Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rubygem-puma for openSUSE:Factory
checked in at 2022-08-27 11:50:10
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rubygem-puma (Old)
and /work/SRC/openSUSE:Factory/.rubygem-puma.new.2083 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rubygem-puma"
Sat Aug 27 11:50:10 2022 rev:51 rq:999449 version:5.6.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/rubygem-puma/rubygem-puma.changes
2022-04-01 21:37:09.372805930 +0200
+++ /work/SRC/openSUSE:Factory/.rubygem-puma.new.2083/rubygem-puma.changes
2022-08-27 11:50:14.529862675 +0200
@@ -1,0 +2,19 @@
+Fri Aug 26 16:34:41 UTC 2022 - Manuel Schnitzer <mschnit...@suse.com>
+
+- updated to version 5.6.5
+
+ * Bugfixes
+ * NullIO#closed should return false ([#2883])
+ * Puma::ControlCLI - allow refork command to be sent as a request
([#2868], [#2866])
+ * [jruby] Fix TLS verification hang ([#2890], [#2729])
+ * extconf.rb - don't use pkg_config('openssl') if '--with-openssl-dir' is
used ([#2885], [#2839])
+ * MiniSSL - detect SSL_CTX_set_dh_auto ([#2864], [#2863])
+ * Fix rack.after_reply exceptions breaking connections ([#2861], [#2856])
+ * Escape SSL cert and filenames ([#2855])
+ * Fail hard if SSL certs or keys are invalid ([#2848])
+ * Fail hard if SSL certs or keys cannot be read by user ([#2847])
+ * Fix build with Opaque DH in LibreSSL 3.5. ([#2838])
+ * Pre-existing socket file removed when TERM is issued after USR2 (if puma
is running in cluster mode) ([#2817])
+ * Fix Puma::StateFile#load incompatibility ([#2810])
+
+-------------------------------------------------------------------
Old:
----
puma-5.6.4.gem
New:
----
puma-5.6.5.gem
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rubygem-puma.spec ++++++
--- /var/tmp/diff_new_pack.3Z8gwe/_old 2022-08-27 11:50:15.029863750 +0200
+++ /var/tmp/diff_new_pack.3Z8gwe/_new 2022-08-27 11:50:15.041863775 +0200
@@ -24,7 +24,7 @@
#
Name: rubygem-puma
-Version: 5.6.4
+Version: 5.6.5
Release: 0
%define mod_name puma
%define mod_full_name %{mod_name}-%{version}
++++++ puma-5.6.4.gem -> puma-5.6.5.gem ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/History.md new/History.md
--- old/History.md 1980-01-01 01:00:00.000000000 +0100
+++ new/History.md 1980-01-01 01:00:00.000000000 +0100
@@ -1,3 +1,19 @@
+## 5.6.5 / 2022-08-23
+
+* Bugfixes
+ * NullIO#closed should return false ([#2883])
+ * Puma::ControlCLI - allow refork command to be sent as a request ([#2868],
[#2866])
+ * [jruby] Fix TLS verification hang ([#2890], [#2729])
+ * extconf.rb - don't use pkg_config('openssl') if '--with-openssl-dir' is
used ([#2885], [#2839])
+ * MiniSSL - detect SSL_CTX_set_dh_auto ([#2864], [#2863])
+ * Fix rack.after_reply exceptions breaking connections ([#2861], [#2856])
+ * Escape SSL cert and filenames ([#2855])
+ * Fail hard if SSL certs or keys are invalid ([#2848])
+ * Fail hard if SSL certs or keys cannot be read by user ([#2847])
+ * Fix build with Opaque DH in LibreSSL 3.5. ([#2838])
+ * Pre-existing socket file removed when TERM is issued after USR2 (if puma
is running in cluster mode) ([#2817])
+ * Fix Puma::StateFile#load incompatibility ([#2810])
+
## 5.6.4 / 2022-03-30
* Security
@@ -1845,6 +1861,32 @@
* Bugfixes
* Your bugfix goes here <Most recent on the top, like GitHub> (#Github
Number)
+[#2883]:https://github.com/puma/puma/pull/2883 "PR by @MSP-Greg, merged
