NEWS in yahns-1.14.1 vs NEWS in yahns-1.15.0

- old
+ new

@@ -1,833 +1,892 @@ -=== yahns 1.14.1 - bugfixes only / 2016-12-14 19:17 UTC +yahns 1.15.0 / 2017-03-23 +------------------------- - This release avoids confusing HTTP/1.1 clients with a - "Transfer-Encoding: chunked" header on bodyless responses. - The header was causing "curl -T" to wait indefinitely for - a response body after the server sent a 204. - This regression was introduced with autochunk introduced - with yahns 1.13(*). +Minor changes to reduce allocations and simplify our code +and dependencies. Nothing particularly interesting unless +you're the type of person who appreciates brake pedals +in with holes drilled in them for weight reduction. - rack.hijack was also broken for ancient "HTTP/0.9" requests, - and now fixed. +11 changes since 1.14.1 (2016-12-14): + stream_input: avoid allocation for common #read case + proxy_pass: add a note about the instability of this + tee_input: simplify conditional for writing to temporary file + proxy_http_response: reduce memory pressure from larger headers + http_response: make response headers eligible for GC, sooner + update more referenced URLs to be HTTPS + chunk_body: nodoc this internal class + Revert "use olddoc 1.1.0 for generating NEWS + NEWS.atom.xml" + gemspec: stop advertising "private" email address + doc: design_notes: we do not use EPOLLEXCLUSIVE + README: update with disclaimer about subscription - 4 changes since 1.14.0: +Ovt punatrf pbzvat... - queue_*: fix outdated comments - http_response: support rack.hijack on HTTP/0.9 responses - response: do not set chunked header on bodyless responses - proxy_pass: do not chunk on bodyless upstream responses +yahns 1.14.1 - bugfixes only / 2016-12-14 +----------------------------------------- - (*) https://yhbt.net/yahns-public/20160805-yahns-1.13.0-released@lucky13/ +This release avoids confusing HTTP/1.1 clients with a +"Transfer-Encoding: chunked" header on bodyless responses. +The header was causing "curl -T" to wait indefinitely for +a response body after the server sent a 204. +This regression was introduced with autochunk introduced +with yahns 1.13(*). -=== yahns 1.14.0 - removing undefined behavior / 2016-11-14 21:16 UTC +rack.hijack was also broken for ancient "HTTP/0.9" requests, +and now fixed. - There's minor feature removals for undocumented and - undefined features and behavior which are unlikely to - affect anybody unless they serve HTTPS. +4 changes since 1.14.0: - Our website is now self-hosted with HTTPS support (HTTP remains - supported for legacy systems): + queue_*: fix outdated comments + http_response: support rack.hijack on HTTP/0.9 responses + response: do not set chunked header on bodyless responses + proxy_pass: do not chunk on bodyless upstream responses - https://yhbt.net/yahns/README +(*) https://yhbt.net/yahns-public/20160805-yahns-1.13.0-released@lucky13/ - See git history at git://yhbt.net/yahns.git for full details. +yahns 1.14.0 - removing undefined behavior / 2016-11-14 +------------------------------------------------------- - openssl_client: avoid undefined SSL_write behavior - move website to https://yhbt.net/yahns/ - stream_file: remove #to_io support from responses - response: only stream "file" responses on known length - response: fixup compile error - req_res: do not send 502 on catchall error if response buffered +There's minor feature removals for undocumented and +undefined features and behavior which are unlikely to +affect anybody unless they serve HTTPS. -=== yahns 1.13.0 - some user-visible improvements... / 2016-08-05 07:26 UTC +Our website is now self-hosted with HTTPS support (HTTP remains +supported for legacy systems): - And probably a billion new regressions! + https://yhbt.net/yahns/README - yahns now allows users to skip the Rack::Head, Rack::Chunked and - Rack::ContentLength middlewares to ease migrating from/to other - real-world Rack HTTP servers. Most notably, our chunked - encoding implementation is a bit faster than Rack::Chunked by - taking advantage of the writev(2) syscall: +See git history at git://yhbt.net/yahns.git for full details. - https://yhbt.net/yahns-public/20160803031906.14553-4-e@80x24.org/ + openssl_client: avoid undefined SSL_write behavior + move website to https://yhbt.net/yahns/ + stream_file: remove #to_io support from responses + response: only stream "file" responses on known length + response: fixup compile error + req_res: do not send 502 on catchall error if response buffered - There's also rack 2.x fixes in the test case and extras/ section - (these incompatibilities did not affect existing users unless - they use the wonky extras/ section). +yahns 1.13.0 - some user-visible improvements... / 2016-08-05 +------------------------------------------------------------- - There's also some graceful shutdown fixes, the process title is - now changed to display the number of live FDs. +And probably a billion new regressions! - Of course, there's the usual round of documentation improvements - which are systemd and OpenSSL setup-related this time around. +yahns now allows users to skip the Rack::Head, Rack::Chunked and +Rack::ContentLength middlewares to ease migrating from/to other +real-world Rack HTTP servers. Most notably, our chunked +encoding implementation is a bit faster than Rack::Chunked by +taking advantage of the writev(2) syscall: - However, the majority of changes (proxy_*, wbuf_lite), affect - currently-unadvertised functionality which is subject to removal - or incompatible config changes. However, they are used to serve - our mailing list archives at: + https://yhbt.net/yahns-public/20160803031906.14553-4-e@80x24.org/ - https://yhbt.net/yahns-public/ +There's also rack 2.x fixes in the test case and extras/ section +(these incompatibilities did not affect existing users unless +they use the wonky extras/ section). - 49 changes since yahns 1.12.5: - proxy_pass: simplify writing request bodies upstream - proxy_pass: hoist out proxy_res_headers method - proxy_pass: simplify proxy_http_response - proxy_pass: split out body and trailer reading in response - proxy_pass: trim down proxy_response_finish, too - proxy_pass: split out req_res into a separate file - proxy_pass: fix resumes after complete buffering is unblocked - proxy_pass: X-Forwarded-For appends to existing list - proxy_pass: pass entire object to proxy_http_response - proxy_pass: support "proxy_buffering: false" - proxy_pass: remove unnecessary rescue - req_res: store proxy_pass object here, instead - proxy_pass: redo "proxy_buffering: false" - wbuf: remove needless "busy" parameter - Merge branch 'maint' - extras/try_gzip_static: do not show backtrace on syscall errors - wbuf: remove tmpdir parameter - wbuf_lite: fix write retries for OpenSSL sockets - test_proxy_pass_no_buffering: fix racy test - queue_*: check for closed IO objects - cleanup graceful shutdown handling - proxy_pass: more descriptive error messages - proxy_pass: fix HTTP/1.0 backends on EOF w/o buffering - wbuf_common: reset offset counter when done - extras/try_gzip_static: resolve symlinks - test_ssl: remove unnecessary priv_key DH parameter - openssl_client: wrap shutdown for graceful termination - proxy_pass: keep trailer buffer on blocked client writes - proxy_pass: avoid TOCTTOU race when unbuffering, too - proxy_pass: avoid accessing logger in env after hijacking - proxy_pass: avoid stuck responses in "proxy_buffering: false" - extras: include status messages in responses - update init and add systemd examples - test_proxy_pass_no_buffering: exclude rb/ru files, too - wbuf_lite: use StringIO instead of TmpIO - wbuf_lite: truncate StringIO when done - wbuf_lite: prevent clobbering responses - wbuf_lite: unify EOF error handling - wbuf_lite: reset sf_offset/sf_count consistently - wbuf_lite: clear @busy flag when re-arming - http_response: drop bodies for non-compliant responses - fix rack 2.x compatibility bugs - doc: add session cache usage to OpenSSL example - test: skip some buffering tests on non-default values - response: drop clients after HTTP responses of unknown length - response: reduce stack overhead for parameter passing - response: support auto-chunking for HTTP/1.1 - Revert "document Rack::Chunked/ContentLength semi-requirements" - extras/exec_cgi: fix for HTTPoxy vulnerability +There's also some graceful shutdown fixes, the process title is +now changed to display the number of live FDs. -=== yahns 1.12.5 - proxy_pass + rack.hijack fixes / 2016-06-05 23:09 UTC +Of course, there's the usual round of documentation improvements +which are systemd and OpenSSL setup-related this time around. - Hopefully the last of the 1.12.x series, this release - fixes a few minor bugs mainly needed for testing. +However, the majority of changes (proxy_*, wbuf_lite), affect +currently-unadvertised functionality which is subject to removal +or incompatible config