Commit 4dcfab71 authored by Alessandro Ghedini's avatar Alessandro Ghedini

Imported Upstream version 2.6

parent cce8a24d
Version 2.6
===========
Released 2014-02-11
* Security:
- CVE-2013-6401: The hash function used by the hashtable
implementation has been changed, and is automatically seeded with
random data when the first JSON object is created. This prevents
an attacker from causing large JSON objects with specially crafted
keys perform poorly.
* New features:
- `json_object_seed()`: Set the seed value of the hash function.
* Bug fixes:
- Include CMake specific files in the release tarball.
* Documentation:
- Fix tutorial source to send a User-Agent header, which is now
required by the GitHub API.
- Set all memory to zero in secure_free() example.
Version 2.5
===========
......
This diff is collapsed.
EXTRA_DIST = CHANGES LICENSE README.rst win32
EXTRA_DIST = CHANGES LICENSE README.rst win32 CMakeLists.txt cmake
SUBDIRS = doc src test
# "make distcheck" builds the dvi target, so use it to check that the
......
......@@ -273,7 +273,7 @@ target_alias = @target_alias@
top_build_prefix = @top_build_prefix@
top_builddir = @top_builddir@
top_srcdir = @top_srcdir@
EXTRA_DIST = CHANGES LICENSE README.rst win32
EXTRA_DIST = CHANGES LICENSE README.rst win32 CMakeLists.txt cmake
SUBDIRS = doc src test
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = jansson.pc
......
......@@ -1338,14 +1338,7 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
LD="${LD-ld} -m elf_i386_fbsd"
;;
x86_64-*linux*)
case `/usr/bin/file conftest.o` in
*x86-64*)
LD="${LD-ld} -m elf32_x86_64"
;;
*)
LD="${LD-ld} -m elf_i386"
;;
esac
LD="${LD-ld} -m elf_i386"
;;
ppc64-*linux*|powerpc64-*linux*)
LD="${LD-ld} -m elf32ppclinux"
......@@ -1709,8 +1702,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl
;;
*)
lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
if test -n "$lt_cv_sys_max_cmd_len" && \
test undefined != "$lt_cv_sys_max_cmd_len"; then
if test -n "$lt_cv_sys_max_cmd_len"; then
lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
else
......
include(CheckCSourceCompiles)
macro(check_function_keywords _wordlist)
set(${_result} "")
foreach(flag ${_wordlist})
string(REGEX REPLACE "[-+/ ()]" "_" flagname "${flag}")
string(TOUPPER "${flagname}" flagname)
set(have_flag "HAVE_${flagname}")
check_c_source_compiles("${flag} void func(); void func() { } int main() { func(); return 0; }" ${have_flag})
if(${have_flag} AND NOT ${_result})
set(${_result} "${flag}")
# break()
endif(${have_flag} AND NOT ${_result})
endforeach(flag)
endmacro(check_function_keywords)
This diff is collapsed.
