnome-2.4.so now only export the + symbols that are part of the public API. (bgo#595176) + + Added SOUP_VERSION_MIN_REQUIRED / SOUP_VERSION_MAX_ALLOWED + macros like the corresponding glib ones, to allow libsoup + users to request per-version deprecation/availability warnings. + + Fixed a crash caused by a race condition in SoupSessionSync, + and reorganized some code to avoid other possible similar race + conditions. (bgo#684238) + + Fixed a crash when a DNS resolution failed, caused by a bug in + the GTask porting in 2.41.1. (bgo#688330) + + Fixed a problem that would cause g_warning()s in epiphany when + browsing sites that (incorrectly) returned empty Cache-Control + headers. (bgo#683433) + + We now add a Host header to HTTP/1.0 requests as well as + HTTP/1.1 ones. + + Fixed a bug in the printing of IPv6 address literals in the + Host header in SoupLogger. + + Belatedly added soup-multipart-input-stream.h to soup.h. + + Removed an evil hack in the long-deprecated SoupProxyResolver + code (not to be confused with SoupProxyURIResolver) + (bgo#687659) + + Fixed a few race conditions in the test programs that could + cause "make check" to fail on slow or heavily-loaded machines. + + Further cleaned up and reorganized the internal HTTP I/O + codepaths, in preparation for an improved SoupCache. + (bgo#682112). + + Updated translations. + +------------------------------------------------------------------- +Tue Jan 15 21:42:44 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.41.1: + + Changed the behavior of NTLM authentication to be more like + what other apps apparently do (bgo#624613) + + Fixed a crash caused by a race condition in SoupSessionSync. + (bgo#684238) + + SoupRequest now supports resource:// URIs, for reading from + gresource (bgo#682721) + + Added new compile-time and runtime APIs for checking the + libsoup version (bgo#684514) + + Updated to take advantage of (and require) glib 2.35: removed + all g_type_init() calls and ported to GTask. + + Added support for Apache 2.4 to the unit tests. + + Updated translations. + +------------------------------------------------------------------- +Tue Jan 15 20:29:35 UTC 2013 - dimstar@opensuse.org + +- Update to version 2.40.3: + + soup_message_get_https_status() now returns the certificate + and flags for unsuccessful https connections as well as + successful ones (bgo#690176) + + Fixed a deadlock when calling soup_session_abort() on a + SoupSessionSync in some cases. (bgo#691399) + + Fixed a bug in SoupFilterInputStream that could cause some + non-blocking reads to suck up CPU while waiting for the + network. + + SoupURI now leaves "%00" in URIs as-is, rather than decoding it + to "\0", which was not intended and is never useful. + + A few minor docs fixes. + + Updated translations. + +------------------------------------------------------------------- +Tue Nov 13 13:28:07 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.40.2: + + Fixed a crash caused by a race condition in SoupSessionSync + (bgo#684238) + + Fixed a problem that would cause g_warning()s in epiphany when + browsing sites that (incorrectly) returned empty Cache-Control + headers (bgo#683433) + + Belatedly added soup-multipart-input-stream.h to soup.h. + + Added support for Apache 2.4 to the unit tests. Also fixed a + few race conditions that could cause "make check" to fail on + slow or heavily-loaded machines. + + Updated translations. + +------------------------------------------------------------------- +Tue Oct 16 12:10:40 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.40.1: + + Improved the parsing of multipart/x-mixed-replace responses + (bgo#685752). + + Fixed handling of IPv6 address literals (bgo#684990). + + Updated translations. + +------------------------------------------------------------------- +Mon Sep 24 17:55:56 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.40.0: + + Updated translations. + +------------------------------------------------------------------- +Mon Sep 17 22:23:04 UTC 2012 - zaitor@opensuse.org + +- Update to version 2.39.92: + + Fixed some g_warnings (and a possible crash) with the + soup_request_send_async() (bgo#683404). + + Fixed a hang with SoupSessionSync (bgo#682923). + + Handle empty "Cache-Control" headers. + + Updated translations. + +------------------------------------------------------------------- +Tue Sep 4 15:11:54 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.91: + + Added missing annotations. + + Fixed a crash (bgo#682569) + + Fixed the SoupMessage:network-event signal + + Bugs fixed: bgo#683200 + + Updated translations. + +------------------------------------------------------------------- +Tue Aug 21 08:44:52 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.90: + + Added SoupMultipartInputStream, for handling multipart + responses (particularly multipart/x-mixed-replace) (bgo#656684) + + Fixed a potential crash in SoupSessionAsync after the session + is finalized + + Fixed a regression in soup_tls_is_public_suffix() (bgo#681085) + + Added a SOUP_MESSAGE_IDEMPOTENT flag, so that apps can bypass + the "POSTs must be sent on new connections" check, which was + causing evolution-ews to have to create a new connection for + every request (bgo#681493) + + Changed SoupSession so that pending SoupMessages now hold a ref + on the session. It is possible that this will break code that + was depending on the old, dumb, behavior (where unreffing the + session with messages pending would cause those messages to be + cancelled), in which case this will be reverted before 2.40. + + Fixed memory leaks found by valgrind + + Cleaned up some code in SoupCache (bgo#681509) + + Updated translations. + +------------------------------------------------------------------- +Tue Aug 7 09:23:03 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.5: + + Fixed several bugs in the soup-message-io updates that could + cause hangs or I/O errors (bgo#679527) + + Fixed SoupServer:async-context to work properly again + + Further fixes to soup_uri_normalize() when using the + "unescape_extra" parameter. (bgo#680018) + + Fixed soup_xmlrpc_parse_method_call() to handle the case where + there is no element (which is legal) (bgo#671661) + + Fixed the deprecation warning on soup_message_headers_get() + (bgo#680143) + + Added warnings to some erroneous SoupSocket usages rather than + returning bogus data (bgo#673083) + + Fixed build under Windows/MinGW + + SoupSocket no longer emits the "readable" signal when a socket + is disconnected if that socket is non-blocking + + Updated public suffix list to the current version + + Updated translations. + +------------------------------------------------------------------- +Tue Jul 17 18:07:18 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.4.1: + + Fixed indentation problems in tld-parser.py so it will work + under python 3 (bgo#680089) + + Actually fixed cookies in non-suffixed/private domains, which + still didn't work after the last fix (bgo#679230) + + Updated translations. + +------------------------------------------------------------------- +Tue Jul 17 09:51:32 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.4: + + Fixed the SoupRequest codepaths to properly retry in the case + where the server closes a persistent connection when we try to + use it (bgo#679527) + + Fixed the content-type and content-length of requests retrieved + from SoupCache (bgo#680029) + + Fixed the handling of cookies in non-suffixed and private + domains ("localhost", "foo.local", etc., bgo#679230) + + Fixed cookie parsing to allow attribute values on "secure" and + "HttpOnly" (bgo#678753) + + Fixed a (rare) crash when closing the stream returned from + SoupRequestHTTP. + + Bugs fixed: bgo#671770, bgo#678909, bgo#680055, bgo#680018. + + Updated translations. + +------------------------------------------------------------------- +Tue Jun 26 17:10:09 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.3: + + Added new functions for comparing domains against the + "public suffix" list, and in particular fixed SoupCookieJar to + not allow setting cookies in "public" domains (eg, ".co.uk"). + [bgo#673802] + + Added two new SoupCookieJar APIs (soup_cookie_jar_get_cookies() + and soup_cookie_jar_set_cookie_with_first_party()) as part of + fixing the handling of HttpOnly cookies in WebKitGTK. + [bgo#677922] + + Fixed g-i annotation of soup_message_headers_get_content_type() + [bgo#677002] + + Updated translations. + +------------------------------------------------------------------- +Mon Jun 4 20:38:28 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.2: + + Fixed several bugs that resulted from the I/O code rewrite + in 2.39.1, and added more test cases to exercise the new code + paths: + - Problems with cancelling messages from the got-headers signal + (bgo#674747) + - Persistent connections were not always being closed properly + after a message was cancelled mid-response. + - Cancelling a SoupRequest before it started I/O didn't work. + - Asynchronous HTTP authentication via the SoupRequest API + (bgo#675306) + - Memory leak (bgo#676038) + - Refcounting bug that manifested as a crash in rygel + (bgo#676038) + - Handling failed CONNECT requests via SoupRequest (bgo#675865) + - Messages with trailing junk following a compressed message + body (bgo#676477) + + Fixed three cache-related bugs that affect some sites + + Fixed a bug in the /usr/bin/ntlm_auth integration when you + don't already have credentials cached, and avoid printing + warning messages when ntlm_auth is present but not usable. + + Fixed some g-ir-scanner warnings, and included + SoupRequester/SoupRequest in the introspected API (bgo#676742) + + Added soup_buffer_get_as_bytes() (bgo#676776) + + Updated translations. + +------------------------------------------------------------------- +Wed May 2 18:08:01 UTC 2012 - dimstar@opensuse.org + +- Update to version 2.39.1: + + Major rewrite of the I/O code to use gio streams more directly. + + Libsoup now finally supports SOCKS proxies again (bgo#553269) + + Certain error messages returned from the streaming API are now + localized + + Added a SoupCookieJar:is-persistent property, to distinguish + memory-only jars from SoupCookieJarText and SoupCookieJarSqlite + (bgo#672838) + + Updated translations. +- Add intltool BuildRequires: new dependency. +- Create a lang package, which is recommended by the library. + +------------------------------------------------------------------- +Tue Apr 17 05:56:46 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.38.1: + + Fixed a situation where soup_connection_disconnect() could end + up calling g_object_unref(NULL) when an idle connection was + closed. [bgo#672178] + + Fixed two warnings when cancelling an in-progress + soup_socket_connect_async(). + + Fixed a crash when disposing a SoupServer with open + connections. [bgo#673468] + + Fixed the SoupSession:ssl-use-system-ca-file property to get + turned off (rather than on) when you set it to FALSE... Also + fixed up the property notifications around the various + certificate-verification properties (ssl-ca-file, + ssl-use-system-ca-file, and tls-database). + + Fixed SoupSession to not leak paused SoupMessages that were + still in progress when it was unreffed. [bgo#673905] + + Updated the win32 file: URI code again, to fix regressions in + the WebKit tests. [webkit#82484] + +------------------------------------------------------------------- +Tue Mar 27 06:08:09 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.38.0: + + Minor documentation fixes + +------------------------------------------------------------------- +Tue Mar 20 16:10:50 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.37.92: + + Added soup_session_prefetch_dns() and deprecated + soup_session_prepare_for_uri(). The new method takes a + completion callback, allowing you to know how many DNS + resolutions are currently outstanding, so you don't spam the + resolver. [webkit#41630] + +------------------------------------------------------------------- +Tue Mar 6 08:09:16 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.37.91: + + Fixed an out-of-bounds memory read that could occur when + parsing malformed requests/responses. + + Fixed a build-related bug in Makefile.glib that affected + locales such as Estonian where "Z" is not the last (ASCII) + letter of the alphabet. [bgo#654395] + + Fixed the handling of file: URIs with query components, which + got broken in 2.37.90. + + Fixed SoupAuthManagerNTLM to not fall back to allowing Basic + auth when NTLM failed. + + Further tweaked the warnings/fallback in SoupURI, so that + soup_uri_to_string() on an http URI with a NULL path would + translate that to "/" like it used to. [bgo#670431] + + Fixed a warning when cancelling the load of a page with many + subresources. [bgo#667245] + + Use G_GNUC_BEGIN/END_IGNORE_DEPRECATIONS if GLib is new enough, + to avoid getting warned about the use of GValueArray. + +------------------------------------------------------------------- +Tue Feb 21 07:31:57 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.37.90: + + Added various return-if-fails and other sanity checks to + various functions. [bgo#669479] + + Updated docs/annotation of soup_form_decode_multipart() to note + that all of the out parameters are (allow-none). Fixed the + file_control_name parameter to actually allow NULL like the + docs already claimed. [bgo#669479] + + Fixed a minor URI parsing bug. (It was allowing URI schemes to + contain numbers.) + + Fixed a few memory leaks introduced in the 2.37 cycle. + + Fixed SoupServer to be able to correctly respond to HTTP/1.0 + requests over IPv6 (which previously would always have returned + "400 Bad Request"). [bgo#666399] + + Changed SoupSessionAsync to make it possible to finalize it + from the "wrong" thread. [bgo#667364] + + Fixed SoupCache to not cache resources whose URIs have query + components (unless they have explicit cache headers); to not + generate broken conditional requests for resources that cannot + be conditionally validated; and to not spew warnings when + receiving invalid Cache-Control headers. [bgo#668865] + +------------------------------------------------------------------- +Fri Feb 10 15:21:39 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.37.5.1: + + Replace some of the newly-added SoupURI g_return_if_fail()s + with g_warn_if_fail()s. Although it had always been documented + that SoupURIs must have a non-NULL path, most functions treated + NULL the same as "", and various apps (eg, rhythmbox, midori) + were accidentally relying on this. + +------------------------------------------------------------------- +Tue Feb 7 07:39:42 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.37.5: + + Fixed a bug in SoupSession:use-thread-context. + + Fixed the case of cancelling a message from + SoupSession::request-started [bgo#668098] + + Fixed a crash in epiphany when loading a page with more than + 1000 or so images. [bgo#668508] + + Fixed a bunch of cases involving invalid URLs found while + testing SoupServer against an HTTP protocol fuzzer. Also fixed + up some documentation/annotations and added some new test + cases. [bgo#667637] + + Fixed SoupRequestFile to work on Windows. +- Remove xz BuildRequires now that it comes for free in the build + system. + +------------------------------------------------------------------- +Tue Jan 17 07:12:34 UTC 2012 - vuntz@opensuse.org + +- Update to version 2.37.4: + + SoupMessage now has a "network-event" signal that can be + monitored for information about DNS, proxy lookup, TCP + connections, and TLS handshakes. + + The HTTP header parsing code now avoids hitting + g_return_if_fails() (and returns an error instead) in a few + cases of seriously-invalid headers. [bgo#666316] + + POSTs and other non-idempotent requests are now always sent + on newly-created connections. You can also force this + behavior on other messages by setting the + SOUP_MESSAGE_NEW_CONNECTION flag. [bgo#578990] + + Server-closed idle connections are now detected ahead of time + on Windows, preventing occasional spurious "Connection + terminated unexpectedly" errors. (This had been fixed on UNIX + since 2.28, but the earlier fix didn't work with WinSock.) + [bgo#578990] + + Plugged a leak in SoupRequestHTTP. [bgo#667099] + +------------------------------------------------------------------- +Tue Dec 20 09:19:03 UTC 2011 - vuntz@opensuse.org + +- Update to version 2.37.3: + + Simplified SoupHTTPInputStream and SoupRequestHTTP, allowing + related simplifications in WebKit's ResourceHandleSoup. This is + an ABI-incompatible change, but SoupHTTPInputStream is an + unstable API. [bgo#663451] + + Fixed a bug that caused the SOUP_MESSAGE_CERTIFICATE_TRUSTED + flag to always be cleared, causing epiphany to claim all https + pages were untrusted. [bgo#665182] + + Fixed some bugs in the handling of SoupSession:http-aliases and + SoupSession:https-aliases. + + Fixed SoupContentDecoder's "ignore Content-Encoding: gzip + because the server didn't actually mean it" hack to handle + x-gzip too. + + Clarified the documentation on SoupSession:ssl-strict + [bgo#666280] + + Fixed handling of ACLOCAL_FLAGS [bgo#641470] +- Add xz BuildRequires because we can't build a package for a + xz-compressed tarball without explicitly specifying that... See + bnc#697467 for more details. + +------------------------------------------------------------------- +Mon Dec 12 15:50:01 UTC 2011 - vuntz@opensuse.org + +- Remove explicit Requires for glib2-devel, libgnutls-devel, + libgcrypt-devel, libgpg-error-devel, libxml2-devel in devel + subpackage: the needed ones will automatically be added the + pkgconfig() way. + +------------------------------------------------------------------- +Thu Dec 8 20:13:05 UTC 2011 - dimstar@opensuse.org + +- Split typelib files into typelib-1_0-Soup-2_4 subpackage. +- Add typelib-1_0-Soup-2_4 Requires to devel subpackage. + +------------------------------------------------------------------- +Tue Nov 22 09:44:02 UTC 2011 - vuntz@opensuse.org + +- Update to version 2.37.2: + + Fixed up the output of SoupDirectoryInputStream, thus improving + the display of local directories in WebKit-based browsers. + [bgo#662266] + + Fixed a bug introduced in 2.37.1 that caused some cancelled + SoupMessages to be leaked. [bgo#662847] + + Added new SoupSession properties "http-aliases" and + "https-aliases" that allow you to configure more explicitly + what URL protocols are treated as aliases for http (eg, "dav:", + "webcal:", etc), and which should be recognized as meaning + something else, (eg, "ftp:") + + Added soup_session_would_redirect() and + soup_session_redirect_message(), to help users that want to + handle some or all redirects themselves. Added + soup_message_set_redirect() to make it easier to return + redirection responses from a SoupServer. + + Added the SoupSession "use-thread-context" property, which + tells it to use GMainContexts in a gio-compliant way (and in + particular, allows having different messages running in + different GMainContexts on the same SoupSession, though only to + a limited extent since SoupSessionAsync is still not + thread-safe). In particular, this was added in order to address + webkit#68238. + + Made SoupURI %-encode non-ASCII characters when parsing URIs, + in particular to fix a problem with certain servers sending + syntactically invalid redirects that they would then only + interpret correctly if you fixed the syntax for them. + [bgo#662806] + + Fixed a connection-handling bug that could cause problems with + servers that requested authentication and then timed out the + connection while the application was waiting for the user to + enter a password. [bgo#660057] + + Made NTLM and Basic authentication handle some non-ASCII + usernames and passwords. (NTLM should handle most. It's + impossible to fix Basic in the general case.) [bgo#576838] + + Added support for "deflate" Content-Encoding, so that we can + work with broken servers that insisted on using it even though + we explicitly indicated in the request headers that we didn't + support it. [bgo#661682] + +------------------------------------------------------------------- +Thu Oct 27 21:40:29 UTC 2011 - dimstar@opensuse.org + +- Update to version 2.37.1: + + Fixed a problem with connections being assigned to multiple + requests at once after a redirection [bgo#651146]. + + Ported SoupSession to use GTlsDatabase internally, and added + two new properties, SoupSession:use-system-ca-file (to + specify that the session should use the default system tlsdb) + and SoupSession:tlsdb (to specify a specific tlsdb to use) + + Likewise, added SoupServer:tls-certificate, for specifying a + certificate/key for an https server to use. + + Made SoupHTTPInputStream more memory efficient [bgo#659255] + + Fixed soup_message_get_https_status() to return information + more reliably (with latest glib-networking). + +------------------------------------------------------------------- +Tue Oct 18 06:27:40 UTC 2011 - vuntz@opensuse.org + +- Update to version 2.36.1: + + Fixed a problem with connections being assigned to multiple + requests at once after a redirection [bgo#651146] + +------------------------------------------------------------------- +Mon Sep 26 22:23:00 UTC 2011 - vuntz@opensuse.org + +- Update to version 2.36.0: + + Improvements to gtk-doc documentation. + +------------------------------------------------------------------- +Tue Sep 20 07:42:55 UTC 2011 - vuntz@opensuse.org + +- Update to version 2.35.92: + + Fixed a problem where SoupHTTPRequest response bodies could be + truncated. [bgo#659256] + + Fixed a bug in copying TLS information from SoupSocket to + SoupMessage, causing all https connections to be reported as + "untrusted" in epiphany. + + Made SoupSession remove items from its host cache after a + while, so that if a host changes IP address, it will eventually + try to re-resolve