serverengine 2.0.7 → 2.1.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (9) hide show
  1. checksums.yaml +5 -5
  2. data/.travis.yml +4 -3
  3. data/Changelog +8 -0
  4. data/lib/serverengine/process_manager.rb +2 -0
  5. data/lib/serverengine/signals.rb +1 -1
  6. data/lib/serverengine/socket_manager.rb +15 -2
  7. data/lib/serverengine/socket_manager_unix.rb +14 -2
  8. data/lib/serverengine/version.rb +1 -1
  9. metadata +3 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
- SHA256:
3
- metadata.gz: 849803d15dfe8e2b3e551b2849d8eb3d02deeffa271d4fa5f890ac4fb8db9a64
4
- data.tar.gz: 703964e48ed203464b7d98eeaee0a161c88c4fc9597c2c1028e4cc3860b52476
2
+ SHA1:
3
+ metadata.gz: 2dcef89d936caacd6b3a181413a7e4d27141db61
4
+ data.tar.gz: cd21b00e537cd7c9d7c3028998ef71166d7271d5
5
5
  SHA512:
6
- metadata.gz: 7b372a236fbb4861d6a1143c35a17466483d5e43730e6e6ce3a6dbe9c8a85cd560fbf7cb8a73e84edf7f0a56cecf9a1ec0e596cceed552c174d61d83765f2d49
7
- data.tar.gz: '092f8d447cab9895701e566fe5185f6043ca483ff2cc905c57ae653f5551b80f6b080b9f0b51fb1fc42b8466eae463a5809e0941a27e770323479cf99e5e1f92'
6
+ metadata.gz: a690050603b89d3ff1607cfc5866261f96e3b1b01e4bb925def377f26acb6f38d5fab18b188f8f1cf16442f859e477d94c2dac647ef216fd9dc5fdb1cb2eba93
7
+ data.tar.gz: ecc5f0dc58a1a9d9ed19b19b35a296da0ba334fca5172ea74d30fae8ad6c63d305de68a53cf4dc3156890672cc2070362a89c555a7aad26bf8edd511fce5a49f
data/.travis.yml CHANGED
@@ -2,9 +2,10 @@ language: ruby
2
2
 
3
3
  rvm:
4
4
  - 2.1.10
5
- - 2.2.6
6
- - 2.3.3
7
- - 2.4.0
5
+ - 2.2.9
6
+ - 2.3.8
7
+ - 2.4.5
8
+ - 2.5.3
8
9
  - ruby-head
9
10
 
10
11
  branches:
data/Changelog CHANGED
@@ -1,3 +1,11 @@
1
+ 2019-04-22 version 2.1.1:
2
+
3
+ * Fix bug to ignore SIGDUMP_SIGNAL
4
+
5
+ 2018-11-14 version 2.1.0:
6
+
7
+ * Improve socket manager security
8
+
1
9
  2018-07-09 version 2.0.7:
2
10
 
3
11
  * Add disable_sigdump option
data/lib/serverengine/process_manager.rb CHANGED
@@ -16,6 +16,7 @@
16
16
  # limitations under the License.
17
17
  #
18
18
  require 'fcntl'
19
+ require 'serverengine/socket_manager'
19
20
 
20
21
  module ServerEngine
21
22
 
@@ -185,6 +186,7 @@ module ServerEngine
185
186
  @command_sender_pipe.binmode
186
187
  options[:in] = inpipe
187
188
  end
189
+ env['SERVERENGINE_SOCKETMANAGER_INTERNAL_TOKEN'] = SocketManager::INTERNAL_TOKEN
188
190
  pid = Process.spawn(env, *args, options)
189
191
  if @command_sender == "pipe"
190
192
  inpipe.close
data/lib/serverengine/signals.rb CHANGED
@@ -26,6 +26,6 @@ module ServerEngine
26
26
  IMMEDIATE_RESTART = :HUP
27
27
  RELOAD = :USR2
28
28
  DETACH = :INT
29
- DUMP = :CONT
29
+ DUMP = ENV.has_key?('SIGDUMP_SIGNAL') ? ENV['SIGDUMP_SIGNAL'].to_sym : :CONT
30
30
  end
31
31
  end
data/lib/serverengine/socket_manager.rb CHANGED
@@ -18,9 +18,18 @@
18
18
  require 'socket'
19
19
  require 'ipaddr'
20
20
  require 'time'
21
+ require 'securerandom'
22
+ require 'json'
23
+ require 'base64'
21
24
 
