puma 2.11.2-java → 2.11.3-java

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of puma might be problematic. Click here for more details.

checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 15fb0c13c7ff16a253d52f54be4cde349a4418c5
4
- data.tar.gz: 2f670fd800ed5501af6d56d5d171e17b7df80871
3
+ metadata.gz: e374ffc305668db0b5e3e15fb92fd5993291e94c
4
+ data.tar.gz: dfb56a5df12d2240fd3396e89f1f0f6573b4c508
5
5
  SHA512:
6
- metadata.gz: b88621bba0fbc57e41036435b2b4f1b4b1bf836be3972ea0dde15d7986c2113a2715e5df5544019e2ead18f3cc509a99cb0b7822425451395c9c0265acf042c8
7
- data.tar.gz: 6f5bb06ac5e03f9a93927b5d4e8a250e6735b5c02f3967ae1f5a173dae6f0b8e8c7ae1be19f92000025007e94446e1d02c4d26fd5b1bd2d4110178652b24643f
6
+ metadata.gz: a097451e0ea3b31e06ec2f00b6edc399f7869debd248b6ba86ad49682d900cbf95d8588bd9d44748b23186b4e40e976f7c83294d9012bae8da658a1ce1a69e65
7
+ data.tar.gz: a7effe422700a125f982733760aa28e0110f0cecc367d015d8385a19f3dd7803416579c32251b06c0143e676a7e950dfbf765448eb9dadc6d3b7a20c4bd7cb87
@@ -1,3 +1,14 @@
1
+ === 2.11.3 / 2015-05-18
2
+
3
+ * 5 bug fixes:
4
+ * Be sure to unlink tempfiles after a request. Fixes #690
5
+ * Coerce the key to a string before checking. (thar be symbols). Fixes #684
6
+ * Fix hang on bad SSL handshake
7
+ * Remove `enable_SSLv3` support from JRuby
8
+
9
+ * 1 PR merged:
10
+ * Merge pull request #698 from looker/hang-handshake
11
+
1
12
  === 2.11.2 / 2015-04-11
2
13
 
3
14
  * 2 minor features:
@@ -483,7 +494,7 @@ RailsConf 2013 edition!
483
494
  * Close the binder in the right place. Fixes #192
484
495
  * Handle early term in workers. Fixes #206
485
496
  * Make sure that the default port is 80 when the request doesn't include HTTP_X_FORWARDED_PROTO.
486
- * Prevent Errno::EBADF errors on restart when running ruby 2.0
497
+ * Prevent Errno::EBADF errors on restart when running ruby 2.0
487
498
  * Record the proper @master_pid
488
499
  * Respect the header HTTP_X_FORWARDED_PROTO when the host doesn't include a port number.
489
500
  * Retry EAGAIN/EWOULDBLOCK during syswrite
@@ -161,7 +161,7 @@ void raise_error(SSL* ssl, int result) {
161
161
  VALUE engine_read(VALUE self) {
162
162
  ms_conn* conn;
163
163
  char buf[512];
164
- int bytes, n;
164
+ int bytes, n, error;
165
165
 
166
166
  Data_Get_Struct(self, ms_conn, conn);
167
167
 
@@ -173,7 +173,8 @@ VALUE engine_read(VALUE self) {
173
173
 
174
174
  if(SSL_want_read(conn->ssl)) return Qnil;
175
175
 
176
- if(SSL_get_error(conn->ssl, bytes) == SSL_ERROR_ZERO_RETURN) {
176
+ error = SSL_get_error(conn->ssl, bytes);
177
+ if(error == SSL_ERROR_ZERO_RETURN || error == SSL_ERROR_SSL) {
177
178
  rb_eof_error();
178
179
  }
179
180
 
@@ -153,13 +153,7 @@ public class MiniSSL extends RubyObject {
153
153
  sslCtx.init(kmf.getKeyManagers(), null, null);
154
154
  engine = sslCtx.createSSLEngine();
155
155
 
156
- IRubyObject enableSSLv3 = miniSSLContext.callMethod(threadContext, "enable_SSLv3");
157
- String[] protocols;
158
- if (enableSSLv3 instanceof RubyBoolean && enableSSLv3.isTrue()) {
159
- protocols = new String[] { "SSLv2Hello", "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2" };
160
- } else {
161
- protocols = new String[] { "TLSv1", "TLSv1.1", "TLSv1.2" };
162
- }
156
+ String[] protocols = new String[] { "TLSv1", "TLSv1.1", "TLSv1.2" };
163
157
  engine.setEnabledProtocols(protocols);
164
158
  engine.setUseClientMode(false);
165
159
 
@@ -308,8 +302,10 @@ public class MiniSSL extends RubyObject {
308
302
  log("read(): end dump of request data <<<<\n");
309
303
  return str;
310
304
  } catch (Exception e) {
311
- e.printStackTrace();
312
- throw new RuntimeException(e);
305
+ if (DEBUG) {
306
+ e.printStackTrace();
307
+ }
308
+ throw getRuntime().newEOFError(e.getMessage());
313
309
  }
314
310
  }
315
311
 
