passenger 6.0.17 → 6.0.19

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA1:
3
- metadata.gz: 4745b4abf125d1350bf6ea520477b1d8a1faae26
4
- data.tar.gz: e3fe30496ed0567cd283f3ee96751c6baaa35f00
2
+ SHA256:
3
+ metadata.gz: 4d6c6aa2e5aebe46db8eaac696afa9aab27bc8d54f50bd220e465ab42bcf3791
4
+ data.tar.gz: c57f1e7ba334127a9a8f17c5b7e9ed44758b38ecac0d50b0fa1cb4132382b4db
5
5
  SHA512:
6
- metadata.gz: f561f10cee769f11824a2c8bbd74d35b8305e22906682af51ec68819cc53fbeb27ce6a57fbe7022eff27adb4cd0dded348a2a7d7b3051ce8d11054c66a8e3f16
7
- data.tar.gz: 97198581be7ab01b816beeab4b6e2cbd90182af418410cd298a3290c1ec2c97a1473c1ae63376e362337dd06e33e93e8ee5ba247d9935159dd4cafcaf4fb1211
6
+ metadata.gz: 3c778980e85efdc20b16d636607c4d1ec96684c523ce0a2e8d3a2b0199222412023b18c826bacb6744dedb9035fde1e82c3dc96fe9fdaa453c79c7b86c41746a
7
+ data.tar.gz: 1666e6ae1719c0ccf9a03e9ef05855054f433c7fe68b9c0fbc4b1485db313fc7d30ffe3d26fa6ee11b3420d6a1d85b4f4324cffcb5528512bcd9aaa1cb4cc220
data/CHANGELOG CHANGED
@@ -1,14 +1,62 @@
1
- Release 6.0.17 (Not yet released)
1
+ Release 6.0.19 (Not yet released)
2
+ -------------
3
+ * [Ruby] Fix compatibility with Rack 3 header array. Closses GH-2503.
4
+ * [Ruby] Preserve `SIGPROF` signal handlers. Contributed by Ivo Anjo. Closes GH-2489.
5
+ * [Python] Replaces use of imp module with importlib in Python 3. Contributed by Rongxin Liu. Closes GH-2399 and GH-2501.
6
+ * [Ubuntu] Removes packages for Ubuntu 18.04 "Bionic" (EOL June 2023).
7
+ * [Ubuntu] Adds packages for Ubuntu 23.04 "mantic".
8
+ * Fixed a memory allocation bug in the security update checker.
9
+ * [Debian] Add Debian 12 Bookworm packages. Closes GH-2488.
10
+ * [RPM] Published arm64/aarch64 rpms for EL8 & EL9 (RHEL, Rocky, Alma). Closes GH-2452.
11
+ * [ARM] Publishes prebuilt arm64/aarch64 binaries for Passenger gem installs. Closes GH-2288.
12
+ * [ARM] Fixes a regression in Passenger 6.0.7 where strict-aliasing archs (notably: aarch64 aka ARM64) builds of Passenger were always building for big-endian archs. Closes GH-2451 and GH-2419.
13
+ * Updated various library versions used in precompiled binaries (used for e.g. gem installs):
14
+ - ccache: 4.6.3 -> 4.8.3
15
+ - cmake: 3.26.4 -> 3.27.7
16
+ - curl: 8.1.2 -> 8.4.0
17
+ - git: 2.41.0 -> 2.42.0
18
+ - gnupg: 2.4.2 -> 2.4.3
19
+ - libassuan: 2.5.5 -> 2.5.6
20
+ - libksba: 1.6.3 -> 1.6.4
21
+ - openssl: 3.1.1 -> 3.1.4
22
+ - rubygems: 3.4.13 -> 3.4.21
23
+ - zlib: 1.2.13 -> 1.3
24
+
25
+
26
+ Release 6.0.18
27
+ -------------
28
+ * Adds Ubuntu 23.04 "Lunar" packages, removes Ubuntu 22.10 "Kinetic" packages.
29
+ * Removes packages for Debian 9 "Stretch" (EOL June 2022).
30
+ * [RPM] Changes to building Nginx module packages for the latest supported Nginx module stream instead of the default.