2022-06-02"
+[#2868]:https://github.com/puma/puma/pull/2868 "PR by @MSP-Greg, merged
2022-06-02"
+[#2866]:https://github.com/puma/puma/issues/2866 "Issue by @slondr, closed
2022-06-02"
+[#2888]:https://github.com/puma/puma/pull/2888 "PR by @MSP-Greg, merged
2022-06-01"
+[#2890]:https://github.com/puma/puma/pull/2890 "PR by @kares, merged
2022-06-01"
+[#2729]:https://github.com/puma/puma/issues/2729 "Issue by @kares, closed
2022-06-01"
+[#2885]:https://github.com/puma/puma/pull/2885 "PR by @MSP-Greg, merged
2022-05-30"
+[#2839]:https://github.com/puma/puma/issues/2839 "Issue by @wlipa, closed
2022-05-30"
+[#2882]:https://github.com/puma/puma/pull/2882 "PR by @MSP-Greg, merged
2022-05-19"
+[#2864]:https://github.com/puma/puma/pull/2864 "PR by @MSP-Greg, merged
2022-04-26"
+[#2863]:https://github.com/puma/puma/issues/2863 "Issue by @eradman, closed
2022-04-26"
+[#2861]:https://github.com/puma/puma/pull/2861 "PR by @BlakeWilliams,
merged 2022-04-17"
+[#2856]:https://github.com/puma/puma/issues/2856 "Issue by @nateberkopec,
closed 2022-04-17"
+[#2855]:https://github.com/puma/puma/pull/2855 "PR by @stanhu, merged
2022-04-09"
+[#2848]:https://github.com/puma/puma/pull/2848 "PR by @stanhu, merged
2022-04-02"
+[#2847]:https://github.com/puma/puma/pull/2847 "PR by @stanhu, merged
2022-04-02"
+[#2838]:https://github.com/puma/puma/pull/2838 "PR by @epsilon-0, merged
2022-03-03"
+[#2817]:https://github.com/puma/puma/pull/2817 "PR by @khustochka, merged
2022-02-20"
+[#2810]:https://github.com/puma/puma/pull/2810 "PR by @kzkn, merged
2022-01-27"
+[#2899]:https://github.com/puma/puma/pull/2899 "PR by @kares, merged
2022-07-04"
+[#2891]:https://github.com/puma/puma/pull/2891 "PR by @gingerlime, merged
2022-06-02"
+[#2886]:https://github.com/puma/puma/pull/2886 "PR by @kares, merged
2022-05-30"
+[#2884]:https://github.com/puma/puma/pull/2884 "PR by @kares, merged
2022-05-30"
+[#2875]:https://github.com/puma/puma/pull/2875 "PR by @ylecuyer, merged
2022-05-19"
+[#2840]:https://github.com/puma/puma/pull/2840 "PR by @LukaszMaslej,
merged 2022-04-13"
+[#2849]:https://github.com/puma/puma/pull/2849 "PR by @kares, merged
2022-04-09"
[#2809]:https://github.com/puma/puma/pull/2809 "PR by @dentarg, merged
2022-01-26"
[#2764]:https://github.com/puma/puma/pull/2764 "PR by @dentarg, merged
2022-01-18"
[#2708]:https://github.com/puma/puma/issues/2708 "Issue by @erikaxel, closed
2022-01-18"
@@ -1930,7 +1972,7 @@
[#2519]:https://github.com/puma/puma/pull/2519 "PR by @MSP-Greg, merged
2021-01-26"
[#2522]:https://github.com/puma/puma/pull/2522 "PR by @jcmfernandes,
merged 2021-01-12"
[#2490]:https://github.com/puma/puma/pull/2490 "PR by @Bonias, merged
2020-12-07"
-[#2486]:https://github.com/puma/puma/pull/2486 "PR by @ccverak, merged
2020-12-02"
+[#2486]:https://github.com/puma/puma/pull/2486 "PR by @karloscodes, merged
2020-12-02"
[#2535]:https://github.com/puma/puma/pull/2535 "PR by @MSP-Greg, merged
2021-01-27"
[#2529]:https://github.com/puma/puma/pull/2529 "PR by @MSP-Greg, merged
2021-01-24"
[#2533]:https://github.com/puma/puma/pull/2533 "PR by @MSP-Greg, merged
2021-01-24"
@@ -1940,7 +1982,7 @@
[#2521]:https://github.com/puma/puma/pull/2521 "PR by @ojab, merged
2021-01-04"
[#2531]:https://github.com/puma/puma/pull/2531 "PR by @wjordan, merged
2021-01-19"
[#2510]:https://github.com/puma/puma/pull/2510 "PR by @micke, merged
