Release Name: 3.6.0
Notes:
unicorn 3.6.0 - small fixes, PRNG workarounds
Unicorn is an HTTP server for Rack applications designed to only serve
fast clients on low-latency, high-bandwidth connections and take
advantage of features in Unix/Unix-like kernels. Slow clients should
only be served by placing a reverse proxy capable of fully buffering
both the the request and response in between \Unicorn and slow clients.
* http://unicorn.bogomips.org/
* mongrel-unicorn@rubyforge.org
* git://bogomips.org/unicorn.git
Changes:
Mainly small fixes, improvements, and workarounds for fork() issues
with pseudo-random number generators shipped with Ruby (Kernel#rand,
OpenSSL::Random (used by SecureRandom and also by Rails).
The PRNG issues are documented in depth here (and links to Ruby Redmine):
http://bogomips.org/unicorn.git/commit?id=1107ede7
http://bogomips.org/unicorn.git/commit?id=b3241621
If you're too lazy to upgrade, you can just do this in your after_fork
hooks:
after_fork do |server,worker|
tmp = srand
OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
end
There are also small log reopening (SIGUSR1) improvements:
* relative paths may also be reopened, there's a small chance this
will break with a handful of setups, but unlikely. This should
make configuration easier especially since the "working_directory"
configurator directive exists. Brought up by Matthew Kocher:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/900
* workers will just die (and restart) if log reopening fails for
any reason (including user error). This is to workaround the issue
reported by Emmanuel Gomez:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/906
Changes:
.document | 1 -
DESIGN | 2 +-
GIT-VERSION-GEN | 2 +-
GNUmakefile | 8 +-
KNOWN_ISSUES | 9 +-
README | 2 +-
bin/unicorn | 4 +-
bin/unicorn_rails | 12 +-
examples/logrotate.conf | 29 +++
examples/unicorn.conf.rb | 7 +
lib/unicorn.rb | 26 ++-
lib/unicorn/app/exec_cgi.rb | 2 +-
lib/unicorn/app/inetd.rb | 3 +-
lib/unicorn/app/old_rails.rb | 1 +
lib/unicorn/app/old_rails/static.rb | 2 +-
lib/unicorn/cgi_wrapper.rb | 1 +
lib/unicorn/configurator.rb | 211 +++++++++++---------
lib/unicorn/const.rb | 1 +
lib/unicorn/http_request.rb | 3 +-
lib/unicorn/http_response.rb | 1 +
lib/unicorn/http_server.rb | 35 +++-
lib/unicorn/launcher.rb | 1 +
lib/unicorn/preread_input.rb | 3 +
lib/unicorn/socket_helper.rb | 2 +-
lib/unicorn/stream_input.rb | 2 +-
lib/unicorn/tmpio.rb | 2 +-
lib/unicorn/util.rb | 9 +-
lib/unicorn/worker.rb | 19 ++-
script/isolate_for_tests | 4 +-
t/t0100-rack-input-tests.sh | 2 +-
test/rails/app-2.3.8/.gitignore | 2 -
test/rails/app-2.3.8/Rakefile | 7 -
.../app/controllers/application_controller.rb | 5 -
.../app-2.3.8/app/controllers/foo_controller.rb | 36 ----
.../app-2.3.8/app/helpers/application_helper.rb | 4 -
test/rails/app-2.3.8/config/boot.rb | 109 ----------
test/rails/app-2.3.8/config/database.yml | 12 -
test/rails/app-2.3.8/config/environment.rb | 17 --
.../app-2.3.8/config/environments/development.rb | 7 -
.../app-2.3.8/config/environments/production.rb | 6 -
test/rails/app-2.3.8/config/routes.rb | 6 -
test/rails/app-2.3.8/log/.gitignore | 1 -
test/rails/app-2.3.8/public/404.html | 1 -
test/rails/app-2.3.8/public/500.html | 1 -
test/rails/app-2.3.8/public/x.txt | 1 -
test/unit/test_http_parser.rb | 1 -
46 files changed, 261 insertions(+), 361 deletions(-)
commit 2aabf90ca53b31edef6c2b63006c33374840c816
Author: Eric Wong
Date: Thu Apr 21 06:16:27 2011 +0000
unicorn 3.6.0 - small fixes, PRNG workarounds
Mainly small fixes, improvements, and workarounds for fork() issues
with pseudo-random number generators shipped with Ruby (Kernel#rand,
OpenSSL::Random (used by SecureRandom and also by Rails).