#cmakedefine HAVE_ENDIAN_H 1
#cmakedefine HAVE_FCNTL_H 1
#cmakedefine HAVE_SCHED_H 1
#cmakedefine HAVE_UNISTD_H 1
#cmakedefine HAVE_SYS_PARAM_H 1
#cmakedefine HAVE_SYS_STAT_H 1
#cmakedefine HAVE_SYS_TIME_H 1
#cmakedefine HAVE_SYS_TYPES_H 1
#cmakedefine HAVE_STDINT_H 1
#cmakedefine HAVE_CLOSE 1
#cmakedefine HAVE_GETPID 1
#cmakedefine HAVE_GETTIMEOFDAY 1
#cmakedefine HAVE_OPEN 1
#cmakedefine HAVE_READ 1
#cmakedefine HAVE_SCHED_YIELD 1
#cmakedefine HAVE_SYNC_BUILTINS 1
#cmakedefine HAVE_ATOMIC_BUILTINS 1
#cmakedefine HAVE_LOCALE_H 1
#cmakedefine HAVE_SETLOCALE 1
#cmakedefine HAVE_INT32_T 1
#ifndef HAVE_INT32_T
# define int32_t @JSON_INT32@
#endif
#cmakedefine HAVE_UINT32_T 1
#ifndef HAVE_UINT32_T
# define uint32_t @JSON_UINT32@
#endif
#cmakedefine HAVE_SSIZE_T 1
#ifndef HAVE_SSIZE_T
# define ssize_t @JSON_SSIZE@
#endif
#cmakedefine HAVE_SNPRINTF 1
#ifndef HAVE_SNPRINTF
# define snprintf @JSON_SNPRINTF@
#endif
#cmakedefine HAVE_VSNPRINTF
#cmakedefine USE_URANDOM 1
#cmakedefine USE_WINDOWS_CRYPTOAPI 1
/*
* Copyright (c) 2010-2013 Petri Lehtinen <petri@digip.org>
*
* Jansson is free software; you can redistribute it and/or modify
* it under the terms of the MIT license. See LICENSE for details.
*
*
* This file specifies a part of the site-specific configuration for
* Jansson, namely those things that affect the public API in
* jansson.h.
*
* The CMake system will generate the jansson_config.h file and
* copy it to the build and install directories.
*/
#ifndef JANSSON_CONFIG_H
#define JANSSON_CONFIG_H
/* Define this so that we can disable scattered automake configuration in source files */
#define JANSSON_USING_CMAKE
/* Note: when using cmake, JSON_INTEGER_IS_LONG_LONG is not defined nor used,
* as we will also check for __int64 etc types.
* (the definition was used in the automake system) */
/* Bring in the cmake-detected defines */
#cmakedefine HAVE_STDINT_H 1
#cmakedefine HAVE_INTTYPES_H 1
#cmakedefine HAVE_SYS_TYPES_H 1
/* Include our standard type header for the integer typedef */
#if defined(HAVE_STDINT_H)
# include <stdint.h>
#elif defined(HAVE_INTTYPES_H)
# include <inttypes.h>
#elif defined(HAVE_SYS_TYPES_H)
# include <sys/types.h>
#endif
/* If your compiler supports the inline keyword in C, JSON_INLINE is
defined to `inline', otherwise empty. In C++, the inline is always
supported. */
#ifdef __cplusplus
#define JSON_INLINE inline
#else
#define JSON_INLINE @JSON_INLINE@
#endif
#define json_int_t @JSON_INT_T@
#define json_strtoint @JSON_STRTOINT@
#define JSON_INTEGER_FORMAT @JSON_INTEGER_FORMAT@
/* If locale.h and localeconv() are available, define to 1, otherwise to 0. */
#define JSON_HAVE_LOCALECONV @JSON_HAVE_LOCALECONV@
#endif
/* config.h.in. Generated from configure.ac by autoheader. */
/* Define to 1 if gcc's __atomic builtins are available */
#undef HAVE_ATOMIC_BUILTINS
/* Define to 1 if you have the `close' function. */
#undef HAVE_CLOSE
/* Define to 1 if you have the <dlfcn.h> header file. */
#undef HAVE_DLFCN_H
/* Define to 1 if you have the <endian.h> header file. */
#undef HAVE_ENDIAN_H
/* Define to 1 if you have the <fcntl.h> header file. */
#undef HAVE_FCNTL_H
/* Define to 1 if you have the `getpid' function. */
#undef HAVE_GETPID
/* Define to 1 if you have the `gettimeofday' function. */
#undef HAVE_GETTIMEOFDAY
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
......@@ -18,6 +36,18 @@
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the `open' function. */
#undef HAVE_OPEN
/* Define to 1 if you have the `read' function. */
#undef HAVE_READ
/* Define to 1 if you have the <sched.h> header file. */
#undef HAVE_SCHED_H
