iodine 0.7.45 → 0.7.46

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 33f22236ecbf1c2166c056476bbefb6ab80b709cdb6cc16c0ec144926cf3fdc0
4
- data.tar.gz: 6b0c70cc71431eb3611d34af45c80f679c0177141843a5e03b1cdb6b242d4f19
3
+ metadata.gz: 0a2b1c5f8f5b6ec1d2259cf33e2cde27e3811a2df5715fa3463891062db2c9ae
4
+ data.tar.gz: 8b1140297cdbf2501ab145712b5cccce06beb1d7350d0d4d7176e86053d5255a
5
5
  SHA512:
6
- metadata.gz: 3506324c77f3de50b9dda515922c3468bbb49c63cd58831d2f7711e02b28209ba7fb5d15e076e860092be4d783cf595fd69b2483bf7ee59b873040005468161f
7
- data.tar.gz: 7c4b0ffb76c749c11f18d66faaad5494e6ab7c675b0d887721de3c7494a7b764886bb8b7b4f5fc369e606e0f3b2e30172818dae27faa4c3cfffa73d094012cf9
6
+ metadata.gz: 96ce75b3a7ef9548e33e73438b4aaf785a41594b4dec4a214081699c556c60512a54a231748de3f1478f622cb540fd67d3afd6bb87cc1bc38ee32471ab4ce016
7
+ data.tar.gz: 40d9d0e4499fd59e7e25f37f300c246c4f9d645246c31a4af7b28f622699a8c12861e0a884ecfd1274451e0a24f5b28be212748286023ff75e6ceb406b6031db
data/CHANGELOG.md CHANGED
@@ -6,6 +6,10 @@ Please notice that this change log contains changes for upcoming releases as wel
6
6
 
7
7
  ## Changes:
8
8
 
9
+ #### Change log v.0.7.46 (2022-05-06)
10
+
11
+ **Fix**: Fixes the (erroneous) default insertion of the `last-modified` header in order to both better express the intent of RFC 2616 and prevent conflict with the `Rack::ETag` middleware. Credit to @raxoft (Patrik Rak) for opening issue #122.
12
+
9
13
  #### Change log v.0.7.45 (2021-11-26)
10
14
 
11
15
  **Security**: Fixes a number of issues with the HTTP parser that could have been leveraged in potential exploit attempts such as request smuggling. Credit to @dcepelik (David Čepelík).
data/examples/etag.ru ADDED
@@ -0,0 +1,16 @@
1
+ # This example uses Rack::ETag to allow for response caching.
2
+
3
+ require 'rack'
4
+ require 'iodine'
5
+
6
+ App = Proc.new do |env|
7
+ [200,
8
+ { "Content-Type" => "text/html".freeze,
9
+ "Content-Length" => "16".freeze },
10
+ ['Hello from Rack!'.freeze] ]
11
+ end
12
+
13
+ use Rack::ConditionalGet
14
+ use Rack::ETag, 'public'
15
+
16
+ run App
data/ext/iodine/http.c CHANGED
@@ -92,14 +92,12 @@ static inline void add_date(http_s *r) {
92
92
  static uint64_t date_hash = 0;
93
93
  if (!date_hash)
94
94
  date_hash = fiobj_hash_string("date", 4);
95
- static uint64_t mod_hash = 0;
96
- if (!mod_hash)
97
- mod_hash = fiobj_hash_string("last-modified", 13);
98
95
 
99
96
  if (fio_last_tick().tv_sec > last_date_added) {
100
97
  fio_lock(&date_lock);
101
98
  if (fio_last_tick().tv_sec > last_date_added) { /* retest inside lock */
102
- /* 32 chars are ok for a while, but http_time2str below has a buffer sized 48 chars and does a memcpy ... */
99
+ /* 32 chars are ok for a while, but http_time2str below has a buffer sized
100
+ * 48 chars and does a memcpy ... */
103
101
  FIOBJ tmp = fiobj_str_buf(32);
104
102
  FIOBJ old = current_date;
105
103
  fiobj_str_resize(
@@ -115,11 +113,6 @@ static inline void add_date(http_s *r) {
115
113
  fiobj_hash_set(r->private_data.out_headers, HTTP_HEADER_DATE,
116
114
  fiobj_dup(current_date));
117
115
  }
118
- if (r->status_str == FIOBJ_INVALID &&
119
- !fiobj_hash_get2(r->private_data.out_headers, mod_hash)) {
120
- fiobj_hash_set(r->private_data.out_headers, HTTP_HEADER_LAST_MODIFIED,
121
- fiobj_dup(current_date));
122
- }
123
116
  }
124
117
 
125
118
  struct header_writer_s {
@@ -2355,7 +2348,7 @@ static void init_cached_key_ptr(void) {
2355
2348
  time_t *cached_tick = malloc(sizeof(time_t));
2356
2349
  FIO_ASSERT_ALLOC(cached_tick);
2357
2350
  memset(cached_tick, 0, sizeof(time_t));
2358
- char *cached_httpdate = malloc(sizeof(char)*48);
2351
+ char *cached_httpdate = malloc(sizeof(char) * 48);
2359
2352
  FIO_ASSERT_ALLOC(cached_tick);
2360
2353
  memset(cached_httpdate, 0, 48);
2361
2354
  size_t *cached_len = malloc(sizeof(size_t));
@@ -2401,28 +2394,24 @@ size_t http_time2str(char *target, const time_t t) {
2401
2394
 