2020-12-10"
-[#2472]:https://github.com/puma/puma/pull/2472 "PR by @ccverak, merged
2020-11-02"
+[#2472]:https://github.com/puma/puma/pull/2472 "PR by @karloscodes, merged
2020-11-02"
[#2438]:https://github.com/puma/puma/pull/2438 "PR by @ekohl, merged
2020-10-26"
[#2406]:https://github.com/puma/puma/pull/2406 "PR by @fdel15, merged
2020-10-19"
[#2449]:https://github.com/puma/puma/pull/2449 "PR by @MSP-Greg, merged
2020-10-28"
@@ -2367,7 +2409,7 @@
[#709]:https://github.com/puma/puma/pull/709 "PR by @lian, merged
2015-06-10"
[#711]:https://github.com/puma/puma/pull/711 "PR by @julik, merged
2015-06-10"
[#712]:https://github.com/puma/puma/pull/712 "PR by @chewi, merged
2015-07-14"
-[#715]:https://github.com/puma/puma/pull/715 "PR by @0RaymondJiang0,
merged 2015-07-14"
+[#715]:https://github.com/puma/puma/pull/715 "PR by @raymondmars, merged
2015-07-14"
[#725]:https://github.com/puma/puma/pull/725 "PR by @rwz, merged
2015-07-14"
[#726]:https://github.com/puma/puma/pull/726 "PR by @jshafton, merged
2015-07-14"
[#729]:https://github.com/puma/puma/pull/729 "PR by @allaire, merged
2015-07-14"
Binary files old/checksums.yaml.gz and new/checksums.yaml.gz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ext/puma_http11/extconf.rb
new/ext/puma_http11/extconf.rb
--- old/ext/puma_http11/extconf.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/ext/puma_http11/extconf.rb 1980-01-01 01:00:00.000000000 +0100
@@ -9,9 +9,11 @@
end
unless ENV["DISABLE_SSL"]
- dir_config("openssl")
+ # don't use pkg_config('openssl') if '--with-openssl-dir' is used
+ has_openssl_dir = dir_config('openssl').any?
+ found_pkg_config = !has_openssl_dir && pkg_config('openssl')
- found_ssl = if (!$mingw || RUBY_VERSION >= '2.4') && (t = pkg_config
'openssl')
+ found_ssl = if (!$mingw || RUBY_VERSION >= '2.4') && found_pkg_config
puts 'using OpenSSL pkgconfig (openssl.pc)'
true
elsif %w'crypto libeay32'.find {|crypto| have_library(crypto, 'BIO_read')} &&
@@ -35,7 +37,10 @@
have_func "X509_STORE_up_ref"
have_func "SSL_CTX_set_ecdh_auto(NULL, 0)" , "openssl/ssl.h"
- # below are yes for 3.0.0 & later, use for OpenSSL 3 detection
+ # below exists in 1.1.0 and later, but isn't documented until 3.0.0
+ have_func "SSL_CTX_set_dh_auto(NULL, 0)" , "openssl/ssl.h"
+
+ # below is yes for 3.0.0 & later
have_func "SSL_get1_peer_certificate" , "openssl/ssl.h"
# Random.bytes available in Ruby 2.5 and later, Random::DEFAULT deprecated
in 3.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ext/puma_http11/mini_ssl.c
new/ext/puma_http11/mini_ssl.c
--- old/ext/puma_http11/mini_ssl.c 1980-01-01 01:00:00.000000000 +0100
+++ new/ext/puma_http11/mini_ssl.c 1980-01-01 01:00:00.000000000 +0100
@@ -30,6 +30,12 @@
VALUE eError;
+NORETURN(void raise_file_error(const char* caller, const char *filename));
+
+void raise_file_error(const char* caller, const char *filename) {
+ rb_raise(eError, "%s: error in file '%s': %s", caller, filename,
ERR_error_string(ERR_get_error(), NULL));
+}
+
void engine_free(void *ptr) {
ms_conn *conn = ptr;
ms_cert_buf* cert_buf = (ms_cert_buf*)SSL_get_app_data(conn->ssl);
@@ -49,7 +55,7 @@
0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
};
-#ifndef HAVE_SSL_GET1_PEER_CERTIFICATE
+#ifndef HAVE_SSL_CTX_SET_DH_AUTO
DH *get_dh2048(void) {
/* `openssl dhparam -C 2048`
* -----BEGIN DH PARAMETERS-----