it. [bgo#646959] + +------------------------------------------------------------------- +Wed Aug 31 09:53:11 CEST 2011 - vuntz@opensuse.org + +- Update to version 2.35.90: + + Added SOUP_MESSAGE_CAN_REBUILD flag, to use with + soup_message_body_set_accumulate(FALSE) on a request body, to + indicate that the caller will recreate the request body after + it has been discarded if the message needs to be re-sent. + [bgo#656650] + + Fixed the build on mingw-w64 by not using "interface" as + variable name. [bgo#656402] + + (The multihosted https server regression mentioned in the + 2.35.5 NEWS turned out to be a glib-networking bug, which is + fixed as of 2.29.18.) +- Add samba-winbind Suggests to libsoup-2_4-1: the NTLM single sign + on feature works with /usr/bin/ntlm_auth (but can fallback to the + old method if this is not present). +- Remove Requires for libsoup-2_4-1 and Obsoletes for libsoup-64bit + from main package since there is no such main package anymore. + +------------------------------------------------------------------- +Tue Aug 16 04:31:24 CEST 2011 - dimstar@opensuse.org + +- Update to version 2.35.5: + + bgo#650940: Support NTLM single sign on via samba's + /usr/bin/ntlm_auth. + + bgo#581342: Default to TLS+extensions for https connections, + falling back to SSLv3-without-extensions only if the server + fails to negotiate TLS. + + bgo#631368: Fixed a problem with https pages sometimes not + loading when using a proxy. + + bgo#648848: SoupContentSniffer: don't use gio's sniffing rules, + since the spec now recommends that browsers not do any + additional sniffing beyond what's in the spec. + + bgo#653707: Fixed SoupRequestHTTP to work properly with + alternate GMainContexts. + + bgo#655397: Added some annotations from Vala's vapi files. + +------------------------------------------------------------------- +Thu Jul 28 21:27:11 CEST 2011 - vuntz@opensuse.org + +- Update to version 2.35.4: + + CVE-2011-2054: Fixed a security hole that caused some + SoupServer users to unintentionally allow accessing the entire + local filesystem when they thought they were only providing + access to a single directory. [bgo#653258] + + Plugged another SoupCache memory leak. + + Simplified SoupCache keys, and handle collisions. [bgo#649963] + + Annotate SoupSession:add-feature, etc, as (skip), so they don't + conflict with the methods of the same name. [bgo#655150] + +------------------------------------------------------------------- +Tue Jul 5 08:24:36 CEST 2011 - vuntz@opensuse.org + +- Update to version 2.35.3: + + Always send the "Keep-Alive" header. + + Deal with broken apache Content-Encoding for .gz files, that + was leading to decompressing the files. + + Various cache improvements, including: + - Do not store hop-by-hop headers in cache. + - Store the HTTP status code in the cache. + - Add versioning support to SoupCache. + + Fix integer overflow on 32bit. + + Fix memory leaks. + + Build fixes. + +------------------------------------------------------------------- +Mon May 23 23:25:22 CEST 2011 - dimstar@opensuse.org + +- Update to version 2.34.2: + + Two SoupCache-related leak fixes + + bgo#648948: Minor build fix for Debian/Ubuntu + + Fixed a docs typo. + +------------------------------------------------------------------- +Tue Apr 26 14:31:00 UTC 2011 - fcrozat@novell.com + +- Update to version 2.34.1: + + Two multipart forms/Content-Disposition fixes: + . UTF-8-encoded header encoding/decoding rules updated to match + RFC 5987. In particular, a UTF-8-encoded filename parameter + in Content-Disposition will now override an ASCII one. + . When not using UTF-8-encoded filenames in + Content-Disposition, always quote the filename, since some + servers erroneously fail to handle non-quoted ones. + (bgo#641280) + + Fixed several memory leaks + + Fixed decoding base64 data: URLs (bgo#646896) + + Fixed a bug in soup_uri_to_string() in which (invalid) port + numbers could be output as negative numbers (tripping up a + WebKit "sanity checking" test) (bgo#647767) + + Fixed a cache corruption bug in SoupCache (bgo#648285) + + Fixed a crash in SoupSessionSync when using + soup_session_abort(). + +------------------------------------------------------------------- +Tue Apr 5 11:46:27 UTC 2011 - fcrozat@novell.com + +- Update to version 2.34.0: + + Fixed the GMainContext handling of the new + SoupProxyResolverDefault (which among other things fixes + gstreamer usage inside epiphany). bgo#646201 + + Tweaked the introspection Makefile rules to fix a problem + building on Debian/Ubuntu. bgo#645505 + + Belated bumped the shared library versioning to reflect the + API additions since 2.32.0 + +------------------------------------------------------------------- +Tue Mar 22 13:15:30 UTC 2011 - fcrozat@novell.com + +- Update to version 2.33.92: + + LIBSOUP NO LONGER DEPENDS ON GCONF OR LIBPROXY. (see below). + + Added SoupProxyResolverDefault, which uses uses gio's + GProxyResolver to resolve proxies [bgo#642982] + Despite the "default" in the name, it is not used by + default, for compatibility reasons, but it is available in + plain libsoup, not libsoup-gnome. (Of course, it depends on + having glib-networking installed.) + + Updated SoupProxyResolverGNOME to be based on + SoupProxyResolverDefault, but explicitly requesting the + "gnome" GProxyResolver if it is available [bgo#625898], and + removed the old code that used GConf and libproxy directly. + + Added soup_server_disconnect(), to explicitly disconnect a + SoupServer, since it is not possible to g_object_unref() it + from memory-managed language bindings. [bgo#638576] + + SoupDate now parses month names case-insensitively [bgo#644048] + + Avoid a g_return_if_fail() when using + SOUP_COOKIE_JAR_ACCEPT_NO_THIRD_PARTY with non-http URIs + (file:, data:, etc). [bgo#643226] + + SoupCookieJar now catches overflows when parsing very + distant dates [bgo#643462] + + Fixed a buggy interaction between request body streaming and + restarted requests. Added some new tests + to tests/chunk-test.c to make sure that a specific + (unsupported!) way of using those methods would not get + broken in the future. + + Fixed soup_socket_get_remote_address(), which had been + broken since 2.33.4 (and which in turn caused + soup_client_context_get_address/_get_host to be broken). + [bgo#645227] +- Drop gconf2-devel and libproxy-devel BuildRequires. + +------------------------------------------------------------------- +Tue Feb 22 18:09:27 UTC 2011 - fcrozat@novell.com + +- Update to version 2.33.90: + + glib-networking is a compile and runtime dependency now. + + bgo#642075: fixed a bug in talking to servers with virtual + hosts with Unicode names (IDNs). + + bgo#640414: added a "Connection: Keep-Alive" header when + talking to HTTP/1.0 hosts, to improve performance. + + bgo#642028: changed SoupCache to not cache + multipart/x-mixed-replace content. +- Changes from version 2.33.6: + + bgo#639768: made SoupSessionAsync do idle-connection cleanup + more sanely, resulting in faster load times for pages with lots + of subresources. + + bgo#639783: fixed soup_form_decode()'s behavior (and by + extension, SoupServer query string handling) with datasets that + contain multiple values for the same key, and added a test + case. + + bgo#640556: fixed warnings pointed out by gcc 4.6, including a + bug in SoupCache that would cause unnecessary revalidations. + + bgo#641022: belated copied a fix from the WebKit copy of + soup-cache.c into ours, and fixed a bug in the local copy of + soup-request-data.c, in preparation for making WebKit use + the libsoup versions. +- Changes from version 2.33.5: + + bgo#637741: fixed certain cases of + soup_session_cancel_message() with SoupSessionSync that could + previously cause warnings or crashes. +- Changes from version 2.33.4: + + SoupSocket now uses GSocketConnection and GTlsConnection + internally rather than making socket calls directly and + using GIOStream, and TLS is handled via glib's APIs rather + than using gnutls directly. + + The gzip Content-Encoding handler is now implemented using + GZlibDecompressor + + As a result of the above two changes, libsoup no longer + directly depends on gnutls, libgcrypt, or zlib, though it + still indirectly depends on zlib via glib and libxml2. Also, + although libsoup does not depend on glib-networking as a + build-time dependency, some "make check" tests will be + skipped if it is not installed. + + bgo#523100: the SoupRequest/SoupCache code from WebKit has + been imported, but it is not yet recommended for general use, + and is not necessarily API stable. + + Added SoupMessage:tls-certificate and SoupMessage:tls-errors, + which give more information about the certificate used to + authenticate a TLS connection. + + It is now possible to disable Basic or Digest auth in a + session by using soup_session_remove_feature_by_type() with + SOUP_TYPE_AUTH_BASIC or SOUP_TYPE_AUTH_DIGEST. Likewise, the + right way to enable NTLM support now is to call + soup_session_add_feature_by_type() with SOUP_TYPE_AUTH_NTLM; + SOUP_SESSION_USE_NTLM is now deprecated. + + bgo#603825: allow setting cookies on file:// URIs, since other + browsers do, and WebKit has a test for it. + + bgo#635395: .gir/.typelib files now include C header/library + information (needed by vala and some other bindings) + + Added annotations on soup_message_headers_get_content_type() + and SoupHTTPVersion + + bgo#636741: fixed a Set-Cookie processing leak. +- Add glib-networking BuildRequires, and explicit Requires in + libsoup-2_4-1 since we need the gio module for TLS support. +- Remove now unneeded gnutls-devel BuildRequires. +- Drop libsoup-gnutls-allow-tls.patch: the TLS handling is now done + in glib-networking. + +------------------------------------------------------------------- +Tue Nov 30 09:02:31 CET 2010 - dimstar@opensuse.org + +- Update to version 2.32.2: + + bgo#634422: Fixed a regression in 2.32.0 that caused + evolution-exchange to get stuck and stop updating. + + bgo#635101: Fixed a regression in 2.32.0 with apps using + asynchronous sessions from multiple threads. + + Fixed the regression tests. + +------------------------------------------------------------------- +Tue Nov 16 16:33:51 CET 2010 - dimstar@opensuse.org + +- Update to version 2.32.1: + + bgo#631525: Fixed a regression in 2.32.0 with the use of + persistent connections that caused spurious "Connection + terminated unexpectedly" errors. + + Fixed a regression in 2.32.0 that caused proxy-related DNS + errors to return SOUP_STATUS_CANT_RESOLVE rather than + SOUP_STATUS_CANT_RESOLVE_PROXY. + + bgo#631679: Usernames/passwords specified explicitly in request + URIs now override existing cached auth info. + + bgo#630540: Changed soup_uri_decode() and soup_uri_normalize() + to just ignore malformed %-encoding rather than returning NULL, + for consistency with soup_uri_new(). + + bgo#620220: Fixed soup_form_decode() to ignore invalid + parameters, and soup_form_encode_hash() to just + g_return_if_fail() rather than