changes. However, they are used to serve +our mailing list archives at: - No upgrade should be necessary for non-proxy_pass users. + https://yhbt.net/yahns-public/ - 4 changes since v1.12.4 from the "maint" branch at - git://yhbt.net/yahns.git +49 changes since yahns 1.12.5: + proxy_pass: simplify writing request bodies upstream + proxy_pass: hoist out proxy_res_headers method + proxy_pass: simplify proxy_http_response + proxy_pass: split out body and trailer reading in response + proxy_pass: trim down proxy_response_finish, too + proxy_pass: split out req_res into a separate file + proxy_pass: fix resumes after complete buffering is unblocked + proxy_pass: X-Forwarded-For appends to existing list + proxy_pass: pass entire object to proxy_http_response + proxy_pass: support "proxy_buffering: false" + proxy_pass: remove unnecessary rescue + req_res: store proxy_pass object here, instead + proxy_pass: redo "proxy_buffering: false" + wbuf: remove needless "busy" parameter + Merge branch 'maint' + extras/try_gzip_static: do not show backtrace on syscall errors + wbuf: remove tmpdir parameter + wbuf_lite: fix write retries for OpenSSL sockets + test_proxy_pass_no_buffering: fix racy test + queue_*: check for closed IO objects + cleanup graceful shutdown handling + proxy_pass: more descriptive error messages + proxy_pass: fix HTTP/1.0 backends on EOF w/o buffering + wbuf_common: reset offset counter when done + extras/try_gzip_static: resolve symlinks + test_ssl: remove unnecessary priv_key DH parameter + openssl_client: wrap shutdown for graceful termination + proxy_pass: keep trailer buffer on blocked client writes + proxy_pass: avoid TOCTTOU race when unbuffering, too + proxy_pass: avoid accessing logger in env after hijacking + proxy_pass: avoid stuck responses in "proxy_buffering: false" + extras: include status messages in responses + update init and add systemd examples + test_proxy_pass_no_buffering: exclude rb/ru files, too + wbuf_lite: use StringIO instead of TmpIO + wbuf_lite: truncate StringIO when done + wbuf_lite: prevent clobbering responses + wbuf_lite: unify EOF error handling + wbuf_lite: reset sf_offset/sf_count consistently + wbuf_lite: clear @busy flag when re-arming + http_response: drop bodies for non-compliant responses + fix rack 2.x compatibility bugs + doc: add session cache usage to OpenSSL example + test: skip some buffering tests on non-default values + response: drop clients after HTTP responses of unknown length + response: reduce stack overhead for parameter passing + response: support auto-chunking for HTTP/1.1 + Revert "document Rack::Chunked/ContentLength semi-requirements" + extras/exec_cgi: fix for HTTPoxy vulnerability - http_client: set state to :ignore before hijack callback - test/test_client_expire: fix for high RLIMIT_NOFILE - proxy_pass: do not chunk HTTP/1.0 with keep-alive - proxy_pass: X-Forwarded-For appends to existing list +yahns 1.12.5 - proxy_pass + rack.hijack fixes / 2016-06-05 +---------------------------------------------------------- - lib/yahns/http_client.rb | 6 +++--- - lib/yahns/proxy_http_response.rb | 8 ++++++-- - lib/yahns/proxy_pass.rb | 5 ++++- - test/test_client_expire.rb | 13 +++++++++++-- - test/test_proxy_pass.rb | 10 ++++++++++ - 5 files changed, 34 insertions(+), 8 deletions(-) +Hopefully the last of the 1.12.x series, this release +fixes a few minor bugs mainly needed for testing. - Note: the current "master" branch (at commit 5e211ea003d2) - includes refactorings and new features not included in this - release. +No upgrade should be necessary for non-proxy_pass users. -=== yahns 1.12.4 - rack.hijack and proxy_pass bugfixes / 2016-05-02 19:43 UTC +4 changes since v1.12.4 from the "maint" branch at +git://yhbt.net/yahns.git - This release fixes some resource leaks in uncommonly used parts - of yahns as well as including some documentation improvements. - No need to upgrade unless you rely on rack.hijack for responses - or use the (currently-undocumented) proxy_pass module(*). + http_client: set state to :ignore before hijack callback + test/test_client_expire: fix for high RLIMIT_NOFILE + proxy_pass: do not chunk HTTP/1.0 with keep-alive + proxy_pass: X-Forwarded-For appends to existing list - 9 non-merge changes since 1.12.3: + lib/yahns/http_client.rb | 6 +++--- + lib/yahns/proxy_http_response.rb | 8 ++++++-- + lib/yahns/proxy_pass.rb | 5 ++++- + test/test_client_expire.rb | 13 +++++++++++-- + test/test_proxy_pass.rb | 10 ++++++++++ + 5 files changed, 34 insertions(+), 8 deletions(-) - proxy_pass: honor wbuf_persist when ending response - proxy_http_response: fix non-terminated fast responses, too - test_proxy_pass: test for auto chunking on 1.0 backends - wbuf: drop persistence if writing to client fails - proxy_http_response: cleanup: avoid redundant setting of "alive" - proxy_http_response: do not persist upstream on slow clients - proxy_pass: drop resources immediately on errors - document Rack::Chunked/ContentLength semi-requirements - extras/exec_cgi: document cgit example +Note: the current "master" branch (at commit 5e211ea003d2) +includes refactorings and new features not included in this +release. - Documentation/yahns-rackup.pod | 10 ++++++++++ - GIT-VERSION-GEN | 2 +- - examples/yahns_rack_basic.conf.rb | 6 ++++++ - extras/exec_cgi.rb | 8 ++++++++ - lib/yahns/proxy_http_response.rb | 40 ++++++++++++++++++++++----------------- - lib/yahns/proxy_pass.rb | 5 +++-- - lib/yahns/wbuf_common.rb | 1 + - test/test_proxy_pass.rb | 15 +++++++++++++++ - 8 files changed, 67 insertions(+), 20 deletions(-) +yahns 1.12.4 - rack.hijack and proxy_pass bugfixes / 2016-05-02 +--------------------------------------------------------------- - (*) 1.13.0 will include refactoring in proxy_pass and possibly - documenting it as stable-enough-for-public use: +This release fixes some resource leaks in uncommonly used parts +of yahns as well as including some documentation improvements. +No need to upgrade unless you rely on rack.hijack for responses +or use the (currently-undocumented) proxy_pass module(*). - https://yhbt.net/yahns-public/20160220081619.GA10850@dcvr.yhbt.net/t/ +9 non-merge changes since 1.12.3: -=== yahns 1.12.3 - more fixes and doc updates / 2016-04-08 19:48 UTC + proxy_pass: honor wbuf_persist when ending response + proxy_http_response: fix non-terminated fast responses, too + test_proxy_pass: test for auto chunking on 1.0 backends + wbuf: drop persistence if writing to client fails + proxy_http_response: cleanup: avoid redundant setting of "alive" + proxy_http_response: do not persist upstream on slow clients + proxy_pass: drop resources immediately on errors + document Rack::Chunked/ContentLength semi-requirements + extras/exec_cgi: document cgit example - This release only contains two changes since v1.12.2: + Documentation/yahns-rackup.pod | 10 ++++++++++ + GIT-VERSION-GEN | 2 +- + examples/yahns_rack_basic.conf.rb | 6 ++++++ + extras/exec_cgi.rb | 8 ++++++++ + lib/yahns/proxy_http_response.rb | 40 ++++++++++++++++++++++----------------- + lib/yahns/proxy_pass.rb | 5 +++-- + lib/yahns/wbuf_common.rb | 1 + + test/test_proxy_pass.rb | 15 +++++++++++++++ + 8 files changed, 67 insertions(+), 20 deletions(-) - * proxy_http_response: workaround non-terminated backends +(*) 1.13.0 will include refactoring in proxy_pass and possibly + documenting it as stable-enough-for-public use: - The first is a fix for the undocumented and unstable "proxy_pass" - feature: - https://yhbt.net/yahns-public/20160406062556.10988-1-e@80x24.org/t/ - - However, I'm considering supporting proxy_pass as a stable API: https://yhbt.net/yahns-public/20160220081619.GA10850@dcvr.yhbt.net/t/ - * doc: recommend "verify_mode: OpenSSL::SSL::VERIFY_NONE" +yahns 1.12.3 - more fixes and doc updates / 2016-04-08 +------------------------------------------------------ - Only a documentation change prompted by the discovery that - some browsers/platforms will try to prompt users for client - certs: - https://yhbt.net/yahns-public/20160316003434.GA14791@dcvr.yhbt.net/t/ +This release only contains two changes since v1.12.2: -=== yahns 1.12.2 - minor doc and TLS fixes / 2016-03-01 01:55 UTC +* proxy_http_response: workaround non-terminated backends - This release ensures OpenSSL::SSL::SSLContext#session_id_context - is always set for OpenSSL users. It won't overwrite existing - settings, but setting it to a random value is necessary to - ensure clients do not get aborted connections when attempting to - use a session cache. + The first is a fix for the undocumented and unstable "proxy_pass" + feature: + https://yhbt.net/yahns-public/20160406062556.10988-1-e@80x24.org/t/ - No need to actually upgrade if you're on 1.12.1, you may add the - following to your yahns_config(5) file where - OpenSSL::SSL::SSLContext is configured: + However, I'm considering supporting proxy_pass as a stable API: + https://yhbt.net/yahns-public/20160220081619.GA10850@dcvr.yhbt.net/t/ - # recommended, not required. This sets safer defaults - # provided by Ruby on top of what OpenSSL gives: - ssl_ctx.set_params +* doc: recommend "verify_mode: OpenSSL::SSL::VERIFY_NONE" - # required, and done by default in v1.12.2: - ssl_ctx.session_id_context ||= OpenSSL::Random.random_bytes(32) + Only a documentation change prompted by the discovery that + some browsers/platforms will try to prompt users for client + certs: + https://yhbt.net/yahns-public/20160316003434.GA14791@dcvr.yhbt.net/t/ - yahns gives you full control of of how OpenSSL::SSL::SSLContext is - configured. To avoid bugs, yahns only ensures - OpenSSL::SSL::SSLContext#session_id_context is set (if not previously - set by the user) and calls OpenSSL::SSL::SSLContext#setup before - spawning threads to avoid race conditions. yahns itself does not and - will not enforce any opinion on the compatibility/performance/security - trade-offs regarding TLS configuration. +yahns 1.12.2 - minor doc and TLS fixes / 2016-03-01 +--------------------------------------------------- - Note: keep in mind using an SSL session cache may be less useful - with yahns because HTTP/1.1 persistent connections may live - forever :) +This release ensures OpenSSL::SSL::SSLContext#session_id_context +is always set for OpenSSL users. It won't overwrite existing +settings, but setting it to a random value is necessary to +ensure clients do not get aborted connections when attempting to +use a session cache. - 3 bug/doc fixes on top of v1.12.1: - document OpenSSL::SSL::SSLContext#set_params use - ssl: ensure is session_id_context is always set - test/*: fix mktmpdir usage for 1.9.3 +No need to actually upgrade if you're on 1.12.1, you may add the +following to your yahns_config(5) file where +OpenSSL::SSL::SSLContext is configured: -=== yahns 1.12.1 - more TLS fixes / 2016-02-22 00:39 UTC + # recommended, not required. This sets safer defaults + # provided by Ruby on top of what OpenSSL gives: + ssl_ctx.set_params - Most notably release fixes TLS output buffering for large - responses to slow clients. For Rack HTTPS users, - env['SERVER_PORT'] also defaults to 443 properly unless the - Host: request header specifies differently. + # required, and done by default in v1.12.2: + ssl_ctx.session_id_context ||= OpenSSL::Random.random_bytes(32) - Also, the extras/autoindex change is to make our own directory - listing look nicer as we use Let's Encrypt and don't want to - waste space listing ".well-known/" directory contents on: +yahns gives you full control of of how OpenSSL::SSL::SSLContext is +configured. To avoid bugs, yahns only ensures +OpenSSL::SSL::SSLContext#session_id_context is set (if not previously +set by the user) and calls OpenSSL::SSL::SSLContext#setup before +spawning threads to avoid race conditions. yahns itself does not and +will not enforce any opinion on the compatibility/performance/security +trade-offs regarding TLS configuration. - https://yahns.yhbt.net/ +Note: keep in mind using an SSL session cache may be less useful +with yahns because HTTP/1.1 persistent connections may live +forever :) - Yes, we really do care how our homepage looks! +3 bug/doc fixes on top of v1.12.1: + document OpenSSL::SSL::SSLContext#set_params use + ssl: ensure is session_id_context is always set + test/*: fix mktmpdir usage for 1.9.3 - 6 changes since v1.12.1: - extras/autoindex: support hiding dotfiles - fix output buffering with SSL_write - https: ensure SERVER_PORT defaults to 443 - test_ssl: check SERVER_PORT when parsed from Host: header - doc: mention kqueue/kevent alongside epoll - doc: more minor updates +yahns 1.12.1 - more TLS fixes / 2016-02-22 +------------------------------------------ -=== yahns 1.12.0 - TLS fixes and more! / 2016-02-14 22:30 UTC +Most notably release fixes TLS output buffering for large +responses to slow clients. For Rack HTTPS users, +env['SERVER_PORT'] also defaults to 443 properly unless the +Host: request header specifies differently. - Most notably, serving static files over HTTPS did not work - before this release with the "sendfile" gem installed. The - yahns_config(5) manpage is also updated with an example for - using OpenSSL::SSL::SSLContext objects. Users of - Rack::Request#scheme and env['rack.url_scheme'] should see - "https" properly set for HTTPS connections. +Also, the extras/autoindex change is to make our own directory +listing look nicer as we use Let's Encrypt and don't want to +waste space listing ".well-known/" directory contents on: - There's also a bunch of internal tweaks like taking advantage of - the file-level frozen_string_literal: directive in 2.3 and - explicitly clearing short-lived string buffers + https://yahns.yhbt.net/ - TLS support is still in its early stages, but I'm experimenting - with Let's Encrypt (via getssl[1]) and hosting https://YHBT.net/ - on it. +Yes, we really do care how our homepage looks! - For now, I suggest using a separate yahns instance (with a - different master process) to avoid any potential data leaks - between HTTPS and HTTP instances. In the future, it may be - possible to isolate HTTPS from HTTP at the worker process level. - Supporting GnuTLS (alongside OpenSSL) may be in our future, too. +6 changes since v1.12.1: + extras/autoindex: support hiding dotfiles + fix output buffering with SSL_write + https: ensure SERVER_PORT defaults to 443 + test_ssl: check SERVER_PORT when parsed from Host: header + doc: mention kqueue/kevent alongside epoll + doc: more minor updates - To paraphrase the warning in http://www.postfix.org/TLS_README.html - (which was written before Heartbleed): +yahns 1.12.0 - TLS fixes and more! / 2016-02-14 +----------------------------------------------- - WARNING +Most notably, serving static files over HTTPS did not work +before this release with the "sendfile" gem installed. The +yahns_config(5) manpage is also updated with an example for +using OpenSSL::SSL::SSLContext objects. Users of +Rack::Request#scheme and env['rack.url_scheme'] should see +"https" properly set for HTTPS connections. - By turning on TLS support in yahns, you not only get the - ability to encrypt traffic and to authenticate remote - clients. You also turn on thousands and thousands of - lines of OpenSSL library code. Assuming that OpenSSL is - written as carefully as Eric's own code, every 1000 lines - introduce one additional bug into yahns. +There's also a bunch of internal tweaks like taking advantage of +the file-level frozen_string_literal: directive in 2.3 and +explicitly clearing short-lived string buffers - I'm not nearly as careful with yahns as Wietse is with postfix, - either. +TLS support is still in its early stages, but I'm experimenting +with Let's Encrypt (via getssl[1]) and hosting https://YHBT.net/ +on it. - 20 changes since v1.11.0: - README: updates for kqueue - add .gitattributes for Ruby method detection - nodoc internals - enable frozen_string_literal for Ruby 2.3+ - copyright updates for 2016 - extras/exec_cgi: fix frozen string error on slow responses - avoid StringIO#binmode for the next few years - use String#clear for short-lived buffers we create - gemspec: make rack a development dependency - build: install-gem forced to "--local" domain - acceptor: all subclasses of TCPServer use TCP_INFO - properly emulate sendfile for OpenSSL sockets - avoid race conditions in OpenSSL::SSL::SSLContext#setup - set HTTPS and rack.url_scheme in Rack env as appropriate - proxy_pass: pass X-Forwarded-Proto through - doc: switch to perlpod (from pandoc-flavored Markdown) - doc: trim down documentation slightly - doc: document ssl_ctx for "listen" directive - doc: various doc and linkification improvements - http_context: reduce constant lookup + bytecode +For now, I suggest using a separate yahns instance (with a +different master process) to avoid any potential data leaks +between HTTPS and HTTP instances. In the future, it may be +possible to isolate HTTPS from HTTP at the worker process level. +Supporting GnuTLS (alongside OpenSSL) may be in our future, too. - [1] git clone https://github.com/srvrco/getssl.git +To paraphrase the warning in http://www.postfix.org/TLS_README.html +(which was written before Heartbleed): -=== yahns 1.11.0 - more minor updates / 2015-12-13 02:20 UTC + WARNING - There's some minor test case fixes and documentation updates. + By turning on TLS support in yahns, you not only get the + ability to encrypt traffic and to authenticate remote + clients. You also turn on thousands and thousands of + lines of OpenSSL library code. Assuming that OpenSSL is + written as carefully as Eric's own code, every 1000 lines + introduce one additional bug into yahns. - For OpenSSL users running the Ruby 2.3.0 preview releases, - we now use `exception: false' for for accept_nonblock to reduce - exceptions. Non-SSL I/O still uses kgio for now. +I'm not nearly as careful with yahns as Wietse is with postfix, +either. - 