@@ -92,13 +98,13 @@
static unsigned char dh2048_g[] = { 0x02 };
DH *dh;
-#if !(OPENSSL_VERSION_NUMBER < 0x10100005L || defined(LIBRESSL_VERSION_NUMBER))
+#if !(OPENSSL_VERSION_NUMBER < 0x10100005L)
BIGNUM *p, *g;
#endif
dh = DH_new();
-#if OPENSSL_VERSION_NUMBER < 0x10100005L || defined(LIBRESSL_VERSION_NUMBER)
+#if OPENSSL_VERSION_NUMBER < 0x10100005L
dh->p = BN_bin2bn(dh2048_p, sizeof(dh2048_p), NULL);
dh->g = BN_bin2bn(dh2048_g, sizeof(dh2048_g), NULL);
@@ -211,7 +217,7 @@
int ssl_options;
VALUE key, cert, ca, verify_mode, ssl_cipher_filter, no_tlsv1, no_tlsv1_1,
verification_flags, session_id_bytes, cert_pem, key_pem;
-#ifndef HAVE_SSL_GET1_PEER_CERTIFICATE
+#ifndef HAVE_SSL_CTX_SET_DH_AUTO
DH *dh;
#endif
BIO *bio;
@@ -244,12 +250,18 @@
if (!NIL_P(cert)) {
StringValue(cert);
- SSL_CTX_use_certificate_chain_file(ctx, RSTRING_PTR(cert));
+
+ if (SSL_CTX_use_certificate_chain_file(ctx, RSTRING_PTR(cert)) != 1) {
+ raise_file_error("SSL_CTX_use_certificate_chain_file",
RSTRING_PTR(cert));
+ }
}
if (!NIL_P(key)) {
StringValue(key);
- SSL_CTX_use_PrivateKey_file(ctx, RSTRING_PTR(key), SSL_FILETYPE_PEM);
+
+ if (SSL_CTX_use_PrivateKey_file(ctx, RSTRING_PTR(key), SSL_FILETYPE_PEM)
!= 1) {
+ raise_file_error("SSL_CTX_use_PrivateKey_file", RSTRING_PTR(key));
+ }
}
if (!NIL_P(cert_pem)) {
@@ -257,7 +269,9 @@
BIO_puts(bio, RSTRING_PTR(cert_pem));
x509 = PEM_read_bio_X509(bio, NULL, NULL, NULL);
- SSL_CTX_use_certificate(ctx, x509);
+ if (SSL_CTX_use_certificate(ctx, x509) != 1) {
+ raise_file_error("SSL_CTX_use_certificate", RSTRING_PTR(cert_pem));
+ }
}
if (!NIL_P(key_pem)) {
@@ -265,7 +279,9 @@
BIO_puts(bio, RSTRING_PTR(key_pem));
pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
- SSL_CTX_use_PrivateKey(ctx, pkey);
+ if (SSL_CTX_use_PrivateKey(ctx, pkey) != 1) {
+ raise_file_error("SSL_CTX_use_PrivateKey", RSTRING_PTR(key_pem));
+ }
}
verification_flags = rb_funcall(mini_ssl_ctx,
rb_intern_const("verification_flags"), 0);
@@ -278,7 +294,9 @@
if (!NIL_P(ca)) {
StringValue(ca);
- SSL_CTX_load_verify_locations(ctx, RSTRING_PTR(ca), NULL);
+ if (SSL_CTX_load_verify_locations(ctx, RSTRING_PTR(ca), NULL) != 1) {
+ raise_file_error("SSL_CTX_load_verify_locations", RSTRING_PTR(ca));
+ }
}
ssl_options = SSL_OP_CIPHER_SERVER_PREFERENCE | SSL_OP_SINGLE_ECDH_USE |
SSL_OP_NO_COMPRESSION;
@@ -355,7 +373,7 @@
// printf("\ninitialize end security_level %d\n",
SSL_CTX_get_security_level(ctx));
-#ifdef HAVE_SSL_GET1_PEER_CERTIFICATE
+#ifdef HAVE_SSL_CTX_SET_DH_AUTO
// https://www.openssl.org/docs/man3.0/man3/SSL_CTX_set_dh_auto.html
SSL_CTX_set_dh_auto(ctx, 1);
#else
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/ext/puma_http11/org/jruby/puma/MiniSSL.java
new/ext/puma_http11/org/jruby/puma/MiniSSL.java
--- old/ext/puma_http11/org/jruby/puma/MiniSSL.java 1980-01-01
01:00:00.000000000 +0100
+++ new/ext/puma_http11/org/jruby/puma/MiniSSL.java 1980-01-01
01:00:00.000000000 +0100
@@ -279,14 +279,6 @@
}
}
- // after each op, run any delegated tasks if needed
- if(res.getHandshakeStatus() == HandshakeStatus.NEED_TASK) {
- Runnable runnable;
- while ((runnable = engine.getDelegatedTask()) != null) {
- runnable.run();
- }
- }
-
return res;
}
@@ -304,11 +296,12 @@
HandshakeStatus handshakeStatus = engine.getHandshakeStatus();
boolean done = false;
- SSLEngineResult res = null;
while (!done) {
+ SSLEngineResult res;