crashing if there are NULL + values in the hash. + + bgo#629160: Added another workaround for stupid servers that + close the connection before returning the full response + + bgo#631641: Fixed a bug in SoupCookieJarText that deleted + excess cookies whenever any cookie expired. + + Fixed a small leak in SoupContentDecoder + + bgo#631679: Added regression tests for passwords-in-URIs + +------------------------------------------------------------------- +Tue Sep 28 09:23:27 CEST 2010 - vuntz@opensuse.org + +- Update to version 2.32.0: + + No changes, just a version bump. + +------------------------------------------------------------------- +Mon Sep 20 11:29:41 CEST 2010 - vuntz@opensuse.org + +- Add libsoup-gnutls-allow-tls.patch: let gnutls try to use TLS, + instead of being SSL 3.0-only. This might lead to some websites + not being accessible with libsoup, and upstream does not want + this behavior; a proper fix needs a lot of work. See discussion + in bnc#634040. + +------------------------------------------------------------------- +Mon Sep 13 22:43:23 CEST 2010 - dimstar@opensuse.org + +- Update to version 2.31.92: + + Updated for gobject-introspection 0.9.5. Also added some new + annotations and removed a bunch of private headers from the + scanning process. + + bgo#628728: Percent-encoded characters in URIs are no longer + automatically normalized to uppercase, since apparently some + servers are stupid. + + bgo#629449: Fixed a crash when resolving a URI containing both + spaces and non-UTF8 8bit characters. + +------------------------------------------------------------------- +Tue Aug 17 15:59:00 CEST 2010 - dimstar@opensuse.org + +- Update to version 2.31.90: + + bgo#526321: libsoup now tries to connect to each IP address + associated with a hostname, if the first one fails. + + Fixed Accept-Language header generation in locales where "," is + used as the decimal point. + +------------------------------------------------------------------- +Fri Aug 6 12:32:35 CEST 2010 - vuntz@opensuse.org + +- Update to version 2.31.6: + + Disabled TLS 1.2 in addition to the already-disabled 1.1 and + 1.0, thus making libsoup usable with gnutls 2.10. [bgo#622857] + + When using libproxy 0.3 or newer, libsoup no longer leaks + proxy-related environment variables into child processes + [bgo#603285] + + Changed the way message/connection binding works in + SoupSession so that (among other things), when there are + multiple requests queued to a host, and one of them gets a + network error, the other requests are still allowed to try + to succeed, rather than all failing immediately. [bgo#619633] + + SoupSession now limits the number of times a message can be + redirected, to avoid infinite loops [bgo#604383] + + Fixed handling of certain messages where the response + headers included "Connection: close" but the server did not + actually close the connection at the end. [bgo#611481] + + Fixed some incorrect g-i annotations [bgo#621021] + + Fixed an out-of-bounds memory access when processing certain + Set-Cookie headers [bgo#620288] + + Improved msg->reason_phrase on network errors [bgo#623274] + + Fixed gir file disting [bgo#621727] + +------------------------------------------------------------------- +Tue Jul 6 08:21:34 CEST 2010 - dimstar@opensuse.org + +- Update to version 2.31.2: + + bgo#576595: gobject-introspection has now been merged in + + bgo#617216: Marked SoupSession abstract + + bgo#618641: Fixed a problem with SoupSessionAsync that would + cause messages to get lost if you aborted a previous message + while it was still looking up the hostname + + bgo#615535: Fixed another connecting-to-lame-http-server + problem. +- Add gobject-introspection-devel BuildRequires and pass + --enable-introspection to %configure. + +------------------------------------------------------------------- +Thu Apr 29 14:31:40 CEST 2010 - dimstar@opensuse.org + +- Update to version 2.30.1: + + bgo#611663 - Fix for https through proxies that close the + connection when returning a "407 Proxy Authentication Required" + response, and add a regression test for that case. + + bgo#614176 - Don't quote the multipart boundary string if it's + not needed, since RFC 2616 recommends that you don't, and some + servers don't handle quotes there correctly + + bgo#614183 - Don't put an extra blank line before the first + multipart part, since it's unnecessary and some servers don't + handle a multipart preamble correctly. + + bgo#614198 - Don't put Content-Transfer-Encoding headers in the + multipart/form-data parts, even though the HTML 4 spec says you + must, since no other browsers do, and some servers don't handle + them correctly. + + bgo#615711 - Changed SoupCookieJarSqlite to actually erase + deleted cookies from the database. + + bgo#611663 - Fixed SoupLogger to be more robust against getting + passed bad data by the session. + + Fixed SoupAuthDomain to ignore paths when doing proxy auth + + bgo#613442 - Fixed a g_warning when hovering over a javascript + link in WebKit. + + Updated translations. + +------------------------------------------------------------------- +Tue Mar 30 00:39:13 CEST 2010 - vuntz@opensuse.org + +- Update to version 2.30.0: + + Fixed a crash in the whitespace-stripping code in + soup_uri_new() [bgo#612644] + + Update content-sniffing algorithm to match Chrome and the + soon-to-be-updated sniffing spec. [bgo#611502] + + We now handle "Content-Encoding: x-gzip" as well as "gzip" + (even though "x-gzip" has been deprecated for more than 10 + years). [bgo#611476] + + Fixed leaks found by valgrind + + Make the "make check" programs only bind to 127.0.0.1, not any + public network interfaces. [bgo#609489] + + Add a test to sniffing-test to make sure that Content-Type + parameters are preserved correctly. + +------------------------------------------------------------------- +Tue Feb 23 02:20:56 CET 2010 - vuntz@opensuse.org + +- Update to version 2.29.91: + + Added SOUP_SESSION_SSL_STRICT and + SOUP_MESSAGE_CERTIFICATE_TRUSTED, to allow callers to determine + if an https response comes from a server with a + recognized/valid or unrecognized/invalid certificate. + [bgo#610374] + + Fixed handling of certain badly-formatted URIs [bgo#590524] + +------------------------------------------------------------------- +Wed Feb 10 16:09:38 CET 2010 - vuntz@opensuse.org + +- Update to version 2.29.90: + + Added soup_cookie_jar_set_accept_policy() and related API for + implementing cookie acceptance policies. [bgo#608353] + + Fixed the "request-read" signal in SoupServer to actually be + emitted. + +------------------------------------------------------------------- +Tue Jan 26 17:48:10 CET 2010 - vuntz@opensuse.org + +- Update to version 2.29.6: + + Fixed SoupContentDecoder to ignore trailing junk after the + encoded message body (as other browsers do), rather than + getting stuck in an infinite loop. [bgo#606352] + + Fixed an invalid read in soup_cookie_applies_to_uri() + [bgo#607024] + + Fixed linking on OS X [bgo#606959] + + Removed a harmless warning in SoupServer. [bgo#606645] + +------------------------------------------------------------------- +Wed Jan 13 05:17:51 CET 2010 - captain.magnus@opensuse.org + +- Update to version 2.29.5: + + Added SoupContentDecoder, providing support for + Content-Encoding: gzip for WebKitGTK. [bgo#522772] + + Added "accept-language" and "accept-language-auto" properties + to SoupSession, to support the Accept-Language header. + [bgo#597004] + + Fixed a bug in SoupPasswordManagerGNOME that could cause + crashes if you typed the wrong password once and then tried + again. [bgo#595554] + + Fixed a crash in SoupAuthDigest if the server claims support + for both qop=auth and qop=auth-int. (This was not noticed + sooner because no one actually supports qop=auth-int, and the + server in question here was probably confused. :) + + Updated cookie parsing/output to more closely match + draft-ietf-httpstate-cookie-00. [Also fixes bgo#603496 (WebKit + unit test), and bgo#604794 (hang parsing malformed Set-Cookie + header)] + + Fixed https-via-proxy to not hang if there is an error + communicating with the proxy immediately after the TLS + negotiation. [bgo#587528] + + Fixed a bug that broke gobject-introspection's introspection of + libsoup. [bgo#603696] + + Handle spurious CR/LFs between responses. [bgo#602863] + + Fixed soup-message-client-io to not erroneously include URI + fragments on the Request-Line when sending via a proxy. + + Fixed Digest authentication against certain (buggy?) + clients/servers that require you to use quotes in exactly the + same places where the spec uses them. [bgo#582219] + + Fix ugly gtype-related hack to work with the latest unstable + glib +- Remove libsoup-gir-repository-build.patch. Fixed upstream + +------------------------------------------------------------------- +Tue Jan 5 17:09:37 CET 2010 - jengelh@medozas.de + +- Package baselibs.conf + +------------------------------------------------------------------- +Wed Dec 23 10:32:37 CET 2009 - vuntz@opensuse.org + +- Change gnome-keyring-devel BuildRequires to + libgnome-keyring-devel, following the module split upstream. + +------------------------------------------------------------------- +Thu Dec 3 14:23:03 CET 2009 - vuntz@opensuse.org + +- Add libsoup-gir-repository-build.patch to fix the gir-repository + build. + +------------------------------------------------------------------- +Wed Dec 2 01:27:54 CET 2009 - vuntz@opensuse.org + +- Update to version 2.29.3: + + Fixed a crash in SoupCookieJarSqlite when using cookie + databases not created by libsoup (eg, upgraded epiphany + installations). + + Fixed SoupCookieJar to handle non-http URIs properly (so that, + eg, JavaScript bookmarklets that try to set/read cookies won't + cause crashes). [bgo#602498] + + HEAD requests that receive a "303 See Other" response will now + do a HEAD, not a GET, on the redirected-to resource. Fixes gvfs + access to some sites, including certain youtube.com URIs. + [bgo#600830] + + Fixed a g_warning that would always trigger in the server-side + SoupCookie code. [bgo#602389] + + Fixed the server-side SoupMultipart code to be able to parse + multiparts containing binary attachments, rather than rejecting + them as malformed. [bgo#601640] + + Fixed the Request-Line format in the https-over-proxy case. + Among other things, this fixes access to bugzilla.gnome.org + from WebKitGTK-based browsers. [bgo#598277, bgo#600826] + + Fixed a leak in SoupSession if a message was cancelled while + the initial socket connection was in progress. [bgo#596074] + + Fixed server-side parsing of Digest auth. [bgo#602898] + + Fixed WinSock initialization on Windows. [bgo#600689] + + Fixed a sporadic crash in the SSL code on Windows. [bgo#600748] + + Fixed handling of https connections with timeouts on Windows. + [bgo#600749] + + Added soup_session_prepare_for_uri(), to allow DNS prefetching + for faster browsing. [bgo#598948] + + SoupSession now avoids