@@ -39,6 +39,7 @@ module Puma
39
39
 
40
40
  @body = nil
41
41
  @buffer = nil
42
+ @tempfile = nil
42
43
 
43
44
  @timeout_at = nil
44
45
 
@@ -46,7 +47,8 @@ module Puma
46
47
  @hijacked = false
47
48
  end
48
49
 
49
- attr_reader :env, :to_io, :body, :io, :timeout_at, :ready, :hijacked
50
+ attr_reader :env, :to_io, :body, :io, :timeout_at, :ready, :hijacked,
51
+ :tempfile
50
52
 
51
53
  def inspect
52
54
  "#<Puma::Client:0x#{object_id.to_s(16)} @ready=#{@ready.inspect}>"
@@ -72,6 +74,7 @@ module Puma
72
74
  @read_header = true
73
75
  @env = @proto_env.dup
74
76
  @body = nil
77
+ @tempfile = nil
75
78
  @parsed_bytes = 0
76
79
  @ready = false
77
80
 
@@ -129,6 +132,7 @@ module Puma
129
132
  if remain > MAX_BODY
130
133
  @body = Tempfile.new(Const::PUMA_TMP_BASE)
131
134
  @body.binmode
135
+ @tempfile = @body
132
136
  else
133
137
  # The body[0,0] trick is to get an empty string in the same
134
138
  # encoding as body.
@@ -103,7 +103,7 @@ module Puma
103
103
  @options.merge!(rack_options)
104
104
 
105
105
  config_ru_binds = rack_options.each_with_object([]) do |(k, v), b|
106
- b << v if k.start_with?('bind')
106
+ b << v if k.to_s[0,4] == "bind"
107
107
  end
108
108
  @options[:binds] = config_ru_binds unless config_ru_binds.empty?
109
109
 
@@ -28,7 +28,7 @@ module Puma
28
28
  # too taxing on performance.
29
29
  module Const
30
30
 
31
- PUMA_VERSION = VERSION = "2.11.2".freeze
31
+ PUMA_VERSION = VERSION = "2.11.3".freeze
32
32
  CODE_NAME = "Intrepid Squirrel".freeze
33
33
 
34
34
  FAST_TRACK_KA_TIMEOUT = 0.2
@@ -95,11 +95,6 @@ module Puma
95
95
  # jruby-specific Context properties: java uses a keystore and password pair rather than a cert/key pair
96
96
  attr_reader :keystore
97
97
  attr_accessor :keystore_pass
98
- attr_accessor :enable_SSLv3
99
-
100
- def initialize
101
- @enable_SSLv3 = false
102
- end
103
98
 
104
99
  def keystore=(keystore)
105
100
  raise ArgumentError, "No such keystore file '#{keystore}'" unless File.exist? keystore
Binary file
@@ -656,6 +656,7 @@ module Puma
656
656
  uncork_socket client
657
657
 
658
658
  body.close
659
+ req.tempfile.unlink if req.tempfile
659
660
  res_body.close if res_body.respond_to? :close
660
661
 
661
662
  after_reply.each { |o| o.call }
@@ -88,48 +88,11 @@ class TestPumaServerSSL < Test::Unit::TestCase
88
88
  assert_equal "https", body
89
89
  end
90
90
 
91
- if defined?(JRUBY_VERSION)
92
- def test_ssl_v3_support_disabled_by_default
93
- @http.ssl_version='SSLv3'
94
- assert_raises(OpenSSL::SSL::SSLError) do
95
- @http.start do
96
- Net::HTTP::Get.new '/'
97
- end
98
- end
99
- end
100
-
101
- def test_enabling_ssl_v3_support
102
- @server.stop(true)
103
- @ctx.enable_SSLv3 = true
104
- @server = Puma::Server.new @app, @events
105
- @server.add_ssl_listener @host, @port, @ctx
106
- @server.run
107
- @http.ssl_version='SSLv3'
108
-
109
- body = nil
91
+ def test_ssl_v3_rejection
92
+ @http.ssl_version='SSLv3'
93
+ assert_raises(OpenSSL::SSL::SSLError) do
110
94
  @http.start do
111
- req = Net::HTTP::Get.new "/", {}
112
-
113
- @http.request(req) do |rep|
114
- body = rep.body
115
- end
116
- end
117
-
118
- assert_equal "https", body
119
- end
120
-
121
- def test_enabling_ssl_v3_support_requires_true
122
- @server.stop(true)
123
- @ctx.enable_SSLv3 = "truthy but not true"
124
- @server = Puma::Server.new @app, @events
125
- @server.add_ssl_listener @host, @port, @ctx
126
- @server.run
127
- @http.ssl_version='SSLv3'
128
-
129
- assert_raises(OpenSSL::SSL::SSLError) do
130
- @http.start do
131
- Net::HTTP::Get.new '/'
132
- end
95
+ Net::HTTP::Get.new '/'
133
96
  end
134
97
  end
135
98
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: puma
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.11.2
4
+ version: 2.11.3
5
5
  platform: java
6
6
  authors:
7
7
  - Evan Phoenix
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-04-13 00:00:00.000000000 Z
11
+ date: 2015-05-19 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  requirement: !ruby/object:Gem::Requirement