switch (handshakeStatus) {
case NEED_WRAP:
res = doOp(SSLOperation.WRAP, inboundAppData, outboundNetData);
+ handshakeStatus = res.getHandshakeStatus();
break;
case NEED_UNWRAP:
res = doOp(SSLOperation.UNWRAP, inboundNetData, inboundAppData);
@@ -316,13 +309,18 @@
// need more data before we can shake more hands
done = true;
}
+ handshakeStatus = res.getHandshakeStatus();
+ break;
+ case NEED_TASK:
+ Runnable runnable;
+ while ((runnable = engine.getDelegatedTask()) != null) {
+ runnable.run();
+ }
+ handshakeStatus = engine.getHandshakeStatus();
break;
default:
done = true;
}
- if (!done) {
- handshakeStatus = res.getHandshakeStatus();
- }
}
if (inboundNetData.hasRemaining()) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/app/status.rb new/lib/puma/app/status.rb
--- old/lib/puma/app/status.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/app/status.rb 1980-01-01 01:00:00.000000000 +0100
@@ -39,6 +39,9 @@
when 'phased-restart'
@launcher.phased_restart ? 200 : 404
+ when 'refork'
+ @launcher.refork ? 200 : 404
+
when 'reload-worker-directory'
@launcher.send(:reload_worker_directory) ? 200 : 404
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/binder.rb new/lib/puma/binder.rb
--- old/lib/puma/binder.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/binder.rb 1980-01-01 01:00:00.000000000 +0100
@@ -189,7 +189,7 @@
end
if fd = @inherited_fds.delete(str)
- @unix_paths << path unless abstract
+ @unix_paths << path unless abstract || File.exist?(path)
io = inherit_unix_listener path, fd
logger.log "* Inherited #{str}"
elsif sock = @activated_sockets.delete([ :unix, path ]) ||
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/const.rb new/lib/puma/const.rb
--- old/lib/puma/const.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/const.rb 1980-01-01 01:00:00.000000000 +0100
@@ -100,7 +100,7 @@
# too taxing on performance.
module Const
- PUMA_VERSION = VERSION = "5.6.4".freeze
+ PUMA_VERSION = VERSION = "5.6.5".freeze
CODE_NAME = "Birdie's Version".freeze
PUMA_SERVER_STRING = ['puma', PUMA_VERSION, CODE_NAME].join(' ').freeze
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/control_cli.rb new/lib/puma/control_cli.rb
--- old/lib/puma/control_cli.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/control_cli.rb 1980-01-01 01:00:00.000000000 +0100
@@ -17,26 +17,30 @@
CMD_PATH_SIG_MAP = {
'gc' => nil,
'gc-stats' => nil,
- 'halt' => 'SIGQUIT',
- 'phased-restart' => 'SIGUSR1',
- 'refork' => 'SIGURG',
+ 'halt' => 'SIGQUIT',
+ 'info' => 'SIGINFO',
+ 'phased-restart' => 'SIGUSR1',
+ 'refork' => 'SIGURG',
'reload-worker-directory' => nil,
- 'restart' => 'SIGUSR2',
+ 'reopen-log' => 'SIGHUP',
+ 'restart' => 'SIGUSR2',
'start' => nil,
'stats' => nil,
'status' => '',
- 'stop' => 'SIGTERM',
- 'thread-backtraces' => nil
+ 'stop' => 'SIGTERM',
+ 'thread-backtraces' => nil,
+ 'worker-count-down' => 'SIGTTOU',
+ 'worker-count-up' => 'SIGTTIN'
}.freeze
# @deprecated 6.0.0
COMMANDS = CMD_PATH_SIG_MAP.keys.freeze
# commands that cannot be used in a request
- NO_REQ_COMMANDS = %w{refork}.freeze
+ NO_REQ_COMMANDS = %w[info reopen-log worker-count-down
worker-count-up].freeze
# @version 5.0.0
- PRINTABLE_COMMANDS = %w{gc-stats stats thread-backtraces}.freeze
+ PRINTABLE_COMMANDS = %w[gc-stats stats thread-backtraces].freeze
def initialize(argv, stdout=STDOUT, stderr=STDERR)
@state = nil
@@ -185,8 +189,6 @@