redundant DNS lookups again when first + connecting to a new site, resulting in (probably imperceptibly) + faster loads. + + Added some debugging APIs to SoupConnection and SoupSession for + use by, eg, epiphany's soup-fly extension. [bgo#589163] + +------------------------------------------------------------------- +Sat Nov 14 02:42:42 CET 2009 - vuntz@opensuse.org + +- Update to version 2.28.1: + + libsoup will now attempt to make multiple connections to a + server at once when there are multiple messages queued to that + server. The previous behavior (only allowing a single pending + connection to each server) resulted in slow load times on pages + with lots of subresources (images, css, js, etc) on servers + that disallow persistent connections. [bgo#594768] + + There should now be fewer (no?) "Connection terminated + unexpectedly" errors in WebKitGTK. + + Fixed a crash in SoupCookieJarSqlite [bgo#596859] + + Fixed soup_address_get_physical() and address-to-name + resolution of SoupAddress? + + Fixed a bug in SoupContentSniffer that could cause false + negatives [bgo#597545]. + + Fixed the configure error if you have gnutls-devel but not + gcrypt-devel installed [bgo#587709]. + +------------------------------------------------------------------- +Wed Sep 23 14:30:17 CEST 2009 - dimstar@opensuse.org + +- Update to version 2.28.0: + + Fixed a handful of leaks found with valgrind, including a + large one in SoupContentSniffer + + bgo#584522 - Changed the behavior of SoupCookieJarSqlite to + improve performance. + + bgo#59495 - Fixed a crash in SoupSocket that affected gupnp + + bgo#594508 - Fixed the type of the SOUP_METHOD_* and + SOUP_URI_SCHEME_* macros to be const char * rather than + gpointer. + +------------------------------------------------------------------- +Wed Sep 9 03:31:34 CEST 2009 - vuntz@opensuse.org + +- Update to version 2.27.92: + + Removed SoupPasswordManager from the public API until its + problems can be addressed. Although it is still present, you + need to #define a special symbol for it to be visible in the + header files; see bgo#594377 for details. + + Fixed a bug where empty query components were dropped from + URIs. [bgo#594405] + + Fixed "make check" to work (but warn) when building with + --disable-ssl. + + Fixed some small documentation bugs. + +------------------------------------------------------------------- +Tue Aug 25 13:27:27 CEST 2009 - vuntz@novell.com + +- Update to version 2.27.91: + + Added SoupPasswordManager, an interface for managing persistent + password storage, and SoupPasswordManagerGNOME (in + libsoup-gnome), which implements it using gnome-keyring. + + libsoup should now notice when the server closes a persistent + connection, and close its side of the connection sooner. This + should hopefully fix the spurious "Connection terminated + unexpectedly" errors in WebKitGTK. [bgo#578990] + + Fixed some problems with connection management in SoupSession + that could cause a session to eventually "stall" and be unable + to process new requests. [bgo#592084] + + Fixed an infinite loop that caused 100% CPU usage if the + network went down at exactly the right time while there were + unsent messages in the queue. [bgo#592492] + + Fixed a crash in SoupLogger. [bgo#591857] + + Fixed the definition of soup_message_is_keepalive() for + HTTP/1.0 messages, to fix a problem introduced in 2.27.90 where + some messages would load completely but never emit "finished". + + Fixed a crash in SoupServer introduced in 2.27.90 when + processing a request with no "Host" header. +- Add gnome-keyring-devel BuildRequires. + +------------------------------------------------------------------- +Tue Aug 11 06:18:53 CEST 2009 - captain.magnus@opensuse.org + +- Update to version 2.27.90: + + libsoup now uses glib's GResolver rather than its own DNS code. + For 2.27.90, the only visible change should be that + internationalized domain names are now supported. [bgo#548287] + + Added soup_message_disable_feature(), which allows you to + disable particular features (eg, cookies, proxy, + content-sniffing, etc) on a per-message basis. [bgo#574773] + + It is now possible to implement "OPTIONS *" in a SoupServer; + you must explicitly register a handler for "*" in order to do + this. [bgo#590751] + + Ignore Content-Length on EOF-terminated responses, to match + other browsers and therefore cope with broken servers that send + the wrong length. + + Fixed the status code when trying to fetch an https URI with a + non-gnutls build of libsoup. [bgo#590464] + + Fixed strict-aliasing warnings introduced in 2.27.4 + [bgo#588771] + + Fixed some warnings noted by fortify [bgo#591226] and -Wextra + + libsoup now uses automake 1.11's silent-rules support by + default (if you are building with automake 1.11). Use + "./configure --disable-silent-rules" or "make V=1" to disable + +------------------------------------------------------------------- +Tue Jul 28 17:12:52 CEST 2009 - lmedinas@gmail.com + +- Update to version 2.27.5: + + Fixed a crash when a web server redirected a request to a + non-http URI (eg, "about:blank"). [bgo#528882] + + Fixed a hang when trying to create an attachment on certain + bugzilla installations from epiphany. [bgo#584645] + + Fixed verification of V1 TLS certificates [bgo#589323] + + Fixed compile problems on Windows (in the ssl code), and on + Linux (when the most recent version of gtk-doc was installed). + +------------------------------------------------------------------- +Mon Jul 20 00:53:04 CEST 2009 - vuntz@novell.com + +- Update to version 2.27.4: + + Added SoupContentSniffer and the "content-sniffed" signal on + SoupMessage, to do Content-Type sniffing per the HTML5 / + draft-abarth-mime-sniff algorithm. [bgo#572589] + + Updated the earlier SoupSession timeout fixes ([bgo#574414], + [bgo#578928]) so that async connect() also times out + [bgo#588177] and SSL works on Windows again [bgo#587910]. + + Fixed the behavior on a 301 response to a POST to match + real-world usage rather than what the spec says. (We were doing + the right thing on 302 and 303, but had missed 301.) + [bgo#586692] + + Changed configure so that if GNUTLS isn't found then it errors + out, rather than silently building an SSL-less libsoup. + Configure with --disable-ssl if you actually don't want SSL. + [bgo#584955] + +------------------------------------------------------------------- +Tue Jun 16 18:23:38 CEST 2009 - vuntz@novell.com + +- Update to version 2.27.2: + + Replaced SoupProxyResolver with SoupProxyURIResolver, which is + a bit simpler, works with non-HTTP URIs (and so could be used + by gvfsd-ftp) and supports proxy auth correctly. [bgo#580051] + + Fixed SoupSession to not try to resolve http server hostnames + when it's just going to pass the hostname off to a proxy server + anyway. This fixes things on hosts that use a proxy for + everything and have no working DNS config [bgo#577532] and also + makes WebKitGTK behave more like other browsers in terms of + per-host connection limits (we now limit connections based on + hostname rather than on IP address). + + We also no longer set the AI_CANONNAME flag when calling + getaddrinfo(), which saves us a little bit of unnecessary + network traffic. + + libsoup now always uses SSL 3.0 (not TLS 1.0 or 1.1) for https + URIs, to work around problems with older servers that don't + implement the (apparently quite confusing) TLS/SSL + compatibility rules correctly. Makes a bunch of + previously-inaccessible sites now accessible in WebKitGTK + (notably PayPal) [bgo#581342]. Will eventually be revisited, to + first try TLS 1.1 and fall back if that fails. + + Fixed Digest auth to (recent) Apple CalDAV servers. + [bgo#583091] + + Changed the way the SoupSession "authenticate" signal works a + bit. We now never emit "authenticate" before sending a request, + even if we know for sure that it's going to fail, because this + makes the semantics of the authenticate handler too complicated + (and because we'll only get into this situation if a previous + call to the authenticate handler failed anyway). Fixes problems + in WebKitGTK when you cancel a password dialog, and then later + try to load the page again. [bgo#583462] + + Fixed a bug in the CRLF-vs-LF patch (bgo#571283) that caused + libsoup to fail to parse the response headers (returning + SOUP_STATUS_MALFORMED) if a CR LF got split across two read()s. + [bgo#582002] + + Allow using PUT in soup_form_request_for_data(), to work with + certain broken web APIs. [bgo#581860]. Also, fixed a problem + with empty POST bodies that made some parts of gmail not work + in WebKitGTK. + + Applied some minor bugfixes to configure.in and autogen.sh + [bgo#583911, bgo#583942]. Fixed configure.in to not use gcc + warning options that the installed version of gcc doesn't + recognize [bgo#578851]. + + Added G_GNUC_NULL_TERMINATED and G_GNUC_PRINTF to a few methods + that should have had them. [bgo#581754] + +------------------------------------------------------------------- +Tue May 5 16:53:34 CEST 2009 - vuntz@novell.com + +- Update to version 2.27.1: + + SOUP_SESSION_TIMEOUT now works properly with SoupSessionAsync + [bgo#574414] and SSL [bgo#578928]. Added tests/timeout-test to + test this. + + SoupDate fixes: + - soup_date_to_string() now handles SOUP_DATE_RFC2822 + [bgo#579055] + - soup_date_new_from_string() now accepts 24:00 as a time in + ISO8601 timestamps + - soup_date_to_string() now coerces the date to UTC for HTTP + and cookie dates, and outputs the UTC correct offset for the + other date types. + - Added regression tests to tests/date + + soup_headers_parse() now completely ignores + syntactically-incorrect headers, rather than passing them to + soup_message_headers_append() and causing a g_warning. + soup_message_headers_append() now also rejects 0-length header + names. Updated tests/header-parsing to check this. [bgo#579318] + + Fix a crash when cancelling a message from a "restarted" + handler, and updated a regression test to notice the underlying + cause. [bgo#380193] + + Completing the API updates for bgo#576760 from 2.26.1, + soup_message_headers_get() is now marked deprecated in favor of + soup_message_headers_get_one() and _get_list(). +- Do not package ChangeLog file: it's not distributed anymore. + +------------------------------------------------------------------- +Tue Apr 14 14:55:43 CEST 2009 - vuntz@novell.com + +- Update to version 2.26.1: + + Fix SoupProxyResolverGNOME bugs [bgo#578746, bgo#578809] + + Fixed warnings when a message has a network problem when many + other messages are queued. [bgo#578809] + +------------------------------------------------------------------- +Thu Apr 9 16:28:48 CEST 2009 - vuntz@novell.com + +- Update to version 2.26.0.9: + + libsoup uses libproxy for PAC and WPAD proxy resolution again. + However, it arranges to do all communication with GConf itself, + to ensure that libproxy doesn't call it in non-thread-safe + ways. [bgo#571527] + + Fixed a bug in