31
+ * [Ruby] Makes Passenger more resilient to invalid byte sequences when loading the Ruby native extension. Contributed by Drew Wells.
32
+ * [Ruby] Add an `unhandled_exception_before_exit` event callback. Contributed by James Tomson.
33
+ * [Nginx] Upgrades preferred Nginx to 1.24.0 from 1.22.1.
34
+ * Updated various library versions used in precompiled binaries (used for e.g. gem installs):
35
+ - cmake: 3.25.1 -> 3.26.4
36
+ - curl: 7.87.0 -> 8.1.2
37
+ - git: 2.39.0 -> 2.41.0
38
+ - gnupg: 2.4.0 -> 2.4.2
39
+ - libgcrypt: 1.10.1 -> 1.10.2
40
+ - libgpg_error: 1.46 -> 1.47
41
+ - openssl: 3.0.7 -> 3.1.1
42
+ - rubygems: 3.4.3 -> 3.4.13
43
+ - zstd: 1.5.2 -> 1.5.5
44
+ - rubies:
45
+ - 2.7.7 -> 2.7.8
46
+ - 3.0.5 -> 3.0.6
47
+ - 3.1.3 -> 3.1.4
48
+ - 3.2.0 -> 3.2.2
49
+
50
+
51
+ Release 6.0.17
2
52
  -------------
3
53
  * [Enterprise] The `debug` gem is now supported for debugging on Ruby 3.1.
4
54
  * Removed use of deprecated 'File.exists?' method for Ruby 3.2.0.
5
55
  * Upgrades Boost to 1.81.
6
56
  * Upgrades preferred Nginx to 1.22.1 from 1.20.2.
7
57
  * Changes minimum supported macOS version to 10.14 Mojave.
8
- * Adds support for arm (aarch64) rpm packages.
9
58
  * Adds support for a `PASSENGER_MAX_LOG_LINE_LENGTH_BYTES` environment variable. The default length remains at 8KB. Closes GH-2413.
10
59
  * Updated various library versions used in precompiled binaries (used for e.g. gem installs):
11
- - ccache: 4.6.3 → 4.7.4
12
60
  - curl: 7.86.0 → 7.87.0
13
61
  - git: 2.38.1 → 2.39.0
14
62
  - gnupg: 2.3.8 → 2.4.0
@@ -25,7 +73,6 @@ Release 6.0.16
25
73
  * Adds systemd private tmpdir workaround on Ubuntu/Debian. Closes GH-2397.
26
74
  * Downgrade jsoncpp to 1.8.1 from 1.9.5 to fix invalid json generation bug. Closes GH-2445.
27
75
  * Updated various library versions used in precompiled binaries (used for e.g. gem installs):
28
- - ccache: 4.6.3 → 4.7.4
29
76
  - cmake: 3.24.2 → 3.25.1
30
77
  - curl: 7.85.0 → 7.86.0
31
78
  - git 2.37.3 → 2.38.1
data/CONTRIBUTORS CHANGED
@@ -30,6 +30,7 @@ David Sissitka
30
30
  Dirk Mueller
31
31
  Dmitry Galinsky
32
32
  dr.dimitru
33
+ drew-wells
33
34
  Dylan Vaughn
34
35
  Eric Covener
35
36
  Erik Ogan
@@ -47,11 +48,13 @@ Ian Kottman
47
48
  Igor Vuk
48
49
  isaac
49
50
  Isaac Reuben
51
+ Ivo Anjo
50
52
  J Smith
51
53
  J.W. Koelewijn
52
54
  Jacob Elder
53
55
  Jacob Harris
54
56
  James Miller
57
+ James Tomson
55
58
  Jan Berkel
56
59
  Janko Marohnić
57
60
  Jason Cannon
@@ -103,6 +106,7 @@ Rob Paisley
103
106
  Robin Bowes
104
107
  Romain Tartière
105
108
  ROMB
109
+ Rongxin Liu
106
110
  Ruslan Ermilov (NGINX Inc)
107
111
  Ryan Schwartz
108
112
  Ryo Onodera
data/build/test_basics.rb CHANGED
@@ -62,9 +62,13 @@ task 'test:install_deps' do
62
62
  end
63
63
 