/* Define to 1 if you have the `sched_yield' function. */
#undef HAVE_SCHED_YIELD
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
......@@ -33,9 +63,18 @@
/* Define to 1 if you have the `strtoll' function. */
#undef HAVE_STRTOLL
/* Define to 1 if gcc's __sync builtins are available */
#undef HAVE_SYNC_BUILTINS
/* Define to 1 if you have the <sys/param.h> header file. */
#undef HAVE_SYS_PARAM_H
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
/* Define to 1 if you have the <sys/time.h> header file. */
#undef HAVE_SYS_TIME_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
......@@ -70,9 +109,21 @@
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define to 1 if /dev/urandom should be used for seeding the hash function */
#undef USE_URANDOM
/* Define to 1 if CryptGenRandom should be used for seeding the hash function
*/
#undef USE_WINDOWS_CRYPTOAPI
/* Version number of package */
#undef VERSION
/* Define for Solaris 2.5.1 so the uint32_t typedef from <sys/synch.h>,
<pthread.h>, or <semaphore.h> is not used. If the typedef were allowed, the
#define below would cause a syntax error. */
#undef _UINT32_T
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
#ifndef __cplusplus
......@@ -82,3 +133,7 @@
/* Define to the type of a signed integer type of width exactly 32 bits if
such a type exists and the standard includes do not define it. */
#undef int32_t
/* Define to the type of an unsigned integer type of width exactly 32 bits if
such a type exists and the standard includes do not define it. */
#undef uint32_t
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for jansson 2.5.
# Generated by GNU Autoconf 2.69 for jansson 2.6.
#
# Report bugs to <petri@digip.org>.
#
......@@ -590,8 +590,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='jansson'
PACKAGE_TARNAME='jansson'
PACKAGE_VERSION='2.5'
PACKAGE_STRING='jansson 2.5'
PACKAGE_VERSION='2.6'
PACKAGE_STRING='jansson 2.6'
PACKAGE_BUGREPORT='petri@digip.org'
PACKAGE_URL=''
......@@ -760,6 +760,8 @@ enable_fast_install
with_gnu_ld
with_sysroot
enable_libtool_lock
enable_urandom
enable_windows_cryptoapi
'
ac_precious_vars='build_alias
host_alias
......@@ -1310,7 +1312,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures jansson 2.5 to adapt to many kinds of systems.
\`configure' configures jansson 2.6 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
......@@ -1380,7 +1382,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of jansson 2.5:";;
short | recursive ) echo "Configuration of jansson 2.6:";;
esac
cat <<\_ACEOF
......@@ -1395,6 +1397,9 @@ Optional Features:
--enable-fast-install[=PKGS]
optimize for fast installation [default=yes]
--disable-libtool-lock avoid locking (might break parallel builds)
--disable-urandom Don't use /dev/urandom to seed the hash function
--disable-windows-cryptoapi
Don't use CryptGenRandom to seed the hash function
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
......@@ -1481,7 +1486,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
jansson configure 2.5
jansson configure 2.6
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
......@@ -1922,11 +1927,65 @@ $as_echo "$ac_res" >&6; }
eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
} # ac_fn_c_find_intX_t
# ac_fn_c_find_uintX_t LINENO BITS VAR
# ------------------------------------
# Finds an unsigned integer type with width BITS, setting cache variable VAR
# accordingly.
ac_fn_c_find_uintX_t ()
{
as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for uint$2_t" >&5
$as_echo_n "checking for uint$2_t... " >&6; }
if eval \${$3+:} false; then :
$as_echo_n "(cached) " >&6
else
eval "$3=no"