SoupSessionSync when proxy resolution failed. + [bgo#574957] + + SoupURI now handles unencoded spaces in URIs. In particular, + redirects via Location headers with spaces in them now work. + [bgo#566530] + + libsoup can now deal with servers (and clients) that + erroneously use LF LF instead of CR LF CR LF to separate the + headers and body. [bgo#571283] + + Added soup_message_headers_get_one() and + soup_message_headers_get_list(), which will eventually + deprecate soup_message_headers_get(). This lets applications + deal correctly with implementations that erroneously send + multiple copies of single-valued headers. [bgo#576760] + + In particular, soup_message_headers_get_content_type() now + ignores duplicate Content-Type headers [bgo#576760] and also + ignores syntactically-incorrect Content-Type headers. + [bgo#577630] + + SoupCookieJar can now store multiple cookies with the same + domain and name, but different paths. [bgo#577360] + + Abnormal SSL connection closes are now treated as ordinary + EOFs, for compatibility with certain sites. [bgo#577386] + + soup_header_g_string_append_param() now allows NULL values. + [bgo#577728] + + soup_message_headers_append() now rejects header names and + values with newlines or certain other illegal data in them, + rather than generating syntactically invalid headers. + + Fixed a small bug in soup_date_new_from_string's ISO 8601 + handling [bgo578369 for g_time_val_from_iso8601]. + + The regression tests now work correctly on machines where + "localhost" resolves to "::1" instead of "127.0.0.1". + [bgo#576583] + + Miscellaneous documentation fixes/clarifications. + +------------------------------------------------------------------- +Mon Mar 16 22:57:58 CET 2009 - vuntz@novell.com + +- Update to version 2.26.0: + + Temporarily disable libproxy support to work around a bug in + its gnome plugin that causes gvfsd-http (and probably + eventually other apps) to crash. (bgo#571527) + + Fixed a bug that showed up in WebKit, where if many messages + were queued all at once to a server that doesn't support + persistent connections, some of the requests will get lost. + (bgo#574365) + + Fixed SoupServer to support using SOUP_ENCODING_EOF, so you can + stream responses of unknown length to HTTP/1.0 clients. + (bgo#572153) + + Fixed several bugs that prevented SoupCookieJarSqlite from + working. (bgo#572409) + + Added G_{BEGIN,END}_DECLS guards to public headers that were + missing it. + + Misc gtk-doc improvements. +- Remove AutoReqProv: it's default now. +- Remove -fno-strict-aliasing from CFLAGS. +- Do not create an empty libsoup package. Have libsoup2_4-1 + provide/obsolete it. +- Merge the doc with the devel package since it only contained + gtk-doc. +- Add gconf2-devel BuildRequires since it's needed again (see first + item in upstream changes). + +------------------------------------------------------------------- +Tue Feb 17 04:42:44 CET 2009 - mboman@suse.de + +- Update to version 2.25.91: + + Fixed a crash in SoupProxyResolverGNOME when the proxy + requires authentication. (This does not make proxy + authentication *work* yet, it just makes it not crash.) + + Updated documentation + +------------------------------------------------------------------- +Thu Feb 5 12:38:59 CET 2009 - vuntz@novell.com + +- Update to version 2.25.5: + + SoupProxyResolverGConf (which was incomplete) is gone, and + libsoup-gnome now requires libproxy. + + Fixed a bug in SoupCookieJar that was making it send "Cookie: + (null)" when it had no cookies for a site, which confused some + web servers. + + Fixed a bug with using SOUP_MEMORY_TEMPORARY buffers and + soup_message_body_set_accumulate(FALSE). + + Fixed the build with non-gcc compilers +- BuildRequires libproxy-devel. +- Remove gconf2-devel BuildRequires. + +------------------------------------------------------------------- +Wed Jan 7 12:34:56 CET 2009 - olh@suse.de + +- obsolete old -XXbit packages (bnc#437293) + +------------------------------------------------------------------- +Tue Jan 6 09:49:05 EST 2009 - mboman@suse.de + +- Update to version 2.25.4: + + Added soup_session_get_feature() and + soup_session_get_features(), to query the features currently + available in a session + +------------------------------------------------------------------- +Tue Dec 23 07:41:43 EST 2008 - mboman@suse.de + +- Update to version 2.25.3: + + Fixed a crash when using both cookies and a proxy. [bgo#562191] + + Fixed soup_form_decode() to correctly handle forms with + URI-encoded parameter names [bgo#563302] + + Fixed a crash in SoupProxyResolverGConf. [bgo#563145] + + Fixed client behavior when presented with multiple auth + types to choose the *strongest* auth type (eg, Digest) + rather than the *weakest* one [bgo#562339] + Added a regression test for this. + + Moved libsoup-gnome headers to a different directory to make + it easier to split libsoup and libsoup-gnome into separate + packages, and to ensure that things that only want to be + looking at plain libsoup headers (like gir-repository) don't + accidentally see the libsoup-gnome ones. + + Some minor doc fixes + + Fixed libsoup-gnome linking with --as-needed. [bgo#559342] + + New library libsoup-gnome + + SoupCookieJarText, like SoupCookieJarSqlite, but using the + old-style cookies.txt format, and in the base libsoup rather + than libsoup-gnome. + + Various bugfixes to SoupCookie and SoupCookieJar to fix the + problems with cookies not working on certain sites. + + The new SoupMultipart type provides support for multipart + MIME bodies, and soup-form now includes several methods for + generating and parsing multipart form data and file uploads. + + SoupMessageHeaders now has methods for easy handling of the + Content-Type, Content-Disposition, Range, and Content-Range + headers. The Content-Disposition handling recognizes + RFC2231-encoded UTF-8 filenames. + + SoupServer now automatically handles partial GET requests; + if your server returns SOUP_STATUS_OK in response to a + partial GET, libsoup will automatically convert it to a + SOUP_STATUS_PARTIAL_CONTENT response with only the requested + portions. +- Drop libsoup-334021-client-ssl-certs.patch: it required a gnutls + patch (gnutls-1.4.4-sign-callback.patch) that was dropped in + August 2007. + +------------------------------------------------------------------- +Tue Oct 21 19:28:57 EST 2008 - mboman@suse.de + +- Update to version 2.24.1: + + Bugs fixed: bgo#533473, bgo##536285, bgo#498509, bgo#553976, bgo#557072 + + Updated generated documentation + +------------------------------------------------------------------- +Fri Oct 3 15:28:27 WST 2008 - mboman@suse.de + +- Update to version 2.24.0.1: + + Reverted part of the fix for bgo#528882, which caused the DAAP + plugin in rhythmbox to crash. [bgo#553466] + +------------------------------------------------------------------- +Tue Sep 23 08:55:50 EST 2008 - mboman@suse.de + +- Update to version 2.24.0: + + Cosmetic version bump + +------------------------------------------------------------------- +Fri Sep 12 00:51:39 CDT 2008 - maw@suse.de + +- Update to version 2.23.92: + + Fixed the handling of a 302 response to a HEAD request, which + should NOT be treated like a 303 response (bgo#551190). + +------------------------------------------------------------------- +Tue Sep 02 09:28:21 CDT 2008 - mboman@novell.com + +- Update to version 2.23.91: + + Fixed a crash in gvfs [bgo#528882] + + Added soup_date_to_timeval() for gvfs. [bgo#549006] + +------------------------------------------------------------------- +Wed Aug 6 09:28:21 CDT 2008 - maw@suse.de + +- Update to version 2.23.6: + + Fixed use of g_idle_add() so that heavy I/O won't end up + blocking libsoup callbacks (bgo#536676) + + Allow the caller to override the Host header (bgo#539803) + + Properly handle responses larger than 4G (bgo#539861) + + Fixed the build when using certain LDFLAGS (bgo#541506) + + Fixed a small bug in Digest auth handling (bgo#544681). + +------------------------------------------------------------------- +Mon Jun 16 20:44:40 CEST 2008 - maw@suse.de + +- Update to version 2.23.1: + + This is the first unstable release leading up to GNOME 2.24; + the large version number bump is so that libsoup's version + matches that of GNOME at large, but note that the API version + is still "2.4", meaning that it is still referred to as + "libsoup-2.4" when using pkg-config + + Added SoupSessionFeature, an interface type that will be + used for several new features. Ported SoupLogger and + SoupAuthManager to use it + + Added SoupCookie and SoupCookieJar; this API is already being + used in Epiphany, via WebKit, but it is not yet complete. + +------------------------------------------------------------------- +Tue Apr 29 17:47:13 CEST 2008 - cthiel@suse.de + +- obsolete libsoup- via baselibs.conf + +------------------------------------------------------------------- +Mon Apr 21 20:03:51 CEST 2008 - maw@suse.de + +- Drop libsoup-2.2.100-r924.patch, because it is now upstream +- Respin libsoup-334021.patch, and rename it to + libsoup-334021-client-ssl-certs.patch. + +------------------------------------------------------------------- +Thu Apr 10 12:54:45 CEST 2008 - ro@suse.de + +- added baselibs.conf file to build xxbit packages + for multilib support + +------------------------------------------------------------------- +Thu Apr 10 01:13:31 CEST 2008 - maw@suse.de + +- Update to version 2.4.1: + + Fixed SoupMessage to not downgrade to HTTP/1.0 for the second + attempt when it receives an HTTP/1.0 redirect or 401 + (bgo#521848) + + Fixed Host: header syntax when the host is an IPv6 address + literal + + Fixed SoupSession to not emit "authenticate" multiple times + for messages that have been requeued (bgo#522601); also added + two new signals to SoupSession, request-queued and + request-unqueued, to help simplify certain session-helpers and + avoid bugs like this in the future + + Fixed soup_server_pause_message() to actually work (rather + than *un*pausing the message) + + Added a property SOUP_SESSION_IDLE_TIMEOUT that can be used + to set a timeout after which idle connections will + automatically be closed (bgo#518214) + + Implemented RFC 2069-style Digest auth, and fixed SoupAuth + to compare auth scheme names case-insensitively, to fix + authentication against Apple's calendar server (bgo#498484) + + Fixed a crash in SoupAuthDomainDigest if the client provided + an unrecognized username + + Fixed a few SoupDate bugs (in particular, it was outputting + the wrong day of the week when stringifying dates) + + Improved the cleanup of idle connections, to fix slow load + times with the libsoup backend of WebKit + + Added a new SoupMessage signal "wrote-body-data" that can be + used for progress information when sending a large request + body; also allow providing the request body in multiple + chunks even when using Content-Length encoding (bgo#525101) + + libsoup now ignores SIGPIPE globally, instead of + un-thread-safe-ly