64
64
  if install_base_deps
65
- sh "bundle install #{bundle_args} --without="
65
+ if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('3.0.0') || RUBY_PLATFORM =~ /darwin/
66
+ sh "bundle install #{bundle_args} --without="
67
+ else
68
+ sh "bundle install #{bundle_args} --without future"
69
+ end
66
70
  else
67
- sh "bundle install #{bundle_args} --without base"
71
+ sh "bundle install #{bundle_args} --without base future"
68
72
  end
69
73
 
70
74
  if boolean_option('NODE_MODULES', default)
@@ -24,56 +24,56 @@
24
24
  # THE SOFTWARE.
25
25
 
26
26
  ESSENTIALS = [
27
- "boost/detail/{limits,endian}.hpp",
28
- "boost/config*",
29
- "boost/mpl",
30
- "boost/preprocessor/stringize.hpp",
31
- "boost/smart_ptr/detail/sp_counted_*",
32
- "boost/smart_ptr/detail/atomic_count*",
33
- "boost/smart_ptr/detail/spinlock*",
27
+ "boost/*regex*",
28
+ "boost/algorithm/string",
29
+ "boost/asio*",
34
30
  "boost/atomic",
35
- "boost/pool",
36
- "boost/unordered*",
37
- "boost/thread",
38
- "boost/intrusive",
31
+ "boost/bind",
32
+ "boost/chrono*",
33
+ "boost/config*",
39
34
  "boost/container",
40
- "boost/predef",
41
- "boost/move",
42
35
  "boost/core",
43
- "boost/bind",
36
+ "boost/cstdint.hpp",
37
+ "boost/date_time",
38
+ "boost/date_time/date_formatting_limited.hpp",
39
+ "boost/date_time/gregorian/formatters_limited.hpp",
40
+ "boost/detail/fenv.hpp",
41
+ "boost/detail/reference_content.hpp",
42
+ "boost/foreach.hpp",
44
43
  "boost/function",
45
- "boost/ratio*",
46
44
  "boost/integer*",
47
- "boost/chrono*",
48
- "boost/random*",
49
- "boost/asio*",
50
- "boost/optional.hpp",
45
+ "boost/intrusive",
46
+ "boost/move",
47
+ "boost/mpl",
48
+ "boost/non_type.hpp",
49
+ "boost/none*",
51
50
  "boost/optional",
52
- "boost/utility",
53
- "libs/thread/src",
54
- "libs/system/src",
55
- "libs/regex/src",
56
- "libs/chrono/src",
57
- "libs/random/src",
58
- "boost/preprocessor",
51
+ "boost/optional.hpp",
59
52
  "boost/parameter",
60
- "boost/date_time/gregorian/formatters_limited.hpp",
61
- "boost/date_time/date_formatting_limited.hpp",
62
- "boost/type_traits/make_signed.hpp",
53
+ "boost/pool",
54
+ "boost/predef",
55
+ "boost/predef/other/endian.h",
56
+ "boost/preprocessor",
57
+ "boost/preprocessor/stringize.hpp",
58
+ "boost/random*",
59
+ "boost/ratio*",
60
+ "boost/smart_ptr/detail/atomic_count*",
61
+ "boost/smart_ptr/detail/sp_counted_*",
62
+ "boost/smart_ptr/detail/spinlock*",
63
+ "boost/system/config.hpp",
64
+ "boost/system/detail/error_code.ipp",
65
+ "boost/thread",
66
+ "boost/type_traits",
63
67
  "boost/type_traits/detail/*",
68
+ "boost/type_traits/make_signed.hpp",
64
69
  "boost/typeof",
65
- "boost/date_time",
66
- "boost/type_traits",
67
- "boost/cstdint.hpp",
68
- "boost/*regex*",
69
- "boost/non_type.hpp",
70
- "boost/detail/fenv.hpp",
71
- "boost/foreach.hpp",
72
- "boost/none*",
73
- "boost/system/detail/error_code.ipp",
74
- "boost/system/config.hpp",
75
- "boost/detail/reference_content.hpp",
76
- "boost/algorithm/string"
70
+ "boost/unordered*",
71
+ "boost/utility",
72
+ "libs/chrono/src",
73
+ "libs/random/src",
74
+ "libs/regex/src",
75
+ "libs/system/src",
76
+ "libs/thread/src",
77
77
  ]
78
78
  EXCLUDE = [
79
79
  "libs/thread/src/win32/*",
@@ -87,43 +87,59 @@ EXCLUDE = [
87
87
  "boost/asio/detail/impl/win*"
88
88
  ]
89
89
  PROGRAM_SOURCE = %q{
90
- #include <boost/shared_ptr.hpp>
91
- #include <boost/shared_array.hpp>
92
- #include <boost/weak_ptr.hpp>
93
- #include <boost/make_shared.hpp>
94
- #include <boost/enable_shared_from_this.hpp>
95
- #include <boost/intrusive_ptr.hpp>
96
- #include <boost/smart_ptr/intrusive_ref_counter.hpp>
97
- #include <boost/thread.hpp>
98
- #include <boost/noncopyable.hpp>
99
- #include <boost/function.hpp>
100
- #include <boost/bind/bind.hpp>
101
- #include <boost/container/vector.hpp>
102
- #include <boost/date_time/posix_time/posix_time.hpp>
103
- #include <boost/foreach.hpp>
104
- #include <boost/unordered_map.hpp>
105
- #include <boost/regex.hpp>
106
- #include <boost/pool/object_pool.hpp>
107
- #include <boost/move/core.hpp>
108
- #include <boost/move/utility.hpp>
90
+ #include <boost/aligned_storage.hpp>
