| Date | Commit message (Collapse) |
|---|
|
Recent versions of Rainbows! and unicorn broke compatibility
during shutdown.
|
|
In case I'm hit by a bus, the lesser of two evils is to have the FSF
potentially screw us with a bad GPLv4 than to be stuck with an
insufficient GPLv3.
|
|
RubyForge is going away tomorrow, update docs + mailing list
to point to the new instances.
|
|
...via Rainbows! 4.3.0.
|
|
We want email (but not the HTML kind :P)
|
|
There are some internal changes in Unicorn and Rainbows! 4.x
|
|
This release fixes dependencies on Rainbows! and gets all
the improvements Rainbows! 3.4.0 got:
* Kgio.autopush support for multi-threaded configurations
* Immediate disconnect of idle clients on SIGQUIT for
concurrency models where idle clients are cheap to maintain.
|
|
Minor updates, really.
|
|
|
|
The ugly "Rainbows::G" constant is no longer.
|
|
|
|
|
|
|
|
This release syncs up with the latest from Rainbows! 2.0.x
and Unicorn 3.0.x. See Rainbows! and Unicorn release notes
and changelogs for relevant details.
|
|
There are some internal API changes here.
|
|
Small fixes from both that are worth having to ease support.
|
|
Unicorn 1.1.0 had constant resolution problems
with TeeInput
|
|
|
|
Rainbows! 0.95.0 made some incompatible changes, so update
everything. Unfortunately we have to avoid subclassing here.
Tests use isolate now.
|
|
This release fixes a denial-of-service vector for deployments
exposed directly to untrusted clients.
The HTTP parser in Unicorn <= 0.97.0 would trip an assertion
(killing the associated worker process) on invalid
Content-Length headers instead of raising an exception. Since
Rainbows! and Zbatery supports multiple clients per worker
process, all clients connected to the worker process that hit
the assertion would be aborted.
Deployments behind nginx are _not_ affected by this bug, as
nginx will reject clients that send invalid Content-Length
headers.
The status of deployments behind other HTTP-aware proxies is
unknown. Deployments behind a non-HTTP-aware proxy (or no proxy
at all) are certainly affected by this DoS.
Users are strongly encouraged to upgrade as soon as possible,
there are no other changes besides this bug fix from Rainbows!
0.91.0 nor Unicorn 0.97.0
This bug affects all previously released versions of Rainbows!
and Zbatery.
|
|
Eric Wong (7):
use Unicorn.builder to parse config.ru switches
import selected parts of test suite from Rainbows!
gemspec: depend on newer Unicorn for Unicorn.builder
support "user" directive outside of after_fork hook
MRI 1.8 thread fix to avoid blocking accept()
disable more Unicorn methods
support Unicorn 0.96.0+ ready_pipe daemonization
|
|
|
|
Rainbows! >= 0.90.2 depends on Unicorn >= 0.96.1,
which will work around a memory leak found in
previous versions of Unicorn::HttpParser.
|
|
We do not expect Rainbows! internals we depend on to change
significantly before Rainbows! 1.0.0.
|
|
|