ignoring it only around network writes; in + particular, this means it is ignored when the SSL code needs + to unexpectedly do a write when we asked it to do a read + (bgo#524397) + + The discard-body-chunks-once-they're-no-longer-needed + behavior, confusingly called SOUP_MESSAGE_OVERWRITE_CHUNKS, + is now controlled by a SoupMessageBody method + (soup_message_body_set_accumulate()), and can be applied to + either the request body or the response body; + (OVERWRITE_CHUNKS is still available for backward compatibility) + (bgo#522146) + + The DNS cache no longer caches "no such host" results, since + some name servers lie to clients outside their firewall, + which could then cause problems for laptops moved between + networks (bgo#523269) + * Added some new regression tests, fixed some small bugs in + the existing ones. + +------------------------------------------------------------------- +Fri Mar 14 03:52:18 CET 2008 - maw@suse.de + +- Update to version 2.4.0: + + Fixed a small memory leak in SoupSession (bgo#518798) + + Minor fixes to redirect behavior; PROPFINDs can now be + automatically redirected and 302 is treated like 307, not + 303; also fixed to make sure that redirect-test actually gets + run by "make check" + + The SoupSocket I/O methods now set nread/nwrote even on + error. + +------------------------------------------------------------------- +Mon Mar 3 19:05:24 CET 2008 - maw@suse.de + +- Update to version 2.3.4: + + Documentation is once again available from devhelp (bgo#518384 + and bgo#518317) + + Tidied up libsoup-2.4.pc file (bgo#517631) +- The shared library subpackage is now called libsoup-2_4-1. + +------------------------------------------------------------------- +Mon Feb 18 22:22:18 CET 2008 - maw@suse.de + +- Update to version 2.3.2: + + API changes / Behavior changes: + * soup_server_add_auth_domain() now refs the auth domain when + adding it. (soup_server_remove_auth_domain() already + unreffed it.) This means existing applications using + SoupAuthDomain will now have a small memory leak. Those + applications should update their libsoup-2.4 requirement to + ">= 2.3.2" at some point before the final GNOME 2.22.0 + release, and then fix the code to unref the auth domain + after adding it to the server. + * SoupSession's automatic redirect-handling behavior now obeys + RFC 2616 more closely. In particular, status codes 300 and + 304 are no longer mistakenly considered redirects; POSTs + that receive 303 are now redirected into GETs; and POSTs + that receive 301, 302, or 307 are now not redirected. + + Applications that were using the SOUP_MESSAGE_NO_REDIRECT + flag to prevent libsoup from redirecting POSTs incorrectly + before should now be able to remove that if they depend on + libsoup-2.4 >= 2.3.2. + + + API additions: + * Added a SOUP_SESSION_USER_AGENT property to SoupSession, and + SOUP_SERVER_SERVER_HEADER to SoupServer, to support + automatically adding "User-Agent" and "Server" headers to + messages. (The default behavior is to do nothing, as + before.) + * Added several new methods to soup-forms.h. Applications that + are encoding a fixed set of form fields can now just pass + them to soup_form_encode(), rather than needing to construct + a GHashTable or GData list. (Likewise, the new + soup_uri_set_query_from_fields() behaves similarly for + directly updating a URI with form data.) There are also now + soup_form_request_new() and other related methods, to + directly create a GET or POST SoupMessage for submitting a + form query. + + The original soup_form_* methods have all been renamed, + although bgo#defines exist for backward compatibility. + + * Added soup_message_set_chunk_allocator() and + soup_buffer_new_with_owner(), to give applications more + control over memory usage/copying when doing streaming HTTP. + [Wouter Cloetens, bgo#513810]. + + * Added several new methods to soup-value-utils.h for working + with multiple array or hash table values at once: + soup_value_hash_new_with_vals(), + soup_value_hash_insert_vals(), + soup_value_hash_lookup_vals(), + soup_value_array_new_with_vals(), and + soup_value_array_append_vals(). + + This helps to simplify XML-RPC calls that send or receive + structs or arrays. + + * Added soup_date_to_time_t(). + + * Added SoupMessageHeadersIterator, an iterator type for + SoupMessageHeaders that can be used instead of + soup_message_headers_foreach(). + + + Bug fixes: + + * Fixed a crash-when-idle in evolution-exchange [bgo#437835] and + rhythmbox [bgo#506552]. + + * Added the API version to the gtk-doc installation dir, to + prevent parallel-installation problems with libsoup 2.2 and + 2.4. [bgo#512810, Daniel Gryniewicz]. + + * Fixed tests/query-test to compile correctly on Solaris. + [bgo#513602, patch from Jeff Cai] + + * Fixed some other minor HTTP conformance issues. + +------------------------------------------------------------------- +Thu Jan 31 19:32:20 CET 2008 - maw@suse.de + +- Split out a shared library subpackage +- Build with -fno-strict-aliasing +- s#%run_ldconfig#/sbin/ldconfig# +- Remove libtool archives and static libraries. + +------------------------------------------------------------------- +Tue Jan 29 16:36:57 CET 2008 - rodrigo@suse.de + +- Update to version 2.3.0.1: + * SoupURI now correctly handles URIs with complex encoded queries + * It is now possible for a SoupServer to use Digest auth without + needing to have the cleartext password available + * Digest authentication now properly handles "stale=true" and + "nextnonce=..." + * SoupServer is now subclassible + * soup_server_run_async and soup_server_quit no longer ref and + unref the server, as that doesn't match ordinary GObject + conventions + * The test programs no longer use a symbol name that conflicts + with Cygwin + * libsoup can now handle the not-quite-HTTP responses returned + by Shoutcast servers + * If you use libsoup while disconnected from the network, it + no longer caches the failed DNS results + * "Expect: 100-continue" processing now works correctly on + both client and server + * SoupSessions are no longer leaked + * The XML-RPC API is improved. The SOAP API is gone... + * Added utility functions for HTML form handling + * Improved message header handling + * SoupServer now automatically adds a "Date" header +- Disabled not working patches +- Fixed summaries + +------------------------------------------------------------------- +Mon Aug 6 19:55:21 CEST 2007 - jberkman@novell.com + +- export new smartcard functionality from gnutls for evo-exchange (gnome bug + #334021) + +------------------------------------------------------------------- +Mon Feb 19 14:47:15 CST 2007 - maw@suse.de + +- Update to version 2.2.100 +- Remove header-parsing.patch which is now upstream. + +------------------------------------------------------------------- +Tue Feb 13 11:50:51 CET 2007 - sbrabec@suse.cz + +- Do not build unusable static libraries (#238552#c17). + +------------------------------------------------------------------- +Tue Jan 16 23:53:14 CET 2007 - maw@suse.de + +- Add header-parsing.patch (#235084 and CVE-2006-5876). + +------------------------------------------------------------------- +Mon Jan 8 10:43:24 CET 2007 - sbrabec@suse.cz + +- Spec file cleanup. + +------------------------------------------------------------------- +Fri Dec 8 12:32:11 CST 2006 - maw@suse.de + +- Move to /usr. + +------------------------------------------------------------------- +Tue Nov 7 20:11:39 CET 2006 - cstender@suse.de + +- removed 'rm -rf $RPM_BUILD_ROOT' from build section +- added ldconfig call + +------------------------------------------------------------------- +Tue Aug 15 23:01:32 CEST 2006 - jhargadon@suse.de + +- update to version 2.2.96 +- SoupServer now works even if you don't explicitly set an + encoding for the response. +- WWW-Authenticate and Proxy-Authenticate responses with no + realm parameter are now ignored +- Fixed a bug in soup_mktime_utc() + +------------------------------------------------------------------- +Wed Jul 5 18:30:02 CEST 2006 - dgollub@suse.de + +- update to 2.2.94: + * Various fixes to the XML-RPC code (which apparently had not + actually ever worked before) from Brent Smith. [343973, + 344222, 344458] + + * Added client and server API tutorials to the docs + + * auth-test now uses a local Apache 2.2 install, if possible, + rather than depending on files that used to be on an old + Ximian web server but haven't been anywhere for a long time. + [311825] + +- changes from 2.2.92 to 2.2.93 + * Fixed outgoing data corruption caused when SoupServer + started writing out a response a second time after already + having started once. [334469]. Also fixed 342640 and another + bug caused by the workaround for 334469 in 2.2.92. Based on + patches and analysis from William Jon McCann and Armin + Bauer. + + * Fixed a deadlock when changing a session's proxy URI. + [309867 / bnc 174255, based on a patch by Veerapuram + Varadhan]. + + * Fixed https-via-proxies in the synchronous case. [bnc 174255] + + * Fixed a crash in evolution-exchange [342545, fix based on an + analysis by Wang Xin]. + + * Fixed simple-proxy to not crash at startup. Oops. (Alex + Larsson) + +- changes from 2.2.91 to 2.2.92 + * Fixed server-side digest auth to return a valid "algorithm" + value and client-side to not crash if it sees an invalid one + [328615]. + + * Fixed the Request-Line parsing code to not hardcode a + maximum URI length (to allow very long DAAP requests from + iTunes in Rhythmbox). [335040] + +- changes from 2.2.90 to 2.2.91 + * SoupSession, SoupServer, SoupConnection, SoupSocket, and + SoupAddress now have an "async-context" property that allows + you to use the async API in a non-default GMainContext. + [Based on patches from Armin Bauer and Jörg Billeter.] + + * Fixed some bugs in soup_date_iso8601_parse(). [324671, from + Emmanuele Bassi] + +------------------------------------------------------------------ +Mon Feb 27 15:32:51 CET 2006 - danw@suse.de + +- Add a patch from CVS for use by evolution + (make connection timeout configurable) + +------------------------------------------------------------------- +Tue Feb 21 19:44:14 CET 2006 - sbrabec@suse.cz + +- Do not require exact release in devel file. + +------------------------------------------------------------------- +Wed Jan 25 21:32:26 CET 2006 - mls@suse.de + +- converted neededforbuild to BuildRequires + +------------------------------------------------------------------- +Thu Nov 17 18:43:15 CET 2005 - danw@suse.de + +- update to 2.2.90, which includes the opensync patches + +------------------------------------------------------------------- +Wed Nov 2 21:58:25 CET 2005 - dmueller@suse.de + +- don't build as root + +------------------------------------------------------------------- +Mon Aug 22 19:22:19 CEST 2005 - jpr@suse.de + +- Update to released 2.2.6.1 which includes the cvs patches we were already + folding in plus the second part of the fix for 104319 + +------------------------------------------------------------------- +Thu Aug 18 20:51:39 CEST 2005 - ro@suse.de + +- update to cvs version folding in other patches + +------------------------------------------------------------------- +Thu Aug 18 10:08:36 CEST 2005 - ro@suse.de + +- added libsoup-2.2.3-danw-tambet-threading.patch + +------------------------------------------------------------------- +Mon Aug 15 11:40:25 CEST 2005 - ro@suse.de + +- fixed memory leak (port of patch from #95454) + +------------------------------------------------------------------- +Fri Aug 12 15:44:45 CEST 2005 - ro@suse.de + +- updated and re-enabled patches... + +------------------------------------------------------------------- +Fri Aug 12 15:09:24 CEST 2005 - jpr@suse.de + +- Add lzo and lzo-devel to neededforbuild to get ssl support back (104319) + +------------------------------------------------------------------- +Fri Aug 12 00:24:52 CEST 2005 - gekker@suse.de + +- Update to version 2.2.5 + +------------------------------------------------------------------- +Wed Jun 29 01:45:10 CEST 2005 - gekker@suse.de + +- Update to version 2.2.3 + +------------------------------------------------------------------- +Tue Jun 28 23:17:05 CEST 2005 - gekker@suse.de + +- Add patch for close exec (62176). + +------------------------------------------------------------------- +Thu Mar 10 11:27:33 CET 2005 - hvogel@suse.de + +- More gnutls patching. Fixed CPU sucking bug #57811 (ximian) + +------------------------------------------------------------------- +Sat Feb 5 19:52:27 CET 2005 - gekker@suse.de + +- Update to version 2.2.2 + +------------------------------------------------------------------- +Fri Jan 28 12:07:16 CET 2005 - meissner@suse.de + +- Added sentinels to spot bad valist handling, no-strict-aliasing + is not needed here. + +------------------------------------------------------------------- +Sat Jan 22 17:43:55 CET 2005 - ro@suse.de + +- GNUTLS_CERT_NOT_TRUSTED is no longer present in current gnutls + +------------------------------------------------------------------- +Mon Nov 29 19:24:07 CET 2004 - gekker@suse.de + +- Update to version 2.2.1 + +------------------------------------------------------------------- +Wed Oct 20 23:30:40 CEST 2004 - dobey@suse.de + +- Add patch for bugzilla.ximian.com bug #68583 + +------------------------------------------------------------------- +Fri Aug 27 17:28:39 CEST 2004 - dobey@suse.de + +- Update to version 2.2.0 + +------------------------------------------------------------------- +Fri Aug 13 21:14:01 CEST 2004 - dobey@suse.de + +- Update to version 2.1.13 +- Require glib2-devel for the libsoup-devel package + +------------------------------------------------------------------- +Thu Aug 5 19:58:49 CEST 2004 - dobey@suse.de + +- Add proper dependencies to the devel package + +------------------------------------------------------------------- +Thu Aug 5 17:50:00 CEST 2004 - dobey@suse.de + +- Fix support for SSL + +------------------------------------------------------------------- +Wed Jul 28 19:32:08 CEST 2004 - dobey@suse.de + +- Updated to version 2.1.12 + +------------------------------------------------------------------- +Fri Jun 4 03:52:32 CEST 2004 - mibarra@suse.de + +- Updated to version 2.1.11 + +------------------------------------------------------------------- +Sat May 22 03:52:08 CEST 2004 - mibarra@suse.de + +- Updated to version 2.1.10. + +------------------------------------------------------------------- +Tue May 18 02:53:07 CEST 2004 - clahey@suse.de + +- Updated to version 2.1.9. + +------------------------------------------------------------------- +Mon Mar 22 13:46:09 CET 2004 - hhetter@suse.de + +- updated to version 1.99.28 + +------------------------------------------------------------------- +Tue Mar 16 09:44:15 CET 2004 - meissner@suse.de + +- -fno-strict-aliasing. + +------------------------------------------------------------------- +Fri Aug 08 11:27:22 CEST 2003 - sbrabec@suse.cz + +- Updated to version 1.99.23. + +------------------------------------------------------------------- +Tue Aug 05 18:18:46 CEST 2003 - sbrabec@suse.cz + +- Package renamed to libsoup. + +------------------------------------------------------------------- +Mon Jul 14 14:48:27 CEST 2003 - sbrabec@suse.cz + +- GNOME prefix change to /opt/gnome. + +------------------------------------------------------------------- +Thu May 22 14:52:58 CEST 2003 - sbrabec@suse.cz + +- Initial SuSE version of GNOME2 port. + diff --git a/libsoup2.spec b/libsoup2.spec new file mode 100644 index 0000000..59aeda5 --- /dev/null +++ b/libsoup2.spec @@ -0,0 +1,184 @@ +# +# spec file for package libsoup2 +# +# Copyright (c) 2024 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +Name: libsoup2 +%define _name libsoup +Version: 2.74.3 +Release: 0 +Summary: HTTP client/server library for GNOME +License: LGPL-2.1-or-later +Group: Development/Libraries/GNOME +URL: https://wiki.gnome.org/Projects/libsoup +Source0: https://download.gnome.org/sources/libsoup/2.74/%{_name}-%{version}.tar.xz +Source99: baselibs.conf +# PATCH-FIX-OPENSUSE disable tls_interaction-test https://gitlab.gnome.org/GNOME/libsoup/issues/120 +Patch1: libsoup-skip-tls_interaction-test.patch +# PATCH-FIX-UPSTREAM libsoup2-extend-test-cert.patch boo#1102840 -- Fix tests after 2027 +Patch2: libsoup2-extend-test-cert.patch +# PATCH-FIX-UPSTREAM 4d12c3e5.patch -- lib: Add g_task_set_source_tag() everywhere +Patch3: https://gitlab.gnome.org/GNOME/libsoup/-/commit/4d12c3e5.patch +# PATCH-FIX-UPSTREAM 48b3b611.patch -- lib: Add names to various GSources +Patch4: https://gitlab.gnome.org/GNOME/libsoup/-/commit/48b3b611.patch +# PATCH-FIX-UPSTREAM ced3c5d8.patch -- Fix build with libxml2-2.12.0 and clang-17 +Patch5: https://gitlab.gnome.org/GNOME/libsoup/-/commit/ced3c5d8.patch +# PATCH-FIX-UPSTREAM 04df03bc.patch boo#1233285 mgorse@suse.com -- strictly don't allow NUL bytes in headers. +Patch6: https://gitlab.gnome.org/GNOME/libsoup/-/commit/04df03bc.patch +# PATCH-FIX-UPSTREAM libsoup-CVE-2024-52532.patch boo#1233287 mgorse@suse.com -- process the frame as soon as we read data. +Patch7: libsoup-CVE-2024-52532.patch +# PATCH-FIX-UPSTREAM 29b96fab.patch boo#1233287 mgorse@suse.com -- websocket-test: disconnect error copy after the test ends. +Patch8: https://gitlab.gnome.org/GNOME/libsoup/-/commit/29b96fab.patch +# PATCH-FIX-UPSTREAM a35222dd.patch boo#1233292 mgorse@suse.com -- be more robust against invalid input when parsing params. +Patch9: https://gitlab.gnome.org/GNOME/libsoup/-/commit/a35222dd.patch +# PATCH-FIX-UPSTREAM 4c9e75c6.patch boo#1233287 mgorse@suse.com -- fix an intermittent test failure. +Patch10: https://gitlab.gnome.org/GNOME/libsoup/-/commit/4c9e75c6.patch + +BuildRequires: glib-networking +BuildRequires: meson >= 0.50 +BuildRequires: pkgconfig +BuildRequires: pkgconfig(gio-2.0) >= 2.58.0 +BuildRequires: pkgconfig(glib-2.0) >= 2.58.0 +BuildRequires: pkgconfig(gobject-2.0) >= 2.58.0 +BuildRequires: pkgconfig(gobject-introspection-1.0) >= 0.9.5 +BuildRequires: pkgconfig(gtk-doc) >= 1.20 +BuildRequires: pkgconfig(krb5) +BuildRequires: pkgconfig(libbrotlidec) +BuildRequires: pkgconfig(libpsl) >= 0.20 +BuildRequires: pkgconfig(libxml-2.0) +BuildRequires: pkgconfig(sqlite3) +BuildRequires: pkgconfig(vapigen) +# We do not need these dependencies needed only for tests. +#BuildRequires: apache2-mod_php5 php5-xmlrpc + +%description +Libsoup is an HTTP client/server library for GNOME. It uses GObjects +and the glib main loop, to integrate well with GNOME applications. + +Features: + * Both asynchronous (GMainLoop and callback-based) and synchronous APIs + * Automatically caches connections + * SSL Support using GnuTLS + * Proxy support, including authentication and SSL tunneling + * Client support for Digest, NTLM, and Basic authentication + * Server support for Digest and Basic authentication + * XML-RPC support + +%package -n %{_name}-2_4-1 +Summary: HTTP client/server library for GNOME +Group: Development/Libraries/GNOME +Requires: glib-networking >= 2.27.90 +# For NTLM single sign on +Suggests: samba-winbind +# Needed to make the lang package installable +Provides: %{name} = %{version} + +%description -n %{_name}-2_4-1 +Libsoup is an HTTP client/server library for GNOME. It uses GObjects +and the glib main loop, to integrate well with GNOME applications. + +Features: + * Both asynchronous (GMainLoop and callback-based) and synchronous APIs + * Automatically caches connections + * SSL Support using GnuTLS + * Proxy support, including authentication and SSL tunneling + * Client support for Digest, NTLM, and Basic authentication + * Server support for Digest and Basic authentication + * XML-RPC support + +%package -n typelib-1_0-Soup-2_4 +Summary: HTTP client/server library for GNOME -- Introspection bindings +Group: System/Libraries + +%description -n typelib-1_0-Soup-2_4 +Libsoup is an HTTP client/server library for GNOME. It uses GObjects +and the glib main loop, to integrate well with GNOME applications. + +This package provides the GObject Introspection bindings for libsoup. + +%package devel +Summary: HTTP client/server library for GNOME - Development Files +Group: Development/Libraries/GNOME +Requires: libsoup-2_4-1 = %{version} +Requires: typelib-1_0-Soup-2_4 = %{version} +Provides: %{_name}-doc = %{version} +Obsoletes: %{_name}-doc < %{version} + +%description devel +Libsoup is an HTTP client/server library for GNOME. It uses GObjects +and the glib main loop, to integrate well with GNOME applications. + +Features: + * Both asynchronous (GMainLoop and callback-based) and synchronous APIs + * Automatically caches connections + * SSL Support using GnuTLS + * Proxy support, including authentication and SSL tunneling + * Client support for Digest, NTLM, and Basic authentication + * Server support for Digest and Basic authentication + * XML-RPC support + +%lang_package + +%prep +%autosetup -p1 -n %{_name}-%{version} + +%build +%meson \ + -Dgssapi=enabled \ + -Dkrb5_config="$(which krb5-config)" \ + -Dvapi=enabled \ + -Dgtk_doc=true \ + -Dntlm=disabled \ + -Dsysprof=disabled \ + %{nil} +%meson_build + +%check +# Run the regression tests using GnuTLS NORMAL priority +export G_TLS_GNUTLS_PRIORITY=NORMAL +%meson_test + +%install +%meson_install +%find_lang %{_name} %{?no_lang_C} + +%ldconfig_scriptlets -n %{_name}-2_4-1 + +%files -n %{_name}-2_4-1 +%license COPYING +%doc NEWS +%{_libdir}/*.so.* + +%files -n typelib-1_0-Soup-2_4 +%{_libdir}/girepository-1.0/Soup-2.4.typelib +%{_libdir}/girepository-1.0/SoupGNOME-2.4.typelib + +%files devel +%doc AUTHORS README +%{_includedir}/libsoup-2.4 +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc +%{_includedir}/libsoup-gnome-2.4 +%doc %{_datadir}/gtk-doc/html/libsoup-2.4 +%{_datadir}/gir-1.0/Soup-2.4.gir +%{_datadir}/gir-1.0/SoupGNOME-2.4.gir +%dir %{_datadir}/vala/vapi/ +%{_datadir}/vala/vapi/libsoup-2.4.vapi +%{_datadir}/vala/vapi/libsoup-2.4.deps + +%files lang -f %{_name}.lang + +%changelog