91
+ #include <boost/asio.hpp>
92
+ #include <boost/asio/ssl.hpp>
93
+ #include <boost/asio/steady_timer.hpp>
109
94
  #include <boost/atomic.hpp>
110
- #include <boost/typeof/typeof.hpp>
95
+ #include <boost/bind/bind.hpp>
96
+ #include <boost/chrono.hpp>
111
97
  #include <boost/circular_buffer.hpp>
112
98
  #include <boost/config.hpp>
113
99
  #include <boost/container/small_vector.hpp>
100
+ #include <boost/container/vector.hpp>
114
101
  #include <boost/core/noncopyable.hpp>
115
102
  #include <boost/cstdint.hpp>
116
103
  #include <boost/current_function.hpp>
104
+ #include <boost/date_time/posix_time/posix_time.hpp>
117
105
  #include <boost/date_time/posix_time/posix_time_types.hpp>
106
+ #include <boost/enable_shared_from_this.hpp>
107
+ #include <boost/foreach.hpp>
108
+ #include <boost/function.hpp>
109
+ #include <boost/intrusive_ptr.hpp>
110
+ #include <boost/make_shared.hpp>
111
+ #include <boost/move/core.hpp>
118
112
  #include <boost/move/move.hpp>
113
+ #include <boost/move/utility.hpp>
114
+ #include <boost/noncopyable.hpp>
115
+ #include <boost/nondet_random.hpp>
116
+ #include <boost/pointer_cast.hpp>
117
+ #include <boost/pool/object_pool.hpp>
119
118
  #include <boost/predef.h>
119
+ #include <boost/predef/other/endian.h>
120
+ #include <boost/random/random_device.hpp>
121
+ #include <boost/random/uniform_int_distribution.hpp>
120
122
  #include <boost/ref.hpp>
123
+ #include <boost/regex.hpp>
121
124
  #include <boost/scoped_array.hpp>
122
125
  #include <boost/scoped_ptr.hpp>
126
+ #include <boost/shared_array.hpp>
127
+ #include <boost/shared_ptr.hpp>
128
+ #include <boost/smart_ptr/intrusive_ref_counter.hpp>
123
129
  #include <boost/static_assert.hpp>
130
+ #include <boost/system/error_code.hpp>
131
+ #include <boost/system/system_error.hpp>
132
+ #include <boost/thread.hpp>
133
+ #include <boost/thread/condition_variable.hpp>
124
134
  #include <boost/thread/mutex.hpp>
135
+ #include <boost/thread/once.hpp>
125
136
  #include <boost/thread/tss.hpp>
137
+ #include <boost/typeof/typeof.hpp>
138
+ #include <boost/unordered_map.hpp>
139
+ #include <boost/version.hpp>
140
+ #include <boost/weak_ptr.hpp>
126
141
  // Included despite not used in Passenger
142
+ #include <boost/thread/thread_time.hpp>
127
143
  #include <boost/cregex.hpp>
128
144
  #include <boost/pointer_cast.hpp>
129
145
  #include <boost/asio.hpp>
@@ -165,7 +165,7 @@ using namespace std;
165
165
  * security_update_checker_interval unsigned integer - default(86400)
166
166
  * security_update_checker_proxy_url string - -
167
167
  * security_update_checker_url string - default("https://securitycheck.phusionpassenger.com/v1/check.json")
168
- * server_software string - default("Phusion_Passenger/6.0.17")
168
+ * server_software string - default("Phusion_Passenger/6.0.19")
169
169
  * show_version_in_header boolean - default(true)
170
170
  * single_app_mode_app_root string - default,read_only
171
171
  * single_app_mode_app_start_command string - read_only
@@ -116,7 +116,7 @@ parseControllerBenchmarkMode(const StaticString &mode) {
116
116
  * multi_app boolean - default(true),read_only
117
117
  * request_freelist_limit unsigned integer - default(1024)
118
118
  * response_buffer_high_watermark unsigned integer - default(134217728)
119
- * server_software string - default("Phusion_Passenger/6.0.17")
119
+ * server_software string - default("Phusion_Passenger/6.0.19")
120
120
  * show_version_in_header boolean - default(true)
121
121
  * start_reading_after_accept boolean - default(true)
122
122
  * stat_throttle_rate unsigned integer - default(10)
@@ -322,7 +322,7 @@ private:
322
322
  error.append("url not found: " + sessionState.configRlz.url + " " POSSIBLE_MITM_RESOLUTION);
323
323
  break;
324
324
  case 403:
325
- error.append("connection denied by server " POSSIBLE_MITM_RESOLUTION);
325
+ error.append("request forbidden by server " POSSIBLE_MITM_RESOLUTION);
326
326
  break;
327
327
  case 503:
328
328
  error.append("server temporarily unavailable, try again later");
@@ -646,7 +646,7 @@ public:
646
646
  string data64 = responseJson["data"].asString();
647
647
 