# Order is important - never check a type that is potentially smaller
# than half of the expected target width.
for ac_type in uint$2_t 'unsigned int' 'unsigned long int' \
'unsigned long long int' 'unsigned short int' 'unsigned char'; do
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
$ac_includes_default
int
main ()
{
static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)];
test_array [0] = 0;
return test_array [0];
;
return 0;
}
_ACEOF
if ac_fn_c_try_compile "$LINENO"; then :
case $ac_type in #(
uint$2_t) :
eval "$3=yes" ;; #(
*) :
eval "$3=\$ac_type" ;;
esac
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
if eval test \"x\$"$3"\" = x"no"; then :
else
break
fi
done
fi
eval ac_res=\$$3
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
$as_echo "$ac_res" >&6; }
eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
} # ac_fn_c_find_uintX_t
cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by jansson $as_me 2.5, which was
It was created by jansson $as_me 2.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
......@@ -2742,7 +2801,7 @@ fi
# Define the identity of the package.
PACKAGE='jansson'
VERSION='2.5'
VERSION='2.6'
cat >>confdefs.h <<_ACEOF
......@@ -4653,8 +4712,7 @@ else
;;
*)
lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null`
if test -n "$lt_cv_sys_max_cmd_len" && \
test undefined != "$lt_cv_sys_max_cmd_len"; then
if test -n "$lt_cv_sys_max_cmd_len"; then
lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4`
lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3`
else
......@@ -6191,14 +6249,7 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*)
LD="${LD-ld} -m elf_i386_fbsd"
;;
x86_64-*linux*)
case `/usr/bin/file conftest.o` in
*x86-64*)
LD="${LD-ld} -m elf32_x86_64"
;;
*)
LD="${LD-ld} -m elf_i386"
;;
esac
LD="${LD-ld} -m elf_i386"
;;
ppc64-*linux*|powerpc64-*linux*)
LD="${LD-ld} -m elf32ppclinux"
......@@ -11367,12 +11418,13 @@ fi
# Checks for libraries.
# Checks for header files.
for ac_header in locale.h
for ac_header in endian.h fcntl.h locale.h sched.h unistd.h sys/param.h sys/stat.h sys/time.h sys/types.h
do :
ac_fn_c_check_header_mongrel "$LINENO" "locale.h" "ac_cv_header_locale_h" "$ac_includes_default"
if test "x$ac_cv_header_locale_h" = xyes; then :
as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
cat >>confdefs.h <<_ACEOF
#define HAVE_LOCALE_H 1
#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
_ACEOF
fi
......@@ -11392,6 +11444,20 @@ _ACEOF
;;
esac
ac_fn_c_find_uintX_t "$LINENO" "32" "ac_cv_c_uint32_t"
case $ac_cv_c_uint32_t in #(
no|yes) ;; #(
*)
$as_echo "#define _UINT32_T 1" >>confdefs.h
cat >>confdefs.h <<_ACEOF
#define uint32_t $ac_cv_c_uint32_t
_ACEOF
;;
esac
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for long long int" >&5
$as_echo_n "checking for long long int... " >&6; }
......@@ -11534,7 +11600,7 @@ esac
# Checks for library functions.
for ac_func in strtoll localeconv
for ac_func in close getpid gettimeofday localeconv open read sched_yield strtoll
do :
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
......@@ -11547,6 +11613,60 @@ fi
done
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcc __sync builtins" >&5
$as_echo_n "checking for gcc __sync builtins... " >&6; }
have_sync_builtins=no
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
int
main ()
{
unsigned long val; __sync_bool_compare_and_swap(&val, 0, 1);
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
have_sync_builtins=yes
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
if test "x$have_sync_builtins" = "xyes"; then
$as_echo "#define HAVE_SYNC_BUILTINS 1" >>confdefs.h
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $have_sync_builtins" >&5
$as_echo "$have_sync_builtins" >&6; }
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gcc __atomic builtins" >&5
$as_echo_n "checking for gcc __atomic builtins... " >&6; }
have_atomic_builtins=no
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
int
main ()
{
char l; unsigned long v; __atomic_test_and_set(&l, __ATOMIC_RELAXED); __atomic_store_n(&v, 1, __ATOMIC_ACQ_REL); __atomic_load_n(&v, __ATOMIC_ACQUIRE);
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
have_atomic_builtins=yes
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
if test "x$have_atomic_builtins" = "xyes"; then
$as_echo "#define HAVE_ATOMIC_BUILTINS 1" >>confdefs.h
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $have_atomic_builtins" >&5
$as_echo "$have_atomic_builtins" >&6; }
case "$ac_cv_type_long_long_int$ac_cv_func_strtoll" in
yesyes) json_have_long_long=1;;
*) json_have_long_long=0;;
......@@ -11559,6 +11679,35 @@ case "$ac_cv_header_locale_h$ac_cv_func_localeconv" in