22
25
  module ServerEngine
23
26
  module SocketManager
27
+ # This token is used for communication between peers. If token is mismatched, messages will be discarded
28
+ INTERNAL_TOKEN = if ENV.has_key?('SERVERENGINE_SOCKETMANAGER_INTERNAL_TOKEN')
29
+ ENV['SERVERENGINE_SOCKETMANAGER_INTERNAL_TOKEN']
30
+ else
31
+ SecureRandom.hex
32
+ end
24
33
 
25
34
  class Client
26
35
  def initialize(path)
@@ -154,7 +163,8 @@ module ServerEngine
154
163
  end
155
164
 
156
165
  def self.send_peer(peer, obj)
157
- data = Marshal.dump(obj)
166
+ data = [SocketManager::INTERNAL_TOKEN, Base64.strict_encode64(Marshal.dump(obj))]
167
+ data = JSON.generate(data)
158
168
  peer.write [data.bytesize].pack('N')
159
169
  peer.write data
160
170
  end
@@ -165,7 +175,10 @@ module ServerEngine
165
175
 
166
176
  len = res.unpack('N').first
167
177
  data = peer.read(len)
168
- Marshal.load(data)
178
+ data = JSON.parse(data)
179
+ return nil if SocketManager::INTERNAL_TOKEN != data.first
180
+
181
+ Marshal.load(Base64.strict_decode64(data.last))
169
182
  end
170
183
 
171
184
  if ServerEngine.windows?
data/lib/serverengine/socket_manager_unix.rb CHANGED
@@ -70,7 +70,12 @@ module ServerEngine
70
70
  # when client changed working directory
71
71
  path = File.expand_path(path)
72
72
 
73
- @server = UNIXServer.new(path)
73
+ begin
74
+ old_umask = File.umask(0077) # Protect unix socket from other users
75
+ @server = UNIXServer.new(path)
76
+ ensure
77
+ File.umask(old_umask)
78
+ end
74
79
 
75
80
  @thread = Thread.new do
76
81
  begin
@@ -96,7 +101,14 @@ module ServerEngine
96
101
  end
97
102
 
98
103
  def send_socket(peer, pid, method, bind, port)
99
- sock = send(method, bind, port) # calls listen_tcp or listen_udp
104
+ sock = case method
105
+ when :listen_tcp
106
+ listen_tcp(bind, port)
107
+ when :listen_udp
108
+ listen_udp(bind, port)
109
+ else
110
+ raise ArgumentError, "Unknown method: #{method.inspect}"
111
+ end
100
112
 
101
113
  SocketManager.send_peer(peer, nil)
102
114
 
data/lib/serverengine/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module ServerEngine
2
- VERSION = "2.0.7"
2
+ VERSION = "2.1.1"
3
3
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: serverengine
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.7
4
+ version: 2.1.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Sadayuki Furuhashi
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2018-07-10 00:00:00.000000000 Z
11
+ date: 2019-04-23 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: sigdump
@@ -154,7 +154,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
154
154
  version: '0'
155
155
  requirements: []
156
156
  rubyforge_project:
157
- rubygems_version: 2.7.6
157
+ rubygems_version: 2.6.14.1
158
158
  signing_key:
159
159
  specification_version: 4
160
160
  summary: ServerEngine - multiprocess server framework