if @command == 'status'
message 'Puma is started'
- elsif NO_REQ_COMMANDS.include? @command
- raise "Invalid request command: #{@command}"
else
url = "/#{@command}"
@@ -242,7 +244,11 @@
@stdout.flush unless @stdout.sync
return
elsif sig.start_with? 'SIG'
- Process.kill sig, @pid
+ if Signal.list.key? sig.sub(/\ASIG/, '')
+ Process.kill sig, @pid
+ else
+ raise "Signal '#{sig}' not available'"
+ end
elsif @command == 'status'
begin
Process.kill 0, @pid
@@ -268,7 +274,7 @@
return start if @command == 'start'
prepare_configuration
- if Puma.windows? || @control_url
+ if Puma.windows? || @control_url && !NO_REQ_COMMANDS.include?(@command)
send_request
else
send_signal
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/dsl.rb new/lib/puma/dsl.rb
--- old/lib/puma/dsl.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/dsl.rb 1980-01-01 01:00:00.000000000 +0100
@@ -1,6 +1,7 @@
# frozen_string_literal: true
require 'puma/const'
+require 'puma/util'
module Puma
# The methods that are available for use inside the configuration file.
@@ -46,7 +47,7 @@
else ''
end
- ca_additions = "&ca=#{opts[:ca]}" if ['peer',
'force_peer'].include?(verify)
+ ca_additions = "&ca=#{Puma::Util.escape(opts[:ca])}" if ['peer',
'force_peer'].include?(verify)
backlog_str = opts[:backlog] ? "&backlog=#{Integer(opts[:backlog])}" : ''
@@ -65,7 +66,10 @@
v_flags = (ary = opts[:verification_flags]) ?
"&verification_flags=#{Array(ary).join ','}" : nil
- "ssl://#{host}:#{port}?cert=#{opts[:cert]}&key=#{opts[:key]}" \
+ cert_flags = (cert = opts[:cert]) ?
"cert=#{Puma::Util.escape(opts[:cert])}" : nil
+ key_flags = (cert = opts[:key]) ?
"&key=#{Puma::Util.escape(opts[:key])}" : nil
+
+ "ssl://#{host}:#{port}?#{cert_flags}#{key_flags}" \
"#{ssl_cipher_filter}&verify_mode=#{verify}#{tls_str}#{ca_additions}#{v_flags}#{backlog_str}"
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/launcher.rb new/lib/puma/launcher.rb
--- old/lib/puma/launcher.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/launcher.rb 1980-01-01 01:00:00.000000000 +0100
@@ -159,6 +159,17 @@
true
end
+ # Begin a refork if supported
+ def refork
+ if clustered? && @runner.respond_to?(:fork_worker!) &&
@options[:fork_worker]
+ @runner.fork_worker!
+ true
+ else
+ log "* refork called but not available."
+ false
+ end
+ end
+
# Run the server. This blocks until the server is stopped
def run
previous_env =
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/minissl.rb new/lib/puma/minissl.rb
--- old/lib/puma/minissl.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/minissl.rb 1980-01-01 01:00:00.000000000 +0100
@@ -214,6 +214,11 @@
@cert_pem = nil
end
+ def check_file(file, desc)
+ raise ArgumentError, "#{desc} file '#{file}' does not exist" unless
File.exist? file
+ raise ArgumentError, "#{desc} file '#{file}' is not readable" unless
File.readable? file
+ end
+
if IS_JRUBY
# jruby-specific Context properties: java uses a keystore and password
pair rather than a cert/key pair
attr_reader :keystore
@@ -221,7 +226,7 @@
attr_accessor :ssl_cipher_list
def keystore=(keystore)
- raise ArgumentError, "No such keystore file '#{keystore}'" unless
File.exist? keystore
+ check_file keystore, 'Keystore'
@keystore = keystore
end
@@ -240,17 +245,17 @@
attr_accessor :verification_flags
def key=(key)
- raise ArgumentError, "No such key file '#{key}'" unless File.exist?