esac
# Features
# Check whether --enable-urandom was given.
if test "${enable_urandom+set}" = set; then :
enableval=$enable_urandom; use_urandom=$enableval
else
use_urandom=yes
fi
if test "x$use_urandom" = xyes; then
$as_echo "#define USE_URANDOM 1" >>confdefs.h
fi
# Check whether --enable-windows-cryptoapi was given.
if test "${enable_windows_cryptoapi+set}" = set; then :
enableval=$enable_windows_cryptoapi; use_windows_cryptoapi=$enableval
else
use_windows_cryptoapi=yes
fi
if test "x$use_windows_cryptoapi" = xyes; then
$as_echo "#define USE_WINDOWS_CRYPTOAPI 1" >>confdefs.h
fi
ac_config_files="$ac_config_files jansson.pc Makefile doc/Makefile src/Makefile src/jansson_config.h test/Makefile test/bin/Makefile test/suites/Makefile test/suites/api/Makefile"
cat >confcache <<\_ACEOF
......@@ -12087,7 +12236,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by jansson $as_me 2.5, which was
This file was extended by jansson $as_me 2.6, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
......@@ -12153,7 +12302,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
jansson config.status 2.5
jansson config.status 2.6
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
......
AC_PREREQ([2.60])
AC_INIT([jansson], [2.5], [petri@digip.org])
AC_INIT([jansson], [2.6], [petri@digip.org])
AM_INIT_AUTOMAKE([1.10 foreign])
......@@ -14,10 +14,11 @@ AM_CONDITIONAL([GCC], [test x$GCC = xyes])
# Checks for libraries.
# Checks for header files.
AC_CHECK_HEADERS([locale.h])
AC_CHECK_HEADERS([endian.h fcntl.h locale.h sched.h unistd.h sys/param.h sys/stat.h sys/time.h sys/types.h])
# Checks for typedefs, structures, and compiler characteristics.
AC_TYPE_INT32_T
AC_TYPE_UINT32_T
AC_TYPE_LONG_LONG_INT
AC_C_INLINE
......@@ -29,7 +30,31 @@ esac
AC_SUBST([json_inline])