648
648
  signatureChars = (char *)malloc(modp_b64_decode_len(signature64.length()));
649
- dataChars = (char *)malloc(modp_b64_decode_len(data64.length()));
649
+ dataChars = (char *)malloc(modp_b64_decode_len(data64.length()) + 1);
650
650
  if (signatureChars == NULL || dataChars == NULL) {
651
651
  logUpdateFailResponse("out of memory", responseData);
652
652
  break;
@@ -667,14 +667,14 @@ public:
667
667
  int dataLen;
668
668
  dataLen = modp_b64_decode(dataChars, data64.c_str(), data64.length());
669
669
  if (dataLen <= 0) {
670
- logUpdateFailResponse("corrupted data", responseData);
670
+ logUpdateFailResponse("corrupted data", data64.c_str());
671
671
  break;
672
672
  }
673
673
  dataChars[dataLen] = '\0';
674
674
 
675
675
  Json::Value responseDataJson;
676
676
  if (!reader.parse(dataChars, responseDataJson, false)) {
677
- logUpdateFailResponse("unparseable data", responseData);
677
+ logUpdateFailResponse("unparseable data", dataChars);
678
678
  break;
679
679
  }
680
680
  P_DEBUG("data content (signature OK): " << responseDataJson.toStyledString());
@@ -154,7 +154,7 @@ using namespace std;
154
154
  * security_update_checker_interval unsigned integer - default(86400)
155
155
  * security_update_checker_proxy_url string - -
156
156
  * security_update_checker_url string - default("https://securitycheck.phusionpassenger.com/v1/check.json")
157
- * server_software string - default("Phusion_Passenger/6.0.17")
157
+ * server_software string - default("Phusion_Passenger/6.0.19")
158
158
  * setsid boolean - default(false)
159
159
  * show_version_in_header boolean - default(true)
160
160
  * single_app_mode_app_root string - default,read_only
@@ -83,7 +83,7 @@
83
83
  #define PASSENGER_API_VERSION_MAJOR 0
84
84
  #define PASSENGER_API_VERSION_MINOR 3
85
85
  #define PASSENGER_DEFAULT_USER "nobody"
86
- #define PASSENGER_VERSION "6.0.17"
86
+ #define PASSENGER_VERSION "6.0.19"
87
87
  #define POOL_HELPER_THREAD_STACK_SIZE 262144
88
88
  #define PROCESS_SHUTDOWN_TIMEOUT 60
89
89
  #define PROCESS_SHUTDOWN_TIMEOUT_DISPLAY "1 minute"
@@ -89,7 +89,7 @@ size_t modp_b64_decode(char* dest, const char* src, size_t len)
89
89
  case 0:
90
90
  x = d0[y[3]] | d1[y[2]] | d2[y[1]] | d3[y[0]];
91
91
  if (x >= B64_BADCHAR) return -1;
92
- #ifdef BOOST_ENDIAN_BIG_BYTE
92
+ #if BOOST_ENDIAN_BIG_BYTE
93
93
  *p++ = ((modp_uint8_t*)&x)[1];
94
94
  *p++ = ((modp_uint8_t*)&x)[2];
95
95
  *p = ((modp_uint8_t*)&x)[3];
@@ -23,8 +23,12 @@
23
23
  # OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
24
24
  # THE SOFTWARE.
25
25
 