6 changes since 1.10.0: - wbuf: fix typo in bug check for sendfile gem - test_wbuf: deal with proper zero-copy for Unix sockets - README: clarify and update copyright year - doc: document and reference sd_listen_fds(3) behavior - test_server: fix race condition in hooks test - openssl_client: use `exception: false' for accept_nonblock +20 changes since v1.11.0: + README: updates for kqueue + add .gitattributes for Ruby method detection + nodoc internals + enable frozen_string_literal for Ruby 2.3+ + copyright updates for 2016 + extras/exec_cgi: fix frozen string error on slow responses + avoid StringIO#binmode for the next few years + use String#clear for short-lived buffers we create + gemspec: make rack a development dependency + build: install-gem forced to "--local" domain + acceptor: all subclasses of TCPServer use TCP_INFO + properly emulate sendfile for OpenSSL sockets + avoid race conditions in OpenSSL::SSL::SSLContext#setup + set HTTPS and rack.url_scheme in Rack env as appropriate + proxy_pass: pass X-Forwarded-Proto through + doc: switch to perlpod (from pandoc-flavored Markdown) + doc: trim down documentation slightly + doc: document ssl_ctx for "listen" directive + doc: various doc and linkification improvements + http_context: reduce constant lookup + bytecode -=== yahns 1.10.0 - minor updates / 2015-11-01 09:08 UTC +[1] git clone https://github.com/srvrco/getssl.git - * test_client_expire: favor Process.spawn over fork+exec - * extras/try_gzip_static: require readability on HEAD requests - * proxy_pass: quiet down ECONNRESET and EPIPE, too - * copyright updates - * update various comments - * proxy_http_response: use frozen string literal optimization - * README: add link to NNTP archive endpoint - * use olddoc 1.1.0 for generating NEWS + NEWS.atom.xml - * gemspec fixes for various RubyGems versions - * bytecode golfing to cut a few bytes of memory - * simplify sd_listen_fds emulation - * gemspec: allow compatibility with unicorn 5 +yahns 1.11.0 - more minor updates / 2015-12-13 +---------------------------------------------- -=== yahns 1.9.0 - minor updates / 2015-07-21 20:29 UTC +There's some minor test case fixes and documentation updates. - This release improves socket inheritance support. TCP socket - options are now applied to inherited sockets. We also emulate - the sd_listen_fds function to allow inheriting sockets from - systemd. +For OpenSSL users running the Ruby 2.3.0 preview releases, +we now use `exception: false' for for accept_nonblock to reduce +exceptions. Non-SSL I/O still uses kgio for now. - HTTP status strings are now generated dynamically, allowing - applications to modify Rack::Utils::HTTP_STATUS_CODES to - apply changes in the Rack response. Unfortunately, this leads - to minor (likely unnoticeable) performance regressions. +6 changes since 1.10.0: + wbuf: fix typo in bug check for sendfile gem + test_wbuf: deal with proper zero-copy for Unix sockets + README: clarify and update copyright year + doc: document and reference sd_listen_fds(3) behavior + test_server: fix race condition in hooks test + openssl_client: use `exception: false' for accept_nonblock - However, our code is not optimized for Ruby 2.2+, so users on - the latest released Ruby will benefit from reduced inline cache - and constant lookups as we reduced our constant footprint. - Expect further minor performance regressions if you are running - Ruby 2.2 and earlier. +yahns 1.10.0 - minor updates / 2015-11-01 +----------------------------------------- - For Ruby 2.2 users, overall performance should be largely - unchanged from 1.7.0 to 1.8.0 +* test_client_expire: favor Process.spawn over fork+exec +* extras/try_gzip_static: require readability on HEAD requests +* proxy_pass: quiet down ECONNRESET and EPIPE, too +* copyright updates +* update various comments +* proxy_http_response: use frozen string literal optimization +* README: add link to NNTP archive endpoint +* use olddoc 1.1.0 for generating NEWS + NEWS.atom.xml +* gemspec fixes for various RubyGems versions +* bytecode golfing to cut a few bytes of memory +* simplify sd_listen_fds emulation +* gemspec: allow compatibility with unicorn 5 - shortlog of changes since 1.7.0: +yahns 1.9.0 - minor updates / 2015-07-21 +---------------------------------------- - * use opt_str_freeze for Hash#delete - * test/helper: warn atomically - * generate response status strings dynamically - * reduce constants and optimize for Ruby 2.2+ - * http_response: reduce bytecode size - * apply TCP socket options on inherited sockets - * test/test_rack_hijack.rb: try to increase test reliability - * emulate sd_listen_fds for systemd support - * test/test_rack_hijack: ensure proper ordering of log messages +This release improves socket inheritance support. TCP socket +options are now applied to inherited sockets. We also emulate +the sd_listen_fds function to allow inheriting sockets from +systemd. -=== yahns 1.8.0 - minor updates / 2015-06-11 19:54 UTC +HTTP status strings are now generated dynamically, allowing +applications to modify Rack::Utils::HTTP_STATUS_CODES to +apply changes in the Rack response. Unfortunately, this leads +to minor (likely unnoticeable) performance regressions. - Most notably, the Rack response body is now closed during rack.hijack. +However, our code is not optimized for Ruby 2.2+, so users on +the latest released Ruby will benefit from reduced inline cache +and constant lookups as we reduced our constant footprint. +Expect further minor performance regressions if you are running +Ruby 2.2 and earlier. - Middlewares such as Rack::Lock (used by Rails) break badly unless - the response body is closed on hijack, so we will close it to follow - the lead of other popular Rack servers. +For Ruby 2.2 users, overall performance should be largely +unchanged from 1.7.0 to 1.8.0 - While it's unclear if there's anybody using rack.hijack besides - yahns/proxy_pass we'll try to emulate the behavior of other servers - as much as possible. +shortlog of changes since 1.7.0: - ref: https://github.com/ngauthier/tubesock/issues/10 +* use opt_str_freeze for Hash#delete +* test/helper: warn atomically +* generate response status strings dynamically +* reduce constants and optimize for Ruby 2.2+ +* http_response: reduce bytecode size +* apply TCP socket options on inherited sockets +* test/test_rack_hijack.rb: try to increase test reliability +* emulate sd_listen_fds for systemd support +* test/test_rack_hijack: ensure proper ordering of log messages - We'll also support SIGWINCH if not daemonized +yahns 1.8.0 - minor updates / 2015-06-11 +---------------------------------------- - This has no effect for the (default) single process case with - no master/worker relationship as that does not support SIGWINCH. +Most notably, the Rack response body is now closed during rack.hijack. - Some process managers such as foreman and daemontools rely on - yahnsnot daemonizing, but we still want to be able to process - SIGWINCH in that case. + Middlewares such as Rack::Lock (used by Rails) break badly unless + the response body is closed on hijack, so we will close it to follow + the lead of other popular Rack servers. - stdout and stderr may be redirected to a pipe (for cronolog or - similar process), so those are less likely to be attached to a TTY - than stdin. This also allows users to process SIGWINCH when running - inside a regular terminal if they redirect stdin to /dev/null. + While it's unclear if there's anybody using rack.hijack besides + yahns/proxy_pass we'll try to emulate the behavior of other servers + as much as possible. - This follows unicorn commit a6077391bb62d0b13016084b0eea36b987afe8f0 - Thanks to Dan Moore for suggesting it on the unicorn list. + ref: https://github.com/ngauthier/tubesock/issues/10 - A few more minor changes, more memory reduction changes coming... +We'll also support SIGWINCH if not daemonized - * proxy_pass: no point in closing StringIO - * proxy_pass: allow filtering or overriding response headers - * support SIGWINCH even if not daemonized - * use Unicorn::HttpParser#response_start_sent accessor - * reduce inline constant cache overheads - * proxy_pass: skip tests if kcar is missing - * ensure body is closed during hijack + This has no effect for the (default) single process case with + no master/worker relationship as that does not support SIGWINCH. -=== yahns 1.7.0 - rack.hijack improvements and more / 2015-05-11 01:38 UTC + Some process managers such as foreman and daemontools rely on + yahnsnot daemonizing, but we still want to be able to process + SIGWINCH in that case. - Nothing really significant, so there's no need to upgrade if - you're not affected by the minor fixes and changes in this - release. + stdout and stderr may be redirected to a pipe (for cronolog or + similar process), so those are less likely to be attached to a TTY + than stdin. This also allows users to process