The PRNG issues are documented in depth here (and links to Ruby Redmine):
http://bogomips.org/unicorn.git/commit?id=1107ede7
http://bogomips.org/unicorn.git/commit?id=b3241621
If you're too lazy to upgrade, you can just do this in your after_fork
hooks:
after_fork do |server,worker|
tmp = srand
OpenSSL::Random.seed(tmp.to_s) if defined?(OpenSSL::Random)
end
There are also small log reopening (SIGUSR1) improvements:
* relative paths may also be reopened, there's a small chance this
will break with a handful of setups, but unlikely. This should
make configuration easier especially since the "working_directory"
configurator directive exists. Brought up by Matthew Kocher:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/900
* workers will just die (and restart) if log reopening fails for
any reason (including user error). This is to workaround the issue
reported by Emmanuel Gomez:
http://thread.gmane.org/gmane.comp.lang.ruby.unicorn.general/906
commit 4f7f3bbb973c8f2bb4b189592158a0682ea2a625
Author: Eric Wong
Date: Thu Apr 21 06:23:21 2011 +0000
http_server: fix Rainbows! compatibility
Older Rainbows! redefines the ready_pipe= accessor method
to call internal after_fork hooks.
commit c6c9cae960bd8cbfa2feb801ca7079f6626b436b
Author: Eric Wong
Date: Wed Apr 20 16:02:51 2011 +0000
KNOWN_ISSUES: document PRNG changes in 3.6.0
commit 6411add3f1a5aae5f2e0dcd73cd842500d21e9fd
Author: Eric Wong
Date: Mon Apr 18 15:53:08 2011 -0700
documentation cleanup/reduction
Don't clutter up our RDoc/website with things that users
of Unicorn don't need to see. This should make user-relevant
documentation easier to find, especially since Unicorn is
NOT intended to be an API.
commit 1107ede716461049033d6a5b311e14c742c9363a
Author: Eric Wong
Date: Mon Apr 18 15:34:29 2011 -0700
reseed OpenSSL PRNG upon fork() of workers
OpenSSL seeds its PRNG with the process ID, so if a process ID
is recycled, there's a chance of indepedent workers getting
repeated PRNG sequences over a long time period iff the same
PID is used.
This only affects deployments that meet both of the following
conditions:
1) OpenSSL::Random.random_bytes is called before forking
2) worker (but not master) processes are die unexpectedly
The SecureRandom module in Ruby (and Rails) uses the OpenSSL
PRNG if available. SecureRandom is used by Rails and called
when the application is loaded, so most Rails apps with
frequently dying worker processes are affected.
Of course dying worker processes are bad and entirely the
fault of bad application/library code, not the fault of
Unicorn.
Thanks for Alexander Dymo for reporting this.
ref: http://redmine.ruby-lang.org/issues/4579
commit b32416211ef30e958ec38c8c99833161cd476dd4
Author: Eric Wong
Date: Mon Apr 18 22:21:58 2011 +0000
reinitialize PRNG for latest Ruby 1.8.7 releases
The current versions of Ruby 1.8 do not reseed the PRNG after
forking, so we'll work around that by calling Kernel#srand.