26
- import sys, os, re, imp, threading, signal, traceback, socket, select, struct, logging, errno
26
+ import sys, os, threading, signal, traceback, socket, select, struct, logging, errno
27
27
  import tempfile, json, time
28
+ if sys.version_info[0] >= 3:
29
+ from importlib import util
30
+ else:
31
+ import imp
28
32
 
29
33
  options = {}
30
34
 
@@ -37,7 +41,7 @@ def try_write_file(path, contents):
37
41
  with open(path, 'w') as f:
38
42
  f.write(contents)
39
43
  except IOError as e:
40
- logging.warn('Warning: unable to write to ' + path + ': ' + e.message)
44
+ logging.warn('Warning: unable to write to ' + path + ': ' + e.strerror)
41
45
 
42
46
  def initialize_logging():
43
47
  logging.basicConfig(
@@ -50,18 +54,21 @@ def read_startup_arguments():
50
54
  global options
51
55
 
52
56
  work_dir = os.getenv('PASSENGER_SPAWN_WORK_DIR')
57
+ assert work_dir is not None
53
58
  path = work_dir + '/args.json'
54
59
  with open(path, 'r') as f:
55
60
  options = json.load(f)
56
61
 
57
62
  def record_journey_step_begin(step, state):
58
63
  work_dir = os.getenv('PASSENGER_SPAWN_WORK_DIR')
64
+ assert work_dir is not None
59
65
  step_dir = work_dir + '/response/steps/' + step.lower()
60
66
  try_write_file(step_dir + '/state', state)
61
67
  try_write_file(step_dir + '/begin_time', str(time.time()))
62
68
 
63
69
  def record_journey_step_end(step, state):
64
70
  work_dir = os.getenv('PASSENGER_SPAWN_WORK_DIR')
71
+ assert work_dir is not None
65
72
  step_dir = work_dir + '/response/steps/' + step.lower()
66
73
  try_write_file(step_dir + '/state', state)
67
74
  if not os.path.exists(step_dir + '/begin_time') and not os.path.exists(step_dir + '/begin_time_monotonic'):
@@ -73,7 +80,15 @@ def load_app():
73
80
 
74
81
  sys.path.insert(0, os.getcwd())
75
82
  startup_file = options.get('startup_file', 'passenger_wsgi.py')
76
- return imp.load_source('passenger_wsgi', startup_file)
83
+ if sys.version_info[0] >= 3:
84
+ spec = util.spec_from_file_location("passenger_wsgi", startup_file)
85
+ assert spec is not None
86
+ app_module = util.module_from_spec(spec)
87
+ assert spec.loader is not None
88
+ spec.loader.exec_module(app_module)
89
+ return app_module
90
+ else:
91
+ return imp.load_source('passenger_wsgi', startup_file)
77
92
 
78
93
  def create_server_socket():
79
94
  global options
@@ -88,13 +103,8 @@ def create_server_socket():
88
103
 
89
104
  i = 0
90
105
  while i < 128:
91
- s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
92
- socket_suffix = format(struct.unpack('Q', os.urandom(8))[0], 'x')
93
- filename = socket_dir + '/' + socket_prefix + '.' + socket_suffix
94
- filename = filename[0:UNIX_PATH_MAX]
95
106
  try:
96
- s.bind(filename)
97
- break
107
+ return make_socket(socket_dir, socket_prefix, UNIX_PATH_MAX)
98
108
  except socket.error as e:
99
109
  if e.errno == errno.EADDRINUSE:
100
110
  i += 1
@@ -103,6 +113,12 @@ def create_server_socket():
103
113
  else:
104
114
  raise e
105
115
 
116
+ def make_socket(socket_dir, socket_prefix, UNIX_PATH_MAX):
117
+ s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
118
+ socket_suffix = format(struct.unpack('Q', os.urandom(8))[0], 'x')
119
+ filename = socket_dir + '/' + socket_prefix + '.' + socket_suffix
120
+ filename = filename[0:UNIX_PATH_MAX]
121
+ s.bind(filename)
106
122
  s.listen(1000)
107
123
  return (filename, s)
108
124
 