2402
2395
  /* Credit to Jonathan Leffler for the idea of a unified conditional */
2403
2396
  #define hex_val(c) \
2404
- (((c) >= '0' && (c) <= '9') \
2405
- ? ((c)-48) \
2406
- : (((c) >= 'a' && (c) <= 'f') || ((c) >= 'A' && (c) <= 'F')) \
2407
- ? (((c) | 32) - 87) \
2408
- : ({ \
2409
- return -1; \
2410
- 0; \
2411
- }))
2397
+ (((c) >= '0' && (c) <= '9') ? ((c)-48) \
2398
+ : (((c) | 32) >= 'a' && ((c) | 32) <= 'f') ? (((c) | 32) - 87) \
2399
+ : ({ \
2400
+ return -1; \
2401
+ 0; \
2402
+ }))
2412
2403
  static inline int hex2byte(uint8_t *dest, const uint8_t *source) {
2413
2404
  if (source[0] >= '0' && source[0] <= '9')
2414
2405
  *dest = (source[0] - '0');
2415
- else if ((source[0] >= 'a' && source[0] <= 'f') ||
2416
- (source[0] >= 'A' && source[0] <= 'F'))
2417
- *dest = (source[0] | 32) - 87;
2406
+ else if ((source[0] | 32) >= 'a' && (source[0] | 32) <= 'f')
2407
+ *dest = (source[0] | 32) - ('a' - 10);
2418
2408
  else
2419
2409
  return -1;
2420
2410
  *dest <<= 4;
2421
2411
  if (source[1] >= '0' && source[1] <= '9')
2422
2412
  *dest |= (source[1] - '0');
2423
- else if ((source[1] >= 'a' && source[1] <= 'f') ||
2424
- (source[1] >= 'A' && source[1] <= 'F'))
2425
- *dest |= (source[1] | 32) - 87;
2413
+ else if ((source[1] | 32) >= 'a' && (source[1] | 32) <= 'f')
2414
+ *dest |= (source[1] | 32) - ('a' - 10);
2426
2415
  else
2427
2416
  return -1;
2428
2417
  return 0;
@@ -2561,9 +2550,7 @@ FIOBJ http_mimetype_find(char *file_ext, size_t file_ext_len) {
2561
2550
 
2562
2551
  static pthread_key_t buffer_key;
2563
2552
  static pthread_once_t buffer_once = PTHREAD_ONCE_INIT;
2564
- static void init_buffer_key(void) {
2565
- pthread_key_create(&buffer_key, free);
2566
- }
2553
+ static void init_buffer_key(void) { pthread_key_create(&buffer_key, free); }
2567
2554
  static void init_buffer_ptr(void) {
2568
2555
  char *buffer = malloc(sizeof(char) * (LONGEST_FILE_EXTENSION_LENGTH + 1));
2569
2556
  FIO_ASSERT_ALLOC(buffer);
@@ -72,11 +72,7 @@ static rb_encoding *IodineBinaryEncoding;
72
72
 
73
73
  inline static http_s *get_handle(VALUE obj) {
74
74
  VALUE i = rb_ivar_get(obj, iodine_fd_var_id);
75
- #ifdef __MINGW32__
76
75
  return (http_s *)NUM2ULL(i);
77
- #else
78
- return (http_s *)FIX2ULONG(i);
79
- #endif
80
76
  }
81
77
 
82
78
  /* *****************************************************************************
@@ -85,11 +81,7 @@ IO API
85
81
 
86
82
  static inline FIOBJ get_data(VALUE self) {
87
83
  VALUE i = rb_ivar_get(self, io_id);
88
- #ifdef __MINGW32__
89
84
  return (FIOBJ)NUM2ULL(i);
90
- #else
91
- return (FIOBJ)FIX2ULONG(i);
92
- #endif
93
85
  }
94
86
 
95
87
  static VALUE rio_rewind(VALUE self) {
@@ -1,3 +1,3 @@
1
1
  module Iodine
2
- VERSION = '0.7.45'.freeze
2
+ VERSION = '0.7.46'.freeze
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: iodine
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.45
4
+ version: 0.7.46
5
5
  platform: ruby
6
6
  authors:
7
7
  - Boaz Segev
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2021-11-26 00:00:00.000000000 Z
11
+ date: 2022-05-07 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -145,6 +145,7 @@ files:
145
145
  - examples/async_task.ru
146
146
  - examples/config.ru
147
147
  - examples/echo.ru
148
+ - examples/etag.ru
148
149
  - examples/hello.ru
149
150
  - examples/pubsub_engine.ru
150
151
  - examples/redis.ru
@@ -244,7 +245,7 @@ licenses:
244
245
  metadata:
245
246
  allowed_push_host: https://rubygems.org
246
247
  post_install_message: |-
247
- Thank you for installing Iodine 0.7.45.
248
+ Thank you for installing Iodine 0.7.46.
248
249
  Remember: if iodine supports your business, it's only fair to give value back (code contributions / donations).
249
250
  rdoc_options: []
250
251
  require_paths:
@@ -267,7 +268,7 @@ requirements:
267
268
  - Ruby >= 2.5.0 recommended.
268
269
  - TLS requires OpenSSL >= 1.1.0.
269
270
  - Or Windows with Ruby >= 3.0.0 build with MingW and MingW as compiler.
270
- rubygems_version: 3.2.3
271
+ rubygems_version: 3.2.32
271
272
  signing_key:
272
273
  specification_version: 4
273
274
  summary: iodine - a fast HTTP / Websocket Server with Pub/Sub support, optimized for