SIGWINCH when running + inside a regular terminal if they redirect stdin to /dev/null. - For all users, LoadError and SyntaxError exceptions are now - logged and non-fatal within worker threads serving application - code. Thanks to Lin Jen-Shin <godfat@godfat.org> for bringing - this up on the mailing list. + This follows unicorn commit a6077391bb62d0b13016084b0eea36b987afe8f0 + Thanks to Dan Moore for suggesting it on the unicorn list. - Additionally, temporary files buffered to the filesystem will - now support the Rack::TempfileReaper middleware in rack 1.6+ +A few more minor changes, more memory reduction changes coming... - For rack.hijack users, there are some changes and improvements. - rack.hijack should return a usable IO-like object for SSL users, - now. The rack.input object is no longer closed on hijacking, - allowing apps to continue using buffered input after hijacking. - There is also a bugfix for the rare apps which hijack requests - after emitting 100-continue responses. +* proxy_pass: no point in closing StringIO +* proxy_pass: allow filtering or overriding response headers +* support SIGWINCH even if not daemonized +* use Unicorn::HttpParser#response_start_sent accessor +* reduce inline constant cache overheads +* proxy_pass: skip tests if kcar is missing +* ensure body is closed during hijack - Note: there is also a work-in-progress and under-documented - asynchronous Yayns::ProxyPass Rack app which uses rack.hijack - internally. This will allow yahns to act as a fully-buffering - reverse proxy to upstream servers which cannot handle slow - clients. Yahns::ProxyPass NOT production-ready as of this - release. The old, synchronous extras/proxy_pass.rb code - remains usable. +yahns 1.7.0 - rack.hijack improvements and more / 2015-05-11 +------------------------------------------------------------ - There's also the usual round of minor code bloat reduction. +Nothing really significant, so there's no need to upgrade if +you're not affected by the minor fixes and changes in this +release. -=== yahns 1.6.0 - reduced allocations and bugfixes / 2015-03-09 09:33 UTC +For all users, LoadError and SyntaxError exceptions are now +logged and non-fatal within worker threads serving application +code. Thanks to Lin Jen-Shin <godfat@godfat.org> for bringing +this up on the mailing list. - This release fixes a bug where previously-configured-but-now-removed - listeners were inherited across USR2 upgrades are not shutdown - immediately in the child. +Additionally, temporary files buffered to the filesystem will +now support the Rack::TempfileReaper middleware in rack 1.6+ - There are also minor reductions in allocations which can save a few - hundred bytes statically and also whenever write buffering is necessary - for large responses. +For rack.hijack users, there are some changes and improvements. +rack.hijack should return a usable IO-like object for SSL users, +now. The rack.input object is no longer closed on hijacking, +allowing apps to continue using buffered input after hijacking. +There is also a bugfix for the rare apps which hijack requests +after emitting 100-continue responses. - Some minor documentation updates improvements in extras, too. +Note: there is also a work-in-progress and under-documented +asynchronous Yayns::ProxyPass Rack app which uses rack.hijack +internally. This will allow yahns to act as a fully-buffering +reverse proxy to upstream servers which cannot handle slow +clients. Yahns::ProxyPass NOT production-ready as of this +release. The old, synchronous extras/proxy_pass.rb code +remains usable. - shortlog of changes since 1.5.0: - README: add link to mailing list archives - test_ssl: factor out server SSLContext creation - doc: add design_notes document - reduce File::Stat object allocations - update comments about wbuf_close return values - wbuf: lazily (re)create temporary file - fix compatibility with unicorn.git - skip tests requiring String#b on 1.9.3 - use the monotonic clock under Ruby 2.1+ - favor Class.new for method-less classes - extras/proxy_pass: save memory in String#split arg - extras/proxy_pass: do not name unused variable - extras/proxy_pass: log exceptions leading to 502 - extras/proxy_pass: flesh out upload support + tests - acceptor: close inherited-but-unneeded sockets +There's also the usual round of minor code bloat reduction. - See the git repository for more: git clone git://yhbt.net/yahns +yahns 1.6.0 - reduced allocations and bugfixes / 2015-03-09 +----------------------------------------------------------- -=== yahns 1.5.0 - initial OpenSSL support and bugfixes / 2014-12-21 02:22 UTC +This release fixes a bug where previously-configured-but-now-removed +listeners were inherited across USR2 upgrades are not shutdown +immediately in the child. - This release adds basic OpenSSL support for HTTPS connections. +There are also minor reductions in allocations which can save a few +hundred bytes statically and also whenever write buffering is necessary +for large responses. - Users must supply a OpenSSL::SSL::SSLContext object which yahns will use - as-is. yahns will only support HTTPS on Ruby 2.1 and later, as we rely - on "exception: false" in the read_nonblock and write_nonblock methods in - OpenSSL::SSL::SSLSocket. +Some minor documentation updates improvements in extras, too. - See the Ruby standard library documentation on how to configure - OpenSSL::SSL::SSLContext objects to pass to the yahns "listen" directive - Editing the yahns config file to use OpenSSL goes something like this: +shortlog of changes since 1.5.0: + README: add link to mailing list archives + test_ssl: factor out server SSLContext creation + doc: add design_notes document + reduce File::Stat object allocations + update comments about wbuf_close return values + wbuf: lazily (re)create temporary file + fix compatibility with unicorn.git + skip tests requiring String#b on 1.9.3 + use the monotonic clock under Ruby 2.1+ + favor Class.new for method-less classes + extras/proxy_pass: save memory in String#split arg + extras/proxy_pass: do not name unused variable + extras/proxy_pass: log exceptions leading to 502 + extras/proxy_pass: flesh out upload support + tests + acceptor: close inherited-but-unneeded sockets - require 'openssl' # we will not do this for the user, even - ctx = OpenSSL::SSL::SSLContext.new - # user must configure ctx here... +See the git repository for more: git clone git://yhbt.net/yahns - listen 443, ssl_ctx: ctx +yahns 1.5.0 - initial OpenSSL support and bugfixes / 2014-12-21 +--------------------------------------------------------------- - Note: yahns developers are not responsible for bugs in OpenSSL itself - or misconfigured SSLContext objects created by users. However, our - support of OpenSSL sockets is barely-tested and likely buggy, too. +This release adds basic OpenSSL support for HTTPS connections. - Furthermore, the "sendfile" (or "kgio-sendfile") gem is no longer a - required dependency. It is currently impossible to use zero-copy - system calls with TLS sockets. +Users must supply a OpenSSL::SSL::SSLContext object which yahns will use +as-is. yahns will only support HTTPS on Ruby 2.1 and later, as we rely +on "exception: false" in the read_nonblock and write_nonblock methods in +OpenSSL::SSL::SSLSocket. - There are also minor cleanups and a bugfix to ensure body#close is - called for folks using body#to_path where `body' is the Rack - response body. This bug affected logging using the 'clogger' gem - when serving static files. +See the Ruby standard library documentation on how to configure +OpenSSL::SSL::SSLContext objects to pass to the yahns "listen" directive +Editing the yahns config file to use OpenSSL goes something like this: - Shortlog of changes since 1.4.0 + require 'openssl' # we will not do this for the user, even + ctx = OpenSSL::SSL::SSLContext.new + # user must configure ctx here... - save around 1500 bytes of memory on x86-64 - http_response: remove arg for Array#join - remove unused client_max_header_size config - config: use literal symbol array for now - http_response: reduce constants for 100 responses - favor Array#map! for freshly-split arrays - sendfile_compat: remove dependency on pread - extras/autoindex: simplify checking non-.gz - Rakefile: kill more useless gsub use - initial cut at OpenSSL support - test/test_ssl: skip test if SSL on older Rubies - wbuf_common: close body proxies on sendfile abort - bump published Ruby version requirement to 2.0 - make sendfile an optional dependency - openssl_client: ignore SSL_accept errors during negotiation + listen 443, ssl_ctx: ctx - Disclaimer: the yahns project does not and will never endorse - any commercial entities, including certificate authorities. +Note: yahns developers are not responsible for bugs in OpenSSL itself +or misconfigured SSLContext objects created by users. However, our +support of OpenSSL sockets is barely-tested