libcpr
Update Mongoose to Version 7
Description
With the latest releases of OpenSSL we get a few deprecation warnings, when compiling mongoose:
[build] /home/fabian/Documents/Repos/libcpr/cpr/build/_deps/mongoose-src/mongoose.c: In function ‘mg_use_cert’:
[build] /home/fabian/Documents/Repos/libcpr/cpr/build/_deps/mongoose-src/mongoose.c:4758:7: warning: ‘PEM_read_bio_DHparams’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
[build] 4758 | dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
[build] | ^~
[build] In file included from /usr/include/openssl/ssl.h:36,
[build] from /home/fabian/Documents/Repos/libcpr/cpr/build/_deps/mongoose-src/mongoose.c:4471:
[build] /usr/include/openssl/pem.h:469:1: note: declared here
[build] 469 | DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
[build] | ^~~~~~~~~~~~~~~~~~~
[build] /home/fabian/Documents/Repos/libcpr/cpr/build/_deps/mongoose-src/mongoose.c:4767:7: warning: ‘PEM_read_bio_DHparams’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
[build] 4767 | dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
[build] | ^~
[build] /usr/include/openssl/pem.h:469:1: note: declared here
[build] 469 | DECLARE_PEM_rw_attr(OSSL_DEPRECATEDIN_3_0, DHparams, DH)
[build] | ^~~~~~~~~~~~~~~~~~~
[build] /home/fabian/Documents/Repos/libcpr/cpr/build/_deps/mongoose-src/mongoose.c:4773:7: warning: ‘DH_free’ is deprecated: Since OpenSSL 3.0 [-Wdeprecated-declarations]
[build] 4773 | DH_free(dh);
[build] | ^~~~~~~
[build] In file included from /usr/include/openssl/dsa.h:51,
[build] from /usr/include/openssl/x509.h:37,
[build] from /usr/include/openssl/ssl.h:31:
[build] /usr/include/openssl/dh.h:200:28: note: declared here
[build] 200 | OSSL_DEPRECATEDIN_3_0 void DH_free(DH *dh);
[build] | ^~~~~~~
Expected Behavior
We should not use deprecated OpenSSL functions.
Possible Fix
A solution would be to update our mongoose implementation to e.g. version 7.7.
BUT this requires rewriting large parts of the http(s) test server. Also some functionality like simulating slow connections, like required here is not that easily possible any more since sending the header and payload not got merged into on call: mg_http_reply
Sure! I assigned you to the issue. If you want, I can push the branch I started working on this, so you have a rough starting point and don't start from zero.
BUT this requires rewriting large parts of the http(s) test server. Also some functionality like simulating slow connections, like required here is not that easily possible any more since sending the header and payload not got merged into on call:
mg_http_reply
A short remark on the part regarding simulating slow connections: I think that the test you are referring to never worked the way it should work. In the end of the method mg_send_header, mg_send is called. The implementation of mg_send is simply:
void mg_send(struct mg_connection *nc, const void *buf, int len) {
nc->last_io_time = (time_t) mg_time();
mbuf_append(&nc->send_mbuf, buf, len);
}
So, the message is buffered and only drained when the callback returns. I verified that by tracking the network communication of the method with wireshark:
As one can see, the header and the body are sent in the same TCP packet.
So, I am first going to make the tests work with mongoose 7.7 the way they worked before and then try to find out if there is a way for simulating slow connections at all.
Thanks for looking into this. I always was wondering if this test was even working at all. Now we have the confirmation. In my eyes we should still keep the test as it then just adds additional delay on the server side.