@@ -130,6 +146,7 @@ def install_signal_handlers():
130
146
 
131
147
  def advertise_sockets(socket_filename):
132
148
  work_dir = os.getenv('PASSENGER_SPAWN_WORK_DIR')
149
+ assert work_dir is not None
133
150
  path = work_dir + '/response/properties.json'
134
151
  doc = {
135
152
  'sockets': [
@@ -147,6 +164,7 @@ def advertise_sockets(socket_filename):
147
164
 
148
165
  def advertise_readiness():
149
166
  work_dir = os.getenv('PASSENGER_SPAWN_WORK_DIR')
167
+ assert work_dir is not None
150
168
  path = work_dir + '/response/finish'
151
169
  with open(path, 'w') as f:
152
170
  f.write('1')
@@ -173,7 +191,6 @@ else:
173
191
  def str_to_bytes(s):
174
192
  return s
175
193
 
176
-
177
194
  class RequestHandler:
178
195
  def __init__(self, server_socket, owner_pipe, app):
179
196
  self.server = server_socket
@@ -194,13 +211,12 @@ class RequestHandler:
194
211
  env, input_stream = self.parse_request(client)
195
212
  if env:
196
213
  if env['REQUEST_METHOD'] == 'ping':
197
- self.process_ping(env, input_stream, client)
214
+ self.process_ping(client)
198
215
  else:
199
216
  socket_hijacked = self.process_request(env, input_stream, client)
200
217
  except KeyboardInterrupt:
201
218
  done = True
202
- except IOError:
203
- e = sys.exc_info()[1]
219
+ except IOError as e:
204
220
  if not getattr(e, 'passenger', False) or e.errno != errno.EPIPE:
205
221
  logging.exception("WSGI application raised an I/O exception!")
206
222
  except Exception:
@@ -298,10 +314,9 @@ class RequestHandler:
298
314
  output_stream.sendall(b'\r\n')
299
315
  if not is_head:
300
316
  output_stream.sendall(str_to_bytes(data))
301
- except IOError:
317
+ except IOError as e:
302
318
  # Mark this exception as coming from the Phusion Passenger
303
319
  # socket and not some other socket.
304
- e = sys.exc_info()[1]
305
320
  setattr(e, 'passenger', True)
306
321
  raise e
307
322
 
@@ -347,7 +362,7 @@ class RequestHandler:
347
362
  result.close()
348
363
  return False
349
364
 
350
- def process_ping(self, env, input_stream, output_stream):
365
+ def process_ping(self, output_stream):
351
366
  output_stream.sendall(b"pong")
352
367
 
353
368
 
@@ -376,7 +391,9 @@ if __name__ == "__main__":
376
391
 
377
392
  record_journey_step_begin('SUBPROCESS_LISTEN', 'STEP_IN_PROGRESS')
378
393
  try:
379
- socket_filename, server_socket = create_server_socket()
394
+ tuple = create_server_socket()
395
+ assert tuple is not None
396
+ socket_filename, server_socket = tuple
380
397
  install_signal_handlers()
381
398
  handler = RequestHandler(server_socket, sys.stdin, app_module.application)
382
399
  advertise_sockets(socket_filename)
@@ -427,10 +427,12 @@ module PhusionPassenger
427
427
  require(name_or_filename)
428
428
  return defined?(PhusionPassenger::NativeSupport)
429
429
  rescue LoadError => e
430
- if e.to_s =~ /dlopen/
430
+ s = e.to_s
431
+ s = s.encode("US-ASCII", :invalid => :replace) if s.respond_to?(:encode)
432
+ if s =~ /dlopen/
431
433
  # Print dlopen failures. We're not interested in any other
432
434
  # kinds of failures, such as file-not-found.
433
- puts e.to_s.gsub(/^/, " ")
435
+ puts s.gsub(/^/, " ")
434
436
  end
435
437
  return false
436
438
  end
@@ -30,6 +30,7 @@ module PhusionPassenger
30
30
  @@event_credentials = []
31
31
  @@event_after_installing_signal_handlers = []
32
32
  @@event_oob_work = []
33
+ @@event_unhandled_exception_before_exit = []
33
34
  @@advertised_concurrency_level = nil
34
35
 