ref: http://redmine.ruby-lang.org/issues/show/4338
commit 3c8f21a4257578e9cdc4781dd21a6a572e25ca54
Author: Eric Wong
Date: Wed Apr 13 08:05:51 2011 +0000
fix some 1.9.3dev warnings
commit 1355d262288352c2ced67cefc2301cee79bec0dd
Author: Eric Wong
Date: Wed Apr 13 07:55:11 2011 +0000
configurator: fix broken local variable
Oops, changing a method definition for RDoc means code
needs to be updated, too :x
commit 30ece1c7cc66b2fc816b1361e498ca0d4a554a78
Author: Eric Wong
Date: Wed Apr 13 07:43:05 2011 +0000
GNUmakefile: s/Config/RbConfig/
"Config" is deprecated and warns under 1.9.3dev
commit cabbc6ce06487619431af102378aefa08d55f9f1
Author: Eric Wong
Date: Wed Apr 13 07:34:31 2011 +0000
http_server: workers die on log reopen failures
They should then recover and inherit writable descriptors
from the master when it respawns.
commit c1322a721d9039f54da97cf50de49f2affbfff37
Author: Eric Wong
Date: Wed Apr 13 05:41:07 2011 +0000
http_parser: remove RDoc
It's not needed for users, so avoid confusing them.
Unicorn itself is not intended to be an API, it just
hosts Rack applications.
commit 8c359f50ce8b20dc3d72fe655db9d93c4a8ee7d5
Author: Eric Wong
Date: Wed Apr 13 01:43:31 2011 +0000
configurator: miscellaneous RDoc improvements
Mainly formatting and such, but some wording changes.
commit 2d1a4fbe37ebb0f229edbaefd392bdd8b6865590
Author: Eric Wong
Date: Wed Apr 13 01:11:29 2011 +0000
worker: improve RDoc, point users to Configurator#user
commit 46cc05089ea34b823454f790092f386f22d3adb1
Author: Eric Wong
Date: Wed Apr 13 01:04:19 2011 +0000
configurator: remove outdated user example in after_fork
Configurator itself supports user at the top-level.
commit c4d3cd7d7b32ed133e25e3740c8e7a3493592eec
Author: Emmanuel Gomez
Date: Tue Apr 12 15:36:36 2011 -0700
Document "user" directive in example unicorn conf
commit 6647dcb3afa4c0b16c5fef5bfdf88292e6adf6ca
Author: Eric Wong
Date: Fri Apr 1 16:09:03 2011 -0700
util: allow relative paths to be rotated
Users keep both pieces if it's broken :)
commit ebcc5b45adfb1d04af98356d867e9221ecdc9b70
Author: Eric Wong
Date: Fri Apr 1 15:48:30 2011 -0700
bump dependencies for testing
No need to use an ancient Rack now that we've dropped Rails
2.3.x tests. We need to remember that Rack 1.1.0 doesn't
support input#size.
commit e5bf7b7207d69daf1c3537797aeeab2642f19514
Author: Eric Wong
Date: Fri Apr 1 15:44:22 2011 -0700
drop Rails 2.3.x tests
They were transitionary releases and the logic to deal with them
and Rack versioning was too much overhead.
commit c1ebb313735a280582d87c1ba44619aa47e00b06
Author: Eric Wong
Date: Tue Mar 29 09:47:26 2011 -0700
add examples/logrotate.conf
logrotate is the de facto tool for logrotation, so an
example config for highlighting important parts are in order.
Since our USR1 signal handling is part of the crusade against
the slow and lossy "copytruncate" option, be sure to
emphasize that :)
commit ede28dc59562c862ff4641ed42a0ef357880d0f5
Author: Eric Wong
Date: Sun Mar 27 20:35:16 2011 -0700
tmpio: do not redefine size method under 1.9.2+
File#size is available in 1.9.2
commit 9de69c47e0a261bc88ca40e03562b7324baaf0cf
Author: Eric Wong
Date: Tue Mar 22 17:57:03 2011 -0700
DESIGN: fix redundant wording
"P" in HTTP is already "protocol"
commit 5da78214be9518879ee96345d8184913853fe890
Author: Eric Wong
Date: Tue Mar 22 17:48:30 2011 -0700
README: s/Gemcutter/RubyGems.org/
Gemcutter is the old name
|