key
+ check_file key, 'Key'
@key = key
end
def cert=(cert)
- raise ArgumentError, "No such cert file '#{cert}'" unless
File.exist? cert
+ check_file cert, 'Cert'
@cert = cert
end
def ca=(ca)
- raise ArgumentError, "No such ca file '#{ca}'" unless File.exist? ca
+ check_file ca, 'ca'
@ca = ca
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/null_io.rb new/lib/puma/null_io.rb
--- old/lib/puma/null_io.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/null_io.rb 1980-01-01 01:00:00.000000000 +0100
@@ -52,5 +52,10 @@
def flush
self
end
+
+ # This is used as singleton class, so can't have state.
+ def closed?
+ false
+ end
end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/request.rb new/lib/puma/request.rb
--- old/lib/puma/request.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/request.rb 1980-01-01 01:00:00.000000000 +0100
@@ -178,7 +178,11 @@
res_body.close if res_body.respond_to? :close
end
- after_reply.each { |o| o.call }
+ begin
+ after_reply.each { |o| o.call }
+ rescue StandardError => e
+ @log_writer.debug_error e
+ end
end
res_info[:keep_alive]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/server.rb new/lib/puma/server.rb
--- old/lib/puma/server.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/server.rb 1980-01-01 01:00:00.000000000 +0100
@@ -39,6 +39,7 @@
attr_reader :events
attr_reader :min_threads, :max_threads # for #stats
attr_reader :requests_count # @version 5.0.0
+ attr_reader :log_writer # to help with backports
# @todo the following may be deprecated in the future
attr_reader :auto_trim_time, :early_hints, :first_data_timeout,
@@ -73,6 +74,7 @@
def initialize(app, events=Events.stdio, options={})
@app = app
@events = events
+ @log_writer = events
@check, @notify = nil
@status = :stop
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/state_file.rb new/lib/puma/state_file.rb
--- old/lib/puma/state_file.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/state_file.rb 1980-01-01 01:00:00.000000000 +0100
@@ -50,6 +50,7 @@
v = v.strip
@options[k] =
case v
+ when '' then nil
when /\A\d+\z/ then v.to_i
when /\A\d+\.\d+\z/ then v.to_f
else v.gsub(/\A"|"\z/, '')
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lib/puma/util.rb new/lib/puma/util.rb
--- old/lib/puma/util.rb 1980-01-01 01:00:00.000000000 +0100
+++ new/lib/puma/util.rb 1980-01-01 01:00:00.000000000 +0100
@@ -17,18 +17,27 @@
Thread.current.purge_interrupt_queue if Thread.current.respond_to?
:purge_interrupt_queue
end
- # Unescapes a URI escaped string with +encoding+. +encoding+ will be the
- # target encoding of the string returned, and it defaults to UTF-8
+ # Escapes and unescapes a URI escaped string with
+ # +encoding+. +encoding+ will be the target encoding of the string
+ # returned, and it defaults to UTF-8
if defined?(::Encoding)
+ def escape(s, encoding = Encoding::UTF_8)
+ URI.encode_www_form_component(s, encoding)
+ end
+
def unescape(s, encoding = Encoding::UTF_8)
URI.decode_www_form_component(s, encoding)
end
else
+ def escape(s, encoding = nil)
+ URI.encode_www_form_component(s, encoding)
+ end
+
def unescape(s, encoding = nil)
URI.decode_www_form_component(s, encoding)
end
end
- module_function :unescape
+ module_function :unescape, :escape
# @version 5.0.0
def nakayoshi_gc(events)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/metadata new/metadata
--- old/metadata 1980-01-01 01:00:00.000000000 +0100
+++ new/metadata 1980-01-01 01:00:00.000000000 +0100
@@ -1,7 +1,7 @@
--- !ruby/object:Gem::Specification
name: puma
version: !ruby/object:Gem::Version
- version: 5.6.4
+ version: 5.6.5
platform: ruby
authors:
- Evan Phoenix