# Checks for library functions.
AC_CHECK_FUNCS([strtoll localeconv])
AC_CHECK_FUNCS([close getpid gettimeofday localeconv open read sched_yield strtoll])
AC_MSG_CHECKING([for gcc __sync builtins])
have_sync_builtins=no
AC_TRY_LINK(
[], [unsigned long val; __sync_bool_compare_and_swap(&val, 0, 1);],
[have_sync_builtins=yes],
)
if test "x$have_sync_builtins" = "xyes"; then
AC_DEFINE([HAVE_SYNC_BUILTINS], [1],
[Define to 1 if gcc's __sync builtins are available])
fi
AC_MSG_RESULT([$have_sync_builtins])
AC_MSG_CHECKING([for gcc __atomic builtins])
have_atomic_builtins=no
AC_TRY_LINK(
[], [char l; unsigned long v; __atomic_test_and_set(&l, __ATOMIC_RELAXED); __atomic_store_n(&v, 1, __ATOMIC_ACQ_REL); __atomic_load_n(&v, __ATOMIC_ACQUIRE);],
[have_atomic_builtins=yes],
)
if test "x$have_atomic_builtins" = "xyes"; then
AC_DEFINE([HAVE_ATOMIC_BUILTINS], [1],
[Define to 1 if gcc's __atomic builtins are available])
fi
AC_MSG_RESULT([$have_atomic_builtins])
case "$ac_cv_type_long_long_int$ac_cv_func_strtoll" in
yesyes) json_have_long_long=1;;
......@@ -43,6 +68,27 @@ case "$ac_cv_header_locale_h$ac_cv_func_localeconv" in
esac
AC_SUBST([json_have_localeconv])
# Features
AC_ARG_ENABLE([urandom],
[AS_HELP_STRING([--disable-urandom],
[Don't use /dev/urandom to seed the hash function])],
[use_urandom=$enableval], [use_urandom=yes])
if test "x$use_urandom" = xyes; then
AC_DEFINE([USE_URANDOM], [1],
[Define to 1 if /dev/urandom should be used for seeding the hash function])
fi
AC_ARG_ENABLE([windows-cryptoapi],
[AS_HELP_STRING([--disable-windows-cryptoapi],
[Don't use CryptGenRandom to seed the hash function])],
[use_windows_cryptoapi=$enableval], [use_windows_cryptoapi=yes])
if test "x$use_windows_cryptoapi" = xyes; then
AC_DEFINE([USE_WINDOWS_CRYPTOAPI], [1],
[Define to 1 if CryptGenRandom should be used for seeding the hash function])
fi
AC_CONFIG_FILES([
jansson.pc
Makefile
......
......@@ -717,6 +717,32 @@ The iteration protocol can be used for example as follows::
iter = json_object_iter_next(obj, iter);
}
.. function:: void json_object_seed(size_t seed)
Seed the hash function used in Jansson's hashtable implementation.
The seed is used to randomize the hash function so that an
attacker cannot control its output.
If *seed* is 0, Jansson generates the seed itselfy by reading
random data from the operating system's entropy sources. If no
entropy sources are available, falls back to using a combination
of the current timestamp (with microsecond precision if possible)
and the process ID.
If called at all, this function must be called before any calls to
:func:`json_object()`, either explicit or implicit. If this
function is not called by the user, the first call to
:func:`json_object()` (either explicit or implicit) seeds the hash
function. See :ref:`portability-thread-safety` for notes on thread
safety.
If repeatable results are required, for e.g. unit tests, the hash
function can be "unrandomized" by calling :func:`json_object_seed`
with a constant value on program startup, e.g.
``json_object_seed(1)``.
.. versionadded:: 2.6
Error reporting
===============
......@@ -1082,14 +1108,20 @@ arguments.
``s#`` (string) [const char \*, int]
Convert a UTF-8 buffer of a given length to a JSON string.
.. versionadded:: 2.5
``+`` [const char \*]
Like ``s``, but concatenate to the previous string. Only valid
after ``s``, ``s#``, ``+`` or ``+#``.
.. versionadded:: 2.5
``+#`` [const char \*, int]
Like ``s#``, but concatenate to the previous string. Only valid
after ``s``, ``s#``, ``+`` or ``+#``.
.. versionadded:: 2.5
``n`` (null)
Output a JSON null value. No argument is consumed.
......@@ -1470,7 +1502,7 @@ JSON structures by zeroing all memory when freed::
ptr -= 8;
size = *((size_t *)ptr);
guaranteed_memset(ptr, 0, size);
guaranteed_memset(ptr, 0, size + 8);
free(ptr);
}
......
......@@ -48,7 +48,7 @@ copyright = u'2009-2013, Petri Lehtinen'
# built documents.
#
# The short X.Y version.
version = '2.5'
version = '2.6'
# The full version, including alpha/beta/rc tags.
release = version
......