and likely buggy, too. - Shpx Nhgubevgl. +Furthermore, the "sendfile" (or "kgio-sendfile") gem is no longer a +required dependency. It is currently impossible to use zero-copy +system calls with TLS sockets. -=== yahns 1.4.0 / 2014-11-16 11:05 UTC +There are also minor cleanups and a bugfix to ensure body#close is +called for folks using body#to_path where `body' is the Rack +response body. This bug affected logging using the 'clogger' gem +when serving static files. - Minor internal cleanups and bugfixes. +Shortlog of changes since 1.4.0 - * http_client: clear some internal ivars on rack.hijack - * README: minor updates - * extras/autoindex: do not link beyond top-level - * extras/autoindex: fix misnamed variable - * extras/autoindex: integrate with TryGzipStatic - * queue: remove TODO comment for kqueue - * switch to require_relative for internal requires - * README: add OpenSSL exception - * stream_input: favor str.clear instead of str.replace('') - * http_response: skip Date header case-insensitively + save around 1500 bytes of memory on x86-64 + http_response: remove arg for Array#join + remove unused client_max_header_size config + config: use literal symbol array for now + http_response: reduce constants for 100 responses + favor Array#map! for freshly-split arrays + sendfile_compat: remove dependency on pread + extras/autoindex: simplify checking non-.gz + Rakefile: kill more useless gsub use + initial cut at OpenSSL support + test/test_ssl: skip test if SSL on older Rubies + wbuf_common: close body proxies on sendfile abort + bump published Ruby version requirement to 2.0 + make sendfile an optional dependency + openssl_client: ignore SSL_accept errors during negotiation -=== yahns 1.3.1 - fix large response corruption / 2014-07-16 20:03 UTC +Disclaimer: the yahns project does not and will never endorse +any commercial entities, including certificate authorities. - This release contains a major bug fix noticeable on FreeBSD VMs, but - should affect Linux systems making large responses which require - output buffering, too. +Shpx Nhgubevgl. - * test_server: avoid multiple workers for dead parent check - * wbuf: avoid corrupted large responses with zero-copy sendfile +yahns 1.4.0 / 2014-11-16 +------------------------ -=== yahns 1.3.0 - new mailing list + fixups / 2014-05-12 01:44 UTC +Minor internal cleanups and bugfixes. - Since RubyForge is going away, this release updates the - documentation to point to the new public-inbox and mailing list - at at: +* http_client: clear some internal ivars on rack.hijack +* README: minor updates +* extras/autoindex: do not link beyond top-level +* extras/autoindex: fix misnamed variable +* extras/autoindex: integrate with TryGzipStatic +* queue: remove TODO comment for kqueue +* switch to require_relative for internal requires +* README: add OpenSSL exception +* stream_input: favor str.clear instead of str.replace('') +* http_response: skip Date header case-insensitively - yahns-public@yhbt.net - (no subscription required, plain text only) +yahns 1.3.1 - fix large response corruption / 2014-07-16 +-------------------------------------------------------- - ssoma[1] git archives: git://yhbt.net/yahns-public - browser-friendly archives: http://yhbt.net/yahns-public/ - Traditional mailing list subscription is possible by sending - a blank email to: yahns-public+subscribe@yhbt.net +This release contains a major bug fix noticeable on FreeBSD VMs, but +should affect Linux systems making large responses which require +output buffering, too. - This also reworks master->worker signalling to use a pipe, - avoiding problems with libraries which do not respond well - to being interrupted by signals. There are also minor - bugfixes and cleanups, see "git log -p" for full details. +* test_server: avoid multiple workers for dead parent check +* wbuf: avoid corrupted large responses with zero-copy sendfile - [1] http://ssoma.public-inbox.org/ +yahns 1.3.0 - new mailing list + fixups / 2014-05-12 +---------------------------------------------------- -=== yahns 1.2.0 - preliminary kqueue/FreeBSD support / 2014-03-15 07:43 UTC +Since RubyForge is going away, this release updates the +documentation to point to the new public-inbox and mailing list +at at: - This release now depends on "kgio-sendfile", a (hopefully temporary) - fork of the original sendfile gem for mainline ruby trunk - compatibility and a (probably correct) FreeBSD-related bugfix. + yahns-public@yhbt.net + (no subscription required, plain text only) - kqueue/FreeBSD support is considered highly experimental. Of course; - you should never rely on anything in production unless you can get bugs - fixed in every part of your stack; even the kernel. yahns (ab)uses - kqueue and epoll in uncommon ways, so you may encounter subtle kernel - bugs along the way. +ssoma[1] git archives: git://yhbt.net/yahns-public +browser-friendly archives: http://yhbt.net/yahns-public/ +Traditional mailing list subscription is possible by sending +a blank email to: yahns-public+subscribe@yhbt.net - Because yahns has been self-hosting its own website for months without - crashes or major problems (BORING! :P), I've decided to start hosting the - yahns website <http://yahns.YHBT.net/README> with ruby trunk (currently - r45341). +This also reworks master->worker signalling to use a pipe, +avoiding problems with libraries which do not respond well +to being interrupted by signals. There are also minor +bugfixes and cleanups, see "git log -p" for full details. - yahns - dangerous by design (and sleepy!) +[1] http://ssoma.public-inbox.org/ -=== yahns 1.1.0 - MOAR SLEEPY / 2014-02-04 22:14 UTC +yahns 1.2.0 - preliminary kqueue/FreeBSD support / 2014-03-15 +------------------------------------------------------------- - On responses with a known, non-zero Content-Length, yahns will now - automatically use the MSG_MORE flag when sending HTTP headers. This - reduces TCP packet transmits and allows clients to wake up and read - one less time. +This release now depends on "kgio-sendfile", a (hopefully temporary) +fork of the original sendfile gem for mainline ruby trunk +compatibility and a (probably correct) FreeBSD-related bugfix. - This is similar to the TCP_NOPUSH/TCP_CORK functionality of other - servers, but requires no additional syscalls. It is only supported - on the Linux kernel, however (but yahns is currently epoll-only - with kqueue support on the horizon). +kqueue/FreeBSD support is considered highly experimental. Of course; +you should never rely on anything in production unless you can get bugs +fixed in every part of your stack; even the kernel. yahns (ab)uses +kqueue and epoll in uncommon ways, so you may encounter subtle kernel +bugs along the way. - Eric Wong (5): - quiet down EHOSTUNREACH errors - http_response: use kgio_syssend with MSG_MORE - load yahns/version file - socket_helper: remove SO_REUSEPORT define for untested arches - response: do not use MSG_MORE on empty bodies +Because yahns has been self-hosting its own website for months without +crashes or major problems (BORING! :P), I've decided to start hosting the +yahns website <http://yahns.YHBT.net/README> with ruby trunk (currently +r45341). -=== yahns 1.0.0 / 2014-01-02 01:37 UTC +yahns - dangerous by design (and sleepy!) - Mostly fixes for the extras/* stuff running on yahns.YHBT.net and - documentation/packaging fixes. Anyways, this is hosting the - yahns website for a while now (running rack.git) without any - major issues. +yahns 1.1.0 - MOAR SLEEPY / 2014-02-04 +-------------------------------------- - Also, the mailing list will need to move/change because Rubyforge is - going away. Everything I said for the unicorn ML applies to this list, - too: http://mid.gmane.org/20131217015614.GB1125@dcvr.yhbt.net +On responses with a known, non-zero Content-Length, yahns will now +automatically use the MSG_MORE flag when sending HTTP headers. This +reduces TCP packet transmits and allows clients to wake up and read +one less time. -=== yahns 0.0.3 - more bugfixes, still working! / 2013-11-10 21:42 UTC +This is similar to the TCP_NOPUSH/TCP_CORK functionality of other +servers, but requires no additional syscalls. It is only supported +on the Linux kernel, however (but yahns is currently epoll-only +with kqueue support on the horizon). - There are several important bugfixes around graceful shutdown. - The shutdown_timeout directive should work more consistently - and work even if an app is streaming/trickling slowly to - a client. +Eric Wong (5): + quiet down EHOSTUNREACH errors + http_response: use kgio_syssend with MSG_MORE + load yahns/version file + socket_helper: remove SO_REUSEPORT define for untested arches + response: do not use MSG_MORE on empty bodies - This also plugs an odd FD leak in response buffering. +yahns 1.0.0 / 2014-01-02 +------------------------ - There's also some internal comments/documentation for folks - reviewing the strange internals of yahns. +Mostly fixes for the extras/* stuff running on yahns.YHBT.net and +documentation/packaging fixes. Anyways, this is hosting the +yahns website for a while now (running rack.git) without any +major issues. - Otherwise, it seems to be capable of serving its own website, - http://yahns.yhbt.net/README quite well. +Also, the mailing list will need to move/change because Rubyforge is +going away. Everything I said for the unicorn ML applies to this list, +too: http://mid.gmane.org/20131217015614.GB1125@dcvr.yhbt.net - Rack application authors merely need to write code as if they have a - gun to their head if they expect to keep code running on yahns. - Again, yahns is extremely intolerant of bugs in the applications - it hosts. Otherwise I'm comfortable in the stability of yahns - itself. +yahns 0.0.3 - more bugfixes, still working! / 2013-11-10 +-------------------------------------------------------- - Eric Wong (17): - http_client: do not dump backtrace on ETIMEDOUT - ensure we close response body if buffering caught up - http_response: reorder wbuf_maybe on successful early flush - wbuf: document reasoning for the design of these clases - build: improve NEWS generation, add atom feed - exec_cgi: release pipe/pid sooner - SIGWINCH works after SIGUSR2 upgrades - shutdown_timeout works around long-running response/apps - doc: recommend worker_processes if the app uses SIGCHLD - fdmap: simplify IO expiry interface - fdmap: document + fix for level-trigger - queue_epoll: document epoll concurrency caveats - doc: caution users against disabling buffering - queue: eliminate :wait_readwrite - test: exec_cgi test uses worker_processes - test_server: remove unneccessary IO#wait call - test: workaround sockets not being binary on rbx +There are several important bugfixes around graceful shutdown. +The shutdown_timeout directive should work more consistently +and work even if an app is streaming/trickling slowly to +a client. -=== yahns 0.0.2 - barely working! / 2013-11-06 03:24 UTC +This also plugs an odd FD leak in response buffering. - Lots of bugfixes and tweaks, but everything appears to mostly work - for Rack and HTTP. We are self-hosting our site: +There's also some internal comments/documentation for folks +reviewing the strange internals of yahns. - http://yahns.yhbt.net/README - (And if you can't access it, I screwed something up!) +Otherwise, it seems to be capable of serving its own website, +http://yahns.yhbt.net/README quite well. - There is a yahns-rackup(1) wrapper for quick-starting Rack - applications without having to read any documentation, - as it works exactly like rackup(1) (just leave "-s/--server" - out) +Rack application authors merely need to write code as if they have a +gun to their head if they expect to keep code running on yahns. +Again, yahns is extremely intolerant of bugs in the applications +it hosts. Otherwise I'm comfortable in the stability of yahns +itself. - New manpages: yahns(1), yahns_config(5), yahns-rackup(1) +Eric Wong (17): + http_client: do not dump backtrace on ETIMEDOUT + ensure we close response body if buffering caught up + http_response: reorder wbuf_maybe on successful early flush + wbuf: document reasoning for the design of these clases + build: improve NEWS generation, add atom feed + exec_cgi: release pipe/pid sooner + SIGWINCH works after SIGUSR2 upgrades + shutdown_timeout works around long-running response/apps + doc: recommend worker_processes if the app uses SIGCHLD + fdmap: simplify IO expiry interface + fdmap: document + fix for level-trigger + queue_epoll: document epoll concurrency caveats + doc: caution users against disabling buffering + queue: eliminate :wait_readwrite + test: exec_cgi test uses worker_processes + test_server: remove unneccessary IO#wait call + test: workaround sockets not being binary on rbx - Eric Wong (110): - test/helper: correctly handle exit code in test runner - log: workaround atomicity issues for stdio vs non-stdio descriptors - tests: improve output to show RUBY_DESCRIPTION and full path - tests: support disabling parallelization env - test_output_buffering: workaround a rbx bug - socket_helper: do not log sizes on rbx for now - config: do not set cloexec on stdout/stderr - test_wbuf: avoid floating point arg to read_nonblock - rework shutdown for systems w/o rb_thread_fd_close - SIGUSR2 uses fork + exec again instead of Process.spawn - wip for EADDRINUSE failure - test_bin: shutdown socket when not inheriting - README: update with support status for MRI/RBX - server: skip killing acceptors on rbx for now - server (cleanup): avoid interning word for log message - server: abort loudly if we have old threads running - reinstate retry delay for binding new listeners - test/helper: Dir.mktmpdir works without blocks - rework acceptor thread shutdown (again) - server (minor cleanup): use Symbol#to_proc - test_server: remove skipped multi-process balance test - tests: do not lose exceptions on quit timeouts - tests: enforce close_on_exec on all client sockets - server: switch abort to raise on BUG - config: implement atfork handlers - test/server_helper: fix undefined variable - favor client timeout if lower than desperate timeout - tests: enable checks for desperate client expiry - implement + test Expect: 100-continue handling - quitter: save one syscall and implement for non-eventfd - enforce FD_CLOEXEC on all pipes, including tests - test_expect_100: cleanup unused var - http_client: reduce the size of the yahns_step method - output_buffering handles odd EAGAIN cases - fix output buffer corner-case for static files - tests: increase mkserver use to reduce LoC - fix SIGCHLD w/o workers + PID file renames - test_client_expire: disable output buffering in test - StreamFile and TmpIO attempt expiry on EMFILE/ENFILE - server: avoid metaclass for acceptors - support SO_REUSEPORT on new listeners (:reuseport) - doc: ignore RDoc for all internal classes - rack: leave RACK_ENV unset by us - associate private/anonymous queues correctly - queue_epoll: remove check for closed descriptor - config: disallow defining new, named queues inside app - doc: preliminary manpages for yahns(1), yahns_config(5) - config: comment for atfork_* hook definitions - implement user switching - configurator: validate :reuseport for boolean-ess - config: working_directory is only called at top-level - server: fix out-of-date comment regarding bind/pid order - config: reject negative float for client_expire_ratio - lower client_body_buffer_size to 8K (from 114K) - implement client_timeout for streaming inputs - gem: install manpages in the RubyGems package - stream_input: use thread-local rbuf to avoid some garbage - test output_buffering with hijacked responses - test_input: close client when we're done with it - allow multiple blocking threads per listen socket - acceptor: account for inheriting dead descriptors - server: fix incorrect receiver of method call - socket_helper: account for undefined options - test for binding Unix stream sockets - Rack hijack issues EPOLL_CTL_DEL - config: raise ArgumentError for consistency - tests for SIGTTIN and SIGTTOU - use Hash#each instead of Hash#each_pair - add test for working_directory config parameter - test_unix_socket: remember to close IO when done - test for overriding rack.errors destination - test_server: improve working_directory test robustness - fdmap: prevent possible/theoretical race - implement shutdown_timeout and expiry on graceful shutdown - doc: fix client_timeout documentation in yahns_config - implement before_exec hook - comment to explain YAHNS_FD env - remove "worker_" prefix from atfork hooks - remove arity enforcement for atfork_* hooks - allow atfork_* hooks inside app blocks for ease-of-management - doc: disambiguate threads: option for listen directive - yahns-rackup launcher - enable client expiry for non-TCP sockets - config: allow Float for timeouts - tests: more intelligent waiting for output buffering - doc: add HACKING/INSTALL docs + minitest dependency - wbuf: bypass buffering if buffers are caught up - wbuf: reset FS (sendfile) buffer if caught up - wbuf: only enable bypass if we've truncated - input and output buffers support tmpdir: arguments - tests: further speed up output buffering test - test trysendfile usage with UNIX sockets - client_expire_generic: drop kgio_write wrapper - remove unnecessary map(&:to_s) before Array#join - account for truncated/expanded static files - http: do not drop Content-Range from response headers - worker-less server should not waitpid indiscriminately - stream_file: only close FDs we opened ourselves - tests: smaller buffer for big header test - add extras for exec_cgi and try_gzip_static - http_response: fix app-controlled close + test - examples: flesh out the example configs a bit - README: add disclaimer - server: improve shutdown messages - extras: add README - extras: add autoindex module - extras: add proxy_pass Rack app - rackup_handler: fix ordering of working_directory - worker: avoid double SIGQUIT on unexpected parent death - server: log error instead of raising for leftover socks +yahns 0.0.2 - barely working! / 2013-11-06 +------------------------------------------ -=== yahns 0.0.1 - many small fixes and test coverage / 2013-10-20 01:00 UTC +Lots of bugfixes and tweaks, but everything appears to mostly work +for Rack and HTTP. We are self-hosting our site: - Just a bunch of improvements found while running tests. - It's still incomplete and missing a bunch of features from - existing servers, but maybe it works... + http://yahns.yhbt.net/README + (And if you can't access it, I screwed something up!) - Clone git://yhbt.net/yahns.git for full details +There is a yahns-rackup(1) wrapper for quick-starting Rack +applications without having to read any documentation, +as it works exactly like rackup(1) (just leave "-s/--server" +out) - Eric Wong (18): - test/helper: fix __covmerge race for forked processes - wire up client_max_body_size limits - fix and test Rack hijack support - SIGUSR2 handling uses Process.spawn + tests - fix USR1 log reopening when using worker_processes - test_bin: add additional tests for SIGHUP - test_server: skip test_mp_balance for now - test/server_helper: dump entire log on errors - ensure we stop all threads at exit - GNUmakefile: avoid calling exit in test-mt - test_bin: set close-on-exec for Ruby 1.9.3 compatibility - test_server: bigger delays for graceful shutdown test - tests: disable $-w on 1.9.3 to quiet down warnings - test/helper: prevent minitest at_exit from running in children - recheck IO#closed? on thread pools after a short delay - test_config: isolate directories with logs - test_reopen_logs: workaround timing problem with worker_processes - set close-on-exec on all long-lived descriptors +New manpages: yahns(1), yahns_config(5), yahns-rackup(1) +Eric Wong (110): + test/helper: correctly handle exit code in test runner + log: workaround atomicity issues for stdio vs non-stdio descriptors + tests: improve output to show RUBY_DESCRIPTION and full path + tests: support disabling parallelization env + test_output_buffering: workaround a rbx bug + socket_helper: do not log sizes on rbx for now + config: do not set cloexec on stdout/stderr + test_wbuf: avoid floating point arg to read_nonblock + rework shutdown for systems w/o rb_thread_fd_close + SIGUSR2 uses fork + exec again instead of Process.spawn + wip for EADDRINUSE failure + test_bin: shutdown socket when not inheriting + README: update with support status for MRI/RBX + server: skip killing acceptors on rbx for now + server (cleanup): avoid interning word for log message + server: abort loudly if we have old threads running + reinstate retry delay for binding new listeners + test/helper: Dir.mktmpdir works without blocks + rework acceptor thread shutdown (again) + server (minor cleanup): use Symbol#to_proc + test_server: remove skipped multi-process balance test + tests: do not lose exceptions on quit timeouts + tests: enforce close_on_exec on all client sockets + server: switch abort to raise on BUG + config: implement atfork handlers + test/server_helper: fix undefined variable + favor client timeout if lower than desperate timeout + tests: enable checks for desperate client expiry + implement + test Expect: 100-continue handling + quitter: save one syscall and implement for non-eventfd + enforce FD_CLOEXEC on all pipes, including tests + test_expect_100: cleanup unused var + http_client: reduce the size of the yahns_step method + output_buffering handles odd EAGAIN cases + fix output buffer corner-case for static files + tests: increase mkserver use to reduce LoC + fix SIGCHLD w/o workers + PID file renames + test_client_expire: disable output buffering in test + StreamFile and TmpIO attempt expiry on EMFILE/ENFILE + server: avoid metaclass for acceptors + support SO_REUSEPORT on new listeners (:reuseport) + doc: ignore RDoc for all internal classes + rack: leave RACK_ENV unset by us + associate private/anonymous queues correctly + queue_epoll: remove check for closed descriptor + config: disallow defining new, named queues inside app + doc: preliminary manpages for yahns(1), yahns_config(5) + config: comment for atfork_* hook definitions + implement user switching + configurator: validate :reuseport for boolean-ess + config: working_directory is only called at top-level + server: fix out-of-date comment regarding bind/pid order + config: reject negative float for client_expire_ratio + lower client_body_buffer_size to 8K (from 114K) + implement client_timeout for streaming inputs + gem: install manpages in the RubyGems package + stream_input: use thread-local rbuf to avoid some garbage + test output_buffering with hijacked responses + test_input: close client when we're done with it + allow multiple blocking threads per listen socket + acceptor: account for inheriting dead descriptors + server: fix incorrect receiver of method call + socket_helper: account for undefined options + test for binding Unix stream sockets + Rack hijack issues EPOLL_CTL_DEL + config: raise ArgumentError for consistency + tests for SIGTTIN and SIGTTOU + use Hash#each instead of Hash#each_pair + add test for working_directory config parameter + test_unix_socket: remember to close IO when done + test for overriding rack.errors destination + test_server: improve working_directory test robustness + fdmap: prevent possible/theoretical race + implement shutdown_timeout and expiry on graceful shutdown + doc: fix client_timeout documentation in yahns_config + implement before_exec hook + comment to explain YAHNS_FD env + remove "worker_" prefix from atfork hooks + remove arity enforcement for atfork_* hooks + allow atfork_* hooks inside app blocks for ease-of-management + doc: disambiguate threads: option for listen directive + yahns-rackup launcher + enable client expiry for non-TCP sockets + config: allow Float for timeouts + tests: more intelligent waiting for output buffering + doc: add HACKING/INSTALL docs + minitest dependency + wbuf: bypass buffering if buffers are caught up + wbuf: reset FS (sendfile) buffer if caught up + wbuf: only enable bypass if we've truncated + input and output buffers support tmpdir: arguments + tests: further speed up output buffering test + test trysendfile usage with UNIX sockets + client_expire_generic: drop kgio_write wrapper + remove unnecessary map(&:to_s) before Array#join + account for truncated/expanded static files + http: do not drop Content-Range from response headers + worker-less server should not waitpid indiscriminately + stream_file: only close FDs we opened ourselves + tests: smaller buffer for big header test + add extras for exec_cgi and try_gzip_static + http_response: fix app-controlled close + test + examples: flesh out the example configs a bit + README: add disclaimer + server: improve shutdown messages + extras: add README + extras: add autoindex module + extras: add proxy_pass Rack app + rackup_handler: fix ordering of working_directory + worker: avoid double SIGQUIT on unexpected parent death + server: log error instead of raising for leftover socks + +yahns 0.0.1 - many small fixes and test coverage / 2013-10-20 +------------------------------------------------------------- + +Just a bunch of improvements found while running tests. +It's still incomplete and missing a bunch of features from +existing servers, but maybe it works... + +Clone git://yhbt.net/yahns.git for full details + +Eric Wong (18): + test/helper: fix __covmerge race for forked processes + wire up client_max_body_size limits + fix and test Rack hijack support + SIGUSR2 handling uses Process.spawn + tests + fix USR1 log reopening when using worker_processes + test_bin: add additional tests for SIGHUP + test_server: skip test_mp_balance for now + test/server_helper: dump entire log on errors + ensure we stop all threads at exit + GNUmakefile: avoid calling exit in test-mt + test_bin: set close-on-exec for Ruby 1.9.3 compatibility + test_server: bigger delays for graceful shutdown test + tests: disable $-w on 1.9.3 to quiet down warnings + test/helper: prevent minitest at_exit from running in children + recheck IO#closed? on thread pools after a short delay + test_config: isolate directories with logs + test_reopen_logs: workaround timing problem with worker_processes + set close-on-exec on all long-lived descriptors + +yahns 0.0.0 - hopefully fix installation problems / 2013-10-18 +-------------------------------------------------------------- + +Installing prrerelease versions are strange on RubyGems. +Anyways, new project, no risk of breakage, so maybe this +works better... + +COPYRIGHT +--------- +Copyright (C) 2013-2017 all contributors <yahns-public@yhbt.net> +License: GPL-3.0+ <https://www.gnu.org/licenses/gpl-3.0.txt>