35
36
  def on_event(name, &block)
@@ -69,6 +70,8 @@ module PhusionPassenger
69
70
  @@event_after_installing_signal_handlers
70
71
  when :oob_work
71
72
  @@event_oob_work
73
+ when :unhandled_exception_before_exit
74
+ @@event_unhandled_exception_before_exit
72
75
  else
73
76
  raise ArgumentError, "Unknown event name '#{name}'"
74
77
  end
@@ -41,7 +41,7 @@ module PhusionPassenger
41
41
  module ThreadHandlerExtension
42
42
  # Constants which exist to relieve Ruby's garbage collector.
43
43
  RACK_VERSION = "rack.version" # :nodoc:
44
- RACK_VERSION_VALUE = [1, 2] # :nodoc:
44
+ RACK_VERSION_VALUE = [1, 3] # :nodoc:
45
45
  RACK_INPUT = "rack.input" # :nodoc:
46
46
  RACK_ERRORS = "rack.errors" # :nodoc:
47
47
  RACK_MULTITHREAD = "rack.multithread" # :nodoc:
@@ -349,6 +349,8 @@ module PhusionPassenger
349
349
  headers.each do |key, values|
350
350
  if values.is_a?(String)
351
351
  values = values.split(NEWLINE)
352
+ elsif values.is_a?(Array)
353
+ # values already array
352
354
  elsif key == RACK_HIJACK
353
355
  # We do not check for this key name in every loop
354
356
  # iteration as an optimization.
@@ -147,6 +147,11 @@ module Signal
147
147
  result.delete("KILL")
148
148
  result.delete("EXIT")
149
149
 
150
+ # Profilers such as ddtrace and stackprof use this signal, so removing the
151
+ # the handler causes the Ruby process to crash when profilers are operating.
152
+ # See https://github.com/phusion/passenger/issues/2489 for details.
153
+ result.delete("PROF")
154
+
150
155
  return result
151
156
  end
152
157
  end
@@ -115,6 +115,7 @@ module PhusionPassenger
115
115
  raise
116
116
  rescue Exception => e
117
117
  print_exception(nil, e)
118
+ PhusionPassenger.call_event(:unhandled_exception_before_exit, e)
118
119
  exit(1)
119
120
  end
120
121
  end
@@ -31,16 +31,16 @@ module PhusionPassenger
31
31
 
32
32
  PACKAGE_NAME = 'passenger'
33
33
  # Run 'rake src/cxx_supportlib/Constants.h configkit_schemas_inline_comments' after changing this number.
34
- VERSION_STRING = '6.0.17'
34
+ VERSION_STRING = '6.0.19'
35
35
 
36
36
  # Tip: find the SHA-256 with ./dev/nginx_version_sha2 <VERSION>
37
- PREFERRED_NGINX_VERSION = '1.22.1'
38
- NGINX_SHA256_CHECKSUM = '9ebb333a9e82b952acd3e2b4aeb1d4ff6406f72491bab6cd9fe69f0dea737f31'
37
+ PREFERRED_NGINX_VERSION = '1.24.0'
38
+ NGINX_SHA256_CHECKSUM = '77a2541637b92a621e3ee76776c8b7b40cf6d707e69ba53a940283e30ff2f55d'
39
39
 
40
40
  # Packaging may be locked to an older version due to the specific module configuration being
41
41
  # incompatible with the version we prefer (latest stable).
42
- PACKAGING_PREFERRED_NGINX_VERSION = '1.22.1'
43
- PACKAGING_NGINX_SHA256_CHECKSUM = '9ebb333a9e82b952acd3e2b4aeb1d4ff6406f72491bab6cd9fe69f0dea737f31'
42
+ PACKAGING_PREFERRED_NGINX_VERSION = '1.24.0'
43
+ PACKAGING_NGINX_SHA256_CHECKSUM = '77a2541637b92a621e3ee76776c8b7b40cf6d707e69ba53a940283e30ff2f55d'
44
44
 
45
45
  # sha256sum of the .tar.gz
46
46
  PREFERRED_PCRE_VERSION = '8.45'
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: passenger
3
3
  version: !ruby/object:Gem::Version
4
- version: 6.0.17
4
+ version: 6.0.19
5
5
  platform: ruby
6
6
  authors:
7
7
  - Phusion - http://www.phusion.nl/
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2023-01-23 00:00:00.000000000 Z
11
+ date: 2023-11-17 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: rake
@@ -5068,8 +5068,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
5068
5068
  - !ruby/object:Gem::Version
5069
5069
  version: '0'
5070
5070
  requirements: []
5071
- rubyforge_project:
5072
- rubygems_version: 2.6.11
5071
+ rubygems_version: 3.2.33
5073
5072
  signing_key:
5074
5073
  specification_version: 4
5075
5074
  summary: A fast and robust web server and application server for Ruby, Python and